Oversikt over relevante kurs innen Sikkerhetskurs for IT i Hammerfest

COURSE OVERVIEW The Certified Information Systems Security Professional (CISSP) is the most globally recognized certification in the cybersecurity market. CISSP validates a cybersecurity professional’s deep technical and managerial knowledge and experience to effectively design, engineer and manage an organization’s overall security posture. Please note an exam voucher is included as part of this course TARGET AUDIENCE Cybersecurity professionals with at least 5 years in the information security field. Member data has shown that amajority of CISSP holders are in middle management and a much smaller proportion are in senior or junior/entry-level positions. Roles include:• Chief Information Officer• Chief Information Security Officer• Chief Technology Officer• Compliance Manager / Officer• Director of Security• Information Architect• Information Manager / Information RiskManager or Consultant• IT Specialist / Director / Manager• Network / System Administrator• Security Administrator• Security Architect / Security Analyst• Security Consultant• Security Manager• Security Systems Engineer / Security EngineerSectorsCISSP is relevant across all sectors and industries, including:• Aerospace• Automotive• Banking, financial services, insurance (BFSI)• Construction• Cybersecurity• Energy• Engineering• Government• Healthcare, IT products, services, consulting• Manufacturing• Pharma• Retail• Telecom COURSE OBJECTIVESAfter completing this course you should be able to: Understand and apply fundamental concepts and methods related to the fields of information technology and security Align overall organizational operational goals with security functions and implementations. Understand how to protect assets of the organization as they go through their lifecycle. Understand the concepts, principles, structures and standards used to design, implement, monitor and secure operating systems, equipment, networks, applications and those controls used to enforce various levels of confidentiality, integrity and availability. Implement system security through the application of security design principles and application of appropriate security control mitigations for vulnerabilities present in common information system types and architectures. Understand the importance of cryptography and the security services it can provide in today’s digital and information age. Understand the impact of physical security elements on information system security and apply secure design principles to evaluate or recommend appropriate physical security protections. Understand the elements that comprise communication and network security coupled with a thorough description of how the communication and network systems function. List the concepts and architecture that define the associated technology and implementation systems and protocols at Open Systems Interconnection (OSI) model layers 1-7. Identify standard terms for applying physical and logical access controls to environments related to their security practice. Appraise various access control models to meet business security requirements. Name primary methods for designing and validating test and audit strategies that support business requirements. Enhance and optimize an organization’s operational function and capacity by applying and utilizing appropriate security controls and countermeasures. Recognize risks to an organization’s operational endeavours and assess specific threats, vulnerabilities and controls. Understand the System Lifecycle (SLC) and the Software Development Lifecycle (SDLC) and how to apply security to it; identify which security control(s) are appropriate for the development environment; and assess the effectiveness of software security. COURSE CONTENT Domain 1: Security and Risk Management Domain 2: Asset Security Domain 3: Security Architecture and Engineering Domain 4: Communication and Network Security Domain 5: Identity and Access Management (IAM) Domain 6: Security Assessment and Testing Domain 7: Security Operations Domain 8: Software Development Security TEST CERTIFICATION Recommended as preparation for the following exam: (ISC)2 Certified Information Systems Security Professional Gaining this accreditation is not just about passing the exam, there are a number of other criteria that need to be met including 5 years of cumulative, paid work experience in two or more of the eight domains of the (ISC)²® CISSP CBK . Full details can be found at https://www.isc2.org/cissp/default.aspx Those without the required experience can take the exam to become an Associate of (ISC)²  while working towards the experience needed for full certification Please note an exam voucher is included as part of this course   [-]

