IT-kurs
Sikkerhetskurs for IT
Rogaland
Du har valgt: Sola
Nullstill
Filter
Ferdig

-

2 dager 12 500 kr
01 Mar
Obtain all the competences and knowledge necessary to lead all the processes for implementing and complying with the requirements of the General Data Protection Regulatio... [+]
Course description GDPR Foundation training enables you to learn the basic elements to implement, manage and align a privacy framework with and based on the General Data Protection Regulation. During this training course, you will be able to understand the fundamental privacy principles and become familiar with the role of the Data Protection Officer. After completing this course, you can sit for the exam and apply for a “PECB GDPR Foundation” credential. A PECB Foundation Certificate shows that you have understood the fundamental methodologies, requirements, framework and management approach.  Course Objectives Understand the General Data Protection Regulation requirements and the fundamental principles of privacy. Understand the obligations, roles and responsibilities of the Data Protection Officer Understand the concepts, approaches, methods and techniques to effectively align a privacy framework with the General Data Protection Regulation   Course Content Day 1: Introduction to the General Data Protection Regulation Course objectives and structure General data protection regulation Data protection principles, challenges and issues Rights of the data subject Data controllers, processors and the data protection officer Data protection authorities Day 2: Preparing for GDPR and Certification Exam Data mapping plan Risk assessment under GDPR Data protection impact assessment Privacy impact assessment (PIA) Personal data transfers to third parties Remedies, liabilities and penalties Certification process and closing the training [-]
Les mer
Nettkurs 8 timer 1 175 kr
På forespørsel
Kurset tar for seg de mest sentrale problemstillingene knyttet til sikkerhet rundt bruken av datautstyr som datamaskiner, smarttelefoner og nettbrett.    Kurs... [+]
Kurset tar for seg de mest sentrale problemstillingene knyttet til sikkerhet rundt bruken av datautstyr som datamaskiner, smarttelefoner og nettbrett.    Kurset vil gi brukeren kunnskap om ulike «feller» man kan gå i samt nyttige og praktiske tips og veiledninger til hvordan man unngår at data kommer på avveie eller ødelegges permanent.   Kurset inneholder 50 opplæringsvideoer. Mens andre  kurs fokuserer på å bruke IT-verktøy effektivt, vil dette kurset gi deg innsikt i å bruke IT trygt og sikkert.   Kurset passer for databrukere i alle typer bedrifter og organisasjoner.   Innhold i kurset • Datamaskinen • Passord • Ute av kontoret • Minnepinner • Sikkerhetskopi • E-post • Internett • Ettertest Krav til forkunnskaper Grunnleggende datakunnskaper Kursbevis Etter endt opplæring vil man kunne ta en ettertest for å måle sin nye kunnskap. Ved bestått test så vil man få tilgang til et kursbevis   Nettbasert  Timetall: 6  Kursstart Info: Når som helst - Hele året !  Klokkeslett: 00:00 - 24:00  Påmeldingsfrist:  Pris: kr 1.175,- inkl. mva.  Nettbasert - Web     Kontaktperson: Frode Ingebrigtsen    Status: Åpent for påmelding Gå til påmelding [-]
Les mer
Nettstudier 2 semester 4 980 kr
På forespørsel
Hva menes med sikkerhet, hensikt med sikkerhet, tiltak som kan iverksettes for å oppnå tilsiktet sikkerhet, identifisering av inntrengere, passordsikkerhet, autentisering... [+]
  Studieår: 2013-2014   Gjennomføring: Høst og vår Antall studiepoeng: 5.0 Forutsetninger: Gode IKT-kunnskaper og god kjennskap til drift av Windows server og prosesser i Windows operativsystem. Innleveringer: For å kunne gå opp til eksamen må 8 øvingsoppgaver være godkjent. Nærmere opplysninger gis ved kursstart Personlig veileder: ja Vurderingsform: Netteksamen på egen PC - 5 timer. Hver student skal bruke virtuelle maskiner under eksamen. Ansvarlig: Stein Meisingseth Eksamensdato: 10.12.13 / 13.05.14         Læremål: KUNNSKAPER: Kandidaten:- har innsikt i hvordan et nettverk kan sikres og hvordan man kan unngå at lokale maskiner, servere eller større nettverk kan bli hacket- kjenner til løsninger for å sikre små og store nettverk FERDIGHETER:Kandidaten:- kan forstå hensikten med å legge stor vekt på sikkerhet- skal kunne oppdage og identifisere inntrengere- skal kunne forhindre eksterne angrep- skal kunne forstå faren med interne angrep- skal kunne lage rutiner for gode passordrutiner, autentiseringssystemer og viruskontroll- forstår hvordan sikkerhet fungerer i Windows 7 og Windows 2008 server- bruker Group