安全管理培训课程 | Security Management培训课程

This instructor-led, live training in 中国 (online or onsite) is aimed at developers and anyone who wishes to learn and use OAuth to provide applications with secure delegated access. By the end of this training, participants will be able to:

• Learn the fundamentals of OAuth.
• Understand the native applications and their unique security issues when using OAuth.
• Learn and understand the common extensions to the OAuth protocols.
• Integrate with any OAuth authorization server.

A thorough, practical, 3 day course designed to provide the knowledge and skills required to manage information security, information assurance or information risk based processes. The CISMP course is aligned with the latest national information assurance frameworks (IAMM), as well as ISO/IEC 27002 & 27001; the code of practice and standard for information security. This course is a CESG Certified Training (CCT) course. The course follows the latest BCS syllabus and prepares delegates for the 2 hour multiple choice BCS examination. This qualification provides delegates with detailed knowledge of the concepts relating to information security; (confidentiality, integrity, availability, vulnerability, threats, risks and countermeasures), along with an understanding of current legislation and regulations which impact information security management. Award holders will be able to apply the practical principles covered throughout the course ensuring normal business processes become robust and more secure.

描述：; CISM®是当今全球信息安全经理最负盛名，最苛刻的资格。此资格为您提供了一个平台，使其成为精英同行网络的一部分，能够不断学习和重新学习信息安全Management不断增长的机遇/挑战。 我们的CISM培训方法提供了对四个CISM领域内容的深入报道，明确侧重于构建概念和解决ISACA发布的CISM考试问题。该课程是ISACA认证信息安全经理（CISM®）考试的强化培训和核心考试准备。 我们在英国和欧洲提供了100多个CISM培训活动。我们的教师鼓励所有与会代表参加ISACA发布的CISM QA＆E（问题，答案和解释）作为考试准备 - 您将免费获得此课程作为我们课程的一部分。 QA＆E在帮助代表了解ISACA问题风格，解决这些问题的方法以及在实时课堂会议期间帮助快速记忆同化CISM概念方面表现卓越。
我们所有的培训师都在提供CISM培训方面拥有丰富的经验。我们将为您进行CISM考试做好充分准备。如果您没有第一次通过，请再次加入我们免费参加考试准备。 Go ： 最终目标是第一次通过CISM考试。 目标：

• 使用以对您的组织有益的实用方式获得的知识
• 建立并维护信息安全治理框架，以实现组织的目标
• 将信息风险管理到可接受的水平，以满足业务和合规性要求
• 建立和维护信息安全架构（人员，流程，技术）
• 将信息安全要求集成到第三方/供应商的合同和活动中
• 规划，建立和管理检测，调查，响应和从信息安全事件中恢复的功能，以最大限度地减少业务影响

目标观众： 具有3 - 5年一线经验的安全专业人员;信息安全经理或负有管理职责的人员;信息安全人员，信息安全保障提供商，需要深入了解信息安全管理，包括：CISO，CIO，CSO，隐私官，风险管理人员，安全审计人员和合规人员，BCP / DR人员，负责执行和操作的管理人员保证功能。

Description: CISA® is the world-renowned and most popular certification for professionals working in the field of IS audit and IT risk consulting. Our CISA course is an intense, very competitive and exam focused training course. With experience of delivering more than 150+ CISA trainings in Europe and around the world and training more than 1200+ CISA delegates, the Net Security CISA training material has been developed in house with the top priority of ensuring CISA delegates pass the ISACA CISA® Exam. The training methodology focuses on understanding the CISA IS auditing concepts and practicing large number of ISACA released question banks from the last three years. Over a period, CISA holders have been in huge demand with renowned accountings firms, global banks, advisory, assurance, and internal audit departments. Delegates may have years of experience in IT auditing but perspective towards solving CISA questionnaires will solely depend on their understanding to globally accepted IT assurance practices. CISA exam is very challenging because the chance of a very tight clash between two possible answers exists and that is where ISACA tests you on your understanding in global IT auditing practices. To address these exam challenges, we always provide the best trainers who have extensive experience in delivering CISA training around the world. The Net Security CISA manual covers all exam-relevant concepts, case studies, Q&A's across CISA five domains. Further, the Trainer shares the key CISA supporting material like relevant CISA notes, question banks, CISA glossary, videos, revision documents, exam tips, and CISA mind maps during the course. Goal: The ultimate goal is to pass your CISA examination first time. Objectives:

• Use the knowledge gained in a practical manner beneficial to your organisation
• Provide audit services in accordance with IT audit standards
• Provide assurance on leadership and organizational structure and processes
• Provide assurance on acquisition/ development, testing and implementation of IT assets
• Provide assurance on IT operations including service operations and third party
• Provide assurance on organization’s security policies, standards, procedures, and controls to ensure confidentiality, integrity, and availability of information assets.

Target Audience: Finance/CPA professionals, I.T. professionals, Internal & External auditors, Information security, and risk consulting professionals.

