Ducara Info Solutions (P) Ltd.

IT|SPAC
IT Security & Privacy Awareness Compliance
Overview
This course provides a solid foundational part for your overall Data Security Awareness
program. It helps your staff perceive data security risks, sound data protection practices,
and the way their individual actions and behaviors will impact data security in your
organization as a full.

This exceptional course uses a stimulating and creative approach that engages and
challenges the learner. Interactive learning activities and realistic scenarios are
presented that maintain interest and add relevance for learners from different departments
and levels within the organization.
 The primary and foremost objective of any
awareness program is to educate users on
their responsibility to protect the
confidentiality, availability and integrity of
their organization's information.

The Awareness program’s objective is that

Objective
users perceive not solely the way to shield
the organization’s info, however why it's
necessary to guard that info.
TarGeT AuDienCe
Perhaps the biggest security issues companies face
are not problems with the technology itself, but
problems with employees not knowing what is
important in the security world because of lack of
appropriate training or continuing education.

Just imagine, a new type of security hazard has

presented itself to the cloud environment your
employees use daily. Without bringing awareness
to the issue through training measures, it's likely
that your employees may, unknowingly, introduce
viruses into your network.

Viruses in your network can compromise all of your

devices, costing your company loads of money and
valuable time remedying the issue.
CouRse OuTline
1. Introduction to Information Security and Ethical 9. Data Encryption
Hacking 10. Securing Online Transactions
2. Information Security Controls and Policies 11. Securing E-Mail Communications
3. Information Security Laws & Standards 12. Security on Social Networking Sites
4. Securing Operating System 13. Social Engineering
5. Protecting Systems/Mobile Devices using 14. Identity Theft
Antivirus 15. Securing Mobile Devices
6. Data Encryption 16. Cloud Security
7. Data Backup & Recovery 17. Incident Response
8. Introduction to Information Security and Ethical 18. Secure Practices
Hacking
MoDulE 1
Introduction to Information Security and
Ethical Hacking
• You Are the Target
• Security Incidents
• Latest Security Trends
• Essential Terminology
• What is Hacking?
• What is Ethical Hacking?
• What is Information Security?

• Hacking vs. Ethical Hacking

• Who is a Hacker?
• Types of Hackers
• Computer Security
• Why Security?
• What makes a Home Computer Vulnerable?
• What to Secure?
• Benefits of Computer Security Awareness
MoDulE 2
Information Security Controls and
Policies
• Information Assurance
• Information Security Policies
• Types of Information Security Policies
• Examples of Information Security Policies
• Privacy Policies At Workplace
• Respecting Employee’s Privacy
• HR/Legal Implications of Security Policy Enforcement
• Physical Security
• Physical Security Controls
• Incident Management
• Incident Management Process
• CSIRT
MoDulE 3
Information Security Laws & Standards

• The Legal System and Ethics in Information Security

• Criminal Justice
• Children’s Online Privacy Protection Act
• Payment Card Industry Data Security Standards (PCI-DSS)
• Credit Card Receipts
• Electronic Protected health Information (ePHI) or HIPAA
• Health Information Technology for Economic and Clinical Health
(HITECH) Act
• Export Control Research or ITAR, EAR
• FISMA (Federal Information Security Management Act)
• National Industrial Security Program (NISP)
• Student Educational Records or FERPA
• ISO/IEC 270001:2013
• Fair and Accurate Credit Transaction Act (FACTA)
• Personal Identifiers SSNs (Social Security Numbers)
• Sarbanes-Oxley Act (SOX)
MoDulE 4 MoDulE 5
Securing Operating System Protecting Systems/Mobile Devices
using Antivirus

• System Security • Most Dangerous Viruses of all time

• Threats or Malwares • Introduction to Antivirus Software
• How Does Malware Propagate? • Need for Antivirus Software
• Password Usage & Management • Antivirus Software Detection Technique
• Guidelines for Windows Operating System Security • Choosing the Best Antivirus Software
• Steps to Install Antivirus Software
• How to Test Antivirus Software is working or Not?
• Top Anti-viruses
• Security Checklist
MoDulE 6 MoDulE 7
Data Encryption Data Backup & Recovery

• Common Terminologies
• Data Backup
• What is Encryption?
• What Files to Backup and How often?
• What is Decryption?
• Online Data Backup
• Objectives of Encryption
• Online Data Backup Service Providers
• Usage of Encryption
• Types of Data Backup
• Types of Encryption
• Windows OS - Backup & Restore
• Symmetric vs. Asymmetric Encryption
• Securing Backup on Storage Devices with Encryption
• Encryption Standards
• Data Recovery
• Digital Certificates
• Physical Security
• Working of Digital Certificates
• Physical Security Measures
• Digital Signature
• Security Laptops & Mobile Devices from Theft
• How Digital Signature Works?
• Laptop Theft Countermeasures
• Security Checklist
• Protect Your Data while Traveling
• Security Checklist
MoDulE 8
Introduction to Information Security and
Ethical Hacking
• Online Security • Online Gaming
• Understanding Cookies • Online Gaming Risks
• Installing Plug-in • Insecure or Compromised Game Servers & Game Coding
• Never share secure information or PII over insecure • Social Risks
channels • Security Practices Specific to Gaming
• Http vs. Https • Childs Online Safety
• Check for Website Clones • Role of the Internet in Child Pornography
• Browser Security Settings • Effects of Pornography on Children
• Security on Instant Messaging • Finding if Children are at Risk Online
• Instant Messaging Security Issues • Encourage Children to Report
• Secure Searching on the Web • Security Software for Protecting Children from Online Threat
• Security Checklist
MoDulE 9 MoDulE 10
Data Encryption Securing Online Transactions

