An intensive professional development training course on
Cybersecurity
Audit Masterclass
Why Choose Cybersecurity Audit Masterclass Training Course?
The Structure
This comprehensive training course consists of two modules which can be booked as a 10 Day Training event, or as individual, 5 Day training courses.
Module 1 – Cybersecurity Audit Essentials
Module 2 – Auditing a Cybersecurity Programme
The Course Content
Module 1: Cybersecurity Audit Essentials
Day One: IT Security Evolution
- Categorizing Physical and Electronic Risk
- Networking and Communication Technology
- Computer Systems Design
- Legal and Regulatory Considerations
- Current Threat and Trend Analysis
- Review and Case Study
Day Two: Identifying and Responding to Data Breaches - Risk Assessment and Crisis Management
- IPv6 Configuration and Risks
- Domain Name System Security Extensions (DNSSEC)
- Crisis Management Planning
- Forensic and Electronic investigations
- Responding to Business Continuity
- Review and Case Study
Day Three: Preparing the Cybersecurity Audit Scope
- NIST Cybersecurity Framework
- Cyber incident response policy requirements
- COBIT 5 framework
- Audit plan as per the NIST Cybersecurity Framework
- Audit plan using the COBIT 5 framework
- Review and Case Study
Day Four: Executing the Cybersecurity Audit
- Using BowTie method for cybersecurity risk management
- Using AuditXP software for cybersecurity audit
- Creating NIST Cybersecurity Framework audit questionnaire in AuditXP
- Creating COBIT 5 framework audit questionnaire in AuditXP
- Performing the Cybersecurity audit on the example entity
- Review and Case Study
Day Five: Cybersecurity Audit Workshop
- Forming the team, audit plan and the framework
- Executing the audit
- Review of the audit findings
- Preparing recommendations
- Discussing the findings and recommendation and their implementation
- Constant monitoring and upgrade
Module 2: Auditing a Cybersecurity Programme
Day Six: Introduction to Cybersecurity
- Vulnerability assessment
- Threat analysis
- Cybersecurity risk assessment
- Cybersecurity program
- Cybersecurity risk auditing
Day Seven: Inventory Security Management
- Inventory authorized and unauthorized devices
- Inventory authorized and unauthorized software
- Secure configurations
- Continuous vulnerability assessment and remediation
- Control use of administrative privileges
- Maintenance, monitoring and analysis of audit logs
Day Eight: Network Security Management
- Email and web browser protection
- Malware defenses
- Security configurations for network devices
- Wireless access control
- Limitation and control of network ports, protocols and services
Day Nine: Data Security Management
- Data protection
- Controlled data access based on need to know
- Data recovery capability
- Boundary defenses
- Account monitoring and control
- Security skills assessment and training
Day Ten: Security Incident Management
- Application software security
- Cybersecurity Incidents
- Incident response management
- Penetration tests
- Red team exercises
The Certificate
- AZTech Certificate of Completion for delegates who attend and complete the training course
DO YOU WANT TOLEARN MORE ABOUT THIS COURSE?
© 2024. Material published by AZTech shown here is copyrighted. All rights reserved. Any unauthorized copying, distribution, use, dissemination, downloading, storing (in any medium), transmission, reproduction or reliance in whole or any part of this course outline is prohibited and will constitute an infringement of copyright.
