Cybersecurity - Foundation Courses

{{value[0].Version}}

Cybersecurity - Intermediate

{{value[0].Version}}

Cybersecurity - Advanced

{{value[0].Version}}

CyberSecurity Training

Cybersecurity Training

Who is Keeping Your Information Secure?

As more and more confidential information is stored and processed electronically, the risk of unauthorized access is on the rise. Data breaches and attacks make protection critical.

At New Horizons, we are on the leading edge of cybersecurity with training programs designed to ensure that your organization can best prevent itself against attacks and, should one occur, significantly reduce your risk and increase your response time.

We offer courses and certifications from leaders in the cybersecurity space such as CompTIA, (ISC)², and EC-Council. These organizations are committed to setting strict security standards that any organization can implement. Earning certifications from these vendor-neutral organizations is an ideal way to prove your security professionals have the skills, knowledge, and commitment to protect your company’s most valuable data assets. We offer cybersecurity training and certifications from the following vendors:


Which Path is Right for You?

Today being security-aware is not something required only of IT and Cybersecurity Professionals. It is the responsibility of everything in an organization to have at minimum a foundational understanding of security issues and vulnerabilities.

The New Horizons Cybersecurity portfolio of courses is designed to provide security training no matter your level of experience or requisite need. Please click the buttons below to explore our interactive Cybersecurity Maps and find exactly the right training path for you!

CYBERSECURITY CERTIFICATIONS

CompTIA Security+

Security+ TrainingCompTIA Security+ training from New Horizons provides an excellent introduction to the security field and is typically a better entry point than jumping right into an advanced security program. With Security+, you’ll build a solid foundation of knowledge that you can build upon—helping you advance your career in the months and years to come.

Whether your goal is to become Security+ certified for your job, to prove your basic knowledge of security concepts or to gain more knowledge to secure your network, expert training from New Horizons is the perfect solution.

Security+ certification candidates must pass one exam. Although not required, it is strongly recommended that candidates possess their A+ and Network+ Certifications.

Course: CompTIA Security+ Certification
Exam: SY0-401: CompTIA Security+
Target Audience

This course is intended for students wishing to prepare for the CompTIA Security+ Certification Exam. The qualification is aimed primarily at networking professionals, but because security is vital to all levels and job roles within an organization, it will also benefit PC support analysts, application developers and senior managers in accounting, sales, product development and marketing.

At Course Completion

Upon successful completion of this course, students will learn:

  • Identify network attack strategies and defenses
  • Understand the principles of organizational security and the elements of effective security policies
  • Know the technologies and uses of encryption standards and products
  • Identify network- and host-based security technologies and practices
  • Describe how remote access security is enforced
  • Identify strategies for ensuring business continuity, fault tolerance and disaster recovery

CompTIA Cybersecurity Analyst (CSA+)

CompTIA CSA+ training from New Horizons Albuquerque provides an excellent intermediate step in the security field. With CSA+, you’ll build on your solid foundational knowledge—helping you advance your career in the months and years to come.

As attackers have learned to evade traditional signature-based solutions such as firewalls, an analytics-based approach within the IT security industry is increasingly important for most organizations. The behavioral analytics skills covered by CSA+ identify and combat malware, and advanced persistent threats (APTs), resulting in enhanced threat visibility across a broad attack surface.

CompTIA Cybersecurity Analyst (CSA+) certification candidates must pass one exam. Although not required, it is strongly recommended that candidates have their Network+, Security+ or equivalent knowledge. Minimum of 3-4 years of hands-on information security or related experience. While there is no required prerequisite, CSA+ is intended to follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus.

Course: CompTIA Cybersecurity Analyst (CSA+) Certification
Exam: CS0-001: CompTIA CSA+
Target Audience
CSA+ Training

This course is intended for students expand on their existing knowledge of IT Security and pass the CompTIA CSA+ Certification Exam. CompTIA CSA+ certification is aimed at IT professionals with (or seeking) job roles such as IT Security Analyst, Security Operations Center (SOC) Analyst, Vulnerability Analyst, Cybersecurity Specialist, Threat Intelligence Analyst, and Security Engineer.

At Course Completion

Upon successful completion of this course, students will learn:

  • Configure and use threat detection tools.
  • Perform data analysis.
  • Interpret the results to identify vulnerabilities, threats and risks to an organization.

