Key Points
ABOUT CERTNEXUS
CertNexus is a vendor-neutral certification body, providing emerging technology certifications and micro-credentials for business, data, developer, IT, and security professionals. CertNexus’ mission is to assist closing the emerging tech global skills gap while providing individuals with a path towards rewarding careers in Cybersecurity, Data Science, Internet of Things, and Artificial Intelligence (AI)/Machine Learning. Successful CertNexus certification candidates come from representative organizations such as Ahold Delhaize, Barclays, Canon, Cisco, Ingram, Intel, Kaspersky, Optum, Starbucks, U.S. Air Force, U.S. Army, Verizon, Xerox, Zappos, and universities spanning over fifty countries.
Certifications
TechZone delivers multiple courses creating a pathway to enhancing individual and commercial skills, the outlines of the courses are listed below:
Course Length: 1 Hour
Course Objective:
Regardless of your computer experience, this class will help you become more aware of technology related risks and what you can do to protect yourself and your organization from them. This course will help you to:
Understand security compliance needs and requirements.
Recognize and avoid phishing and other social engineering.
Recognize and avoid viruses, ransomware, and other malware.
Help ensure data security on computers, mobile devices, networks, the Internet, and in the cloud.
Pre-requisites:
To ensure your success in this course, you should have experience with the basic use of conventional end-user technology, including desktop, laptop, or tablet computers; mobile phones; and basic Internet functions, such as web browsing and email.
Outline:
Lesson 1: Identifying the Need for Security.
Topic A: Identify Security Compliance Requirements.
Topic B: Recognize Social Engineering and Avoid Phishing and Other Attacks.
Topic C: Recognize Social Engineering and Avoid Phishing and Other Attacks.
Lesson 2: Securing Devices.
Topic A: Maintain Physical Security of Devices.
Topic B: Use Passwords for Security.
Topic C: Protect Your Data.
Topic D: Identify and Mitigate Viruses, Ransomware, and Other Malware.
Topic E: Use Wireless Devices Securely.
Lesson 3: Using the Internet Securely.
Topic A: Browse the Web Safely.
Topic B: Use Email Securely.
Topic C: Use Social Networking Securely.
Topic D: Use Cloud Services Securely.
Appendix A: Mapping Course Content to CyberSAFE 2019: Exam CBS-310.
Course Length: 1 day
Course Objective:
In this course, you will understand, assess and respond to security threats and operate a system and network security analysis platform. You will:
Explain the importance of best practices in preparation for incident response
Given a scenario, execute incident response process
Recognize and avoid viruses, ransomware, and other malware.
Explain general mitigation methods and devices
Assess and comply with current incident response requirements.
Pre-requisites:
General understanding of cybersecurity concepts.
Outline:
Lesson 1: Assessment of Information Security Risks.
Topic A: The Importance of Risk Management.
Topic D: Integrating Documentation into Risk Management.
Lesson 2: Response to Cybersecurity Incidents.
Topic A: Deployment of Incident Handling and Response Architecture.
Topic B: Containment and Mitigation of Incidents.
Topic C: Preparation for Forensic Investigation as a CSIRT.
Lesson 3: Investigating Cybersecurity Incidents.
Topic A: Use a Forensic Investigation Plan.
Topic B: Securely Collect and Analyze Electronic Evidence.
Topic C: Follow Up on the Results of an Investigation.
Lesson 4: Complying with Legislation.
Examples of Legislation (if this is covered in above topics, no need to include here) GDPR, HIPPA, Elections.
Case study: Incident Response and GDPR (Using GDPR legislation, create a response that is compliant with it – this could be discussion-based activity as well.)
State Legislation Resources and Example – Search terms to find state legislation.
Using NYS as example use the NYS Privacy Response act or other legislation to create a similar case study as previous.
Provide answers on when to use federal versus state and do you have to follow both?
Course Length: 3 days
Course Objective:
In this course, you will employ best practices in software development to develop secure software. You will:
Identify the need for security in your software projects.
Eliminate vulnerabilities within software.
Use a Security by Design approach to design a secure architecture for your software.
Implement common protections to protect users and data.
Apply various testing methods to find and correct security defects in your software.
Maintain deployed software to ensure ongoing security.
Pre-requisites:
This course presents secure programming concepts that apply to many different types of software development projects. Although this course uses Python®, HTML, and JavaScript® to demonstrate various programming concepts, you do not need to have experience in these languages to benefit from this course. However, you should have some programming experience, whether it be developing desktop, mobile, web, or cloud applications. Logical Operations provides a variety of courses covering software development that you might use to prepare for this course, such as:
Python® Programming: Introduction
Python® Programming: Advanced
HTML5: Content Authoring with New and Advanced Features
SQL Querying: Fundamentals (Second Edition)
Outline:
Lesson 1: Identifying the Need for Security in Your Software Projects
Topic A: Identify Security Requirements and Expectations.
