cstp: cyber security technology professional training … · cstp: cyber security technology...
TRANSCRIPT
CSTP: Cyber Security Technology
Professional Training and
Qualification Program
According to the regulation of cyber
professions in Israel
Being a Cyber Security Technology Professional:
The CSTP is responsible for planning technological solutions; integrating
technologies and security methods; adapting, implementing and integrating
security products; and accompanying security events based on an
understanding of the organization's activities, needs and goals, all for the
purpose of the organization's cyber-security defense.
CSTP: Cyber Security Technology Professional
1 Jabotinsky St. Ramat-Gan – 05252 , T: 6122831-03 , F: 6122593-03
www.see-security.com [email protected] 2
CSTP: Cyber Security Technology Professional Training
And Qualification Program
About Our College
See Security College is a highly specialized and
international cyber-security college. Our college is
one of seven colleges of its kind in the world and
deals with cyber-security exclusively, by using
education methodologies which were designed for
state and formal agencies.
The college delivers its study programs worldwide,
through the See Security International brand as
well as through well-known cyber-security agencies
dealing with cyber-defence exportation.
See-Security Technologies CEO, Mr. Avi
Weissman is one of the leaders in the Israeli Cyber
industry, and serves as an advisor and
commentator to the Israeli government on the
regulation of cyber professions standards. In
addition, Mr. Weissman is the founder of the Israeli
Forum for Information Security (IFIS) together with
Maj. Gen. (Res.) and former head of National
Security Council, Yaakov Amidror. He is also a co-
CEO of cyber human resources company, See-HR,
cyber security consulting company, See Consulting
and in the international cyber security college, See
Security International.
Cyber Professions Regulation in Israel
The Israeli Forum for Information Security, which
operates within the framework of the Prime
Minister's Office as an independent unit, has
decided to implement binding regulation on the
definition of the various professions in the cyber
world, and makes clear recommendations
regarding the content of knowledge for each and
every profession and speciality in the wide-ranged
branch of Cyber Security professions.
About the CSTP Training Program
The prestigious CSTP training program is designed
to train cyber defense experts who can advise,
guide and make decisions on information protection
tasks focusing on the technological-tactical aspects
(without the administrative-government domain).
These abilities will be acquired through a thorough
familiarity with the strategies, tactics, techniques,
and best practices in these diverse fields, including
familiarity with the theory of attack and intelligence.
Students will gradually learn the core-features of
the CSTP through lectures, self-guided homework
assignments and in-vivo practice labs.
In addition to the professional knowledge, the
program is designed to fulfill the requirements of
international certification authorities, such as: (a)
(ISC)2-SSCP certification, (b) CompTIA-Security+
certification, and the most of the CISSP certification
exam requirements.
Cyber Security Technology Professional program
(CSTP) deals with the strategic level and integrates
the knowledge and disciplines required for the
expert architect. The program will provide the
graduate the abilities to deal with the role of a cyber
defense architect and to: (a) design a cyber defense
system; (b) choose the right technological
components, and to implement them by using the
best technique; (c) analyze understand and
respond both rapidly and efficiently to cyber events
and to (d) "make sense" in the organizational cyber
defense system. The program is aimed to train
CSTP: Cyber Security Technology Professional
1 Jabotinsky St. Ramat-Gan – 05252 , T: 6122831-03 , F: 6122593-03
www.see-security.com [email protected] 3
highly specialized professionals in the cyber world
in fields such as business risk management, and to
give comprehensive training for international
certification exams. Now that the Cyber Authority's
decision has been declared to run tests for national-
Israeli accreditation, the program will prepare the
students for these certification exams as well!
The growing demand for highly educated and
knowledgeable cyber-consultants and defense
managers requires a broad and deep background,
in an orderly pedagogical methodology that will
enable us to take control of a large amount of
information. This is the real essence of our training
program.
The American National Initiative for Cyber Security
Education (NICE) defined its Mission as well: To
energize and promote a robust network and an
ecosystem of cybersecurity education, training, and
workforce development.
In January 2015, the Israeli National Cyber Bureau
published an official list of core professions,
including: Cyber Security Practitioner (CSP), Cyber
Security Technology Professional (CSTP),
Cyber Security Methodology Professional (CSMP),
Penetration Tester (Hacker), and Forensics
Specialist. The Chief Information Security Officer
(CISO) role is derived from CSTP and CSMP.
In addition, The National Initiative for Cybersecurity
Education (NICE), led by the National Institute of
Standards and Technology (NIST) of the U.S.
Department of Commerce, is a partnership between
government, academia, and the private sector
working to energize and promote a robust network
and an ecosystem of cybersecurity education,
training, and workforce development. NICE fulfills
this mission by coordinating with government,
academic, and industry partners to build on existing
successful programs, facilitate change and
innovation, and bring leadership and vision to
increase the number of skilled cybersecurity
professionals helping to keep our nation secure.
