Course Overview

This five-day course is designed to provide students with the tools and methods required for implementing, monitoring, and troubleshooting Layer 3 components in an enterprise network. 

This course covers OSPF, BGP, multicast, enterprise architecture, and Ethernet VPN-Virtual Extensible LAN (EVPN-VXLAN) is covered in depth. 

The course also exposes students to common troubleshooting commands and tools used to diagnose various intermediate to advanced issues. 

Through demonstrations and hands-on labs, students will gain experience with features of each of these devices, vSRX virtual firewalls and vQFX virtual switches. 

This course is based on Junos OS Release 22.1R1.10. 

Course Level

Advanced Junos Enterprise Routing (AJER) is an advanced-level course.

Relevant Juniper Product

• Junos OS • M Series • MX Series • SRX Series

Course Objectives

Describe OSPFv2 concepts. 

• Describe OSPF operations. 

• Describe and configure OSPF area types and operations. 

• Configure OSPF areas through summarization and restrictions. 

• Utilize commands to troubleshoot and verify OSPF operations. 

• Analyze different OSPF issues. 

• Describe BGP operations. 

• Describe and configure the BGP route selection process. 

• Explain the use of routing policies in BGP. 

• Describe BGP attributes and their usages. 

• Describe and configure BGP communities. 

• Describe BGP troubleshooting. 

• Explain how routing policies are used in an enterprise network. 

• Reduce problems related to routing policy structure and configuration. 

• Identify commands for troubleshooting routing policy. 

• Explain the fundamentals of multicast routing. 

• Describe and configure Internet Group Management Protocol (IGMP). 

• Describe Protocol Independent Multicast (PIM). 

• Configure PIM. 

• Describe and configure route reflection. 

• Explain enterprise networking. 

• Describe the key concepts of Evolved core and Layer 3 based campus designs. 

• Explain the benefits of VXLAN. 

• Explain why you would use EVPN-VXLAN in a campus network. 

• Describe and configure an Evolved Campus Core (ECC) network. 

• Describe and configure a distribution and access network. 

• Describe Ethernet Virtual Private Network (EVPN) route types. 

• Describe EVPN troubleshooting. 

