For more information on our events policy, see https://isaca-gwdc.org/event-policies/
- This event has passed.
Information Technology Certified Associate™ (ITCA™) – Cybersecurity Fundamentals
April 2 @ 8:30 am - April 23 @ 4:30 pm EDTGWDC Member $450, Non-GWDC Member $800
The GWDC is sponsoring an intensive 4-day course for the Information Technology Certified Associate™ (ITCA™) - Cybersecurity Fundamentals Certificate. The dates of this course are: April 2, 9, 16 and 23, 2022 from 8:30 am to 4:30 PM Eastern. Please register by March 30!
This course introduces learners to cybersecurity, a growing and rapidly changing field that is becoming increasingly vital to business survival, job stability, and national security. Cybersecurity demands skilled professionals who possess the knowledge, skills, and ability to address the evolving threat landscape.
Learners gain insight into the principles of data and technologies that frame and define cybersecurity and the integral role of cybersecurity professionals in protecting enterprise data and infrastructure.
Who Should Attend?
Individuals with little to zero years’ experience in IT, individuals seeking to pursue or switch to a career in IT, or individuals seeking to increase their knowledge and skills in their current IT related position. It's also intended for anyone preparing for the ITCA Cybersecurity Fundamentals certificate exam.
ITCA Cybersecurity Fundamentals Certificate Exam Information
ITCA Cybersecurity Fundamentals Certificate Exam
The exam will be offered via Computer-Based Testing (CBT).
Registration for the exam is administered by ISACA®, not the GWDC. Registering for this review course does not register you for the exam.
Course Objectives and Outline
At the completion of this course learners will be able to:
- Explain key concepts and components of cybersecurity
- Identify the key components of cybersecurity network architecture
- Describe risk management processes and practices
- Identify security tools, threats and vulnerabilities
- Describe different classes of attacks
- Describe new and emerging technologies
- Analyze threats and risks
- Appraise cybersecurity incidents
Module 1 Cybersecurity Fundamentals
- Identify the need for cybersecurity.
- Explain cybersecurity concepts.
- Identify the need for cybersecurity professionals.
- Identify the main components of telecommunications technologies.
- Differentiate between types of security.
Module 2 Cybersecurity and Privacy
- Identify the differences between information technology systems and specialized systems.
- Discuss enterprise cybersecurity roles and responsibilities.
- Define governance, risk management and compliance (GRC).
- Recognize the relationships between various security components.
- Define privacy.
- Distinguish between privacy and security.
Module 3 Service Description and Disruption
- Identify and discuss common causes of service disruption
- Explain Business Continuity Planning
- Describe the relationship between Business Continuity Planning (BCP) and Disaster Recovery (DR)
- Explain the objectives of information security
Module 4 Threat Landscapes
- Define cyber-risk
- Define key terms associated with risk.
- Identify and describe threats to enterprises.
- Explain the process of threat modeling.
- Identify common types of vulnerabilities.
- Identify common threat agents.
- Describe the recent trends in the cyberthreat landscape.
Module 5 Cyberattacks
- Identify attributes of cyberattacks.
- Explain the cyberattack process.
- Identify cybersecurity attack models.
- Identify common cyberattacks.
Module 6 Risk Management
- Describe the IT risk management life cycle.
- Explain the supply chain considerations for risk management.
- Elaborate the Risk Management Life Cycle.
- Describe Risk Identification process.
- Explain Risk Assessment and Risk Response.
- Describe Risk and Control Monitoring.
- Narrate the uses of Risk Assessment results.
Module 7 Security Assets
- Distinguish categories of resources used to identify and classify risk.
- Explain system hardening.
- Summarize data protection means and methods.
Module 8 Security Architecture
- Explain the concept of security architecture
- Describe security perimeter
- Identify components of a security architecture
- Recognize the various security architecture frameworks
- Compare security models
Module 9 Security Controls
- Explain defense in depth.
- Compare traditional security and assume-breach philosophies.
- Identify three main types of security controls.
- Distinguish types of logical access controls.
- Identify and explain types of administrative controls.
- Explain each component of authentication, authorization and accounting (AAA).
Module 10 Network Security
- Describe the various network security techniques
- Explain methods to achieve isolation and segmentation
- Identify network security hardware
- Distinguish types of firewalls
Module 11 Application and Cloud Security
- Recognize system life cycle management principles, including software security and usability.
- Identify and analyze cloud service models.
- Explain the cloud deployment models.
- Discuss the risks associated with cloud computing.
Module 12 Software Management
- Identify elements of cryptographic systems
- Explain the encryption techniques and applications
- Identify and discuss key systems
Module 13 Introducing Security Operations
- Discuss security operations center (SOC) deployment models
- Identify common SOC functions, roles, and responsibilities
- Identify vulnerability assessment tools, including open-source tools and their capabilities
Module 14 Testing Technologies and Security Tools
- Differentiate between vulnerability scanning and penetration testing.
- Discuss common phases of penetration testing.
- Identify and use common cybersecurity tools.
- Discuss the components that aid cybersecurity monitoring and detection.
- Explain the basic concepts, practices, tools, tactics, techniques and procedures for processing digital forensic data.
- Identify common anti-forensic tactics and techniques.
Module 15 Handling Security Incidents
- Recognize incident response and handling methodologies.
- Distinguish between an event and an incident.
- Discuss the elements of an Incident Response Plan (IRP).
Meet the Instructor
Vice President, Security Portfolio @ NTT DATA Services, NTT DATA, Inc.
CISSP CISM CRISC CISA
Sushila Nair specializes in cybersecurity, risk, and audit services. Sushila Nair is a former Member of the Board of Directors for the Greater Washington, D.C. ISACA Chapter and has presented at CACS, BrightTALK, Seguruinfo and many other international events. She has taught several review courses for the GWDC chapter and ISACA Global.
- Group Internet-Based. Zoom link delivered with registration.
- Prior to the event, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits.
- Participants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits.
- ISACA Greater Washington, D.C. will not be responsible for the participant’s inability to respond to the polls.
Cancellation and Refund Policy:
Cancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details.
If ISACA GWDC cancels the event, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided.
The GWDC welcomes your comments, complaints, suggestions, questions, and other feedback concerning our website information and services. All complaints should be directed to the Associate Director of Registrations at email@example.com.
Earn up to 32 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington, D.C. is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org
CPE Distribution and Evaluation Survey:
CPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present the full day and respond to polling questions to receive full CPE credit.
- Prerequisites and Advance Preparation: None
- Program Knowledge Level: Basic
- Delivery Method: Group Internet based
- Field of Study: Information Technology - Technical