
Online or onsite, instructor-led live Cyber Security (also known as Cybersecurity, Internet Security or IT Security) training courses demonstrate through interactive discussion and hands-on practice how to understand, plan and implement an Cybersecurity strategy within their organisation. Special focus is given to setting up the proper systems and procedures needed to detect and mitigate threats. Internet Security courses are available as interactive trainings and a number of them include a testing and certification component.
Cybersecurity training is available as "online live training" or "onsite live training". Online live training (aka "remote live training") is carried out by way of an interactive, remote desktop. Onsite live Cyber Security trainings in the UK can be carried out locally on customer premises or in NobleProg corporate training centres.
NobleProg -- Your Local Training Provider
Testimonials
I liked the trainer was passionate about the subject and very convincing too.
Diana Vladulescu
Course: Secure Web Application Development and Testing
It was quite informal.
Capita Business Services Ltd
Course: Understanding Modern Information Communication Technology
Trainer covered a lot of ground over a relatively short period.
Capita Business Services Ltd
Course: Understanding Modern Information Communication Technology
I enjoyed the practical exercises. Hands-on is the best way to learn.
W L Gore & Associates (UK) Ltd
Course: PKI: Implement and Manage
I found it very interesting to learn all about what happens behind the scenes when it comes to IT systems. I also enjoyed learning about security and what hackers do as ethical hacking is an avenue I'm very keen in pursuing.
Knowledge Pool/ DVLA
Course: Understanding Modern Information Communication Technology
Richard was very knowledgeable in his field.
Knowledge Pool/ DVLA
Course: Understanding Modern Information Communication Technology
It was pitched at the right level - challenging but understandable & informative.
Louise Voisey - Capita Business Services Ltd
Course: Understanding Modern Information Communication Technology
The trainer was extremely clear and concise. Very easy to understand and absorb the information.
Paul Clancy - Rowan Dartington
Course: CGEIT – Certified in the Governance of Enterprise IT
The delivery
Department for Communities
Course: CISMP - Certificate in Information Security Management Principles
Depth and breadth of the course. Trainer was excellent also.
Department for Communities
Course: CISMP - Certificate in Information Security Management Principles
Examples provided
Department for Communities
Course: CISMP - Certificate in Information Security Management Principles
Concise
Course: CCSK - Certificate of Cloud Security Knowledge - Plus
The pace of training delivery.
Ian McInally - KnowledgePool
Course: Business Continuity Practitioner
the exercises and group discussions.
KnowledgePool
Course: Business Continuity Practitioner
The trainer was very knowledgeable and was happy to go at the pace of the attendees. He was polite and respectful to all those in attendance. I felt I learnt a lot from the course as the trainer was very succinct in his delivery when going through the PP slides. A really good, worth while course from my personal point of view.
Julie Price - KnowledgePool
Course: Business Continuity Practitioner
The environment was really relaxed and open so everyone could ask questions or put across points of view or experience. David the trainer was a SME on the subject and his style was very good.
KnowledgePool
Course: Business Continuity Practitioner
The second day, scenarios exercises.
Christina Hutchings - KnowledgePool
Course: Business Continuity Practitioner
I liked the trainer's introduction and anecdotes to make the learning more real
KnowledgePool
Course: Business Continuity Practitioner
David's in depth knowledge. His relationship building skills with the audience. I really enjoyed the way he managed to make us (as a collective audience) enjoy the quite dry and uninteresing subject matter. He had anecdotes and knowledge of specific examples of security failings - hacker attacks - BCP 'breakdowns' etc which put flesh on the bones to the piece of legislation or 'best practice' for BCP that he was trying to teach us about. A really engaging, down to earth and personable man: A very good listener and a fabulous, charismatic trainer.
Cris Bollin - KnowledgePool
Course: Business Continuity Practitioner
Subject content and instructor
Jas Paul Farmahan - Capita Business Services Ltd
Course: ISO27001: 2013 Lead Auditor (certification course)
I liked the in-depth knowledge about the subject of the trainer, good explanation, highlighting important things!.
Andreas Rhein
Course: Certified Information System Security Professional (CISSP) CBK Review
I really liked the Crypto part
Carlos Ibarra
Course: Avanzado Java, JEE y Seguridad de Aplicaciones Web
I genuinely enjoyed the real examples of the trainer.
