Demonstrate Secure Use of IT (ICDL Certification Module: Secure Use of IT) (Synchronous e-learning) (16 hrs)

Course Code: TGS-2015500907

*Online Course*

This course sets out concepts relating to the secure use of ICT in daily life and skills used to maintain a secure network connection, use the Internet safely and securely, and manage data and information appropriately.

Participants who fulfil all requirements will receive a Statement of Attainment (SOA) issued by SkillsFuture Singapore (SSG).

  • Understand the importance of keeping information and data secure, and identify common data/privacy protection, retention and control principles
  • Recognise threats to personal security from identity theft and potential threats to data from using cloud computing
  • Be able to use passwords and encryption to secure files and data
  • Understand the threat of malware and be able to protect a computer, device or network from malware and address malware attacks
  • Recognise common network and wireless security types and be able to use personal firewalls and personal hotspots
  • Protect a computer or device from unauthorised access and be able to safely manage and update passwords
  • Use appropriate web browser settings and understand how to authenticate websites and browse the web securely
  • Understand communication security issues that can arise from using e-mail, social networks, voice over Internet protocol, instant messaging and mobile devices
  • Learn to back up and restore data to local and cloud storage locations and delete and dispose of data and devices securely

1. Security concepts

Data threats

  • Distinguish between data and information
  • Understand the terms cybercrime, hacking
  • Recognise malicious, accidental threats to data from individuals, service providers, external organisations
  • Recognise threats to data from extraordinary circumstances like: fire, floods, war, earthquake
  • Recognise threats to data from using cloud computing like: data control, potential loss of privacy

Value of information

  • Understand basic characteristics of information security like: confidentiality, integrity, availability
  • Understand the reasons for protecting personal information like: avoiding identity theft, fraud, maintaining privacy
  • Understand the reasons for protecting workplace information on computers and devices like: preventing theft, fraudulent use, accidental data loss, sabotage
  • Identify common data/privacy protection, retention and control principles like: transparency, legitimate purposes, proportionality
  • Understand the terms data subjects and data controllers and how data/privacy protection, retention and control principles apply to them
  • Understand the importance of adhering to guidelines and policies for ICT use and how to access them

Personal security

  • Understand the term social engineering and its implications like: unauthorised computer and device access, unauthorised information gathering, fraud
  • Identify methods of social engineering like: phone calls, phishing, shoulder surfing
  • Understand the term identity theft and its implications: personal, financial, business, legal
  • Identify methods of identity theft like: information diving, skimming, pretexting

File security

  • Understand the effect of enabling/disabling macro security settings
  • Understand the advantages, limitations of encryption. Be aware of the importance of not disclosing or losing the encryption password, key, certificate
  • Encrypt a file, folder, drive
  • Set a password for files like: documents, spreadsheets, compressed files

2. Malware

Types and methods

  • Understand the term malware. Recognise different ways that malware can be concealed on computers and devices like: Trojans, rootkits, backdoors
  • Recognise types of infectious malware and understand how they work like: viruses, worms
  • Recognise types of data theft, profit generating/extortion malware and understand how they work like: adware, ransomware, spyware, botnets, keystroke logging, diallers

Protection

  • Understand how anti-virus software works and its limitations
  • Understand that anti-virus software should be installed on computers and devices
  • Understand the importance of regularly updating software like: anti-virus, web browser, plug-in, application, operating system
  • Scan specific drives, folders, files using anti-virus software. Schedule scans using anti-virus software
  • Understand the risks of using obsolete and unsupported software like: increased malware threats, incompatibility

Resolving and removing

  • Understand the term quarantine and the effect of quarantining infected/suspicious files
  • Quarantine, delete infected/suspicious files
  • Understand that a malware attack can be diagnosed and resolved using online resources like: websites of operating system, anti-virus, web browser software providers, websites of relevant authorities

Wireless security

  • Recognise different options for wireless security and their limitations like: Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA) / Wi-Fi Protected Access 2 (WPA2), Media Access Control (MAC) filtering, Service Set Identifier (SSID) hiding
  • Understand that using an unprotected wireless network can lead to attacks like: eavesdroppers, network hijacking, man in the middle
  • Understand the term personal hotspot
  • Enable, disable a secure personal hotspot, and securely connect, disconnect devices

