Cybersecurity and Third-Party Risk

(CYBERSEC-TP-RISK.AE1) / ISBN: 978-1-64459-367-7
This course includes
Lessons
TestPrep
LiveLab
Mentoring (Add-on)
Try this course Pre-Assessment and first two Lessons free No credit card required
Are you an instructor? Teach using uCertify products
Request a free evaluation copy

Cybersecurity and Third-Party Risk

Get hands-on experience in cybersecurity with the Cybersecurity and Third-Party Risk course and lab. The course provides a detailed look into the problems and risks, then gives specific examples of how to create a robust and active Cybersecurity Third‐Party Risk Management program. The course has well descriptive interactive lessons containing pre and post-assessment questions, knowledge checks, quizzes, live labs, flashcards, and glossary terms to get a detailed understanding of cybersecurity and Third‐Party Risk Management (TPRM).
Here's what you will get

Lessons
  • 17+ Lessons
  • 184+ Exercises
  • 131+ Quizzes
  • 136+ Flashcards
  • 136+ Glossary of terms
TestPrep
  • 60+ Pre Assessment Questions
  • 60+ Post Assessment Questions
LiveLab
  • 17+ LiveLab
  • 17+ Video tutorials
  • 48+ Minutes
Here's what you will learn
Download Course Outline
  • Who Will Benefit Most from This Course?
  • The SolarWinds Supply‐Chain Attack
  • The VGCA Supply‐Chain Attack
  • The Zyxel Backdoor Attack
  • Other Supply‐Chain Attacks
  • Problem Scope
  • Compliance Does Not Equal Security
  • Third‐Party Breach Examples
  • Conclusion
  • Cybersecurity Basics for Third-Party Risk
  • Cybersecurity Frameworks
  • Due Care and Due Diligence
  • Cybercrime and Cybersecurity
  • Conclusion
  • The Pandemic Shutdown
  • SolarWinds Attack Update
  • Conclusion
  • Third‐Party Risk Management Frameworks
  • The Cybersecurity and Third‐Party Risk Program Management
  • The Kristina Conglomerate (KC) Enterprises
  • Conclusion
  • Intake
  • Cybersecurity Third‐Party Intake
  • Conclusion
  • Low‐Risk Vendor Ongoing Due Diligence
  • Moderate‐Risk Vendor Ongoing Due Diligence
  • High‐Risk Vendor Ongoing Due Diligence
  • “Too Big to Care”
  • A Note on Phishing
  • Intake and Ongoing Cybersecurity Personnel
  • Ransomware: A History and Future
  • Conclusion
  • On‐site Security Assessment
  • On‐site Due Diligence and the Intake Process
  • Conclusion
  • What Is Continuous Monitoring?
  • Enhanced Continuous Monitoring
  • Third‐Party Breaches and the Incident Process
  • Conclusion
  • Access to Systems, Data, and Facilities
  • Conclusion
  • Why Is the Cloud So Risky?
  • Conclusion
  • Legal Terms and Protections
  • Cybersecurity Terms and Conditions
  • Conclusion
  • The Secure Software Development Lifecycle
  • On‐Premises Software
  • Cloud Software
  • Open Web Application Security Project Explained
  • Open Source Software
  • Mobile Software
  • Conclusion
  • Third‐Party Connections
  • Zero Trust for Third Parties
  • Conclusion
  • Onboarding Offshore Vendors
  • Country Risk
  • KC's Country Risk
  • Conclusion
  • The Data
  • Level Set
  • A Mature to Predictive Approach
  • The Predictive Approach at KC Enterprises
  • Conclusion

Hands on Activities (Live Labs)

  • Simulating the DoS Attack
  • Performing a Phishing Attack
  • Performing Local Privilege Escalation
  • Establishing a VPN Connection
  • Getting the TCP Settings and Information about the TCP Port
  • Detecting a Phishing Site Using Netcraft
  • Analyzing Malware
  • Supplying Power to a SATA Drive
  • Creating an Elastic Load Balancer
  • Working with Amazon S3
  • Attacking a Website Using XSS Injection
  • Fuzzing Using OWASP ZAP
  • Setting Up a Basic Web Server
  • Studying CVSS Exercises with the CVSS Calculator
  • Setting up a DMZ
  • Enabling the TPM
  • Using the Windows Firewall
×