CYBER SECURITY SKILLS TRAINING PROSPECTUS - 7Safe
Transcript of CYBER SECURITY SKILLS TRAINING PROSPECTUS - 7Safe
CYBER SECURITY SKILLS TRAINING PROSPECTUS
www.7safe.com
PA & 7Safe Cyber Skills Training Prospectus 2
“ We look forward to partnering with you to combat the growing cyber threat across all industry sectors, through the delivery of the highest quality cyber security training.”
Richard Allen, Education Business Development Manager
03 Cyber Skills Training at 7Safe
04 7Safe Cyber Development Skills overview
05 ETHICAL HACKING COURSES
06 Hacking Insight for Managers (HIM)
07 Certified Security Testing Associate (CSTA)
08
09
10
11
12
13
14
15
16
17
18
19
Certified Security Testing Professional (CSTP)
Certified Wireless Security Analyst (CWSA)
Certified Mobile Security Tester (CMST)
Certified Application Security Tester (CAST)
Certified Secure Coding for Software Developers (CSCSD)
Certified Cloud Security Analyst (CCSA)
DIGITAL FORENSICS COURSES
Certified Data Collection Technician (CDaCT)
Certified Forensic Investigation Practitioner (CFIP)
Certified Malware Investigator (CMI)
Certified Corporate Digital Investigator (CCDI)
Certified Mac Forensics Specialist (CMFS)
Certified Linux Forensic Practitioner (CLFP)
Certified Forensic Investigation Specialist (CFIS)
Certified Cyber Investigator (CCI)
20
21
22
23 INFORMATION SECURITY TRAINING
Certified ISO 27001 Implementation Practitioner (CIIP)
Payment Card Industry Data Security Standard (PCI DSS) 24
25
INCIDENT RESPONSE & SOC COURSES26
27
28
29
30
Cyber Security Incident Response for Managers (CSIRM)
Certified Security Operations Centre Analyst (CSOSA)
Cyber Security Incident Response (CSIR)
Certified Cyber Threat Hunter (CCTH)
Cyber Technology MSC
CONTENTS CYBER SECURITY SKILLS TRAINING PROSPECTUS
31
Version 5 - 05.05.2020
PA & 7Safe Cyber Skills Training Prospectus 3
7Safe training is intensive Our consultants coach individual delegates so that they leave with the confidence to do the job that they are training for. Our aim is to foster and develop skilled professionals capable of undertaking demanding work in the fields of penetration testing/ethical hacking, cyber security incident response, cyber threat hunting, security code review, and digital forensic investigation.
7Safe training passportsDiscounted training with 7Safe’s Training Passports are the most economical way to get all the training that you or your team needs. Each Training Passport enables you to purchase a set number of training days – which can be used across our entire portfolio ofcourses – for a discounted rate compared to whenbooking the courses individually.
Cambridge Cyber Development Centre7Safe courses are taught in several locations, including our flagship Cambridge Cyber Development Centre. Our trainers use purpose-built facilities to create the right environment in which to provide structured
hands-on training. Many of our delegates remark that our approach is different and advantageous because of the personal attention they receive in this unique educational setting.
On-site training:For groups of 8 people or more, we can design a tailor-made package to meet your cyber skills requirements delivered on your site. For more details, see https://www.7safe.com/trainingoverview/custom-courses
Accredited training partnerOur 7Safe Accredited Training Partner (ATP), based in Singapore, offers access to our market leading cyber training programmes outside the UK.
Our training locations7Safe offers you a wide choice of venues designed to suit your needs and budget, starting with our flagship training centre close to the vibrant City of Cambridge.
The opportunity to perform ‘hands-on’ hacking and forensic work using the latest equipment is one
Cyber skills training at 7SafeCyber Security and Digital Investigations are rapid growth areas within IT and the skills required are in demand.
PA & 7Safe Cyber Skills Training Prospectus 4
feature of our Cyber Training Programme; others are: • Up-to-date technology and training rooms• Free lunch and coffees throughout your course• Air-conditioned training rooms in well-lit,
spacious surroundings• Free on-site car parking with no restrictions for
private car users• Near to major road network (M11/A10/A505)
and train stations• Only 36 minutes by train from central London*
7Safe’s relationship to PA ConsultingWe now deliver our technical cyber security services under the PA Consulting brand, combining with a broader portfolio of cyber security offerings to ensure we can offer the best end-to-end solution for you.
How to book your place on a 7Safe courseIf you know which course or courses you wish to attend, please use the Buy Now button on our website to book and pay online. Alternatively, you can book offline by calling us on 01763 285 285 or emailing us at [email protected]. We will then email a booking form, which is valid for seven days.
Developing a staff training programme?7Safe is able to supply your organisation’s cyber skills training requirements, either by providing places on our public training courses or by bringing our trainers to your site to deliver a programme of courses to suit your needs.
See the Table below for an overview of our public course programme, which shows the full range of our cyber skills courses and the study level for each.
ETHICAL HACKING
• Penetration Testers/Ethical Hackers• IT Security Managers• Software & Application Developers• Cloud Architects• System administrators and architects
INFORMATION SECURITY
• Finance, IT, sales & HR teams• IT Security Officers & Auditors• Information security professionals• Merchants, service providers & acquirers
INCIDENT RESPONSE
• Cyber Security Incident Responders• Security Operation Centre Analysts• Threat Hunters
Awareness Fundamentals Core Specialist
DIGITAL FORENSICS
• Computer Forensics Consultants• Cyber Security Analysts• Data Forensics Technicians• Forensic Computer Analysts
CCINetwork Forensic
Investigation
CFIS Forensic Investigation
CLFP Linux Forensic Investigation
CMFS Apple Mac Forensics
CMI Malware Investigation
CCDICorporate Digital
Investigation
CFIP Forensic Investigation
CDaCT Data Acquisition
CIIP ISO 27001
Implementation
HIM Hacking insight for
managers
PCI DSSPCI DSS
Implementation
CSCSD Secure Coding
CSIR Cyber Security Incident
Response
CCTH Certified Cyber Threat Hunting
CSIRM Cyber Security Incident
for Managers
CSOCASecurity OperationCentre functions
CMSTMobile App security
CASTAdvanced Web App Security
CSTPEthical Web Hacking
CSTA Ethical Hacking
CWSAWireless Security
CCSACloud Security
ETHICAL HACKING COURSES AND CERTIFICATIONS OVERVIEW7Safe’s ethical hacking courses are aimed at penetration testers, software developers, system administrators and network architects. We provide the latest techniques as well as valuable insight into the attack methods used by hackers and how to defend your systems against them. Our courses are between two and five days of hands-on experience, using practical exercises to discover and learn techniques/methods that will provide both developing and experienced cyber professionals with the latest in-depth knowledge.