Description: Cybersecurity skills are in high demand, as threats continue to plague enterprises around the world. An overwhelming majority of professionals surveyed by ISACA recognise this and plan to work in a position that requires cybersecurity knowledge.
To fill this gap, ISACA has developed the Cybersecurity Fundamentals Certificate, which provides education and verification of skills in this area. Objectives: With cybersecurity threats continuing to rise and the shortage of appropriately-equipped security professionals growing worldwide, ISACA's Cybersecurity Fundamentals Certificate programme is the perfect way to quickly train entry-level employees and ensure they have the skills and knowledge they need to successfully operate in the Cyber arena. Target Audience: The certificate program is also one of the best ways to gain foundational knowledge in cybersecurity and begin to build your skills and knowledge in this crucial area.

该培训面向计划实施基于MS Windows Server 2012 R2的公钥基础结构并计划使用合格电子签名证书的所有操作系统管理员。 培训参与者将了解与实施公钥基础设施相关的基本问题，以及使用最新加密解决方案保护信息系统的想法。 基于MS Windows Server 2012 R2的操作系统，讨论了使用认证服务满足企业需求的可能性。在虚拟环境中进行培训期间，将安装完整的认证中心，并讨论与Active Directory域中的公钥基础结构的管理和管理相关的最重要问题。 该培训还包括有关波兰认证中心根据“电子签名法”使用电子签名的理论和实践知识。讨论了法律问题，法定要求以及在波兰使用电子签名证书的例子。 培训参与者将获得创建与公共行政办公室通信相关的电子通信所需的知识，以及使用能够或要求使用此类身份识别的其他服务。

本课程将根据ISO 27005为您提供建立信息安全的技能，ISO 27005致力于基于ISO 27001的信息安全风险管理。

DevOps是一种软件开发方法，可将应用程序开发与IT操作相结合。为支持DevOps而出现的一些工具包括：自动化工具，容器化和编排平台。安全无法跟上这些发展。 在这个由讲师指导的实时课程中，参与者将学习如何制定适当的安全策略以应对DevOps安全挑战。 课程形式

• 互动讲座和讨论。
• 大量的练习和练习。
• 在实时实验室环境中亲自实施。

课程自定义选项

• 要申请本课程的定制培训，请联系我们安排。

NB-IoT允许IoT设备在诸如GSM的运营商网络和LTE信道之间的“保护频带”上操作。 NB-IoT只需200kHz的带宽，可以有效连接大量的端点设备（每个NB-IoT网络单元最多可达50,000个）。其低功耗要求使其非常适用于小型，简单的物联网设备，如智能停车，公用设施和可穿戴设备。 今天的大多数物联网连接都是工业连接。工业物联网（IIoT）连接需要低功率广域（LPWA）技术，以便为低带宽应用提供连接，覆盖和订阅功能。虽然这些要求可以由现有的蜂窝网络提供，但是这种网络可能并不理想。 NB-IoT （窄带物联网）技术提供了一种很有前景的解决方案。 在这个由讲师指导的实时培训中，参与者将在开发和部署基于NB-IoT的样本应用程序时了解NB-IoT （也称为LTE Cat NB1）的各个方面。 在培训结束时，参与者将能够：

• 确定NB-IoT的不同组成部分以及如何组合在一起形成生态系统。
• 了解并解释NB-IoT设备内置的安全功能。
• 开发一个简单的应用程序来跟踪NB-IoT设备。

课程形式

• 部分讲座，部分讨论，练习和繁重的实践练习

本课程将帮助与会者扫描，测试，破解和保护自己的系统。获得当前基本安全系统的深入知识和实践经验。与会者将了解外围防御如何工作，然后被引导扫描和攻击他们自己的网络，没有真正的网络受到伤害。然后，与会者将了解入侵者如何升级权限以及可以采取哪些步骤来保护系统，入侵检测，策略创建，社交工程，DDoS攻击，缓冲区溢出和病毒创建。

网络安全始于物理层面。在以讲师为主导的现场培训中，参与者将学习与计算机服务器机房相关的安全风险，以及如何通过智能实践，规划和技术实施来加强安全性。 在培训结束时，参与者将能够：

• 评估组织的安全风险，因为它与计算机服务器机房有关。
• 设置控制和监视系统以限制对基础结构的物理访问。
• 为不同的成员设计访问策略。
• 有效地与团队成员沟通安全策略。

课程格式

• 部分讲座，部分讨论，练习和动手练习。

注意

• 要申请本课程的定制培训，请联系我们安排。

This instructor-led, live training in 中国 (online or onsite) is aimed at IT administrators, security coordinators, and compliance managers who wish to identify, evaluate, and implement security policy management methods for their organization. By the end of this training, participants will be able to develop, manage, and monitor security policies to protect their organization's information, network, and physical and software assets.

This instructor-led, live training in 中国 (online or onsite) focuses on analyzing the risks of Open Data while reducing vulnerability to disaster or data loss. By the end of this training, participants will be able to:

• Understand the concepts and benefits of Open Data.
• Identify the different types of data.
• Understand the risks of Open Data and how to mitigate them.
• Learn how to manage Open Data risks and create a contingency plan.
• Implement Open Data risk mitigation strategies to reduce disaster risk.