Bedriftstilbud! Vi tilbyr nå rabatterte priser for på PECB ISO/IEC Foundation 27001 som bedriftsinternt kurs for grupper (minimum 5 personer).Kurset kan holdes i lokalene til Orange Cyberdefense på Lysaker Torg, eller hos dere. Kontakt oss for et godt tilbud.  Har dere sikkerhetskompetansen dere trenger? Orange Cyberdefense holder sertifiseringskurs innen cyber- og informasjonssikkerhet levert av den anerkjente sertifisering- og kursleverandøren PECB. PECB ISO/IEC 27001 Foundation er et 2 dagers kurs, der man vil lære om de grunnleggende elementene for å implementere og lede et styringssystem for informasjonssikkerhet (ISMS) i samsvar med ISO/IEC 27001. Etter kurset vil kursdeltagerne forstå de ulike delene i et ISMS, inkludert policyer, rutiner, måling, internrevisjon og kontinuerlig forbedring. Kurset er ment for bedriftens ansatte som skal delta i innføringen av et styringssystem for informasjonssikkerhet, eller som trenger å lære mer om informasjonssikkerhet og styring av dette i en virksomhet.  Læringsmål for kurset Kjennskap til ISO/IEC 27001 og kunne se sammenhenger mellom ISO/IEC 27001, ISO/IEC 27002 og andre rammeverk. Forstå ulike tilnærminger, standarder, metoder og teknikker som brukes for å implementere og styre et ISMS. Kunne drifte elementene i et styringssystem for informasjonssikkerhet ISMS.   Bindende påmelding Vi forbeholder oss retten til å utsette kurs ved for få deltakere/ påmeldte. Tilbud om ny kursdato vil bli gitt.  [-]

httpWeb Security for Developers [-]

COURSE OVERVIEW If you are new to Citrix or if you are planning a move to Citrix Cloud, this course is a necessary step in enabling you with the right training and skills to manage and deploy Citrix Workspace successfully. This foundational administration course covers the aspects of installing, configuring and managing a Citrix Virtual Apps and Desktops 7 environment, how to manage an on-premises Citrix solution and migrate from an on-premises solution to cloud using the Citrix Cloud management plane. This five-day course will teach you how to deploy, install, configure, setup profile management, configure policies, printing and basic security features for on-premises Virtual Apps and Desktop solution building, and then migrating to Citrix Cloud. This course includes the exam voucher. TARGET AUDIENCE Experienced IT Professionals who want to be familiar with Citrix Virtual Apps and Desktops 7 in an on-premises environment and Citrix Cloud. Potential students include administrators or engineers responsible for the end user workspace and overall health and performance of the solution. COURSE OBJECTIVES After completing this course you should be able to: Install, configure, and manage a Citrix Virtual Apps and Desktops 7 site and Cloud connectors Identify the considerations between Citrix Virtual Apps and Desktops on-premises and the Citrix Virtual Apps and Desktops Service Deliver app and desktop resources COURSE CONTENT Architecture Overview Introduction to Citrix Virtual Apps and Desktops Architecture Overview Features Hosting Platform Considerations Citrix Virtual Apps and Desktops Service Connection Flow Process Introduction Deploy the Site Pre-Deployment Considerations Citrix Licensing Setup Delivery Controller Setup Site Setup And Management Redundancy Considerations The Apps and Desktops Images Consider Master Image Creation Methods Master Image Requirements Provision and Deliver App and Desktop Resources Machine Catalogs and Delivery Groups Provisioning Methods and Considerations Machine Creation Services (MCS) Deep Dive MCS Environment Considerations Resource Locations Provide Access to App and Desktop Resources  Consider Workspace Experience versus StoreFront  Workspace Experience User Authentication  Workspace App  Communication Flow Manage the User Experience Methods to Manage the User Experience Common User Experience Settings Published App and Desktop Presentation and Management  Published App Properties Server OS Published App Optimizations Published App Presentation Application Groups Apps and Desktops Presentation Manage Printing for User Sessions Map Printers to the User Session Printer Drivers Print Environment Considerations Citrix Profile Management Introduction and Considerations Configure Citrix Profile Management Manage the Site Delegated Administration Use PowerShell with Citrix Virtual Apps and Desktops Power Management Considerations Citrix Virtual Apps and Desktops Basic Security Considerations Citrix Admin Security Considerations XML Service Security Considerations Secure HDX External Traffic Monitor the Site Citrix Director Introduction Monitor and Interact with User Sessions Published Apps Analysis Monitor the Machines Running the VDA Site Specific Common Monitoring Alerts and Notifications Optimize Citrix Director Monitoring with Citrix ADM Introduction to Supporting and Troubleshooting Citrix Virtual Apps and Desktops Introduction to Supporting a Citrix Virtual Apps and Desktops Site Tools Proactive Administration Common Tasks Migrate To Citrix Cloud Migration Considerations Citrix Cloud Connector Deployment Citrix Virtual Apps and Desktops with an On-Premises Resource Location The Migration Process Citrix Analytics Citrix Analytics Introduction Prepare to Use Citrix Analytics Types of Analytics TEST CERTIFICATION Recommended as preparation for the following exams: CCA-V Certification exam. [-]