PA & 7Safe Cyber Skills Training Prospectus 5
PA & 7Safe Cyber Skills Training Prospectus 6
What will I learn?zz You will gain an insight into the mindset and motivation of hackers, and learn how they infiltrate organisations and the damage that can followzz You will find out how organisations are exposed through the various routes of attack, including the internet, employees, social engineering, emails and wirelesszz You will learn about the security lapses behind a number of real-world, high-profile attackszz You will have the chance to try your hand at some simple web application attacks in our ‘hack lab’
How will I benefit?On this course, you will:zz Gain an understanding of IT security from an attacker’s perspectivezz Be able to evaluate the possible risks to your business from hackerszz Understand the principles of how to defend your organisation effectively from the risk of attack
Who should attend?Anyone interested in understanding the risks that hackers pose, including:zz IT managerszz Systems analystszz IT security professionals and auditorszz Security officers and data protection representatives
For a course with more hands-ontechnical content, delegates shouldconsider 7Safe’s CSTA and CSTPcourses on pages 7 and 8.
HIM prerequisiteszz No information security knowledge is needed, just basic computer literacyzz We recommend you read up on the concept of domain names and IP addresses before the coursezz Bring a Wi-Fi enabled device to join the ‘hack lab’ (e.g. laptop or tablet)
This one-day awareness course is for people who need a high-level understanding of hacking rather than practical know-how. It introduces the basic technical concepts behind the various stages of a hacking attack, as well as some common tools used by hackers and security professionals.
ETHICAL HACKINGHacking Insightfor Managers (HIM) ETH ICAL HAC KIN
G
HA
CK
ING
INSIGHT FOR MAN
AG
ER
S
AWARENESS-LEVEL COURSE
To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email [email protected]
“Excellent instruction; clear and concise
overview, perfect for non-specialists.”
HIM DelegatePA Consulting Group
PA & 7Safe Cyber Skills Training Prospectus 7
What will I learn?zz You will learn a series of attack methodologies and gain practical experience using a range of tools to undertake an infrastructure penetration test across a multi-OS environmentzz Once you are able to identify and exploit vulnerabilities in a safe manner, you will be introduced to a range of defensive countermeasures, allowing you to protect your network and respond to cyber threats
How will I benefit?This course in particular will give you:zz Valuable preparation and hands-on practice in preparation for the CREST Registered Penetration Tester (CRT) examinationzz Understanding of common infrastructure vulnerabilities and how to exploit or resolve them
What qualification will I receive?Upon successful completion of the exam, you will be awarded the Certified Security Testing Associate (CSTA) qualification, accredited by both CREST and the IISP.
Who should attend?If you are looking to improve your career prospects by starting or transitioning into a cyber security role e.g.zz Network engineerszz Systems administratorszz Systems architects or developers
CSTA prerequisites:Basic understanding of TCP/IP networking and comfortable with Windows and Linux command line.
CSTA is also a good source of information on TCP/IP networking, should you wish to refresh your knowledge.
This infrastructure ethical hacking course is our most popular core-level technical course for people from a wide variety of network related and security roles across all industry sectors looking to develop their own capability to support their organisation’s in-house cyber team.
ETHICAL HACKINGCertified Security Testing Associate (CSTA) •
CE
RT
IFIE
DS E C U R I T Y T E S T I N
GA
SS
OC
IAT
E•
E TH ICAL HACKING
CORE-LEVEL COURSE
To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email [email protected]
“I found it all very interesting, the hardware
and software system was excellent, everything
worked as planned. The content was
extremely relevant to our organisation.”
CSTA Delegate SuperWebs Ltd
If you are a web developer looking for a secure coding course, please see our Certified Secure Coding for Software Developers (CSCSD). See page 12.
PA & 7Safe Cyber Skills Training Prospectus 8
What will I learn?zz You will be introduced to a range of defensive countermeasures to become more resistant to attackzz You will learn how to exploit these vulnerabilities to access data and functionality beyond your remit
How will I benefit?This course will give you:zz Valuable preparation for the CREST Registered Penetration Tester (CRT) examination and the knowledge required to join our CAST course (advanced web application security)zz The skills and understanding to progress to the next stage in your career as a security professional
What qualification will I receive?Upon successful completion of the exam, you will be awarded the Certified Security Testing Professional (CTSP) qualification.
Who should attend?Anyone with responsibility for, or an interest in, the security of web applications, including:zz System administratorszz Software developerszz Budding penetration testerszz Anyone subject to the requirements of the Payment Card Industry Data Security Standard (PCI DSS)
CSTP prerequisitesAn understanding of how a webpage is requested and delivered:zz Are you familiar with the high-level components involved, e.g. browsers, web servers, web applications and databases?zz What are HTTP and HTML? zz An understanding of databases and SQL would also be an advantage
This web application ethical hacking course is designed to give you the skills you need to ensure valuable data assets are effectively protected.
ETHICAL HACKINGCertified Security Testing Professional (CSTP) •
CE
RT
IFIE
DSE
CUR ITY TE ST ING
PROFE
SS
I ON
AL
•
E TH ICAL HACKING
CORE-LEVEL COURSE
To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email [email protected]
“The course content helped to reinforce my existing
knowledge and give real world examples and practical exercises for the key features of the content and syllabus.”
