Cyber Security Programme with Job Guarantee
Was £3,999, Now £2,496
Select an option below to show price
/ month for 13 months
Your Cyber Security Job Guarantee
Building IT Careers since 2018
Established in 2018 we have trained thousands of happy students who have successfully started their IT Careers. Employers appreciate how hard our students work and value the skills, qualifications and work experience our students possess upon completion. Employers want more candidates like this which is how we can offer a guaranteed job or 100% of your course fees back.
But don’t just take our word for it. Watch our 4 minute webinar with CompTIA where you will find out more about the IT Certify team and also why CompTIA themselves gave us an Award for getting students into work.
Professional and Accredited Online Learning
Established in 2018 we have been placing students into IT positions for nearly a decade
Can be completed in just 4 to 5 months based on 15 hours a week study
£28k to £35k in your first year with average salaries of £45,000 upon completion
Award Winning Premium Student Support
Our Job Guarantee Programme is for complete beginners, no experience necessary
Self paced learning means you are in complete control and can study whenever you like
All courses, exams and work experience can be studied online but with real support from real people.
7
7 easy steps to your new Cyber Security Analyst role
1. Complete the IT Courses and short internal test
2. Pass the CompTIA A+ exams (Core 1 and Core 2)
3. Begin your £28,000 to £35,000 IT role
4. Complete the Cyber Security Courses, Labs and Badges whilst working
5. Pass the CompTIA Security+ exam with your teacher
6. Pass the CompTIA Cyber Security Analyst+ exam
7. Begin your Cyber Security Analyst Role (average salary £45k)
5 Qualifications and Badges recognised worldwide
CompTIA Tech+
CompTIA A+ Core 1 and Core 2
CompTIA Network+
CompTIA Cloud+
Microsoft Endpoint Administrator
Microsoft Windows
Cisco CCNA
Microsoft Azure
CompTIA Linux+
CompTIA Security+
CompTIA Cyber Security Analyst (CySA+)
CompTIA SECAI+
CompTIA SecurityX
CompTIA Pentest+
Ethical Hacker
4 x Exams
CompTIA A+ Core 1
CompTIA A+ Core 2
CompTIA Security+
CompTIA CySA+
2 x CompTIA Skill Badges
CompTIA AI Essentials
CompTIA Prompting Essentials
4 x Practice Labs
AI Prompting
CompTIA A+ Core 2
CompTIA Security+
CompTIA CySA+
Your own personal career advisor
Your own personal placement advisor
Complete CV build and Cover letter
Linkedin Profile Build
Employer reference
All backed up by our job guarantee
Or 100% of your course fees back
The most skilled and qualified job programme
Our Cyber Security Job Guarantee Programme comes with SIX official CompTIA Exams and Skill Badges.
We include 4 official CompTIA exams with CompTIA A+ Core 1, CompTIA A+ Core 2, CompTIA Security+ and CompTIA Cyber Security Analyst+. We also include 2 official CompTIA Skill Badges with CompTIA AI Essentials and CompTIA Prompting Essentials.
We then solidify your work experience by providing four times the average practical experience with practice labs for CompTIA A+ Core 2, CompTIA Security+, CompTIA Cyber Security Analyst+ and AI Prompting.
Our Award Winning Job Guarantee
Our Award Winning Cyber Security Job Programme comes with a no quibble Guaranteed job or 100% of your course fees back. You don’t need any previous IT experience and the programme is for complete beginners.
It’s super fast too, on average students will be able to begin their career in IT in just 4 weeks after graduating with us. All with the full support of your own recruitment team who will discuss with you the different options available whether your aim is remote work, hybrid or office based. Or perhaps your goal is purely financial, flexibility, more family time or to simply future proof your career.
All backed by a job guarantee starting salary of £28,000 to £35,000 in your first year with average salaries of £45,000 on completion.
Our graduates work in some of the biggest companies in the world
Thanks to our Award Winning Career Team
Get a free IT career consultation.
Concise summary of each course included
CompTIA Tech+
The CompTIA Tech+ course is perfect for you if you’re considering a career in IT or if you work in a similar field that requires a broad understanding of IT, like in a sales role at an IT company.
CompTIA IT Fundamentals is a stepping stone to more advanced certifications such as CompTIA A+, and then to CompTIA Network+ and CompTIA Security+.
The CompTIA Tech+ course focuses on the essential IT skills and knowledge needed by advanced end-users and entry-level IT professionals:
- Identifying and explaining computer components.
- Setting up a workstation: including conducting software installations.
- Establishing network connectivity.
- Identifying compatibility issues and identifying and preventing security risks.
- Managing the safety and preventative maintenance of computers.
CompTIA A+
The CompTIA A+ is in two parts 220-1201 (Core 1) and 220-1202 (Core 2). Covering a wide range of topics including mobile devices, networking, hardware, operating systems, virtualization, cloud computing, security, and operational procedures.
You will be guided through hands-on activities and real-world scenarios that will reinforce your understanding of critical IT concepts. You will learn how to configure and troubleshoot various devices, manage networks, and implement security measures, all while developing a strong grasp of operational procedures.
