Cybersecurity and Third-Party Risk
(CYBERSEC-TP-RISK.AE1)
/ ISBN: 978-1-64459-367-7
This course includes
Lessons
TestPrep
LiveLab
Mentoring (Add-on)
Cybersecurity and Third-Party Risk
Get hands-on experience in cybersecurity with the Cybersecurity and Third-Party Risk course and lab. The course provides a detailed look into the problems and risks, then gives specific examples of how to create a robust and active Cybersecurity Third‐Party Risk Management program. The course has well descriptive interactive lessons containing pre and post-assessment questions, knowledge checks, quizzes, live labs, flashcards, and glossary terms to get a detailed understanding of cybersecurity and Third‐Party Risk Management (TPRM).
Lessons
-
17+ Lessons
-
184+ Exercises
-
131+ Quizzes
-
136+ Flashcards
-
136+ Glossary of terms
TestPrep
-
60+ Pre Assessment Questions
-
60+ Post Assessment Questions
LiveLab
-
17+ LiveLab
-
17+ Video tutorials
-
48+ Minutes
- Who Will Benefit Most from This Course?
- The SolarWinds Supply‐Chain Attack
- The VGCA Supply‐Chain Attack
- The Zyxel Backdoor Attack
- Other Supply‐Chain Attacks
- Problem Scope
- Compliance Does Not Equal Security
- Third‐Party Breach Examples
- Conclusion
- Cybersecurity Basics for Third-Party Risk
- Cybersecurity Frameworks
- Due Care and Due Diligence
- Cybercrime and Cybersecurity
- Conclusion
- The Pandemic Shutdown
- SolarWinds Attack Update
- Conclusion
- Third‐Party Risk Management Frameworks
- The Cybersecurity and Third‐Party Risk Program Management
- The Kristina Conglomerate (KC) Enterprises
- Conclusion
- Intake
- Cybersecurity Third‐Party Intake
- Conclusion
- Low‐Risk Vendor Ongoing Due Diligence
- Moderate‐Risk Vendor Ongoing Due Diligence
- High‐Risk Vendor Ongoing Due Diligence
- “Too Big to Care”
- A Note on Phishing
- Intake and Ongoing Cybersecurity Personnel
- Ransomware: A History and Future
- Conclusion
- On‐site Security Assessment
- On‐site Due Diligence and the Intake Process
- Conclusion
- What Is Continuous Monitoring?
- Enhanced Continuous Monitoring
- Third‐Party Breaches and the Incident Process
- Conclusion
- Access to Systems, Data, and Facilities
- Conclusion
- Why Is the Cloud So Risky?
- Conclusion
- Legal Terms and Protections
- Cybersecurity Terms and Conditions
- Conclusion
- The Secure Software Development Lifecycle
- On‐Premises Software
- Cloud Software
- Open Web Application Security Project Explained
- Open Source Software
- Mobile Software
- Conclusion
- Third‐Party Connections
- Zero Trust for Third Parties
- Conclusion
- Onboarding Offshore Vendors
- Country Risk
- KC's Country Risk
- Conclusion
- The Data
- Level Set
- A Mature to Predictive Approach
- The Predictive Approach at KC Enterprises
- Conclusion
Hands on Activities (Live Labs)
- Simulating the DoS Attack
- Performing a Phishing Attack
- Performing Local Privilege Escalation
- Establishing a VPN Connection
- Getting the TCP Settings and Information about the TCP Port
- Detecting a Phishing Site Using Netcraft
- Analyzing Malware
- Supplying Power to a SATA Drive
- Creating an Elastic Load Balancer
- Working with Amazon S3
- Attacking a Website Using XSS Injection
- Fuzzing Using OWASP ZAP
- Setting Up a Basic Web Server
- Studying CVSS Exercises with the CVSS Calculator
- Setting up a DMZ
- Enabling the TPM
- Using the Windows Firewall
×