CSTP DelegateNewVoiceMedia Ltd
If you are a web developer looking for a secure coding course, please see our Certified Secure Coding for Software Developers (CSCSD). See page 12.
If you are planning to do both the CSTA and CWSA courses, we recommend you take CSTA first. See page 7.
PA & 7Safe Cyber Skills Training Prospectus 9
What will I learn?zz You will learn how hackers bypass wireless security, and gain an understanding of the principles of wireless cryptographyzz Once able to identify and exploit vulnerabilities, you will be introduced to a range of defensive countermeasures, allowing you to complete the final exercise of building a secure wireless network to protect information assets
How will I benefit?This course will give you:zz Valuable preparation for the CREST Registered Penetration Tester (CRT) examinationzz A thorough understanding of how hackers target wireless networks and how to protect wireless networks (and clients) from attack in the real world
What qualification will I receive?Upon successful completion ofthe exam, you will be awarded theCertified Wireless Security Analyst(CWSA) qualification.
Who should attend?Anyone with responsibility for, or an interest in, the security of wireless networks and Wi-Fi enabled devices, including:zz IT managerszz Systems/network administrators zz IT security professionalszz Forensic/network investigators
CWSA prerequisitesBasic understanding of TCP/IP networking:zz Are you familiar with the OSI model?zz Can you name a layer 2 and layer 3 protocol?zz Can you describe how a request reaches a web server through Ethernet, IP and TCP?
This two-day course is for people involved in a variety of wireless network-related roles. It is designed to give you the skills you need to develop a more secure infrastructure around critical data and applications, and defend systems from unauthorised wireless attacks.
ETHICAL HACKINGCertified Wireless Security Analyst (CWSA) ET
NG
• •CWSA
CER
TIF
IED
WIRELESS SECURITY
AN
ALY
ST
H ICAL HACKI
CORE-LEVEL COURSE
To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email [email protected]
“An essential course forthose designing and
configuring all aspectsof wireless networking.”
CWSA DelegateNew Vision Group Ltd
PA & 7Safe Cyber Skills Training Prospectus 10
What will I learn?zz You will be led through the current OWASP Mobile Top Ten, the most critical mobile application security risks that leave organisations and their customers’ data vulnerable to attackzz Once able to identify and exploit vulnerabilities in both iOS and Android platforms, you will be introduced to a range of defensive countermeasures, allowing you to develop applications that are more resistant to attack
How will I benefit?This course will give you:zz An understanding of whether the sensitive information stored on mobile devices is sufficiently protected and what the risk would be if the device fell into the hands of an attackerzz The ability to use a variety of tools and techniques, including static and run-time analysis, binary patching and reverse engineering, to improve mobile application security
What qualification will I receive?Upon successful completion of the exam, you will be awarded the Certified Mobile Security Tester (CMST) qualification.
Who should attend?Anyone looking to understand the fundamentals of mobile application security, including:zz App developerszz IT security officerszz Penetration testerszz Network and systems administrators
CMST prerequisitesA basic understanding of:zz How the iOS and Android platform and devices workzz HTTP protocolzz Programmingzz Windows and Linux command linezz Java and Objective-C languages
This three-day course is for people in a wide variety of mobile application-related roles. It introduces the fundamentals of mobile application security and gives you an understanding of whether the sensitive information stored on mobile devices is sufficiently protected.
ETHICAL HACKINGCertified Mobile Security Tester (CMST)
• C
ERT
IFIE
D MOBILE SECURITY TEST
ER
•
E T H I C A L H A C K I N
G
CMST
SPECIALIST-LEVEL COURSE
To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email [email protected]
“The whole course was excellent, I did not realise what a massive and interesting field security is. It has opened my eyes to what the hackers do to try and steal
sensitive data.” CMST Delegate
Z-Tech Control Systems Ltd
PA & 7Safe Cyber Skills Training Prospectus 11
What will I learn?zz You will be led through a range of state-of-the-art hacking tools and techniques to allow you to conduct a complete web application security assessmentzz Once able to identify and exploit vulnerabilities, you will learn a range of defensive counter measures, allowing you to develop applications that are more resistant to attack and provide a better protection for data assets
How will I benefit?This course will give you:zzAn industry recognised qualification zzEssential preparation for the CREST Certified Tester (application) exam zzSecurity vulnerability identification
and avoidance
What qualification will I receive?Upon successful completion ofthe exam, you will be awarded theCertified Application Security Tester(CAST) qualification.
Who should attend?People working in an application testing (security assessment/administration) or developer environment, includingexperienced:zz Penetration testerszz Application developerszz Security professionals
CAST prerequisiteszz Completion of the 7Safe CSTP course or equivalent knowledgezz Practical experience of backend web application technologies (ef HTML, Java Script, PHP, ASP, MSSQL, MySQL)zz Hands-on experience of modern hacking trends, tools and technologies would be an advantage
This specialist four-day web hacking course is for people in a wide range of application development and testing roles. It is designed to give you an in-depth knowledge of how to identify security vulnerabilities and an understanding of the real risk that these vulnerabilities pose by exploiting them.
ETHICAL HACKINGCertified ApplicationSecurity Tester (CAST) ETH ICAL HACKIN
G
•C
ER
TIF
IED
A
PPL IC AT IO N SECURITY
TE
ST
ER
•
SPECIALIST-LEVEL COURSE
To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email [email protected]
“Had a fantastic timeon the course, well
delivered, useful andeye opening to say the
least. Heading off totake the CREST exam
shortly! Thanks forall your help.”