Policy til å sette tilpasset sikkerhet- skal kunne bruke og å konfigurere de interne brannmurer i Windows GENERELL KOMPETANSE:Kandidaten har:- perspektiv og kompetanse i å velge riktige løsninger for å oppnå maksimal og tilpasset sikkerhet- kompetanse i generelt sikkerhetsarbeid Innhold:Hva menes med sikkerhet, hensikt med sikkerhet, tiltak som kan iverksettes for å oppnå tilsiktet sikkerhet, identifisering av inntrengere, passordsikkerhet, autentiseringssystemer, viruskontroll, sikkerhet i Windows og 2008 servere, bruk av brannmuren til Windows server 2008, sette sikkerhet i Group Policy, brannvegger generelt, forhindre virus og inntrenging, tiltak for å forhindre angrep utenfra, digitale signaturer.Les mer om faget her Påmeldingsfrist: 25.08.13 / 25.01.14         Velg semester:  Høst 2013    Vår 2014     Fag Datasikkerhet 4980,-         Semesteravgift og eksamenskostnader kommer i tillegg.    [-]
Les mer
5 dager 30 000 kr
15 Feb
12 Apr
The new ECSAv10 program offers a seamless learning progress, continuing where the CEH program left off. [+]
Unlike most other pen testing programs that only follow a generic kill chain methodology; the ECSA presents a set of distinguishable comprehensive methodologies that are able to cover different pentesting requirements across different verticals. The ECSA penetration testing course provides you with a real world hands-on penetration testing experience and is a globally accepted hacking and penetration testing class available that covers the testing of modern infrastructures, operating systems and application environments while teaching the students how to document and write a penetration testing report.The ECSA pentest program takes the tools and techniques you learned in the Certified Ethical Hacker course (CEH) and elevates your ability into full exploitation by teaching you how to apply the skills learned in the CEH by utilizing EC-Council’s published penetration testing methodology. It focuses on pentesting methodology with an emphasis on hands-on learning.   Course outline: Security Analysis and Penetration Testing Methodologies TCP IP Packet Analysis Pre-penetration Testing Steps Information Gathering Methodology Vulnerability Analysis External Network Penetration Testing Methodology Internal Network Penetration Testing Methodology Firewall Penetration Testing Methodology IDS Penetration Testing Methodology Web Application Penetration Testing Methodology SQL Penetration Testing Methodology Database Penetration Testing Methodology Wireless Network Penetration Testing Methodology Mobile Devices Penetration Testing Methodology Cloud Penetration Testing Methodology Report Writing and Post Test Actions [-]
Les mer
5 dager 30 000 kr
22 Mar
14 Jun
This course is just a great workshop that teaches how to implement securing technologies one at a time. [+]
This course is just a great workshop that teaches how to implement securing technologies one at a time. The course covers all aspects of Windows infrastructure security that everybody talks about and during the course you will learn how to implement them! Our goal is to teach you how to design and implement secure infrastructures based on the reasonable balance between security and comfort with great knowledge of attacker’s possibilities. This is a deep dive course on infrastructure services security, a must-go for enterprise administrators, security officers and architects. It is delivered by one of the best people in the market in the security field – with practical knowledge from tons of successful projects, many years of real-world experience, great teaching skills and no mercy for misconfigurations or insecure solutions. In this workshop you will investigate the critical tasks for a high-quality penetration test. We will look at the most efficient ways to map a network and discover target systems and services. Once it has been done, we will search for vulnerabilities and reduce false positives with manual vulnerability verification. At the end we will look at exploitation techniques, including the use of authored and commercial tools. In the attack summary we will always go through the securing techniques.   