exida Academy Training

This course introduces fundamental cybersecurity concepts that are important for system integrators and maintenance providers.  This course is targeted for those who have little or no cybersecurity experience.  This course is expected to be a 2-day course.  The following provides more details on the course content: 

• Introduction
  • Importance of Cybersecurity
• Introduction to Cyber Attacks
  • Malware Types
  • Threat Actors
  • Motivations
  • Goals
  • Examples
• IT vs OT Security
• Security and Risk Management
  • Identify/Develop cybersecurity goals
  • CIA Triad
    • Best practices to support CIA
      • Separation of duties
      • Mandatory vacations
      • Job rotation
      • Least privilege
      • Need to know
      • Dual Control
  • Risk Management
    • Examples of risk
    • Risk Receptors
    • Not all risks in cybersecurity have to do with cybersecurity attacks
    • Likelihood of a Successful Attack
    • Target Attractiveness
    • How do we measure risk?
    • Risk Management Lifecycle
  • Security Governance and Policy
    • Overview
    • Standards
  • Security Management
    • Explanation of top-down approach
    • Focused on key areas
      • Roles and Responsibilities
      • Policies/standards/procedures/guidelines
      • Service Level Agreements (SLAs)
      • Data classifications and marking
      • Auditing
    • Role of Security Management
• Asset Security
  • Overview
    • Addresses issues concerning an organization’s handling of (and disposal) of data
    • Data classification
    • Data ownership
    • Data Retention
    • Data confidentiality controls
      • Data in transit vs. Data at rest
      • Physical
      • Electronic
      • Data Handling
• Security Architecture and Engineering
  • System Development Lifecycle Design (SDLC)
  • Security Modeling
  • Threat Modeling
  • Defense in Depth
  • Concept of Least Privilege
  • Selection of cybersecurity controls based on system security requirements
  • Vulnerability assessment and mitigation of security architecture and designs
  • System Hardening
    • High Level Description
    • Primary Types
    • Foundational Requirements of Hardening
• Cryptography
  • (high level overview) crypto functionality in products, such as:
    • Software & Hardware (HSMs, Crypto chips, TPM2.0)
  • Secure Boot concepts

• Physical Security
• Communications / Network Security
  • Open System Interconnect (OSI) model
  • Transmission Control Protocol / Internet Protocol (TCP/IP) Model
  • User Datagram Protocol (UDP) Model
  • IP Networking
  • Secure Protocols
  • Use of multilayer protocols (and implications)
  • Converged Protocols
  • Micro-segmentation
  • Wireless Networks
  • Cellular Networks
  • Content Distribution Networks (CDN)
  • Network component security
  • Communication Channel security
• Access Controls
  • Identification of the physical and logical assets within an environment
    • Data
    • Systems
    • Devices
    • Components
    • Facilities
    • Applications
  • Identity Management
    • Single Factor vs. Multi-Factor Authentication
    • Accountability / Non-repudiation
    • Authentication
    • Authorization
    • Session Management
    • Federated Authentication
    • Credential Management Systems (CMS)
    • Single Sign On (SSO)
    • Just-in-Time (JIT) access
    • Location
    • Access Controls
    • Identity Access Lifecycle
    • Authentication system examples
• Security Assessment and Testing
  • Internal /External / Third-party
  • Vulnerability Assessment
  • Penetration Testing
  • Security Control Testing
  • Technical and Process Data Review
  • Reporting
• Security Operations
  • Overview
  • Basic Concepts
    • Need to know
    • Least Privilege
    • Separation of Duties
    • Job Rotation
    • Service Level Agreements
    • 2-person authentication
    • Mandatory job review
    • Mandatory vacations
    • Media Management and Protection
  • Investigative Techniques
  • Logging and Monitoring
  • Reporting and documentation
  • Evidence handling and collection
  • Security Information and Event Management SIEM
  • Continuous Monitoring
  • Intrusion Prevention and Detection
  • Incident Management
  • Support of patch and vulnerability management
  • Backup and Recovery
  • Firewalls
  • Disaster Recovery and Business Continuity
  • Physical Security
• Software Security
  • Overview of the Software Development Lifecycle (SDLC)
  • Personnel
  • Security Controls
    • Auditing and logging of changes to assess the effectiveness of software security
    • Risk analysis and mitigation
    • Secure coding practices
    • Identification of vulnerabilities at the source-code level
    •  

Recorded Version of CS 104 – This course can be recorded for any students who are unable to attend the course live.  Students that take the recorded course will be provided with the instructor’s e-mail address for any off-line questions that they have.  Cost includes on-line course delivery and training material for each participant.  Students will have access to the course for 60 days.

The CSP Exam (General OT Cybersecurity):

The exida Cybersecurity Practitioner (CSP) program is a certificate program that provides confirmation that an attendee shows competency by retaining the knowledge presented in this course. The CSP program also provides an analysis of where the candidate’s strengths and weaknesses lie, helping participants judge their competency level if interested in obtaining a certification like the CACE or CACS.

The exam will be given at the conclusion of the training course, and is optional. Therefore if you wish not to participate, please let your instructor know. The candidate must achieve a minimum of 80% on the exam in order to receive their CSP certificate.