Об этом курсе
5.0
Оценки: 3
Рецензии: 1
100% онлайн

100% онлайн

Начните сейчас и учитесь по собственному графику.
Гибкие сроки

Гибкие сроки

Назначьте сроки сдачи в соответствии со своим графиком.
Начальный уровень

Начальный уровень

Часов на завершение

Прибл. 14 часа на выполнение

Предполагаемая нагрузка: 5 hours/week...
Доступные языки

Английский

Субтитры: Английский
100% онлайн

100% онлайн

Начните сейчас и учитесь по собственному графику.
Гибкие сроки

Гибкие сроки

Назначьте сроки сдачи в соответствии со своим графиком.
Начальный уровень

Начальный уровень

Часов на завершение

Прибл. 14 часа на выполнение

Предполагаемая нагрузка: 5 hours/week...
Доступные языки

Английский

Субтитры: Английский

Программа курса: что вы изучите

Неделя
1
Часов на завершение
5 ч. на завершение

Identify and Analyze Malicious Code and Activity

Module Topics: Malicious Code, Malicious Code Countermeasures, Exploitation, Insider Threats, Spoofing, Phishing, Spam, and Botnet, Malicious Web Activity, Payloads, Malicious Activity Countermeasures, Malcode Mitigation, and Common Mistakes. Malicious Code includes topics like Key concepts, Example Worms, Polymorphic Viruses, Software Exploitation Methods, Scanners, Generations of Antivirus Scanning Software, Generic Decryption (GD) Technology, Behavior-Blocking Software, Antivirus Software on the Firewall and IDS, Code signing, Code Signing Certificates, Sandboxing, Virtual Machine (VM), Social Engineering, Additional Examples of Social Engineering Attacks, and Security Awareness Training. Under the topic of Exploitation, you will learn about Long File Extensions, Fake Icon, Hostile Codecs, and E-mail. In Insider Threats, you will learn about Indicators of Malicious Threat Activity, Countermeasures, Direction, Prevention, and Deterrence Methods, Continual Training, and Insider Hardware Threats. In Spoofing, Phishing, Spam, and Botnets, you will learn about Spoofing, Examples of Spoofing, Phishing, Common Characteristics of Forged E-Mail Messages, Techniques, How Phishing Works, Impact of Phishing, How to Recognize a Phishing E-Mail, Spam, Spam Distribution Channels, How Does Spam Work?, Spam Techniques, Protecting users From Spam, Botnets, How Are Botnets Created?, Botnet-Led Exploits, Botnet Detection and Mitigation, Common Botnet Detection and Mitigation Techniques. In Malicious Web Activity, you will go through topics like Mobomarket Attack, Cross-site Scripting (XSS) Attacks, The Theory of XSS, XSS Attack Vectors, Is the Organization's Site Vulnerable to Cross-Site Scripting? Example of a Cross-Site Scripting Attack, How to check for Cross-Site Scripting Vulnerabilities, Zero-Day Exploits and Advanced Persistent Threats (APTS), Unknown Vulnerabilities management Process, Five Phases of APT, Brute-Force Attacks, Instant Messaging, Infected Factory Builds and Media, man-in-the-Middle Malcode, Malicious Activity Countermeasures, Network Layer, Application Layer, Modified Hosts File and DNS Changes, Inspection of Process, Rootkit, Rootkit Classifications, Behavioral Analysis of Malcode, and Static File Analysis....
Reading
18 videos (Total 109 min), 18 материалов для самостоятельного изучения, 1 тест
Video18 видео
Malicious Code and Activity: Key Concepts6мин
Malicious Code and Activity: Malicious Code Countermeasures4мин
Malicious Code and Activity: Software Exploitation Methods6мин
Malicious Code and Activity: Software Exploitation Methods5мин
Malicious Code and Activity: Code Signing5мин
Malicious Code and Activity: Social Engineering6мин
Malicious Code and Activity: Security Awareness Training6мин
Malicious Code and Activity: Long File Extensions5мин
Malicious Code and Activity: E-mail7мин
Malicious Code and Activity: Countermeasures5мин
Malicious Code and Activity: Examples of Spoofing5мин
Malicious Code and Activity: Techniques5мин
Malicious Code and Activity: Botnet-Led Exploits6мин
Malicious Code and Activity: Malicious Web Activity6мин
Malicious Code and Activity: Zero-Day Exploits4мин
Malicious Code and Activity: Infected Factory Builds and Media4мин
Malicious Code and Activity: Inspection of Processes7мин
Reading18 материала для самостоятельного изучения
Systems and Application Security10мин
Malicious Code and Activity: Key Concepts10мин
Malicious Code and Activity: Malicious Code Countermeasures10мин
Malicious Code and Activity: Software Exploitation Methods10мин
Malicious Code and Activity: Software Exploitation Methods10мин
Malicious Code and Activity: Code Signing10мин
Malicious Code and Activity: Social Engineering10мин
Malicious Code and Activity: Security Awareness Training10мин
Malicious Code and Activity: Long File Extensions10мин
Malicious Code and Activity: E-mail10мин
Malicious Code and Activity: Countermeasures10мин
Malicious Code and Activity: Examples of Spoofing10мин
Malicious Code and Activity: Techniques10мин
Malicious Code and Activity: Botnet-Led Exploits10мин
Malicious Code and Activity: Malicious Web Activity10мин
Malicious Code and Activity: Zero-Day Exploits10мин
Malicious Code and Activity: Infected Factory Builds and Media10мин
Malicious Code and Activity: Inspection of Processes10мин
Quiz1 практического упражнения
Quiz 120мин
Неделя
2
Часов на завершение
1 ч. на завершение

