Foundation Certificate in Cyber Security

Developed with QA
This content is developed in partnership with QA
AVG Duration9h
Course Created with Sketch. 5 Resources Created with Sketch. 1 Exams Created with Sketch. 21


Learning Path Overview

The QA Foundation Certificate in Cyber Security (FCCS) aims to provide a comprehensive but necessarily high-level overview across industry-standard technology and platforms, illuminating the technology and its specific cyber governance, risk and assurance challenges without technically challenging the learner with hands-on labs. 

The course takes the learner back to computer basics to build the individual's understanding of common technology platforms through to the network layer and on via virtualization technologies, cloud systems, telecoms, and modern communications. 

It then moves into the fundamentals of cyber security, focussing on common methods of attack, protective monitoring, encryption, and how digital footprints are often exploited.  

The third module takes the learner into the world of cyber and legal governance, focusing on cyber law and the context in which security practitioners and organizations have to operate within.  

In the final module, we go into the other kinds of security that are important to take into account, and best practice for security architecture.  

Each module provides insight into the technical subject matter with the crucial security subtext. Knowledge check exercises are used throughout to make sure that learners are ready to take the QA FCCS examination when they choose to.  

Please note: this content was produced in the UK and may include the use of British English.

Intended Audience

Although perceived as an IT issue, cyber security is, in fact, a subject relevant to all business units. The FCCS course is relevant to anyone requiring an understanding of cyber security management as well as those with an interest in cyber security, either as a potential career, or as an additional part of their general business knowledge; including members of Cyber security management teams, IT managers, security and systems managers, information asset owners and employees with legal compliance responsibilities.  

The course acts as a foundation for more advanced managerial or technical qualifications and provides a thorough general understanding to enable businesses to ensure they are secure.  

Prerequisites of the Certifications

There are no prerequisites for this course, however, participants are expected to have a basic understanding of computers and the internet. 


Learning Objectives

The FCCS course is GCHQ certified course, and covers the following areas: 

  • Computing Foundation, Data Storage & Memory 
  • OSI Protocol Stack 
  • TCP/IP 
  • Network Architecture 
  • Internet Primer 
  • Network Security 
  • Modern Communications 
  • Virtualisation & Cloud Technologies 
  • Protective Monitoring 
  • Common Methods of Attack 
  • Encryption 
  • Cyber and the Legal Framework 
  • Digital Footprints 
  • Information Assurance landscape 
  • Risk Management 
  • Risk Treatment 
  • Physical Security 
  • Personnel Security 
  • Service Assurance & Standards 
  • Software Security Assurance 
  • Secure Development Process 
  • Threat Modelling 
  • STRIDE Mitigation 
  • Security Best Practices 
  • Introduction to Security Architecture 


This Learning Path contains videos, quizzes and other resources for four courses. Each course has exam quizzes for you to test your knowledge as you work through the Learning Path. 


Course Introduction

We begin with an introduction to the course and what you can expect from the videos and quizzes in this Learning Path.  

Module 1 – Computing and Networking Fundamentals

  • Introduction to Computing and networking fundamentals 
  • Computing foundation, data storage and memory 
  • Network computing 
  • Network communications 
  • Internet primer 
  • Network security 
  • Modern communications 
  • Virtualization & cloud technologies 


Module 2 – Cyber Security Fundamentals

  • Introduction to cyber security fundamentals 
  • Common methods of attack 
  • Protective monitoring 
  • Encryption 
  • Digital footprints (parts 1 and 2) 

Module 3 – Governance and Risk

  • Introduction to governance and risk 
  • Cyber and the legal framework 
  • Information assurance 
  • Risk management and risk treatment 
  • Service assurance & standards 
  • Software security assurance 
  • Threat modeling and stride 

Module 4 - Security

  • Introduction to Security 
  • Physical security 
  • Personnel security  
  • Secure development process 
  • Security best practice 
  • Introduction to security architecture 

Preparing for the Examination

This course will prepare you for the QA FCCS examination. You can get all the information you need on your exam by contacting your QA account manager. 


We welcome all feedback and suggestions - please contact us at if you are unsure about where to start or if would like help getting started. 


Your certificate for this learning path

Learning Path Steps


We begin with an introduction to the course and what you can expect from the videos and quizzes in this Learning Path.


This course introduces the basic ideas of computing, networking, communications, security and virtualization and will provide you with an important foundation for the rest of the course.


Knowledge Check: Computing Foundation, Data Storage, and Memory


Knowledge Check: Network Computing


Knowledge Check: Network Communications


Knowledge Check: Internet Primer


Knowledge Check: Network Security


Knowledge Check: Modern Communications


Knowledge Check: Virtualization & Cloud Technologies


This course provides a strong foundation on the fundamentals of cybersecurity, taking you through cyber risks, how to protect against them, and how cybercriminals can use their target's digital footprint to find exploits.


Knowledge Check: Common Methods of Attack


Knowledge Check: Protective Monitoring


Knowledge Check: Encryption


Knowledge Check: Digital Footprints


This takes a deeper look at the governance and risk elements of cybersecurity: cyber and legal frameworks, information assurance, risk management and treatment, service assurance, software security assurance, and threat modeling.


Knowledge Check: Cyber and the Legal Framework


Knowledge Check: Information Assurance


Knowledge Check: Risk Management and Risk Treatment


Knowledge Check: Service Assurance & Standards


Knowledge Check: Software Security Assurance


Knowledge Check: Threat Modeling and Stride


This course looks at the other facets of security that come into play when thinking about cybersecurity in general. Starting with physical and personnel security, it then moves into the secure development process, security best practice and ends with an int...


Physical, technical, and procedural controls.


Knowledge Check: Physical and Personnel Security


Knowledge Check: Secure Development Process


Knowledge Check: Security Best Practice


Knowledge Check: Introduction to Security Architecture

About the Author
Learning paths6

Paul began his career in digital forensics in 2001, joining the Kent Police Computer Crime Unit. In his time with the unit, he dealt with investigations covering the full range of criminality, from fraud to murder, preparing hundreds of expert witness reports and presenting his evidence at Magistrates, Family and Crown Courts. During his time with Kent, Paul gained an MSc in Forensic Computing and CyberCrime Investigation from University College Dublin.

On leaving Kent Police, Paul worked in the private sector, carrying on his digital forensics work but also expanding into eDiscovery work. He also worked for a company that developed forensic software, carrying out Research and Development work as well as training other forensic practitioners in web-browser forensics. Prior to joining QA, Paul worked at the Bank of England as a forensic investigator. Whilst with the Bank, Paul was trained in malware analysis, ethical hacking and incident response, and earned qualifications as a Certified Malware Investigator, Certified Security Testing Associate - Ethical Hacker and GIAC Certified Incident Handler. To assist with the teams malware analysis work, Paul learnt how to program in VB.Net and created a number of utilities to assist with the de-obfuscation and decoding of malware code.