Exploits are not the only way to get to systems! We will go through the operating systems’ build in problems and explore how they can be beneficial for hackers! One of the most important things to conduct a successful attack is to understand how the targets work. To the bones! Afterwards everything is clear and the tool is just a matter of our need. The course covers all aspects of Windows infrastructure security from the hacker’s mind perspective! Our goal is to show and teach you what kind of mechanisms are allowing to get inside the infrastructure and how to get into operating systems. After the course you will gain penetration tester’s knowledge and tools. To get more practice we offer three extra weeks of labs online! All exercises are based on Windows Server 2016 and 2019, Windows 10 and Kali Linux. This course is based on practical knowledge from tons of successful projects, many years of real-world experience and no mercy for misconfigurations or insecure solutions!   Course content: Module 1: Hacking Windows Platform a) Detecting unnecessary servicesb) Misusing service accountsc) Implementing rights, permissions and privileges  Module 2: Top 50 tools: the attacker's best friends a) Practical walkthrough through toolsb) Using tools against scenariosc) Tools for Red Team / Pentestersd) Tools for Blue Team Module 3: Modern Malware a) Techniques used by modern malwareb) Advanced Persistent Threatsc) Fooling common protection mechanisms Module 4: Physical Access a) Misusing USB and other portsb) Offline Access techniquesc) BitLocker unlocking Module 5: Intercepting Communication a) Communicating through firewallsb) Misusing Remote Accessc) DNS based attacks Module 6: Hacking Web Server a) Detecting unsafe serversb) Hacking HTTPSc) Distributed Denial of Service attacks Module 7: Data in-Security a) Using incorrect file servers’ configurationb) Basic SQL Server attacksc) Detecting and attacking common network servers Module 8: Identity attacks a) Pass-the-Hash attacksb) Stealing the LSA Secretsc) Modern identity attacks techniques Module 9: Hacking automation a) Misusing administrative scriptsb) Script based scanningc) PowerShell for pen-testers Module 10: Designing Secure Windows Infrastructure a) Modern attacks and prevention techniquesb) Malware execution preventionc) Enterprise scale security challenges Module 11: Securing Windows Platform a) Defining and disabling unnecessary servicesb) Implementing secure service accountsc) Implementing rights, permissions and privilegesd) Code signing Module 12: Malware Protection a) Malware investigation techniquesb) Analyzing cases of real malwarec) Implementing protection mechanisms Module 13: Managing Physical Security a) Mitigating Offline Accessb) Implementing and managing BitLocker Module 14: Public Key Infrastructure Security a) Role and capabilities of the PKI in the infrastructureb) Designing PKI architecture overviewc) PKI security – Best practices Module 15: Securing Network Communication a) Deploying and managing Windows Firewall – advanced and useful featuresb) Deploying and configuring IPsecc) Deploying DNS and DNSSEC Module 16: Securing Web Server a) Configuring IIS features for securityb) Working with SSL Certificate Supportc) Monitoring Web Server resources and performanced) Deploying Distributed Denial of Service attack preventione) Deploying Network Load Balancing and Web FarmsModule Module 17: Mitigating the identity attacks a) Pass-the-Hash attack preventionb) LSA protection c) Credential Guard [-]
Les mer
Nettstudier 2 semester 4 980 kr
På forespørsel
Trusselbildet, styringssystemer, rammer for sikkerhetsarbeidet, sikkerhetsstandardene ISO27001 og 27002, gap-analyse, risikoanalyse, sikkerhetspolicy, ulike sikringstilta... [+]
Studieår: 2013-2014   Gjennomføring: Høst og vår Antall studiepoeng: 5.0 Forutsetninger: IFUD1012 Internett og sikkerhet Innleveringer: Øvinger: 3 av 5 må være godkjent. Vurderingsform: Skriftlig eksamen, 3 timer (60 %). Det gjennomføres 3 obligatoriske større øvingsarbeider gruppevis underveis i kurset. Disse får en midlertidig vurdering/tilbakemelding og kan deretter leveres på nytt til en samlet sluttvurdering som teller 40 % på karakteren. Ansvarlig: Ole Christian Eidheim Eksamensdato: 12.12.13 / 26.05.14         Læremål: Etter å ha gjennomført emnet Informasjonssikkerhetsstyring skal studenten ha følgende samlede læringsutbytter: KUNNSKAPER:Kandidaten:- kan gjøre rede for hva informasjonssikkerhet betyr for en bedrifts økonomi og omdømme- kan gjøre rede for hva standardene ISO 27001 og ISO 27002 inneholder og hvordan de benyttes i sikkerhetsarbeidet- kjenner til prinsippene i Demmings sirkel og kunne redegjøre for betydningen av disse for det kontinuerlige sikkerhetsarbeidet- kjenner til en trinnvis plan for innføring av et styringssystem for informasjonssikkerhet (ISMS) og kunne redegjøre for de kritiske suksessfaktorene i hver av fasene- kan redegjøre for forutsetninger og tiltak for å