關於本課程之相關考試:
Cisco 已定了其考試的最後限期日為 2020 年 2 月 23 日 (日)。
|
課程優惠!現凡同時報讀以下兩個課程:
即減 $880!
|
|
推介服務:課堂錄影隨時睇 (在家觀看 = 0%,在校觀看 = 100%)
學員使用電話或本網頁報名,待本中心確認已為學員留位後,即可使用
繳付學費,過程簡便!
* 各政府部門可使用 P Card 付款
注意! 客戶必須查問報讀學校的教育局註冊編號,以確認該校為註冊學校,以免蒙受不必要的損失!
現今公司或團體在管理網絡上,不時要面對關於網絡安全上的問題,而負責保護系統的網絡安全人員亦要迅速的發現安全漏洞及針對漏洞作出有效的應對。此類工作需要對不同系統在運作及保安上有一定認識, 始能在面對網絡安全上的威脅時作出有效的檢測和應對。
Cisco 作為全球最大網絡安全設備生產商之一,除了生產各類安全設備外,同時也致力培養網絡安全人材以應對現今的網絡安全威脅。CCNA Cyber Ops (網絡安全運營) 認證可為相關人員提供網絡安全的知識,培養他們成為可在安全運營中心(Security Operations Centers)工作的網絡安全分析師。
取得 CCNA Cyber Ops 認證,可證明你有作為安全運營中心分析師的知識及專業水準,可為公司或團體應對不同網絡安全上的威脅。
此認證的一個特點是內容大部份為基本網絡安全上的知識,而非使用 Cisco 安全設備上的專用知識。因此報讀此課程對現在或將來會或不會使用 Cisco 生產的安全設備均也合適。
課程中部份網絡安全的知識會在課堂上以實例形式通過 Linux / Windows 等等作業系統作出示範,令學員對相關內容有更清晰的認識。
本中心的 Cisco 課程均由 Norman Lau、Franco Tsang 及 Vincent Ho 等多位 CCIE 籌備多時,精心編排。由上堂、溫習、實習、考試研習、做試題至最後考試,均為你度身訂造,作出有系統的編排。務求真正教識你,又令你考試及格。
|
課程名稱: |
CCNA Cyber Ops 國際認可證書課程 - 簡稱:CCNA Cyber Ops Training Course |
課程時數: |
42 小時 (共 14 堂) |
適合人士: |
具備基本網絡知識的人士 (如甚麼是 TCP/IP)
(不需要具備 CCNA 認證) |
授課語言: |
以廣東話為主,輔以英語 |
課程筆記: |
本中心導師親自編寫英文為主筆記,而部份英文字附有中文對照。 |
1. Norman Lau (CCIE #10912) 親自教授: |
Norman 善於控制學習節奏,深入淺出,令學員在輕鬆氣氛下,掌握網路安全技巧。 |
2. Norman Lau 親自編寫筆記: |
Norman 親自編寫筆記,絕對適合考試及實際管理網路安全之用,令你無須「死鋤」如字典般厚及不適合香港讀書格調的書本。 |
3. 提供模擬考試題目: |
本中心為學員提供模擬考試題目以熟習考試答題樣式及技巧,每條考試題目均附有標準答案。 |
4. 免費重讀: |
傳統課堂學員可於課程結束後三個月內免費重看課堂錄影。 |
只要你於下列科目取得合格成績,便可獲 Cisco 頒發 CCNA Cyper Ops (Cisco Certified Network Associate - Cyber Ops,Cisco 認可網路夥伴 - 網絡安全運營) 國際認可證書:
考試編號 |
科目名稱 |
210-250 |
Understanding Cisco Cybersecurity Fundamentals (SECFND) |
210-255 |
Implementing Cisco Cybersecurity Operations (SECOPS) |
|
本中心為 Cisco 指定的 CCNA Cyber Ops 證書考試試場,報考時請致電本中心,登記欲報考之科目考試編號、考試日期及時間 (最快可即日報考)。
臨考試前要繳付考試費 HK$2,348,及必須出示下列兩項有效之身份證明文件,否則考生不可進行考試,而已繳付之考試費亦不會退回:
1. 香港身份證 及
2. 附有考生姓名及簽名的證件 (如信用咭、香港特區護照、BNO 等)
考試題目由澳洲考試中心傳送到你要應考的電腦,考試時以電腦作答。所有考試題目均為英文,而大多數的考試題目為單項選擇題
(意即 O) 或多項選擇題 (意即 口),其餘則為配對題及實戰題。作答完成後會立即出現你的分數,結果即考即知!考試不合格便可重新報考,不限次數。欲知道作答時間、題目總數、合格分數等詳細考試資料,可瀏覽本中心網頁 "各科考試分數資料"。 |
課程名稱:CCNA Cyber Ops 國際認可證書課程 - 簡稱:CCNA Cyber Ops Training Course |
210-250 Understanding Cisco Cybersecurity Fundamentals
1. Networking Protocols and Devices
1.1 Networking Models
1.1.1 OSI Model
1.1.2 TCP/IP
1.2 Networking Procotols
1.2.1 Internet Protocol (IP)
1.2.2 User Datagram Protocol (UDP)
1.2.3 Transmission Control Protocol (TCP)
1.2.4 Internet Control Message Protocol (ICMP)
1.2.5 Dynamic Host Configuration Protocol (DHCP)
1.2.6 Domain Name System (DNS)
1.2.7 Network Time Protocol (NTP)
1.2.8 Hypertext Transfer Protocol (HTTP)
1.2.9 Ethernet
1.2.10 Address Resolution Protocol (ARP)
1.3 Networking Devices and Related Features
1.3.1 Switch
1.3.2 Virtual LAN (VLAN)
1.3.3 Router
1.3.4 Firewall
1.3.5 Intrusion Detection / Prevention System (IDS / IPS)
1.3.6 Cisco Advanced Malware Protection
