Lifelong learning for working professionals
IT security for administrators

IT security for administrators

Course Summary

The training is continuously updated as new security threats are constantly emerging and during the course you will get a mindset and tools to avoid mistakes that someone else has already made and needed to correct!

Although the training is primarily aimed at those responsible for the data environment, we also recommend you in a decision-making role to participate and get an idea of what is required to avoid major costs later on!

This product is currently out of stock and unavailable.

Course Objective

That you as a course participant are generally educated in IT security. You have gained a basic understanding of the various security threats that exist and what you can do to protect yourself against them.

Target Audience

The course is aimed at technicians, IT managers and project managers, product owners and developers.

Prerequisites

No prior knowledge required.

Certification

This course has no certification.

Trainer

The trainer for this course is Picox.

Course Details

1. introduction

2. overview of IT security

  • Safety areas
  • Threats and protection
  • Common attacks and security issues
  • Risk analysis and measures
  • IT security, threat, ease of use and cost
  • Manipulating and intercepting data

3. malicious code

  • Viruses, worms and Trojans
  • Targeted attacks
  • Problems with antivirus software and firewalls
  • Rootkits
  • Backdoors
  • Buffer overflows
  • Denial of service attacks, DOS, DDOS
  • Botnets and zombie computers

4. Verify security

  • Intrusion detection
  • Automated safety analysis
  • Commonly used software

5. Vulnerabilities

  • Vulnerabilities and attacks
  • CAN, CVE, BID
  • Reference pages
  • Checklists and updates
  • IP restrictions

6. application security

  • Requirements for in-house developed or purchased applications
  • Common mistakes
  • Validation of data
  • Design problem
  • Password management
  • Web security
  • Guidelines for programmers
  • Communication with other systems
  • SQL injection
  • Code injection
  • Brute force attackers
  • Problems with client/server solutions

7. firewalls

  • Filtering, statefull vs stateless
  • Local firewalls
  • Proxy
  • Firewall topology
  • IP restrictions
  • Whitelist vs blacklists
  • VPN, Virtual Private Networks

8. cryptography

  • Asymmetric cryptography
  • Symmetric cryptography
  • HASH algorithms
  • RSA, DES, AES, MD5, SHA
  • Certificates and certificate management
  • CA, certificate authority
  • PKI, public key infrastructure

9. physical information security

  • Shell protection
  • Safety zones
  • Mechanical and electronic protection
  • Identification and access control

10. Policies and safety standards

  • Security classification of information
  • Different types of policies
  • IT security instructions to users
  • System security plan
  • Design, implementation and compliance (PDCA)
  • Targeted policies for users, clients
  • ISO27001/BS7799-1
  • ISO27002
  • CC, common criteria
  • Requirements for municipalities
  • Guidelines on information security
  • Document classification
  • Processing of personal data
  • Things to consider when procuring cloud services
  • Physical security
  • Organization
  • System safety analysis

11. From the attacker’s point of view

12. How to protect yourself

13. closing

Course Overview

3 days

Can’t find a (suitable) date, but are interested in the course? Send in an expression of interest and we will do what we can to find a suitable opportunity.

Register interest

Customized Courses

The course can be adapted from several perspectives:

  • Content and focus area
  • Extent and scope
  • Delivery approach

In interaction with the course leader, we ensure that the course meets your needs.

Contact us

Send an expression of interest for the training

Send an expression of interest for the training