加入 Systematic Facebook 擁躉群  

這個頁面上的內容需要較新版本的 Adobe Flash Player。

取得 Adobe Flash Player


想定期知道最新課程及優惠嗎?
免費訂閱本中心的課程通訊!
觀看課程通訊
Reasonable Spread:
Permission email marketing

課堂錄影隨時睇 10 大優點之免費試讀:無條件免費試讀,讓您毋須擔心錄影課程及導師質素,信心保證!

CompTIA Security+ 國際認可證書課程

  • 課程時間
  • 課程簡介
  • 課程特點
  • 認證要求
  • 考試須知
  • 課程內容

推介服務:課堂錄影隨時睇
編號 地點 可預約星期及時間 學費低至 85 折  
AT1712MV 旺角 一至五:11:30 - 22:30   六及日:10:30 - 21:30   (公眾假期休息) 95 折後只需 $3,116 按此報名
AT1712OV 觀塘 一至五:13:30 - 22:00   六及日:12:30 - 21:00   (星期三及公眾假期休息) 9 折後只需 $2,952 按此報名
AT1712PV 北角 一至五:13:30 - 22:00   六及日:12:30 - 21:00   (星期三及公眾假期休息) 9 折後只需 $2,952 按此報名
AT1712SV 沙田 一至五:13:30 - 22:00   六及日:12:30 - 21:00   (星期三及公眾假期休息) 85 折後只需 $2,788 按此報名
AT1712YV 屯門 一至五:13:30 - 22:00   六及日:12:30 - 21:00   (星期三及公眾假期休息) 85 折後只需 $2,788 按此報名
* 各政府部門可使用 P Card 付款  
免費試睇: 首 3 小時,請致電與本中心職員預約。 查看各地點電話
旺角 2332-6544
觀塘 3563-8425
北角 3580-1893
沙田 2151-9360
屯門 3523-1560
免費重睇: 學員可於享用時期內於報讀地點不限次數地重看課堂錄影,從而可反覆重溫整個課程!
導師解答: 學員可於觀看某一課堂錄影後提出課堂直接相關的問題,課程導師會樂意為學員以單對單的形式解答!
課時: 24 小時
享用時期: 8 星期 (可於報讀日至 4 星期內觀看整個課程,另加 4 星期備用時期)。進度由您控制,可快可慢。
課堂錄影導師: Larry (任教課程清單)
課堂錄影隨時睇: 詳情及示範片段


CompTIA (The Computing Technology Industry Association) 於 1982 年成立,擁有超過 2,000 個國際級機構成員,3,000 個學術和合作夥伴,覆蓋了整個信息通信技術 (ICT) 行業,故 CompTIA 已經成為技術生態系統的主要領導者之一。

CompTIA Security+ 認證是一套中立的 (Vendor Neutral) 國際認證系統,它能確認您於 I.T. Security 的認識與各項資訊科技安全的技能,包括:

  • 各種網絡 (Network) 及終端機 (Endpoint) 安全系統
  • 各種密碼演算法 (Cryptography) 的應用
  • 身份 (Identification) 及生物 (Biometrics) 驗證系統
  • 安全危機的辨識 (Security Risk Identification) 與化解 (Mitigation) 方法
  • 網絡存取控制系統 (Network Access Control System) 的應用
  • 安全結構設備 (Security Infrastructure Devices)


CompTIA

為何考取 CompTIA Security+ 認證?

  • 因其中立的特性,通常成為資訊科技安全領域人士首先考取的認證。

  • 全球 25 萬人持有。

  • 根據美國勞工統計局 (Bureau of Labor Statistics) 及知名人力資源網站 Payscale.com 的統計資料顯示,擁有 CompTIA Security+ 認證的資訊安全分析專家 (Information Security Analyst) 的年薪介乎於 US$49,000 與 US$97,000 之間。另外,具備資訊科技安全技能的 Network / System Administrator 的年薪介乎於 US$39,000 與 US$83,000 之間。

  • 領先而中立的認證,會經常被全球各地的國際級機構認可並被設定為必要的入職條件。例如 Apple, Dell, HP, IBM, Intel 等機構的資訊安全相關職位 (例如 Information Security Officer) 均要求入職者持有 CompTIA Security+ 認證。