4. Access control

Methods

  • Identify measures for preventing unauthorised access to data like: user name, password, PIN, encryption, multi-factor authentication
  • Understand the term one-time password and its typical use
  • Understand the purpose of a network account
  • Understand that a network account should be accessed through a user name and password and locked, logged off when not in use
  • Identify common biometric security techniques used in access control like: fingerprint, eye scanning, face recognition, hand geometry

Password management

  • Recognise good password policies, like: adequate password length, adequate letter, number and special characters mix, not sharing passwords, changing them regularly, different passwords for different services
  • Understand the function, limitations of password manager software

5. Secure web use

Browser settings

  • Select appropriate settings for enabling, disabling autocomplete, autosave when completing a form
  • Delete private data from a browser like: browsing history, download history, cached Internet files, passwords, cookies, autocomplete data
  • Secure Browsing
  • Be aware that certain online activity (purchasing, banking) should only be undertaken on secure web pages using a secure network connection
  • Identify ways to confirm the authenticity of a website like: content quality, currency, valid URL, company or owner information, contact information, security certificate, validating domain owner
  • Understand the term pharming
  • Understand the function and types of content-control software like: Internet filtering software, parental control software

6. Communications

E-Mail

  • Understand the purpose of encrypting, decrypting an e-mail
  • Understand the term digital signature
  • Identify possible fraudulent e-mail, unsolicited e-mail
  • Identify common characteristics of phishing like: using names of legitimate organisations, people, false web links, logos and branding, encouraging disclosure of personal information
  • Be aware that you can report phishing attempts to the legitimate organisation, relevant authorities
  • Be aware of the danger of infecting a computer or device with malware by opening an e-mail attachment that contains a macro or an executable file

Social networking

  • Understand the importance of not disclosing confidential or personal identifiable information on social networking sites
  • Be aware of the need to apply and regularly review appropriate social networking account settings like: account privacy, location
  • Apply social networking account settings: account privacy, location
  • Understand potential dangers when using social networking sites like: cyber bullying, grooming, malicious disclosure of personal content, false identities, fraudulent or malicious links, content, messages
  • Be aware that you can report inappropriate social network use or behaviour to the service provider, relevant authorities

VoIP and instant messaging

  • Understand the security vulnerabilities of instant messaging (IM) and Voice over IP (VoIP) like: malware, backdoor access, access to files, eavesdropping
  • Recognise methods of ensuring confidentiality while using IM and VoIP like: encryption, non-disclosure of important information, restricting file sharing

Mobile

  • Understand the possible implications of using applications from unofficial application stores like: mobile malware, unnecessary resource utilisation, access to personal data, poor quality, hidden costs
  • Understand the term application permissions
  • Be aware that mobile applications can extract private information from the mobile device like: contact details, location history, images
  • Be aware of emergency and precautionary measures if a device is lost like: remote disable, remote wipe, locate device

7. Secure data management

Secure and back up data

  • Recognise ways of ensuring physical security of computers and devices like: do not leave unattended, log equipment location and details, use cable locks, access control
  • Recognise the importance of having a backup procedure in case of loss of data from computers and devices
  • Identify the features of a backup procedure like: regularity/frequency, schedule, storage location, data compression
  • Back up data to a location like: local drive, external drive/media, cloud service
  • Restore data from a backup location like: local drive, external drive/media, cloud service

Secure deletion and destruction

  • Distinguish between deleting and permanently deleting data
  • Understand the reasons for permanently deleting data from drives or devices
  • Be aware that content deletion may not be permanent on services like: social network site, blog, Internet forum, cloud service
  • Identify common methods of permanently deleting data like: shredding, drive/media destruction, degaussing, using data destruction utilities

The course will be conducted through online LIVE streaming.

This course is intended for participants who wishes to equip themselves with the necessary knowledge and skills to use ICT tools in a secure manner.

Duration : 2 days (16 hrs)
Time : 8:30am to 5:30pm

Course Fee : $350.00
Nett Fee Incl. 7% GST : $374.50
Nett Fee after Training Grant* : $59.50 (SMEs) | $102.50 (Non-SMEs / Self-Sponsored)
Nett Fee after MCES* : $59.50

* Please click HERE for detailed information on general terms and conditions.

* Please click HERE for detailed information on course fee funding schemes, SkillsFuture credit, and complete listing of funded courses. This course is eligible for use of SkillsFuture credit.

