C)SA1 - Certified Security Awareness 1
The mile2 vendor neutral Certified Security Awareness 1 certification course is intended for anyone that uses a computer on the internet.
Attendees will understand the security threats as well as the countermeasures associated with these attacks.
Employees will learn that the weakest link in any security program is a poorly trained department.
This course teaches general security awareness as well as how to develop a strong security culture within your company’s community.
The Social Engineering portion of the class is designed to teach the participants the skills used by Social Engineers to facilitate the extraction of information from an organization using technical and non-technical methods.
Computer fraud, black-hat hacking, cyber-terrorists; these phrases describe an innovative generation of criminals that use over-the-wire technology to attack us, steal from us and terrorize us.
However, the best tool in their arsenal is not new. It is only used by the most experienced, the most dangerous, boldest hackers.
The mile2 Certified Security Awareness 1 program is innovative and trains students on how attacks are performed, the skills necessary to perform an attack, how to train people to identify an attack but most importantly: how to train internal targets so that the training is effective and lasts.
WHAT'S INCLUDED IN THE COURSE KIT?
- Individual Course Access
- Course Video
- Physical, Printed Course book
- Exam Prep Guide
- Exam Simulator
C)SA1 - Certified Security Awareness 1 - Electronic Course Kit & Exam
Module 1 - Basic Security Awareness
- What is it and why it’s needed?
- End User Risk Trends
- Who, What and How are people the target
- What are the losses associated to end user hacks?
- The policies are as good as the employee who embraces them
Module 2 - Social Engineering
- mail, via phone, social websites are common
- Spear Phishing
- Example: Fake email sample
- Social media
Module 3 - Data Classification and corporate use (Safe Guarding)
- Sensitive, internal or public classification
- Objectives of securing data (IP, Compliance/legislature)
- Personal vs. Business Use
- Segregating personal use with business use
- Data management
- Business standard for deleting data
- Personal standard of data dumping (old phones/hard drives and usb)
- Did you know that I can unearth deleted docs from a USB drive from a standard Forensics app off of the internet?
- How to delete and get rid of your old data
Module 4 - End User Best Practices
- Internet utilization
- Hot spots, public places & roaming risks
- Safe Web Site surfing
- Discerning safe secure sites (never go to a site link indirectly)
- Locks and HTTPS
- Computer Usage
- Using computer in non-admin mode
- Password management
- Removable Devices
- Mobile, Smart Phones and Tablets (risks associated with mobile devices)
- Device always locked
- Device should always be trackable