Joana Gomes
Course: Compliance and the Management of Compliance Risk
I genuinely was benefit from the communication skills of the trainer.
Flavio Guerrieri
Course: CISM - Certified Information Security Manager
Really liked the trainer's deep knowledge, real examples, the fact that he is also a practitioner.
18 Wojskowy Oddział Gospodarczy
Course: CRISC - Certified in Risk and Information Systems Control
I mostly liked the knowledge,.
18 Wojskowy Oddział Gospodarczy
Course: CRISC - Certified in Risk and Information Systems Control
I mostly was benefit from the hands-on examples.
Trading Point of Financial Instruments (XM
Course: Secure coding in PHP
The subject of the course was very interesting and gave us many ideas.
Anastasios Manios
Course: Secure coding in PHP
I generally enjoyed the interaction.
Andreas Hadjidemetris
Course: Secure coding in PHP
Most of the known subjects related with secure coding covered and explained well Nice presentations Easy to watch, not boring.
Trading Point of Financial Instruments (XM
Course: Secure coding in PHP
Concise
Course: CCSK - Certificate of Cloud Security Knowledge - Plus
Cybersecurity Course Outlines
This training course is designed to prepare participants in implementing an information security management system (ISMS) based on ISO/IEC 27001. It aims to provide a comprehensive understanding of the best practices of an ISMS and a framework for its continual management and improvement.
After attending the training course, you can take the exam. If you successfully pass it, you can apply for a “PECB Certified ISO/IEC 27001 Lead Implementer” credential, which demonstrates your ability and practical knowledge to implement an ISMS based on the requirements of ISO/IEC 27001.
Who Can Attend?
- Project managers and consultants involved in and concerned with the implementation of an ISMS
- Expert advisors seeking to master the implementation of an ISMS
- Individuals responsible for ensuring conformity to information security requirements within an organization
- Members of an ISMS implementation team
General information
- Certification fees are included in the exam price
- Training material containing over 450 pages of information and practical examples will be distributed
- A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued
- In case of exam failure, you can retake the exam within 12 months free of charge
Educational approach
- This training course contains essay-type exercises, multiple-choice quizzes, examples, and best practices used in the implementation of an ISMS.
- The participants are encouraged to communicate with each other and engage in discussions when completing quizzes and exercises.
- The exercises are based on a case study.
- The structure of the quizzes is similar to that of the certification exam.
Learning objectives
This training course will help you:
- Gain a comprehensive understanding of the concepts, approaches, methods, and techniques used for the implementation and effective management of an ISMS
- Acknowledge the correlation between ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
- Understand the operation of an information security management system and its processes based on ISO/IEC 27001
- Learn how to interpret and implement the requirements of ISO/IEC 27001 in the specific context of an organization
- Acquire the necessary knowledge to support an organization in effectively planning, implementing, managing, monitoring, and maintaining an ISMS
All staff who need a working knowledge of Compliance and the Management of Risk
Format of the course
A combination of:
- Facilitated Discussions
- Slide Presentations
- Case Studies
- Examples
Course Objectives
By the end of this course, delegates will be able to:
- Understand the major facets of Compliance and the national and international efforts being made to manage the risk related to it
- Define the ways in which a company and its staff might set up a Compliance Risk Management Framework
- Detail the roles of Compliance Officer and Money Laundering Reporting Officer and how they should be integrated into a business
- Understand some other “hot spots” in Financial Crime – especially as they relate to International Business, Offshore Centres and High-Net-Worth Clients
By the end of this training, participants will be able to:
- Understand the concept of malware.
- Identify the different types of malware.
- Take necessary steps to mitigate malware (procedural, technological, awareness, etc).
The Certified Lead Ethical Hacker training course enables you to develop the necessary expertise to perform information system penetration tests by applying recognized principles, procedures and penetration testing techniques, in order to identify potential threats on a computer network. During this training course, you will gain the knowledge and skills to manage a penetration testing project or team, as well as plan and perform internal and external pentests, in accordance with various standards such as the Penetration Testing Execution Standard (PTES) and the Open Source Security Testing Methodology Manual (OSSTMM). Moreover, you will also gain a thorough understanding on how to draft reports and countermeasure proposals. Additionally, through practical exercises, you will be able to master penetration testing techniques and acquire the skills needed to manage a pentest team, as well as customer communication and conflict resolution.
