Page 1

CYBER SECURITY SKILLS TRAINING PROSPECTUS

www.7safe.com


CYBER CONTENTS SECURITY SKILLS TRAINING PROSPECTUS “We look forward to partnering with you to combat the growing cyber threat across all industry sectors, through the delivery of the highest quality cyber security training.”  Richard Allen, Education Business Development Manager

03

Cyber Skills Training at 7Safe

04

7Safe Cyber Development Skills overview

05

ETHICAL HACKING COURSES

06

Hacking Insight for Managers (HIM)

07

Certified Security Testing Associate (CSTA)

08

Certified Security Testing Professional (CSTP)

09

Certified Wireless Security Analyst (CWSA)

10

Certified Mobile Security Tester (CMST)

11

Certified Application Security Tester (CAST)

12

Certified Secure Coding for Software Developers (CSCSD)

13

DIGITAL FORENSICS COURSES

14

Certified Data Collection Technician (CDaCT)

15

Certified Forensic Investigation Practitioner (CFIP)

16

Certified Malware Investigator (CMI)

17

Certified Corporate Digital Investigator (CCDI)

18

Certified Mac Forensics Specialist (CMFS)

19

Certified Linux Forensic Practitioner (CLFP)

20

Certified Forensic Investigation Specialist (CFIS)

21

Certified Cyber Investigator (CCI)

22

INFORMATION SECURITY TRAINING

23

Certified ISO 27001 Implementation Practitioner (CIIP)

24

Payment Card Industry Data Security Standard (PCI DSS) Implementation

25

INCIDENT RESPONSE & SOC COURSES

26

Cyber Security Incident Response for Managers (CSIRM)

27

Certified Security Operations Centre Analyst (CSOSA)

28

Cyber Security Incident Response (CSIR)

29

Certified Cyber Threat Hunter (CCTH)

30

MSC in Professional Practice in Digital Forensics and Security

PA & 7Safe Cyber Skills Training Prospectus 2


Cyber skills training at 7Safe Cyber Security and Digital Investigations are rapid growth areas within IT and the skills required are in demand.

7Safe training is intensive Our consultants coach individual delegates so that they leave with the confidence to do the job that they are training for. Our aim is to foster and develop skilled professionals capable of undertaking demanding work in the fields of penetration testing/ ethical hacking, cyber security incident response, cyber threat hunting, security code review, and digital forensic investigation.

7Safe training passports Discounted training with 7Safe’s Training Passports are the most economical way to get all the training that you or your team needs. Each Training Passport enables you to purchase a set number of training days – which can be used across our entire portfolio of courses – for a discounted rate compared to when booking the courses individually.

Cambridge Cyber Development Centre 7Safe courses are taught in several locations, including our flagship Cambridge Cyber Development Centre. Our trainers use purpose-built facilities to create the right environment in which to

provide structured hands-on training. Many of our delegates remark that our approach is different and advantageous because of the personal attention they receive in this unique educational setting.

On-site training: For groups of 8 people or more, we can design a tailormade package to meet your cyber skills requirements delivered on your site. For more details, see www.7safe. com/enterprise-training

Accredited training partners 7Safe Accredited Training Partners (ATP) based in USA, Ireland and Cyprus, offer access to our market leading cyber training programmes outside the UK.

Our training locations 7Safe offers you a wide choice of venues designed to suit your needs and budget, starting with our flagship training centre close to the vibrant City of Cambridge. The opportunity to perform ‘hands-on’ hacking and forensic work using the latest equipment is one PA & 7Safe Cyber Skills Training Prospectus 3


feature of our Cyber Training Programme; others are: zzUp-to-date technology and training rooms zzFree lunch and coffees throughout your course zzAir-conditioned training rooms in well-lit, spacious surroundings zzFree on-site car parking with no restrictions for private car users zzNear to major road network (M11/A10/A505) and train stations zzOnly 36 minutes by train from central London*

7safe’s relationship to PA Consulting PA Consulting Group specialises in management consulting, technology and innovation. We have clients in both the private and public sector including higher education. We’re a firm that helps organisations harness the power of innovation and break-through technologies. 7Safe is the part of PA that provides cyber security advice, training and technical services.

Awareness

ETHICAL HACKING

How to book your place on a 7Safe course If you know which course or courses you wish to attend, please use the B ​ uy Now button on our website to book and pay online. Alternatively, you can book offline by calling us on 01763 285 285 or emailing us at education@7safe.com. We will then email a booking form, which is valid for seven days.

Developing a staff training programme? 7Safe is able to supply your organisation’s cyber skills training requirements, either by providing places on our public training courses or by bringing our trainers to your site to deliver a programme of courses to suit your needs. See the Table below for an overview of our public course programme, which shows the full range of our cyber skills courses and the study level for each.

Fundamentals

HIM

Core

CAST

CSTA

Hacking Insight for Managers

Ethical Hacking

• Penetration Tester/Ethical Hacker • Intrusion Detection and Attack Monitoring • IT Security Manager • Secure Coding for Software Developers

CSTP

Ethical Web Hacking

CWSA

Wireless Security

DIGITAL FORENSICS

CDaCT

Data Collection Technician

• Computer Forensics Consultant

CFIP

Forensic Investigation

Advanced Web App Security

CMST

Mobile App security

CSCSD

Secure Coding

CFIS

Forensic Investigation

CCI

CMI

• Cyber Security Analyst

Specialist

Malware Investigation

Network Forensic Investigation

• Data Forensics Technician CCDI

• Forensic Computer Analyst

Certified Corporate Digital Investigator

CLFP

Linux Forensic Investigation

CMFS

Apple Mac Forensic

INFORMATION SECURITY

PCI DSS

PCI DSS Implementation

CIIP

ISO 27001 Implementation

• Hacking Awareness Training • PCI DSS Awareness • ISO27001 Implementation

INCIDENT RESPONSE • Cyber Security Incident Response • Operations Centre Analyst

CSIRM

Cyber Security Incident Response for Managers

CSOCA

Certified Security Operations Centre Analyst

CSIR

Cyber Security Incident Response

CCTH

Certified Cyber Threat Hunter

• Threat Hunting

PA & 7Safe Cyber Skills Training Prospectus 4


ETHICAL HACKING COURSES AND CERTIFICATIONS OVERVIEW 7Safe’s ethical hacking courses are aimed at penetration testers, software developers, system administrators and network architects. We provide the latest techniques as well as valuable insight into the attack methods used by hackers and how to defend your systems against them. Our courses are between two and five days of hands-on experience, using practical exercises to discover and learn techniques/methods that will provide both developing and experienced cyber professionals with the latest in-depth knowledge.

