Toggle navigation
Powered by
VISTA InfoSec
ISM Course
Information Security Management
Foundation Course ISM
Intermediate Course ISM
Master Training Program ISM
Corporate
Training
About
Login
Where companies
choose to learn
Foundational Course
Basics of Networking Technologies
Basics of Networking Technologies
Network Theory
Network Media and Hardware
Network Implementations
Networking Models
TCP/IP Addressing and Data Delivery
TCP/IP Services
LAN Infrastructure
WAN Infrastructure
Remote Networking
System Security
Network Security
Network Security Threats and Attacks
Basics of Security technologies
Basics of Security technologies
Security Fundamentals
Identifying Security Threats and Vulnerabilitiessss
Managing Data, Application, and Host Security
Network Security
Implementing Access Control, Authentication, and Account Management
Introduction to the Cloud
Introduction to the Cloud
Introduction to Cloud Computing
Business Value of Cloud Computing
Technical Perspectives of Cloud Computing
Intermediate Course
ISO27001 – Deep Dive
ISO27001 – Deep Dive
Introduction to ISO27001
Risk Management
Implementing ISO27001
Conducting internal audits
Business Continuity with ISO22301
Business Continuity with ISO22301
Introduction
Implementing ISO22301
PCI DSS
PCI DSS
Master Program
CISSP Preparatory
Security and Risk Management
Asset Security
Security Engineering
Communications & Network Security
Identity & Access Management
Security Assessment & Testing
Security Operations
Security in the Software Development Life Cycle
CISA
The Process of Auditing Information Systems
IT Governance and Management
Information Systems Acquisition, Development, and Implementation
Information Systems Operations, Maintenance, and Support
Protection of Information Assets
HIPAA Fundamentals
HIPAA Basics
HIPAA’s Administrative Simplification Title
HIPAA Penalties
HIPAA-Related Organizations
HIPAA Terminology and Definitions Covered Entity
Local and International Infosec Regulations
Local and International Infosec Regulations
×
Basics of Networking Technologies
Network Theory
Network Media and Hardware
Network Categories
Standard Network Models
Physical Network Topologies
Logical Network Topologies
Network Media and Hardware
Bounded Network Media
Unbounded Network Media
Noise Control
Network Connectivity Devices
Network Implementations
Ethernet Networks
Wireless Networks
Networking Models
The OSI Model
The TCP/IP Model
TCP/IP Addressing and Data Delivery
The TCP/IP Protocol Suite
IP Addressing
Default IP Addressing Schemes
Create Custom IP Addressing Schemes
Implement IPv6 Addresses
Delivery Techniques
TCP/IP Services
Assign IP Addresses
Domain Naming Services
TCP/IP Commands
Common TCP/IP Protocols
TCP/IP Interoperability Services
LAN Infrastructure
Switching
Static Routing
Dynamic IP Routing
Virtual LANs
WAN Infrastructure
WAN Transmission Technologies
WAN Connectivity Methods
Voice over Data Transmission
Remote Networking
Remote Network Architectures
Remote Access Networking Implementations
Virtual Private Networking
VPN Protocols
System Security
Computer Security Basics
System Security Tools
Authentication Methods
Encryption Methods
Network Security
Network Perimeter Security
Intrusion Detection and Prevention
Protect Network Traffic Using IPSec
Network Security Threats and Attacks
Network-Based Security Threats and Attacks
Apply Threat Mitigation Techniques
Educate Users
×
Basics of Security technologies
Security Fundamentals
Information Security Cycle
Information Security Controls
Authentication Methods
Cryptography Fundamentals
Security Policy Fundamentals
Identifying Security Threats and Vulnerabilities
Social Engineering
Malware
Physical Threats and Vulnerabilities
Software-Based Threats
Network-Based Threats
Wireless Threats and Vulnerabilities
Physical Threats and Vulnerabilities
Managing Data, Application, and Host Security
Manage Data Security
Manage Application Security
Manage Device and Host Security
Manage Mobile Security
Network Security
Security Parameters on Network Devices and Technologies
Network Design Elements and Components
Networking Protocols and Services
Apply Secure Network Administration Principles
Secure Wireless Traffic
Implementing Access Control, Authentication, and Account Management
Access Control and Authentication Services
Implement Account Management Security Controls
×
Introduction to the Cloud
Introduction to Cloud Computing
Overview of Cloud Computing
Evolution of the Cloud
Specialized Cloud Services
Business Value of Cloud Computing
Business Need for Cloud Computing
Cloud Scalability
Cloud Security
Impact of Cloud Computing on Business
Technical Perspectives of Cloud Computing
The Cloud Deployment Models
Network Requirements for Cloud Deployment
Automation and Self-Service in Cloud Computing
×
ISO27001 – Deep Dive
Introduction to ISO27001
An overview of available standards and management system documentation.