The Certified Lead Ethical Hacking training course provides a technical vision of information security through ethical hacking, using common techniques such as information gathering and vulnerability detection, both inside and outside of a business network.
The training is also compatible with the NICE (The National Initiative for Cybersecurity Education) Protect and Defend framework.
After mastering the necessary knowledge and skills in ethical hacking, you can take the exam and apply for the "PECB Certified Lead Ethical Hacker" credential. By holding a PECB Lead Ethical Hacker certificate, you will be able to demonstrate that you have acquired the practical skills for performing and managing penetration tests according to best practices.
Who should attend?
- Individuals interested in IT Security, and particularly in Ethical Hacking, to either learn more about the topic or to start a process of professional reorientation.
- Information security officers and professionals seeking to master ethical hacking and penetration testing techniques.
- Managers or consultants wishing to learn how to control the penetration testing process.
- Auditors wishing to perform and conduct professional penetration tests.
- Persons responsible for maintaining the security of information systems in an organization.
- Technical experts who want to learn how to prepare a pentest.
- Cybersecurity professionals and information security team members.
After mastering all the necessary concepts of Information Security Controls, you can sit for the exam and apply for a “PECB Certified ISO 27799 Lead Manager” credential. By holding a PECB Lead Manager Certificate, you will be able to demonstrate that you have the practical knowledge and professional capabilities to support and lead a team in implementing and managing Information Security Controls in healthcare organizations based on ISO 27799 and ISO/IEC 27002.
Who should attend?
- Managers or consultants seeking to implement an Information Security Management System (ISMS) based on ISO/IEC 27001, ISO/IEC 27002 and ISO 27799
- Project managers or consultants seeking to master the Information Security Management System implementation process in healthcare organizations
- Individuals responsible for Information Security, compliance, risk, and governance in a healthcare organization
- Information Security team members
- Expert advisors in information technology
- Information Security officers
- Information Security managers
- Privacy officers
- IT professionals
- CTOs, CIOs and CISOs
Learning objectives
- Master the implementation of Information Security controls in healthcare organizations by adhering to the framework and principles of ISO 27799 and ISO/IEC 27002
- Master the concepts, approaches, standards, methods and techniques required for the implementation and effective management of Information Security controls in healthcare organizations
- Comprehend the relationship between the components of Information Security controls, including responsibility, strategy, acquisition, performance, conformance, and human behavior
- Understand the importance of Information Security for the strategy of a healthcare organization
- Master the implementation of Information Security management processes
- Master the expertise to support a healthcare organization to effectively implement, manage and maintain Information Security Controls
- Master the formulation and implementation of Information Security requirements and objectives
- Master the development and administration of a health information security program, including: policies, procedures, risk assessment, security architectures etc.
After completing this course, you can sit for the exam and apply for the “PECB Certified ISO 27799 Foundation” credential. A PECB Foundation Certificate shows that you have understood the fundamental methodologies and management approach.
Who should attend?
- Individuals interested in Information Security Management applicable to the healthcare industry
- Individuals seeking to gain knowledge about the main processes of an Information Security Management System and Information Security Controls relevant to healthcare organizations
- Individuals interested to pursue a career in Information Security Management
Learning objectives
- Understand the implementation of Information Security Controls in accordance with ISO 27799 and ISO/IEC 27002
- Acknowledge the correlation between ISO ISO/IEC 27001, ISO 27799, ISO/IEC 27002 and other standards and regulatory frameworks
- Understand the approaches, methods and techniques used for the implementation of Information Security Controls in healthcare organizations
Educational Approach
- Lecture sessions are illustrated with practical questions and examples
- Practical exercises include examples and discussions
- Practice tests are similar to the Certification Exam
General Information
- Certification fees are included on the exam price
- Training material containing over 200 pages of information and practical examples will be distributed
- A participation certificate of 14 CPD (Continuing Professional Development) credits will be issued
- In case of exam failure, you can retake the exam within 12 months for free
Why should you attend?
This training course is designed to prepare its participants implement a Privacy Information Management System (PIMS) in compliance with the requirements and guidance of the ISO/IEC 27701. Moreover, you will gain a comprehensive understanding of the best practices of privacy information management and learn how to manage and process data while complying with various data privacy regimes.
After mastering the implementation and management of a Privacy Information Management System (PIMS), you can sit for the exam and apply for a “PECB Certified ISO/IEC 27701 Lead Implementer” credential. The internationally recognized PECB Lead Implementer Certificate proves that you have the practical knowledge and professional capabilities to implement the ISO/IEC 27701 requirements in an organization.
