Our Cyber Security Level 4 Apprenticeship combines high-quality classroom training with online learning, coaching and on-the-job experience, to develop real world skills in information security.
This QA apprenticeship gives learners the qualifications, skills and technical grounding needed to thwart cyber-crime, decrypt data and untangle malware.
Our programme is designed to build a foundation of skills and knowledge in critical areas. Developing a blend of technical skills across digital security, information assurance and risk to help learners become secure and productive in a commercial setting.
On successful completion of the programme the following qualifications are gained:
- Cyber Security Technologist Level 4
- BCS Level 4 Certificate in Cyber Security Introduction
- BCS Level 4 Certificate in Network and Digital Communications Theory
- BCS Level 4 Certificate in Security Case Development and Design Good Practice
- BCS Level 4 Certificate in Security Technology Building Blocks
- BCS Level 4 Certificate in Employment of Cryptography
Unique to this programme – Cyber Labs
A highlight of this QA cyber apprenticeship is one of our future focussed Cyber Labs. This experience immerses learners in real life cyber-attack situations in a uniquely constructed purpose-built facility. Held over three days this hands on practice gives learners the opportunity to overcome distinctive challenges, exclusively at QA.
Entry requirements for this Cyber Security Level 4 Apprenticeship:
- A Levels in Software/Computing
Ideally have planned apprenticeship offers substantive new skills and knowledge in their existing or new role
- Or a Level 3 apprenticeship in a similar subject
- Or an International Baccalaureate at Level 3 in ICT
- Or a BTEC Extended Diploma in IT (180 Credits)
- Learners must not hold an existing qualification at the same or higher level as this apprenticeship in a similar subject
Job role suitability if already in employment:
To help determine whether this programme is suitable for your business or the learner(s) you must be able to answer “yes” to the following questions.
- Are they working in a full time information security and cyber security role?
- Will they be involved with researching, investigating, analysing and evaluating security threats?
- Will they be involved with undertaking security risk assessments, without direct supervision?
- Will they be responsible for developing and using a security case?
- Will they be involved with building security into a network?
- Will they be involved with designing systems using cryptography/key management?
- Will they involved with mitigating and responding to cyber threats?
- Have they progressed from a previous technical role for example IT Technician, Network Support or Software Developer?
Note: Speak to your QA Account Manager for more advice on eligibility and job role/existing staff suitability for this programme.
Apprentices need tech-enabled apprenticeship programmes that resonate with their day-to-day life. In keeping with this - we have innovated through technology and digital content creation to deliver a ‘high tech, high touch’ approach to blended learning.
High-quality learning content on the go. We deliver “mobile-first” education – this means learning can be accessed anytime, anywhere, on any device.
This programme teaches skills in:
- Ethical hacking and penetration testing
- Cryptography and encryption
- Open source intelligence (OSI)
- Understanding the security standard ISO27001
Empowering roles like:
- Cyber Security Specialist
- Security Analyst
- Cyber Operations Manager
- Penetration Tester
- Information Security Officer
- Information Security Auditor
During the programme learners are required to spend 20% of time at work on off-the-job learning.
The knowledge modules in our Cyber Security Technologist Level 4 apprenticeship introduce the skills essential to information security.
Our face-to-face training workshops and online learning develops the core set of skills they must be able to do well to be competent in their role.
As part of this cyber apprenticeship programme apprentices will complete:
- Ten knowledge modules teaching advanced security theory and its practical application, through a combination of online learning and practical classroom workshops – including QA’s Cyber Lab.
- A work-based portfolio showcasing how learners demonstrated the skills they’ve learnt in real work projects.
- A synoptic project where learners take a business and technical brief in order to build a finished product.
- An end-point assessment interview carried out by BCS – The Chartered Institute for IT – to assess whether apprentices have successfully met the learning requirements of the programme.