Topic B: Identify Factors That Undermine Software Security
Topic C: Find Vulnerabilities in Your Software
Topic D: Gather Intelligence on Vulnerabilities and Exploits
Lesson 2: Handling Vulnerabilities
Topic A: Handle Vulnerabilities Due to Software Defects and Misconfiguration
Topic B: Handle Vulnerabilities Due to Human Factors
Topic C: Handle Vulnerabilities Due to Process Shortcomings
Lesson 3: Designing for Security
Topic A: Apply General Principles for Secure Design
Topic B: Design Software to Counter Specific Threats
Lesson 4: Developing Secure Code
Topic A: Follow Best Practices for Secure Coding
Topic B: Prevent Platform Vulnerabilities
Topic C: Prevent Privacy Vulnerabilities
Lesson 5: Implementing Common Protections
Topic A: Limit Access Using Login and User Roles
Topic B: Protect Data in Transit and At Rest
Topic C: Implement Error Handling and Logging
Topic D: Protect Sensitive Data and Functions
Topic E: Protect Database Access
Lesson 6: Testing Software Security
Topic A: Perform Security Testing
Topic B: Analyze Code to find Security Problems
Topic C: Use Automated Testing Tools to Find Security Problems
Lesson 7: Maintaining Security in Deployed Software
Topic A: Monitor and Log Applications to Support Security
Topic B: Maintain Security after Deployment
Appendix A: Mapping Course Content to Cyber Secure Coder (Exam CSC-210)
Course Length: 5 days
Course Objective:
In this course, you will understand, assess and respond to security threats and operate a system and network security analysis platform. You will:
Compare and contrast various threats and classify threat profile
Explain the purpose and use of attack tools and technique
Explain the purpose and use of post exploitation tools and tactic
Explain the purpose and use of social engineering tactic
Given a scenario, perform ongoing threat landscape research and use data to prepare for incident
Explain the purpose and characteristics of various data source
Pre-requisites:
To ensure your success in this course, you should meet the following requirements:
At least two years (recommended) of experience or education in computer network security technology, or a related field.
The ability or curiosity to recognize information security vulnerabilities and threats in the context of risk management.
Foundational knowledge of the concepts and operational framework of common assurance safeguards in network environments. Safeguards include, but are not limited to, firewalls, intrusion prevention systems, and VPNs.
General knowledge of the concepts and operational framework of common assurance safeguards in computing environments. Safeguards include, but are not limited to, basic authentication and authorization, resource permissions, and anti-malware mechanisms.
Foundation-level skills with some of the common operating systems for computing environments. Entry-level understanding of some of the common concepts for network environments, such as routing and switching.
General or practical knowledge of major TCP/IP networking protocols, including, but not limited to, TCP, IP, UDP, DNS, HTTP, ARP, ICMP, and DHCP
Outline:
Lesson 1: Assessment of Information Security Risks
Topic A: The Importance of Risk Management
Topic B: Assess Risk
Topic C: Mitigate Risk
Topic D: Integrating Documentation into Risk Management
Lesson 2: Analyzing the Threat Landscape
Topic A: Classify Threats and Threat Profiles
Topic B: Perform Ongoing Threat Research
Lesson 3: Computing and Network Environments: Analyzing Reconnaissance Threats
Topic A: Implementation of Threat Modeling
Topic B: Reconnaissance: Assessing the Impact
Topic C: Social Engineering: Assessing the Impact
Lesson 4: Analyzing Attacks on Computing and Network Environments
Topic A: System Hacking Attacks: Assessing the Impact
Topic B: Web-Based Attacks: Assessing the Impact
Topic C: Malware: Assessing the Impact
Topic D: Hijacking and Impersonation Attacks: Assessing the Impact
Topic E: DoS Incidents: Assessing the Impact
Topic F: Threats to Mobile Security: Assessing the Impact
Topic G: Threats to Cloud Security: Assessing the Impact
Lesson 5: Examining Post-Attack Techniques
Topic A: Examine Command and Control Techniques
Topic B: Examine Persistence Techniques
Topic C: Examine Lateral Movement and Pivoting Techniques
Topic D: Examine Data Exfiltration Techniques
Topic E: Examine Anti-Forensics Techniques
Lesson 6: Manage Vulnerabilities in the Organization
Topic A: Implement a Vulnerability Management Plan
Topic B: Examine Common Vulnerabilities
Topic C: Conduct Vulnerability Scans
Lesson 7: Evaluate Security by Implementing Penetration Testing
TopicA: Conduct Penetration Tests on Network Assets
Topic B: Follow Up on Penetration Testing
Lesson 8: Collecting Cybersecurity Intelligence
Topic A: Deployment of a Security Intelligence Collection and Analysis Platform
