注册信息安全专业人员CISP-CISE认证 ( cispcise | 35 hours )

Prerequisites:

Object-oriented:

  • Corporate information security executive;
  • Information security service providers;
  • IT or security consultants;
  • IT auditors;
  • Information security lecturers or trainers;
  • Information security incident investigators;
  • Other personnel engaged in information security-related work (such as system administrators, programmers, etc.).
  • CISE (Certified Information Security Engineer): Suitable for network security technicians in government, major enterprises, institutions, and network security integration service providers;
  • CISO (Certified Information Security Officer): Suitable for network security managers in government, major enterprises and institutions, and also suitable for network security consultants of network security integration service providers;
  • CISA (Certified Information Security Auditor): Suitable for network security technicians in the government, major enterprises and institutions, and also suitable for network security consultants in network security integration service providers.
Overview:

CISP stands for Certified Information Security Professional, which is an authoritative security certification in the security industry. It is organized by the China Information Security Evaluation Center, which authorizes training institutions to carry out specific training.

The CISP curriculum system involves ten knowledge domains, including: information security assurance, network security supervision, information security management, business continuity, security engineering and operations, security assessment, information security support technology, physical and network communication security, computing environment security, and software security development. The training adopts a teaching method that combines theory with practice.

CISP certificates are divided into four categories according to the work field and the needs of actual job positions:

01. Certified Information Security Engineer, or CISE for short. Certificate holders are mainly engaged in the field of information security technology and have the basic knowledge and ability to engage in information system security integration, security technology testing, security reinforcement and security operation and maintenance.

02. "Certified Information Security Officer", or CISO for short. Certified holders are mainly engaged in the field of information security management and have the basic knowledge and ability to organize information security risk assessment, formulate information security master plans, formulate information security strategies and systems, and supervise their implementation.

03. Certified Information System Auditor, or CISA for short. Certificate holders are mainly engaged in information security auditing. They have a comprehensive grasp of basic information security knowledge and skills and have strong information security risk assessment and security inspection practical capabilities.

04. Certified Information Security Developer, or CISD for short. Certificate holders are mainly engaged in software development-related work. On the basis of fully mastering basic information security knowledge and skills, they have strong information system security development capabilities and are proficient in application security.

This course focuses on training for the Registered Information Security Engineer (category 01 above) examination.

Course Outline:

first day

  • Information security
    • Information security concept
    • Information Security Assurance Framework
  • Cybersecurity supervision
    • Construction of Cybersecurity Legal System
    • National Cybersecurity Policy
    • Cybersecurity Code of Ethics
    • Information Security Standards

the next day

  • Information Security Management
    • Includes Information Security Management Fundamentals
    • Information Security Risk Management
    • Safety management system construction
    • Safety Management System Best Practices
    • Information Security Management System
  • Business Continuity
    • Business Continuity
    • Information Security Emergency Response
    • Disaster backup and recovery

Day 3

  • Safety Engineering and Operations
    • System Safety Engineering
    • Security Operations
    • Content Security
    • Social Engineering and Training Education
  • Information security assessment
    • Safety Assessment Basics
    • Safety Assessment Implementation
    • Information System Audit

Day 4

  • Information security support technology
    • Cryptography
    • Identity Authentication
    • Access control
  • Physical environment and network communication security
    • Mainly includes physical security
    • OSI Communication Model
    • TCP/IP protocol security
    • Wireless communication security
    • Typical network attack prevention
    • Network security protection technology

Day 5

  • Computing environment security
    • Operating system security
    • Information collection and system attacks
    • Malicious code protection
    • Application Security
    • Data Security
  • Software Security Development
    • Software Security Development Lifecycle
    • Software security requirements and design
    • Software security implementation
    • Software Security Testing
    • Secure software delivery

Day 6

  • take an exam
    • The exam covers the content of the previous five days.
Sites Published:

中国 - 注册信息安全专业人员CISP-CISE认证