711 Cyber Instructional Curriculum Developer KSAT Advanced NCWF Journey

The world of technology continues to transform at a rapid pace, with intelligent technology incorporated at every stage of the business process. Intelligent information systems (IIS) reduce the need for routine human labor and allow companies to focus instead on hiring creative professionals. In this course, you'll explore the present and future roles of intelligent informational systems in AI development, recognizing the current demand for IIS specialists. You'll list several possible IIS applications and learn about the roles AI and ML play in creating them. Next, you'll identify significant components of IIS and the purpose of these components. You'll examine how you would go about creating a self-driving vehicle using IIS components. Finally, you'll work with Python libraries to build high-level components of a Markov decision process.

A working knowledge of multiple AI development frameworks is essential to AI developers. Depending on the particular focus, you may decide on a particular framework of your choice. However, various companies in the industry tend to use different frameworks in their products, so knowing the basics of each framework is quite helpful to the aspiring AI Developer. In this course you will explore popular AI frameworks and identify key features and use cases. You will identify main differences between AI frameworks and work with Microsoft CNTK and Amazon SageMaker to implement model flow.

Cognitive modeling can provide additional human qualities to AI systems. It is traditionally used in cognitive machines and expert systems. However, with extra computing power, it can be applied to more profound AI approaches like neural networks and reinforcement learning systems. Knowledge of cognitive modeling applications is essential to any AI developer aspiring to design AI architectures and develop large-scale applications. In this course, you'll examine the role of cognitive modeling in AI development and its possible applications in NLP, image recognition, and neural networks. You'll outline core cognitive modeling concepts and significant industry use cases. You'll list open source cognitive modeling frameworks and explore cognitive machines, expert systems, and reinforcement learning in cognitive modeling. Finally, you'll use cognitive models to solve real-world problems.

There are several cloud computing fundamental definitions, characteristics, and building block technologies each CCSP candidate should know. Learn about these and other core cloud computing concepts in this CCSP course. Explore the core fundamentals, core concepts, and technologies of cloud computing, such as cloud roles and responsibilities, broad network access, virtualization, and others. Next, study cloud computing's shared considerations and value propositions, including interoperability, agility, security, resiliency, performance, and more. Finally, examine the impact of cloud and related technologies like data science, artificial intelligence (AI), the Internet of Things (IoT), DevSecOps, and others. This is one of a collection of courses that fully prepares the learner for the (ISC)² Certified Cloud Security Professional (CCSP) 2022 exam.

IT management frameworks provide a structured approach to managing and auditing IT assets. Regulations and standards are put in place to ensure that organizations have guidelines to follow for how they deal with information systems. In this course, you will explore IT management frameworks, regulations, and standards, beginning with an overview of IT and data governance, and standards, policies, and procedures. Then you will learn about Control Objectives for Information and Related Technologies (COBIT), IT Infrastructure Library (ITIL), and International Organization for Standardization (ISO)/International Electrotechnical Commission (IEC) standards. Next, you will discover risk management and risk treatment. Finally, you will dig into IT maturity models, the Business Model for Information Security (BMIS), the Information Technology Assurance Framework (ITAF), and IT balanced scorecards. This course helps prepare learners for the ISACA certification exam, Certified Information Systems Auditor (CISA).

Systems planning, testing, integration, and delivery are key elements of ensuring the timely delivery of system changes or entirely novel solutions. In this course, you will explore the phases of the system development life cycle (SDLC) and IT project management. Next, you will examine continuous integration and delivery (CI/CD) and process improvement, including advantages and common methodologies. Then you will discover infrastructure deployment, system migration and data conversion, and cloud migration assessments. Finally, you will learn about the post-implementation review process and post-implementation activities and best practices. This course helps prepare learners for the ISACA certification exam, Certified Information Systems Auditor (CISA).

Any IT environment requires a firm understanding of data privacy. Privacy laws and regulations, combined with industry practices, form the basis for effective information protection. In this course, you'll explore data privacy, beginning with the CIA Triad, personally identifiable information (PII), and Protected Health Information (PHI). You will learn about the General Data Protection Regulation (GDPR), Payment Card Industry Data Security Standard (PCI DSS), compliance with GDPR and PCI DSS, the Health Insurance Portability and Accountability Act (HIPAA), and Federal Risk and Authorization Management Program (FedRAMP). Finally, you'll dig into assets and risks, annualized loss expectancy (ALE), and network inventories. This course helps prepare learners for the ISACA certification exam, Certified Information Systems Auditor (CISA).

Regardless of the guidance that one is following as a security professional, one common theme is that architects must be held to a high ethical standard based on their responsibility to manage risk to all assets. In this course, you will explore the International Information System Security Certification Consortium (ISC2) Code of Professional Ethics. Then you will discover organizational codes of ethics, which establish an integral aspect of a mission and model adopted by an organization. Finally, you will focus on the Five Pillars of information security - confidentiality, integrity, availability, authenticity, and non-repudiation. This course helps prepare learners for the Certified Information Systems Security Professional (CISSP) exam.