Course Objectives
Identify and troubleshoot mobile device hardware and software issues.
Understand network architecture, protocols, and troubleshooting methods.
Configure and maintain various hardware components, including motherboards, CPUs, and storage devices.
Install and configure different operating systems, including Windows, macOS, and Linux.
Implement virtualization and cloud computing concepts effectively.
Apply security best practices to protect devices and networks from threats.
Utilize operational procedures to enhance IT service management and support.
CompTIA Network+
The CompTIA Network + course will enhance and develop your career in IT infrastructure and prove your different elements of Network skills:
Understand networking concepts, including the OSI and DOD models.
Implement routing and switching technologies effectively.
Configure and manage wireless networks and devices.
Monitor network performance and implement disaster recovery plans.
Comprehend network security principles and defend against common attacks.
Utilize troubleshooting methodologies to resolve networking issues efficiently.
CompTIA Cloud+
The CompTIA Cloud+ course will equip you with the knowledge and skills necessary to effectively manage and optimize cloud environments. Covering essential topics such as cloud architecture, deployment models, operations, security, and DevOps fundamentals, this course provides a robust framework for understanding the complexities of cloud technology - essential for today’s cloud-centric job market.
Course Objectives
Understand cloud service models and the shared responsibility model.
Evaluate resource availability and disaster recovery strategies.
Explore cloud deployment models and migration strategies.
Learn cloud security concepts, including vulnerability management and compliance.
Gain insights into DevOps practices, including CI/CD pipelines and source control.
Troubleshoot deployment, network, and security issues in cloud environments.
Microsoft Windows
The Microsoft Windows course will cover Windows 11 and the difference between Windows 10. It will equip you building solid identities, protection of content (data loss protection), mobile device management policy, virtualization with Hyper-V, application management using the Company Portal and the Windows Store. You’ll also understand Windows security and integrated Azure features as well as below:
Understand the major differences between Windows 10 and Windows 11.
Check system compatibility and upgrade to Windows 11.
Navigate the Windows 11 interface, including the Start Menu and Taskbar.
Manage files effectively using File Explorer and OneDrive.
Customize Windows 11 settings, themes, and personalization options.
Install, manage, and uninstall applications efficiently.
Utilize productivity tools such as Microsoft Teams and virtual desktops.
Configure system settings for optimal performance and power management.
Implement Windows 11 security features to protect against threats.
Set up and troubleshoot networking and connectivity issues.
Explore advanced features and troubleshoot common problems.
Microsoft Endpoint Administrator
Throughout the Microsoft Endpoint Administrator course, you will delve into essential topics such as device enrolment, configuration profiles, application management, and security policies. This course validates your ability to manage devices, applications, and security in a modern workplace, making you an invaluable asset to any organization leveraging Microsoft 365 technologies.
Course Objectives
Understand device join types and enroll devices in Microsoft Entra ID.
Configure enrollment settings and automatic enrollment for Windows.
Manage devices using Windows Autopilot and provisioning packages.
Create and manage device configuration profiles for various operating systems.
Implement application deployment and protection policies using Microsoft Intune.
Establish security baselines and manage antivirus, firewall, and encryption policies.
Integrate Intune with Microsoft Defender for Endpoint to enhance security.
Plan and implement updates and compliance policies for devices.
Cisco CCNA
Throughout the CCNA course, you will engage with a variety of modules that delve into network fundamentals, device management, switching, routing, IP services, wireless technologies, security fundamentals, and automation.
Course Objectives
Understand and apply networking fundamentals, including the OSI and TCP/IP models.
Manage Cisco devices and configure network connectivity using basic commands.
Implement switching technologies, including VLANs and Spanning Tree Protocol.
Configure and troubleshoot IPv4 and IPv6 addressing and subnetting.
Understand routing fundamentals, including static and dynamic routing protocols.
Implement essential IP services such as DHCP and NAT.
Gain knowledge in wireless networking principles and configurations.
Implement security measures for network devices and data integrity.
Explore network automation and programmability concepts.