Who should attend?
- Managers and consultants involved in privacy and data management
- Expert advisors seeking to master the implementation of a Privacy Information Management System
- Individuals responsible and accountable for Personally Identifiable Information (PII) within organizations
- Individuals responsible for maintaining conformance with data privacy regimes requirements
- PIMS team members
Learning objectives
- Master the concepts, approaches, methods and techniques used for the implementation and effective management of a PIMS.
- Learn about the correlation between ISO/IEC 27701, ISO/IEC 27001, ISO/IEC 27002 and other standards and regulatory frameworks.
- Understand the operation of a PIMS based on ISO/IEC 27701 and its principal processes.
- Learn how to interpret the requirements of ISO/IEC 27701 in the specific context of an organization.
- Develop the expertise to support an organization in effectively planning, implementing, managing, monitoring and maintaining a PIMS.
Education approach
- This training course is based on both theory and best practices used in the implementation of PIMS.
- Lecture sessions are illustrated with examples based on case studies.
- Practical exercises are based on a case study which includes role playing and discussions.
- Practice tests are similar to the Certification Exam
General information
- Certification fees are included on the exam price.
- Training materials and practical examples will be distributed.
- A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued.
- In case of exam failure, you can retake the exam within 12 months for free.
Why should you attend?
During this training course, you will obtain the knowledge and skills to plan and carry out audits in compliance with ISO 19011 and ISO/IEC 17021-1 certification process.
Based on practical exercises, you will be able to acquire knowledge on the protection of privacy in the context of processing personally identifiable information (PII), as well as master audit techniques and become competent to manage an audit program, audit team, establish communication with customers and resolve potential conflicts.
After completing this training course, you can sit for the exam and, if you successfully pass the exam, you can apply for the “PECB Certified ISO/IEC 27701 Lead Auditor” credential. The internationally recognized PECB Lead Auditor certificate proves that you have the capabilities and competences to audit organizations based on best practices.
Who should attend?
- Auditors seeking to perform and lead Privacy Information Management System (PIMS) certification audits
- Managers or consultants seeking to master a PIMS audit process
- Individuals responsible for maintaining conformance with PIMS requirements
- Technical experts seeking to prepare for a PIMS audit
- Expert advisors in the protection of Personally Identifiable Information (PII)
Learning objectives
- Understand a Privacy Information Management System (PIMS) and its processes based on ISO/IEC 27701
- Identify the relationship between ISO/IEC 27701, ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
- Acquire the competences of the auditor’s role in planning, leading, and following up on a management system audit in accordance with ISO 19011.
- Learn how to interpret the requirements of ISO/IEC 27701 in the context of a PIMS audit
Education approach
- This training is based on both theory and best practices used in PIMS audits
- Lecture sessions are illustrated with examples based on case studies
- Practical exercises are based on a case study which includes role-playing and discussions
- Practice tests are similar to the Certification Exam
General information
- Participants will be provided with the training material containing over 400 pages of explanatory information, discussion topics, examples and exercises.
- An attendance record certificate of 31 CPD (Continuing Professional Development) credits will be issued to the participants who have attended the training course.
After completing this training course, you can sit for the exam and, if you successfully pass it, you can apply for the “PECB Certified ISO/IEC 27701 Foundation” credential. A PECB Foundation certificate proves that you have comprehended the fundamental methodologies, requirements, guidelines, framework and managerial approach.
Who should attend?
- Individuals involved in information security and privacy management
- Individuals seeking to gain knowledge on the main processes of a privacy information management system
- Individuals interested in pursuing a career in privacy information management
- Individuals responsible for personally identifiable information (PII) within organizations
- Information security team members
Learning objectives
- Understand the fundamental concepts and principles of a privacy information management system (PIMS) based on ISO/IEC 27701
- Identify the relationship between ISO/IEC 27701, ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
- Understand the approaches, standards, methods, and techniques used for the implementation and management of a PIMS
Educational approach
- Lecture sessions are complemented by discussions questions and examples
- The exercises include multiple-choice quizzes and essay-type exercises
- Exercise questions and quizzes are similar to the certification exam
General Information
- Participants will be provided with the training material containing over 200 pages of explanatory information, discussion topics, examples and exercises.
