Hero Banner

Certified Information Security Consultant Training Course

A comprehensive training program covering a wide range of core cybersecurity topics essential for every aspiring consultant

We have trained over 750 organizations including:

One course that covers everything from fundamentals to advanced concepts

45 learning sessions with several hours of hands-on practice with live projects and labs

More than just a technical course. Also covers critical cybersecurity consulting skills

Comprehensive study material to bolster self-learning & reinforce fundamentals

The CISC certification program was created with the primary objective to produce an effective, well rounded cyber consultant who understands the fundamentals of the essential domains of network security, cyber security, governance, risk and compliance.  

While most cybersecurity certification programs are geared towards purely technical know-how, the CISC also arms you with the necessary consulting skills in order to help you make your mark in this exciting field.

Benefits of the Certified Information Security Consultant Training Course

  • Prepares an individual to be an all-rounded cyber security consultant
  • Enhances learning of compliance standards, forensics and even cybercrime investigations
  • Helps you gain practical and tangible experience with numerous hands-on practice labs and live-projects. 

CISC (1)


CISC Course Learning Objectives:

Kickstart your journey towards making a mark in the cybersecurity industry with this highly comprehensive course. At the end of this course, delegates will have learnt: 

  • The basics of cybersecurity as well as advanced concepts of coding, server security, web application security, network security, mobile security, digital forensics and compliance
  • All about the OSI model, TCP/IP model and the basics of IP/ICMP
  • Network Basics including IPV4 & IPV6, VLAN, Router Security-NAT, VPN and ACL
  • Advanced Networking Concepts such as Network Packet Analysis (Wireshark)
  • Windows and Linux basics 
  • Reconnaissance in Network Security 
  • How to find Vulnerabilities using Manual and Automated methods 
  • Web Application Security concepts including OWASP Top 10, Risk-Based Security Testing, Threat Modeling and Source Code Analysis
  • All about Mobile Security including Android security, Android Exploitation, iOS Security Architecture and Mechanisms, Jailbreaking etc. 
  • Fundamentals of Digital Forensics including concepts of SOC, Disk Forensics, Memory Forensics and Network Forensics 
  • Basic definitions of compliance, ISMS, Business Continuity Management: ISO 22301 and PCI-DSS
  • Learn what it takes to create, review and optimise cyber incident response playbooks.
  • Understand the technology that can underpin the creation, optimisation and automation of playbooks.

Feedback and Testimonials for our Courses

Kevin Hayes
The playbooks training course was a good 'part-2' to the CIPR and went into greater depth in a number of areas. The day was fun and Amar kept us moving along at a good pace.
Kevin Hayes
CISO, Cyber Risk Associates
Russ Smith

Enjoyed the course. Good mix of attendees and plenty of lively conversation. Amar steered us through it all admirably.

Russ Smith
Kim Rose

Overall the course was very good. I would strongly recommend this training to anyone who is involved in Cyber Security or has control of information assets.

Kim Rose
Information Governance Officer, Wye Valley NHS Trust
Philipp Scheiwiler

It was a great workshop with a lot of interesting people and a great learning experience.

Philipp Scheiwiler
System Engineer
Andrew Lock
This was a very helpful day and opportunity to speak with a number of operational incident responders to discuss what really works in practice and not just in theory. I gained a great deal from the day, particularly around the construction of bespoke playbooks and also a variety of useful resources to inform my learning. A really good day.
Andrew Lock
Information Security Consultant

CISC Course Modules 

Module 1 - Fundamentals
  • Introduction to Information Security. Introduction to CISC-CIA Triad. Types of Hackers. Essential Information Security Terms.

  • Penetration Testing versus Ethical Hacking. Different Types of Testing. Career opportunities in Information Security. Legislation and Regulations.

  • Introduction to Network Fundamentals. Components of Data Communication. Network Topology and Network Cables. Computer Network Architecture. Internet and Protocol. OSI and TCP IP Models. Understanding ICMP and an ICMP Ping.

  • Introduction to Subnetting and Supernetting. Routing, Router Security and Network Address Translation.

  • Virtual Local Area Network (VLAN) and Virtual Private Network (VPN). Firewall and IP tables. Packet Capture and Wireshark.