Module 2
• 2.1 Service And Service Management Part 1
• 2.2 Service And Service Management Part 2
• 2.3 Service Management Processes Part 1
• 2.4 Service Management Processes Part 2
• 2.5 Service Management Best Practices And Summary
Module 3
• 3.1 Service Management Practices
• 3.2 Why ITIL
• 3.3 The Service Lifecycle
Module 4
• 4.1 Service Strategy Purpose And Objectives
• 4.2 Service Strategy Scope
• 4.3 Business Value Stubble
• 4.4 Key Principles Part 1
• 4.5 Key Principles Part 2
• 4.6 Service Stragey Processes
Module 5
• 5.1 Service Design Purpose And Objectives
• 5.2 Scope Of Service Design
• 5.3 Business Value Service Design
• 5.4 Service Design Key Principles
• 5.5 Service Design Processes Part 1
• 5.6 Service Design Processes Part 2
• 5.7 Service Design Processes Part 3
• 5.8 Service Design Processes Part 4
Module 6
• 6.1 Service Transition Purpose And Objectives
• 6.2 Service Transition Scope And Business Value
• 6.3 Service Transition Key Principles
• 6.4 Service Transition Processes Part 1
• 6.5 Service Transition Processes Part 2
• 6.6 Service Transition Processes Part 3
• 6.7 Service Transition Processes Part 4
Module 7
• 7.1 Intro To Service Operation
• 7.2 Service Operation Basic Concepts
• 7.3 Service Operation Processes Part 1
• 7.4 Service Operation Processes Part 2
• 7.5 Service Operation Access Management
• 7.6 Service Operation Functions
Module 8
• 8.1 Continual Service Improvement Purpose Objectives AndScope
• 8.2 Continual Service Improvement Key Principles
• 8.3 Continual Service Improvement Processes
Module 9
• 9.1 SMT
• 9.2 SMT Service Automation
• 9.3 SMT Service Analytics
• 10.1 How It All Fits Together
• 10.2 Outro
CompTIA Security + Module Outline
The eighth course on the cyber security course programme: The CompTIA Security+ course will prepare you to become CompTIA Security+ certified. ITcertify covers many vendor neutral topics including different types of threats and attacks, networking technologies and tools, secure design and architecture, identity and access management, risk assessment and management, and finishes with Cryptography and Public Key Infrastructure.
You will cover everything from the ever-expanding virtualisation of computing systems to industry management of smart devices. These topics will be covered from a ground up perspective so that even inexperienced students will be able to follow. IT security is the fastest growing IT sector and its importance is recognised by every company.
Threats, Attacks, and Vulnerabilities
1.1 Introduction
1.2 Types Of Malware- Part 1
1.3 Types Of Malware- Part 2
1.4 Types Of Attacks- Part 1
1.5 Types Of Attacks- Part 2
1.6 Types Of Attacks- Part 3
1.7 Types Of Attacks- Part 4
1.8 Types Of Attacks- Part 5
1.9 Threat Actors- Part 1
1.10 Threat Actors- Part 2
1.11 Penetration Testing And Vulnerability Scanning- Part 1
1.12 Penetration Testing And Vulnerability Scanning- Part 2
1.13 Impact Of Vulnerabilities- Part 1
1.14 Impact Of Vulnerabilities- Part 2
Technologies and Tools
2.1 Networking Hardware And Software- Part 1
2.2 Networking Hardware And Software- Part 2
2.3 Networking Hardware And Software- Part 3
2.4 Networking Hardware And Software- Part 4
2.5 Networking Hardware And Software- Part 5
2.6 Networking Hardware And Software- Part 6
2.7 Security Assessment- Part 1
2.8 Security Assessment- Part 2
2.9 Troubleshooting Issues- Part 1
2.10 Troubleshooting Issues- Part 2
2.11 Securing Mobile Devices- Part 1
2.12 Securing Mobile Devices- Part 2
2.13 Securing Mobile Devices- Part 3
2.14 Securing Mobile Devices- Part 4
2.15 Secure Protocols- Part 1
2.16 Secure Protocols- Part 2
Architecture and Design
3.1 Secure Network Architecture- Part 1
3.2 Secure Network Architecture- Part 2
3.3 Secure System Designs- Part 1
3.4 Secure System Designs- Part 2
3.5 Secure Staging Deployment Concepts
3.6 Embedded Systems- Part 1
3.7 Embedded Systems- Part 2
3.8 Application Development And Deployment- Part 1
3.9 Application Development And Deployment- Part 2
3.10 Application Development And Deployment- Part 3
3.11 Physical Security Controls- Part 1
3.12 Physical Security Controls- Part 2
3.13 Physical Security Controls- Part 3
3.14 Cloud Virtualization- Part 1
3.15 Cloud Virtualization- Part 2
Identity and Access Management
4.1 Identity And Access Management- Part 1
4.2 Identity And Access Management- Part 2
4.3 Identity And Access Services- Part 1
4.4 Identity And Access Services- Part 2
4.5 Management Controls- Part 1
4.6 Management Controls- Part 2
4.7 Account Management Practices- Part 1
4.8 Account Management Practices- Part 2
4.9 Account Management Practices- Part 3
Risk Management
5.1 Organizational Security- Part 1
5.2 Organizational Security- Part 2
5.3 Business Impact Analysis Concepts- Part 1
5.4 Business Impact Analysis Concepts- Part 2
5.5 Risk Management- Part 1