CISSP Certification Boot Camp [-]

Kurs i cybersikkerhet med Carsten Maartmann-Moe. Du lærer om cyberkriminelle,  og de største risikoene for angrep. Cybersikkerhet eller IT-sikkerhet er i nyhetene nesten hver dag, men hva er fakta og hva er fiksjon? Kan du bli hacket når som helst? Er alle ute etter din virksomhet? Hva er de største risikoene, og hvordan kan man effektivt redusere dem? I dette kurset lærer du hvordan cyberkriminelle opererer, hva de største risikoene er, og hvordan nyanser og kompleksitet påvirker hvilke sikringstiltak som fungerer. Vi vil også lære hvordan den undergrunnsøkonomien i cyberverden fungerer, slik at du kan ta gode beslutninger for å beskytte din egen og din virksomhets informasjon.    Være i stand til å forklare hva cyberkriminalitet er, og hvorfor cybersikkerhet er viktig Være i stand til å forstå hvorfor cybersikkerhet er komplekst Være i stand til å analysere hvilke risikoer som du og din virksomhet står ovenfor Være i stand til å finne og beskytte din mest verdifulle informasjon Være i stand til å håndtere sikkerhetsbrudd på en betryggende måte Morgendagens trusler   Introduksjon til kurset Hvordan er det å bli hacket Hvem er hackerene? God cybersikkerhet – en forutsetning for vellykket digitalisering Hvordan ser cyberspace ut? Å jobbe strukturert med cybersikkerhet 4 myter om cybersikkerhet Personvern og cybersikkerhet Hva er risiko, og hvordan måler du den? Vurdere og redusere risiko – tips og triks Hvordan kommunisere med ledelsen om risiko? Digitalisering og tilpasning til din virksomhet Effektive sikkerhetstiltak for din virksomhet Effektive sikkerhetstiltak for deg som person Rammeverk og verktøy Fremtidige utfordringer Hjelp jeg har blitt hacket Hvem som kan hjelpe Oppsummering og videre læring [-]

Studieår: 2013-2014   Gjennomføring: Høst og vår Antall studiepoeng: 5.0 Forutsetninger: Ingen. Innleveringer: For å kunne gå opp til eksamen må 8 av 12 øvinger være godkjent. Personlig veileder: ja Vurderingsform: Skriftlig, individuell, 3 timer,  Ansvarlig: Olav Skundberg Eksamensdato: 16.12.13 / 26.05.14         Læremål: KUNNSKAPER:Kandidaten kan:- forklare hvordan en datamaskin utsettes for angrep gjennom skadelig programvare og hvordan man kan beskytte seg mot dette- beskrive ulike typer nettbaserte angrep og hvordan man kan beskytte seg mot dette- beskrive ulike krypteringsmekanismer og forklare hvordan digitale sertifikat brukes for å oppnå sikre tjenester.- referere til aktuelle lover og retningslinjer innen sikkerhet- gjøre greie for en organisasjonsmessig informasjonssikkerhetssikkerhetspolicy FERDIGHETER:Kandidaten kan:- kontrollere egen PC for skadelig programvare- kontrollere at installert programvare er oppdatert- utføre pakkefangst med Wireshark og tolke resultatet GENERELL KOMPETANSE:Kandidaten:- er bevisst på å holde programvare oppdatert og å bruke nettvett Innhold:Skadelig programvare: sikkerhetshull, informasjonskapsler, virus og antivirus Nettverk: Virtuelle private nett (VPN), brannmur, demilitarisert sone (DMZ), tjenestenektangrep Sikre tjenester: Krypteringsmetoder og sjekksum. Digitale sertifikater og Public Key Infrastructure (PKI) Samfunn og virksomhet: ekom-loven og personvernloven. Sikkerhetshåndbok og ISO27001Les mer om faget herDemo: Her er en introduksjonsvideo for faget Påmeldingsfrist: 25.08.13 / 25.01.14         Velg semester:  Høst 2013    Vår 2014     Fag Internett og sikkerhet 4980,-         Semesteravgift og eksamenskostnader kommer i tillegg.  [-]

