The Basics of IT Security -
The Basics of IT Security -
The fundamentals of IT security
5 hours - 100% e-learning - 12 months of access to the platform - €550 (including tax)
The Fundamentals of IT Security training course (5 hours) aims to provide an understanding of the key principles of information system security, as defined by the French National Cybersecurity Agency (ANSSI) in its IT Hygiene Guide, the main families of encryption algorithms, pseudonymization, anonymization, and encryption processes, as well as backup measures and business continuity plans or disaster recovery plans.
This training course, which has no specific prerequisites, is not technical in nature, but provides sufficient knowledge to initiate and manage an IT resource and information system security approach. It is primarily intended for individuals responsible for information system security within the company, business leaders who want to ensure the security of their IT and information resources, personal data protection professionals (data protection officers, GDPR officers), and anyone who interacts with such an information system within the company.
Duration
5 hours
Difficulty level
🥚Beginner
🐣Beginner
🐥Intermediate
🐤Advanced
🐓 Expert
Would you like us to deliver this training in a synchronous format (online, in-person, or hybrid)?
Would you like a training program that is customized in terms of content or format?
Your instructor
Alexis Deroudille holds a doctorate in law, is a graduate of Sciences Po Paris, a member of the Paris Bar, and a certified DPO (IAPP) in accordance with the standards established by the CNIL. He has worked as a Data Protection Officer for many years, serving a diverse client base (including major tech companies, startups, associations, and small and medium-sized businesses), and also has extensive experience in teaching. Finally, he is the author of numerous in-depth articles on personal data protection law.
The educational objectives of the training program
Understand the key principles of information system security, as defined by the French National Cybersecurity Agency (ANSSI), particularly the nine rules outlined in its Guide to IT Security Best Practices
Understand the applicable rules regarding password security and authentication procedures
Know how to manage permissions and access rights
How to Secure a Wi-Fi Network and a Website
Be able to set up and secure an information system: firewalls, antivirus software, logging, VLANs, DMZs, etc.
Be able to ensure the security of workstations and facilities and raise staff awareness of information system security by drafting an IT security policy
Understand the processes of pseudonymization and irreversible anonymization
Be able to understand and distinguish between the main encryption methods: symmetric and asymmetric encryption, TLS protocols, IPsec tunnels, hash functions, etc.
Understand the different backup methods: full, incremental, and differential backups
Develop and implement a disaster recovery plan or business continuity plan
The target audience
This training is intended for anyone responsible for the security of information systems within the company, business leaders seeking to ensure the security of their IT and information resources, professionals in the field of personal data protection (Data Protection Officers, GDPR coordinators), as well as anyone who interacts with such information systems within the company.
Terms and conditions and timeframes for access
Immediately after completing their online registration by paying the registration fee, learners gain immediate access to the e-learning platform. Access to the platform is granted for a period of twelve (12) months of 30 days each, totaling 360 days. This period begins on the date the learner’s access to the LégiSchool e-learning platform is created.
Prerequisites
This course does not require any specific prior knowledge, but is open only to qualified candidates with at least two years of professional experience (such as a bachelor’s or master’s degree in law or computer science, or significant experience in these fields). If you have any questions about the prerequisites, please contact our academic advisor.
Assessment criteria
This course includes numerous quizzes—7 quizzes with 10 questions each throughout the e-learning course, for a total of 70 quiz questions.
Teaching materials — The LégiSchool method
This course, available through our e-learning platform, follows LégiSchool’s standard methodology. Each module is divided into several sections, and each section into several chapters. The chapter is therefore the basic unit (or “building block”) of the course.
Each chapter of a LégiSchool course will always consist of a short instructional video (averaging 10 minutes) accompanied by a course handout that summarizes in writing all the key points covered in the video. Our course materials are comprehensive and feature numerous diagrams, tables, and visuals to ensure maximum clarity.
Finally, learners are encouraged to communicate regularly with a qualified trainer by phone or email through our educational and technical support service.
Accessibility
LégiSchool is committed to serving people with disabilities and has developed an Accessibility and Disability Charter for this purpose. All videos available as part of LégiSchool’s e-learning modules are captioned. In addition, additional accessibility features are available for people with disabilities—for example, audio recordings of quizzes and practice exams. To request these, please contact LégiSchool’s accessibility coordinator, whose contact information is provided below.
LégiSchool's Accessibility and Disability Coordinator
67 Saint Jacques Street
Phone: 01 43 26 58 10
Email: accessibilite[at]legischool.fr
The detailed training program
Introduction: ANSSI, CNIL, and the Fundamental Principles of Cybersecurity
0.1. ANSSI, CNIL, and Information System Security
0.2. The principles of confidentiality, integrity, availability, and resilience
Section 1. - The Nine Rules of IT Security According to ANSSI
1.1. ANSSI and the Nine Rules of IT Security
1.2. Training Staff
1.3. Mapping Information Systems and Networks
1.4. Authenticating Users
📝 Quiz #1
1.5. Authenticating users - Authentication procedures and passwords
1.6. Securing workstations
1.7. Securing the network
📝 Quiz #2
1.8. Securing the network - Securing Wi-Fi
1.9. Securing the network - Securing a website
1.10. Securing Network Administration
📝 Quiz #3
1.11. Managing Mobile Work
1.12. Keeping the System Up to Date
1.13. Monitoring, Auditing, and Responding
🔍 Case Study: Example of an IT Security Policy
📝 Quiz #4
Unit 2. - Encryption, anonymization, and pseudonymization techniques
2.1. Symmetric and Asymmetric Encryption Algorithms
2.2. TLS-HTTPS and IPsec Protocols
📝 Quiz #5
2.3. Hash Functions and Password Security
2.4. Irreversible Anonymization Techniques
2.5. Pseudonymization Techniques
📝 Quiz #6
Section 3. - Backups and Business Continuity Plans—or Disaster Recovery Plans
3.1. Disaster recovery plans or business continuity plans
3.2. Backup procedures: full, incremental, and differential backups
📝 Quiz #7
Disclaimer: This training course does not cover all aspects of personal data protection. In particular, please note that this training is in no way intended to prepare you for the Data Protection Officer (DPO) certification based on the CNIL standards. If you would like a comprehensive overview of personal data protection in accordance with the certification framework for personal data protection training organizations, we invite you to visit the page dedicated to our Objectif DPO training course.
Last updated on December 22, 2025