This program was designed in accordance with the
requirements of the cyber authority, and is intended
to prepare students for the (ISC)2 CISSP prestigious
certification exam. Naturally, program's graduates
can also sit easier international exam certifications
such as ISMA's CISM, CompTIA's Security or
(ISC)2's SSCP. In the coming year, the Israeli cyber
authority will publish additional information on these
professions and will run certification exams aimed
at architecture and methodology cyber
professionals.
Target Audience
The program requires profound knowledge in
system and networking aspects (Operating
systems, networking and ideally initial
acquaintance with cyber defense tools) and is not
suitable for beginners. BSC\BA grad\post in the
field of Computer Science, Software\ Hardware
Engineering may also apply.
Entry Requirements
1. Previous background in managing Windows
(MCSA) or Linux networks, or in cyber or in
Software Development. OR
2. BSC\BA grad\post in the field of Computer
Science, Software\ Hardware Engineering or
other fields* AND
3. Readability to invest in self-guided homework
assignments (for a total of 220 practice hours).
4. All candidates must participate in an admission
interview held by the academic administrator of
the program, Mr. Avi Weissman.
* Applicants who do not meet these requirements must be approved for
the program by a special committee held by the academic
administrator.
Reading Materials
Among other reading resources, the official CISSP
study guide and CCSK study materials.
CSTP: Cyber Security Technology Professional
1 Jabotinsky St. Ramat-Gan – 05252 , T: 6122831-03 , F: 6122593-03
www.see-security.com [email protected] 4
Tuition Fees
19,400 NIS (including registration fees and LTD)
Aacademic Faculty
Such a multidisciplinary and training program
requires extensive and uncompromising use of
dedicated experts, each in its field. The lecturers
include industry leaders, renowned cyber
managers and leading professional experts in their
fields. As a country that takes upon itself to lead in
cyber protection in the world, the college considers
itself committed to high standards and to a very high
standard of lecturers.
Program Format
The course will be held twice a week, in the
evenings. There will be 180 hours of in-class
lectures (45 sessions. 6 months), and 220
homework assignments. Lectures are held at See-
Security College in Ramat-Gan. The program
opens about three times a year.
Study Format
Technical and theoretical knowledge as well as
practical assignments which relates to the
architectural and methodological world of cyber
defense.
Pedagogical Requirements
1. Attendance in at least 80% of lectures.
2. At the end of every module, there will be an
examination and/or an assignment. Students
must obtain an average of at least 70%. There
is a possibility to take a make-up exam.
3. In technical modules –"hands-on" practice in
class and at home (using computer labs(.
Ccertification
The program was built for practical knowledge
purposes and serves as a preparation for the
Security+, (ISC)2-SSCP, and CCSK certification
exams and also for the vast majority of the CISSP
exam.
Students who will meet the pedagogic requirements
of the program will be awarded by See-Security
College as :
Cyber Security Technology Professional
Students who fail to meet the course requirements
are encouraged to re-take the entire course, or part
of it, without any additional costs.
Those who have difficulty with CISSP certification
can easily sit for the CompTIA Security+ or (ISC)2-
SSCP certifications.
In the future, the Cyber Authority intends to
institutionalize a test on its behalf for unique
accreditation in Israel, based on these contents.
Remarks
1. Opening of the course depends on the number
of enrolled applicants.
2. Registration fees are not refundable, excluding
the event that the college does not open the
program.
3. Any costs of external examination are not
included in the tuition fees of the program.
CSTP: Cyber Security Technology Professional
1 Jabotinsky St. Ramat-Gan – 05252 , T: 6122831-03 , F: 6122593-03
www.see-security.com [email protected] 5
4. There may be some changes in the program
layout, exams or any other issues. The College
Board will inform students before making such
alterations.
Further Information
Administrative information:
Mrs. Elvira Eliseev, 03-6122831, 052-8787889
Academic Information:
Mr. Avi Weissman, 054-5222305
Please Note!
The counseling and screening process of the
academic advisor is important for assuring your
chances of succeeding in this program and / or
in other programs, as well as in your
professional future.
.
CSTP: Cyber Security Technology Professional
1 Jabotinsky St. Ramat-Gan – 05252 , T: 6122831-03 , F: 6122593-03
www.see-security.com [email protected] 6
CSTP: Cyber Security Technology Professional
1 Jabotinsky St. Ramat-Gan – 05252 , T: 6122831-03 , F: 6122593-03
www.see-security.com [email protected] 7
Curriculum
16 Thinking Security – Introduction to Cyber Systems Management
The entry into the real world of cyber defense discusses
the sources of cyberwar, cyber concepts, threats, and
response strategies used in the world of security,
specialization, and authority disciplines, and a review of
the topics covered in the program in order to capture the
overall picture of the challenge.
