Course NT-CSF Cyber Security Fundamentals | nt.ua

Course NT-CSF Cyber Security Fundamentals

A basic course for cybersecurity professionals covering topics such as cybersecurity, the basic concepts of risk and the principle of architectural security.


After completing this course, students will be able to:
  • define key concepts, roles and areas of cybersecurity
  • determine the timing, concepts and foundations of risk management
  • identify common types and vectors of attacks
  • define the framework and guidelines for policies and procedures
  • define cybersecurity control processes
  • identify different types of cybersecurity architecture
  • define the OSI model
  • explain how various defense strategies work for flow control, network slicing and logging, monitoring and intrusion detection
  • describe the basics, methods and encryption programs
  • identify, assess and respond to risks and vulnerabilities in the network through penetration testing
  • identify key aspects and associated risks for protecting data, programs, operating systems and networks;
  • determine the methodology for responding to accidents;
  • define the basic concepts, practices, tools, tactics, techniques and procedures for processing digital forensic data;
  • develop a plan for eliminating the consequences of disruptions in the functioning of information and telecommunication networks and ensuring the continuity of business processes;
  • identify implications for the adaptation of new technologies
Audience Profile

Information security professionals, solution architects, integration engineers, enterprise architects, developers who want to understand the key aspects of cybersecurity.


  1. The modern landscape of enterprise management
  2. Transformational trends, review of new technological platforms and their impact on threats
  3. Traditional threats and new trends. Advanced persistent threats (APT)
  4. New challenges for cybersecurity experts
  5. From information security to cyber security
  6. Risks, attack vectors, policies and procedures, controls
  7. An overview of the NIST Cybersecurity Framework framework and controls
  8. Strengths NIST, COBIT, ISO 27001, CIS Controls
  9. Information security management in the framework of ITSM/ITIL processes/practices
  10. Security architecture and corporate architecture
  11. New ITIL 4 and OpenAgile Architecture strategies affecting security
  12. Cisco SAFE Models and Vision
  13. Attack models and frameworks. Lockheed Martin Cyber Kill Chain (kill chain)
  14. MITER Attack Model: Tactics in MITER PRE-ATT&CK
    • Determination of priority
    • Target selection
    • Collection of information
    • Identification of weaknesses
    • Attacker's OpSec process
    • Creation and maintenance of infrastructure
    • Persona development
    • Development of means of attack
    • Testing means of attack
    • Determining the stages of using attack tools
  15. MITER Attack Model: Tactics in ATT&CK Enterprise
    • Initial Access
    • Performance
    • Anchoring
    • Privilege Elevation
    • Security Bypass
    • Get credentials
    • Detection
    • Lateral movement
    • Data collection
    • Exfiltration
    • Management and control
  16. MITER attack model: Modeling attacker actions and countermeasures according to ATT&CK
  17. Workshop on NIST controls
  18. Workshop on ISO 2700 controls:
    • Information security coordination
    • Allocation of responsibilities related to information security
    • Consultations of specialists in information security
    • Cooperation between organizations
    • Independent assessment of information security
    • Classification and control of resources
    • Responsibility for resources
    • Classification of information according to the level of confidentiality
    • Personnel safety issues
    • Security in the formulation of assignments and recruitment
    • User training
    • Incident and outage response
    • Systems development and maintenance
    • System security requirements
    • Security in applied systems.
    • System file security
    • Security during development and support
    • Physical security and territory protection
    • Protected areas and equipment safety
    • User access control
    • User Responsibilities
    • Network access control
    • Operating system access control
    • Application Access Control
    • System access and usage monitoring
    • Mobile computers and remote work tools
    • Assessment and audit
    • Compliance with the requirements
    • Legal Compliance
    • Checking Security Policy and Technical Compliance
    • Systems audit recommendations
    • Ensuring business continuity. Business Continuity Considerations
    • Ensuring safety during operation
    • Work rules and responsibilities
    • Development planning and system acceptance
    • Malicious software protection
    • Service procedures
    • Computer network management
    • Media handling and safety
    • Exchange of information and software
    • Planning Results Reports
    • Reports on the results of the implementation of the necessary measures
    • Reports on the results of assessments and audits
    • Reports on specific events, incidents
  19. OWASP, OWASP SAMM security framework for developing web applications
  20. Security features for virtual infrastructure and containers
  21. Security of application servers and integration platforms of the Enterprise Service Bus class
  22. Architectural patterns and security
  23. Microservices and API Gateways. API Economy concept
  24. Firewall, NAT, VPN. IDS and IPS systems. Integration platforms with security features
  25. SIEM platform IBM QRadar, Splunk, Microfocus ArcSight. Events, Incident Response, Litigation, Investigation
  26. Recovery Plans (DRP) and Continuity Management Plans (BCM)
  27. Culture and injection of security values ​​into DevOps practices
  28. Content planning and end-user training organization

Sign up for the closest date

Course Code

NT-CSF

Length, days (hours)

3 (24)

Closest dates

on request

Price, UAH