PA & 7Safe Cyber Skills Training Prospectus 5


“Excellent instruction; clear and concise overview, perfect for non-specialists.” HIM Delegate PA Consulting Group

SIG

HT FOR

ICA

L HACK

M

G

E

TH

AG E R S

H AC K I N G

IN

AN

ETHICAL HACKING Hacking Insight for Managers (HIM)

IN

AWARENESS-LEVEL COURSE

This one-day awareness course is for people who need a high-level understanding of hacking rather than practical know-how. It introduces the basic technical concepts behind the various stages of a hacking attack, as well as some common tools used by hackers and security professionals.

What will I learn?

Who should attend?

You will gain an insight into the mindset and motivation of hackers, and learn how they infiltrate organisations and the damage that can follow zzYou will find out how organisations are exposed through the various routes of attack, including the internet, employees, social engineering, emails and wireless zzYou will learn about the security lapses behind a number of real-world, high-profile attacks zzYou will have the chance to try your hand at some simple web application attacks in our ‘hack lab’

Anyone interested in understanding the risks that hackers pose, including: zzIT managers zzSystems analysts zzIT security professionals and auditors zzSecurity officers and data protection representatives

zz

How will I benefit? On this course, you will: zzGain an understanding of IT security from an attacker’s perspective zzBe able to evaluate the possible risks to your business from hackers zzUnderstand the principles of how to defend your organisation effectively from the risk of attack

For a course with more hands-on technical content, delegates should consider 7Safe’s CSTA and CSTP courses on pages 7 and 8.

HIM prerequisites No information security knowledge is needed, just basic computer literacy zzWe recommend you read up on the concept of domain names and IP addresses before the course zzBring a Wi-Fi enabled device to join the ‘hack lab’ (e.g. laptop or tablet) zz

To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email education@7safe.com PA & 7Safe Cyber Skills Training Prospectus 6


EC

UR

ITY

TES

TI

N

G •

CE

S O C I AT E

RT I F I E D

AS

ETHICAL HACKING Certified Security Testing Associate (CSTA)

S

“I found it all very interesting, the hardware and software system was excellent, everything worked as planned. The content was extremely relevant to our organisation.” CSTA Delegate SuperWebs Ltd

ET

HI

C AL

H AC K

IN

G

CORE-LEVEL COURSE

This infrastructure ethical hacking course is our most popular core-level technical course for people from a wide variety of network related and security roles across all industry sectors looking to develop their own capability to support their organisation’s in-house cyber team.

What will I learn?

What qualification will I receive?

You will learn a series of attack methodologies and gain practical experience using a range of tools to undertake an infrastructure penetration test across a multi-OS environment zzOnce you are able to identify and exploit vulnerabilities in a safe manner, you will be introduced to a range of defensive countermeasures, allowing you to protect your network and respond to cyber threats

Upon successful completion of the exam, you will be awarded the Certified Security Testing Associate (CSTA) qualification, accredited by both CREST and the IISP.

zz

How will I benefit? This course in particular will give you: zzValuable preparation and hands-on practice in preparation for the CREST Registered Penetration Tester (CRT) examination zzUnderstanding of common infrastructure vulnerabilities and how to exploit or resolve them

Who should attend? If you are looking to improve your career prospects by starting or transitioning into a cyber security role e.g. zzNetwork engineers zzSystems administrators zzSystems architects or developers

CSTA prerequisites: Basic understanding of TCP/IP networking and comfortable with Windows and Linux command line. CSTA is also a good source of information on TCP/IP networking, should you wish to refresh your knowledge.

If you are a web developer looking for a secure coding course, please see our Certified Secure Coding for Software Developers (CSCSD). See page 12.

To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email education@7safe.com PA & 7Safe Cyber Skills Training Prospectus 7


C

U

RI

TY

TESTIN

G PR

CER

ESSIONAL

TIFIED

OF

ETHICAL HACKING Certified Security Testing Professional (CSTP)

SE

“The course content helped to reinforce my existing knowledge and give real world examples and practical exercises for the key features of the content and syllabus.” CSTP Delegate NewVoiceMedia Ltd

ET

HI

C AL

H AC K

IN

G

CORE-LEVEL COURSE

This web application ethical hacking course is designed to give you the skills you need to ensure valuable data assets are effectively protected.

What will I learn?

Who should attend?

You will be introduced to a range of defensive countermeasures to become more resistant to attack zzYou will learn how to exploit these vulnerabilities to access data and functionality beyond your remit

Anyone with responsibility for, or an interest in, the security of web applications, including: zzSystem administrators zzSoftware developers zzBudding penetration testers zzAnyone subject to the requirements of the Payment Card Industry Data Security Standard (PCI DSS)

zz

How will I benefit? This course will give you: zzValuable preparation for the CREST Registered Penetration Tester (CRT) examination and the knowledge required to join our CAST course (advanced web application security) zzThe skills and understanding to progress to the next stage in your career as a security professional

What qualification will I receive? Upon successful completion of the exam, you will be awarded the Certified Security Testing Professional (CTSP) qualification.