Course Content

Day 1

Course Introduction

OSPF–Part 1 

• Describe OSPFv2 operations 

• Differentiate link-state advertisements 

OSPF–Part 2 

• Distinguish protocol operations 

• Explain OSPF authentication 

• Apply OSPFv3 

Lab: Configuring and Monitoring OSPF 

OSPF Areas–Part 1 

• Identify OSPF areas 

• Describe stub area operations 

• Add a stub area configuration 

OSPF Areas–Part 2 

• Explain NSSA operation 

• Add an NSSA configuration 

• Explain route summarization 

Lab: OSPF Route Summarization 

Advanced OSPF Options 

• Explain NSSA operation 

• Generate a NSSA configuration 

• Explain route summarization 

Advanced OSPF Case Studies 

• Interpret external reachability case studies 

Lab: Configuring Advanced OSPF Options

Day 2

Troubleshooting OSPF 

• Perform troubleshooting and verification of OSPF adjacencies 

• Perform troubleshooting and verification of OSPF consistencies 

Troubleshooting OSPF Routing Issues 

• Conduct troubleshooting and verification of OSPF routing 

Lab: Troubleshooting OSPF 

BGP–Part 1 

• Explain BGP concepts 

• Describe BGP configuration options 

BGP–Part 2 

• Explain BGP route options 

• Describe BGP path selection 

Lab: Implementing BGP 

BGP Attributes and Policy 

• Explain BGP route processing 

• Describe BGP Attributes 

Common BGP Attributes 

• Describe and configure common BGP attributes 

BGP Communities 

• Configure BGP communities 

• Explain how to use regular expressions with BGP communities 

• Examine a BGP community use case 

Lab: BGP Attributes 

Troubleshooting BGP 

• Examine IBGP and EBGP troubleshooting 

BGP Troubleshooting Case Study 

• Examine troubleshooting BGP neighbor issues 

Lab: Troubleshooting BGP

Day 3

Enterprise Routing Policies–Part 1 

• Review an enterprise routing policy use case 

Enterprise Routing Policies–Part 2 

• Examine enterprise external network deployment 

Lab: Implementing Enterprise Routing Policies 

Troubleshooting Policies–Part 1 

• Examine routing policy structure 

• Describe regular expression matching with routing policies 

• Examine routing policy troubleshooting methods 

Troubleshooting Policies–Part 2 

• Examine the routing policy troubleshooting command usage 

• Review a routing policy use case 

Lab: Troubleshooting Routing Policy 

Introduction to Multicast–Part 1 

• Describe IP multicast traffic flow and multicast components 

• Describe multicast addressing 

• Describe the need for RPF check in multicast networks 

• Describe multicast routing tables 

Introduction to Multicast–Part 2 

• Explain the role of IGMP 

• Describe the different versions of IGMP 

• Configure and monitor IGMP

Day 4

Multicast Operations–Part 1 

• Describe PIM sparse mode operation 

Lab: Implementing PIM-SM 

Multicast Operations–Part 2 

• Configure and monitor PIM sparse mode 

• Configure and monitor RP discovery mechanisms 

Lab: Implementing SSM 

BGP Route Reflection 

• Describe the operation of BGP route reflection 

• Configure a route reflector 

Lab: BGP Route Reflection

Enterprise Architectures–Part 1 

• Describe traditional enterprise networks 

• Examine new enterprise networking methods 

Enterprise Architectures–Part 2 

• Examine EVPN-VXLAN enterprise networks 

• Examine new enterprise networking methods 

VXLAN Overview 

• Describe Layer 2 tunneling 

• Explain VXLAN functionality 

• Describe VXLAN gateways

Day 5

VPN-VXLAN Architecture 

• Describe EVPN features 

• Describe EVPN operations 

• Describe EVPN with VXLAN for data plane encapsulation 

Configuring EVPN-VXLAN Networks–Part 1 

• Examine a case study 

• Configure an underlay network 

• Configure an overlay network 

• Verify an ECC network 

Configuring EVPN-VXLAN Networks–Part 2 

• Add leaf nodes to an ECC network 

• Build a full fabric EVPN-VXLAN network 

Lab: Configuring an EVPN-VXLAN Network 

Verifying and Troubleshooting EVPN-VXLAN Architecture–Part 1 

• Explain EVPN route identification 

Verifying and Troubleshooting EVPN-VXLAN Architecture–Part 2 

• Explain EVPN troubleshooting commands

Course Overview

In this 5-day Advanced SD-WAN Course, Students will learn Advanced Techniques to Deploy Advanced Features of SDWAN. This course focuses on High Availability, Advanced Settings, Templates and Configuration Groups, APP-QOE with FEC, TCP OPT DRE, SD-AVC, Per-Tunnel/Adaptive/VPN QoS, Security using SASE/ Cloud/On-Prem, Students will then focus on Routing, including OMP, Service Chaining, BGP, EIGRP, OSPF, On-Demand Routing, DIA Routing through Branches/Hubs/Data Centers.

Learn to deploy advanced features of both Local and Centralized Policies is included along with this skills required to troubleshoot.

Course Objectives

After completing this course you should be able to:

  • Explore and Troubleshoot the initials environment
  • Design, Configure, and Troubleshoot Clusters and High Availability
  • Learn Advanced Techniques to Deploy Templates with the theme of reusability
  • Deploy and Troubleshoot Transport Bridging
  • Deploy and Troubleshoot Routing including OSPF, BGP, EIGRP
  • Deploy and Troubleshoot Multicast Routing
  • Design, Configure, and Troubleshoot APP-QoE, SD-AVC and QoS Policies
  • Design, Configure, and Troubleshoot Advanced Security Policies
  • Design, Configure, and Troubleshoot SDWAN Direct Internet Access (DIA)
  • Design, Configure, and Troubleshoot SDWAN Unified Communication Integrations
  • Design, Configure, and Troubleshoot Local Policies
  • Design, Configure, and Troubleshoot Application Aware Routing
  • Design, Configure, and Troubleshoot Central Policies (Sites, Hub Spoke, Full Mesh and Custom
  • Topologies)
  • Design, Configure, and Troubleshoot Central Policies Including Service Chaining
  • Design, Configure, and Troubleshoot Central Policies Including Traffic Rules & CFLOW
  • Design, Configure, and Troubleshoot Migration from IWAN