skape en sikkerhetskultur i en bedrift- kan redegjøre for den trinnvise prosessen frem mot sertifisering av et ISMS eller produkt- kan redegjøre for rollen til målinger og evalueringer i sikkerhetsarbeidet FERDIGHETER:Kandidaten kan:- kartlegge trusselbildet for en konkret bedrift- gjennomføre en risikoanalyse for en bedrift på en strukturert og systematisk måte- innføre tiltak for å redusere risikoverdien for kartlagte trusler som har for høy risikoverdi- velge og utarbeide relevante sikkerhetspolicyer for en konkret bedrift- utarbeide forslag til en organisasjonsstruktur for sikkerhetsarbeidet i en konkret bedrift- analysere behovet for sertifisering av ISMS for en konkret bedrift og gi anbefalinger om veien dit GENERELL KOMPETANSE:Kandidaten kan:- kommunisere med og forstå brukernes behov- involvere de ansatte i endringsprosesser i bedriften og vite hvilke ressurser/kompetanse disse kan bidra med- involvere eksterne konsulenter i endringsprosesser i bedriften og vite hvilke ressurser/kompetanse disse kan bidra med Innhold:Trusselbildet, styringssystemer, rammer for sikkerhetsarbeidet, sikkerhetsstandardene ISO27001 og 27002, gap-analyse, risikoanalyse, sikkerhetspolicy, ulike sikringstiltak, sikkerhetskultur, sikkerhet i informasjonssystemer, veien til sertifisering, måling og evaluering, kontinuerlig forbedringLes mer om faget her Påmeldingsfrist: 25.08.13 / 25.01.14         Velg semester:  Høst 2013    Vår 2014     Fag Informasjonssikkerhetsstyring 4980,-         Semesteravgift og eksamenskostnader kommer i tillegg.    [-]
Les mer
Nettkurs 5 900 kr
Kurset gir en viktig og grunnleggende innføring i de mest sentrale juridiske og praktiske forhold styremedlemmer i aksjeselskaper bør kjenne til - herunder GDPR. [+]
Bli autorisert styremedlem Trenger du eller ditt styre å øke sin kompetanse og profesjonalitet innen styrearbeid? Gjennom Styreskolen tilbyr Foreningen for bedre styrearbeid et nettbasert autorisasjonskurs i styrearbeid. Kurset gir en grunnleggende innføring i de mest sentrale juridiske og praktiske forhold daglig leder og styremedlemmer i et aksjeselskap bør kjenne til. Du vil gjennom kurset få en kompetansetilførsel som gjør at du kan utøve ditt verv mer korrekt og profesjonelt.  Kurset passer blant annet for de som ønsker å: Styrke sin kompetanse innen styrearbeid Oppdatere seg på styrerelaterte endringene i aksjeloven og GDPR Kontrollere at de kan det mest elementære innen styrearbeid Dokumentere sin basiskompetanse i styrearbeid gjennom et autorisasjonsbevis Kurset Kurset er 100 prosent nettbasert (tilpasset både mobil, nettbrett og/eller PC) og består av følgende 20 seksjoner: Selskapsformer Generalforsamling Forvaltning- og tilsynsansvar Inhabilitet Sammensetning av styret Ansatterepresentanter Styrets leder Styreinstruks Daglig leder og styret Taushetsplikt Innkalling til styremøte Styrehonorar Behandling av styresaker GDPR for styret Styreprotokoll Styrets årsplan Erstatningsansvar Styreevaluering Årsregnskap Før du takker ja til nytt styreverv Eksamen Kurset avsluttes med en nettbasert eksamen som består av 40 flervalgsoppgaver. Du kan ta eksamen flere ganger. Autorisasjonsbevis Ved bestått eksamen vil du automatisk motta autoriseringsbevis fra Foreningen for bedre styrearbeid. Flere kursdeltakere Ta styrearbeidet på alvor og la hele styret og daglig leder ta kurs i styrearbeid på selskapets regning. Pris for hele styret + daglig leder er kr 15.000 + mva. Dersom flere personer i samme organisasjon tar autoriseringskurset kan daglig leder eller styrets leder be om å få sendt faktura og innloggingskoder til selskapet ved å kontakte på post@styreskolen.org.   Om Styreskolen Styreskolen er utviklet av Foreningen for bedre styrearbeid og Orgbrain - som er spesialist innen utvikling av digitale løsninger innen styrearbeid. Selskapets arbeid støttes av Innovasjon Norge og Norges Forskningsråd. «Styreskolen er blant annet basert på praktiske problemstillinger jeg har opplevd som både daglig leder, styremedlem og styreleder i en rekke selskaper gjennom 20 år. Dersom du lærer deg pensumet i Styreskolen har du et godt grunnlag for å kunne håndtere mange av de utfordringer du vil møte som både styreleder og styremedlem.» - Dag Asheim, Styreleder i Foreningen for bedre styrearbeid Varighet Kurset vil være tilgjengelig i 12 måneder fra betalingstidspunkt. Det må påregnes at det tar rundt 20 timer å gjennomføre kurset og eksamen. Starter du kurset i dag kan du være autorisert styremedlem innen neste uke.    Besøk oss på www.styreskolen.org   [-]
Les mer
Oslo 5 dager 25 000 kr
15 Feb