- An attendance record certificate of 14 CPD (Continuing Professional Development) credits will be issued to the participants who have attended the training course.
After mastering all the necessary concepts of Information Security Incident Management, you can sit for the exam and apply for a “PECB Certified ISO/IEC 27035 Lead Incident Manager” credential. By holding a PECB Lead Incident Manager Certificate, you will be able to demonstrate that you have the practical knowledge and professional capabilities to support and lead a team in managing Information Security Incidents.
Who should attend?
- Information Security Incident managers
- IT Managers
- IT Auditors
- Managers seeking to establish an Incident Response Team (IRT)
- Managers seeking to learn more about operating effective IRTs
- Information Security risk managers
- IT system administration professionals
- IT network administration professionals
- Members of Incident Response Teams
- Individuals responsible for Information Security within an organization
Learning objectives
- Master the concepts, approaches, methods, tools and techniques that enable an effective Information Security Incident Management according to ISO/IEC 27035
- Acknowledge the correlation between ISO/IEC 27035 and other standards and regulatory frameworks
- Acquire the expertise to support an organization to effectively implement, manage and maintain an Information Security Incident Response plan
- Acquire the competence to effectively advise organizations on the best practices of Information Security Incident Management
- Understand the importance of establishing well-structured procedures and policies for Incident Management processes
- Develop the expertise to manage an effective Incident Response Team
Educational approach
- This training is based on both theory and best practices used in the implementation of an Information Security Incident Management plan
- Lecture sessions are illustrated with examples based on case studies
- Practical exercises are based on a case study which includes role playing and discussions
- Practice tests are similar to the Certification Exam
General Information
- Certification fees are included on the exam price
- Training material containing over 450 pages of information and practical examples will be distributed
- A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued
- In case of exam failure, you can retake the exam within 12 months for free
By attending the ISO/IEC 27035 Introduction course, you will understand the importance of an Information Security Incident Management and the benefits that businesses, society and governments can obtain.
Who should attend?
- Individuals interested in Information Security Incident Management
- Individuals seeking to gain knowledge about the main processes of Information Security Incident Management
Learning objectives
- Understand the concepts, approaches, methods, and techniques used to manage Information Security Incidents
- Understand the Information Security Incident Management practices
General Information
- Training material containing over 100 pages of information and practical examples will be distributed
- A participation certificate of 7 CPD (Continuing Professional Development) credits will be issued
After completing this course, you can sit for the exam and apply for the “PECB Certified ISO/IEC 27035 Foundation” credential. A PECB Foundation Certificate shows that you have understood the fundamental methodologies, requirements, and management approach.
Who should attend?
- Individuals interested in Information Security Incident Management process approaches
- Individuals seeking to gain knowledge about the main principles and concepts of Information Security Incident Management
- Individuals interested to pursue a career in Information Security Incident Management
Learning objectives
- Understand the basic concepts of Information Security Incident Management
- Acknowledge the correlation between ISO/IEC 27035 and other standards and regulatory frameworks
- Understand the process approaches used to effectively manage Information Security Incidents
Educational approach
- Lecture sessions are illustrated with practical questions and examples
- Practical exercises include examples and discussions
- Practice tests are similar to the Certification Exam
General Information
- Certification fees are included on the exam price
- Training material containing over 200 pages of information and practical examples will be distributed
- A participation certificate of 14 CPD (Continuing Professional Development) credits will be issued
- In case of exam failure, you can retake the exam within 12 months for free
During this training course, you will also gain a thorough understanding of best practices of risk assessment methods such as OCTAVE, EBIOS, MEHARI and harmonized TRA. This training course corresponds with the implementation process of the ISMS framework presented in the ISO/IEC 27001 standard.
After understanding all the necessary concepts of Information Security Risk Management based on ISO/IEC 27005, you can sit for the exam and apply for a “PECB Certified ISO/IEC 27005 Risk Manager” credential. By holding a PECB Risk Manager Certificate, you will be able to demonstrate that you have the necessary skills and knowledge to perform an optimal Information Security Risk Assessment and timely manage Information Security risks.
Who should attend?
