SCADA Security Manager
SCADA Security Manager training course is designed to help managers, supervisors, and operators in the field of IT to discover how to configure the required tools and features for developing and organizing SCADA projects in industrial processes.
SCADA – Supervisory Control and Data Acquisition is an industrial system framework that includes both hardware and software architecture to control, monitor and analyze an industrial process. SCADA is application software that enables managers, engineers, and industry operators, to supervise and efficiently communicate with the working environment.
As an application software, SCADA is designed to assist industry experts in maintaining and improving industrial processes. Hence, the objective of SCADA is to collect real-time data, and store, process and generate reports for the complex industrial processes.
Why is it essential to have a secured SCADA System?
SCADA is an essential tool that provides networking systems, communication and security technologies, and standards which are necessary to facilitate the maintenance of industrial processes. The application of technology is vital for individuals to innovate and develop procedures that will assist industries shortly.
SCADA aims to provide individuals with techniques to choose, plan and design technologies for improving the business processes and other utilities.
Also, SCADA will assist individuals to learn the required skills that are essential to plan, direct, operate and manage a project system in a working environment.
The importance of SCADA is the automation system which allows the organization and individuals to anticipate risk uncertainties, lower investment, maintenance costs and study optimal responses to the continuity of industrial processes.
This intensive course enables participants to develop the necessary expertise to plan, design, and implement an effective program to protect SCADA systems.
Participants will be able to understand standard Industrial Control System (ICS) threats, vulnerabilities, and risks related to ICS systems and how they can be managed. This training focuses on a mix of knowledge and skills related to SCADA/ICS security.
You might be interested in another Information Security programs as a next step.
The course is accredited by GIAC.
- COURSE TYPE ADVANCED
- COURSE NUMBER
- DURATION 5 Days
- COURSE ACCREDITED BY GIAC
WHAT YOU WILL LEARN
Industry experts have designed the course with in-depth experience in SCADA and Industrial Control Systems Security. Unlike other certifications, this course focuses specifically on the knowledge and skills needed by a professional looking to advise on or manage risks related to SCADA environments and systems. In addition to presenting the theoretical knowledge required by SCADA
Security Manager, a comprehensive methodology for the implementation is presented. Thus, at the end of this course, participants will gain understanding on how to efficiently implement a security program for SCADA/ ICS systems.
IMPORTANT COURSE INFORMATION
Knowledge of SCADA systems is preferred.
You can apply for – Global Industrial Cyber Security Professional (GICSP) from GIAC.
One proctored exam
Time limit of 3 hours
Minimum Passing Score of 69%
Module 1: ICS Overview
Global Industrial Cybersecurity Professional (GICSP) Overview
Overview of ICS o Processes & Roles o Industries
Field Components of Real-Time Operating Systems
Programming Controllers o Exercise: PLC Programming
Supervisory Components o Specialized Applications o Master Servers o Exercise: HMI Programming
Types of ICS Systems o DCS vs. SCADA
IT & ICS Differences o ICS Lifecycle Challenges
ICS Network Architecture vs. Network Models
Exercise: Architecting a Secure DCS
Module 2: ICS Attack Surface
ICS Attack Surface o Exercise: Information Leakage
Attacks on HMIs and UIs
Intro to SamuraiSTFU
Exercise: Password Fuzzing
Exercise: Authentication Bypass with SQL Injection
Attacks on Control Servers
Attacks on Network Communications
Exercise: Spoofing Modbus
Attacks on Remote Devices
Exercise: Analyzing Firmware o Firmware Attacks
Module 3: Defending ICS Servers and Workstations
Windows in ICS
Linux/Unix in ICS
Updates and Patching
Processes and Services
Exercise: Bastille Linux
Automation and Auditing
Log Management o Exercise: Windows Logs
Databases and Historians
Module 4: Defending ICS Networks and Devices
TCP/IP Protocol Suite
ICS Protocols over TCP/IP o Exercise: Network Capture Analysis
Enforcement Zone Devices o Firewalls
Wireless in Control Systems
Bluetooth and WiFi
Exercise: Network Capture Forensics
Field and Plant Floor Equipment
Module 5: ICS Security Governance
Information Assurance Foundations
Depth in Defense
Contingency and Continuity Planning
Risk Assessment and Auditing
Exercise: Attack Tree Analysis
Table Top Exercise
Exercise: Incident Response
In The Classroom
Private Team Training
Indiviual Private Session
Please Register for More Information