15 Feb
19 Apr
Now completely updated for 2020 with the latest material. (ISC)2 Certified Information Systems Security Professional (CISSP) is an independent information security certif... [+]
Now completely updated for 2020 with the latest material. (ISC)2 Certified Information Systems Security Professional (CISSP) is an independent information security certification governed by the not-for-profit International Information Systems Security Certification. The certification itself is seen as the world’s premier certification for information security professionals. The CISSP Bootcamp includes in-depth & intense coverage of all ten domains plus tips and advice to prepare yourself for the new 2020 (ISC)2 exam. CISSP certification is not only an objective measure of excellence, but a globally recognized standard of achievement.   Course format Lecture based, Self-Study & Classroom Discussions.   Courseware All students receive a copy of: The Official (ISC)2 Guide to the CISSP CBK V5 CISSP Exam Self-Practice Review Questions.  Also provided are practice test and tip sheets. All designed to fine tune your skills in preparation to take the exam.  * Exam & exam fees not included.   Learning objectives  Understand and apply the concepts of risk assessment, risk analysis, data classification, and security awareness and Implement risk management and the principles used to support it (Risk avoidance, Risk acceptance, Risk mitigation, Risk transference) Apply a comprehensive and rigorous method for describing a current and/or future structure and behavior for an organization's security processes, information security systems, personnel, and organizational sub-units so that these practices and processes align with the organization's core goals and strategic direction and address the frameworks and policies, concepts, principles, structures, and standards used to establish criteria for the protection of information assets, as well as to assess the effectiveness of that protection and establish the foundation of a comprehensive and proactive security program to ensure the protection of an organization’s information assets. Apply a comprehensive and rigorous method for describing a current and/or future structure and behavior for an organization's security processes, information security systems, personnel, and organizational sub-units so that these practices and processes align with the organization's core goals and strategic direction and examine the principles, means, and methods of applying mathematical algorithms and data transformations to information to ensure its integrity, confidentiality, and authenticity. Understand the structures, transmission methods, transport formats, and security measures used to provide confidentiality, integrity, and availability for transmissions over private and public communications networks and media, and identify risks that can be quantitatively and qualitatively measured to support the building of business cases to drive proactive security in the enterprise. Offer greater visibility into determining who or what may have altered data or system information, potentially affecting the integrity of those assets and match an entity, such as a person or a computer system, with the actions that entity takes against valuable assets, allowing organizations to have a better understanding of the state of their security posture. Plan for technology development, including risk, and evaluate the system design against mission requirements, and identify where competitive prototyping and other evaluation techniques fit in the process. Protect and control information processing assets in centralized and distributed environments and execute the daily tasks required to keep security services operating reliably and efficiently. Understand the Software Development Life Cycle (SDLC) and how to apply security to it, and identify which security control(s) are appropriate for the development environment, and assess the effectiveness of software security. Course overview The CISSP draws from a comprehensive, up-to-date, global common body of knowledge that ensures security leaders have a deep knowledge and understanding of new threats, technologies, regulations, standards, and practices. The CISSP exam tests one's competence in the 8 domains of the CISSP CBK, which cover: Domain 1: Security and Risk Management (Security, Risk, Compliance, Law, Regulations, Business Continuity) Domain 2: Asset Security (Protecting Security of Assets) Domain 3: Security Engineering (Engineering and Management of Security) Domain 4: Communications and Network Security (Designing and Protecting Network Security) Domain 5: Identity and Access Management (Controlling Access and Managing Identity) Domain 6: Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing) Domain 7: Security Operations (Foundational Concepts, Investigations, Incident Management, Disaster Recovery) Domain 8: Software Development Security (Understanding, Applying, and Enforcing Software Security) Module 9: CISSP Test Review Module 10: EU 2019 GDPR Update Module 11: CISSP Exam Preparation & Review Questions [-]