CSTP prerequisites An understanding of how a web page is requested and delivered: zzAre you familiar with the high-level components involved, e.g. browsers, web servers, web applications and databases? zzWhat are HTTP and HTML? zzAn understanding of databases and SQL would also be an advantage

If you are a web developer looking for a secure coding course, please see our Certified Secure Coding for Software Developers (CSCSD). See page 12.

To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email education@7safe.com PA & 7Safe Cyber Skills Training Prospectus 8


“An essential course for those designing and configuring all aspects of wireless networking.” CWSA Delegate New Vision Group Ltd

IR

ELE

S S S E CU

RI

T

D

W

Y

ETHICAL HACKING Certified Wireless Security Analyst (CWSA)

CWSA HI

C AL

H AC K

IN

A LY S T

C E RT I F I E

AN

ET

G

CORE-LEVEL COURSE

This two-day course is for people involved in a variety of wireless networkrelated roles. It is designed to give you the skills you need to develop a more secure infrastructure around critical data and applications, and defend systems from unauthorised wireless attacks.

What will I learn?

What qualification will I receive?

You will learn how hackers bypass wireless security, and gain an understanding of the principles of wireless cryptography zzOnce able to identify and exploit vulnerabilities, you will be introduced to a range of defensive countermeasures, allowing you to complete the final exercise of building a secure wireless network to protect information assets

Upon successful completion of the exam, you will be awarded the Certified Wireless Security Analyst (CWSA) qualification.

zz

How will I benefit? This course will give you: zzValuable preparation for the CREST Registered Penetration Tester (CRT) examination zzA thorough understanding of how hackers target wireless networks and how to protect wireless networks (and clients) from attack in the real world

Who should attend? Anyone with responsibility for, or an interest in, the security of wireless networks and Wi-Fi enabled devices, including: zzIT managers zzSystems/network administrators zzIT security professionals zzForensic/network investigators

CWSA prerequisites Basic understanding of TCP/IP networking: zzAre you familiar with the OSI model? zzCan you name a layer 2 and layer 3 protocol? zzCan you describe how a request reaches a web server through Ethernet, IP and TCP?

If you are planning to do both the CSTA and CWSA courses, we recommend you take CSTA first. See page 7.

To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email education@7safe.com PA & 7Safe Cyber Skills Training Prospectus 9


MO

B I L E S ECUR

IT STE

• C E RT

TE

IFI

D

Y

ET

CMST HI

C AL HACK

G

R •

ETHICAL HACKING Certified Mobile Security Tester (CMST)

E

“The whole course was excellent, I did not realise what a massive and interesting field security is. It has opened my eyes to what the hackers do to try and steal sensitive data.” CMST Delegate Z-Tech Control Systems Ltd

IN

SPECIALIST-LEVEL COURSE

This three-day course is for people in a wide variety of mobile applicationrelated roles. It introduces the fundamentals of mobile application security and gives you an understanding of whether the sensitive information stored on mobile devices is sufficiently protected.

What will I learn?

What qualification will I receive?

You will be led through the current OWASP Mobile Top Ten, the most critical mobile application security risks that leave organisations and their customers’ data vulnerable to attack zzOnce able to identify and exploit vulnerabilities in both iOS and Android platforms, you will be introduced to a range of defensive countermeasures, allowing you to develop applications that are more resistant to attack

Upon successful completion of the exam, you will be awarded the Certified Mobile Security Tester (CMST) qualification.

zz

How will I benefit? This course will give you: zzAn understanding of whether the sensitive information stored on mobile devices is sufficiently protected and what the risk would be if the device fell into the hands of an attacker zzThe ability to use a variety of tools and techniques, including static and run-time analysis, binary patching and reverse engineering, to improve mobile application security

Who should attend? Anyone looking to understand the fundamentals of mobile application security, including: zzApp developers zzIT security officers zzPenetration testers zzNetwork and systems administrators

CMST prerequisites A basic understanding of: zzHow the iOS and Android platform and devices work zzHTTP protocol zzProgramming zzWindows and Linux command line zzJava and Objective-C languages

To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email education@7safe.com PA & 7Safe Cyber Skills Training Prospectus 10


“Had a fantastic time on the course, well delivered, useful and eye opening to say the least. Heading off to take the CREST exam shortly! Thanks for all your help.” CAST Delegate MarketingSource Ltd

A

PP

LIC

AT I O N S E C

U RI

ETHICAL HACKING Certified Application Security Tester (CAST)

TESTER •

C E RT I F I E D

TY

ET

HI

C AL

H AC K

IN

G

SPECIALIST-LEVEL COURSE

This specialist four-day web hacking course is for people in a wide range of application development and testing roles. It is designed to give you an in-depth knowledge of how to identify security vulnerabilities and an understanding of the real risk that these vulnerabilities pose by exploiting them.

What will I learn?

Who should attend?

You will be led through a range of state-of-the-art hacking tools and techniques to allow you to conduct a complete web application security assessment zzOnce able to identify and exploit vulnerabilities, you will learn a range of defensive counter measures, allowing you to develop applications that are more resistant to attack and provide a better protection for data assets

People working in an application testing (security assessment/administration) or developer environment, including experienced: zzPenetration testers zzApplication developers zzSecurity professionals

zz

How will I benefit? This course will give you: zzAn industry recognised qualification, accredited by CREST and the IISP zzEssential preparation for the CREST Certified Tester (application) exam zzSecurity vulnerability identification and avoidance

CAST prerequisites Completion of the 7Safe CSTP course or equivalent knowledge zzPractical experience of backend web application technologies (ef HTML, Java Script, PHP, ASP, MSSQL, MySQL) zzHands-on experience of modern hacking trends, tools and technologies would be an advantage zz

What qualification will I receive? Upon successful completion of the exam, you will be awarded the Certified Application Security Tester (CAST) qualification.

