Information Security Training

Comprehensive Information Security Overview

This Type of Training is Management.

Who Should Attend This Course?

IT Security Engineer
Information Security Analysts
System and Network Administrators
IT Auditors and Managers

Duration:

1 Day Training

Objectives:

The training will increase the key knowledge of your information securityconcepts and trends for secure administration and management f computer systems and networking
To be thoroughly understand of the challenges of network security in a global, dynamic networked systems environment
To understand te wide range of vulnerabilities and threats to which an organization's information assets may be exposed
To identifty ways to improve readiness in responding and recovering from information security incidents

Syllabus:

Dimension of Information Security
Security Management Practices
Human Resources Security
Cryptography
Network Security Technology
Information SecurityTechnology
Access Control System
Disaster Recovery Planning/ Business Continuity Planning
Operation Security
Physical Security

Hacking Insight through Penetration Testing

This type of Training is Technical

Who Should Attend This Course?

IT Security Engineer
Information Security Analyst
System and Network Administrator
IT Auditor and Manager

Objectives:

In ths training you learn to discover weakness in your network using the same methodologies as hackers such as Information Gathering, Scanning enumeration, Exploiting and Escalating privileges
You will also acquire the knowledge to systematically test and exploit internal and external defenses by following an establish methodology and how you can exploit frameworks to be used to accomplish these tasks

Prerequisite:

A basic understanding of TCP/IP
A background in Microsoft Windows and Unix/Linux is desirable

Duration:
4 Days Training

Syllabus:

First Day
- Overview The Risk and Threat
- Penetration Testing
- Information Gathering
- Network Mapping
- OS FingerPrinting
- Identify Live Hosts
- Enumeration
Second Day
- Vulnerability Identification
- Penetration
- Enumerate Further
Third Day
- Covering Tracks
- Backdoor
- Log Review
Fourth Day
- Forensics
- HoneyPot
- Physical Security
- USB Hacking

Holistic Information Security Training

This type of training is Mix between Management and Technical

Who Should Attend This Course?

IT Security Engineer
Information Security Analysts
System and Network Administrators
IT Auditors and Managers

Prerequisite:

A basic understanding of TCP/IP
A background in Microsoft Windows and Unix/Linux in desirable

Duration:

4 Days Training

Objectives:

The training will increase the key knowledge of your Information Security concepts and trends for secure administration and management of computer systems and networking
To enable you to thoroughly understand the challenges of Information Security in a global, dynamic network system environment
To enable you to understand the wide range of vulnerabilities and threats to which an organiztaion's information assets may be exposed

Syllabus:

First Day
Comprehensive Information Security Overview

Second Day
- Recognizing Security Threat and Attack
- Basic TCP/IP Concept
- Threat

Third Day
- Network Protection
- Network Threat
- Network Access Control
- Network Countermeasure
- Tracking Attacker

Fourth Day
- Basic Encryption
- Data Protection
- Email Protection
- Steganography
- Backup

Incident Response & Handling

This type of Training is Techncial

Who Should Attend This Course?

Information Security Analyst
System and Network Administrator
IT Auditor and Manager

Objectives:

To enable you handling incidents from initial preparation through the post-incident lessons learned phase
To enable you to implement efficient and effective incident handling

Prerequisite

A basic understanding of TCP/IP
A background in Microsoft Windows and Unix/Linux is desirable

Duration:

2 Days Training

Syllabus:

First Day
- Incident Categories
- Types of Incident
- Cost of Incidents
- Signs ofAn Incident
- IncidentAnalysis
Second Day
- Evidence Gathering and Handling
- Handling an Incident
- Organizing a computer security incident response
- Prevent incident

Introduction ISO 27001/27002

This type of Training is Management

Who Should Attend This Course?

IT Manager/ Director
Business Manager/ Director
IT Security Audit
Risk Management Function
Engineer in charge of IT Security Function

Objectives:

To provide an overview of ISO 27001 & 27002, what are the aspects of scope of concers? HOw the company management involve in the Information Security Management System? How to dosimple risk Assessnent? It will create awareness of what is the ISO 27002 control framework and how a company can prepare for the implementation of the ISO 27001, the best pratice of Information Security Management System

Duration:
2 Days Training

Syllabus:

General Introduction
Process Approach
Information Security Management Systems
Documentation Requirement
Management REsponsibility
Internal ISMS Audit
Management Review of ISMS
ISMS IMprovement
Risk Assessment
Control Framework

ISO 27001 Implementation

This type of training is Management

Who Should Attend:

IT Manager/ Director
Business Manager/ Director
IT Security Audit
Risk Management Function
Engineer in charge of IT Security Function

Objectives:

To provide a detail explanation of ISO 27001ISMS component and the PDCA Cycle. Including Comprehensive Coverage of the Managerial and Technical Aspect of 27001. The training will discuss on how the company management involve in the Information Security Management System. Various methods to do risk Assessment. The implementation process flow to prepare for ISO 27001 Certification

Duration:

3 Days Training

Syllabus:

Background to Information Security
PDCA Process Approach
Information Security Management Systems
Documentation Requirement
Management Responsibility
Internal ISMS Audit
Management Review of ISMS
ISMS Improvement
Risk Assessmen
Detail Discussion on The Managerial and Techncial Aspect of the ISO 27001 Control Framework
Certification Process Flow

Log Management & Analysis

This type of training is Technical

Who Should Attend This Course?

IT Security Engineer
Information Security Analyst
System and Network Administrator
IT Auditor and Manage

Objectives:

Teach you to maintain successful log management activities which enable an organization to develop standard processes for performing log management
Enable you to ensure that log management for individual systems is performed efefctively thorughout the organization and thus the administrators of those systems will receive adequate support

Prerequisite:

A basic understanding of TCP/IP

Duration:
2 Days Training

Syllabus:

First Day
- Introduction to Computer Security Log Management
- The Basic of Computer Security Logs
- The Need for Log Management
- The Challenges in Log Management
- LogManagement Infrastructure
- Log Management Infrastructure

Second Day
- Log Management Planning

Minimize InfoSec Risk Using Firewall

This type of training is Technical

Who Should Attend This Course?

Information Security Analyst
System and Network Administrator
IT Auditor and Manager

Objectives:

This training teches the fundamentals of implementing firewall policies and understanding its effect on application performance and link utilizations
To enable you to implement efficient and effective Firewall

Prerequisite:

A basic understanding of TCP/IP
A background in Microsoft Windows and Unix/Linux is desirable

Duration:

3 Days Training

Syllabus:

First Day
- Introduction to Firewall
- Networking Fudnamental
- Security Threat
Second Day
- Netfilter and IPRoute
- NAT and Packet Mangling with IPTables
- Layer 7 Filtering
Third Day
- SquidProxy
- Web Application Firewall
- Personal Firewall

Official (ISC)2 Representatives in Indonesia

UniPro has been chosen as the only Official (ISC)2 representatives for Indonesia.

UniPro now providing Official seminar and exam for (ISC)2 in Indonesia. Individuals or companies who want to become InfoSec Professional, may register for official seminar and exam in Indonesia.
Need details? You may contact us at:
Komplek Perumahan Bank Mandiri
Jl. LetJen S. Parman Blok O No.10
Jakarta 11480
Indonesia
Phone: +6221-5301717
Fax: +6221-5349544

Packet Analysis & Troubleshoot

This type of Training is Technical

Who Should Attend This Course?

IT Security Engineer
Information Security Analyst
System Network Administrator
IT Auditor and Manager

Prerequisite:
Basic understanding of TCP/IP

Objectives:

This course teaches you to understand the process of packet analysis and give you how many examples to solve your network problems
Packet anaysis can help you to understand network characteristics, learn who is on the network, determine who or what is utilizing availablebandwidth, identity possible attacksor malicious activity

Duration:

3 Days Training

Syllabus

First Day
- How Computer Communicate
- Packet Sniffer
- Wireshark
Second Day
- Wireshark in Depth
Third Day
- Wireshark from Security Perspective

Security Policy Formulation

This type of Training is Management

Who Should Attend This Course?

IT Manager/ Director
Business Manager/ Director
IT Security Audit
Risk Management Function
Engineer in charge of IT Security Function

Objectives:

To provide the participant to get a broader perspective of Information Security Policy, know the relevance of Security Policy in the organization process and how it supports business objective as well as protecting the organization information asset. This course is more toward a management approach to develop effective Security Policy rather than detail technical implementation. After completing this course, the participant is expected to be able to assist the organization on how to develop effective Security policy

Duration:

2 Days Training

Syllabus:

First Day
- Course Objective Explained
- Security Awareness
- Risk Analysis and Management
- Security Policy Development
Second Day
- Security Policy Workshop
- Sample of somepolicies in actual technical implementation

Web Application Hacking & Countermeasures

This type of training is Management

Who Should Attend This Course?

IT Security Engineer
Web Developer/ Web Master/ Web Admin
Technical Engineer
IT Auditor and Manager

Prerequisite:

Familiar with Internet Technology especially Web Application
Basic understanding of TCP/IP

Duration:

3 Days Training

Syllabus:

First Day
- Introduction to Threats
- Assessing Your Web Application
- Assessment Methods
- OWASP
Second Day
- Assessment Methods
- Top 10 OWASP Vulnerabilities
- 15 Common Mistakes in Web Security
Third Day
- Web Application Firewall
- Web Application Forensic
- Secure Conenction
- Designing Guidelines for Secure Web Application
- Web Services

Wireless Hacking & Defense

This type of training is Technical

Who Should Attend This Course?

IT Manager
System/ Network Administrator
System Analyst
IT Security Professional

Objectives:

In this Training you will acquire the necessary skills for implementing and managing wireless security
Enable you to familirize with the various hardware amd software components of a wireless network
Teach you to understand how an attacker can break into both unsecured and secure wireless networks

Duration:

3 Days Training

Syllabus:

First Day
- Introduction of Wireless Technology
- Wireless Network Component & Technology
- Standard IEEE 802.11
- Wireless Protocol
- Wireless LAN Infrastructure & Client Devices
- Wireless Design
- Wireless Security Architecture
- Wireless LAN Discovery
- Warchalking Sign
- Wardriving
- Wireless Attack I
- MAC Spoofing
- Authentication and Encrypting Cracking
- Eavesdropping
Second Day
- Wireless Attack II
- Wireless Denial of Service (DoS)
- Man In The Middle Attack
- Rouge Access Point
- Client-to-client Attack
- Physical damage or theft
Third Day
- Wireless Packer Analysis
- Attack Signature
- Wireless Security Solutions
- Wireless Client Security
- Wireless Security Access Point
- Wireless Intrusion Detection Systems
- Wireless Corporate Security Policy

Company Profile

Customer References

Total Security Solutions

Careers

Anti Virus

Audit Tool

Data & Integrity Assurance

Encryption

Firewall/VPN & UTM

Identity & Access Management (IAM)

Intrusion Prevention System

Security Information & Event Management (SIEM)

SSL VPN

Web Application Firewall

Web Application Security Assessment

AirDefense, the innovator and market leader in anywhere, anytime Wireless Security, provides a complete suite of solutions that secure wireless networks and protect the extended mobile enterprise against all threats and attacks. As a key element of wireless LAN security, AirDefense complements wireless VPNs, encryption and authentication.

ArcSight, Inc. is the global leader in Enterprise Security Management (ESM). It will help you to manage information risk and protect your critical information assets.

Aventail, a leading extranet and SSL VPN service provider, helps major corporations manage key business relationships by delivering secure access and identity services.

Blue Coat secures Web communications and accelerates business applications across the distributed enterprise. Blue Coat’s family of appliances and client-based solutions deployed in branch offices, Internet gateways, end points, and data center provide

Check Point Software Technologies is the worldwide leader in securing the Internet.

Crossbeam Systems is leading a revolution in the network security equipment field, one that lowers risk and exposure, reduces infrastructure costs and increases flexibility to respond to new threats.

Hummingbird Connectivity seamlessly delivers mission critical data to the user desktop. Based on robust and recognized standards, every Hummingbird Connectivity product is designed to bridge the gap between legacy systems and business users by delivering

Juniper Networks leads the industry in enabling secure, assured communications over a single IP network.

NetContinuum Application Proxies comprehensively protect transactional applications deployed over the web.

NetIQ is a leading provider of integrated systems and security management solutions that empower IT organizations with the knowledge and ability necessary to assure IT service.

Network diagnostic and monitoring applications for businesses and end users

Oracle Identity Management allows enterprises to manage end-to-end lifecycle of user identities across all enterprise resources both within and beyond the firewall.

PGP Corporation is lead industry by providing innovative, easy-to-use solutions that give more people access to encryption technology.

Proofpoint, Inc. is the leading provider of enterprise-class messaging security solutions that protect organizations from the threats and risks of both inbound and outbound email and other messaging streams.

Radware is the global leader in integrated application delivery solutions delivering full availability, maximum performance and complete security of all business critical networked applications while dramatically cutting operating and scaling costs.

Secure Computing has specialized solutions secure the connections between people and information. Secure Computing products provide the highest level of industry-recognized security, enabling you to create trusted environments inside and outside your organization. CyberGuard Firewall, leading-edge network security solutions that protect data and networks from unauthorized access and cyber attack.

SPI Dynamics’ WebInspect™ application security assessment tool ensures your organization’s web security and the security of your most critical information by identifying known and unknown vulnerabilities within the Web application layer.

SSH Communications Security is a world-leading provider of enterprise security solutions and end-to-end communications security, and the original developer of the Secure Shell protocol.

Symantec is the global leader in information security and availability, helping customers secure and manage their data.

TippingPoint, a division of 3Com, is the leading provider of network-based intrusion prevention systems for corporate enterprises, government agencies, service providers and academic institutions. TippingPoint is the only intrusion prevention system to offer VoIP security, bandwidth management, Peer-to-Peer Protection, and default \"Recommended Settings\" to accurately block malicious traffic automatically upon installation without tuning.

Trend Micro Incorporated is a global leader in network antivirus and internet content security software and services.

Tripwire is the leading provider of change auditing software. Tripwire reduces operational risk and ensures the security and availability of your networks.

Websense is the global leader of web filtering and a premier provider of web and desktop security software. Websense products increase employee internet productivity and secure organizations from emerging internet threats by providing a proactive critical security component that complements traditional security solutions.

Information Security Training

Information Security Consultancy & Services

Outsoucing & Recruitment

Comprehensive Information Security Overview

Hacking Insight through Penetration Testing

Holistic Information Security Training

Incident Response & Handling

Introduction ISO 27001/27002

ISO 27001 Implementation

Log Management & Analysis

Minimize InfoSec Risk Using Firewall

Official (ISC)2 Representatives in Indonesia