- Information Security risk managers
- Information Security team members
- Individuals responsible for Information Security, compliance, and risk within an organization
- Individuals implementing ISO/IEC 27001, seeking to comply with ISO/IEC 27001 or involved in a risk management program
- IT consultants
- IT professionals
- Information Security officers
- Privacy officers
Examination - Duration: 2 hours
The “PECB Certified ISO/IEC 27005 Risk Manager” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competency domains:
- Domain 1 Fundamental principles and concepts of Information Security Risk Management
- Domain 2 Implementation of an Information Security Risk Management program
- Domain 3 Information Security risk management framework and process based on ISO/IEC 27005
- Domain 4 Other Information Security risk assessment methods
General information
- Certification fees are included on the exam price
- Training material containing over 350 pages of information and practical examples will be distributed
- A participation certificate of 21 CPD (Continuing Professional Development) credits will be issued
- In case of exam failure, you can retake the exam within 12 months for free
By the end of this training, participants will be able to:
- Set up the necessary development environment to start implementing MITRE ATT&CK.
- Classify how attackers interact with systems.
- Document adversary behaviors within systems.
- Track attacks, decipher patterns, and rate defense tools already in place.
After mastering all the necessary concepts of Information Security Risk Management based on ISO/IEC 27005, you can sit for the exam and apply for a “PECB Certified ISO/IEC 27005 Lead Risk Manager” credential. By holding a PECB Lead Risk Manager Certificate, you will be able to demonstrate that you have the practical knowledge and professional capabilities to support and lead a team in managing Information Security Risks.
Who should attend?
- Information Security risk managers
- Information Security team members
- Individuals responsible for Information Security, compliance, and risk within an organization
- Individuals implementing ISO/IEC 27001, seeking to comply with ISO/IEC 27001 or individuals who are involved in a risk management program
- IT consultants
- IT professionals
- Information Security officers
- Privacy officers
Examination - Duration: 3 hours
The “PECB Certified ISO/IEC 27005 Lead Risk Manager” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competency domains:
- Domain 1 Fundamental principles and concepts of Information Security Risk Management
- Domain 2 Implementation of an Information Security Risk Management program
- Domain 3 Information security risk assessment
- Domain 4 Information security risk treatment
- Domain 5 Information security risk communication, monitoring and improvement
- Domain 6 Information security risk assessment methodologies
General Information
- Certification fees are included on the exam price
- Training material containing over 350 pages of information and practical examples will be distributed
- A participation certificate of 21 CPD (Continuing Professional Development) credits will be issued
- In case of exam failure, you can retake the exam within 12 months for free
ISO/IEC 27005 training course enables you to comprehend the basic concepts of Information Security Risk Management by using the standard [ISO/IEC 27005](https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27005) as a reference framework.
By attending the ISO/IEC 27005 Introduction training course, you will understand the importance of Information Security Risk Management and the benefits that businesses, society and governments can obtain.
Who should attend?
- Individuals interested in Information Security Risk Management
- Individuals seeking to gain knowledge about the main processes of Information Security Risk Management
After completing this course, you can sit for the exam and apply for the “PECB Certified ISO/IEC 27005 Foundation” credential. A PECB Foundation Certificate shows that you have understood the fundamental methodologies, processes and management approach.
Who should attend?
- Individuals interested in Information Security Risk Management
- Individuals seeking to gain knowledge about the main processes of Information Security Risk Management
- Individuals interested to pursue a career in Information Security Risk Management
The “PECB Certified ISO/IEC 27005 Foundation” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competency domains:
Domain 1: Fundamental principles and concepts of Risk Management in Information Security
Domain 2: Information Security Risk Management approaches and processes
After successfully completing the exam, you can apply for the “PECB Certified ISO/IEC 27005 Foundation” credential.
General Information
Certification fees are included in the exam price
- Training material containing over 200 pages of information and practical examples will be distributed
- A participation certificate of 14 CPD (Continuing Professional Development) credits will be issued
- In case of exam failure, you can retake the exam within 12 months for free
After completing this course, you can sit for the exam and apply for the “PECB Certified ISO/IEC 27002 Lead Manager” credential. A PECB Lead Manager Certification, proves that you have mastered the principles and techniques for the implementation and management of Information Security Controls based on ISO/IEC 27002.
Who should attend?