To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email education@7safe.com PA & 7Safe Cyber Skills Training Prospectus 11


“The course was excellent and highly relevant to my work as a web developer. A variety of topics were covered and I thought that a good level of time was dedicated to the most prevalent and serious exploits.” CSCSD Delegate Falck Safety Services

ETHICAL HACKING Certified Secure Coding for Software Developers (CSCSD) SPECIALIST-LEVEL COURSE

This two-day course is for people who want to understand the technical controls used to prevent software vulnerabilities. It focuses on common insecure coding practices and examines how these can be addressed to make secure applications.

What will I learn?

What qualification will I receive?

You will learn about the vulnerabilities that arise from insecure coding and the array of hacking techniques that many attackers use to disrupt the way an application’s programming/ business logic work zzYou will find out how to take a ‘defence in depth’ approach and ensure you consider all the security issues that may arise while developing applications zzYou will gain an understanding of the most important principles in secure coding and apply your new knowledge with examples and exercises in Java

Upon successful completion of the exam, you will be awarded the Certified Secure Coding for Software Developers (CSCSD) qualification.

zz

How will I benefit?

Who should attend? This course is for people who want to learn secure coding, including: zzPenetration testers zzProfessional software developers zzSoftware architects zzSoftware security auditors zzSecurity managers

CSCSD prerequisites A basic understanding of web application coding, preferably in Java.

With this course, you will: zzHave access to a purposebuilt controlled environment specifically created to demonstrate the main areas of vulnerability and the key mitigation strategies zzGet the chance to practise techniques to address common insecure coding practices zzBuild your skills and confidence in coding secure applications

To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email education@7safe.com PA & 7Safe Cyber Skills Training Prospectus 12


DIGITAL FORENSICS COURSES AND CERTIFICATIONS OVERVIEW 7Safe has successfully delivered its certified digital forensic training courses to numerous law enforcement and legal professionals as well as private corporations across all industry sectors. Our programme is aimed at forensic investigators, digital security practitioners and those with computer forensic experience wanting to develop skills further in order to conduct thorough, efficient and comprehensive investigations. Expert trainers and practical technical exercises will ensure you have the latest industry best practice knowledge and tools to conduct the most effective digital forensic investigations for your organisation.

PA & 7Safe Cyber Skills Training Prospectus 13


“Steve Shepherd MBE has a great personality for teaching and has the ability to make the course fun and interesting. I have thoroughly enjoyed the course and will be sending my team on it.” CDaCT Delegate City Docs Ltd

DIGITAL FORENSICS Certified Data Collection Technician (CDaCT)

DI

S G IT A L F O RE N SI C

FUNDAMENTALS-LEVEL COURSE

This is a fundamentals-level course for people who have to handle or advise on electronic evidence/ data on a regular basis and provides them with the skills to ensure that forensic and evidential integrity is retained when data is transferred or copied.

What will I learn?

What qualification will I receive?

You will be introduced to the legalities, best practice and current techniques used for data acquisition as part of forensic investigation, eDiscovery or other regulatory proceedings zzYou will carry out forensic imaging in a number of environments, using different methods and software zzYou will learn how to extract individual mailboxes from a live Microsoft Exchange email server, as well as live system memory and volatile data capture

Upon successful completion of the exam, you will be awarded the Certified Data Collection Technician (CDaCT) qualification.

zz

How will I benefit? This course will give you: zzThe skills you need to be competent in handling data during the initial stages of investigation zzThe opportunity to practice identifying and collecting electronic evidence/ data and build your confidence zzAn industry-recognised qualification in data collection

Who should attend? Anyone responsible for the process of data acquisition, including: zzLaw enforcement officers and agents zzNetwork administrators zzIT security officers zzCivil litigation lawyers/legal council zzLitigation support managers zzeDiscovery consultants

CDaCT prerequisites A general appreciation of information technology and computer forensic principles/methods is desirable, but not essential.

To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email education@7safe.com PA & 7Safe Cyber Skills Training Prospectus 14


D

IG

INVESTIGATIO N

CFIP I TA

L FOREN

SIC

S

ERTIFIED FO • C

SIC EN

TITIONER • AC PR

DIGITAL FORENSICS Certified Forensic Investigation Practitioner (CFIP)

R

“Excellent course with very knowledgeable tutor, highly recommended.” CFIP Delegate Staffordshire University

CORE-LEVEL COURSE

This core-level technical course is designed for people looking to develop their computer forensics investigation skills, either for a career in digital investigations or as part of their current cyber role.

What will I learn? You will learn the principles and guidelines for static computer forensic investigations; the fundamentals of the complete forensic investigation process; how to preserve evidence and the methodology for conducting a forensic investigation zzYou will use practical, hands-on exercises to help you understand how data is stored on electronic media, how to work with key forensic investigation tools and how to identify Windowsbased OS forensic artefacts zz

How will I benefit? The course will give you: zzAn understanding of each stage of a forensic investigation, from evidence seizure through to data investigation and interpretation, to report and presentation of findings zzThe skills to allow you to undertake the forensic acquisition of an electronic device zzConfidence in working with key forensic investigation products

An industry-recognised qualification in forensic investigation and ideal preparation for the 7Safe CFIS advanced course

zz

What qualification will I receive? Upon successful completion of the exam, you will be awarded the Certified Forensic Investigation Practitioner (CFIP) qualification.

Who should attend? Anyone who is or wants to be responsible for computer forensic investigations, including: zzCyber forensic and network investigators zzIT security officers zzLaw enforcement officials

CFIP prerequisites Experience with Microsoft Windows OS and, ideally, a general appreciation of forensic principles, practices and software.