5.6 Risk Management- Part 2
5.7 Incident Response Procedures- Part 1
5.8 Incident Response Procedures- Part 2
5.9 Forensics- Part 1
5.10 Forensics- Part 2
5.11 Disaster Recovery- Part 1
5.12 Disaster Recovery- Part 2
5.13 Types Of Control- Part 1
5.14 Types Of Control- Part 2
5.15 Data Security And Privacy Practices- Part 1
5.16 Data Security And Privacy Practices- Part 2
Cryptography and PKI
6.1 Cryptographic Basics- Part 1
6.2 Cryptographic Basics- Part 2
6.3 Cryptographic Basics- Part 3
6.4 Cryptographic Algorithms- Part 1
6.5 Cryptographic Algorithms- Part 2
6.6 Wireless Security- Part 1
6.7 Wireless Security- Part 2
6.8 Implementing PKI- Part 1
6.9 Implementing PKI- Part 2
6.10 Implementing PKI- Part 3
6.11 Conclusion
CompTIA Linux + Module Outline
The ninth course on the cyber security course programme: CompTIA Linux+ validates the competencies required of an early career system administrator supporting Linux systems. Here you will learn how to be able to perform maintenance tasks with the command line, install & configure a workstation and be able to configure a basic network
Intro and Instructions
Intro
1. Introduction
2. Introduction to Building Labs
3. Things You Need To Do
4. Install Demo Virtual Box
Instructions
1. Navigation
2. Commands with Lab Demo
3. Internal and External Commands
4. Overview of Shell Commands Tricks
5. Exploring Shell Configuration
6. Stream Redirection
7. Overview of Processing Text Using Filters
8. Overview File-Viewing Commands
9. Overview Using Grep
10. Syntax and Summary
11. Overview of Exam Essentials
Managing Software and Configuring hardware
2.1 Managing Software
2.2 Overview Using RPM
2.3 RPM Part 2
2.4 Overview Using Cpio
2.5 Overview Using Debian and Apt_cache
2.6 Using Apt-get
2.7 Debian Tools
2.8 Managing Shared Libraries
2.9 Overview Locating Library Files
2.10 Foreground and Background Processes
2.11 Managing Software Summary
3.1 Configuring Hardware
3.2 Configuring Devices
3.3 Configuring USB
3.4 Configuring Hard Disk
3.5 Designing Hard Disk Layout
3.6 Logical Volume Management
3.7 Creating Partitions Filesystems
3.8 Overview Using Fdisk
3.9 Overview Common Filesystem Types
3.10 Creating Filesystem
3.11 Maintaining Filesystem Health
3.12 Configuring Hardware Summary
Managing Files and Booting Files
4.1 Managing Files
4.2 File Archiving Commands
4.3 Managing Files Ownership
4.4 Managing Disk Quotas
4.5 Directories and Content
4.6 Overview Tools for Locating Files
4.7 Overview of Exam Essentials
5.1 Booting Linux and Editing Files
5.2 Boot and Reboot
5.3 Understanding the Boot Process
5.4 Runlevels Process
5.5 Managing Runlevel Services
5.6 Editing with Vi
5.7 Booting Summary
X and Admin
6.1 X Windows Systems
6.2 X Configuration Options
6.3 X Configuration Options part 2
6.4 Configuring X Fonts
6.5 Configuring Xft Fonts
6.6 Overview Managing GUI Logins
6.7 Using X for Remote Access
6.8 X Accessibility
6.9 Addition Assistive Technologies
6.10 Configuring Localization and Internationalization
6.11 Querying and Setting Your Locale
6.12 Configuring Printing
6.13 Configuring Printing part 2
6.14 Using Web-based CUPS Utilities
7.1 Administering
7.2 Directly Modifying Account Configuration
7.3 Components of Account
7.4 Adding Groups
7.5 Tuning User and System Environments
7.6 Reviewing Log File Contents
7.7 Maintaining System Time
7.8 Admin Summary
Basic Networking and Scripts
8.1 Basic Networking
8.2 Network Addressing
8.3 Network Addressing Part 2
8.4 DNS Data Flow Zone and Resolution
8.5 Network Ports
8.6 Connections
8.7 Testing Connectivity
8.8 Wireshark Demo
8.9 Basic Networking Summary
9.1 Scripts E-mail and Databases
9.2 Writing Scripts
9.3 Writing Scripts Part 2
9.4 Managing E-mail
9.5 Managing Data with SQL
9.6 Advantages of Database
9.7 Scripts Summary
Security
10.1 Security
10.2 Controlling Access Via TCP Wrappers
10.3 Configuring Xinetd
10.4 Uninstalling Or Reconfiguring Servers
10.5 Tools for Managing Passwords
10.6 Configuring SSH
10.7 SSH Keys
10.8 Controlling SSH Access
10.9 Using GPG
10.10 Security Summary
CompTIA Cyber Security Analyst CySA +
The tenth course on the cyber security course programme: The CompTIA Cyber Security Analyst CySA+ focuses on the knowledge and skills required to configure and use threat-detection tools, perform data analysis, and interpreting the results with the end goal of securing an organization’s applications and systems.
The CompTIA Cyber Security Analyst CySA+ is a vendor neutral certification that expects three to four years of experience in a related field as well as a Security+ or equivalent knowledge.
The CompTIA Cyber Security Analyst CySA+ lies between the CompTIA Security + as well as the CompTIA Advanced Security Practitioner (CASP) exams and is an excellent go between to tackle before diving into the CASP, but when the Security+ isn’t enough.