  • 為進修 Cisco CCNP Security, Juniper JNCIS-SEC, Check Point CCSE, CISA, CISSP 等等更高級的專業認證作基礎而必要的準備。


課程時數: 合共 24 小時 (共 8 堂),共 1 科
適合人士: 對電腦網絡 (TCP/IP) 有基礎認識的任何人士。
授課語言: 以廣東話為主,輔以英語
課程筆記: 本中心導師親自編寫英文為主筆記,而部份英文字附有中文對照。


1. 模擬考試題目: 本中心為學員提供約 100 條模擬考試題目,每條考試題目均附有標準答案。
2. 時數適中: 本中心的 CompTIA Security+ 國際認可證書課程時數適中,有 24 小時。令學員能真正了解及掌握課程內容而考獲 CompTIA Security+ 國際認可證書。
3. Larry Chan 親自教授: Larry 具備了 21 年以上電腦、網絡、數據庫及保安系統的工作經驗,而最近 17 年更於本中心全職教學。
4. Larry Chan 親身編寫筆記: Larry 親自編寫筆記,絕對適合考試及實際管理網路之用,令你無須「死鋤」如字典般厚及不適合香港讀書格調的書本。
5. 免費重讀: 傳統課堂學員可於課程結束後三個月內免費重看課堂錄影。

CompTIA 已公佈考生必須通過以下 1 個 CompTIA Security+ 相關科目的考試,便可獲發 CompTIA Security+ 國際認可證書:

考試編號 科目名稱
SY0-401 CompTIA Security+




本中心為 CompTIA 指定的考試試場。報考時請致電本中心,登記欲報考之科目、考試日期及時間 (最快可即日報考)。臨考試前考生須出示身份證及繳付考試費。

考試編號 SY0-401 考試費為 HK$2,560。

考試題目由澳洲考試中心傳送到你要應考的電腦,考試時以電腦作答。所有考試題目均為英文,而大多數的考試題目為選擇題。作答完成後會立即出現你的分數,結果即考即知!考試不合格便可重新報考,不限次數。欲知道作答時間、題目總數、合格分數等詳細考試資料,可瀏覽本中心網頁
"各科考試分數資料"。




SY0-401 CompTIA Security+ (24 Hours)

1. Risk Measurement and Weighing
1.1 Risk Assessment
1.2 Computing Risk Assessment and Risk Calculations
1.3 Quantitative vs. Qualitative Risk Assessment
1.4 Risk – related Terminology
1.5 Acting on Your Risk Assessment
1.6 A Case Study of Acting and Reacting to Risks
1.7 Cloud Computing Risks
1.8 Virtualization Risks
1.9 Developing Policies, Standards, and Guidelines
1.10 Implementing Policies
1.11 Incorporating Standards
1.12 Following Guidelines
1.13 Business Policies to Implement
1.14 Separation of Duties Policies
1.15 Privacy Policies
1.16 Acceptable Use Policies
1.17 Job Rotation
1.18 Least Privilege
1.19 Succession Planning
1.20 Control Types and False Positives/Negatives
1.21 Business Impact Analysis (BIA)
1.22 Identifying Critical Systems and Components
1.23 Formulating Business Continuity Plans
1.24 High Availability (HA)
1.25 Redundancy
1.26 Fault Tolerance (FT)
1.27 Redundant Array of Independent Disks
1.28 Disaster Recovery
1.29 Disaster Recovery Planning

2. Monitoring and Diagnosing Networks
2.1 Network Monitors
2.2 Monitoring System Log files
2.3 Understanding Hardening
2.4 Working with Services
2.5 Protecting Management Interfaces and Applications
2.6 Software
2.7 Patches
2.8 Account Control
2.9 File System choices
2.10 Securing the Network
2.11 Security Posture
2.12 Continuous Security Monitoring
2.13 Security Audits
2.14 Setting a Remediation Policy
2.15 Reporting Security Issues
2.16 Differentiating between Detection Controls and Prevention Controls