Security governance is the set of practices exercised by executive management to offer strategic direction, ensuring that objectives are achieved, determining that risks are managed properly, and verifying that the organizations' resources are used responsibly. Begin this course by discovering how to align security governance with organizational goals and objectives. Then you will explore organizational processes like acquisitions, divestitures, and governance committees, as well as organizational roles and responsibilities. You will investigate security control frameworks like including the International Organization for Standardization (ISO), the National Institute of Standards and Technology (NIST) and learn about due diligence, due care, cybercrimes, and data breaches. Next, you will examine licensing and intellectual property requirements, import and export controls, transborder data flow, and privacy-related issues. Finally, you will focus on contractual, legal, industry standards and regulatory requirements. This course helps prepare learners for the Certified Information Systems Security Professional (CISSP) exam.

Cybercrime investigation is a critical practice in a modern security landscape. In this field, skilled security professionals from agencies like the FBI use digital forensics to track, analyze, and dismantle various types of cybercrime and cyber threats. This course covers several CISSP exam objectives. You will begin by exploring the requirements for administrative, criminal, civil, regulatory, and industry investigations. You will then learn to develop, document, and implement security policy, standards, procedures, and guidelines. Finally, you will discover considerations for the enforcement of personnel security policies and procedures. This course helps prepare learners for the Certified Information Systems Security Professional (CISSP) exam.

For the CISSP exam, one must be able to understand a variety of security design principles and practices. The topics in this course cover the following Domain 3 objectives: research, implement, and manage engineering processes using secure design principles and understand the fundamental concepts of security models. Begin by exploring the importance of least privilege and defense in depth to create multi-layered security defenses and restrict access to sensitive information. You will then look at concepts of segregation of duties (SOD), keeping it simple and small, and privacy by default and design. Next, you will consider how the shared responsibility model is crucial for participants to grasp the roles and accountability in cloud and collaborative environments. You will also explore threat modeling techniques to identify, evaluate, and mitigate potential security threats. Finally, you will compare zero trust vs. trust, explore the secure access service edge (SASE) framework, and consider the fundamental concepts of security models such as Bell-LaPadula, Biba, Star, and Clark-Wilson. This course helps prepare learners for the Certified Information Systems Security Professional (CISSP) exam.

In the digital era, understanding network protocols and their impact on performance is crucial for IT professionals tasked with maintaining robust and efficient communication systems. This course is the first of two courses that cover a large part of CISSP Domain 4. In this course the learner will focus on several aspects of secure design principles in network architectures including OSI and TCP/IP protocols for IPv4 and IPv6, secure protocols, multilayer protocol implications, converged protocols, transport architectures, performance metrics, and traffic flows. This course helps prepare learners for the Certified Information Systems Security Professional (CISSP) exam.

In today's increasingly complex threat landscape, securing physical sites and facilities is paramount for safeguarding assets, data, and personnel. This course covers secure design principles in network architectures beginning with an exploration of physical and logical segmentation and microsegmentation. Next you will dig into edge networks, including peering and ingress/egress. You will compare types of wireless networks and explore cellular and mobile networks. Next you will discover the roles of content distribution networks (CDNs), software-defined networks (SDNs), and virtual private clouds (VPCs) in security design. Finally, you will explore security monitoring and management. This course helps prepare learners for the Certified Information Systems Security Professional (CISSP) exam.

A security audit is a comprehensive assessment of an organization's information systems. Typically, they measure the systems and applications against an audit checklist of industry best practices, externally established standards, and/or federal regulations. In this course, differentiate internal, external, and third-party auditing and learn about locations for auditing and controls testing, the purpose of a vulnerability assessment, and the basics of penetration testing. Next, explore log reviews and log data, code review and testing techniques, and compare synthetic transactions, benchmark, and misuse case testing. Finally, examine coverage analysis concepts, compare interface testing methods, and discover the purpose of compliance checks. This course helps prepare learners for the Certified Information Systems Security Professional (CISSP) exam.

According to Amazon Web Services (AWS), the Software Development Life Cycle (SDLC) is a cost-effective and time-efficient development team process used to design and build high-quality software. The goal of the SDLC is minimizing project risks through forward planning so software during production and beyond meets customer expectations. In this course, explore various development methodologies and maturity models and DevOps operations, maintenance, and change management concepts. Next, explore integrated product teams (IPTs), apply security controls in various scenarios, and work with integrated development environments (IDEs) and toolsets. Finally, learn how to apply security controls in CI/CD and code repositories, software configuration management (SCM) benefits, and application security testing techniques. This course helps prepare learners for the Certified Information Systems Security Professional (CISSP) exam.

It is one thing to implement application security controls, managed services, and cloud services; it is another thing to assess the ongoing success and failure of those initiatives. In the course, learn how to assess the auditing and logging of changes, risk analysis and mitigation, acquired software, managed services, and cloud services with the CCM. Next, explore source code security weaknesses and vulnerabilities at the source code level and how to secure application programming interfaces (API) with the 2023 OWASP Top 10. Finally, examine secure coding practices and software-defined security (SDS). This course helps prepare learners for the Certified Information Systems Security Professional (CISSP) exam.