Here you will gain an understanding of security best practices and protocols beyond that which is provided by the CompTIA Security + and will prove a level of expertise beyond that of basic security practices that are followed when using a computer. This allows any employee to prove a better understanding of enterprise security practices, and the necessary tools needed to protect a company network. The modules of this course align with the official objects of the certification and will expand past the scope of the certification to provide real life examples.
Threat Management
Module 1: Threat Management
1.1 Introduction
1.2 Given a scenario, apply environmental reconnaissance
techniques using appropriate tools and processes Part 1
1.3 Given a scenario, apply environmental reconnaissance
techniques using appropriate tools and processes
1.4 Given a scenario, apply environmental reconnaissance
techniques using appropriate tools and processes
1.5 Given a scenario, apply environmental reconnaissance
techniques using appropriate tools and processes Part 4
1.6 Given a scenario, apply environmental reconnaissance
techniques using appropriate tools and processes Part 5
1.7 Given a scenario, apply environmental reconnaissance
techniques using appropriate tools and processes Part 6
1.8 Given a scenario, apply environmental reconnaissance
techniques using appropriate tools and processes Part 7
1.9 Given a scenario, apply environmental reconnaissance
techniques using appropriate tools and processes Part 8
1.10 Given a scenario, apply environmental reconnaissance
techniques using appropriate tools and processes Part 9
1.11 Given a scenario, analyze the results of a network
reconnaissance Part 1
1.12 Given a scenario, analyze the results of a network
reconnaissance Part 2
1.13 Given a scenario, analyze the results of a network
reconnaissance Part 3
1.14 Given a scenario, analyze the results of a network
reconnaissance Part 4
1.15 Given a scenario, analyze the results of a network
reconnaissance Part 5
1.16 Given a network-based threat, implement or recommend the appropriate response and countermeasure Part 1
1.17 Given a network-based threat, implement or recommend the appropriate response and countermeasure Part 2
1.18 Given a network-based threat, implement or recommend the appropriate response and countermeasure Part 3
1.19 Given a network-based threat, implement or recommend the appropriate response and countermeasure Part 4
1.20 Explain the purpose of practices used to secure a corporate environment Part 1
1.21 Explain the purpose of practices used to secure a corporate environment Part 2
1.22 Explain the purpose of practices used to secure a corporate environment Part 3
1.23 Explain the purpose of practices used to secure a corporate environment Part 4
Vulnerability Management
2.1 Given a scenario, implement an information security
vulnerability management process Part 1
2.2 Given a scenario, implement an information security
vulnerability management process Part 2
2.3 Given a scenario, implement an information security
vulnerability management process Part 3
2.4 Given a scenario, implement an information security
vulnerability management process Part 4
2.5 Given a scenario, implement an information security
vulnerability management process Part 5
2.6 Given a scenario, implement an information security
vulnerability management process Part 6
2.7 Given a scenario, implement an information security
vulnerability management process Part 7
2.8 Given a scenario, analyze the output resulting from a
vulnerability scan Part 1
2.9 Given a scenario, analyze the output resulting from a
vulnerability scan Part 2
2.10 Compare and contrast common vulnerabilities found in
the following targets within an organization Part 1
2.11 Compare and contrast common vulnerabilities found in
the following targets within an organization Part 2
2.12 Compare and contrast common vulnerabilities found in
the following targets within an organization Part 3
Cyber Incident Response
3.1 Given a scenario, distinguish threat data or behavior to
determine the impact of an incident Part 1
3.2 Given a scenario, distinguish threat data or behavior to
determine the impact of an incident Part 2
3.3 Given a scenario, distinguish threat data or behavior to
determine the impact of an incident Part 3
3.4 Given a scenario, prepare a toolkit and use appropriate
forensic tools during an investigation Part 1
3.5 Given a scenario, prepare a toolkit and use appropriate
forensic tools during an investigation Part 2
3.6 Given a scenario, prepare a toolkit and use appropriate
forensic tools during an investigation Part 3
3.7 Given a scenario, prepare a toolkit and use appropriate
forensic tools during an investigation Part 4
3.8 Given a scenario, prepare a toolkit and use appropriate
forensic tools during an investigation Part 5
3.9 Explain the importance of communications during the
incident response process
3.10 Given a scenario, analyze common symptoms to select
the best course of action to support incident response Part 1
3.11 Given a scenario, analyze common symptoms to select
the best course of action to support incident response Part 2
3.12 Given a scenario, analyze common symptoms to select
the best course of action to support incident response Part 3
3.13 Given a scenario, analyze common symptoms to select
the best course of action to support incident response Part 4
3.14 Summarize the incident recovery and post-incident response process Part 1
3.15 Summarize the incident recovery and post-incident response process Part 2
3.16 Summarize the incident recovery and post-incident response process Part 3
3.17 Summarize the incident recovery and post-incident response process Part 4
Security Architecture and Tool Sets
4.1 Explain the relationship between frameworks, common
policies, controls, and procedures Part 1
4.2 Explain the relationship between frameworks, common
policies, controls, and procedures Part 2
4.3 Explain the relationship between frameworks, common
policies, controls, and procedures Part 3
4.4 Explain the relationship between frameworks, common
policies, controls, and procedures Part 4
4.5 Given a scenario, use data to recommend remediation of
security issues related to identity and access management
Part 1
4.6 Given a scenario, use data to recommend remediation of
security issues related to identity and access management
Part 2
4.7 Given a scenario, use data to recommend remediation of
security issues related to identity and access management
Part 3
4.8 Given a scenario, use data to recommend remediation of