Topic B: Data Collection from Network-Based Intelligence Sources
Topic C: Data Collection from Host-Based Intelligence Sources
Lesson 9: Analyze Log Data
Topic A: Common Tools to Analyze Logs
Topic B: SIEM Tools for Analysis
Lesson 10: Performing Active Asset and Network Analysis
Topic A: Analyze Incidents using Windows-Based Tools
Topic B: Analyze Incidents using Linux-Based Tools
Topic C: Analyze Malware
Topic D: Analyze Indicators of Compromise
Lesson 11: Response to Cybersecurity Incidents
Topic A: Deployment of Incident Handling and Response Architecture
Topic B: Containment and Mitigation of Incidents
Topic C: Preparation for Forensic Investigation as a CSIRT
Lesson 12: Investigating Cybersecurity Incidents
Topic A: Use a Forensic Investigation Plan
Topic B: Securely Collect and Analyze Electronic Evidence
Topic C: Follow Up on the Results of an Investigation
Appendix A: Mapping Course Content to CyberSec First Responder (Exam CFR-310)
Appendix B: Regular Expressions
Appendix C: Security Resources
Appendix D: U.S. Department of Defense Operational Security Practices
Course Length: 4 Hours
Course Objective:
The half day course and associated credential (IOZ-110) will validate a participant’s knowledge of IoT terminology, their ability to understand the components of IoT infrastructure, uncover challenges for consideration and the impact that IoT has on their organization. Successful participants will be able to identify what IoT can do for their organization and the various business and technical challenges to address.
Outline:
Lesson 1: Planning an IoT implementation
Topic A: Defining IoT
Topic B: IoT Infrastructure
Topic C: Identify benefits and challenges of IoT
Lesson 2: Undertaking an IoT Project
Topic A: Identify Real World Applications for IoT
Topic B: The IoT Lifecycle
Course Length: 3 days
Course Objective:
In this course, you will learn how to apply Internet of Things technologies to solve real-world problems. You will:
Plan an IoT implementation.
Construct and program an IoT device.
Communicate with an IoT device using wired and wireless connections.
Process sensor input and control an actuator on an IoT device.
Manage security, privacy, and safety risks on IoT projects.
Manage an IoT prototyping and development project throughout the development lifecycle.
Pre-requisites:
To ensure your success in this course you should be an experienced computer user who is comfortable setting up and configuring computers and electronic devices.
Outline:
Lesson 1: Planning an IoT Implementation
Topic A: Defining IoT
Topic B: IoT Infrastructure
Topic C: Identify Benefits and Challenges of IoT
Lesson 2: Undertaking an IoT Project
Topic A: Identify Real World Applications for IoT
Topic B: The IoT Development Lifecycle
Topic C: Use a Software Development Kit to Program an IoT Device
Lesson 3: Communicating with an IoT Device
Topic A: Communicate Using Wired Connections
Topic B: Communicate Using Wireless Connections
Topic C: Communicate Using Internet Protocols
Lesson 4: Processing IoT Data
Topic A: Process IoT Device Input and Output
Topic B: Process Data in the Cloud
Topic C: Provide Machine to Machine Communication
Lesson 5: Managing Risks on IoT Projects
Topic A: Identify IoT Security and Privacy Risks
Topic B: Manage IoT Security and Privacy Risks
Topic C: Manage IoT Safety Risks
Lesson 6: Undertaking an IoT Project
Topic A: Identify Real World Applications for IoT
Topic B: Follow the IoT Development Lifecycle
Appendix A: Mapping Course Content to Certified Internet of Things Practitioner (CIoTP) (Exam ITP-110)
Course Length: 3 days
Course Objective:
This course is designed for practitioners who are seeking to demonstrate a vendor-neutral, cross-industry skill set that will enable them to design, implement, operate, and/or manage a secure IoT ecosystem.
Pre-requisites:
To ensure your success in this course you should have a fundamental understanding of IoT ecosystems, which you can obtain by taking the following CertNexus course: Certified Internet of Things (IoT) Practitioner (Exam ITP-110)
Outline:
Lesson 1: Managing IoT Risks
Topic A: Map the IoT Attack Surface
Topic B: Build in Security by Design
Lesson 2: Securing Web and Cloud Interfaces
Topic A: Identify Threats to IoT Web and Cloud Interfaces
Topic B: Prevent Injection Flaws
Topic C: Prevent Session Management Flaws
Topic D: Prevent Cross-Site Scripting Flaws
Topic E: Prevent Cross-Site Request Forgery Flaws
Topic F: Prevent Unvalidated Redirects and Forwards
Lesson 3: Securing Data
Topic A: Use Cryptography Appropriately
Topic B: Protect Data in Motion
Course Length: half days
Course Objective:
This course is primarily designed for managers, business leaders, and other decision makers who are interested in growing the business by leveraging the power of AI. Other individuals who wish to explore basic AI concepts are also candidates for this course.