Implement and Operate Endpoint Device Security

Module Topics: Host-Based Intrusion Detection Systems (HIDS), Host-Based Firewalls, Application Whitelisting, Endpoint Encryption, Trusted Platform Module (TPM), Mobile Device Management (MDM), Secure Browsing. In Host-Based Intrusion Detection Systems (HIDS), you will learn about Advantages and Disadvantages of HIDS. In Application Whitelisting, you will learn about software Restriction Policies (SRP), Trusted Platform Module (TPM). In Mobile Device Management (MDM), you will learn about Bring your Own Device (BYOD), Security, BYOD Policy Considerations, BYOD Policy Considerations, Corporate Owned, Personally Enabled (COPE), and Secure Browsing....
Reading
3 videos (Total 15 min), 3 материалов для самостоятельного изучения, 1 тест
Video3 видео
Endpoint Device Security: Trusted Platform Module (TPM)6мин
Endpoint Device Security: BYOD Policy Considerations2мин
Reading3 материала для самостоятельного изучения
Endpoint Device Security: HIDS10мин
Endpoint Device Security: Trusted Platform Module (TPM)10мин
Endpoint Device Security: BYOD Policy Considerations10мин
Quiz1 практического упражнения
Quiz 210мин
Неделя
3
Часов на завершение
5 ч. на завершение