Course Content

Module 0: Introductions

  • Module Introduction
  • Lesson 1: Introductions
  • Module Summary

Module 1: Cisco SD-WAN Overview

  • Module Introduction
  • Lesson 1: Cisco SD-WAN Overview
  • Lesson 2: SD-WAN Platform Discussion
  • Module Summary

Module 2: SD-WAN Advanced Settings

  • Module Introduction
  • Lesson 1: Design Considerations and Scaling
  • Lesson 2: Site Design
  • Lesson 3: Advanced Settings
  • Lesson 4: Ether Channel Support (20.6)
  • Lesson 5: Hot Standby Router Protocol (HSRP)
  • Lesson 6: LTE Design and Deployment
  • Module Summary

Module 3: SD-WAN High Availability

  • Module Introduction
  • Lesson 1: Common WAN Topologies Design and Deployment Considerations
  • Lesson 2: Active vManage, Backup Inactive vManage, Clustering vManage
  • Lesson 3: SD-WAN Disaster Recovery
  • Lesson 4: Troubleshooting Cluster Operation
  • Module Summary

Module 4: SD-WAN Templates

  • Module Introduction
  • Lesson 1: Template Overview
  • Lesson 2: Using Python to Import / Export Templates
  • Lesson 3: Parsing JSON with Python
  • Lesson 4: Create / Delete / Import / Export of Templates
  • Module Summary

Module 5: SD-WAN APP-QoE, SD-AVC and QoS Policies

  • Module Introduction
  • Lesson 1: Application Quality of Experience (APPQoE)
  • Lesson 2: Custom Application Identification
  • Lesson 3: Bidirectional Forwarding Detection (BFD)
  • Lesson 4: Cloud onRamp for SaaS for Office 365
  • Lesson 5: Per Tunnel QOS
  • Lesson 6: Adaptive QOS
  • Lesson 7: SD-WAN 17.6/20.6 – Per VPN QOS
  • Lesson 8: TCP Optimization
  • Lesson 9: Service Nodes for AppQoE
  • Lesson 10: Forward Error Correction (FEC)
  • Lesson 11: Packet Duplication
  • Module Summary

Module 6: Bridging

  • Module Introduction
  • Lesson 1: Transparent Bridging
  • Lesson 2: Bridging Template Configuration
  • Lesson 3: cEdge Bridging Template Configuration
  • Lesson 4: vEdge Bridging Template Configuration
  • Module Summary

Module 7: Routing Protocols

  • Module Introduction
  • Lesson 1: SD-WAN Underlay Routing
  • Lesson 2: Static Routes
  • Lesson 3: VRRP Enhancements
  • Lesson 4: Dynamic Routing Protocols
  • Lesson 5: Routing Information Protocols
  • Lesson 6: SD-WAN On Demand Tunnels
  • Lesson 7: Route Leaking
  • Lesson 8: Hierarchical SD-WAN (Regions)
  • Module Summary

Module 8: Multicast

  • Module Introduction
  • Lesson 1: Complete Multicast Support on Cisco SD-WAN
  • Lesson 2: vEdge Support
  • Module Summary

Module 9: Direct Internet Access (DIA) Overview

  • Module Introduction
  • Lesson 1: SD-WAN Direct Internet Access (DIA)
  • Lesson 2: Deploying DIA
  • Lesson 3: Central Data Policy
  • Lesson 4: NAT DIA Route
  • Module Summary

Module 10: SD-WAN Voice Configuration

  • Module Introduction
  • Lesson 1: Voice Integration in SD-WAN
  • Lesson 2: Voice Card Feature Templates
  • Lesson 3: Call Routing Feature Templates
  • Lesson 4: Survivable Remote Site Telephony (SRST)
  • Lesson 5: Voice Policies
  • Lesson 6: Create a Voice Port Policy
  • Lesson 7: Voice Port Translation Profile
  • Lesson 8: FXO Supervisory Disconnect
  • Lesson 9: Cisco Unified Border Element (CUBE)
  • Module Summary