(A course in partnership with Eagle Infotech)

Key Benefits
  • Understand the importance of keeping information and data secure, and identify common data/privacy protection, retention and control principles
  • Recognise threats to personal security from identity theft and potential threats to data from using cloud computing
  • Be able to use passwords and encryption to secure files and data
  • Understand the threat of malware and be able to protect a computer, device or network from malware and address malware attacks
  • Recognise common network and wireless security types and be able to use personal firewalls and personal hotspots
  • Protect a computer or device from unauthorised access and be able to safely manage and update passwords
  • Use appropriate web browser settings and understand how to authenticate websites and browse the web securely
  • Understand communication security issues that can arise from using e-mail, social networks, voice over Internet protocol, instant messaging and mobile devices
  • Learn to back up and restore data to local and cloud storage locations and delete and dispose of data and devices securely
Course Contents

1. Security concepts

Data threats

  • Distinguish between data and information
  • Understand the terms cybercrime, hacking
  • Recognise malicious, accidental threats to data from individuals, service providers, external organisations
  • Recognise threats to data from extraordinary circumstances like: fire, floods, war, earthquake
  • Recognise threats to data from using cloud computing like: data control, potential loss of privacy

Value of information

  • Understand basic characteristics of information security like: confidentiality, integrity, availability
  • Understand the reasons for protecting personal information like: avoiding identity theft, fraud, maintaining privacy
  • Understand the reasons for protecting workplace information on computers and devices like: preventing theft, fraudulent use, accidental data loss, sabotage
  • Identify common data/privacy protection, retention and control principles like: transparency, legitimate purposes, proportionality
  • Understand the terms data subjects and data controllers and how data/privacy protection, retention and control principles apply to them
  • Understand the importance of adhering to guidelines and policies for ICT use and how to access them

Personal security

  • Understand the term social engineering and its implications like: unauthorised computer and device access, unauthorised information gathering, fraud
  • Identify methods of social engineering like: phone calls, phishing, shoulder surfing
  • Understand the term identity theft and its implications: personal, financial, business, legal
  • Identify methods of identity theft like: information diving, skimming, pretexting

File security

  • Understand the effect of enabling/disabling macro security settings
  • Understand the advantages, limitations of encryption. Be aware of the importance of not disclosing or losing the encryption password, key, certificate
  • Encrypt a file, folder, drive
  • Set a password for files like: documents, spreadsheets, compressed files

2. Malware

Types and methods

  • Understand the term malware. Recognise different ways that malware can be concealed on computers and devices like: Trojans, rootkits, backdoors
  • Recognise types of infectious malware and understand how they work like: viruses, worms
  • Recognise types of data theft, profit generating/extortion malware and understand how they work like: adware, ransomware, spyware, botnets, keystroke logging, diallers

Protection

  • Understand how anti-virus software works and its limitations
  • Understand that anti-virus software should be installed on computers and devices
  • Understand the importance of regularly updating software like: anti-virus, web browser, plug-in, application, operating system
  • Scan specific drives, folders, files using anti-virus software. Schedule scans using anti-virus software
  • Understand the risks of using obsolete and unsupported software like: increased malware threats, incompatibility

Resolving and removing

  • Understand the term quarantine and the effect of quarantining infected/suspicious files
  • Quarantine, delete infected/suspicious files
  • Understand that a malware attack can be diagnosed and resolved using online resources like: websites of operating system, anti-virus, web browser software providers, websites of relevant authorities

Wireless security

  • Recognise different options for wireless security and their limitations like: Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA) / Wi-Fi Protected Access 2 (WPA2), Media Access Control (MAC) filtering, Service Set Identifier (SSID) hiding
  • Understand that using an unprotected wireless network can lead to attacks like: eavesdroppers, network hijacking, man in the middle
  • Understand the term personal hotspot
  • Enable, disable a secure personal hotspot, and securely connect, disconnect devices

4. Access control

Methods

  • Identify measures for preventing unauthorised access to data like: user name, password, PIN, encryption, multi-factor authentication
  • Understand the term one-time password and its typical use
  • Understand the purpose of a network account
  • Understand that a network account should be accessed through a user name and password and locked, logged off when not in use
  • Identify common biometric security techniques used in access control like: fingerprint, eye scanning, face recognition, hand geometry