3. Security Devices and Infrastructure
3.1 TCP/IP Protocol Suite
3.2 OSI Relevance
3.3 Working with the TCP/IP Suite
3.4 The Application Layer
3.5 The Host-to-Host or Transport Layer
3.6 The Internet Layer
3.7 The Network Access Layer
3.8 IPv4 and IPv6
3.9 Concept of Encapsulation
3.10 Working with Protocols and Services
3.11 Well Known TCP and UDP Ports
3.12 TCP Three-Way Handshake
3.13 Application Programming Interface
3.14 Other Protocols to Know
3.15 Designing a Secure Network
3.16 Understanding the Various Network Infrastructure Devices
3.17 Firewalls
3.18 Concepts of Intrusion Detection Systems
3.19 IDS vs. IPS
3.20 Working with a Network-Based IDS
3.21 Implementing a Passive Response
3.22 Implementing an Active Response
3.23 Working with a Host-Based IDS
3.24 Working with NIPSs
3.25 Protocol Analyzers
3.26 Spam Filters
3.27 UTM Security Appliances
3.28 URL Filters
3.29 Content Inspection
3.30 Malware Inspection
3.31 Web Application Firewall vs. Network Firewall
3.32 Application-Aware Devices

4. Access Control, Authentication, and Authorization
4.1 Understanding Access Control Basics
4.2 Single Factor Authentication and Authorization
4.3 Multifactor Authentication
4.4 Layered Security and Defense in Depth
4.5 Network Access Control (Network Admission Control)
4.6 Tokens
4.7 Federations
4.8 Transitive Access Problem
4.9 Authentication Issues to Consider
4.10 Multifactor Authentication and Real World Security scenario
4.11 Authentication Protocols
4.12 Account and Password Policies in an Enterprise
4.13 Remote Authentication Dial-In User Service (RADIUS) Protocol
4.14 TACACS/TACACS+/XTACACS
4.15 VLAN Management
4.16 Understanding Authentication Services
4.17 Understanding Access Control
4.18 Mandatory Access Control
4.19 Discretionary Access Control
4.20 Role-Based Access Control
4.21 Rule-Based Access Control
4.22 Access Control Best Practice
4.23 Separation of Duties
4.24 Time of Day Access Control
4.25 User Access Review
4.26 Access Control by using Smartcards
4.27 Access Control Lists
4.28 Switch Port Security
4.29 Working with 802.1X
4.30 Flood Guards and Loop Protection
4.31 Preventing Network Bridging
4.32 Log Analysis
4.33 Trusted Operating System
4.34 Secure Router Configuration

5. Wireless Network Security
5.1 Working with Wireless Systems
5.2 IEEE 802.11- Wireless Protocols
5.3 WEP/WAP/WPA/WPA2
5.4 Concepts of Wireless Devices
5.5 Wireless Access Points
5.6 MAC Filtering on Wireless Networks
5.7 Captive Portals
5.8 Extensible Authentication Protocol
5.9 Wireless Network Vulnerabilities
5.10 Wireless Site Survey and War Driving
5.11 Wireless Attack Analogy

6. Secure Cloud Computing
6.1 Working with Cloud Computing
6.2 Introduction to Software-as-a-Service (SaaS)
6.3 Introduction to Platform-as-a-Service (PaaS)
6.4 Introduction to Infrastructure-as-a-Service (IaaS)
6.5 Distinction between Public Cloud and Private Cloud
6.6 More about Community Cloud and Hybrid Cloud
6.7 A Brief look on Virtualization
6.8 Snapshots
6.9 Patch Compatibility
6.10 Host Availability/Elasticity
6.11 Security Control Testing
6.12 Sandboxing
6.13 Security and Cloud Computing
6.14 Cloud Storage

7. Host, Data, and Application Security
7.1 Introduction to Application Hardening
7.2 Database the relevant technologies
7.3 Not only SQL (NoSQL)
7.4 Big Data
7.5 Storage Area Network (SAN)
7.6 Application Fuzzing
7.7 Secure Coding
7.8 Open Web Application Security Project (OWASP)
7.9 CERT Secure Coding Standards
7.10 Application Configuration Baselining
7.11 Operating System Patch Management
7.12 Application Patch Management
7.13 Host Security
7.14 Host Software Baselining
7.15 Hardening Web Servers
7.16 Hardening Email Servers
7.17 Hardening FTP Servers
7.18 Hardening DNS Servers
7.19 Hardening DHCP Services
7.20 Protecting Data Through Fault Tolerance
7.21 RAID
7.22 Clustering and Load Balancing
7.23 Application Security
7.24 Best Practices for Security
7.25 Hardware-Based Encryption Devices