COURSE OVERVIEW A CCSP applies information security expertise to a cloud computing environment and demonstrates competence in cloud security architecture, design, operations, and service orchestration. This professional competence is measured against a globally recognized body of knowledge. The CCSP is a standalone credential that complements and builds upon existing credentials and educational programs, including (ISC)²’s Certified Information Systems Security Professional (CISSP) and CSA’s Certificate of Cloud Security Knowledge (CCSK). As an (ISC)2 Official Training Provider, we use courseware developed by (ISC)² –creator of the CCSP CBK –to ensure your training is relevant and up-to-date. Our instructors are verified security experts who hold the CCSP and have completed intensive training to teach (ISC)² content. Please Note: An exam voucher is included with this course   TARGET AUDIENCE Experienced cybersecurity and IT/ICT professionals who are involved in transitioning to and maintaining cloud-basedsolutions and services. Roles include:• Cloud Architect• Chief Information Security Officer (CISO)• Chief Information Officer (CIO)• Chief Technology Officer (CTO)• Engineer/Developer/Manager• DevOps• Enterprise Architect• IT Contract Negotiator• IT Risk and Compliance Manager• Security Administrator• Security Analyst• Security Architect• Security Consultant• Security Engineer• Security Manager• Systems Architect• Systems Engineer• SecOps   COURSE OBJECTIVES After completing this course you should be able to:   Describe the physical and virtual components of and identify the principle technologies of cloud based systems Define the roles and responsibilities of customers, providers, partners, brokers and the various technical professionals that support cloud computing environments Identify and explain the five characteristics required to satisfy the NIST definition of cloud computing Differentiate between various as a Service delivery models and frameworks that are incorporated into the cloud computing reference architecture Discuss strategies for safeguarding data, classifying data, ensuring privacy, assuring compliance with regulatory agencies and working with authorities during legal investigations Contrast between forensic analysis in corporate data center and cloud computing environments Evaluate and implement the security controls necessary to ensure confidentiality, integrity and availability in cloud computing Identify and explain the six phases of the data lifecycle Explain strategies for protecting data at rest and data in motion Describe the role of encryption in protecting data and specific strategies for key management Compare a variety of cloud-based business continuity / disaster recovery strategies and select an appropriate solution to specific business requirements Contrast security aspects of Software Development Lifecycle (SDLC) in standard data center and cloud computing environments Describe how federated identity and access management solutions mitigate risks in cloud computing systems Conduct gap analysis between baseline and industry-standard best practices Develop Service Level Agreements (SLAs) for cloud computing environments Conduct risk assessments of existing and proposed cloud-based environments State the professional and ethical standards of (ISC)² and the Certified Cloud Security Professional COURSE CONTENT   Domain 1. Cloud Concepts, Architecture and Design Domain 2. Cloud Data Security Domain 3. Cloud Platform & Infrastructure Security Domain 4. Cloud Application Security Domain 5. Cloud Security Operations Domain 6. Legal, Risk and Compliance TEST CERTIFICATION Recommended as preparation for the following exam: (ISC)² - Certified Cloud Security Professional  Gaining this accreditation is not just about passing the exam, there are a number of other criterias that need to be met including 5  years of cumulative, paid work experience in  information technology, of which 3 years must be in information security and 1 year in 1 or more of the 6 domains of the CCSP CBK. Earning CSA’s CCSK certificate can be substituted for 1 year of experience in 1 or more of the 6 domains of the CCSP CBK. Earning (ISC)²’s CISSP credential can be substituted for the entire CCSP experience requirement. Full details can be found at https://www.isc2.org/Certifications/CCSP Those without the required experience can take the exam to become an Associate of (ISC)²  . The Associate of (ISC)² will then have 6 years to earn the 5 years required experience.   [-]