Module 11: SD-WAN Security Policy

  • Module Introduction
  • Lesson 1: SD-WAN Security
  • Lesson 2: SD-WAN Base Security
  • Lesson 3: SD-WAN Cloud Security
  • Lesson 4: Zscaler Integration
  • Lesson 5: SD-WAN Cloud Security Features
  • Lesson 6: SD-WAN Integrated Security
  • Lesson 7: 17.6/20.6 – Geo-Fencing
  • Lesson 8: SD-WAN Security Configuration
  • Module Summary

Module 12: SD-WAN Local Policy

  • Module Introduction
  • Lesson 1: Policy Configuration Overview
  • Lesson 2: Local Data Policies
  • Module Summary

Module 13: SD-WAN Central Policy

  • Module Introduction
  • Lesson 1: Centralized Control Policies
  • Lesson 2: Centralized Data Policies
  • Lesson 3: Application Aware Routing
  • Lesson 4: Service Chaining
  • Lesson 5: Traffic Flow Monitoring with Cflowd
  • Lesson 6: Policy Construction
  • Lesson 7: Platform Support and Scalability
  • Module Summary

Module 14: SD-WAN Migration

  • Module Introduction
  • Lesson 1: SD-WAN Conversation Tool
  • Lesson 2: Cisco Sure Tool
  • Lesson 3: Migration and Deployment Models
  • Lesson 4: Typical Migrations
  • Lesson 5: Data Center / Hub Migration
  • Lesson 6: Branch / Spoke Site Migration
  • Module Summary

Labs:

  • Lab 1: Review & Troubleshoot Initials SDWAN Environment
  • Lab 2: Create and Troubleshoot SDWAN Clusters
  • Lab 3: Template / Configurations Groups
  • Lab 4: Deploy and Troubleshoot Hardware Routers with ztp.
  • Lab 5: Implement Routing Protocol
  • Lab 6: Advanced Firewall Policy Design
  • Lab 7: Designing and Implementing Local Policies and QoS Policies
  • Lab 8: Create Advanced Central Policies
  • Lab 9: Monitoring the Environment
  • Lab 10: Troubleshooting

Course Overview

Learn how to effectively manage a Vendor Risk Management Implementation.

This two-day course covers the domain knowledge, common implementation technical  aspects, and various processes needed to effectively manage a Vendor Risk Management (VRM) implementation.

Attendees will learn and practice various tactical skills and strategies that will better prepare them to implement VRM. Through lectures, group discussion, hands-on labs and demonstrations, participants build on existing knowledge and skills by applying implementation best practices.

Topics include: Vendor Risk Management Review,  Core Configuration, Assessment Configuration, Vendor Risk Issues and Processes, Vendor Portal Configuration, Application Relationships, Dashboards and Reports

Course Objectives

After you complete this course you will be able to:

  • Define key concepts and roles related to Vendor Risk Management in ServiceNow and navigate the Vendor Risk Management application components
  • Configure vendor portfolio data and vendor process workflows
  • Develop Questionnaire Templates, Document Request Templates, and Assessment Templates, which are used to create vendor risk assessments
  • Access the Vendor Assessment Portal, manage vendor contacts, complete assessments, and interact with the Vendor Risk team
  • Create and manage Vendor Risk Assessment related issues and remediation
  • Translate assessment responses into Risk and Control Compliance using existing GRC applications
  • Analyze baseline VRM reports and dashboards
  • Examine solution features and implementation considerations
  • Discuss supported integrations and share best practices

Course Content

Vendor Risk Management Review

  • About VRM
  • VRM Process
  • Technical Details
  • Lab 1.1 Preparing to Implement ServiceNow Vendor Risk Management

Core Configuration

  • Vendor Portfolio Configuration
  • Lab 2.1 Vendor Setup
  • Vendor Contacts Configuration
  • Lab 2.2 Populate Vendor Contacts
  • Vendor Tiering Configuration
  • Lab 2.3 Vendor Tiering
  • Vendor Security Scoring Configuration
  • Lab 2.4 Vendor Hierarchy and Engagements

Assessment Configuration

  • Assessment Basics
  • Vendor Assessment Configuration
  • Vendor Risk Assessment Generation
  • Lab 3.1 Vendor Risk Assessment Templates
  • Lab 3.2 [CHALLENGE] Data Privacy Assessment
  • Vendor Risk Assessment Calculations
  • Vendor Risk Assessment Lifecyle
  • Lab 3.3 Vendor Risk Assessments