CAST DelegateMarketingSource Ltd
PA & 7Safe Cyber Skills Training Prospectus 12
What will I learn?zz You will learn about the vulnerabilities that arise from insecure coding and the array of hacking techniques that many attackers use to disrupt the way an application’s programming/ business logic workzz You will find out how to take a ‘defence in depth’ approach and ensure you consider all the security issues that may arise while developing applicationszz You will gain an understanding of the most important principles in secure coding and apply your new knowledge with examples and exercises in Java
How will I benefit?With this course, you will:zz Have access to a purposebuilt controlled environment specifically created to demonstrate the main areas of vulnerability and the key mitigation strategieszz Get the chance to practise techniques to address common insecure coding practiceszz Build your skills and confidence in coding secure applications
What qualification will I receive?Upon successful completion of the exam, you will be awarded the Certified Secure Coding for Software Developers (CSCSD) qualification.
Who should attend?This course is for people who want to learn secure coding, including:zz Penetration testerszz Professional software developerszz Software architectszz Software security auditorszz Security managers
CSCSD prerequisitesA basic understanding of web application coding, preferably in Java.
This two-day course is for people who want to understand the technical controls used to prevent software vulnerabilities. It focuses on common insecure coding practices and examines how these can be addressed to make secure applications.
ETHICAL HACKINGCertified Secure Codingfor Software Developers (CSCSD)
SPECIALIST-LEVEL COURSE
To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email [email protected]
“The course was excellent and highly relevant to my work
as a web developer. A variety of topics were covered and I thought that a good level of
time was dedicated to the most prevalent and serious exploits.”
CSCSD DelegateFalck Safety Services
THE SKILLS YOU WILL LEARN zzThe core functions and differences
of the top three cloud providers zzExamples and practical
demonstrations of “attacks against the cloud”zzWeaknesses and common
misconfigurations of cloud services zzBest practices for securing cloud
environmentszzPractical enumeration of public
weaknesses
KEY BENEFITSThis course will enable you to: zzIdentify weaknesses in cloud
environmentszzHelp design more secure solutions zzPrevent unauthorised users gaining
access to public resourceszzGain the ability to identify weaknesses
before they become vulnerabilities
WHO SHOULD ATTENDAnyone with responsibility for, or an interest in, the security of cloud environments, including:zzCloud architectszzSystem administratorszzPenetration testers
PREREQUISITESAn understanding of how public cloud works and general web architecture:zzFamiliarity with general networking
and computing conceptszzCommand line and API usage and
conceptsAn understanding of virtualisation, technologies surrounding shared computing resources and remote access would also be beneficial.
WHAT QUALIFICATION WILL I RECEIVE?Those delegates successfully passing the exam at the end of the course will be awarded 7Safe’s Certified Cloud Security Analyst (CCSA) qualification.
Adoption of public cloud services is now more popular than ever. This course will help you understand the common weakness across the three most popular public cloud providers as well as arm you with the skills necessary to audit a cloud environment against industry recognised best practises. This course mixes practical examples of misconfiguration with both manual and automated audit techniques.
COURSE OUTLINE
ETHICAL HACKING Certified Cloud Security Analyst (CCSA)
CORE-LEVEL COURSE
To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email [email protected]
PA & 7Safe Cyber Skills Training Prospectus 13
“Very interesting content covering the top three public
cloud providers and underpinned by good practical examples across the spectrum. With
Public Cloud Security being such an important topic the course is
well worth attending” CCSA Delegate
DIGITAL FORENSICS COURSES AND CERTIFICATIONS OVERVIEW7Safe has successfully delivered its certified digital forensic training courses to numerous law enforcement and legal professionals as well as private corporations across all industry sectors. Our programme is aimed at forensic investigators, digital security practitioners and those with computer forensic experience wanting to develop skills further in order to conduct thorough, efficient and comprehensive investigations. Expert trainers and practical technical exercises will ensure you have the latest industry best practice knowledge and tools to conduct the most effective digital forensic investigations for your organisation.
PA & 7Safe Cyber Skills Training Prospectus 14
PA & 7Safe Cyber Skills Training Prospectus 15
What will I learn?zz You will be introduced to the legalities, best practice and current techniques used for data acquisition as part of forensic investigation, eDiscovery or other regulatory proceedingszz You will carry out forensic imaging in a number of environments, using different methods and softwarezz You will learn how to extract individual mailboxes from a live Microsoft Exchange email server, as well as live system memory and volatile data capture
How will I benefit?This course will give you:zz The skills you need to be competent in handling data during the initial stages of investigationzz The opportunity to practice identifying and collecting electronic evidence/data and build your confidencezz An industry-recognised qualification in data collection
What qualification will I receive?Upon successful completion of the exam, you will be awarded the Certified Data Collection Technician (CDaCT) qualification.
Who should attend?Anyone responsible for the process of data acquisition, including: zz Law enforcement officers and agentszz Network administratorszz IT security officerszz Civil litigation lawyers/legal councilzz Litigation support managerszz eDiscovery consultants
CDaCT prerequisitesA general appreciation of information technology and computer forensic principles/methods is desirable,but not essential.
This is a fundamentals-level course for people who have to handle or advise on electronic evidence/data on a regular basis and provides them with the skills to ensure that forensic and evidential integrity is retained when data is transferred or copied.
DIGITAL FORENSICSCertified Data Collection Technician (CDaCT) DIGITAL FORENSICS
FUNDAMENTALS-LEVEL COURSE
To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email [email protected]
“Steve Shepherd MBE has a great personality
for teaching and has the ability to make the course fun and interesting. I have
thoroughly enjoyed the course and will be sending
my team on it.” CDaCT Delegate
City Docs Ltd
PA & 7Safe Cyber Skills Training Prospectus 16
What will I learn?zz You will learn the principles and guidelines for static computer forensic investigations; the fundamentals of the complete forensic investigation process; how to preserve evidence and the methodology for conducting a forensic investigationzz You will use practical, hands-on exercises to help you understand how data is stored on electronic media, how to work with key forensic investigation tools and how to identify Windows-based OS forensic artefacts
How will I benefit?The course will give you:zz An understanding of each stage of a forensic investigation, from evidence seizure through to data investigation and interpretation, to report and presentation of findingszz The skills to allow you to undertake the forensic acquisition of an electronic devicezz Confidence in working with key forensic investigation products
zz An industry-recognised qualification in forensic investigation and ideal preparation for the 7Safe CFIS advanced course
What qualification will I receive?Upon successful completion of the exam, you will be awarded the Certified Forensic Investigation Practitioner (CFIP) qualification.