Les mer
Oslo 5 dager 25 000 kr
01 Feb
26 Apr
26 Apr
Obtain all the competences and knowledge necessary to lead all the processes for implementing and complying with the requirements of the General Data Protection Regulatio... [+]
Obtain all the competences and knowledge necessary to lead all the processes for implementing and complying with the requirements of the General Data Protection Regulation (GDPR) in an organization   Course description: The Certified Data Protection Officer training course enables you to develop the necessary knowledge, skills and competence to effectively implement, manage and align a privacy framework based on the General Data Protection Regulation requirements. After mastering all the necessary concepts of General Data Protection Regulation (GDPR), you can sit for the exam and apply for a “PECB Certified Data Protection Officer” credential. By holding a PECB Certified Data Protection Officer Certificate, you will demonstrate that you thoroughly understand the gap between the General Data Protection Regulation and the current organizational processes including: privacy policies, procedures, working instructions, consent forms, data protection impact assessments, in order to associate organizations in the adoption process to the new regulation. Course objectives: Understand the history of personal data protection in Europe Gain a comprehensive understanding of the concepts, approaches, methods and techniques required for the effective alignment with the General Data Protection Regulation Understand the new requirements that the General Data Protection Regulation brings for EU organizations and non-EU organizations and when it is necessary to implement them Acquire the necessary expertise to support an organization in assessing the implementation of these new requirements Learn how to manage a team implementing the GDPR Gain the knowledge and skills required to advise organizations on best practices in the management of personal data Acquire the expertise for analysis and decision making in the context of personal data protection   Course Agenda Day 1: Introduction to the GDPR and initiation of the GDPR Compliance  Course objective and structure General Data Protection Regulation Fundamental Principles of the GDPR Initiating the GDPR Implementation Understanding the Organization and Clarifying the Data Protection Objectives Analysis of the Existing System Day 2: Plan the Implementation of the GDPR Leadership and approval of the GDPR Compliance Project Data Protection Policy Definition of the Organizational Structure of Data Protection Data Classification Risk Assessment under the GDPR Day 3: Deploying the GDPR  Privacy Impact Assessment (PIA) Design of Security Controls and Drafting of Specific Policies & Procedures Implementation of Controls Definition of the Document Management Process Communication Plan Training and Awareness Plan Day 4: Monitoring and continuous improvement of GDPR compliance  Operations Management Incident Management Monitoring, Measurement, Analysis and Evaluation Internal Audit Data breaches and corrective actions Continual Improvement Competence, Evaluation and Closing the Training Day 5: Certification Exam  Preparation for exam Exam Exam and all necessary course material are included in the course Education approach Lecture sessions are illustrated with examples based on real case scenarios Practical exercises include real case scenarios, examples and discussions Practice tests are similar to the Certification Exam [-]
Les mer
5 dager 25 000 kr
03 May
ISO/IEC 27001 Lead Auditor training enables you to develop the necessary expertise to perform an Information Security Management System (ISMS) audit by applying widely re... [+]
