Information Security Foundation based on ISO/IEC 27002 Certification in Dubai

Category:

Overview

Overview

Information security is valued more and more these days. The economy leads globalization is leading to an emergent exchange of information between organizations, increase in usage of networks like connection between the networks of other companies, internal company network and the internet. Moreover, major activities of various companies depend on IT and the information here is the most valuable asset. The proper functioning of the organization depends on how good you protect the information. The ISO/IEC 27001 Information Security certification online course makes you know how an individual can structure and also organize information security in the company.

 

 

Why MISP:

Why MISP:

  • At MISP, we completely understand the ISO/IEC 27001 Information Security Training Classes requirements as we have over years of training experience. This has helped us discover more advanced methodical and strategic plans to train people and achieve their goals.
  • We have 360 degree view of the customer requirement and provide effective solutions.
  • We understand our clients and thus have compiled and consolidated all trainings to suit their requirements in more realistic approach.
  • Our ISO/IEC 27001 Information Security certification online system allows you to review and grade your progress, combined by telephonic consultation, face to face meetings and weekly workshops.
  • With our online system; people do not need to waste their precious time and they can access our training program round the clock 24×7.
  • Our objective and goal is to see our clients achieve the desired goals and progress. We commit to extend all support to achieve the collective goals.
  • You can reach our helpdesk and an education advisor will call to resolve your query.
  • We track you throughout the process until we see you certified.

 

 

Prerequisite:

Prerequisite:

Candidates will need to have a basic understanding of Information security.

 

 

Exam Details:

Exam Details:

  • Number of multiple-choice questions: 40
  • Pass mark: 65% (26 out of 40)
  • Open book: no
  • Electronic equipment allowed: no

 

 

Exam Specifications and Program outline:

Exam Specifications and Program outline:

1. Information and security (10%)

  • The concept of information. Explain the difference between data and information
  • Describe the storage medium that forms part of the basic infrastructure
  • Value of information (2.5%)
  • Describe the value of data/information for organizations
  • Describe how the value of data/information can influence organizations
  • Explain how applied information security concepts protect the value of data/information
  • Reliability aspects (5%)
  • Name the reliability aspects of information
  • Describe the reliability aspects of information

2. Threats and risks (30%)

  • Threat and risk (15%)
  • Explain the concepts threat, risk and risk analysis
  • Explain the relationship between a threat and a risk
  • Describe various types of threats
  • Describe various types of damage
  • Describe various risk strategies
  • Relationships between threats, risks and the reliability of information. (15%)
  • Recognize examples of the various types of threats
  • Describe the effects that the various types of threats have on
  • information and the processing of information

3. Approach and organization (10%)

  • Security policy and security organization (2.5%)
  • Outline the objectives and the content of a security policy
  • Outline the objectives and the content of a security organization
  • Components (2.5%)
  • Explain the importance of a code of conduct
  • Explain the importance of ownership
  • Name the most important roles in the information security organization
  • Incident Management (5%)
  • Summarize how security incidents are reported and what information is required
  • Give examples of security incidents
  • Explain the consequences of not reporting security incidents
  • Explain what an escalation entails (functionally and hierarchically)
  • Describe the effects of escalation within the organization
  • Explain the incident cycle

4. Measures (40%)

4.1 Importance of measures (10%)

  • Describe various ways in which security measures may be structured or arranged
  • Give examples for each type of security measure
  • Explain the relationship between risks and security measures
  • Explain the objective of the classification of information
  • Describe the effect of classification
  • Physical security measures (10%)
  • The candidate has knowledge of both the set-up and execution of physical security measures.
  • Give examples of physical security measures
  • Describe the risks involved with insufficient physical security measures
  • Technical measures (10%)
  • Give examples of technical security measures
  • Describe the risks involved with insufficient technical security measures
  • Understand the concepts cryptography, digital signature and certificate
  • Name the three steps for online banking (PC, web site, payment)
  • Name various types of malicious software
  • Describe the measures that can be used against malicious software
  • Organizational measures (10%)
  • Give examples of organizational security measures
  • Describe the dangers and risks involved with insufficient organizational security measures
  • Describe access security measures such as the segregation of duties and the use of passwords
  • Describe the principles of access management
  • Describe the concepts identification, authentication and authorization
  • Explain the importance to an organization of a well set-up Business
  • Continuity Management
  • Make clear the importance of conducting exercises

5. Legislation and regulations (10%)

  • Legislation and regulations (10%)
  • Explain why legislation and regulations are important for the reliability of information
  • Give examples of legislation related to information security
  • Give examples of regulations related to information security
  • Indicate possible measures that may be taken to fulfill the requirements of legislation and regulations.

 

 

Delivery of the Program:

Delivery of the Program:

  • You will be provided with materials, workshop and group types.
  • Participants will receive student manual along with work sheets.

 


Accreditation


Accreditation

These are self development programs and do not require an accreditation. But we issue a certificate of completion after you have successfully completed the program.

 

 

 

Reviews

There are no reviews yet.

Be the first to review “Information Security Foundation based on ISO/IEC 27002 Certification in Dubai”