To ensure all apprentices can do these skills consistently well, we’ve designed modules with the following learning outcomes:
Module 1: Open Source Intelligence
Day 1 - 3
- Use advanced search engine techniques and features
- Identify websites for finding information on people and companies
- Analyse website source code for investigative purposes
- Use deep web sites and directories
- Understand internet infrastructure and its use intelligence gathering and investigation
- Explain the digital footprint is left when online and the dangers associated
- Use social media for investigation, intelligence and geolocation
- Describe the best open source software to use for investigations
- Access influential internet communities
- An introduction to the Dark Web, criminal innovation and cybercrime
Day 4 - 5
- Advanced search engine techniques and Google hacking
- How to describe the ways mobile devices can cause and opportunity and risk
- Tracking users with GPRS and SSID
- Advanced software required for safe internet investigations
- How to use open source encrypted anonymity services
- Familiarity with use of Tor and accessing Tor Hidden Services (THS) and other Dark Webs
- How Virtual currencies work, particularly Bitcoin
- Advanced knowledge needed when capturing digital evidence for court
Module 2: CompTIA Network+
- Understand Local Area Networks
- Understand TCP/IP and OSI
- Understand IP Addressing and it’s use – IPv4 and IPv6
- Understand approaches to Network Troubleshooting
- Understand Network Site Management
- Understand Remote Access and Virtualization
- Configuring Wired and Wireless Networks
Module 3: CompTIA Security+
- Identify network attack strategies and defences.
- Understand the principles of organizational security and the elements of effective security policies.
- Know the technologies and uses of cryptographic standards and products.
- Identify network- and host-based security technologies and practices.
- Describe how wireless and remote access security is enforced.
- Describe the standards and products used to enforce security on web and communications technologies.
- Identify strategies for ensuring business continuity, fault tolerance, and disaster recovery.
- Summarize application and coding vulnerabilities and identify development and deployment methods designed to mitigate them.
Module 4: BCS Cyber Security Introduction
- Describe and explain why information and cyber security are important to business and to society.
- Recall, describe and explain the terminology and basic concepts of cyber security.
- Demonstrate and explain the concept of information assurance and how it can be delivered.
- Describe and explain how security objectives can be developed and used to build a security case.
- Demonstrate and explain how the basic security concepts can be applied to typical information and communications technology (ICT) cyber infrastructures.
- Describe and explain common attack techniques and sources of threat.
- Illustrate and explain ways to defend against the main attack techniques.
- Recall, describe and explain legal, regulatory, information security and ethical standards relevant to the cybercommunity.
- Discover and explain the concept and practice of keeping up with the threat landscape (horizon scanning).
- Describe and explain future trends in cyber security
Module 5: BCS Network and Digital Communications Theory
- Demonstrate the understanding and operation of commonly used network data and protocols.
- Compare and contrast the features and functionality of layered network models.
- Understand the functionality and operation of network routing.
- Understand the factors that affect network performance.
Module 6: BCS Employment of Cryptography
- Describe the technology of cryptography and name the available techniques, limitations and problems commonly encountered.
- Describe cryptographic techniques and state their limitations. For example, but not limited to: Ciphertext vs. Plaintext, Ciphers, Cryptographic techniques, Key length vs. Security, Hashing, Digital signatures, Attacks
- Describe the main features of symmetric cryptosystems, PK cryptosystems and key exchange.
- Show where the various cryptographic techniques may be employed to secure data and systems. For example, but not limited to: Password verification, Digital signatures, VPNs, Tunnelling, Encapsulating & carrier protocols IPsec
- Show how poorly applied cryptography can become a threat vector. Indicative areas of study include, but are not limited to: ECB mode, Collision attacks, Algorithm problems, Key management problems, Random number generation problems
- Explain the significance and role of entropy in cryptography and discuss security problems associated with entropy.
- Explain the deployment of cryptographic systems in a range of common public technologies; in the protection of data and networked systems and discuss issues faced in their deployment and updating.
- Explain the significance of key management as it relates to controls, lifecycle and governance.
- Describe the role of cryptography in a range of common public systems. For example, but not limited to: Mobile telecommunications, Secure card payments, Cyber applications, Video broadcasting, Private and home user considerations
- Describe the role of cryptography as it applies to data on hard disks or in transit. For example, but not limited to: Secure Internet transaction technologies, Data at rest Open v closed source. List some of the practical issues encountered in implementing cryptography. Indicative areas may include, but not be limited to: Performance considerations, Storage of keys, Security clearance of custodians, Historical consideration of broken cryptographic systems, Theoretical vs practical security, Kerckhoff’s principle
- Explain the practical issues faced when updating cryptographic techniques. For example, but not limited to: Vulnerability analysis, Intelligence sources, General understanding of validation processes, Patching process and testing
- Discuss legal issues relevant to cryptography (particularly when crossing national borders) and describe UK, EU and US export control of cryptography and the Wassenaar Arrangement. Outcomes should include an ability to: List the regulatory frameworks in place in different jurisdictions, covering such topics as: International Traffic in Arms Regulations, DPA, FoI, The Combined Code, Sarbanes-Oxley and their areas of governance, RIPA 2000, Key escrow, International Data Encryption Algorithm (IDEA)
- Describe some of the legal issues related to cryptography with respect to national borders.
