Call Us


Course Details

Get to know about our course outline

5 Days Training

5 Days Training for Individuals Involved in Today’s Cybersecurity Analysis, and IT Audits using the National Institute of Standards and Technology (NIST) 800-53 R5, 800-37, other Best Practices, and Personally Identifiable Information (PII), as businesses in every industry face scrutiny for how they handle sensitive data including customer and prospect information. This Training is About arming Interested individuals and or Employees to Better Protect Organizations Digital Assets in Terms of Knowledge, Skills, Values and Abilities. In addition, we have developed a fully comprehensive and highly interactive Annual Cybersecurity Security Awareness Training program to train your workforce Lasting Between Three to Four Hours Using the Traditional “Top-Down” Approach Across the Board.

Course Goals and Objectives

Participants will learn the offensive and defensive Cybersecurity skills, including Security Analysis, IT Audits using (NIST) Cybersecurity Framework, tools, techniques procedures for network and application protection), and to learn more about Advanced Cybersecurity Certifications Preparation.

Participants will learn the latest techniques used in Cybersecurity and understand how many securities technologies work behind the scenes.

Why invest On This

There are over half a million Cybersecurity jobs that employers are trying to fill, and businesses actively seeking Cybersecurity Professionals span across all industries and sizes. 

  • If you are serious about becoming an expert in Cybersecurity Analysis and or IT Auditing, we strongly suggest you join all five modules of this course.
  • Infosecact instructors are the masters of Cybersecurity, and participants will appreciate that the instructors always openly and respectfully answer every question from participants.
  • Infosecact hosts top-rated Cybersecurity experts who are ready to walk you through every step of preparing for the Approved Baseline Certifications by the Department of Defense (DoD) Approved 8570 for the Information Assurance (IA) Workforce.
  • Personnel performing Information Assurance (IA) functions must obtain one of the certifications required for their position category or specialty and level.

Approved Baseline Certifications


IAT Level I

IAT Level II


Network+ CE

CCNA Security
CySA+ **
Security+ CE

CCNP Security
CISSP (or Associate)

IAM Level I

IAM Level II


Security+ CE

CISSP (or Associate)

CISSP (or Associate)

Course Outline

DAY ONE: 8:30 AM – 4:30 PM

Cybersecurity Analysis and IT Audits Training

  • Cyber Security Objectives
  • Privacy VS. Security
  • Evaluating Security Risks
  • Identity Threats
  • Identity Vulnerabilities
  • Determine Likelihood, Impact, and Risk Reviewing Controls
  • Building a Secure Network
  • Network Access Control
  • Firewalls and Network Perimeter Security
  • Network Segmentation
  • Defense Through Deception
  • Security Endpoint Management
  • Hardening System Configurations
  • Patch Management
  • Group Policies
  • Endpoint Security Software
  • Penetration Testing
  • Planning a Penetration Test
  • Contacting Discovery
  • Executing a Penetration Test
  • Communicating Penetration Test Results
  • Training and Exercises
  • Reverse Engineering
  • Isolation and Sandboxing
  • Reverse Engineering Software
  • Reverse Engineering Hardware
  • The Future of Cyber Security Analytics

Day One Summary
Day One Essentials

DAY TWO: 8:30 AM – 4:30 PM

Identity and Access Management Security

  • Understanding Identity
  • Identity Systems and Security Design
  • Threats to Identity and Access
  • Understanding Security Issues with Identities
  • Attacking AAA Systems and Protocols
  • Targeting Account Creation, Provisioning, and Deprovisioning
  • Preventing Common Exploits of Identity and Authorization
  • Acquiring Credentials
  • Identify as a Security Layer
  • Identity and Defense-In-Depth
  • Securing Authentication and Authorization
  • Detecting Attacks and Security Operations
  • Federation and Single Sign-On
  • Federated Identity Security Considerations
  • Federated Identity Design Choices
  • Federated Identity Technologies
  • Federation Incident Response

 Day Two Summary
 Day Two Essentials

DAY THREE: 8:30 AM – 4:30 PM

Software and Hardware Development Security

  • Software Assurance Best Practices
  • The Software Development Lifecycle
  • Software Development Phases
  • Software Development Models
  • DevSecOps and DevOps
  • Designing and Coding for Security
  • Common Software Development Security Issues
  • Security Implications of Target Platforms
  • Secure Coding Best Practices
  • API Security
  • Service-Oriented Architectures
  • Application Testing
  • Information Security and the SDLC
  • Code Review Models
  • Software Security Testing
  • Software Assessment Testing and Analyzing Code
  • Web Application Vulnerability Scanning
  • Hardware Assurance Best Practices
  • Cryptographic Hardware
  • Firmware Security
  • Hardware Security

Day Three Summary
Day Three Essentials

DAY FOUR: 8:30 AM – 4:30 PM

  • Infrastructure Security and Controls
  • Understanding Defense in Depth
  • Layered Security
  • Zero Trust
  • Segmentation
  • Network Architecture
  • Physical Network Architectures
  • Software-Defined Networks
  • Virtualization
  • Asset and Change Management
  • Logging, Monitoring, and Validation
  • Encryption
  • Active Defense
  • Infrastructure Security and the Cloud
  • Improving Security by Improving Controls
  • Layered Host Security Permissions
  • Whitelisting and Blacklisting
  • Technical Controls
  • Policy, Process, and Standards
  • Analyzing Security Architecture
  • Analyzing Security Requirements
  • Reviewing Architecture
  • Common Issues
  • Reviewing a Security Architecture
  • Maintaining a Security Design

Day Four Summary
Day Four Essentials

DAY FIVE: 8:30 AM – 12:00 PM

Cloud Security

  • Understanding Cloud Computing
  • The Case for Cloud Computing
  • Cloud Service Models
  • Cloud Deployment Models
  • Operating in the Cloud
  • DevOps Strategies
  • Infrastructure as a Code (IAC)
  • Application Programming Interfaces
  • Cloud Monitoring
  • Cloud Infrastructure Security
  • Cloud Infrastructure Security Tools
  • Cloud Access Security Brokers (CASB)

Day Five Summary
Day Five Essentials

Day Five - Continuation 1:30 AM – 4:00 PM

Risk Management

  • Analyzing Risk
  • Risk Identification
  • Risk Calculation
  • Business Impact Analysis
  • Managing Risk
  • Risk Mitigation
  • Risk Avoidance
  • Risk Transference
  • Risk Acceptance
  • Security Controls
  • Nontechnical Controls
  • Technical Controls

Day Five Summary
Day Five Essentials

Training Fee


Infosecact Training Fee Structure



Annual Cybersecurity/Privacy Awareness Training

3-4 Hours


An Introduction to Cybersecurity Security Basics for Beginner

2 Days


CompTIA Security+

4 days


Systems Security Certified Practitioner (SSCP)

4 Days


Cybersecurity Analyst (CYSA+)

5 Days


Certified Information Security Manager (CISM)

5 Days


Certified Information System Auditor (CISA)

5 Days



Cybersecurity Analyst Course Includes

Certificate of completion

  • Instructor’s evaluation report (To be opened by the sponsors only)
  • 100 Cybersecurity free sample questions with explanations and answers.

Get in touch

Please get in touch with us if interested.

John W, Kiruri, M.S., CISA, CISM, SSCP
Cybersecurity Consultant and Trainer of Trainers (TOT).
Office: +1 301-592-1533 or +254 758950447

Start Your Education Career with Infosecact

Get started

Start Applying Below