Risk Issues and Processes

  • Vendor Risk Issue Configuration
  • Lab 4.1 Configure Vendor Risk Issue Approval Workflow
  • Vendor Risk Task Configuration
  • Vendor Risk Process Workflows
  • Lab 4.2 Configure Vendor Assessment Reminders Workflow

Vendor Portal Configuration

  • Contact Configuration
  • Lab 5.1 Working in the Vendor Assessment Portal
  • Vendor Assessment Processing and Configuration
  • Lab 5.2 Vendor Risk Issues
  • Lab 5.3: Vendor Risk Areas and Criteria Affecting Engagements

Application Relationships

  • ServiceNow GRC Overview
  • Monitor Risk and Control Compliance
  • Other Application Relationships
  • Lab 6.1 GRC Integration

Dashboards and Reports

Course Overview

Avoid project catastrophe by developing expertise in risk management.

This course is designed for project managers who want to proactively reduce the probability of project failure. In this course, you will learn to use proven approaches and techniques specific to risk management. You will learn to plan and analyze projects so as to minimize risk in a formal environment. You will identify, analyze, and address uncertainty throughout the project lifecycle and incorporate lessons learned and industry best practices related to risk management. You will apply PMI risk management processes in a practical way to eliminate, mitigate, and minimize threats while maximizing and optimizing opportunities.

Students pursuing a university-recognized and/or accredited certificate in Canada or continuing education units in the US must attend at least 90% of class time, participate in class exercises and section-knowledge checks, and score at least 70% on an end-of-class, multiple-choice assessment.

Course Objectives

  • Assess overall project riskiness
  • Manage uncertainty in terms of both opportunities and threats
  • Role of a risk management plan
  • Risk within an execution strategy
  • Conduct qualitative risk assessments in order to rank risks
  • Conduct quantitative risk assessments in order to adequately budget for uncertainty
  • Develop risk response plans for significant risks
  • Monitor and control uncertainty during execution
  • Ensure success by understanding the role of a risk management plan and lessons learned

Course Content

  • Risk Management Foundations:
  • Definition of a plan
  • Definition of risk and risk management
  • Risk management and project success
  • Project management life cycle
  • Strategic Risk Reduction:
  • Project success factors
  • Stakeholder analysis
  • Balancing constraints within a plan
  • Assessing project riskiness
  • Importance of formal planning
  • Execution Risk Reduction:
  • Risk management plan
  • Risk identification techniques
  • Qualitative risk analysis
  • Quantitative risk analysis
  • Risk response planning
  • Monitoring and Controlling Risk:
  • Protecting the plan
  • Change controls
  • Responding to risks
  • Value of Lessons Learned:
  • Capturing and employing lessons learned
  • Current methods of managing uncertainty based on lessons learned
  • Hands-On Activities:
  • Determine sources of project risk by category
  • Assess overall project risk
  • Identify and categorize risk
  • Perform qualitative risk analysis
  • Perform quantitative risk analysis
  • Plan risk responses
  • Involve stakeholders

Course Overview

This course will give an introduction to SAP BusinessObjects Governance, Risk, and Compliance (GRC) 10.0 and more.

Target Audience

  • Implementation Consultants
  • Key Technical Business Users involved in a GRC 10.0 project
  • IT Governance Experts
  • Consultants for SAP Security and GRC IT Auditors
  • Business Project Team Leaders

Course Objectives

  • Introduce SAP BusinessObjects Governance, Risk, and Compliance (GRC) 10.0
  • Identify key governance, risk, and compliance processes supported in the GRC 10.0 solution
  • Describe key features and business benefits of the integrated solution
  • Identify applications that integrate with the GRC 10.0 solution
  • Describe the purpose and location of key user interface components
  • Discuss harmonized navigation and how authorizations affect what users see
  • Describe how common functions and relative master data are shared across GRC solutions
  • Describe the IMG organization for GRC 10.0
  • Describe a general implementation process and key steps
  • Configure report presentation, structure, and content

Course Overview

The modern organization is faced with increasing volatility, uncertainty, complexity, and ambiguity.  PRINCE2® Risk Management Practitioner helps you and your organization identify, assess, and control risk at the strategic, programme, project, and operational levels.