Pre-requisites:
To ensure your success in this course, you should have foundational knowledge of business processes and general concepts. You should also have at least a basic understanding of information technology resources and systems, including networks, computers, and other electronic devices used in the enterprise.
Outline:
Lesson 1: AI Fundamentals
Topic A: AI Concepts
Topic B: Approaches to Machine Learning and Deep Learning
Lesson 2: AI Implementations
Topic A: Data Science
Topic B: Search Engines
Lesson 2: AI Implementations (cont.)
Topic C: Natural Language Processing
Topic D: Computer Vision
Topic E: Robotics
Lesson 2: AI Implementations (cont.)
Topic C: Natural Language Processing
Topic D: Computer Vision
Lesson 3: The Impact of AI
Topic A: Benefits of AI
Topic B: Challenges of AI
Topic C: Business Use Cases for AI
Course Length: 5 days
Course Objective:
In this course, you will implement AI techniques in order to solve business problems. You will:
Specify a general approach to solve a given business problem that uses applied AI and ML.
Collect and refine a dataset to prepare it for training and testing.
Train and tune a machine learning model.
Finalize a machine learning model and present the results to the appropriate audience.
Build linear regression models.
Build classification models.
Build clustering models.
Build decision trees and random forests.
Build support-vector machines (SVMs).
Build artificial neural networks (ANNs).
Promote data privacy and ethical practices within AI and ML projects.
Pre-requisites:
To ensure your success in this course, you should have at least a high-level understanding of fundamental AI concepts, including, but not limited to: machine learning, supervised learning, unsupervised learning, artificial neural networks, computer vision, and natural language processing. You can obtain this level of knowledge by taking the CertNexus AIBIZ™ (Exam AIZ-110) course.
You should also have experience working with databases and a high-level programming language such as Python, Java, or C/C++. You can obtain this level of skills and knowledge by taking the following Logical Operations or comparable course:
Database Design: A Modern Approach
Python® Programming: Introduction
Python® Programming: Advanced
Outline:
Lesson 1: Solving Business Problems Using AI and ML
Topic A: Identify AI and ML Solutions for Business Problems
Topic C: Formulate a Machine Learning Problem
Topic D: Select Appropriate Tools
Lesson 2: Collecting and Refining the Dataset
Topic A: Collect the Dataset
Topic B: Analyze the Dataset to Gain Insights
Topic C: Use Visualizations to Analyze Data
Topic D: Prepare Data
Lesson 3: Setting Up and Training a Model
Topic A: Set Up a Machine Learning Model
Topic B: Train the Model
Lesson 4: Finalizing a Model
Topic A: Translate Results into Business Actions
Topic B: Incorporate a Model into a Long-Term Business Solution
Lesson 5: Building Linear Regression Models
Topic A: Build a Regression Model Using Linear Algebra
Topic B: Build a Regularized Regression Model Using Linear Algebra
Topic C: Build an Iterative Linear Regression Model
Lesson 6: Building Classification Models
Topic A: Train Binary Classification Models
Topic B: Train Multi-Class Classification Models
Topic C: Evaluate Classification Models
Topic D: Tune Classification Models
Lesson 7: Building Clustering Models
Topic A: Build k-Means Clustering Models
Topic B: Build Hierarchical Clustering Models
Lesson 8: Building Advanced Models
Topic A: Build Decision Tree Models
Topic B: Build Random Forest Models
Lesson 9: Building Support-Vector Machines
Topic A: Build SVM Models for Classification
Topic B: Build SVM Models for Regression
Lesson 10: Building Artificial Neural Networks
Topic A: Build Multi-Layer Perceptrons (MLP)
Topic B: Build Convolutional Neural Networks (CNN)
Lesson 11: Promoting Data Privacy and Ethical Practices
Topic A: Protect Data Privacy
Topic B: Promote Ethical Practices
Topic C: Establish Data Privacy and Ethics Policies
Appendix A: Mapping Course Content to CertNexus® Certified Artificial Intelligence (AI) Practitioner (Exam AIP-100)
Course Outline Coming Soon
Course Length: 1/2 day
Course Objective:
The ability to identify and respond to changing trends is a hallmark of a successful business. Whether those trends are related to customers and sales, or to regulatory and industry standards, businesses are wise to keep track of the variables that can affect the bottom line. In today's business landscape, data comes from numerous sources and in diverse forms. By leveraging data science concepts and technologies, businesses can mold all of that raw data into information that facilitates decisions to improve and expand the success of the business.
Pre-requesites:
To ensure your success in this course, you should have a working knowledge of general business concepts and practices. You should also have a basic understanding of information technology (IT) resources and systems, including networks, computers, and other digital devices used in an enterprise setting.
Outline: