(certificate sample)
Linux security enhancement, Windows security enhancement, attack technology and defense, virus analysis and defense, cryptography, application encryption technology, attack and penetration technology, intrusion detection system, firewall technology, intranet network security planning, access control, PKI public key infrastructure, disaster recovery and business continuity, physical security and information security related laws and regulations.
grade
First class certification
Secondary authentication
Three-level authentication
Position information security engineer information security senior engineer information security senior expert
NCSE level 1 NCSE level 2 NCSE level 3
eye
mark
Have basic security knowledge and skills, and be able to solve information security problems encountered in daily information system management. Information security professionals can design and implement information security system solutions. Senior professionals in the field of information security technology can make overall plans for various security strategies of information systems and have the ability to comprehensively analyze and summarize from the perspective of planning.
inside
Ability ● Information security foundation
● Advanced TCP/IP analysis
● Datagram structure
● Strengthen Windows security.
● Strengthen Linux security.
● Virus analysis and defense
● Network application services
● Attack Technology and Defense Foundation
● Basic elements of information security
● Cryptography
● Apply encryption technology.
● Technical audit of network investigation
● Attack and infiltration technology
● Safety audit in control stage ● System safety.
● Security of application services ● Principle and application of intrusion detection system
● Firewall technology
● Design and implementation of network boundary
● Audit and log analysis
● Incident response and emergency handling ● Planning and implementation ● Intranet network security
Brief introduction of information security management
● Information security risk assessment and management
● Implement risk management.
● Establishment and certification of information security management system
● Access control
● Safety model and structure
● Communication and network security
● Cryptography
●PKI public key infrastructure
● Disaster recovery and business continuity
● Physical security
● Safe operation
● Research on moral standards
● Laws and regulations related to information security
At present, the problem of information network security is not just a problem of preventing "black", but has risen to the strategic level from the perspective of overall development and security guarantee within the country and enterprises.
With the development of the network, people have formed a * * understanding of the solution of network security problems, that is, the key to the establishment of network security system lies in people, especially network security talents, because all network security technologies, measures and tools can only be auxiliary means of security system construction, and the formulation of strategies, the implementation of technical tools and the final planning and implementation depend on people. As researcher Xu, an anti-hacker expert, said, the attack and defense of network security is entirely the confrontation of high-quality talents. It is in this macro environment that a new name has gradually entered people's field of vision, that is, information security engineer. So, what skills and qualities should a professional qualified information security engineer have? What are their job responsibilities? The primary responsibility of information security engineers is to tailor a reasonable and economical information network security architecture for enterprises; He needs to analyze the nature and quantity of daily business and non-daily business, measure the safety factor and level required by different types of business, investigate the safety problems encountered by enterprises in the past and find out the existing safety hidden dangers, and finally build a reasonable ranking safety system for enterprises within a certain proportion of project budget. Secondly, the information security engineer needs to build muscles and textures for the planned system, so he will choose the appropriate firewall, intrusion detection system, related network interconnection and exchange equipment, and related security system software and application software, propose security solutions for different problems and businesses, and set system permissions and security levels for different employees ... In this way, an information security system that is flesh and blood and can effectively resist external malicious attacks is basically established. The establishment of the system does not mean once and for all security. The biggest job responsibility of an information security engineer is to maintain and prevent security problems and hidden dangers. When the alarm of the new virus just sounded anywhere in the world, he would quickly reflect the relevant defense measures in the enterprise's security system. When the server catches the weakest attack signal, he will be alert and ready to deal with it.
Of course, at a time when network information security awareness and technology application are not popular enough, information security engineers are also the best safety knowledge trainers for every enterprise employee. It is one of his duties to let every employee know the basic security architecture and tool application of the enterprise. At the same time, when every employee is a security guard, such an enterprise is indestructible. At present, information security engineers have not formed a strong team. Many companies have security engineers in the network management department, who are responsible for the construction and protection of security systems, which is actually another form of work for information security engineers. At the same time, many manufacturers of safety products also need a large number of pre-sales, after-sales and technical support talents. In the existing training market, New Oriental has taken the lead in launching the "Information Security Engineer Employment Class" with clear positioning, so as to reserve talents for the future safe China.