Operate and Configure Cloud Security

Module Topics: Introduction, Deployment Models, Service Models, Virtualization, Legal and Privacy Concerns, Classification of Discovered Sensitive Data, Mapping and Definition of Controls, Application of Defined Controls for Personally Identifiable Information (PII), Data Storage and Transmission, Encryption, Key Management, Masking/Obfuscation and Anonymization, Tokenization, Data Deletion Procedures and Mechanisms, Event Sources, Data Event Logging and Event Attributes, and Storage and Analysis of Data Events. Introduction covers the Five Essential Characteristics of Clouds. Deployment Models cover topics like Public, Private, Hybrid and Community Cloud, Service Models, SaaS, PaaS, and IaaS. Virtualization includes Hypervisor, and Types of Virtualization. In Legal and Privacy Concerns, you will learn about Key P&DP Questions, Country-Specific Legal Considerations, Jurisdiction and Applicable Law, Essential Requirements in P&DP Laws, Typical Meaning for Common Privacy Terms, Privacy Roles for Customer and Service Provider, Data Discovery, and Privacy Level Agreement (PLA). In Application of Defined Controls for Personally Identifiable Information (PII), you will learn about Cloud security Alliance Cloud Controls Matrix (CCM), CCM Security Domains, Data Dispersion in Cloud Storage, Threat to storage Types, Technologies Available to Address Threats, Data Loss Prevention (DLP), DLP Components, DLP Architecture, Cloud-Based DLP Considerations, and Best Practices. In Encryption, you will learn about Sample Use cases for Encryption, Cloud Encryption Challenges, Key Management, Key Storage in the Cloud, and Key Management in Software environments. In Masking/Obfuscation and Anonymization, you will learn about Data Masking/Obfuscation, Common Approaches for Data Masking, Primary Methods of Masking Data, and Data Anonymization. Tockenization covers topics like Tokenization and Cloud, Data Retention Policies, Data Deletion Procedures and Mechanisms, Disposal Options, Crypto-shredding, Data Archiving Policy, Security and Information Event Management (SIEM). Data Event Logging and Event Attributes covers topics like OWASP Recommendations, SIEM Capabilities, and SIEM Challenges. ...
Reading
16 videos (Total 105 min), 16 материалов для самостоятельного изучения, 1 тест
Video16 видео
Cloud Security: Hybrid5мин
Cloud Security: Virtualization7мин
Cloud Security: Hypervisor4мин
Cloud Security: Country-Specific Legal Considerations6мин
Cloud Security: P&DP Laws6мин
Cloud Security:Application of Defined Controls for Personally Identifiable Information (PII)8мин
Cloud Security: Data Dispersion5мин
Cloud Security: Threat to Storage Types9мин
Cloud Security: Technologies to Address Threats4мин
Cloud Security: DLP Architecture7мин
Cloud Security: Review Activity6мин
Cloud Security: Key Storage in the Cloud4мин
Cloud Security: Common Approaches for Data Masking4мин
Cloud Security: Data Retention Policies7мин
Cloud Security: Disposal Options8мин
Reading16 материала для самостоятельного изучения
Cloud Security: Five Essential Characteristics of Clouds10мин
Cloud Security: Hybrid10мин
Cloud Security: Virtualization10мин
Cloud Security: Hypervisor10мин
Cloud Security: Country-Specific Legal Considerations10мин
Cloud Security: P&DP Laws10мин
Cloud Security: Application of Defined Controls for Personally Identifiable Information (PII)10мин
Cloud Security: Data Dispersion10мин
Cloud Security: Threat to Storage Types10мин
Cloud Security: Technologies to Address Threats10мин
Cloud Security: DLP Architecture10мин
Cloud Security: Review Activity10мин
Cloud Security: Key Storage in the Cloud10мин
Cloud Security: Common Approaches for Data Masking10мин
Cloud Security: Data Retention Policies10мин
Cloud Security: Disposal Options10мин
Quiz1 практического упражнения
Quiz 320мин
Неделя
4
Часов на завершение
3 ч. на завершение

Secure Big Data Systems & Operate and Secure Virtual Environments

Module Topics for Secure Big Data Systems: Application Vulnerabilities and Architecture or Design Environments. Application Vulnerabilities include topics like Data Growth, Big Data, Interpreting Big, Data, Big Data Issues, and Challenges with 'Free' Analytic Tools. Architectural or Design Environments include topics like Distributed Computing Architectures, Key Challenges, Securing the Organization's Big Data, and Deploying Big Data for Security. Module Topics for Operate and Secure Virtual Environments: Software-Defined Network (SDN), Virtual Appliances, Continuity and Resilience, Attacks and Countermeasures, Common Virtualization Attacks, Recommendations and Best Practices for Secure Virtualization, and Shared Storage. In Software-Defined network (SDN), you will learn about How SDN Works. Virtual Appliances talks about Virtual Appliances Compared to Virtual Machines. In Continuity and Resilience you will learn about Host Clustering Concepts, VMware Distributed Resource Scheduling (DRS), Scalability and Reliability, windows Failover Clustering. In Common Virtualization Attacks, you will learn about Mitigation Strategies. In Recommendations and Best Practices for Secure Virtualization you will learn about Desktop Virtualization and Security, Network Security, Storage Networks, Auditing and Logging, Virtual Machine Security, Management Systems, Hypervisor Security, Time Synchronization, Remote Access, Backups, and Configuration and Change Management. ...
Reading
9 videos (Total 70 min), 9 материалов для самостоятельного изучения, 1 тест
Video9 видео
Secure Big Data Systems: Interpreting Big Data4мин
Secure Big data Systems: Key Challenges5мин
Operate and Secure Virtual Environments: SDN5мин
Operate and Secure Virtual Environments: Virtual Appliances8мин
Operate and Secure Virtual Environments: DRS10мин
Operate and Secure Virtual Environments: Common Attacks6мин
Operate and Secure Virtual Environments: Network Security5мин
Operate and Secure Virtual Environments: Virtual Machine Security16мин
Reading9 материала для самостоятельного изучения
Secure Big Data Systems: Big Data10мин
Secure Big Data Systems: Interpreting Big Data10мин
Secure Big data Systems: Key Challenges10мин
Operate and Secure Virtual Environments: SDN10мин
Operate and Secure Virtual Environments: Virtual Appliances10мин
Operate and Secure Virtual Environments: DRS10мин
Operate and Secure Virtual Environments: Common Attacks10мин
Operate and Secure Virtual Environments: Network Security10мин
Operate and Secure Virtual Environments: Virtual Machine Security10мин
Quiz1 практического упражнения
Quiz 412мин
5.0
Рецензии: 1Chevron Right