security issues related to identity and access management
Part 4
4.9 Given a scenario, review security architecture and make
recommendations to implement compensating controls Part 1
4.10 Given a scenario, review security architecture and make
recommendations to implement compensating controls Part 2
4.11 Given a scenario, review security architecture and make
recommendations to implement compensating controls Part 3
4.12 Given a scenario, use applications security best practices
while participating in the Software Development Life Cycle
(SDLC) Part 1
4.13 Given a scenario, use applications security best practices
while participating in the Software Development Life Cycle
(SDLC) Part 2
4.14 Overview
4.15 Conclusion
Cloud Computing Security Knowledge
The eleventh course on the cyber security course programme: The Cloud Computing Security Knowledge course provides students thorough coverage of cloud security fundamentals. The course begins with a detailed description of cloud computing and then expands into all major domains such as; Governance and Risk Management, the Cloud Architectural Framework and Business Continuity/Disaster Recovery. Upon completing this course, ITcertify students will be experts in the following topics:
- Understanding cloud computing security challenges
- Cloud computing security controls
- Resiliency and Measured Usage
- Understand the cloud computing architectural framework
1: Architecture
• NIST Definitions
• Essential Characteristics
• Service Models
• Deployment Models
• Multi-Tenancy
• CSA Cloud Reference Model
• Jericho Cloud Cube Model
• Cloud Security Reference Model
• Cloud Service Brokers
• Service Level Agreements
2: Governance and Enterprise Risk Management
• Contractual Security Requirements
• Enterprise and Information Risk Management
• Third Party Management Recommendations
• Supply chain examination
• Use of Cost Savings for Cloud
3: Legal Issues: Contracts and Electronic Discovery
• Consideration of cloud-related issues in three dimensions
• eDiscovery considerations
• Jurisdictions and data locations
• Liability for activities of subcontractors
• Due diligence responsibility
• Federal Rules of Civil Procedure and electronically stored information
• Metadata
• Litigation hold
4: Compliance and Audit Management
• Definition of Compliance
• Right to audit
• Compliance impact on cloud contracts
• Audit scope and compliance scope
• Compliance analysis requirements
• Auditor requirements
5: Information Management and Data Security
• Six phases of the Data Security Lifecycle and their key elements
• Volume storage
• Object storage
• Logical vs physical locations of data
• Three valid options for protecting data
• Data Loss Prevention
• Detection Data Migration to the Cloud
• Encryption in IaaS, PaaS & SaaS
• Database Activity Monitoring and File Activity Monitoring
• Data Backup
• Data Dispersion
• Data Fragmentation
6: Interoperability and Portability
• Definitions of Portability and Interoperability
• Virtualization impacts on Portability and Interoperability
• SAML and WS-Security
• Size of Data Sets
• Lock-In considerations by IaaS, PaaS & SaaS delivery models
• Mitigating hardware compatibility issues
7: Traditional Security, Business Continuity, and Disaster Recovery
• Four D’s of perimeter security
• Cloud backup and disaster recovery services
• Customer due diligence related to BCM/DR
• Business Continuity Management/Disaster Recovery due diligence
• Restoration Plan
• Physical location of cloud provider
8: Data Center Operations
• Relation to Cloud Controls Matrix
• Queries run by data center operators
• Technical aspects of a Provider’s data center operations for customers
• Logging and report generation in multi-site clouds
9: Incident Response
• Factor allowing for more efficient and effective containment and recovery in a cloud
• Main data source for detection and analysis of an incident
• Investigating and containing an incident in an Infrastructure as a Service environment
• Reducing the occurrence of application level incidents
• How often should incident response testing occur
• Offline analysis of potential incidents
10: Application Security
• Identity, entitlement, and access management (IdEA)
• SDLC impact and implications
• Differences in S-P-I models
• Consideration when performing a remote vulnerability test of a cloud-based application
• Categories of security monitoring for applications
• Entitlement matrix
11: Encryption and Key Management
• Adequate encryption protection of data in the cloud
• Key management best practices, location of keys, keys per user
• Relationship to tokenization, masking, anonymization and cloud database controls
12: Identity, Entitlement, and Access Management
• Relationship between identities and attributes
• Identity Federation
• Relationship between Policy Decision Point (PDP) and Policy Enforcement Point (PEP)
• SAML and WS-Federation
• Provisioning and authoritative sources
13: Virtualization
• Security concerns for hypervisor architecture
• VM guest hardening, blind spots, VM Sprawl, data comingling, instant-on gaps
• In-Motion VM characteristics that can create a serious complexity for audits
• How can virtual machine communications bypass network security controls
• VM attack surfaces
• Compartmentalization of VMs
14: Security as a Service
• 10 categories
• Barriers to developing full confidence in security as a service (SECaaS)
• Deployment of Security as a Service in a regulated industry prior SLA
• Logging and reporting implications
• How can web security as a service be deployed
• What measures do Security as a Service providers take to earn the trust of their customers
• ENISA Cloud Computing: Benefits, Risks and Recommendations for Information Security
• Isolation failure
• Economic Denial of Service
• Licensing Risks
• VM hopping
• Five key legal issues common across all scenarios
• Top security risks in ENISA research
• OVF
• Underlying vulnerability in Loss of Governance
• User provisioning vulnerability
• Risk concerns of a cloud provider being acquired
• Security benefits of cloud
Ethical Hacker
The Ethical Hacker course is included due to popular demand in 2022. Designed to give students an insight into the highly hands-on world of ethical hacking. It gives ITcertify students experience in network and system penetration testing. It guides the learner step-by-step through hacking and exploiting each network and system type. Tools used in the activities are a combination of Windows- and Kali Linux-based, covering a broad range of examples used by ethical hackers. The total time needed for this course is 33 hours.
