Call Us (+65) 6227 2883
Call Us (+65) 6227 2883

ALC’s 3-day “flagship” Cyber Security Foundation® is the ideal course for anyone who needs to get a good all-round understanding of Cyber Security today.  You don't have to be an aspiring security professional to do this course, it is suitable for everyone.

The Cyber Security Foundation® course follows a robust syllabus that covers all the key areas. At the same time it provides maximum regional relevance by fully taking into account appropriate sections from the Australian Government Information Security Manual (ISM).

Starting a career in Cyber Security?

If you are wanting to start a career in Cyber Security, or if you have a more serious interest in the subject, then you should also take a look at our Cyber Security Practitioner course.  This course has two extra "practical" days in which you learn to apply the material learnt in the Foundation course via a case study along with workshops and exercises.

Learning outcomes

Key areas covered include:

  • Cyber Security Concepts
  • Risk Management
  • Security Architecture
  • Implementing security in networks, endpoint systems, applications and data
  • Business Continuity and Disaster Recovery Planning
  • Incident Response

Who should attend

The course is ideal for:

  • Anyone needing a robust introduction to Cyber Security
  • Anyone planning to work in a position that requires cyber security knowledge
  • Anyone starting a career in Information / Cyber security
  • IT professionals wanting to transition their career into Cyber Security
  • Anyone with information / cyber security responsibilities
  • Anyone who has learned “on the job” but who would benefit from a formal presentation to consolidate their knowledge
  • Professionals familiar with basic IT and information security concepts and who need to round out their knowledge

Course contents

1    Introduction
  • Concepts and Definitions
    • Difference between IT Security, Information Security and Cyber Security
    • Assets, Threats & Vulnerabilities
    • Likelihood, Consequence and Impact
    • Inherent Risk, Current Risk and Residual Risk
  • Cyber Security Strategy
    • Supporting Business Goals and Objectives
    • Cyber Security Policy Framework
    • Awareness, Training and Education
2    Risk Management
  • Risk Management Concepts and Definitions
    • Risk Avoidance, Mitigation, Transfer and Acceptance
    • Risk Appetite and Risk Tolerance
  • Threats and Opportunities
    • Assessing the current threat landscape
    • Advanced Persistent Threats
    • Bring Your Own Device or Technologies
    • The Internet of Things
    • Insourcing and Outsourcing
  • Controls and Enablers
  • Business Impact Analysis
3    Security Architecture
  • The key role of security architecture
  • Concepts and Definitions
  • Security Architecture Frameworks
  • Security Architecture Design Principles
  • Service Models
    • In-sourcing
    • Managed Services
    • Cloud Services
  • OSI and TCP/IP Models
  • Cryptography
    • Symmetric, Asymmetric and Hashing Algorithms
    • Non-Repudiation
    • Real-world Use Cases
4   Implementing Security
  • Network Security
    • Routers, switches, firewalls, intrusion detection and prevention
  • Endpoint Security
    • Servers, desktop systems, laptops, tablets and mobile devices
  • Application Security
    • Software Development Lifecycle
    • OWASP Top 10
    • Web Application Firewall
  • Data Security
    • Data owners, data classification, labelling
    • Access control
    • Data governance and lifecycle
    • Data remanence
5   Business Continuity and Disaster Recovery Planning
  • Business Continuity Planning
  • Disaster Recovery Planning
  • BCP/DRP Training and Awareness
  • Testing and Maintenance of the BCP/DRP
  • Security Assurance
    • Vulnerability Assessments and Penetration Testing
    • Minimum Security Baselines
6    Incident Response
  • Detection
    • Auditing, logging and security technologies
    • Security Information and Event Management System (SIEM)
  • Prevention
    • Authorisation, encryption, firewalls, intrusion prevention, anti-malware
  • Response
    • Security events and incidents
    • Legal aspects
    • Incident Response Process
    • Incident Management Team
    • Computer Forensics

Course fees

Foundation Certificate Exam

The Cyber Security Foundation exam is held in the classroom at the end of Day 3. This exam is 90 minutes duration and comprises 60 multiple choice questions with a pass mark of 65%.  A Certificate is issued to those who successfully pass the exam.

One free exam re-sit is available.