Who should attend?Anyone who is or wants to be responsible for computer forensic investigations, including:zz Cyber forensic and network investigatorszz IT security officerszz Law enforcement officials
CFIP prerequisitesExperience with MicrosoftWindows OS and, ideally, a generalappreciation of forensic principles,practices and software.
This core-level technical course is designed for people looking to develop their computer forensics investigation skills, either for a career in digital investigations or as part of their current cyber role.
DIGITAL FORENSICSCertified Forensic Investigation Practitioner (CFIP)
CER
TIFI
ED F
ORE
NSIC INVESTIGATION PRACTITIO
NER
D IG ITA L F O R E NS IC
S
• • CFIP
CORE-LEVEL COURSE
To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email [email protected]
“Excellent course with very knowledgeable
tutor, highly recommended.”
CFIP DelegateStaffordshire University
PA & 7Safe Cyber Skills Training Prospectus 17
What will I learn?zz You will learn how to identify, analyse and interpret malicious software and associated forensic artefacts, including trojan horses, viruses and wormszz You will practice malware investigations from mounted, booted and network perspectives, and undertake real-world exercises, including the conversion of E01 forensic images to bootable virtual machine disks
How will I benefit?The course will give you:zz The skills to analyse and interpret malicious software, and investigate network activity initiated by malicious software infectionzz An understanding of how to simplify complex evidence, and collate and report resultszz An industry-recognised qualification in malware investigation
What qualification will I receive?Upon successful completion of the exam, you will be awarded the Certified Malware Investigator (CMI) qualification.
Who should attend?Digital forensic analysts, law enforcement officers, cyber incident investigators and system administrators looking to develop their skills in malware identification and analysis.
CMI prerequisitesCompletion of the 7Safe CFIP course is highly recommended. Otherwise you will need:zz Knowledge of the principles surrounding forensic investigation and an understanding of the preliminary forensic investigation case considerationszz Sound experience with the Microsoft Windows operating systemszz An understanding of how a web page is requested and deliveredzz Ideally an understanding of Command Line Interface (CLI) and TCP/IP networking concepts
This is a core-level technical course for people looking to extend their digital forensic knowledge beyond conventional device analysis. It will help you protect your IT environment by showing you how to conduct malware analysis, from first principles all the way to investigating network activity stemming from malicious software infection that your AV software has failed to detect.
DIGITAL FORENSICSCertified Malware Investigator (CMI)
CE
RT
I FI E
D
M A LWA R E I N V E S TI G
AT
OR
D IG ITA L F O R E NS ICS
• • CMI
•
• CMI
CORE-LEVEL COURSE
To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email [email protected]
“Instructor was interesting and engaging.
Obviously knew the subject well. I thoroughly
enjoyed the course.” CMI Delegate
Assured SecurityControl Ltd
PA & 7Safe Cyber Skills Training Prospectus 18
How will I benefit?This course will give you:zz The skills to be competent in identifying, securing, collecting and handling data during the initial stages of an investigationzz The opportunity to practice identifying and collecting electronic evidencezz Learn methodologies that will enable you to comply with International Standards for the identification, collection, acquisition and preservation of digital evidence as described in ISO 27037
zz Delegates will acquire data from different environments in numerous practical exercises to reinforce understanding and techniquezz Develop skills and an understanding of policies and practices required to withstand third party scrutinyzz Gain confidence in forensic imaging and copying data from a number of different environmentszz An industry-recognised qualification in data collection
This is a core-level course designed for corporate investigators who are required to identify, secure or recover electronic evidence. It has been developed for investigators based in both the private and public sectors, to ensure that the forensic and evidential integrity is controlled and accounted for during the data recovery process.
DIGITAL FORENSICSCertified Corporate Digital Investigator (CCDI)
CORE-LEVEL COURSE
To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email [email protected]
PA & 7Safe Cyber Skills Training Prospectus 19
What will I learn?zz You will learn how to collect volatile data from a live Mac system and explore different approaches to imaging and decryptingzz You will gain an understanding of the new APFS file system, as well as practical knowledge of Apple partitioning schemes and the HFS+ file system
How will I benefit?This course will give you the opportunity to:zz Learn effective techniques for the identification and interpretation of forensic artefacts on Apple systemszz Improve your ability to respond effectively to a wider range of forensic incidents
What qualification will I receive?Upon successful completion of the exam, you will be awarded the Certified Mac Forensics Specialist (CMFS) qualification.
Who should attend?Forensic practitioners, systems administrators and cyber investigators who want to extend their experience with Window-based systems to the Mac environment.
CMFS prerequisitesCompletion of the 7Safe CFIP course is highly recommended.Otherwise you will need:zz Knowledge of the principles and guidelines surrounding forensic investigationzz Basic knowledge of data structures, e.g. binary and hexadecimal
This specialist-level course is for experienced forensic investigators whose role requires them to capture, examine and interpret data from Mac systems.
DIGITAL FORENSICSCertified Mac Forensics Specialist (CMFS)
CE
RT
I FI E
D
MAC F O R E N S I C S S P EC
I AL
IST
D IG ITAL FO RENSICS
• • CMFS
SPECIALIST-LEVEL COURSE
To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email [email protected]
“An excellent course which gave a thorough overview of Mac Forensics, the HFS+ file system
and important artefacts and their locations on the file system. The exercises supported the theory well and helped build on the course content. As a non-Mac user, I now feel a lot more confident
working with Macs, not just for forensic analysis, but generally.”