In this course, you will learn hands-on penetration testing and hacking skills including:
– Footprinting, scanning, and enumeration
– Vulnerability analysis
– Sniffing and Spoofing
– Social engineering
– Denial of Service
– Web server, web application, and database hacking
– System hacking using various forms of malware and tools
– Wireless network and mobile device hacking
– Evading IDS, Firewalls, and Honeypots
– Cryptography
– Cloud computing and Internet of Things hacking
The topics in this course cover a broad range of ethical hacking concepts and techniques and will provide you with a solid foundation to pursue advanced cybersecurity studies.
Module 1 - Introduction to Ethical Hacking
• 1.1 Information Security Overview
• 1.2 Information Security Threats and Attack Vectors
• 1.3 Hacking Concepts, Types, and Phases
• 1.4 Ethical Hacking Concepts and Scope
• 1.5 Information Security Controls
• 1.6 Penetration Testing Concepts
• 1.7 Information Security Laws and Standards
Module 2 - Footprinting and Reconnaissance.
• 2.1 Footprinting Concepts
• 2.2 Footprinting Methodology
• 2.3 Footprinting Tools
• 2.4 Footprinting Countermeasures
• 2.5 Footprinting Penetration Testing
Module 3 - Network Scanning
• 3.1 Scanning Concepts
• 3.2 Discovery Scans
• 3.3 Port Scans
• 3.4 Nmap
• 3.5 Nmap Stealth Scans
• 3.6 Nmap Options
• 3.7 Hping and Other Scanners
• 3.8 SSDP Scanning
• 3.9 Scanning Beyond IDS and Firewall
• 3.10 Banner Grabbing
• 3.11 Scanning Penetration Testing
Module 4 - Enumeration
• 4.1 Enumeration Concepts
• 4.2 NetBIOS Enumeration
• 4.3 SNMP Enumeration
• 4.4 LDAP Enumeration
• 4.5 NTP Enumeration
• 4.6 SMTP and DNS Enumeration
• 4.7 Enumeration Countermeasures
• 4.8 Enumeration Penetration Testing
Module 5 - Vulnerability Analysis
• 5.1 Vulnerability Assessment Concepts
• 5.2 Vulnerability Assessment Solutions
• 5.3 Vulnerability Scoring Systems
• 5.4 Vulnerability Assessment Tools and Reports
Module 6 - Malware Threats
• 6.1 Introduction to Malware
• 6.2 Trojan Concepts
• 6.3 Virus and Worm Concepts
• 6.4 Malware Reverse Engineering
• 6.5 Malware Detection
• 6.6 Countermeasures
• 6.7 Anti-malware Software
• 6.8 Malware Penetration Testing
Module 7 - Sniffing
• 7.1 Sniffing Concepts
• 7.2 DHCP Attacks
• 7.3 MAC Attacks
• 7.4 ARP Poisoning
• 7.5 DNS Poisoning
• 7.7 Sniffing Tools
• 7.8 Countermeasures
• 7.9 Sniffing Detection Techniques
• 7.10 Sniffing Penetration Testing
Module 8 - Social Engineering
• 8.1 Social Engineering Concepts
• 8.2 Social Engineering Techniques
• 8.3 Impersonation on Social Media Sites
• 8.4 Identity Theft
• 8.5 Social Engineering Countermeasures
• 8.6 Social Engineering Penetration Testing
Module 9 - Denial of Service
• 9.1 DoS/DDoS Concepts
• 9.2 Common DoS/DDoS Attack Techniques
• 9.3 Additional DoS Attack Types
• 9.4 Botnets
• 9.5 DoS Countermeasures
• 9.6 DoS Penetration Testing
Module 10 - Session Hijacking
• 10.1 Session Hijacking Concepts
• 10.2 Browser Session Hijacking
• 10.3 Ways to Compromise a Session Token
• 10.4 Client Side Attacks
• 10.5 Session Hijacking at the Network Level
• 10.6 Session Hijacking Tools
• 10.7 Session Hijacking Countermeasures
• 10.8 Session Hijacking Penetration Testing
Module 11 - Hacking Webservers
• 11.1 Webserver Concepts
• 11.2 Webserver Attacks
• 11.3 Methodology of Webserver Attacks
• 11.4 Webserver Attack Tools
• 11.5 Webserver Attack Countermeasures
• 11.6 Webserver Patch Management
• 11.7 Webserver Security Tools
• 11.8 Webserver Pen Testing
Module 12 - Hacking Web Applications
• 12.1 Web Application Concepts
• 12.2 Web App Vulnerabilities and Exploits
