Information System Security培訓

A CISSP is an information assurance professional who defines the architecture, design, management and/or controls that assure the security of business environments. The vast breadth of knowledge and the experience it takes to pass the exam is what sets a CISSP apart. The credential demonstrates a globally recognized level of competence provided by the (ISC)2® CBK®, which covers critical topics in security today, including cloud computing, mobile security, application development security, risk management and more. This course helps you review the 10 domains of the information security practices. It also serves as a strong learning tool for mastering concepts and topics related to all aspects of information systems security. Objectives:

• To review of the main topics of CISSP CBK (Common Body of Knowledge).
• To prepare for a CISSP examination

Overview: Certified Information Systems Security Professional certification is recognised as a key qualification for developing a senior career in information security, audit and IT governance management. Held by over 30,000 qualified professionals worldwide, the Certified Information Systems Security Professional qualification shows proven knowledge and is the key to a higher earning potential in roles that include CISO, CSO and senior security manager. You will learn to:

• Use the knowledge gained in a practical manner beneficial to your organisation
• Protect your organisational assets using access control techniques and strengthen confidentiality and integrity controls from the world of cryptography
• Secure your network architecture and design (implement Cyber security)
• Achieve your organisational objectives such as legal & compliance, Information assurance, security and data governance
• Enhance IT services secure delivery via Security operations, architecture and design principles
• Implement business resiliency via Business Continuity Plan
• You will gain a thorough understanding of the 8 domains as prescribed by (ISC)2®.

The Main Goal:

• To pass your CISSP examination first time.

Target Audience: This training is intended for individuals preparing for the CISSP certification exam.

A thorough, practical, 3 day course designed to provide the knowledge and skills required to manage information security, information assurance or information risk based processes. The CISMP course is aligned with the latest national information assurance frameworks (IAMM), as well as ISO/IEC 27002 & 27001; the code of practice and standard for information security. This course is a CESG Certified Training (CCT) course. The course follows the latest BCS syllabus and prepares delegates for the 2 hour multiple choice BCS examination. This qualification provides delegates with detailed knowledge of the concepts relating to information security; (confidentiality, integrity, availability, vulnerability, threats, risks and countermeasures), along with an understanding of current legislation and regulations which impact information security management. Award holders will be able to apply the practical principles covered throughout the course ensuring normal business processes become robust and more secure.

Description: CISA® is the world-renowned and most popular certification for professionals working in the field of IS audit and IT risk consulting. Our CISA course is an intense, very competitive and exam focused training course. With experience of delivering more than 150+ CISA trainings in Europe and around the world and training more than 1200+ CISA delegates, the Net Security CISA training material has been developed in house with the top priority of ensuring CISA delegates pass the ISACA CISA® Exam. The training methodology focuses on understanding the CISA IS auditing concepts and practicing large number of ISACA released question banks from the last three years. Over a period, CISA holders have been in huge demand with renowned accountings firms, global banks, advisory, assurance, and internal audit departments. Delegates may have years of experience in IT auditing but perspective towards solving CISA questionnaires will solely depend on their understanding to globally accepted IT assurance practices. CISA exam is very challenging because the chance of a very tight clash between two possible answers exists and that is where ISACA tests you on your understanding in global IT auditing practices. To address these exam challenges, we always provide the best trainers who have extensive experience in delivering CISA training around the world. The Net Security CISA manual covers all exam-relevant concepts, case studies, Q&A's across CISA five domains. Further, the Trainer shares the key CISA supporting material like relevant CISA notes, question banks, CISA glossary, videos, revision documents, exam tips, and CISA mind maps during the course. Goal: The ultimate goal is to pass your CISA examination first time. Objectives:

• Use the knowledge gained in a practical manner beneficial to your organisation
• Provide audit services in accordance with IT audit standards
• Provide assurance on leadership and organizational structure and processes
• Provide assurance on acquisition/ development, testing and implementation of IT assets
• Provide assurance on IT operations including service operations and third party
• Provide assurance on organization’s security policies, standards, procedures, and controls to ensure confidentiality, integrity, and availability of information assets.

Target Audience: Finance/CPA professionals, I.T. professionals, Internal & External auditors, Information security, and risk consulting professionals.