  • Windows NT Architecture and Windows 10 Architecture. File Permissions. Password Hashing.

  • Unix and Linux. 
Module 2 - Network Security
  • Reconnaissance. Packet Crafting.

  • Network Mapper Nmap.

  • Testing a firewall. Hacking Servers.

  • Netcat and Ncat. Testing Common services and protocols.

  • Hacking Passwords. 

  • Metasploit Framework.

  • PowerShell. 

  • Wireless Hacking Methodology.

  • Authentication Methods and Types of WLAN Attacks. WEP, WPA/WPA-2.
Module 3 - Server Security
  • Introduction to Database and Database Security.

  • Understanding SQL Statements, DDL Statements, DML Statements.

  • Introduction to Oracle. Securing Oracle Parameters.

  • User and Profiles. Roles and Privileges.

  • Big Data. MongoDB. Hadoop.

  • Windows Security. Security Policies. Event Log.

  • Linux Security.

  • IIS Server Security. Apache Server Security.
Module 4 - Web Application Security
  • Introduction to Web Applications. HTML and JavaScript.

  • Introduction to OWASP TOP 10.

  • Injection and Error-based Injection. Authentication Bypass using SQL Injection. Blind Injection using SQLMap. Command Injection. 

  • Broken Authentication. Brute Force. Session Management. Insufficient Transport Layer Security. Broken Access Control IDOR and MFLAC.

  • Security Misconfiguration. Cross Site Scripting (XSS). Using Components with Known Vulnerabilities. Insufficient Logging and Monitoring.

  • Web Application Security OWASP10. 

  • Browser-based Vulnerabilities. Clickjacking. POODLE. Content Spoofing. Fingerprinting. 

  • Advanced Recon.
Module 5 - Mobile Application Security
  • Introduction to Mobile Applications and Android. Setting Up Android Testing Environment.

  • ADB and its Commands.

  • Mobile OWASP Top 10 Improper Platform Usage. Mobile OWASP Top 10 Insecure Data Storage. Mobile OWASP Top 10 Insecure Communication. Mobile OWASP Top 10 Insecure Authentication. Mobile OWASP Top 10 Insufficient Cryptography. Mobile OWASP Top 10 Insecure Authorization. 

  • Mobile Application Security Testing. Exploiting Android with Metasploit Framework. iOS Application Basics. iOS Jailbreaking and its types. Tools and Techniques for iOS Application Testing.
Module 6 - Digital Forensics And SOC
  • The Basic Forensic Process and the 6 As of Forensics. Forensics Tools and Techniques. Chain of Custody. Types of Cyber Crime.

  • Disk Imaging. Understanding the Hard Disk. Password Cracking. Physical Protection of Evidence. Log Analysis. Malware Analysis And Malware Types. Email Forensics. USB Forensics. Memory Forensics.  Analyzing Stuxnet with Volatility.

  • Mobile Forensics and Tools and Techniques. Mobile Forensics Challenges. Mobile Forensics Methodology, Forensic Imaging and adb Commands. 

  • Introduction to Network Forensics. Wireless and SSL Forensics. Internet History Browser Forensics. Windows Live Forensics. Linux Live Forensics. 

  • Components of Incident Response and Incident Response Team. Incident Response Methodology and Sysinternals. 
Module 7 - Compliance
  • Introduction to ISMS, its importance and benefits. 

  • ISO 27001. Understanding the structure of the standard and ISO 27001:2013 Domains.

  • Understanding Controls. Risk Assessment Treatment.

  • Business Continuity Planning. Risk Control Options. Disaster Recovery Plan. Maintenance of BCM Plan. Business Impact Analysis. 

  • Backup Sites. Backup Considerations and Backup Types. 

  • Introduction to PCI DSS and Compliance Requirements. Consequences of Compromised Payment Card Data. Payment Card Data Breaches and Myths.

All trademarks, service marks, trade names, product names, service names and logos appearing on the site, or on printed or digital material are the property of their respective owners, including in Cyber Management Alliance Ltd. Any rights not expressly granted herein are reserved.

Building and Optimising Incident Response Playbooks

Find out more about our one day public courses or internal workshops, please complete the form below. 

  • callOr call us on:
  • +44 (0) 203 189 1422