The PRINCE2® Risk Management guidance shows you how the principles, processes, and techniques can be embedded, reviewed, and applied to your work practices by considering the nature of the objectives at risk. It allows you to make informed, effective decisions about the use of resources and initiating change.

The Practitioner certification allows you to demonstrate you have an understanding of how to apply and tailor PRINCE2® Risk Management Practitioner   in a practical context. You will be able to start applying an PRINCE2® Risk Management Practitioner  approach to organizational challenges to enable the creation and protection of value.

Course Objectives

Ater you complete this course you should have a better understanding of the advantages of risk management within an organisation including:

  • Increased visibility and better management of unplanned threats and opportunities.
  • Improved Service Delivery
  • Reduction in waste and fraud.
  • Increased Value for money
  • More effective management of change
  • More efficient use of resources
  • Improved decision making
  • Innovation
  • Management of contingent and maintenance activities.

Course Content

Day One

  • Introductions
  • PRINCE2® Risk Management Overview
  • Definitions
  • Challenges of PRINCE2® Risk Management (12 D’s)
  • Principles of PRINCE2® Risk Management
  • People Considerations and PRINCE2® Risk Management
  • Perspectives of PRINCE2® Risk Management

Day Two

  • Recap
  • Perspectives of PRINCE2® Risk Management
  • PRINCE2® Risk Management Processes

Day Three

  • Recap
  • PRINCE2® Risk Management Processes
  • Implementing PRINCE2® Risk Management
  • Value of PRINCE2® Risk Management
  • Exam Preparation
  • Round-up

Course Overview

ISO/IEC 27005 Risk Manager training enables you to develop the competence to master the risk management process related to all assets of relevance for Information Security using the ISO/IEC 27005 standard as a reference framework. During this training course, you will also gain a thorough understanding of best practices of risk assessment methods such as OCTAVE, EBIOS, MEHARI and harmonized TRA. This training course corresponds with the implementation process of the ISMS framework presented in the ISO/IEC 27001 standard.

After understanding all the necessary concepts of Information Security Risk Management based on ISO/IEC 27005, you can sit for the exam and apply for a “PECB Certified ISO/IEC 27005 Risk Manager” credential. By holding a PECB Risk Manager Certificate, you will be able to demonstrate that you have the necessary skills and knowledge to perform an optimal Information Security Risk Assessment and timely manage Information Security risks.

Course Objectives

  • Acknowledge the correlation between Information Security risk management and security controls
  • Understand the concepts, approaches, methods and techniques that enable an effective risk management process according to ISO/IEC 27005
  • Learn how to interpret the requirements of ISO/IEC 27001 in Information Security Risk Management
  • Acquire the competence to effectively advise organizations in Information Security Risk Management best practices

Course Content

  • Day 1: Introduction to ISO/IEC 27005 and implementation of a risk management programme
  • Day 2: Information security risk assessment, risk treatment and acceptance as specified in ISO/IEC 27005
  • Day 3: Risk communication, consultation, monitoring, review and risk assessment methods

Course Overview

ISO/IEC 27005 Lead Risk Manager training enables you to acquire the necessary expertise to support an organization in the risk management process related to all assets of relevance for Information Security using the ISO/IEC 27005 standard as a reference framework. During this training course, you will gain a comprehensive knowledge of a process model for designing and developing an Information Security Risk Management program. The training will also contain a thorough understanding of best practices of risk assessment methods such as OCTAVE, EBIOS, MEHARI and harmonized TRA. This training course supports the implementation process of the ISMS framework presented in the ISO/IEC 27001 standard.

After mastering all the necessary concepts of Information Security Risk Management based on ISO/IEC 27005, you can sit for the exam and apply for a “PECB Certified ISO/IEC 27005 Lead Risk Manager” credential. By holding a PECB Lead Risk Manager Certificate, you will be able to demonstrate that you have the practical knowledge and professional capabilities to support and lead a team in managing Information Security Risks.

