Information Technology Certified Associate™ (ITCA™) – Cybersecurity Fundamentals

Learning Outcomes

At the completion of this course learners will be able to:

• Explain key concepts and components of cybersecurity
• Identify the key components of cybersecurity network architecture
• Describe risk management processes and practices
• Identify security tools, threats and vulnerabilities
• Describe different classes of attacks
• Describe new and emerging technologies
• Analyze threats and risks
• Appraise cybersecurity incidents

Course Outline

Module 1 Cybersecurity Fundamentals

• Identify the need for cybersecurity.
• Explain cybersecurity concepts.
• Identify the need for cybersecurity professionals.
• Identify the main components of telecommunications technologies. 
• Differentiate between types of security.

Module 2 Cybersecurity and Privacy

• Identify the differences between information technology systems and specialized systems. 
• Discuss enterprise cybersecurity roles and responsibilities. 
• Define governance, risk management and compliance (GRC). 
• Recognize the relationships between various security components.
• Define privacy.
• Distinguish between privacy and security.

Module 3 Service Description and Disruption

• Identify and discuss common causes of service disruption
• Explain Business Continuity Planning
• Describe the relationship between Business Continuity Planning (BCP) and Disaster Recovery (DR)
• Explain the objectives of information security

Module 4 Threat Landscapes

• Define cyber-risk
• Define key terms associated with risk.
• Identify and describe threats to enterprises.
• Explain the process of threat modeling.
• Identify common types of vulnerabilities.
• Identify common threat agents.
• Describe the recent trends in the cyberthreat landscape.

Module 5 Cyberattacks

• Identify attributes of cyberattacks.
• Explain the cyberattack process.
• Identify cybersecurity attack models.
• Identify common cyberattacks.

Module 6 Risk Management

• Describe the IT risk management life cycle.
• Explain the supply chain considerations for risk management.
• Elaborate the Risk Management Life Cycle.
• Describe Risk Identification process.
• Explain Risk Assessment and Risk Response.
• Describe Risk and Control Monitoring.
• Narrate the uses of Risk Assessment results.

Module 7 Security Assets

• Distinguish categories of resources used to identify and classify risk.
• Explain system hardening.
• Summarize data protection means and methods.

Module 8 Security Architecture

• Explain the concept of security architecture
• Describe security perimeter
• Identify components of a security architecture
• Recognize the various security architecture frameworks
• Compare security models

Module 9 Security Controls

• Explain defense in depth.
• Compare traditional security and assume-breach philosophies.
• Identify three main types of security controls.
• Distinguish types of logical access controls.
• Identify and explain types of administrative controls.
• Explain each component of authentication, authorization and accounting (AAA).

Module 10 Network Security

• Describe the various network security techniques
• Explain methods to achieve isolation and segmentation
• Identify network security hardware
• Distinguish types of firewalls

Module 11 Application and Cloud Security

• Recognize system life cycle management principles, including software security and usability.
• Identify and analyze cloud service models.
• Explain the cloud deployment models.
• Discuss the risks associated with cloud computing.

Module 12 Software Management

• Identify elements of cryptographic systems
• Explain the encryption techniques and applications 
• Identify and discuss key systems

Module 13 Introducing Security Operations

• Discuss security operations center (SOC) deployment models
• Identify common SOC functions, roles, and responsibilities
• Identify vulnerability assessment tools, including open-source tools and their capabilities

Module 14 Testing Technologies and Security Tools

• Differentiate between vulnerability scanning and penetration testing.
• Discuss common phases of penetration testing.
• Identify and use common cybersecurity tools.
• Discuss the components that aid cybersecurity monitoring and detection.
• Explain the basic concepts, practices, tools, tactics, techniques and procedures for processing digital forensic data.
• Identify common anti-forensic tactics and techniques.

Module 15 Handling Security Incidents

• Recognize incident response and handling methodologies.
• Distinguish between an event and an incident.
• Discuss the elements of an Incident Response Plan (IRP).