The benefits of ISMS certification.
An overview of ISO 27001 and its application.
Key elements of ISMS implementation project planning.
The core elements of the ISMS.
The key steps of an ISO 27001 risk assessment.
An overview of the ISO 27001 Annex A controls.
Risk Management
The role and importance of risk management in an organisation.
Why risk management is the core competence of information security management.
Full details of the ISO 27005 information risk management standard and an understanding of key risk management terminology.
How ISO 27005 is related to the ISO 31000:2009 risk management standard.
How to use risk management to achieve certification and maintain compliance with the ISO 27001 information security management standard.
‘Hands-on’ practical experience in carrying out an effective risk management programme as defined by ISO/IEC 27005:2011.
The key information security risk management processes, including context establishment, risk assessment, risk treatment and monitoring/review.
The competence to advise third-party organisations on information security risk management.
Implementing ISO27001
The benefits of, and key issues when selecting, a risk assessment tool.
How to carry out an information security risk assessment – the core competence of information security management.
The Statement of Applicability (SoA), and justifications for inclusions and exclusions.
Reviewing your existing controls and mapping controls to Annex A of ISO 27001.
The importance of an effective communication strategy.
Writing policies and producing other critical documentation.
The importance of staff and general awareness training.
The key elements of management review.
How to manage and drive continual improvement under ISO 27001.
How to prepare for your ISO 27001 certification audit.
Important information to ensure that you pass the audit first time.
Conducting internal audits
The terms and definitions used in ISO 27001.
The purpose of and relationship between ISO 27001 and ISO 27002.
The application of ISO 19011/ISO 27007 audit processes to auditing an ISO 27001 ISMS.
Plan, conduct, report and follow-up an ISMS internal audit.
Identify and write evidence-based nonconformities of intent, implementation and effectiveness.
×
Business Continuity with ISO22301
Introduction
The Basics - Drivers for ISO 22301 and Standards - What they are and why they are important.
Overview of ISO 22301.
Certification.
Business Continuity Management System Processes and Policy.
Management Commitment.
Implementing ISO 22301- Scoping, planning, communication and Support and documentation.
Business Impact Analysis and Risk Assessment.
Incident Management, BC Management and Recovery.
Exercising and Continual Improvement.
Implementing ISO22301
Define the role and structure of a business continuity policy.
Determine the scope, policy and objectives of the BCMS.
Deliver the ISO22301 project using organisational change management techniques.
Allocate roles and responsibilities in the ISO22301 implementation project.
Explain how to identify key products and services.
Explain how to carry out the business impact assessment and the risk assessment (the core competence of business continuity management).
Explain how to assess the impact of disruption.
Explain the importance of an effective incident response structure.
Explain the importance of an effective communication strategy.
Write policies and produce other critical documentation.
Explain the importance of staff and general awareness training.
Define the key elements of management review.
Manage and drive continual improvement.
Prepare the organisation for its initial ISO22301 certification audit, and surveillance visits.
Identify key issues in ensuring that the organisation passes the audit first time.
×
PCI DSS
PCI DSS
Principles of PCI DSS, PA-DSS, PCI PTS, and PCI P2PE Standards.
Understand how Payment transaction flow and the roles of Merchant, Acquirer, Brand and Bank.
Role played by Payment Brands.
SAQ overview – Understand what’s your fit.
Prioritised approach overview.
PA DSS overview – What is it and how to determine if your apps are covered in it.
Scoping the PCI DSS environment – How to cut down.
Identifying Cardholder Data in your environment.
Network Segmentation.
Scoping the PCI DSS environment – How to cut down.
Identifying Cardholder Data in your environment.
Network Segmentation.
PCI DSS control requirements.
Appropriate uses of compensating controls.
Working with third-parties and service providers.
Designing a secure Card Holder Environment.
Mobile, Tokenisation, Virtualisation and Cloud and their impact on Payment Security.
PCI in accordance with NPCI and RBI requirements.
Integrating PCI with ISO27001:2013.
One hour exam towards becoming a Certified PCI.
Compliance Specialist.
