ISO 27001 INFORMATION SECURITY MANAGEMENT SYSTEM BASIC TRAINING (APPLIED)
Purpose of Training
Providing the necessary competencies for the establishment, operation and continuity of the ISMS.
Length of Training
4 Days
Target Participant Audience
Those who currently work on (or will work on) the ISMS, middle and senior executives and IT employees.
Training Content
- Why Information Security?
- Information and Information Security Basic Concepts
- Information Security Standards and ISO27000 Family
- ISO27001: 2013 Overview
- ISO27001: 2013 Terms and Conditions
- Annex-A Reference Control Items
- Documentation of ISMS
- Certification Process
- Sample Application for ISMS Installation
IT SERVICE MANAGEMENT TRAINING (APPLIED)
Purpose of Training
Providing the necessary competencies for the establishment, operation and continuity of the Service Management System.
Length of Training
3 Days
Target Participant Audience
Employees who currently work in (or will work in) the Service Management System, middle and senior executives and IT employees.
Training Content
- IT Service Management Basic Concepts
- Overview of ISO20000 Family and Standard
- Selection of Application Model
- ISO20000 Service Management Standard Procedures
- IT Service Management Internal Audit
- Continuous improvement
- Certification Process
- Sample Application for Service Management System Installation
BUSINESS CONTINUITY MANAGEMENT TRAINING (APPLIED)
Purpose of Training
Providing the necessary competencies for the establishment, operation and continuity of the BCM.
Length of Training
4 Days
Target Participant Audience
Employees who are currently responsible for (or will be responsible for) BCM, middle and senior executives and IT employees.
Training Contents
- Sample Application for SMS Installation
- Basic Concepts of Business Continuity
- SO22301 Standard Overview
- Business Impact Analysis
- Risk management
- Business Continuity Strategies
- Business Continuity Planning
- Business Continuity Exercises
- Business Continuity Performance and Evaluation
- Management Procedures
- Certification Process
- Sample Application for Business Continuity Management System Installation
RISK MANAGEMENT TRAINING
Purpose of Training
Ensuring employees have the necessary abilities for the determination, implementation and continuous improvement of risk management methodology.
Length of Training
2 Days
Target Participant Audience
Employees who currently work in (or will work in) risk management, middle and senior management and IT employees.
Training Contents
- Basic concepts and definitions
- Why is risk management important?
- Determination of the risk management framework
- Methods for determining risks
- Calculation of risk level and identification of factors
- Determination of risk impact level
- Determination of risk probability level
- Risk processing methods
- Risk intervention methods
- Risk concept
- Monitoring and review
- Record of the risk management process
ISO 19011 INTERNAL AUDIT TRAINING
Purpose of Training
Besides ensuring the competence of the auditor or inspection team, this training will provide management of an audit program and the planning and handling of a management system review.
Length of Training
2 Days
Target Participant Audience
Employees who currently work in (or will work in) auditing, middle and senior managers who will take part in planning and management of audits, IT employees and management system administrators.
Training Contents
- General information about management systems
- Examination of the management systems audit guide (ISO 19011)
- Internal audit concepts
- Audit principles
- Auditor characteristics and responsibilities
- Audit types
- Audit planning
- Audit preparation
- Implementation of the audit
- Reporting of the audit
- Monitoring of the audit
WHITE HAT HACKER TRAINING (APPLIED)
Purpose of Training
To understand the techniques and methods used by hackers, to develop competencies in understanding the tools and applications that hackers use during an attack.
Length of Training
5 Days
Target Participant Audience
Cyber Security Specialists, Information Security Specialists, IT employees.
Training Contents
- Penetration Test Description, Purpose and Considerations
- Discovery and Active Information Collection
- Meaning of Collected Information
- Vulnerability Screening and Exploitation
- Malware Threats
- Social Engineering and End-User Targeted Attacks
- Penetration Tests for Web Applications and Servers
- Database Penetration Tests
- Penetration Tests for Wireless Networks
- Penetration Tests on Mobile Devices
- Network Components Penetration Tests and Second Layer Attacks
- Jumping Methods for Security Devices (IDS, Firewall, etc.)
- Penetration Tests for Cloud Computing
- Post-Exploitation
DDoS ATTACKS AND PROTECTION TRAINING (APPLIED)
Purpose of Training
Identification of DDOS attack methods, possible effects, and development of compitency in taking measures against possible DDOS attacks.
Length of Training
2 Days
Target Participant Audience
Cyber Security Specialists, Information Security Specialists and Network Specialists.
Training Contents
- DDoS Attack Types
- DDoS Attack Analysis
- Fighting with DDoS
MALICIOUS SOFTWARE ANALYSIS (APPLIED)
Purpose of Training
To develop competence in the areas of malware development, transmission methods and measures against malware threats.
Length of Training
3 Days
Target Participant Audience
Cyber Security Professionals, Information Security Professionals and Network Specialists.
Training Content
- Malware Analysis Tools and Methods of Use
- Malware Analysis Methods
- Malicious Code Analysis
END USER INFORMATION SECURITY AWARENESS TRAINING
Purpose of Training
To provide information on end user’s information security issues, current attack methods and the organization’s information security policies.
Length of Training
1 Day
Target Participant Audience
All employees.
Training Contents
- Basic Concepts and User Responsibilities
- Basic Safety Rules
- Physical Security
- Computer Security
- Mobile Device Security
- Password Security
- Insecure Software
- Email Security
- Backup
- Social Engineering
- Internet Security
- Processing and security of personal data
- Information Classification and Labeling
DATA PROTECTION TRAINING
Purpose of Training
Develop competencies related to the application methods of personal data protection laws.
Length of Training
3 Days
Target Participant Audience
Employees who currently work in (or will work in) data protection compliance, middle and senior managers and IT staff.
Training Content
- Personal data protection law
- Terms and Definitions
- Processing Personal Data
- Rights and Obligations
- Application, Complaint and Data Officers Registry
- Crimes and Misdemeanors
- Personal Data Protection Agency and Organization
- Miscellaneous Provisions
Make a Difference with MAY Cyber. Get Acquainted with our Products and Solutions, Transport your Business to the Future.
Our main goal in our services at MAY Cyber Technology is to minimize the dependence of your organization on outsourced services and create a self-sufficient organization.