About (ISC)2

(ISC)2 is a global non-profit organization whose primary goal is to help educate and certify Information Security professionals world-wide. Earning your (ISC)2 certifications is an excellent way to establish your knowledge and credibility.

Read descriptions of each of the (ISC)2 certifications and associated training below:

CAP - Certified Authorization Professional

The Certified Authorization Professional (CAP) certification is an objective measure of the knowledge, skills and abilities required for personnel involved in the process of authorizing and maintaining information systems. Specifically, this credential applies to those responsible for formalizing processes used to assess risk and establish security requirements and documentation. Their decisions will ensure that information systems possess security commensurate with the level of exposure to potential risk, as well as damage to assets or individuals.

Recommended Training

Course: Certified Authorization Professional (CAP) Bootcamp
Exam: CAP® - Certified Authorization Professional

Certified Information Systems Security Professional (CISSP)

New Horizons is proud to be able to provide training to assist you in preparation for the CISSP Information Security Certification exam. The CISSP certification is a globally recognized information security certification governed and bestowed by the International Information Systems Security Certification Consortium, also known as (ISC)2. It was the first information security credential accredited by the international ANSI ISO/IEC Standard 17024:2003.

Course: Certified Information System Security Professional (CISSP 2015)
Exam: Certified Information Systems Security Professional (CISSP)

Information Systems Security Management Professional (ISSMP)

This concentration requires that a candidate demonstrate two years of professional experience in the area of management, considering it on a larger enterprise-wide security model. This concentration contains deeper managerial elements such as project management, risk management, setting up and delivering a security awareness program, and managing a Business Continuity Planning program. A CISSP-ISSMP establishes, presents and governs information security programs demonstrating management and leadership skills. Typically the CISSP-ISSMP certification holder or candidate will be responsible for constructing the framework of the information security department and define the means of supporting the group internally.

Course: Information Systems Security Management Professional (ISSMP) Certification Boot Camp
Exam: Information Systems Security Management Professional (ISSMP)

Information Systems Security Architecture Professional (ISSAP)

CISSP-ISSAP requires a candidate to demonstrate two years of professional experience in the area of architecture and is an appropriate credential for Chief Security Architects and Analysts who may typically work as independent consultants or in similar capacities. The architect plays a key role within the information security department with responsibilities that functionally fit between the C-suite and upper managerial level and the implementation of the security program. He/she would generally develop, design, or analyze the overall security plan. Although this role may typically be tied closely to technology this is not necessarily the case, and is fundamentally the consultative and analytical process of information security.

Course: Information Systems Security Architecture Professional (ISSAP)
Exam: Information Systems Security Architecture Professional (ISSAP)

Information Systems Security Engineering Professional (ISSEP)

This concentration was developed in conjunction with the U.S. National Security Agency (NSA) providing an invaluable tool for any systems security engineering professional. CISSP-ISSEP is the guide for incorporating security into projects, applications, business processes, and all information systems. Security professionals are hungry for workable methodologies and best practices that can be used to integrate security into all facets of business operations. The SSE model taught in the IATF portion of the course is a guiding light in the field of information security and the incorporation of security into all information systems.

Course: Information System Security Engineering Professional (ISSEP) Certification Boot Camp
Exam: Information Systems Security Engineering Professional (ISSEP)

About EC-Council

The International Council of Electronic Commerce Consultants (EC-Council) is a long-standing professional certification organization for IT Professionsals. The EC-Council's goal is to provide support for individuals who create and maintain security and IT systems.

Read descriptions of each of the EC-Council certifications and associated training below:

Certified Ethical Hacker (CEH)

Certified Ethical Hacker training and certification at New Horizons will help you learn to stop hackers by thinking and acting like one. The CEH training immerses students in an interactive environment where they will learn how to scan, test, hack, and secure their own systems. Students then learn how intruders escalate privileges and what steps can be taken to secure a system.

Course: EC-Council Certified Ethical Hacker (CEH) v9.0
Exam: Certified Ethical Hacker (CEH)

The CEH certification will fortify the application knowledge of security officers, auditors, security professionals, site administrators and anyone who is concerned about the integrity of the network infrastructure.

Computer Hacking Forensic Investigator (CHFI)

The CHFI certification from EC-Council is an advanced certification for forensic network security investigators. As cybercrime has increased, the need for computer forensic investigators has grown dramatically. CHFI certified candidates may investigate invasion or theft of intellectual property, misuse of IT systems and violations of corporate IT usage policies.