CMFS DelegateThe Babraham Institute
PA & 7Safe Cyber Skills Training Prospectus 20
What will I learn?zz You will develop a core understanding of the file system data structures and key files in Linux-based systems so that you can be confident of capturing potential digital evidencezz You will practice using both Linux GUI and command line environments, and learn how to use Linux for forensic imagingzz You will capture RAM and basic volatile data from a live Linux system, and use forensic software to create an image of a Linux system
How will I benefit?On this course, you will:zz Understand the data structures associated with the ‘ext’ file systemszz Learn effective techniques to identify and collect data from a Linux environmentzz Develop confidence when faced with a Linux systemzz Improve your ability to respond effectively to a wider range of forensic incidents
What qualification will I receive?Upon successful completion of the exam, you will be awarded the Certified Linux Forensic Practitioner (CLFP) qualification.
Who should attend?Forensic practitioners, systems administrators and cyber investigators who want to extend their experience from Window-based systems to the Linux environment.
CLFP prerequisitesCompletion of the 7Safe CFIP course is highly recommended. Alternatively you will need an understanding of digital forensic principles and practices. No Linux experience is necessary.
This specialist-level course is for experienced forensic investigators who want to acquire the knowledge and skills to navigate, identify, capture and examine data from Linux-based systems.
DIGITAL FORENSICSCertified Linux Forensic Practitioner (CLFP)
CER
TIFI
ED LI
NUX FORENSIC PRACTITION
ER
DIGITAL FORENSICS
SPECIALIST-LEVEL COURSE
To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email [email protected]
“Very good course, well paced and provided a
good understanding of the Linux platform and
analysis.” CLFP Delegate
Huron Consulting
PA & 7Safe Cyber Skills Training Prospectus 21
What will I learn?zz You will learn to capture volatile and stored data from a system in a ‘live’ and ‘booted’ state and from remote and virtualised systems, and to capture mailboxes from a Microsoft Exchange Server and webmail accountszz You will practice your new skills using a realistic data/IP theft scenario employing a range of forensic tools, scripts and techniques. You will identify data from the Windows domain controller, network file shares and FTP logs before moving to more conventional analysis of a forensic image of a workstation
How will I benefit?This course will enable you to:zz Develop your forensic investigation skills to an advanced levelzz Practise new techniques suitable for evidence identification, capture and analysis in a ‘live’ environmentzz Acquire an industry-recognised qualification to support your career progress
What qualification will I receive?Upon successful completion of the exam, you will be awarded the Certified Forensic Investigation Specialist (CFIS) qualification.
Who should attend?Experienced forensic investigators and digital security practitioners who have computer forensic experience who want to dig deeper and develop their skills. This course is a natural progression from the 7Safe CFIP course.
CFIS prerequisiteszz Knowledge of the principles and general guidelines surrounding forensic investigationszz Experience of carrying out forensic investigationszz Attendance of a basic computer forensic course, e.g. 7Safe’s CFIP course
This specialist-level course is for professionals whose role requires them to capture and analyse data from ‘live’ systems.It introduces the latest guidelines and artefacts on current Windows operating systems, and teaches essential skills for conducting an efficient and comprehensive investigation.
DIGITAL FORENSICSCertified ForensicInvestigation Specialist (CFIS)
CER
TIF
IED
FO
RENSIC INVESTIGATION
SPECIA
LIST
D IG ITAL F O RE NSIC
S
•
• CFIS
#>ssh_
SPECIALIST-LEVEL COURSE
To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email [email protected]
“The course was brilliant. I really enjoyed it. It helped me to improve and develop my knowledge. I look
forward to using the skills I have gained at work.”
CFIS DelegateComputer Sciences Corporation
PA & 7Safe Cyber Skills Training Prospectus 22
What will I learn?zz You will learn and practice the critical skills needed to identify the correct forensic artefacts in a live network environment during or after a cyber event, and how to preserve and collect that datazz You will practice how to correctly acquire and handle dynamic data so that you do not inadvertently alter or destroy vital clues that could result in your investigation failing or the resultant evidence being inadmissible in court
How will I benefit?This course will enable you to:zz Learn a number of methodologies for undertaking a sound cyber investigationzz Acquire and practice new techniques to extract relevant data from a live networked environmentzz Gain confidence when identifying and capturing live operating system artefactszz Improve your ability to respond effectively to a cyber event
What qualification will I receive?Upon successful completion of the exam, you will be awarded the Certified Cyber Investigator (CCI) qualification.
Who should attend?Experienced forensic investigators and cyber security practitioners who already have a good knowledge of forensic investigation and want to extend their skills.
CCI prerequisitesYou will need a good understanding and experience of:zz The forensic investigation process zz Windows and Linux operating systemszz Command line interfacezz Computer networks
We strongly recommend completionof the 7Safe CFIP and CLFP coursesas a minimum before attending thiscourse.
This specialist-level course is for professionals who are looking to develop and improve their ability to respond effectively to a cyber event. It helps you develop the skills needed to isolate, investigate and extract evidence from a live networked environment during or after a cyber incident.
DIGITAL FORENSICSCertified Cyber Investigator (CCI)
SPECIALIST-LEVEL COURSE
To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email [email protected]
“This was the most useful networking investigation course I have been on in recent years. I came away with a substantial increase in my knowledge along
with some very useful documentation. If you’re going to do one networking investigation course
year, make it this one.”CCI Delegate
Regional Cyber Crime Unit
PA & 7Safe Cyber Skills Training Prospectus 23
INFORMATIONSECURITY TRAININGCOURSES ANDCERTIFICATIONSOVERVIEW7Safe’s information security courses are focused towards anyone with responsibility for, or with an interest in, protecting an organisation’s IT systems & data, including those employed in IT, Business, Financial and HR Management. The courses last between one and three days and provide a high-level understanding of the techniques and current trends used in hacking or the steps involved in planning, implementing and maintaining ISO 27001 or Payment Card Industry Data Security Standard (PCI DSS).