- List a range of resources available to obtain advice concerning cryptography and security. For example, but not limited to:
- CAVP, CVE lists, Open vs. closed reviews, ISO, OWASP, SANS, NIST, NCSC
Module 7: ISO27001 Foundation
- Why do learners need certification to ISO 27001?
- The relationship between ISO27001, and ISO27002
- What the Information Security Management System (ISMS) is and what it is trying to achieve; Confidentiality, integrity, availability, plus audit
- Over view of the stages of the ISMS
- Defining an Information Security Policy
- Defining the scope of the ISMS
- What are information assets, and identifying them?
- Conducting risk assessments, Identifying asset values, threats and vulnerabilities, Practical exercise – under taking a risk assessment and Managing risk
- Risk measurement
- Results and conclusions resulting from an assessment
- Risk reduction and acceptance techniques
- Determining control objectives
- Selecting control objectives and controls
- Information Security Overview
- ISO 27001/ ISO27002 control objectives and controls
- The application of countermeasures, Creating a workable countermeasure
- Preparing a Statement of Applicability
- Auditing the ISMS, What does auditing achieve? How should auditing be conducted? and Different types of audit
- Preparing for formal certification audits
- The phase 1 and 2 ISO 27001 audits
- Maintaining Certification
Module 8: Building a Security Case
- Describe and explain recognised IT Security
- Design Principles and demonstrate their application within IT systems and software.
- Demonstrate the importance of keeping IT systems simple, whilst meeting business and security needs.
- Describe the application and features of core IT Security Design Principles, including but not limited to: Least privilege, Economy of mechanism, Defence in depth (complete mediation), Human factors psychological acceptability, Fail-safe defaults, Open design, Separation of privileges, Least common mechanism
- Explain the following features of the Trustworthy Software Initiative (TSI): Safety, Reliability, Availability, Resilience, Security
- Compare TSI and IT Security Design Principles and explain their commonalities.
- Describe and illustrate common security architectures that incorporate hardware and software components.
- Demonstrate the difference between enterprise architecture and security architecture, and explain where their physical and logical boundaries may exist.
- Compare features of common security architectures; including, but not limited to: SABSA, Zachman Framework, TOGAF, CISCO and the NIST Cyber Security Framework
- Relate how national bodies such as CESG, FIPS, NIST and GCHQ provide guidance and information to public and private sector organisations in the following areas: IT Security policies, IT Security architectural patterns/ frameworks, White papers, National strategies on cyber security
- Describe and explain the Common Criteria Protection
- Explain the purpose and features of the Common Criteria evaluation model, including and not limited to: Common criteria – their application and uses, Target of Evaluation (TOE), Protection profile, Security target, EALs, The process of specification, implementation and evaluation for certified products and systems
- Describe how Common Criteria may be used to feed into a security case.
- Produce a Security Case for a known system, including:
- A clear definition of the objectives of the case: who, what, where, why and when threats that are likely to exist against the target system
- Known attack profiles likely to be used by malicious individuals
- Risks to the system, measured in probabilities (very likely, likely and unlikely), Potential impact (major, moderate, minor), Potential severity (high, medium, low). Physical protection measures that may be required; for example, but not limited to:
- CCTV/ alarms
- Considering the Security Case, interpret what security measures should apply:
- Technical protection measures using hardware devices; including, but not limited to:
Software components; including, but not limited to:
- Access rights
Implementation strategies for a proposed solution; including, but not limited to:
- Cost benefit analysis
- IT security policies that may be needed as part of the security case; including, but not limited to: backups and data protection
- Where applicable, complete a test plan to include descriptors and expected results
- Considering the Security Case, indicate examples of: Applicable processes that may need to be implemented by personnel or systems, Overview of legal responsibilities, where applicable staff training that may be required for the new measures, Future proofing, Alternative solutions to the case for due consideration. For example, but not limited to:
- OTS solutions
- Third-party contracts
- Complete software solutions
- Describe (using software applications, hardware components and examples), how threats evolve over time to respond to system security hardening.
- Discover (through a mix of research and practical exploration) vulnerabilities in a system.