Course: EC-Council Computer Hacking Forensics Investigator (CHFI) v8.0
Exam: Computer Hacking Forensic Investigator (CHFI)

The CHFI course will give participants the necessary skills to identify an intruder's footprints and to properly gather the necessary evidence to prosecute. Many of today's top tools of the forensic trade will be taught during this course, including software, hardware and specialized techniques. The need for businesses to become more efficient and integrated with one another, as well as the home user, has given way to a new type of criminal, the "cyber-criminal."

Licensed Penetration Tester (LPT)

EC-Council’s Licensed Penetration Tester (LPT) certification is a natural evolution and extended value addition to its series of security related professional certifications. The LPT standardizes the knowledge base for penetration testing professionals by incorporating best practices followed by experienced experts in the field.

Course: Complete Penetration Testing 10-Day
Exam: Licensed Penetration Tester (LPT)

Gain the in-demand career skills of a professional security tester. Learn the methodologies, tools, and manual hacking techniques used by penetration testers.

EC-Council Certified Security Analyst (ECSA)

EC Council Certified Security Analyst, ECSA an advanced ethical hacking training certification that complements the Certified Ethical Hacker, CEH certification by exploring the analytical phase of ethical hacking.

While the Certified Ethical Hacker certification exposes the learner to hacking tools and technologies, the Certified Security Analyst course takes it a step further by exploring how to analyze the outcome from these tools and technologies. Through groundbreaking network penetration testing training methods and techniques, this pen testing computer security certification helps students perform the intensive assessments required to effectively identify and mitigate risks to the information security of the infrastructure.

Course: EC-Council ECSA/LPT V8.0
Exam: EC-Council Certified Security Analyst (ECSA)

Gain the in-demand career skills of a professional security tester. Learn the methodologies, tools, and manual hacking techniques used by penetration testers.

About ISACA

ISACA is an independent, non-profit global association founded in 1969 to provide guidance and benchmarks for information systems and risk management.

Read descriptions of each of the ISACA certifications and associated training below:

CSX Practitioner

CSX Practitioner is a globally-offered certification for cyber security professionals. This certification is for first reposnders and proves they are experts at following established procedures, using defined processes, and working mostly with known problems on a single system.

Courses: CSX Practitioner I: Identification and Protection CSX Practitioner II: Detection CSX Practitioner III: Respond and Recover
Exam: CSX Practitioner Certification

The CSX Practitioner Series is designed for IT professionals and affirms that you have firewall, patching and anti-virus experience and can implement common security controls, perform vulnerability scans and some analysis.

Certified Information Systems Auditor (CISA)

The CISA designation is a globally recognized certification for IS audit control, assurance and security professionals. Being CISA-certified showcases your audit experience, skills and knowledge, and demonstrates you are capable to manage vulnerabilities, ensure compliance and institute controls within the enterprise.

Course: Certified Information Systems Auditor (CISA) Boot Camp
Exam: Certified Information Systems Auditor (CISA) Boot Camp

In this course students will perform evaluations of organizational policies, procedures and processes to ensure that an organization's information systems align with overall business goals and objectives. This course is aligned to the objectives established by Information Systems Audit and Control Association (ISACA) for the CISA exam.

Certified Information Security Manager (CISM)

Demonstrate your information security management expertise. The uniquely management-focused CISM certification promotes international security practices and recognizes the individual who manages designs, and oversees and assesses an enterprise’s information security.

Course: Certified Information Security Manager (CISM)
Exam: Certified Information Security Manager (CISM)

This course is aligned with objectives established by the Information Systems Audit and Control Association (ISACA) for the CISM exam.

Certified in Risk and Information Systems Control (CRISC)

CRISC is the only certification that prepares and enables IT professionals for the unique challenges of IT and enterprise risk management, and positions them to become strategic partners to the enterprise.

Course: CRISC Boot Camp
Exam: Certified in Risk and Information Systems Control (CRISC)

CRISC is designed for IT professionals who have hands-on experience with risk identification, assessment, and evaluation; risk response; risk monitoring; IS control design and implementation; and IS control monitoring and maintenance.

Certified in the Governance of Enterprise IT (CGEIT)

CGEIT recognizes a wide range of professionals for their knowledge and application of enterprise IT governance principles and practices. As a CGEIT certified professional, you demonstrate that you are capable of bringing IT governance into an organization-that you grasp the complex subject holistically, and therefore, enhance value to the enterprise.