Track overview: academic requirements, Security Concepts
The Art of War: Information security and the Art of War, The technical landscape
Threats, Vulnerabilities: Digital Threats, Vulnerabilities, The Human Factor, adversaries, end users
Attack and defense techniques: attacks types, methodologies
Defense in Depth: Defensive: Defense in Depth, trusted computing
InfoSec engineering & common criteria: Information system security engineering, common criteria, summary.
108 Cyber Technologies: Technologies, Tools, Techniques & Architecture
As in Chess, one must understand what tools are
available, what their essence is, what functions they serve
and how to use them in combination with other tools and
correct techniques. The tools and techniques complement
one another as part of the technological response to
threats, the operating system layer, networks,
applications, special environments such as cloud and
mobile devices, as well as end stations.
Cryptography: Introduction to cryptography, Classic cryptography to Modern Cryptography, Basics of Modern Cryptography, Symmetric Key Algorithms, Block Ciphers Modes of Operation, Stream ciphers, Key Management, Public Key Cryptography, Message Integrity and Authentication Controls, Public Key Infrastructure.
Installing Configuring & Maintaining Certification Authorities, Configuring, Deploying & Maintaining Certificates, Smart Card Certificates, EFS
Access Control: What is Access control? Chapter 2: Identification and authentication (I&A), Authorization and AC Models, Centralized Access Control Methodologies
Perimeter Protection: Enclave defined, The need for Perimeter Protection, Router security, Firewalls, VPN Technology, NAC
Detection & Response: The Need for Detection Systems, IDS Systems Capabilities, Implementation & Management, Security Information & Event Management, Log Retention and Management, SIEM.
Anti-Malware: Malware threats and Anti Malware tools
Application & Code Security
DB Security
Virtualization Security
Cloud Security
DLP
Hardware Security
Files Security & Whitening: Hidden Content in files, Why Antivirus is insufficient, Metadata, Utilizing features to abuse
Social Networks Security
Infosec Technologies Trends
Information Technologies Architecture: Security Architecture creation methodologies
Technologies Summary
CSTP: Cyber Security Technology Professional
1 Jabotinsky St. Ramat-Gan – 05252 , T: 6122831-03 , F: 6122593-03
www.see-security.com [email protected] 8
Independent Project: InfoSec Architecture for xyz Organization
Students are asked to write a project that summarizes the knowledge acquired in the chapter on technologies and architecture, based on the methodologies learned, with emphasis on coping with real-world challenges. The project process is conducted in constant interaction with the college staff (assistance and support).
40 Cyber Methodology / GRC: InfoSec Governance, Risk & Compliance
The world of information security maintains an intimate interrelationship with the field of government, risk management and corporate compliance. This is a discipline with three aspects: organizational risk management as a result of a cyber event, compliance with management requirements, and the requirements of law and regulation in relevant aspects (e.g., the Protection of Privacy Law, Regulation 7809, 627). The ISCA-CISSP, ISACA-CISM, ISO 27000, SOX, DoD, PCI, ISC2-CISSP standards security, Israeli legislation, and industry regulations will be reviewed according to the daily practice.
Legal & Regulatory: The Applicable Legislation, The privacy Act, Information reservoirs Registration & Protection, The Regulation, 357, 257, SOX & iSOX, BASEL II, HIPPA, 361, 367
Governance, Strategic plan: Corporate Governance Defined, InfoSec Governance,
Program Management: The InfoSec Program from Three Points of View, Security Architecture Defined, Policies, Standards, Procedures, Baselines & Guidelines, InfoSec as a Process, Process Quality Management
ISO 27001 Lead Auditor Preparation Corporate, IT & InfoSec Governance Relationship, Corporate strategy defined, Infosec Positioning, Infosec Strategy, InfoSec Strategic Planning. Statement of Applicability
Controls & Control Objectives: ISO 27001 -ISMS, InfoSec Control Objectives
Control Environment: Controls, Designing a Control Environment, Cobit, COSO
Privacy in the Digital Age
Program Audit & Maintenance: Internal Audit Defined, IT General Audit, Infosec Audit, Program Improvement, Vulnerability Assessment, Pen tests
52 CISO Function and Role
What does the Information Security Manager do? What is its list of tasks and what is the correct order to carry them out? How does the product of each action become the raw material of the next action? The Unwritten Law of CISO Functions.