Лучшие рецензии

автор: GBJul 5th 2018

Thank you. Great course. The instructor breaks everything down, and makes it easy to learn.

Преподавателя

Avatar

(ISC)² Education & Training

Education & Training

О (ISC)²

(ISC)² is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP®) certification, (ISC)2 offers a portfolio of credentials that are part of a holistic, programmatic approach to security. www.isc2.org ...

О специализации ''(ISC)² Systems Security Certified Practitioner (SSCP) '

Pursue better IT security job opportunities and prove knowledge with confidence. The SSCP Professional Training Certificate shows employers you have the IT security foundation to defend against cyber attacks – and puts you on a clear path to earning SSCP certification. Learn on your own schedule with 120-day access to content aligned with the latest (ISC)2 SSCP exam domains. We’re offering the complete online self-paced program for only $1,000 – a $200 savings when you get all domains bundled together. 3 Steps to Career Advancement 1. Register for the course 2. Gain access for 120 days 3. Register and sit for the SSCP certification exam Upon completing the SSCP Professional Certificate, you will: 1. Complete six courses of preparing you to sit for the Systems Security Certified Practitioner (SSCP) certification exam as outlined below. Course 1 - Access Controls Course 2 - Security Operations and Administration Course 3 - Risk Identification, Monitoring, and Analysis/Incident Response and Recovery Course 4 - Cryptography Course 5 - Network and Communication Security Course 6 - Systems and Application Security 2. Receive a certificate of program completion. 3. Understand how to implement, monitor and administer an organization’s IT infrastructure in accordance with security policies and procedures that ensure data confidentiality, integrity and availability....
(ISC)² Systems Security Certified Practitioner (SSCP)

Часто задаваемые вопросы

  • Да, до регистрации можно просмотреть первое видео и программу курса. Чтобы получить полный доступ к материалам курса, необходимо оплатить его.

  • Регистрируясь на курс до начала сессии, вы получаете доступ ко всем видеолекциям и материалам для самостоятельного изучения. Задания можно отправлять после начала сессии.

  • После регистрации на курс и начала сессии вы получаете доступ ко всем видео и другим ресурсам курса, включая материалы для самостоятельного изучения и форумы обсуждений. Вы сможете выполнять тренировочные, а также сдавать обязательные оцениваемые задания и получить сертификат о прохождении курса.

  • Если вы успешного пройдете курс, на странице ваших достижений появится электронный сертификат, который можно распечатать или прикрепить к профилю LinkedIn.

  • Это один из немногих курсов на Coursera, которые предоставляются только на платной основе. Если вы хотите пройти этот курс, но не можете его оплатить, подайте заявление на получение финансовой помощи.

  • The course schedule contains approximately 15 hours of content material covering lectures, reading materials, a case study, and quizzes broken up over the course of 7 weeks.

Остались вопросы? Посетите Центр поддержки учащихся.