To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email education@7safe.com PA & 7Safe Cyber Skills Training Prospectus 15


“Instructor was interesting and engaging. Obviously knew the subject well. I thoroughly enjoyed the course.” CMI Delegate Assured Security Control Ltd

M

AL

WA R E

IN

V

TI

E RT I F I ED • C

ES

D

IG

CMI I TA

L FOREN

G ATO R •

DIGITAL FORENSICS Certified Malware Investigator (CMI)

SIC

S

CORE-LEVEL COURSE

This is a core-level technical course for people looking to extend their digital forensic knowledge beyond conventional device analysis. It will help you protect your IT environment by showing you how to conduct malware analysis, from first principles all the way to investigating network activity stemming from malicious software infection that your AV software has failed to detect.

What will I learn?

Who should attend?

You will learn how to identify, analyse and interpret malicious software and associated forensic artefacts, including trojan horses, viruses and worms zzYou will practice malware investigations from mounted, booted and network perspectives, and undertake real-world exercises, including the conversion of E01 forensic images to bootable virtual machine disks

Digital forensic analysts, law enforcement officers, cyber incident investigators and system administrators looking to develop their skills in malware identification and analysis.

zz

How will I benefit? The course will give you: zzThe skills to analyse and interpret malicious software, and investigate network activity initiated by malicious software infection zzAn understanding of how to simplify complex evidence, and collate and report results zzAn industry-recognised qualification in malware investigation

CMI prerequisites Completion of the 7Safe CFIP course is highly recommended. Otherwise you will need: zzKnowledge of the principles surrounding forensic investigation and an understanding of the preliminary forensic investigation case considerations zzSound experience with the Microsoft Windows operating systems zzAn understanding of how a web page is requested and delivered zzIdeally an understanding of Command Line Interface (CLI) and TCP/IP networking concepts

What qualification will I receive? Upon successful completion of the exam, you will be awarded the Certified Malware Investigator (CMI) qualification.

To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email education@7safe.com PA & 7Safe Cyber Skills Training Prospectus 16


DIGITAL FORENSICS Certified Corporate Digital Investigator (CCDI) CORE-LEVEL COURSE

This is a core-level course designed for corporate investigators who are required to identify, secure or recover electronic evidence. It has been developed for investigators based in both the private and public sectors, to ensure that the forensic and evidential integrity is controlled and accounted for during the data recovery process.

How will I benefit? This course will give you: zzThe skills to be competent in identifying, securing, collecting and handling data during the initial stages of an investigation zzThe opportunity to practice identifying and collecting electronic evidence zzLearn methodologies that will enable you to comply with International Standards for the identification, collection, acquisition and preservation of digital evidence as described in ISO 27037

Delegates will acquire data from different environments in numerous practical exercises to reinforce understanding and technique zzDevelop skills and an understanding of policies and practices required to withstand third party scrutiny zzGain confidence in forensic imaging and copying data from a number of different environments zzAn industry-recognised qualification in data collection zz

To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email education@7safe.com PA & 7Safe Cyber Skills Training Prospectus 17


“An excellent course which gave a thorough overview of Mac Forensics, the HFS+ file system and important artefacts and their locations on the file system. The exercises supported the theory well and helped build on the course content. As a non-Mac user, I now feel a lot more confident working with Macs, not just for forensic analysis, but generally.” CMFS Delegate The Babraham Institute

AC

FORENSIC

S EC

E RT I F I E • C D

M

SP

D

IALIST •

DIGITAL FORENSICS Certified Mac Forensics Specialist (CMFS)

CMFS IG

I TA

L FOREN

SIC

S

SPECIALIST-LEVEL COURSE

This specialist-level course is for experienced forensic investigators whose role requires them to expertly examine Apple devices, giving them knowledge and confidence in handling the data and forensic evidence in Mac OS X and iOS environments.

What will I learn?

What qualification will I receive?

You will learn the underlying data structures of Apple devices and the many forensic artefacts specific to Mac OS X and iOS zzYou will practice using real life examples identifying, finding, extracting, decoding and interpreting the data stored on an Apple device from a forensic practitioner’s perspective

Upon successful completion of the exam, you will be awarded the Certified Mac Forensics Specialist (CMFS) qualification.

zz

How will I benefit? This course will give you the opportunity to: zzLearn effective techniques for the identification and interpretation of forensic artefacts on OS X and iOS devices zzUnderstand Apple disk partitioning and develop confidence when identifying and isolating artefacts from Apple devices zzImprove your ability to respond effectively to a wider range of forensic incidents

Who should attend? Forensic practitioners, systems administrators and cyber investigators who want to extend their experience with Window-based systems to the Mac OS X and iOS environments.

CMFS prerequisites Completion of the 7Safe CFIP course is highly recommended. Otherwise you will need: zzKnowledge of the principles and guidelines surrounding forensic investigation zzBasic knowledge of data structures, e.g. binary and hexadecimal

To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email education@7safe.com PA & 7Safe Cyber Skills Training Prospectus 18


FORENSIC P UX RA LIN

R ONE ITI CT

DIGITAL FORENSICS Certified Linux Forensic Practitioner (CLFP)

CERTI FIE D

“Very good course, well paced and provided a good understanding of the Linux platform and analysis.” CLFP Delegate Huron Consulting

DI

G IT CS A L F O R E N SI

SPECIALIST-LEVEL COURSE

This specialist-level course is for experienced forensic investigators who want to acquire the knowledge and skills to navigate, identify, capture and examine data from Linux-based systems.

What will I learn?

What qualification will I receive?

You will develop a core understanding of the file system data structures and key files in Linux-based systems so that you can be confident of capturing potential digital evidence zzYou will practice using both Linux GUI and command line environments, and learn how to use Linux for forensic imaging zzYou will capture RAM and basic volatile data from a live Linux system, and use forensic software to create an image of a Linux system

Upon successful completion of the exam, you will be awarded the Certified Linux Forensic Practitioner (CLFP) qualification.

zz

How will I benefit? On this course, you will: zzUnderstand the data structures associated with the ‘ext’ file systems zzLearn effective techniques to extract data from a Linux environment zzDevelop confidence when identifying and capturing Linux system artefacts zzImprove your ability to respond effectively to a wider range of forensic incidents

Who should attend? Forensic practitioners, systems administrators and cyber investigators who want to extend their experience from Window-based systems to the Linux environment.

