SC100: Cyber Security Foundation

Training: Security - Certification

Participants receive a compact overview of the cybersecurity landscape. They learn about attack and defense mechanisms in theory and practice and train the interaction of people, organization, and technology. The workshop is conducted online and includes interactive elements to deepen understanding in a practical way.

Online training Online training

Start: 2025-11-11 | 10:00 am

End: 2025-11-12 | 05:00 pm

Location: Online

Price: 1.350,00 € plus VAT.

Online training Online training

Start: 2025-11-13 | 10:00 am

End: 2025-11-14 | 05:00 pm

Location: Online

Price: 1.350,00 € plus VAT.

Online training Online training

Start: 2026-01-19 | 10:00 am

End: 2026-01-20 | 05:00 pm

Location: Online

Price: 1.350,00 € plus VAT.

Online training Online training

Start: 2026-03-11 | 10:00 am

End: 2026-03-12 | 05:00 pm

Location: Online

Price: 1.350,00 € plus VAT.

Online training Online training

Start: 2026-04-27 | 10:00 am

End: 2026-04-28 | 05:00 pm

Location: Online

Price: 1.350,00 € plus VAT.

Online training Online training

Start: 2026-06-29 | 10:00 am

End: 2026-06-30 | 05:00 pm

Location: Online

Price: 1.350,00 € plus VAT.

Online training Online training

Start: 2026-09-21 | 10:00 am

End: 2026-09-22 | 05:00 pm

Location: Online

Price: 1.350,00 € plus VAT.

Online training Online training

Start: 2026-11-09 | 10:00 am

End: 2026-11-10 | 05:00 pm

Location: Online

Price: 1.350,00 € plus VAT.

Request prefered appointment period:

* All fields marked with an asterisk are mandatory fields.

Agenda:

  • Creation of attack scenarios against companies based on publicly visible vectors as moderated live demo

  • Discussion and creative elaboration of attack and defense
    • How do offense and defense interact?

  • Expanding the security surface (Technology – Organization – Human)
    • How do protection requirements classification, risk analysis, risk management, compliance strengthen security?
    • Specifics for cloud outsourcing (vendor lock, geo-risk, exit strategy)
    • Introduction to the Lockheed Martin Cyber Kill Chain

  • Which standards are relevant? How are they structured and what are they practically usable for?
    • How do they build upon each other and complement each other (e.g. cross-reference tables IT baseline protection to ISO27001)?
    • Introduction NIST Cybersecurity Framework, ISO 2700X family, BSI™ baseline protection standards, other relevant organizations like Teletrust, ENISA or OWASP

  • Fundamentals of technical IT security
    • Network architecture
    • Secure connection of local networks to the Internet
    • Secure usage of WLAN
    • Secure deployment of IPv4 and IPv6

  • Components in the network
    • Hardening of a PC client
    • Hardening of a server

  • Services and applications on the Internet
    • Secure usage of email
    • Secure operation of email servers
    • Secure usage of web services
    • Secure provision of web services
    • Secure Internet telephony (VoIP)
    • Secure remote access to local networks (VPN)

  • How vulnerabilities emerge and how they are discovered.

  • Workshop: Discovery and mitigation of vulnerabilities through technical, human and organizational measures in various scenarios

  • Fundamentals of social engineering
    • Psychological fundamentals
    • OSINT and information gathering
    • Typical attack scenarios (phishing, vishing, tailgating, spoofing)
    • Defense against SE attacks

  • Threat landscape of cybercrime
    • Hacktivists, state nation actors, commercial hackers, script kiddies
    • Darknet, deepweb, trojans/viruses/worms, WLAN + USB attacks, DDoS, ransomware, lateral movement in authorization systems (using Active Directory as example)

  • Building a resilient ISMS
    • Purpose definition, stakeholder gathering, system selection, risk analysis, role and function definition, compliance, governance, creation of policies, security concepts and controls

  • Cybersecurity technology:
    • Preventive: firewalls, proxy, segmentation, hardening, IAM, cryptography, patching, backup
    • Detective: advanced analytics, antivirus (signature/heuristic/nextGen), NBAD (Network Behavior Anomaly Detection), mail protection, honeypots
    • Reactive: quarantine, behavior blocking, SIEM, SOC, CERT, forensics
    • Predictive: darknet monitoring/underground spotting, bug bounty, BCM, BIA

  • BCM – emergency preparedness and resilience measures
    • How to prepare for the unexpected (Black Swan, N.N.Taleb)?

  • Awareness – campaign development, error culture, team building, lighthouse projects

Objectives:

  • Deepen your knowledge about the interaction of attack and defense regarding the core components technology, organization and human.
  • Learn measures for ensuring a targeted security level and discover how frequency, damage amount and probability of occurrence are handled to minimize risk.
  • Get an overview of the most important current security standards and their interaction.
  • Complete your fundamentals: From the origins of the German hacker underground scene, through the establishment of ENISA and BSI™, the best practices for building an ISMS to the favorite controls of auditors.
  • Train your own social skills with an experienced hacker and social engineer and create your own awareness program in group work.
  • Prepare yourself and your colleagues with best practices of resilience and IT emergency management for the worst case scenario.

Target audience:

The workshop is intended for both experienced professionals and new or existing staff working in the field of information security.
This course is particularly suitable for participants who have had limited exposure to the full scope of information security—such as specialists in a specific domain—who now wish to broaden their perspective and gain a more comprehensive understanding.

Prerequisites:

No specific prior knowledge regarding information security and IT security is required for participation in the SC100 Cyber Security Foundation course.

Description:

The workshop SC100 Cyber Security Foundation provides you with a compact overview of the entire cyber security landscape.
You gain understanding for attacking and defending IT environments, both in theoretical mechanisms, as well as through practical examples. You train the interaction of human, organization and technology and their influence within cyber security. The workshop takes place online within the framework of a conference and includes interactive elements.

Learning control/Certificate:
The workshop concludes with a gamified learning assessment with a duration of 45 minutes. Upon passing this, participants receive a qSkills™ certificate.
check-icon

Guaranteed implementation:

from 2 Attendees

Booking information

Price:

1.350,00 € plus VAT.

(including lunch & drinks)

Exam (Optional):

100,00 € plus VAT.

Authorized training partner

NetApp Partner Authorized Learning
Commvault Training Partner
CQI | IRCA Approved Training Partner
Veeam Authorized Education Center
Acronis Authorized Training Center
AWS Partner Select Tier Training
ISACA Accredited Partner
iSAQB
CompTIA Authorized Partner
EC-Council Accredited Training Center

Memberships

Allianz für Cyber-Sicherheit
TeleTrust Pioneers in IT security
Bundesverband der IT-Sachverständigen und Gutachter e.V.
Bundesverband mittelständische Wirtschaft (BVMW)
Allianz für Sicherheit in der Wirtschaft
NIK - Netzwerk der Digitalwirtschaft
BVSW
Bayern Innovativ
KH-iT
CAST
IHK Nürnberg für Mittelfranken
eato e.V.
Sicherheitsnetzwerk München e.V.