- Analyse and evaluate security threats and hazards to a system or service or processes. Be aware of and demonstrate relevant external sources of threat intelligence or advice (e.g. CERT UK - Now NCSC) and combine different sources to create an enriched view.
- Research and investigate some common attack techniques and recommend how to defend against them. Be aware of and demonstrate use of relevant external sources of vulnerabilities (e.g. OWASP).
- Undertake a security risk assessment for a simple system without direct supervision and propose basic remediation advice in the context of the employer.
- Source and analyse
- Develop a simple security case without supervision
- Analyse security requirements
- Analyse a security case - Identify conflicting requirements
Module 9: EC-Council Ethical Hacking and Cyber Forensics Associate
EC - Council Ethical Hacking Associate
1. Threat Analysis
- Apply procedural concepts necessary to identify attackers through threat modelling.
- Interpret incoming and outgoing data to determine authorized and unauthorized usage.
- Apply procedural concepts necessary to identify vulnerabilities in information systems.
- Apply procedural concepts necessary to conduct risk assessments for networks and information-based systems.
- Given a scenario, determine the appropriate encryption and decryption methods.
- Apply procedural concepts necessary to find and contain malware and viruses.
2. Auditing, Documentation, and Logs
- Interpret current laws and regulations to provide updates to organizational security policies.
- Given a scenario, determine the appropriate method to assist with new software development and end user testing.
- Troubleshoot various security products and systems to validate their functions.
3. Operate, Maintain, and Install
- Given a scenario, determine the appropriate method to implement security protocols and management for popular operating systems.
- Given a scenario, determine how to defend against different types of attacks.
- Apply procedural concepts necessary to configure security systems and validate the security.
4. Infrastructure and Deployment
- Determine the appropriate method to conduct penetration tests to assess weaknesses and vulnerabilities.
- Given a scenario, analyze network security breaches.
- Apply procedural concepts necessary to conduct different types of social engineering.
5. Identification, Authentication, and Authorization
- Apply procedural concepts necessary to identify different methods of identification, authentication and authorization.
- Apply procedural concepts necessary to identify the appropriate placement of biometric devices.
- Identify different types of cryptography.
- Given a scenario, determine the appropriate
EC - Council Cyber Forensics Associate
- Analyze forensic images.
- Apply procedural concepts required to use forensic tools.
- Apply basic malware analysis using NIST accepted forensic techniques and tools.
- Identify anti-forensics techniques.
- Determine the important content of event logs in forensics.
- Apply procedural concepts necessary to detect a hidden message inside a picture.
- Analyze a conversation between two endpoints from a PCAP file.
- Recognize that devices are kept in the same state as they were found.
- Determine how to gather evidence in a forensically sound manner.
- Apply procedural concepts required to discover evidence on different file systems.
- Apply procedural concepts required to gather evidence on different operating systems.
- Identify proper steps in network capture.
- Given a scenario, determine evidence of email crimes.
- Determine and report logon/logoff times for a specific user.
- Verify the authenticity of evidence (e.g., hash value).
- Summarize the proper handling of evidence.
- Outline the process for creating a forensically sound image.
- Apply evidence collection to the chain of custody
- Discriminate between a live acquisition and static acquisition. cryptography.
4. Documentation and Reporting
- Apply forensic investigation methodology.
- Identify the steps necessary to validate an emergency contact list for incident response.
- Analyze a scene to determine what should be visually documented.
- Report findings from a malware analysis.
- Identify the elements of a complete forensics report.
- Communicate the results of an investigation to an internal team.
5. Cyber Forensics Fundamentals
- Identify different types of cybercrimes.
- Communicate incident handling and the response process.
- Distinguish between steganography and cryptography.
Module 10: Capture the Flag Cyber Workshop
- How to work as a team during complex technical tasking
- Use numerous Penetration testing tools such as; Wireshark, SQLMap, ZAP, NMAP, Metasploit and more to perform tasks and gain flags.
- Cyber defence 'tradecraft' problem solving activity
- System, network and service enumeration
- Application enumeration and profiling
- How data is encoded, decoded, encrypted and decrypted using various algorithms as a means of evading detection
For more information download the handout
NOTE: this programme is available in England. Cyber labs in London only. If you are based in Scotland click here (Cyber Security SCQF 6 & 8 Apprenticeship Programme)
To contact us for more information please fill in the below form.
Our apprenticeship programmes
This apprenticeship programme is part of a wider offering, ranging from Level 3 apprenticeships all the way to Level 7 Masters degrees.