1.4 Wireless Communication
1.4.1 Wireless Protocols / Standards
1.4.2 Wireless Access Point
1.4.3 SSID, Authentication and Encryption
1.4.4 Wireless LAN Controller
2. Networking Hosts
2.1 Windows
2.1.1 Process
2.1.2 Thread
2.1.3 Memory Allocation
2.1.4 Windows Registry
2.1.5 Windows Management Instrumentation (WMI)
2.1.6 Handles
2.1.7 Services
2.2 Linux
2.2.1 Processes
2.2.2 Forks
2.2.3 Daemon
2.2.4 Permission
2.2.5 Symlinks
2.3 Logging
2.3.1 Windows system logging
2.3.2 Linux system logging
2.3.3 Windows application logging - IIS access log
2.3.4 Linux application logging - Apache access log
2.4 Host-Based Security
2.4.1 Windows Firewall
2.4.2 Linux Firewall
2.4.3 IDS / Antivirues
2.4.4 Sandboxing
3. Cryptography
3.1 Hashing
3.1.1 Overview
3.1.2 Algorithms
3.1.3 Security Concerns about Hashed Password
3.1.4 Security Concerns about Uash Hash for Data Integrity
3.2 Symmetric Encrption
3.2.1 Overiew
3.2.2 Algorithm
3.2.3 Modes of Operations for Bloack Cipher
3.3 Asymmetric Encrption
3.3.1 Overiew
3.3.2 Encrypting / Decrypting Large Amount of Data
3.3.3 Digital Signature
3.3.4 Algorithms
3.4 Public Key Infrastructure
3.4.1 Background
3.4.2 Certificates
3.4.3 The Infrastructure
3.4.4 Content and File Format
3.5 Diffie-Hellman Key Exchange
3.6 Cryptographic Protocols
3.6.1 SSH
3.6.2 SSL/TLS
4. Security Concepts
4.1 Terms Related to Security Risk
4.1.1 Asset
4.1.2 Vulnerability
4.1.3 Exploit
4.1.4 Threat
4.1.5 Risk
4.2 Asset Management
4.2.1 Asset Management
4.2.2 Mobile Device Management
4.2.3 Configuration Management
4.2.4 Patch Management
4.2.5 Vulnerability Management
4.3 Access Control
4.3.1 Discretionary Access Control
4.3.2 Mandatory Access Control
4.3.3 Other Non-Discretionary Access Controls
4.3.4 Authentication Severs
5. Attack Methods
5.1 General Network-Based Attacks
5.1.1 Denial of Service
5.1.2 Distributed Denial of Service
5.1.3 Man-In-The-Middle
5.2 Web Related Attacks
5.2.1 Command Injection
5.2.2 SQL Injection
5.2.3 Cross Site Scripting
5.3 Endpoint Attacks
5.3.1 Buffer OverFlows
5.3.2 Priviledge Escalation
5.3.3 Command and Control
5.4 Other Form of Attacks
5.4.1 Social Engineering
5.4.2 Port Scanning and Host Profiling
5.5 Evasion Methods
5.5.1 Traffic fragementation
5.5.2 TCP Injection
5.5.3 Timing Attacks
5.5.4 Encryption and Tunneling
5.5.5 Resource Exhaustion
5.5.6 Words Substitution / Insertion
6. Security Monitoring
6.1 Overview
6.1.1 Full Packet Capturing
6.2 NetFlow
6.2.1 Application Logging
6.3 Notes about Monitoring Different Protocols
6.3.1 DNS
6.3.2 NTP
6.3.3 SMTP / POP3 / IMAP
6.3.4 DHCP
6.3.5 HTTP
6.3.6 TLS
6.4 Cisco Firepower
6.4.1 Overview of Next-Generation IPS
6.4.2 Events
6.4.3 Sharing Events with other SIEM
210-255 Implementing Cisco Cybersecurity Operations
1. Common Vulnerability Scoring System