PA & 7Safe Cyber Skills Training Prospectus 24
What will I learn?zz You will gain an understanding of the key steps involved in planning, implementing and maintaining an ISO 27001-compliant information security management system (ISMS)zz You will learn what an ISMS is and how to define information security policies for your organisationzz You will gain the skills needed to identify information assets and undertake a risk assessment, and will acquire effective techniques for managing risk
How will I benefit?With this course, you will:zz Gain an in-depth understanding of information security and how it applies to your organisationzz Learn how to define information assets in a way that’s suitable for your organisation and how to undertake a risk assessmentzz Gain confidence that certification is within reach and obtain guidance on applying for certification
What qualification will I receive?Upon successful completion of the exam, you will be awarded the Certified ISO 27001 Implementation Practitioner (CIIP) qualification.
Who should attend?Anyone with responsibility for, or with an interest in, information security, including:zzPeople employed in IT, financial and
HR managementzzComputer auditorszzIT security officerszzInformation security professionals
CIIP prerequisitesThis course is suitable for non-technical staff and no prior knowledge is required.
This three-day practical ISO 27001 training course is for people who want to understand the component parts of the ISO Standard with a view to setting up an implementation project. You will learn how to define and risk-assess your organisation’s information assets, and prepare for the essential requirements needed to obtain ISO 27001 certification.
INFORMATION SECURITYCertified ISO 27001 Implementation Practitioner (CIIP)
•C
ERTI
FIED
ISO
27001
IMPLEMENTATION PRACTITION
ER • C I IP
DIG ITA L S E C U RITY
FUNDAMENTALS-LEVEL COURSE
To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email [email protected]
“Solid coverage of the standard, referenced well to the point of
applicability and usability.” CIIP Delegate
Bluefish Communications
PA & 7Safe Cyber Skills Training Prospectus 25
What will I learn?zz You will gain a clear understanding of the PCI DSS and how to apply your knowledge when assisting with PCI DSS assessmentszz You will learn how the Standard developed, its benefits and who it applies tozz You will find out about the key requirements of the Standard and how to become compliant
How will I benefit?With this course, you will:zz Gain an appreciation of the controls necessary for your organisation to be able to continue dealing with cardholder datazz Learn the key principles and requirements of the Standardzz Develop an understanding of the route to compliance (self-assessment and audit)zz Be in a position to prepare an implementation plan for your organisation, improving your chances of a successful audit
Who should attend?This course is for:zz Anybody accepting credit card payments, including:zz Merchantszz Third-party service providerszz Acquirers
zz Anybody processing, storing or transmitting credit card datazz Finance, internal audit, IT, sales department staff
PCI DSS prerequisitesThis course is suitable for non-technical staff and no prior knowledge is required.
This one-day awareness training course is for people who want to learn how the Payment Card Industry Data Security Standard (PCI DSS) is implemented. It covers the importance of the Standard to all organisations processing, storing or transmitting credit card information.
INFORMATION SECURITYPayment Card Industry Data SecurityStandard (PCI DSS) Implementation
PAYM
ENT
CAR
D INDUSTRY DATA SECURITY STA
ND
AR
D
I M P L E M E N T A T I O N
• •
0000 0000 0000 0000PCI DSS
AWARENESS-LEVEL COURSE
To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email [email protected]
INCIDENT RESPONSE& SOC TRAININGThese 7Safe-designed training courses are for professionals who are looking to develop or improve their knowledge and ability in the fields of Cyber Security Incident Response (CSIR) and SOC environments, reinforcing through practice new information and methodologies.
7Safe’s CSIR courses are aligned with the CREST Intrusion Analysis and Incident Response Syllabus, which identifies at a high-level the technical skills and knowledge that CREST expects candidates to possess for the Certification examinations in the area of Intrusion Analysis.
PA & 7Safe Cyber Skills Training Prospectus 26
PA & 7Safe Cyber Skills Training Prospectus 27
Course OverviewAssuming a basic knowledge and understanding of your organisation’s incident response plan, this course is ideally suited to those responsible for decision making, management planning or responding to a cyber event involving an attack or breach of a computer network. The course will detail how effective the response plan is with regard to a real-world attack or data breach
How will I benefit?This course will give you:zz An understanding of the importance of an effective incident response planzz The ability to appreciate and evaluate risks to your organisations data based on your incident response planzz An understanding of the principles of preparing and responding to a cyber event
What will I learn?zz You will understand the importance of cyber security frameworks zz You will gain insight why an effective and robust incident response plan is necessary in today’s interconnected world
zz You will find out how organisations become exposed to certain attacks or breaches and what can be done to mitigate thiszz You will learn about employee security lapses and the importance of education programmeszz You will have the chance of stopping a ransomware attack and understand some of the methods such malware uses to obfuscate and prevent removal
Who should attend?zz Anyone involved in any management aspect of preparing for or managing a cyber security event
For a course with more hands-on technical content, delegates should consider 7safe’s CSIR course.
Course prerequisites:zz No CSIR technical knowledge is needed but an understanding of the requirements for information security is essentialzz We recommend you refresh your knowledge and understanding of your organisations incident response plan
This awareness-level course is for those individuals involved in the decision making process or management of a cyber event involving an attack or data breach of a computer network. This course will introduce the concepts and stages to be considered during the planning and response phases to a cyber event.
INCIDENT RESPONSECyber Security Incident Response for Managers (CSIRM) CSIRMC
YB
ER S
ECU
RIT
Y INCIDENT RESPONSE FO
R M
AN
AG
ERS
INC ID E N T R E S P O NSE
AWARENESS-LEVEL COURSE
To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email [email protected]
PA & 7Safe Cyber Skills Training Prospectus 28
Course overviewThis five-day course will enable you to understand how a SOC functions and provide you with the fundamental knowledge and understanding required for employment within a SOC. You will spend a good portion of the course is practicing and honing key skills and methodologies which replicate real-life security threat scenarios faced by SOC’s today.
The skills you will learnYou will learn and practice core level and advanced skills to be an effective SOC analyst or team member.
Upon completion of the course you will have learnt:zz The threats and risks to a business networkzz Gain a better understanding of threat intelligence using OSINTzz How malicious software can compromise a systemzz Using SIEM tools to collate and analyse data of interestzz Fundamental and in-depth logging Analytical techniques
Key benefitsThis course will enable you to gain confidence within a SOC environment by reinforcing or learning new information and methodologies.