Course Objectives

  • Master the concepts, approaches, methods and techniques that enable an effective risk management process based on ISO/IEC 27005
  • Acknowledge the correlation between Information Security risk management and security controls
  • Learn how to interpret the requirements of ISO/IEC 27001 in Information Security Risk Management
  • Acquire the competence and skills to effectively advise organizations on Information Security Risk Management best practices
  • Acquire the knowledge necessary for the implementation, management and maintenance of an ongoing risk management program

Course Content

  • Day 1: Introduction to ISO/IEC 27005, concepts and implementation of a risk management program
  • Day 2: Risk identification, evaluation, and treatment as specified in ISO/IEC 27005
  • Day 3: Information Security risk acceptance, communication, consultation, monitoring and review
  • Day 4: Risk assessment methodologies
  • Day 5: Certification Exam 

Course Overview

By attending this 2-day ISO/IEC 27005 Foundation training course, participants will learn more about the structure of the standard including information security risk assessment, treatment, acceptance, communication and consultation, and monitoring and review. They will also gain basic knowledge related to information security risk management based on other standards such as ISO/IEC 27001 and ISO 31000.

After attending the training course, you can sit for the exam and, if you successfully pass it, you can apply for a “PECB Certified ISO/IEC 27005 Foundation” credential. A PECB Foundation certificate shows that you have knowledge on the fundamental concepts, principles, methodologies, processes, and management approaches used in information security risk management.

Course Objectives

  • Understand the basic concepts of information security risk management
  • Acknowledge the correlation between ISO/IEC 27005, ISO 31000, ISO/IEC 27001, and other standards and regulatory frameworks
  • Understand the approaches, methods, and techniques used for the management of information security risks

Course Content

  • Day 1: Introduction to fundamental concepts of information security risk management and ISO/IEC 27005
  • Day 2: Information security risk management and certification exam

Course Overview

The PECB ISO/IEC 27001 Lead Auditor training course is designed to prepare you to audit an information security management system (ISMS) based on ISO/IEC 27001. During this training course, you will acquire the knowledge and skills to plan and carry out internal and external audits in compliance with ISO 19011 and ISO/IEC 17021-1 certification process.

The training content is comprised of practical exercises and case studies which bring you real-world expertise that you can apply to your day-to-day operations and activities. Based on practical exercises, you will be able to master audit techniques and become competent to manage an audit program, audit team, communication with customers, and conflict resolution.

Our training courses are all-inclusive, meaning that they cover everything you need, in order to get the certificate. After acquiring the necessary expertise to perform an audit, you can sit for the exam and apply for a “PECB Certified ISO/IEC 27001 Lead Auditor” credential. By holding a PECB Lead Auditor Certificate, you will demonstrate that you have the capabilities and competencies to audit organizations based on best practices.

Apart from showcasing what the ISO/IEC 27001 standard tells you to do, this training course tells you how to do it, through various activities, exercises, case studies, multiple-choice standalone  quizzes, and scenario-based quizzes. These will allow you to test your knowledge about the implementation process steps.

Course Objectives

After completing this course you shoud be able to:

  • Explain the fundamental concepts and principles of an information security management system (ISMS) based on ISO/ IEC 27001
  • Interpret the ISO/IEC 27001 requirements for an ISMS from the perspective of an auditor
  • Evaluate the ISMS conformity to ISO/IEC 27001 requirements, in accordance with the fundamental audit concepts and principles
  • Plan, conduct, and close an ISO/IEC 27001 compliance audit, in accordance with ISO/IEC 17021-1 requirements, ISO 19011 guidelines, and other best practices of auditing
  • Manage an ISO/IEC 27001 audit program

Course Content

Day 1: Introduction to Information Security Management Systems (ISMS) and ISO/IEC 27001 

  • Training Course Objectives and Structure
  • Standards and Regulatory Frameworks
  • Certification Process
  • Fundamental concepts and principles of information security
  • Information security management system (ISMS)

Day 2: Audit principles, preparation and launching of an audit

  • Fundamental audit concepts and principles
  • The impact of trends and technology in auditing
  • Evidence-based auditing
  • Risk-based auditing
  • Initiation of the audit process
  • Stage 1 audit

Day 3: On-site audit activities

  • Preparing for stage 2 audit
  • Stage 2 audit
  • Communication during the audit
  • Audit procedures
  • Creating audit test plans

Day 4: Closing the audit

  • Drafting audit findings and nonconformity reports
  • Audit documentation and quality review
  • Closing of the audit
  • Evaluation of action plans by the auditor
  • Beyond the initial audit
  • Managing an internal audit program
  • Closing of the training course