Course: Certified in the Governance of Enterprise IT (CGEIT) Boot Camp
Exam: Certified in the Governance of Enterprise IT (CGEIT) Boot Camp

CGEIT is specifically developed for IT and business professionals who have a significant management, advisory, or assurance role relating to the governance of enterprise IT.

CyberSec First Responder (CFR)

Logical Operations CyberSec First Responder is a course designed for information assurance professionals who perform job functions related to the development, operation, management, and enforcement of cybersecurity capabilities for systems and networks.

There are a number of options in regards to cybersecurity training in the market today. From vendor-based product training to cybersecurity management courses, it can be difficult to determine which is best for any given individual. CFR combines a number of disciplines within cybersecurity and develops an understanding of how everything fits together. Couple this holistic security focus with hands-on, lab-based learning, and students are able to develop the skillset needed to be a valued member of any cybersecurity team.
Course: CyberSec First Responder
Exam: CyberSec First Responder

Target Audience
Designed for information assurance professionals whose job functions include development, operations, management, and enforcement of secure systems and networks.

At Course Completion
This course will prepare cybersecurity professionals to become the first line of response against cyber attacks by teaching students to analyze threats, design secure computing and network environments, proactively defend networks, and respond/investigate cybersecurity incidents.

CyberSAFE

CyberSAFE is a course designed for information technology end-users. There is an increasing reliance on workplace technologies and ensuring their proper use is critical to the protection of our information systems.

This course is designed to meet the needs of all organizations, irrespective of size, industry, or geographic location.

Course: CyberSAFE

Target Audience
This course is designed for non-technical end-users of computers, mobile devices, networks, and the Internet, enabling employees of any organization to use technology more securely to minimize digital risks.

At Course Completion
Students will be able to identify many of the common risks involved in using conventional end-user technology, as well as ways to use it safely, to protect themselves and their organizations from those risks.

What is Penetration Testing?

A penetration test subjects a system or a range of systems to real life security tests. The benefit of a complete penetration suite compared to a normal vulnerability scan system is to reach beyond a vulnerability scan test and discover different weaknesses and perform a much more detailed analysis. The user can perform specified attacks in high detail depending on his specific choices and needs. This is normally done via the many advanced techniques and utilities of a security consultant.

Penetration Testing Compared to Vulnerability Scanning

The advantage of a penetration test compared with an automated vulnerability scan is the involvement of the human element versus automated systems. A human can do several attacks based on skills, creativity. and information about the target system that an automated scanning can not do.

Several techniques like social engineering can usually be done by humans alone since it requires physical techniques that have to be performed by a human and is not covered by an automated system.

Advance your Information Security knowledge and become a specialist in Penetration Testing with training from New Horizons .

Foundations and Prerequisites

The following courses are recommended or relevant experience:

Core Classes

Specialization - select one

The Penetration Test Process

Discovery: The Penetrator performs information discovery via a wide range of techniques—that is, whois databases, scan utilities, Google data, and more—in order to gain as much information about the target system as possible. These discoveries often reveal sensitive information that can be used to perform specific attacks on a given machine.

Enumeration: Once the specific networks and systems are identified through discovery, it is important to gain as much information possible about each system. The difference between enumeration and discovery depends on the state of intrusion. Enumeration is all about actively trying to obtain usernames as well as software and hardware device version information.

Vulnerability Identification: The vulnerability identification step is a very important phase in penetration testing. This allows the user to determine the weaknesses of the target system and where to launch the attacks.

Exploitation and Launching of Attacks: After the vulnerabilities are identified on the target system, it is then possible to launch the right exploits. The goal of launching exploits is to gain full access of the target system.

Denial of Service: A DOS (Denial of Service) test can be performed to test the stability of production systems in order to show if they can be crashed or not. When performing a penetration test of a preproduction system, it is important to test its stability and how easily can it be crashed. By doing this, its stability will be ensured once it is deployed into a real environment.

It is important to perform DOS testing to ensure the safeness of certain systems. If an attacker takes down your system during busy or peak hours, both you and your customer can incur a significant financial loss.

Reporting: After the completion of the penetration test, it is important to get user-customized reporting suites for a technical and/or management overview. This includes the executive summary, detailed recommendations to solve the identified vulnerabilities, and official security ID numbers for the vulnerabilities. The reports come in different formats such as html, pdf, and xml. Furthermore, all the reports are open to be modified as of the user’s choice.