• 12.3 Web Application Threats
• 12.4 Injection Attacks
• 12.5 Hidden Fields and Clickjacking
• 12.6 Cross Site Attacks
• 12.7 Additional Web App Attacks
• 12.8 Web App Hacking Methodology
• 12.9 Web App Hacking Countermeasures
• 12.10 Web App Security Tools
• 12.11 Web Application Pen Testing
Module 13 - SQL Injection
• 13.1 SQL Injection Concepts
• 13.2 Types of SQL Injections
• 13.3 SQL Injection Methodology
• 13.4 SQL Injection Tools
• 13.5 SQL Injection Countermeasures
Module 14 - Hacking Wireless Networks
• 14.1 Wireless Concepts
• 14.2 Wireless Discovery and Mapping
• 14.3 Wi-Fi Sniffers
• 14.4 Wi-Fi Attacks
• 14.5 Wi-Fi Cracking
• 14.6 Wireless Hacking Tools
• 14.7 Bluetooth Hacking
• 14.8 Wireless Hacking Countermeasures
• 14.9 Wireless Security Tools
• 14.10 Wireless Penetration Testing
Module 15 - System Hacking
• 15.1 System Hacking Methodology
• 15.2 Windows System Vulnerabilities and Exploits
• 15.3 Linux System Vulnerabilities and Exploits
• 15.4 Password Cracking Methods
• 15.5 Network Service Password Cracking
• 15.6 Windows Password Cracking
• 15.7 Linux Password Cracking
• 15.8 Password Cracking Tools
• 15.9 Other Methods for Obtaining Passwords
• 15.10 Keylogging
• 15.11 Spyware
• 15.12 Rootkits
• 15.13 Hiding Files
• 15.14 Steganography
• 15.15 Privilege Escalation
• 15.16 Creating and Maintaining Remote Access
• 15.17 Hiding Evidence
• 15.18 System Hacking Penetration Testing
Module 16 - Hacking Mobile Platforms
• 16.1 Mobile Platform Attack Vectors
• 16.2 Hacking Android OS
• 16.3 Rooting Android
• 16.4 Securing Android
• 16.5 Hacking iOS
• 16.6 Jailbreaking iOS
• 16.7 Securing iOS
• 16.8 Hacking Windows Phone OS
• 16.9 Hacking Blackberry
• 16.10 Mobile Device Management
• 16.11 Mobile Security Guidelines and Tools
• 16.12 Mobile Penetration Testing
Module 17 - Evading IDS, Firewalls, and Honeypots
• 17.1 Intrusion Detection
• 17.2 Firewalls
• 17.3 Honeypots
• 17.4 IDS, Firewall, and Honeypot Tools
• 17.5 Evasion
• 17.6 Evasion Countermeasures
• 17.7 IDS/Firewall/ Honeypot Penetration Testing
Module 18 - Crytopgraphy
• 18.1 Cryptography Concepts
• 18.2 Encryption Algorithms
• 18.3 Cryptography Tools
• 18.4 Public Key Infrastructure (PKI)
• 18.5 Email Encryption
• 18.6 Disk Encryption
• 18.7 Cryptography Attacks
• 18.8 Cryptography Penetration Testing
Module 19 - Cloud Computing
• 19.1 Introduction to Cloud Computing
• 19.2 Virtualization
• 19.3 Cloud Computing Threats
• 19.4 Countermeasures to Cloud Computing Threats
• 19.5 Cloud Computing Attacks
• 19.6 Cloud Security
• 19.7 Cloud Security Best Practices
• 19.8 Cloud Penetration Testing
Module 20 - IoT Hacking
• 20.1 IoT Concepts
• 20.2 IoT Vulnerabilities and Attacks
• 20.3 IoT Hacking Methodology and Tools
• 20.4 IoT Hacking Countermeasures
• 20.5 IoT Penetration Testing
Expert instructor led training
Our instructors are experts in the IT industry with a minimum of 15 years real world experience backed with many certifications in their subject of expertise
Visual demonstrations and multimedia presentations
Expert-led demonstrations and content rich presentations allow ITcertify students to develop their skills based on real world scenarios
Quizzes and exam simulators
Custom made practice exams reflect progress you have made throughout the course. Practice quizzes after each module build your confidence before moving to the next level.
Flash cards and educational games
ITcertify understand every student is unique and learns at a different pace. Our Flashcards and Educational Games are engineered to keep you engaged and 100% focused by providing a bit more fun to learning.