Who should attend?This course was specifically designed for individuals who intend to be or have recently joined as a SOC analyst or team member or to recognise those more seasoned individuals employed within the SOC.
SyllabusThroughout the course your time will be split between being taught the methods and principles of working within a SOC and applying these in practical, hands-on exercises based on real-life scenarios.
PrerequisitesYou will need a basic understanding of IT infrastructure.
What qualification will I receive?Upon successful completion you will be awarded the Certified Security Operations Centre Analyst (CSOCA) qualification
This fundamentals-level course provides the basic skills and knowledge for individuals who are looking to be or are currently employed within a private or public sector Security Operations Centre (SOC).
INCIDENT RESPONSECertified Security Operations Centre Analyst (CSOCA)
FUNDAMENTALS-LEVEL COURSE
To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email [email protected]
PA & 7Safe Cyber Skills Training Prospectus 29
Course overviewThis five-day course follows the CREST incident response model and focuses on the knowledge and key skills required to effectively respond to a cyber incident.
The skills you will learnYou will learn and practice core level and advanced CSIR skills, including:zz Advanced use of PowerShell and exploitation of WMIzz Writing of bespoke PowerShell scripts and parserszz Identification of suspect processes zz Advanced detection and analysis of injected processeszz Identification and analysis of infected documents (MS Office & PDF) Infection vector analysiszz Rebuilding network trafficzz Breakdown and examination of log files
Key benefitsThis course will enable you to learn new methodologies for responding to CSIR events and practice both core and advanced techniques. You will also gain confidence and improve your CSIR skills for when responding to a cyber event.
Who should attend?This is an intensive training course designed for CSIR practitioners and cyber security practitioners involved in the discipline or forensic practitioners who wish to extend their knowledge and skills in this unique field. These include:zz Cyber security incident response team memberszz System/network administrators/ engineerszz IT security personnel/security officers Forensic practitionerszz Law enforcement officers & agents
PrerequisitesYou will need an understanding or experience of:zz The CSIR processzz Forensic investigations zz Windows operating system zz CLI
We strongly recommend completion of the 7Safe CFIP and CMI courses or similar as a minimum before attending this course.
This specialist-level course is for technical professionals who are looking to develop or improve their knowledge or ability in the Cyber Security Incident Response (CSIR) field.
INCIDENT RESPONSECyber Security Incident Response (CSIR)
SPECIALIST-LEVEL COURSE
To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email [email protected]
PA & 7Safe Cyber Skills Training Prospectus 30
What will I learn?You will learn and practice the skills and understanding needed to conduct a thorough threat hunt within a live enterprise environment.
Upon completion of the course you will have learnt:zz How to correlate and analyse data to successfully identify active and passive threats already existing within a networkzz How to effectively conduct and automate data collection from remote locations using built-in and third party tools so that vital clues and potential threats will not be missed
How will I benefit?This course will give you:zz The skills to undertake your own threat hunts and develop your methodologieszz The ability to understand and correlate separate artefacts into larger patterns to better identify potential threats
What qualification will I receive?Upon successful completion of the exam, you will be awarded the Certified Cyber Threat Hunter qualification.
Who should attend?Experienced cyber security incident responders, SOC and security analysts and penetration testers looking to enhance their skillsets or better understand the footprints their activities may leave behind.
Course prerequisites:This is not a beginner’s course. Delegates wishing to attend should have a good working knowledge of the incident response process, requirements and technical methods used. Fundamentals of penetration testing and attack techniques, basic understanding of network nodes, traffic and host-based artefacts are also a prerequisite.
This is a specialist-level course is for those security professionals involved in penetration testing, incident response, security analysis looking to develop in their role and others wishing to enhance their proactive skills in detecting and mitigating threats.
INCIDENT RESPONSECertified Cyber Threat Hunter (CCTH) CCTH
CE
RT
I FI E
D
C Y B E R T H R E ATH
UN
TE
R
I N
CI D E N T R E S P O
N
SE
SPECIALIST-LEVEL COURSE
To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email [email protected]
PA & 7Safe Cyber Skills Training Prospectus 31
What will I learn?zz You will acquire a thorough and practical knowledge of the very latest computer forensics and security principles, practices, tools and techniques. The key modules covered are: network security and ethical hacking, wireless security, forensic investigations, malware investigations and implementing ISO 27001zz You will gain an understanding of the main academic, professional and research concerns of computer security and forensics through a research-led module that will help prepare you for your MSc project/dissertation
How will I benefit?This course will provide you with:zz The latest tools, techniques and knowledge in one of the most exciting areas of modern computingzz Expert staff with extensive experience in the field of forensics and securityzz Excellent career prospects in a rapidly expanding industry
What qualification will I receive?The MSc course consists of seven 7Safe training courses (CSTA, CSTP, CWSA, CFIP, CMI, CFIS and CIIP), eight University modules and an MSc project/dissertation. Upon successful completion of the MSc, you will therefore have sevenindustry-recognised professional certificates as well as the MSc qualification.
Who is this course for?Anyone ambitious to build a career in information security by completing a part-time or full-time post-graduate course. When taking the course as a part-time pathway you should expect to study for a minimum of two to three years, and must be completed within six years.
MSc prerequisitesAfter successfully completing one or more 7Safe courses, the MSC is the most practical and natural progression to further your cyber knowledge and career development.
This programme, delivered in partnership with De Montfort University (DMU), is for people who want to gain a postgraduate-level qualification in information security. This qualification is based on 7Safe’s technical hands-on training courses, combined with academic modules delivered by the University.
Cyber Technology MSc
SPECIALIST-LEVEL COURSE
To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email [email protected]
PA & 7Safe Cyber Skills Training Prospectus 32
NOTES
www.7safe.com
7Safe, Global Innovation and Technology Centre Melbourn, Herts, SG8 6DP United Kingdom
tel: +44(0) 1763 285 285 [email protected]