- Managers or consultants seeking to implement an Information Security Management System (ISMS) based on ISO/IEC 27001 and ISO/IEC 27002
- Project managers or consultants seeking to master the Information Security Management System implementation process
- Individuals responsible for the information security, compliance, risk, and governance, in an organization
- Members of information security teams
- Expert advisors in information technology
- Information Security officers
- Privacy officers
- IT professionals
- CTOs, CIOs and CISOs
Learning objectives
- Master the implementation of Information Security controls by adhering to the framework and principles of ISO/IEC 27002
- Gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques required for the effective implementation and management of Information Security controls
- Comprehend the relationship between the components of Information Security controls, including responsibility, strategy, acquisition, performance, conformance, and human behavior
- Understand the importance of information security for the strategy of the organization
- Master the implementation of information security management processes
- Master the formulation and implementation of security requirements and objectives
Educational approach
- This training is based on both theory and practice
- Sessions of lectures illustrated with examples based on real cases
- Practical exercises based on case studies
- Review exercises to assist the exam preparation
- Practice test similar to the certification exam
General Information
- Certification fees are included on the exam price
- Training material containing over 500 pages of information and practical examples will be distributed to the participants
- A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued to the participants
- In case of exam failure, you can retake the exam within 12 months for free
ISO/IEC 27001 Foundation training allows you to learn the basic elements to implement and manage an Information Security Management System as specified in [ISO/IEC 27001](https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27001). During this training course, you will be able to understand the different modules of ISMS, including ISMS policy, procedures, performance measurements, management commitment, internal audit, management review and continual improvement.
After completing this course, you can sit for the exam and apply for the “PECB Certified ISO/IEC 27001 Foundation” credential. A PECB Foundation Certificate shows that you have understood the fundamental methodologies, requirements, framework and management approach.
Who should attend?
- Individuals involved in Information Security Management
- Individuals seeking to gain knowledge about the main processes of Information Security Management Systems (ISMS)
- Individuals interested to pursue a career in Information Security Management
Educational approach
- Lecture sessions are illustrated with practical questions and examples
- Practical exercises include examples and discussions
- Practice tests are similar to the Certification Exam
By the end of this training, participants will be able to:
- Understand IoT architectures.
- Understand emerging IoT security threats and solutions.
- Implement technologies for IoT security in their organization.
By the end of this training, participants will be able to:
- Understand information security at both the computer level, as well as the communications level.
- Prevent physical and digital access to private information systems.
- Prevent the modification of information that is stored, being processed, or being transmitted.
- Protect against denial of service to authorized users.
- Take the necessary measures to detect, document, and counter security threats.
- Ensure that organizational information is kept confidential.
This course is the non-certifcation version of the "[CISA - Certified Information Systems Auditor](/cc/cisa)" course. CISA® is the world-renowned and most popular certification for professionals working in the field of IS audit and IT risk consulting.
Objectives:
- Use the knowledge gained to benefit your organisation
- Provide audit services in accordance with IT audit standards
- Provide assurance on leadership and organizational structure and processes
- Provide assurance on acquisition/ development, testing and implementation of IT assets
- Provide assurance on IT operations including service operations and third party
- Provide assurance on organization’s security policies, standards, procedures, and controls to ensure confidentiality, integrity, and availability of information assets.
Target Audience:
Finance/CPA professionals, I.T. professionals, Internal & External auditors, Information security, and risk consulting professionals.
This is an Instructor led course, and is the non-certification version of the "[CISMP - Certificate in Information Security Management Principles](/cc/cismp)" course
Description:;
The course will provide you with the knowledge and understanding of the main principals required to be an effective member of an information security team with security responsibilities as part of your day to day role. It will also prepare individuals who are thinking of moving into information security or related functions.
Objectives:
To provide students with the skills and knowledge required to demonstrate the following:
- Knowledge of the concepts relating to information security management (confidentiality, availability, vulnerability, threats, risks and countermeasures etc.)
- Understanding of current legislation and regulations which impact upon information security management in the UK; Awareness of current national and international standards, frameworks and organisations which facilitate the management of information security;
- Understanding of the current business and technical environments in which information security management has to operate;
- Knowledge of the categorisation, operation and effectiveness of controls of different types and characteristics.
In this instructor-led, live training, participants will learn how to secure an application by instrumenting runtime agents and attack inducers to simulate application behavior during an attack.
By the end of this training, participants will be able to:
- Simulate attacks against applications and validate their detection and protection capabilities
- Use RASP and DAST to gain code-level visibility into the data path taken by an application under different runtime scenarios
- Quickly and accurately fix the application code responsible for detected vulnerabilities
- Prioritize the vulnerability findings from dynamic scans
- Use RASP real-time alerts to protect applications in production against attacks.