ISO/IEC 27001 Lead Auditor training enables you to develop the necessary expertise to perform an Information Security Management System (ISMS) audit by applying widely recognized audit principles, procedures and techniques. Course description During this training course, you will acquire the necessary knowledge and skills to plan and carry out internal and external audits in compliance with ISO 19011 and ISO/IEC 17021-1 certification process. Learning objectives Understand the operations of an Information Security Management System based on ISO/IEC 27001 Acknowledge the correlation between ISO/IEC 27001, ISO/IEC 27002 and other standards and regulatory frameworks Understand an auditor’s role to: plan, lead and follow-up on a management system audit in accordance with ISO 19011 Learn how to lead an audit and audit team Learn how to interpret the requirements of ISO/IEC 27001 in the context of an ISMS audit Acquire the competencies of an auditor to: plan an audit, lead an audit, draft reports, and follow-up on an audit in compliance with ISO 19011   Course outline Day 1: Introduction to Information Security Management Systems (ISMS) and ISO/IEC 27001 Course objectives and structure Standards and regulatory frameworks Certification process Fundamental principles of Information Security Management Systems Information Security Management Systems (ISMS) Day 2:  Audit principles, preparation and launching of an audit Fundamental audit concepts and principles Evidence based audit approach Initiating the audit Stage 1 audit Preparing the stage 2 audit (on-site audit) Stage 2 audit (Part 1) Day 3:  On-site audit activities Stage 2 audit (Part 2) Communication during the audit Audit procedures Creating audit test plans Drafting audit findings and non-conformity reports Day 4:  Closing the audit Documentation of the audit and the auditquality review Closing the audit Evaluating action plans by the auditor Benefits of the initial audit Managing an internal audit program Competence and evaluation of auditors Day 5:  Certification Exam Preparation for exam Exam   [-]
Les mer
Nettkurs 4 timer 13 200 kr
08 Feb
Instructor-Led Virtual - Live Online Training - 4 halve dager 15.00 - 18.30 [+]
This course is intended for people in the fields of public cloud security and cybersecurity, or for anyone who wants to learn how to secure remote networks and mobile users. Successful completion of this two-day, instructor-led course will help enhance your understanding of how to better protect your applications, remote networks, and mobile users using a SASE implementation. You will get detailed instruction on configuring, managing, and troubleshooting Prisma Access in a production environment.   Target Audience Security Engineers, Security Administrators, Security Operations Specialists, Security Analysts, and Network Engineers    Course Modules 1 - Prisma Access Overview 2 - Planning and Design 3 - Activate and Configure 4 - Security Processing Nodes 5 - Panorama Operations for Prisma Access 6 - Remote Networks 7 - Mobile Users 8 - Tune, Monitor, and Troubleshoot 9 - Manage Multiple Tenants 10 - Next Steps [-]
Les mer
Nettkurs 1 050 kr
Personvernregler i praksis ved opphør av arbeidsforhold [+]
Alle nåværende arbeidstakere såvel som tidligere ansatte har rettigheter som får betydning i forhold til i hvilken grad, hvordan og hvor lenge en arbeidsgiver kan behandle personlig informasjon. På dette times nettkurset setter vi fokus på regler og problemstillinger som oppstår når arbeidstaker skal slutte.  Personvernerklæring  Informasjon i personalmappen og andre steder Oppbevaringsplikt - hvilke opplysninger er arbeidsgiver pålagt å oppbevare etter utløpet av oppsigelsestiden og hvor lenge skal slike opplysninger oppbevares.  Kan vi oppbevare personopplysninger av historisk interesse? Sletting - hvilke opplysninger skal arbeidsgiver slette Innsyn i epost og filer etter arbeidsforholdet opphør Praktisk informasjon Dette er et nettbasert kurs. En beskrivelse av hvordan oppkobling skjer vil bli sendt i forkant av kurset. Webinaret forutsettes vist på egen PC på din arbeidsplass. Vi anbefaler deg å sitte avskjermet i eget rom, eller sammen med andre som tar samme kurset. Du må logge deg på webinaret lokalt (ikke via terminalserver/Citrix) og ha på lyd. [-]
Les mer
Oslo 3 dager 18 000 kr
22 Mar
22 Mar
31 May
ISO/IEC 27005 Risk Manager training enables you to develop the competence to master the risk management process related to all assets of relevance for Information Securit... [+]
