C)SP: Certified Security Principles
The Certified Security Principles (C)SP) course is going to prepare you for security across the entire environment including understanding risk management, identity and access control, network and data security. This is just a short list of everything covered within this course, which will include new technologies like IoT and cloud services. This course is intended to prepare you to become a benefit to any company attempting to improve its security posture.
Description
Overview
Security Principles are your first line of defense, but often the last box checked. The IT world never stands still. Therefore, neither can IT security. It does not matter if we are talking about the implementation of IoT devices or cloud services, security is important. According to a recent study, the top source of security incidents within a company are the current employees.
The Certified Security Principles, C)SP, course is going to prepare you for security across the entire environment including understanding risk management, identity and access control, network and data security. This is just a short list of everything that we cover within this course, which will include new technologies like loT and cloud services. This course is intended to prepare you to become a benefit to any company that is attempting to improve its security posture!
The C)SP is a Foundational Part of Several Career Paths. We suggest that you master the concepts in the C)SP before moving into 300 level in the Management, Response and Recovery, or Auditing Career Paths. This course will introduce you to many of the key concepts you will need to succeed in the other courses.
Course Objectives
Upon completion, the Certified Security Principles candidate will not only be able to competently take the C)SP exam but will also understand the principle security knowledge to keep companies' IP and IT infrastructure safe.
Who Should Attend
- IT Professionals
- Server Administrators
- Virtualization and Cloud Administrators
Course Outline
Module 1: Introduction to IT Security
- Understanding Security
- Responsibilities
- Building a Security Program
- CIA Triad
- Governance, Risk, Compliance
- State of Security Today
Module 2: Risk Management
- Risk Management
- Risk Assessment
- Types of Risk, Threats and Vulnerabilities
- Mitigating Attacks
- Discovering Vulnerabilities and Threats
- Responding to Risk
Module 3: Understanding of Cryptography
- Understanding Cryptography
- Symmetric Encryption
- Asymmetric Encryption
- Hashing
- PKI
- Cryptography in Use
Module 4: Understanding Identity and Access Management
- Identity Management
- Authentication Techniques
- Single Sign-on
- Access Control Monitoring
Module 5: Managing Data Security
- Virtualization Principles
- Key Components Mapped to Cloud Layer
- Key Security Concerns
- Other Technologies Used in the Cloud
- The Layers
- Relevant CCM Controls
Module 6: Data Security
- Different Types of Storage
- Encryption Options
- Data Management
Module 7: Managing Server/Host Security
- The Operating Systems
- Hardening the OS
- Physical security
- Virtualization and Cloud Technologies
Module 8: Application Security for Non-Developers
- Application Security Principle
- Software Development Life Cycle
- OWASP Top 10
- Hardening Web Applications
- Patch/Update/Configuration Management
Module 9: Understanding Mobile Device Security (IoT)
- What Devices are we talking about?
- What is the risk?
- Hardening Mobile/IoT Devices
- Corporate Management
Module 10: Managing Day to Day Security
- Company Responsibilities
- Product Management
- Business Continuity Basics
- Incident Response
- Why Train?
Module 11: Understating Compliance and Auditing
- Benefits of Compliance
- Assurance Frameworks
- What is Auditing
Prerequisites
- 12 Months of experience with server administration