CLFP prerequisites Completion of the 7Safe CFIP course is highly recommended. Alternatively you will need an understanding of digital forensic principles and practices. No Linux experience is necessary.

To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email education@7safe.com PA & 7Safe Cyber Skills Training Prospectus 19


S IC

I NVE ST I G

AT I

N

E RT I F I E D • C FO

EN

O

SPE

#>ssh_

IG

CFIS I TA

L FOREN

SIC

S

D

CIAL I ST •

DIGITAL FORENSICS Certified Forensic Investigation Specialist (CFIS)

R

“The course was brilliant. I really enjoyed it. It helped me to improve and develop my knowledge. I look forward to using the skills I have gained at work.” CFIS Delegate Computer Sciences Corporation

SPECIALIST-LEVEL COURSE

This specialist-level course is for professionals whose role requires them to capture and analyse data from ‘live’ systems. It introduces the latest guidelines and artefacts on current Windows operating systems, and teaches essential skills for conducting an efficient and comprehensive investigation.

What will I learn?

What qualification will I receive?

You will learn to capture volatile and stored data from a system in a ‘live’ and ‘booted’ state and from remote and virtualised systems, and to capture mailboxes from a Microsoft Exchange Server and webmail accounts zzYou will practice your new skills using a realistic data/IP theft scenario employing a range of forensic tools, scripts and techniques. You will identify data from the Windows domain controller, network file shares and FTP logs before moving to more conventional analysis of a forensic image of a workstation

Upon successful completion of the exam, you will be awarded the Certified Forensic Investigation Specialist (CFIS) qualification.

zz

How will I benefit? This course will enable you to: zzDevelop your forensic investigation skills to an advanced level zzPractise new techniques suitable for evidence identification, capture and analysis in a ‘live’ environment zzAcquire an industry-recognised qualification to support your career progress

Who should attend? Experienced forensic investigators and digital security practitioners who have computer forensic experience who want to dig deeper and develop their skills. This course is a natural progression from the 7Safe CFIP course.

CFIS prerequisites Knowledge of the principles and general guidelines surrounding forensic investigations zzExperience of carrying out forensic investigations zzAttendance of a basic computer forensic course, e.g. 7Safe’s CFIP course zz

To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email education@7safe.com PA & 7Safe Cyber Skills Training Prospectus 20


“This was the most useful networking investigation course I have been on in recent years. I came away with a substantial increase in my knowledge along with some very useful documentation. If you’re going to do one networking investigation course year, make it this one.” CCI Delegate Regional Cyber Crime Unit

DIGITAL FORENSICS Certified Cyber Investigator (CCI) SPECIALIST-LEVEL COURSE

This specialist-level course is for professionals who are looking to develop and improve their ability to respond effectively to a cyber event. It helps you develop the skills needed to isolate, investigate and extract evidence from a live networked environment during or after a cyber incident.

What will I learn?

What qualification will I receive?

You will learn and practice the critical skills needed to identify the correct forensic artefacts in a live network environment during or after a cyber event, and how to preserve and collect that data zzYou will practice how to correctly acquire and handle dynamic data so that you do not inadvertently alter or destroy vital clues that could result in your investigation failing or the resultant evidence being inadmissible in court

Upon successful completion of the exam, you will be awarded the Certified Cyber Investigator (CCI) qualification.

zz

How will I benefit? This course will enable you to: zzLearn a number of methodologies for undertaking a sound cyber investigation zzAcquire and practice new techniques to extract relevant data from a live networked environment zzGain confidence when identifying and capturing live operating system artefacts zzImprove your ability to respond effectively to a cyber event

Who should attend? Experienced forensic investigators and cyber security practitioners who already have a good knowledge of forensic investigation and want to extend their skills.

CCI prerequisites You will need a good understanding and experience of: zzThe forensic investigation process zzWindows and Linux operating systems zzCommand line interface zzComputer networks We strongly recommend completion of the 7Safe CFIP and CLFP courses as a minimum before attending this course.

To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email education@7safe.com PA & 7Safe Cyber Skills Training Prospectus 21


INFORMATION SECURITY TRAINING COURSES AND CERTIFICATIONS OVERVIEW 7Safe’s information security courses are focused towards anyone with responsibility for, or with an interest in, protecting an organisation’s IT systems & data, including those employed in IT, Business, Financial and HR Management. The courses last between one and three days and provide a high-level understanding of the techniques and current trends used in hacking or the steps involved in planning, implementing and maintaining ISO 27001 or Payment Card Industry Data Security Standard (PCI DSS).

PA & 7Safe Cyber Skills Training Prospectus 22


EMENTAT ION IMPL 01 70

ERTIFIED I SO • C

NER TITIO AC PR

D

C II P IG

I TA

L SECUR

INFORMATION SECURITY Certified ISO 27001 Implementation Practitioner (CIIP)

2

“Solid coverage of the standard, referenced well to the point of applicability and usability.” CIIP Delegate Bluefish Communications

IT

Y

FUNDAMENTALS-LEVEL COURSE

This three-day practical ISO 27001 training course is for people who want to understand the component parts of the ISO Standard with a view to setting up an implementation project. You will learn how to define and risk-assess your organisation’s information assets, and prepare for the essential requirements needed to obtain ISO 27001 certification.

What will I learn?

What qualification will I receive?