該培訓面向計劃實施基於MS Windows Server 2012 R2的公鑰基礎結構併計劃使用合格電子簽名證書的所有操作系統管理員。 培訓參與者將了解與實施公鑰基礎設施相關的基本問題，以及使用最新加密解決方案保護信息系統的想法。 基於MS Windows Server 2012 R2的操作系統，討論了使用認證服務滿足企業需求的可能性。在虛擬環境中進行培訓期間，將安裝完整的認證中心，並討論與Active Directory域中的公鑰基礎結構的管理和管理相關的最重要問題。 該培訓還包括有關波蘭認證中心根據“電子簽名法”使用電子簽名的理論和實踐知識。討論了法律問題，法定要求以及在波蘭使用電子簽名證書的例子。 培訓參與者將獲得創建與公共行政辦公室通信相關的電子通信所需的知識，以及使用能夠或要求使用此類身份識別的其他服務。

Description: This course is the non-certifcation version of the "CISA - Certified Information Systems Auditor" course. CISA® is the world-renowned and most popular certification for professionals working in the field of IS audit and IT risk consulting. Objectives:

• Use the knowledge gained to benefit your organisation
• Provide audit services in accordance with IT audit standards
• Provide assurance on leadership and organizational structure and processes
• Provide assurance on acquisition/ development, testing and implementation of IT assets
• Provide assurance on IT operations including service operations and third party
• Provide assurance on organization’s security policies, standards, procedures, and controls to ensure confidentiality, integrity, and availability of information assets.

Target Audience: Finance/CPA professionals, I.T. professionals, Internal & External auditors, Information security, and risk consulting professionals.

本課程將根據ISO 27005為您提供建立信息安全的技能，ISO 27005致力於基於ISO 27001的信息安全風險管理。

This class will help the attendees to scan, test, hack and secure their own systems. To gain an in-depth knowledge and practical experience with the current essential security systems. The attendees will get to know how perimeter defences work and then be led into scanning and attacking their own networks, no real network is harmed. The attendees then will learn how intruders escalate privileges and what steps can be taken to secure a system, Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation.

This is a one day Introduction to ISO27001

數字身份是指計算機系統用於驗證用戶身份的信息。與數字身份相關的一些問題包括電子簽名，訪問控制和欺詐檢測。 這種以講師為主導的現場培訓（現場或遠程）是針對希望建立端到端數字身份管理系統的電信公司的工程師。 在培訓結束時，參與者將能夠：

• 理解，評估和採用不同的方法來管理用戶名和密碼。
• 設置一個適用於電信環境中所有應用程序的登錄系統。
• 使用身份識別技術可以清楚地了解客戶及其需求。
• 實現適用於不同平台（筆記本電腦，移動設備等）的身份驗證系統。

課程格式

• 互動講座和討論。
• 大量的練習和練習。
• 在實時實驗室環境中親自實施。

課程自定義選項

• 要申請本課程的定制培訓，請聯繫我們安排。

This instructor-led, live training in 台灣 (online or onsite) is aimed at engineers who wish to learn the methods and tools needed to protect their organization's information systems against attack. By the end of this training, participants will be able to:

• Understand information security at both the computer level, as well as the communications level.
• Prevent physical and digital access to private information systems.
• Prevent the modification of information that is stored, being processed, or being transmitted.
• Protect against denial of service to authorized users.
• Take the necessary measures to detect, document, and counter security threats.
• Ensure that organizational information is kept confidential.

The training takes the form of a workshop supplemented with substantive knowledge. Classes are based on the official CISA certificate framework. During the workshop, case studies will be discussed in discussing specific issues. Classes will be conducted in English (on request in Polish) based on the ISACA handbook in English.
  CISA Exam Material Scope:

• Information System Auditing Process (21%)
• Governance and Management of IT (17%) 
• Information Systems Acquisition, Development and implementation (12%)
• Information Systems Operation and Business Resilience (23%)
• Protection of Information Assets (27%)

Duration of the exam: 4 hours
Type: multiple choice test
Volume: 200 questions   List of the requirements that you must meet in order to be able to claim the CISA qualification: 

1. Pass the CISA exam. The CISA passing score is a mark of 450 or higher on the exam.
2. Abide by the ISACA Code of Professional Ethics 
3. Promise to obey the CISA Continuing Professional Education Policy
4. Gain at least 5 years of professional information systems auditing, control or security work experience.
5. Comply with Information Systems Auditing Standards

If you’ve passed the exam and believe that you meet those requirements, then you can begin the application for certification: page certification here
There is a fee of $50 for this application. There’s also a yearly fee that you must pay to maintain this certification after you’ve been granted it. The fee is $40 per annum for ISACA members, and $75 for non-members.

This instructor-led, live training in 台灣 (online or onsite) focuses on analyzing the risks of Open Data while reducing vulnerability to disaster or data loss. By the end of this training, participants will be able to:

• Understand the concepts and benefits of Open Data.
• Identify the different types of data.
• Understand the risks of Open Data and how to mitigate them.
• Learn how to manage Open Data risks and create a contingency plan.
• Implement Open Data risk mitigation strategies to reduce disaster risk.

This instructor-led, live training in 台灣 (online or onsite) is aimed at security engineers who wish to use IBM Qradar SIEM to address pressing security use cases. By the end of this training, participants will be able to:

• Gain visibility into enterprise data across on-premise and cloud environments.
• Automate security intelligence to hunt threats and to contain risks.
• Detect, identify, and prioritize threats.