• Home Network
• Networking Devices • Online Shopping
• Home Networking Security • How Online Shopping Works?
• Wireless Networks • Online Banking
• Setting up a Wireless Network • Credit Card Payments
• Wireless Networks Security • Types of Credit Card Frauds
• Using the Network with Windows • Guidelines for Credit Card Safety
• Setting Up the PC’s Name and Workgroup Name • Securing Online Transactions
• Simple File Sharing • Choosing a Secure Online Payment Service
• Hiding a Shared File and Folder • SSL and Padlock Symbol
• Windows Easy Transfer • Identify Trustworthy Websites
• Setting Up the PC’s Name and Workgroup Name • Identify Untrustworthy Websites
• Creating User Accounts & Groups • McAfee’s Site Advisor
• Sharing Files & Folders • Security Checklist
• Sharing Printer
• Network Security Threats
• Securing Network Connections
• Network Adapters
• Troubleshooting with Network Adapters
MoDulE 11 MoDulE 12
Securing E-Mail Communications Security on Social Networking Sites

• E-Mail Threat Scenario

• How E-Mail Systems work? • Social Networking sites
• E-Mail Security • What is a Profile?
• E-Mail Security Threats • Top Social Networking sites
• Malicious E-Mail Attachments • Security Risks involved in Social Networking sites
• E-Mail Attachments : Caution • Cyberbullying
• Spamming • Identity Theft
• Spamming Countermeasures • Phishing Scams
• Hoax/Chain and Scam E-Mail • Vishing
• Nigerian Scam • Malware Attacks
• E-Mail Security Procedures • Site Flaws
• Digitally Sign your Emails • Staying Safe on Facebook
• How to obtain Digital Certificates? • Facebook : Security Tips
• Installing Digital Certificates • Staying Safe on MySpace
• Signing your Emails • MySpace : Security Tips
• Online Email Encryption service • Security Checklist
• Security Checklist
MoDulE 13 MoDulE 14
Social Engineering Identity Theft

• Social Engineering
• Social Engineers attempt to gather • Identity Theft Statistics
• Types of Social Engineering • What is Identity Theft?
• Social Engineering Examples • Personal Information that can be stolen
• Human weaknesses and lack of knowledge is the main • How do Attackers steal Identity?
target • What Attackers do with stolen Identity?
• Human based Social Engineering • Identity Theft example
• Computer based Social Engineering • How to find if you are a Victim?
• How to find if you are a Victim? • What to do if Identity is stolen?
• Security Checklist • Federal Trade Commission
• Enconsumer.gov
• Internet Crime Complaint Centre
• Prosecuting Identity Theft
• Security Checklist
MoDulE 15
Securing Mobile Devices
• Mobile Device Security
• IMEI Number
• Mobile Device Security Risks
• Mobile Malware
• Mobile Application Vulnerabilities
• Patch Mobile Platforms and Applications
• Avoid Mobile Device Theft
• What to do if your Mobile device is Lost or Stolen?
• Use Power-on Authentication
• Back-up your Data • Install only Signed-in Applications
• Use Encryption to Secure Data • Install Mobile Phone Antivirus
• Enable Auto-Lock Feature • Secure Bluetooth Connectivity
• Enable Passcode Protection
• Enable SIM PIN Protection
• Enable auto-lock and Re-map button
• iPad Security
• Blackberry Phone : security settings
• Windows Phone : security settings
• Security Checklist
MoDulE 16 MoDulE 17
Cloud Security Incident Response

• Statistics : Cloud Predictions

• Introduction to Cloud Computing • Incident Response
• Types of Cloud Services • Something went Wrong?
• Cloud Computing Benefits • Cyber Security Incident
• Cloud Computing Threats • Types of Cyber Security Incident
• Cloud Computing Attacks • Incident Response Team
• Cloud Security Control Layers • Incident Response Plan
• It’s a Responsibility of both Cloud Consumer and • Incident Prioritization
Provider • Incident Signs
• Cloud Computing Security Considerations • Scams
• Best Practices for Securing Clouds • Contact Whom?
• NIST Recommendations for Cloud Security
• Cloud Security Compliance Checklist
• Security Checklist
MoDulE 18
Secure Practices

• Defense At your Front End

• Personal Best Practices
• Social Engineering Secure Practices
• Physical Security Practices
• E-Mail Security Practices
• Password Security Practices
• Electronic Storage & Transfer Security Practices
• Web Browsing Security Practices
• Mobile Device Security Practices
• Online Banking Security Practices
• Secure Practices : Retail Associates
• Secure Practices : Retail Managers
• Secure Practices : Call Center Employees
• Secure Practices : Enterprise Employees
• Secure Practices : IT and Engineering Staff
• Secure Practices : Help Desk Employees
THE TECHNOLOGY IS CHANGING EVERY DAY AND WE AT DUCARA ARE COMMITTED TO
DEMONSTRATING VALUES. EMBRACING A DIGITAL TRANSFORMATION STRATEGY
WHICH DRIVE RETURNS ON IT SECURITY INVESTMENT.

Connect US!
[email protected]

WWW.DUCARAINFO.COM