1.1 Overview
1.2 Basic Metrics
1.2.1 Exploitability Metrics
1.2.2 Scope (S)
1.2.3 Impact Metrics
1.2.4 Temporal Metrics
1.2.5 Environmental Metrics
1.3 Vector String
1.4 The Score
1.4.1 Score Calculation
1.4.2 Textual Represention
2. Cybersecurity Forensics and File Systems
2.1 Cybersecurity Forensics Overview
2.2 Examples of Evidences
2.3 FileSystem Overiew
2.4 Windows FileSystem
2.4.1 FAT32
2.4.2 NTFS
2.4.3 Free Space Fragmentation
2.5 Linux Filesystem
2.5.1 EXT4
2.5.2 Journaling
2.5.3 Swap file system
2.6 Disk Imaging / Cloning
3. Gathering Data From Intrusion Analysis’ Tools
3.1 Wireshark
3.1.1 Capture Filter
3.1.2 Display Filter
3.1.3 Using Regular Expression
3.1.4 PCAP file
3.1.5 Sample Captures for Some Common Protocols
3.2 NetFlow
3.2.1 Sample Setup
3.2.2 Showing NetFlow Records
3.2.3 Showing Specific NetFlow Records
3.2.4 Generating Statsitics from NetFlow Records
3.2.5 Generating Reports from NetFlow Records
3.3 IPS and other Logging
3.3.1 Examples of IPS events
3.3.2 Examples of Firewall events
3.3.3 Examples of Antivirus events
3.3.4 About False Alarms
4. Incident Handling
4.1 NIST.SP800-61 r2
4.1.1 Overview
4.1.2 Incident Response Policy, Plan, and Procedure Creation
4.1.3 Preparation
4.1.4 Detection and Analysis
4.1.5 Containment, Eradication, and Recovery
4.1.6 Post-Incident Activity
4.2 Computer Security Incident Response Team
4.3 Network Profiling
4.3.1 Throughput
4.3.2 Ports Used
4.3.3 Address spaces
4.3.4 Session Duration
4.4 Server / Host Profiling
4.4.1 Listening Ports
4.4.2 Running Process
4.4.3 Applications
4.5 Data Mapping
4.5.1 PHI
4.5.2 SOX
4.5.3 PCI-DSS
5. Data and Event Analysis
5.1 Data Normalization
5.2 Interpreting Data
5.3 Retrospective Analysis
5.4 DNS Mapping and Correlation
5.5 Analysis for HTTP Traffic
5.5.1 Outgoing HTTP Connections from Internal Hosts
5.5.2 Incoming HTTP Connections to your Web Server.
5.6 Deterministic or Probabilistic Analysis
5.6.1 Deterministic Analysis
5.6.2 Probability Analysis
6. Incident Handling
6.1 Cyber Kill Chain Model
6.1.1 Reconnaissance
6.1.2 Weaponization
6.1.3 Delivery
6.1.4 Exploitation
6.1.5 Installation
6.1.6 Command and Control
6.1.7 Action on Objectives
6.1.8 Defensible Actions for a Kill Chain
6.1.9 Inadequacies and Critics about Kill Chain Model (參考章節)
6.2 Diamond Model for Intrusion Analysis (參考章節)
6.2.1 Overview
6.2.2 Diamond Event
6.2.3 Core Features
6.2.4 Meta-Features
6.2.5 Analyzing
6.3 NIST SP800-61 r2
6.4 NIST SP800-86
6.4.1 Establishing and Organizing a Forensics Capability
6.4.2 Performing the Forensic Process
6.4.3 Using Data from Data Files
6.4.4 Using Data from Operating Systems
6.4.5 Using Data from Network Traffic
6.4.6 Using Data from Applications
6.4.7 Using Data from Multiple Sources
6.5 VERIS Schema Categories
|