8. Cryptography
8.1 Introduction to Cryptography
8.2 Historical Cryptography
8.3 Modern Cryptography
8.4 Symmetric Algorithms
8.5 Asymmetric Algorithms
8.6 Hashing Algorithms
8.7 Rainbow Tables and Salt
8.8 Key Stretching
8.9 Cryptanalysis Methods
8.10 Wi-Fi Encryption
8.11 Utilizing Cryptographic Systems
8.12 Confidentiality and Encryption Strength
8.13 Integrity
8.14 Digital Signatures
8.15 Authentication
8.16 Nonrepudiation
8.17 Features of a Certification Authority
8.18 Concepts of Cryptography Standards and Protocols
8.19 Public-Key Infrastructure X.509/Public-Key Cryptography Standards
8.20 X.509
8.21 SSL and TLS
8.22 Certificate Management Protocols
8.23 Secure Multipurpose Internet Mail Extensions
8.24 Secure Electronic Transaction (SET)
8.25 Secure Shell
8.26 Pretty Good Privacy
8.27 HTTPS and SHTTP
8.28 Internet Protocol Security (IPsec)
8.29 Using Public Key Infrastructure
8.30 Using a Certification Authority
8.31 Registration Authority
8.32 Implementing Certificates
8.33 Certificate Policies
8.34 Certificate Practice Statements
8.35 Certificate Revocation Process
8.36 Concepts of Trust Models

9. Vulnerabilities and Threats
9.1 About Malware
9.2 Surviving Viruses
9.3 Symptoms of a Virus Infection
9.4 How Viruses Work
9.5 Virus Types
9.6 Managing Spam to Avoid Viruses
9.7 Antivirus Software
9.8 Attack Types
9.9 Identifying Denial-of-Service and Distributed Denial-of-Service Attacks
9.10 Attack Tools
9.11 Spoofing Attacks
9.12 Pharming Attacks
9.13 Phishing, Spear Phishing, and Vishing
9.14 Xmas Attack
9.15 Man-in-the-Middle Attacks
9.16 Replay Attacks
9.17 Smurf Attacks
9.18 Password Attacks
9.19 Privilege Escalation
9.20 Malicious Insider Threats
9.21 Transitive Access
9.22 Client-Side Attacks
9.23 Typo Squatting
9.24 Watering Hole Attack
9.25 Identifying Types of Application Attacks
9.26 Cross-Site Scripting and Forgery
9.27 SQL Injection
9.28 LDAP Injection
9.29 XML Injection
9.30 Directory Traversal and Command Injection
9.31 Buffer Overflow
9.32 Integer Overflow
9.33 Zero-Day Exploits
9.34 Cookies and Attachments
9.35 Locally Shared Objects and Flash Cookies
9.36 Tracking Cookie
9.37 Malicious Browser Add-Ons
9.38 Session Hijacking
9.39 Header Manipulation
9.40 Arbitrary Code and Remote Code Execution
9.41 Interpreting Assessment Results
9.42 Working with Vulnerability Scanners
9.43 Working with a Port Scanner
9.44 Banner Grabbing

10. Physical Security and Environmental Control
10.1 Introduction to Social Engineering
10.2 Types of Social Engineering Attacks
10.3 Concepts of Physical Security
10.4 Hardware Locks and Security
10.5 Mantraps
10.6 Video Surveillance
10.7 Understanding Environmental Controls


 

更多綜合課程
  法律課程
  • 代理人的法律責任
  • 公司董事和合夥人的法律責任
  • 婚姻的法律責任
  • 遺產繼承的合法權益
  英文課程
  • IPA 拼音:級別 1 2 3 4
  普通話課程
  • 基礎普通話拼音 (免費)
  • 進階普通話拼音
  • 普通話會話:級別 1 2 3
  西班牙語文課程
  • 級別 1 2 3
  中醫課程
  • 濕疹與皮膚敏感病
  • 暗瘡與色斑 | 鼻敏感與感冒
  • 脫髮與白髮 | 從五官看健康
  攝影課程
  • 攝影初級
  • 攝影中級 (風景專題)
  風水命理課程
  • 紫微斗數:級別 1 2 3
  • 子平八字:級別 1 2 3
  • 八字風水:級別 1 2 3
  • 奇門遁甲:級別 1 2 3

這個頁面上的內容需要較新版本的 Adobe Flash Player。

取得 Adobe Flash Player