ISO/IEC 27005 Risk Manager training enables you to develop the competence to master the risk management process related to all assets of relevance for Information Security using the ISO/IEC 27005 standard as a reference framework. During this training course, you will also gain a thorough understanding of best practices of risk assessment methods such as OCTAVE, EBIOS, MEHARI and harmonized TRA. This training course corresponds with the implementation process of the ISMS framework presented in the ISO/IEC 27001 standard. Course Objectives Acknowledge the correlation between Information Security risk management and security controls Understand the concepts, approaches, methods and techniques that enable an effective risk management process according to ISO/IEC 27005 Learn how to interpret the requirements of ISO/IEC 27001 in Information Security Risk Management Acquire the competence to effectively advise organizations in Information Security Risk Management best practices Content Day 1:  Introduction to Information Security controls as recommended by ISO/IEC 27002 Course objectives and structure Concepts and definitions of risk Standard and regulatory framework Implementing a risk management programme Understanding the organization and its context Day 2:  Implementation of a risk management process based on ISO/IEC 27005 Risk identification Risk analysis and risk evaluation Risk assessment with a quantitative method Risk treatment Risk acceptance and residual risk management Information Security Risk Communication and Consultation Risk monitoring and review Day 3:  Overview of other Information Security risk assessment methods and Certification Exam OCTAVE Method MEHARI Method EBIOS Method Harmonized Threat and Risk Assessment(TRA) Method Certification test [-]
Les mer
Nettstudier 2 semester 4 980 kr
På forespørsel
Skadelig programvare: sikkerhetshull, informasjonskapsler, virus og antivirus Nettverk: Virtuelle private nett (VPN), brannmur, demilitarisert sone (DMZ), tjenestenektang... [+]
Studieår: 2013-2014   Gjennomføring: Høst og vår Antall studiepoeng: 5.0 Forutsetninger: Ingen. Innleveringer: For å kunne gå opp til eksamen må 8 av 12 øvinger være godkjent. Personlig veileder: ja Vurderingsform: Skriftlig, individuell, 3 timer,  Ansvarlig: Olav Skundberg Eksamensdato: 16.12.13 / 26.05.14         Læremål: KUNNSKAPER:Kandidaten kan:- forklare hvordan en datamaskin utsettes for angrep gjennom skadelig programvare og hvordan man kan beskytte seg mot dette- beskrive ulike typer nettbaserte angrep og hvordan man kan beskytte seg mot dette- beskrive ulike krypteringsmekanismer og forklare hvordan digitale sertifikat brukes for å oppnå sikre tjenester.- referere til aktuelle lover og retningslinjer innen sikkerhet- gjøre greie for en organisasjonsmessig informasjonssikkerhetssikkerhetspolicy FERDIGHETER:Kandidaten kan:- kontrollere egen PC for skadelig programvare- kontrollere at installert programvare er oppdatert- utføre pakkefangst med Wireshark og tolke resultatet GENERELL KOMPETANSE:Kandidaten:- er bevisst på å holde programvare oppdatert og å bruke nettvett Innhold:Skadelig programvare: sikkerhetshull, informasjonskapsler, virus og antivirus Nettverk: Virtuelle private nett (VPN), brannmur, demilitarisert sone (DMZ), tjenestenektangrep Sikre tjenester: Krypteringsmetoder og sjekksum. Digitale sertifikater og Public Key Infrastructure (PKI) Samfunn og virksomhet: ekom-loven og personvernloven. Sikkerhetshåndbok og ISO27001Les mer om faget herDemo: Her er en introduksjonsvideo for faget Påmeldingsfrist: 25.08.13 / 25.01.14         Velg semester:  Høst 2013    Vår 2014     Fag Internett og sikkerhet 4980,-         Semesteravgift og eksamenskostnader kommer i tillegg.  [-]
Les mer
Nettkurs 5 dager 30 300 kr
01 Feb
Instructor-Led Virtual - Live Online Training 10x half-day sessions (10.00 - 13.30) 30.11 - 04.12 + 14.12 - 18.12 01.02 - 05.02 + 15.02 - 19.02 [+]
Gratis PCNSA-excam voucher Vi gir nå alle våre EDU-210 studenter gratis PCNSA-excam voucher etter fullendt kurs, som vil gi  deg mulighet for å bli sertifisert etter endt kurs.   The training will help you to: Configure and manage the essential features of Palo Alto Networks nextgeneration firewalls Configure and manage GlobalProtect to protect systems that are located outside of the data-center perimeter Configure and manage firewall high availability Monitor network traffic using the interactive web interface and firewall reports   Les mer om kurset her   Kurset tilbys også som bedriftsinternt kurs, og arrangeres hos dere eller i våre lokaler, alt etter hva som passer best. Ta kontakt med oss og vi kan finne en god løsning sammen.   [-]
Les mer

Lukk Denne siden benytter seg av informasjonskapsler (cookies).
Du kan fortsette å bruke siden som vanlig hvis du godtar dette. Les mer om bruk av informasjonskapsler i vår personvernerklæring.