- Reduce application vulnerability risks while maintaining production schedule targets
- Devise an integrated strategy for overall vulnerability detection and protection
Audience
- DevOps engineers
- Security engineers
- Developers
Format of the course
- Part lecture, part discussion, exercises and heavy hands-on practice
To ensure that an individual has the core understanding of GRC processes and capabilities, and the skills to integrate governance, performance management, risk management, internal control, and compliance activities.
Overview:
- GRC Basic terms and definitions
- Principles of GRC
- Core components, practices and activities
- Relationship of GRC to other disciplines
Leaders will receive information in various topics that will build their knowledge and hone executive decision-making in regard to the cybersecurity threat.
This program incorporates instruction and practice to get students ready to take the CEH certification exam as well as the CEH Practical Exam. Candidates who successfully pass both exams earn the CEH Master credential as well as their CEH certification.
Students are given the choice to add either the CPENT or the CHFI course to their package.
Training for either the Certified Penetration Testing Professional (CPENT) course or the Computer Hacking Forensic Investigator (CHFI) course will be given to each student via EC-Council’s online, self-paced, streaming video program.
CPENT (Pen-test):
Teaches students how to apply the concepts and tools taught in the CEH program to a pen-test methodology in a live cyber range.
CHFI (Computer Forensics):
Teaches students a methodological approach to computer forensics including searching and seizing, chain-of-custody, acquisition, preservation, analysis and reporting of digital evidence.
Course Description
CEH provides an in-depth understanding of ethical hacking phases, various attack vectors, and preventative countermeasures. It will teach you how hackers think and act maliciously so you will be better positioned to setup your security infrastructure and defend against future attacks. An understanding of system weaknesses and vulnerabilities helps organizations strengthen their system security controls to minimize the risk of an incident.
CEH was built to incorporate a hands-on environment and systematic process across each ethical hacking domain and methodology, giving you the opportunity to work towards proving the required knowledge and skills needed to achieve the CEH credential. You will be exposed to an entirely different posture toward the responsibilities and measures required to be secure.
Who Should Attend
- Law enforcement personnel
- System administrators
- Security officers
- Defense and military personnel
- Legal professionals
- Bankers
- Security professionals
About the Certified Ethical Hacker Master
To earn the CEH Master certification, you must pass the CEH Practical exam. The CEH Practical Exam was designed to give students a chance to prove they can execute the principals taught in the CEH course. The practical exam requires you to demonstrate the application of ethical hacking techniques such as threat vector identification, network scanning, OS detection, vulnerability analysis, system hacking, and more.
The CEH Practical does not contain simulations. Rather, you will be challenging a live range which was designed to mimic a corporate network through the use of live virtual machines, networks, and applications.
Successfully completing the challenges found in the CEH Practical Exam is the next step after attaining the Certified Ethical Hacker (CEH) certification. Successfully passing both the CEH exam and the CEH Practical will earn you the additional certification of CEH Master.
About the Certified Ethical Hacker Practical
To prove that you are skilled in ethical hacking, we test your abilities with real-world challenges in a real-world environment, using labs and tools requiring you to complete specific ethical hacking challenges within a time limit, just as you would face in the real world.
The EC-Council CEH (Practical) exam is comprised of a complex network that replicates a large organization’s real-life network and consists of various network systems (including DMZ, Firewalls, etc.). You must apply your ethical hacking skills to discover and exploit real-time vulnerabilities while also auditing the systems.
[CEH-RoadtoMaster]
About CPENT
EC-Council’s Certified Penetration Tester (CPENT) program is all about the pen test and will teach you to perform in an enterprise network environment that must be attacked, exploited, evaded, and defended. If you have only been working in flat networks, CPENT’s live practice range will teach you to take your skills to the next level by teaching you to pen test IoT systems, OT systems, as well as how to write your own exploits, build your own tools, conduct advanced binaries exploitation, double pivot to access hidden networks, and customization of scripts and exploits to get into the innermost segments of the network.
About CHFI
The Computer Hacking Forensic Investigator (CHFI) course delivers the security discipline of digital forensics from a vendor-neutral perspective. CHFI is a comprehensive course covering major forensic investigation scenarios and enabling students to acquire necessary hands-on experience with various forensic investigation techniques and standard forensic tools necessary to successfully carry out a computer forensic investigation.