×
CISSP Preparatory
Security and Risk Management
Security Governance Principles
Compliance
Professional Ethics
Security Documentation
Risk Management
Threat Modeling
Business Continuity Plan Fundamentals
Acquisition Strategy and Practice
Personnel Security Policies
Security Awareness and Training
Asset Security
Asset Classification
Privacy Protection
Asset Retention
Data Security Controls
Secure Data Handling
Security Engineering
Security in the Engineering Lifecycle
System Component Security
Security Models
Controls and Countermeasures in Enterprise Security
Information System Security Capabilities
Design and Architecture Vulnerability Mitigation
Vulnerability Mitigation in Embedded, Mobile, and Web-Based Systems
Cryptography Concepts
Cryptography Techniques
Site and Facility Design for Physical Security
Physical Security Implementation in Sites and Facilities
Communications & Network Security
Network Protocol Security
Network Components Security
Communication Channel Security
Network Attack Mitigation
Identity & Access Management
Physical and Logical Access Control
Identification, Authentication, and Authorization
Identity as a Service
Authorization Mechanisms
Access Control Attack Mitigation
Security Assessment & Testing
System Security Control Testing
Software Security Control Testing
Security Process Data Collection
Audits
Security Operations
Security Operations Concepts
Physical Security
Personnel Security
Logging and Monitoring
Preventative Measures
Resource Provisioning and Protection
Patch and Vulnerability Management
Change Management
Incident Response
Investigations
Disaster Recovery Planning
Disaster Recovery Strategies
Disaster Recovery Implementation
Security in the Software Development Life Cycle
Security Principles in the System Lifecycle
Security Principles in the Software Development Lifecycle
Database Security in Software Development
Security Controls in the Development Environment
Software Security Effectiveness Assessment
×
CISA
The Process of Auditing Information Systems
ISACA Information Systems Auditing Standards and Guidelines
Fundamental Business Processes
Develop and Implement an Information Systems Audit Strategy
Plan an Audit
Conduct an Audit
The Evidence Life Cycle
Communicate Issues, Risks, and Audit Results
Support the Implementation of Risk Management and Control Practices
IT Governance and Management
Evaluate the Effectiveness of IT Governance
Evaluate the IT Organizational Structure and HR Management
Evaluate the IT Strategy and Direction
Evaluate IT Policies, Standards, and Procedures
Evaluate the Effectiveness of Quality Management Systems
Evaluate IT Management and Monitoring of Controls
IT Resource Investment, Use, and Allocation Practices
Evaluate IT Contracting Strategies and Policies
Evaluate Risk Management Practices
Performance Monitoring and Assurance Practices
Evaluate the Organizations Business Continuity Plan
Information Systems Acquisition, Development, and Implementation
Evaluate the Business Case for Change
Evaluate Project Management Frameworks and Governance Practices
Development Life Cycle Management
Perform Periodic Project Reviews
Evaluate Control Mechanisms for Systems
Evaluate Development and Testing Processes
Evaluate Implementation Readiness
Evaluate a System Migration
Perform a Post-Implementation System Review
Information Systems Operations, Maintenance, and Support
Perform Periodic System Reviews
Evaluate Service Level Management Practices
Evaluate Third-Party Management Practices
Evaluate Operations and End User Management Practices
Evaluate the Maintenance Process
Evaluate Data Administration Practices
Evaluate the Use of Capacity and Performance Monitoring Methods
Evaluate Change, Configuration, and Release Management Practices
Evaluate Problem and Incident Management Practices
Evaluate the Adequacy of Backup and Restore Provisions
Protection of Information Assets
Information Security Design
Encryption Basics
Evaluate the Functionality of the IT Infrastructure
Evaluate Network Infrastructure Security
Evaluate the Design, Implementation, and Monitoring of Logical Access Controls
Risks and Controls of Virtualization
Evaluate the Design, Implementation, and Monitoring of Data Classification Process
Evaluate the Design, Implementation, and Monitoring of Physical Access Controls
Evaluate the Design, Implementation, and Monitoring of Environmental Controls
×
HIPAA Fundamentals
HIPAA Basics
An overview of the Health Insurance Portability and Accountability Act of 1996 (all provisions).
HIPAA’s Administrative Simplification Title
•
Review of the provisions of the Administrative Simplification Title. This includes transaction and code set standards (administrative transactions), national identifiers, privacy requirements and security requirements.
HIPAA Penalties
Review of the HIPAA enforcement rule including informal and formal remedies, requirements of covered entities, the role of business associates as agents and enforcement bodies.
HIPAA-Related Organizations
Discussion of entities/organizations specifically designated as standard maintenance organizations and statutorily defined advisory bodies.
HIPAA Terminology and Definitions Covered Entity
Review of definitions included in the Administrative Simplification Title related rules (list not inclusive).