ISO/IEC 27701 Lead Implementer [-]

Kubernetes Security Fundamentals (LFS460) [-]

ISO/IEC 27001 Introduction [-]

. Students will also learn how to design and architect solutions using zero trust principles and specify security requirements for cloud infrastructure in different service models (SaaS, PaaS, IaaS). TARGET AUDIENCE IT professionals with advanced experience and knowledge in a wide range of security engineering areas, including identity and access, platform protection, security operations, securing data, and securing applications. They should also have experience with hybrid and cloud implementations. COURSE OBJECTIVES Design a Zero Trust strategy and architecture Evaluate Governance Risk Compliance (GRC) technical strategies and security operations strategies Design security for infrastructure Design a strategy for data and applications COURSE CONTENT Module 1: Build an overall security strategy and architecture Learn how to build an overall security strategy and architecture. Lessons M1 Introduction Zero Trust overview Develop Integration points in an architecture Develop security requirements based on business goals Translate security requirements into technical capabilities Design security for a resiliency strategy Design a security strategy for hybrid and multi-tenant environments Design technical and governance strategies for traffic filtering and segmentation Understand security for protocols Exercise: Build an overall security strategy and architecture Knowledge check Summary After completing module 1, students will be able to: Develop Integration points in an architecture Develop security requirements based on business goals Translate security requirements into technical capabilities Design security for a resiliency strategy Design security strategy for hybrid and multi-tenant environments Design technical and governance strategies for traffic filtering and segmentation Module 2: Design a security operations strategy Learn how to design a security operations strategy. Lessons M2 Introduction Understand security operations frameworks, processes, and procedures Design a logging and auditing security strategy Develop security operations for hybrid and multi-cloud environments Design a strategy for Security Information and Event Management (SIEM) and Security Orchestration, Evaluate security workflows Review security strategies for incident management Evaluate security operations strategy for sharing technical threat intelligence Monitor sources for insights on threats and mitigations After completing module 2, students will be able to: Design a logging and auditing security strategy Develop security operations for hybrid and multi-cloud environments. Design a strategy for Security Information and Event Management (SIEM) and Security Orchestration, A Evaluate security workflows. Review security strategies for incident management. Evaluate security operations for technical threat intelligence. Monitor sources for insights on threats and mitigations. Module 3: Design an identity security strategy Learn how to design an identity security strategy. Lessons M3 Introduction Secure access to cloud resources Recommend an identity store for security Recommend secure authentication and security authorization strategies Secure conditional access Design a strategy for role assignment and delegation Define Identity governance for access reviews and entitlement management Design a security strategy for privileged role access to infrastructure Design a security strategy for privileged activities Understand security for protocols After completing module 3, students will be able to: Recommend an identity store for security. Recommend secure authentication and security authorization strategies. Secure conditional access. Design a strategy for role assignment and delegation. Define Identity governance for access reviews and entitlement management. Design a security strategy for privileged role access to infrastructure. Design a security strategy for privileged access. Module 4: Evaluate a regulatory compliance strategy Learn how to evaluate a regulatory compliance strategy. Lessons M4 Introduction Interpret compliance requirements and their technical capabilities Evaluate infrastructure compliance by using Microsoft Defender for Cloud Interpret compliance scores and recommend actions to resolve issues or improve security Design and validate implementation of Azure Policy Design for data residency Requirements Translate privacy requirements into requirements for security solutions After completing module 4, students will be able to: Interpret compliance requirements and their technical capabilities Evaluate infrastructure compliance by using Microsoft Defender for Cloud Interpret compliance scores and recommend actions to resolve issues or improve security Design and validate implementation of Azure Policy Design for data