The Evolving CISO Role
Risk Assessment: Risk Management Fundamentals, Risk Assessment, Qualitative and Quantitative Assessment, The Hybrid approach, Asset Management, MSAT, Identifying Asset Vulnerability, Formalizing Risk Statement, Risk Register, Prioritizing Risk, Stating Solutions
InfoSec Processes: InfoSec Process & Process Catalogue, Process & Program maturity
InfoSec Project: Project Management Defined, Creating an InfoSec Project, Business Case - Business Case
The IAM Process: Role Definition, Workflow, User Provisioning / De-provisioning, Audit & monitor
Capital Planning & Investment Control: Capital
Planning & Budget Decision, Corrective Action Impact and Priority, System Based Project Scoping, Enterprise Project Scoping, Choosing Your Battle, Project Investment Control,
Corporate InfoSec Policy: The Need for a Corporate InfoSec Policy, Policy Governance & Authority, Scope, Responsibility & Accountability, The Policy Chapters
BCM - Business Continuity Management: BCM Planning, COOP, CCP, ORP, ITCP, CIP, BRP, DRP, DRP Project
Relationship & Communication: Implementing a Security & Awareness Program - Creating & Implementing a Security Marketing Plan
Measuring Security: Security measurements & Metrics Implementing metrics in security processes (KPI, KRI).
Putting it all Together: The New CISO 1st Year Timeline, from Security Strategy to Governance to Security Program & Projects
CSTP: Cyber Security Technology Professional
1 Jabotinsky St. Ramat-Gan – 05252 , T: 6122831-03 , F: 6122593-03
www.see-security.com [email protected] 9
24 Incident Response
SOC & Incident Response: SOC Operation, Incident response methodology
Detection & Response-Lab: Implementing a SIEM Project Computer Forensic & Intellectual Rights: Computer Crime investigation, forensics & guarding, Intellectual property.
Independent Final Assignment: Building an InfoSec Program
Students are asked to write a project that summarizes the acquired knowledge in the CISO Role chapter, including the implications of cyber governance and the management of cyber processes. The project must rely on the knowledge acquired in the chapter on technologies and architecture as well.
32 Hacking Defined Advanced
As in chess, it is not enough to know the functioning of the various tools. We must learn how to "play". There will be no understanding of modes of protection without a full realization of the means of attack. This module introduces the student o the world Penetration Testing. The module portrays the classical threats to information assets caused by a malicious human agent. The world of attacking and intelligence is taught in order to make the learner recognize the threats, vulnerabilities, techniques, and technologies used by the attacker.
Understanding Linux: History, Distributions, Kernel, File System, Shell, Live CD, VM
Shell: Prompt, Basic Commands, GUI
File Systems & Networking: Environmental Variable, Process Environment
Shell Redirection: Pipes, Bash Scripting
Overview & Test
HD Introduction
HD ToolKit: Linux, Kali, Development Environment, Disassembly, Hacking Today Presentations
Low Technology Reconnaissance: Social Engineering, Attack tree (Lio), Passive Reconnaissance
Web base Reconnaissance: Google, Who-Is, DNS
Google Hacking & API: Advanced Key-Words, Boolean Search, Google API
Info Gathering Tools: Maltego, Win-Finger-Print, SAM Spade
Finger Printing: SMTP, SNMP, DNS, Net-Bios, RPC, LDAP, HTTP, SSH, Banner Grabbing
NetCat: Port Scanning, Banner Grabbing, File Transfer, Bind Shell, Reverse Shell
Port Scanners: SL, Nmap, Super-Scan, Unicorn Scan
Traffic Interception & Analyze: Wire-Shark, TCP-Dump, Com-View,
Traffic Manipulation: Man-In The-Middle, DNS Spoofing, SSL Spoofing, Skype Spoofing
Buffer Overflow: Scenarios, Frameworks: Metasploit
Vulnerability Scanners & Client Side Attack: Accunetix, Nessus, Shadow, W3F, Web & Host Scan
SQL Injection & Wireless Hacking: Attack Overview, SQL Ninja Priamos
House-Keeping: Trojan Horses, Root-Kit, Packer
Final Challenge Test
4 InfoSec Consulting Services
Typical cyber services workshop: process and technological risk surveys, penetration testing, GRC compliance reviews.
Consulting types & areas, Surveys, Reports
CSTP: Cyber Security Technology Professional
1 Jabotinsky St. Ramat-Gan – 05252 , T: 6122831-03 , F: 6122593-03
www.see-security.com [email protected] 10
8 CISSP Preparation
This workshop complements (ISC)2's CISSP, in addition to the entire curriculum, and is focused on international exam topics.
Reporting Models, Computer ethics
Physical (Environmental) Security
Operation Security
TEST Marathon
CSTP Applicant Declaration
I hereby confirm that I have received this information sheet, understand its contents and agree to the terms set
out therein.
Name_____________________ Date __________________ Signature _____________________________
We invented a Technology
for cyber education,
because nobody else did.