You will gain an understanding of the key steps involved in planning, implementing and maintaining an ISO 27001-compliant information security management system (ISMS) zzYou will learn what an ISMS is and how to define information security policies for your organisation zzYou will gain the skills needed to identify information assets and undertake a risk assessment, and will acquire effective techniques for managing risk

Upon successful completion of the exam, you will be awarded the Certified ISO 27001 Implementation Practitioner (CIIP) qualification.

zz

How will I benefit? With this course, you will: zzGain an in-depth understanding of information security and how it applies to your organisation zzLearn how to define information assets in a way that’s suitable for your organisation and how to undertake a risk assessment zzGain confidence that certification is within reach and obtain guidance on applying for certification

Who should attend? Anyone with responsibility for, or with an interest in, information security, including: zzPeople employed in IT, financial and HR management zzComputer auditors zzIT security officers zzInformation security professionals

CIIP prerequisites This course is suitable for nontechnical staff and no prior knowledge is required.

To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email education@7safe.com PA & 7Safe Cyber Skills Training Prospectus 23


DU

S TRY DATA S EC

U STA

AYM ENT C • P AR

TY

D

IN

RI

NDARD

0000 0000 0000 0000 PCI DSS

INFORMATION SECURITY Payment Card Industry Data Security Standard (PCI DSS) Implementation

IM

PL

E M E N TAT I O

N

AWARENESS-LEVEL COURSE

This one-day awareness training course is for people who want to learn how the Payment Card Industry Data Security Standard (PCI DSS) is implemented. It covers the importance of the Standard to all organisations processing, storing or transmitting credit card information.

What will I learn?

Who should attend?

zz

You will gain a clear understanding of the PCI DSS and how to apply your knowledge when assisting with PCI DSS assessments zzYou will learn how the Standard developed, its benefits and who it applies to zzYou will find out about the key requirements of the Standard and how to become compliant

This course is for: zzAnybody accepting credit card payments, including: zzMerchants zzThird-party service providers zzAcquirers zzAnybody processing, storing or transmitting credit card data zzFinance, internal audit, IT, sales department staff

How will I benefit?

PCI DSS prerequisites

With this course, you will: zzGain an appreciation of the controls necessary for your organisation to be able to continue dealing with cardholder data zzLearn the key principles and requirements of the Standard zzDevelop an understanding of the route to compliance (self-assessment and audit) zzBe in a position to prepare an implementation plan for your organisation, improving your chances of a successful audit

This course is suitable for non-technical staff and no prior knowledge is required.

.

To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email education@7safe.com PA & 7Safe Cyber Skills Training Prospectus 24


INCIDENT RESPONSE & SOC TRAINING These 7Safe-designed training courses are for professionals who are looking to develop or improve their knowledge and ability in the fields of Cyber Security Incident Response (CSIR) and SOC environments, reinforcing through practice new information and methodologies. 7Safe’s CSIR courses are aligned with the CREST Intrusion Analysis and Incident Response Syllabus, which identifies at a high-level the technical skills and knowledge that CREST expects candidates to possess for the Certification examinations in the area of Intrusion Analysis.

PA & 7Safe Cyber Skills Training Prospectus 25


CI

DEN

T RESP

ON

S

CY IN

CSIRM

CI

DE

NT RESPO

N

A N AG E R S R M

BER SECUR

IT

FO

Y

IN

E

INCIDENT RESPONSE Cyber Security Incident Response for Managers (CSIRM)

SE

AWARENESS-LEVEL COURSE

This awareness-level course is for those individuals involved in the decision making process or management of a cyber event involving an attack or data breach of a computer network. This course will introduce the concepts and stages to be considered during the planning and response phases to a cyber event.

Course Overview Assuming a basic knowledge and understanding of your organisation’s incident response plan, this course is ideally suited to those responsible for decision making, management planning or responding to a cyber event involving an attack or breach of a computer network. The course will detail how effective the response plan is with regard to a real-world attack or data breach

You will find out how organisations become exposed to certain attacks or breaches and what can be done to mitigate this zzYou will learn about employee security lapses and the importance of education programmes zzYou will have the chance of stopping a ransomware attack and understand some of the methods such malware uses to obfuscate and prevent removal

How will I benefit?

Who should attend?

This course will give you: zzAn understanding of the importance of an effective incident response plan zzThe ability to appreciate and evaluate risks to your organisations data based on your incident response plan zzAn understanding of the principles of preparing and responding to a cyber event

zz

zz

Anyone involved in any management aspect of preparing for or managing a cyber security event

For a course with more hands-on technical content, delegates should consider 7safe’s CSIR course.

Course prerequisites: No CSIR technical knowledge is needed but an understanding of the requirements for information security is essential zzWe recommend you refresh your knowledge and understanding of your organisations incident response plan zz

What will I learn? You will understand the importance of cyber security frameworks zzYou will gain insight why an effective and robust incident response plan is necessary in today’s interconnected world zz

To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email education@7safe.com PA & 7Safe Cyber Skills Training Prospectus 26


INCIDENT RESPONSE Certified Security Operations Centre Analyst (CSOCA) FUNDAMENTALS-LEVEL COURSE

This fundamentals-level course provides the basic skills and knowledge for individuals who are looking to be or are currently employed within a private or public sector Security Operations Centre (SOC).

Course overview

Key benefits

This five-day course will enable you to understand how a SOC functions and provide you with the fundamental knowledge and understanding required for employment within a SOC. You will spend a good portion of the course is practicing and honing key skills and methodologies which replicate real-life security threat scenarios faced by SOC’s today.

This course will enable you to gain confidence within a SOC environment by reinforcing or learning new information and methodologies.

The skills you will learn You will learn and practice core level and advanced skills to be an effective SOC analyst or team member. Upon completion of the course you will have learnt: zzThe threats and risks to a business network zzGain a better understanding of threat intelligence using OSINT zzHow malicious software can compromise a system zzUsing SIEM tools to collate and analyse data of interest zzFundamental and in-depth logging Analytical techniques

Who should attend? This course was specifically designed for individuals who intend to be or have recently joined as a SOC analyst or team member or to recognise those more seasoned individuals employed within the SOC.