Password management

  • Recognise good password policies, like: adequate password length, adequate letter, number and special characters mix, not sharing passwords, changing them regularly, different passwords for different services
  • Understand the function, limitations of password manager software

5. Secure web use

Browser settings

  • Select appropriate settings for enabling, disabling autocomplete, autosave when completing a form
  • Delete private data from a browser like: browsing history, download history, cached Internet files, passwords, cookies, autocomplete data
  • Secure Browsing
  • Be aware that certain online activity (purchasing, banking) should only be undertaken on secure web pages using a secure network connection
  • Identify ways to confirm the authenticity of a website like: content quality, currency, valid URL, company or owner information, contact information, security certificate, validating domain owner
  • Understand the term pharming
  • Understand the function and types of content-control software like: Internet filtering software, parental control software

6. Communications

E-Mail

  • Understand the purpose of encrypting, decrypting an e-mail
  • Understand the term digital signature
  • Identify possible fraudulent e-mail, unsolicited e-mail
  • Identify common characteristics of phishing like: using names of legitimate organisations, people, false web links, logos and branding, encouraging disclosure of personal information
  • Be aware that you can report phishing attempts to the legitimate organisation, relevant authorities
  • Be aware of the danger of infecting a computer or device with malware by opening an e-mail attachment that contains a macro or an executable file

Social networking

  • Understand the importance of not disclosing confidential or personal identifiable information on social networking sites
  • Be aware of the need to apply and regularly review appropriate social networking account settings like: account privacy, location
  • Apply social networking account settings: account privacy, location
  • Understand potential dangers when using social networking sites like: cyber bullying, grooming, malicious disclosure of personal content, false identities, fraudulent or malicious links, content, messages
  • Be aware that you can report inappropriate social network use or behaviour to the service provider, relevant authorities

VoIP and instant messaging

  • Understand the security vulnerabilities of instant messaging (IM) and Voice over IP (VoIP) like: malware, backdoor access, access to files, eavesdropping
  • Recognise methods of ensuring confidentiality while using IM and VoIP like: encryption, non-disclosure of important information, restricting file sharing

Mobile

  • Understand the possible implications of using applications from unofficial application stores like: mobile malware, unnecessary resource utilisation, access to personal data, poor quality, hidden costs
  • Understand the term application permissions
  • Be aware that mobile applications can extract private information from the mobile device like: contact details, location history, images
  • Be aware of emergency and precautionary measures if a device is lost like: remote disable, remote wipe, locate device

7. Secure data management

Secure and back up data

  • Recognise ways of ensuring physical security of computers and devices like: do not leave unattended, log equipment location and details, use cable locks, access control
  • Recognise the importance of having a backup procedure in case of loss of data from computers and devices
  • Identify the features of a backup procedure like: regularity/frequency, schedule, storage location, data compression
  • Back up data to a location like: local drive, external drive/media, cloud service
  • Restore data from a backup location like: local drive, external drive/media, cloud service

Secure deletion and destruction

  • Distinguish between deleting and permanently deleting data
  • Understand the reasons for permanently deleting data from drives or devices
  • Be aware that content deletion may not be permanent on services like: social network site, blog, Internet forum, cloud service
  • Identify common methods of permanently deleting data like: shredding, drive/media destruction, degaussing, using data destruction utilities
Learning Methodology

The course will be conducted through online LIVE streaming.

Who Should Attend

This course is intended for participants who wishes to equip themselves with the necessary knowledge and skills to use ICT tools in a secure manner.

Course Details

Duration : 2 days (16 hrs)
Time : 8:30am to 5:30pm

Course Fee : $350.00
Nett Fee Incl. 7% GST : $374.50
Nett Fee after Training Grant* : $59.50 (SMEs) | $102.50 (Non-SMEs / Self-Sponsored)
Nett Fee after MCES* : $59.50

* Please click HERE for detailed information on general terms and conditions.

* Please click HERE for detailed information on course fee funding schemes, SkillsFuture credit, and complete listing of funded courses. This course is eligible for use of SkillsFuture credit.

(A course in partnership with Eagle Infotech)

Course Application

Details Registration
June 21, 2021 - June 22, 2021 (8:30 am - 5:30 pm)
[Dates : Jun 21, 22]
Closed
July 19, 2021 - July 21, 2021 (8:30 am - 5:30 pm)
[Dates : Jul 19, 21]
Register Now