residency requirements Translate privacy requirements into requirements for security solutions Module 5: Evaluate security posture and recommend technical strategies to manage risk Learn how to evaluate security posture and recommend technical strategies to manage risk. Lessons M5 Introduction Evaluate security postures by using benchmarks Evaluate security postures by using Microsoft Defender for Cloud Evaluate security postures by using Secure Scores Evaluate security hygiene of Cloud Workloads Design security for an Azure Landing Zone Interpret technical threat intelligence and recommend risk mitigations Recommend security capabilities or controls to mitigate identified risks After completing module 5, students will be able to: Evaluate security postures by using benchmarks Evaluate security postures by using Microsoft Defender for Cloud Evaluate security postures by using Secure Scores Evaluate security hygiene of Cloud Workloads Design security for an Azure Landing Zone Interpret technical threat intelligence and recommend risk mitigations Recommend security capabilities or controls to mitigate identified risks Module 6: Understand architecture best practices and how they are changing with the Cloud Learn about architecture best practices and how they are changing with the Cloud. Lessons M6 Introduction Plan and implement a security strategy across teams Establish a strategy and process for proactive and continuous evolution of a security strategy Understand network protocols and best practices for network segmentation and traffic filtering After completing module 6, students will be able to: Describe best practices for network segmentation and traffic filtering. Plan and implement a security strategy across teams. Establish a strategy and process for proactive and continuous evaluation of security strategy. Module 7: Design a strategy for securing server and client endpoints Learn how to design a strategy for securing server and client endpoints. Lessons M7 Introduction Specify security baselines for server and client endpoints Specify security requirements for servers Specify security requirements for mobile devices and clients Specify requirements for securing Active Directory Domain Services Design a strategy to manage secrets, keys, and certificates Design a strategy for secure remote access Understand security operations frameworks, processes, and procedures Understand deep forensics procedures by resource type After completing module 7, students will be able to: Specify security baselines for server and client endpoints Specify security requirements for servers Specify security requirements for mobile devices and clients Specify requirements for securing Active Directory Domain Services Design a strategy to manage secrets, keys, and certificates Design a strategy for secure remote access Understand security operations frameworks, processes, and procedures Understand deep forensics procedures by resource type Module 8: Design a strategy for securing PaaS, IaaS, and SaaS services Learn how to design a strategy for securing PaaS, IaaS, and SaaS services. Lessons M8 Introduction Specify security baselines for PaaS services Specify security baselines for IaaS services Specify security baselines for SaaS services Specify security requirements for IoT workloads Specify security requirements for data workloads Specify security requirements for web workloads Specify security requirements for storage workloads Specify security requirements for containers Specify security requirements for container orchestration After completing module 8, students will be able to: Specify security baselines for PaaS, SaaS and IaaS services Specify security requirements for IoT, data, storage, and web workloads Specify security requirements for containers and container orchestration Module 9: Specify security requirements for applications Learn how to specify security requirements for applications. Lessons M9 Introduction Understand application threat modeling Specify priorities for mitigating threats to applications Specify a security standard for onboarding a new application Specify a security strategy for applications and APIs After completing module 9, students will be able to: Specify priorities for mitigating threats to applications Specify a security standard for onboarding a new application Specify a security strategy for applications and APIs Module 10: Design a strategy for securing data Learn how to design a strategy for securing data. Lessons M10 Introduction Prioritize mitigating threats to data Design a strategy to identify and protect sensitive data Specify an encryption standard for data at rest and in motion After completing module 10, students will be able to: Prioritize mitigating threats to data Design a strategy to identify and protect sensitive data Specify an encryption standard for data at rest and in motion [-]