Syllabus Throughout the course your time will be split between being taught the methods and principles of working within a SOC and applying these in practical, hands-on exercises based on real-life scenarios.

Prerequisites You will need a basic understanding of IT infrastructure.

What qualification will I receive? Upon successful completion you will be awarded the Certified Security Operations Centre Analyst (CSOCA) qualification

To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email education@7safe.com PA & 7Safe Cyber Skills Training Prospectus 27


INCIDENT RESPONSE Cyber Security Incident Response (CSIR) SPECIALIST-LEVEL COURSE

This specialist-level course is for technical professionals who are looking to develop or improve their knowledge or ability in the Cyber Security Incident Response (CSIR) field.

Course overview

Who should attend?

This five-day course follows the CREST incident response model and focuses on the knowledge and key skills required to effectively respond to a cyber incident.

This is an intensive training course designed for CSIR practitioners and cyber security practitioners involved in the discipline or forensic practitioners who wish to extend their knowledge and skills in this unique field. These include: zzCyber security incident response team members zzSystem/network administrators/ engineers zzIT security personnel/security officers Forensic practitioners zzLaw enforcement officers & agents

The skills you will learn You will learn and practice core level and advanced CSIR skills, including: zzAdvanced use of PowerShell and exploitation of WMI zzWriting of bespoke PowerShell scripts and parsers zzIdentification of suspect processes zzAdvanced detection and analysis of injected processes zzIdentification and analysis of infected documents (MS Office & PDF) Infection vector analysis zzRebuilding network traffic zzBreakdown and examination of log files

Key benefits This course will enable you to learn new methodologies for responding to CSIR events and practice both core and advanced techniques. You will also gain confidence and improve your CSIR skills for when responding to a cyber event.

Prerequisites You will need an understanding or experience of: zzThe CSIR process zzForensic investigations zzWindows operating system zzCLI We strongly recommend completion of the 7Safe CFIP and CMI courses or similar as a minimum before attending this course.

To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email education@7safe.com PA & 7Safe Cyber Skills Training Prospectus 28


YB

ER THR

EA

C

CCTH

ID

PO EN T RES

SE

NTER

C E RT I F

HU

IE

T

D

C

IN

INCIDENT RESPONSE Certified Cyber Threat Hunter (CCTH)

N

SPECIALIST-LEVEL COURSE

This is a specialist-level course is for those security professionals involved in penetration testing, incident response, security analysis looking to develop in their role and others wishing to enhance their proactive skills in detecting and mitigating threats.

What will I learn?

What qualification will I receive?

You will learn and practice the skills and understanding needed to conduct a thorough threat hunt within a live enterprise environment.

Upon successful completion of the exam, you will be awarded the Certified Cyber Threat Hunter qualification.

Upon completion of the course you will have learnt: zzHow to correlate and analyse data to successfully identify active and passive threats already existing within a network zzHow to effectively conduct and automate data collection from remote locations using built-in and third party tools so that vital clues and potential threats will not be missed

Experienced cyber security incident responders, SOC and security analysts and penetration testers looking to enhance their skillsets or better understand the footprints their activities may leave behind.

How will I benefit? This course will give you: zzThe skills to undertake your own threat hunts and develop your methodologies zzThe ability to understand and correlate separate artefacts into larger patterns to better identify potential threats

Who should attend?

Course prerequisites: This is not a beginner’s course. Delegates wishing to attend should have a good working knowledge of the incident response process, requirements and technical methods used. Fundamentals of penetration testing and attack techniques, basic understanding of network nodes, traffic and host-based artefacts are also a prerequisite.

To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email education@7safe.com PA & 7Safe Cyber Skills Training Prospectus 29


MSc in Professional Practice in Digital Forensics and Security SPECIALIST-LEVEL COURSE

This programme, delivered in partnership with De Montfort University (DMU), is for people who want to gain a postgraduate-level qualification in information security. This qualification is based on 7Safe’s technical hands-on training courses, combined with academic modules delivered by the University.

What will I learn?

What qualification will I receive?

You will acquire a thorough and practical knowledge of the very latest computer forensics and security principles, practices, tools and techniques. The key modules covered are: network security and ethical hacking, wireless security, forensic investigations, malware investigations and implementing ISO 27001 zzYou will gain an understanding of the main academic, professional and research concerns of computer security and forensics through a research-led module that will help prepare you for your MSc project/ dissertation

The MSc course consists of seven 7Safe training courses (CSTA, CSTP, CWSA, CFIP, CMI, CFIS and CIIP), eight University modules and an MSc project/ dissertation. Upon successful completion of the MSc, you will therefore have seven industry-recognised professional certificates as well as the MSc qualification.

zz

How will I benefit? This course will provide you with: zzThe latest tools, techniques and knowledge in one of the most exciting areas of modern computing zzExpert staff with extensive experience in the field of forensics and security zzExcellent career prospects in a rapidly expanding industry

Who is this course for? Anyone ambitious to build a career in information security by completing a part-time or full-time post-graduate course. When taking the course as a part-time pathway you should expect to study for a minimum of two to three years, and must be completed within six years.

MSc prerequisites After successfully completing one or more 7Safe courses, the MSC is the most practical and natural progression to further your cyber knowledge and career development.

To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email education@7safe.com PA & 7Safe Cyber Skills Training Prospectus 30


NOTES

PA & 7Safe Cyber Skills Training Prospectus 31


7Safe, Global Innovation and Technology Centre Melbourn, Herts, SG8 6DP United Kingdom tel: +44(0) 1763 285 285  education@7safe.com  2018 (2)

www.7safe.com

7safe training prospectus 2018  

Cyber skills training prospectus featuring public courses for individuals and training programmes for organisations looking to build in-hous...

7safe training prospectus 2018  

Cyber skills training prospectus featuring public courses for individuals and training programmes for organisations looking to build in-hous...