  Studieår: 2013-2014   Gjennomføring: Høst og vår Antall studiepoeng: 5.0 Forutsetninger: Faget «Datakommunikasjon» eller tilsvarende grunnleggende fag. (TCP/IP forutsettes kjent). Faget «Nettverksteknologi» Innleveringer: Øvinger: 8 av 12 må være godkjent. Øvingene må dekke en bred del av pensum. Vurderingsform: Skriftlig, individuell, 3 timer, Ansvarlig: Helge Hafting Eksamensdato: 04.12.13 / 07.05.14         Læremål: KUNNSKAPER:Kandidaten:- kan forklare en del protokollbaserte farer/angrep i kablede og trådløse nett- kan gjøre rede for mottiltak mot angrepene over- kan gjøre rede for andre farer og mottiltak, som fysiske sikringstiltak og «social engineering»- kan gjøre rede for og planlegge bruk av vanlige sikringstiltak som IDS, IPS, VPN og proxyer FERDIGHETER:Kandidaten kan:- sette i drift et VPN- installere brannmur- Observere nettverkstrafikk med pakkesniffer GENERELL KOMPETANSE:Kandidaten:- kan granske sikkerheten i et nettverk, og velge passende tiltak.Innhold:Generell nettverkssikkerhet. Hvordan planlegge, organisere og sette sikkerhet i små og store nettverk. Brannmurer, VPN, IDS/IPS. Sikkerhet rundt epost, trådløse nett og rutere. En del vanlige angrep, og mottiltak.Les mer om faget her Påmeldingsfrist: 25.08.13 / 25.01.14         Velg semester:  Høst 2013    Vår 2014     Fag Nettverkssikkerhet 4980,-         Semesteravgift og eksamenskostnader kommer i tillegg.    [-]

  Studieår: 2013-2014   Gjennomføring: Høst og vår Antall studiepoeng: 5.0 Forutsetninger: Gode IKT-kunnskaper og god kjennskap til drift av Windows server og prosesser i Windows operativsystem. Innleveringer: For å kunne gå opp til eksamen må 8 øvingsoppgaver være godkjent. Nærmere opplysninger gis ved kursstart Personlig veileder: ja Vurderingsform: Netteksamen på egen PC - 5 timer. Hver student skal bruke virtuelle maskiner under eksamen. Ansvarlig: Stein Meisingseth Eksamensdato: 10.12.13 / 13.05.14         Læremål: KUNNSKAPER: Kandidaten:- har innsikt i hvordan et nettverk kan sikres og hvordan man kan unngå at lokale maskiner, servere eller større nettverk kan bli hacket- kjenner til løsninger for å sikre små og store nettverk FERDIGHETER:Kandidaten:- kan forstå hensikten med å legge stor vekt på sikkerhet- skal kunne oppdage og identifisere inntrengere- skal kunne forhindre eksterne angrep- skal kunne forstå faren med interne angrep- skal kunne lage rutiner for gode passordrutiner, autentiseringssystemer og viruskontroll- forstår hvordan sikkerhet fungerer i Windows 7 og Windows 2008 server- bruker Group Policy til å sette tilpasset sikkerhet- skal kunne bruke og å konfigurere de interne brannmurer i Windows GENERELL KOMPETANSE:Kandidaten har:- perspektiv og kompetanse i å velge riktige løsninger for å oppnå maksimal og tilpasset sikkerhet- kompetanse i generelt sikkerhetsarbeid Innhold:Hva menes med sikkerhet, hensikt med sikkerhet, tiltak som kan iverksettes for å oppnå tilsiktet sikkerhet, identifisering av inntrengere, passordsikkerhet, autentiseringssystemer, viruskontroll, sikkerhet i Windows og 2008 servere, bruk av brannmuren til Windows server 2008, sette sikkerhet i Group Policy, brannvegger generelt, forhindre virus og inntrenging, tiltak for å forhindre angrep utenfra, digitale signaturer.Les mer om faget her Påmeldingsfrist: 25.08.13 / 25.01.14         Velg semester:  Høst 2013    Vår 2014     Fag Datasikkerhet 4980,-         Semesteravgift og eksamenskostnader kommer i tillegg.    [-]

ISO/IEC 27701 Foundation [-]