fbpx

SCADA Security Manager

  • View Course Outline
  • Subscribe to Newsletter
    Privacy by SafeUnsubscribe
  • Get course brochure
    Privacy by SafeUnsubscribe

SCADA Security Manager

SCADA Security Manager training course is designed to help managers, supervisors, and operators in the field of IT to discover how to configure the required tools and features for developing and organizing SCADA projects in industrial processes.

SCADA – Supervisory Control and Data Acquisition is an industrial system framework that includes both hardware and software architecture to control, monitor and analyze an industrial process. SCADA is application software that enables managers, engineers, and industry operators, to supervise and efficiently communicate with the working environment.

As an application software, SCADA is designed to assist industry experts in maintaining and improving industrial processes. Hence, the objective of SCADA is to collect real-time data, and store, process and generate reports for the complex industrial processes.

Why is it essential to have a secured SCADA System? 

SCADA is an essential tool that provides networking systems, communication and security technologies, and standards which are necessary to facilitate the maintenance of industrial processes. The application of technology is vital for individuals to innovate and develop procedures that will assist industries shortly.

SCADA aims to provide individuals with techniques to choose, plan and design technologies for improving the business processes and other utilities.

Also, SCADA will assist individuals to learn the required skills that are essential to plan, direct, operate and manage a project system in a working environment.

The importance of SCADA is the automation system which allows the organization and individuals to anticipate risk uncertainties, lower investment, maintenance costs and study optimal responses to the continuity of industrial processes.

This intensive course enables participants to develop the necessary expertise to plan, design, and implement an effective program to protect SCADA systems.

Participants will be able to understand standard Industrial Control System (ICS) threats, vulnerabilities, and risks related to ICS systems and how they can be managed. This training focuses on a mix of knowledge and skills related to SCADA/ICS security.

You might be interested in another Information Security programs as a next step.

The course is accredited by GIAC.

  • Request customized course
    Privacy by SafeUnsubscribe
  • Request call back
    There was an error fetching lists. Please refresh your lists and try again.
    Privacy by SafeUnsubscribe
  • Request corporate proposal
    There was an error fetching lists. Please refresh your lists and try again.
    Privacy by SafeUnsubscribe
  • View Schedule
  • COURSE TYPE ADVANCED
  • COURSE NUMBER
  • DURATION 5 Days
  • COURSE ACCREDITED BY GIAC

WHAT YOU WILL LEARN

Industry experts have designed the course with in-depth experience in SCADA and Industrial Control Systems Security. Unlike other certifications, this course focuses specifically on the knowledge and skills needed by a professional looking to advise on or manage risks related to SCADA environments and systems. In addition to presenting the theoretical knowledge required by SCADA

Security Manager, a comprehensive methodology for the implementation is presented. Thus, at the end of this course, participants will gain understanding on how to efficiently implement a security program for SCADA/ ICS systems.

IMPORTANT COURSE INFORMATION

Requirements

Knowledge of SCADA systems is preferred.

Exam

You can apply for – Global Industrial Cyber Security Professional (GICSP) from GIAC.

One proctored exam

115 questions

Time limit of 3 hours

Minimum Passing Score of 69%

COURSE OUTLINE

Modules:

Module 1: ICS Overview

Global Industrial Cybersecurity Professional (GICSP) Overview

Overview of ICS o Processes & Roles o Industries

Field Components of Real-Time Operating Systems

Programming Controllers o Exercise: PLC Programming

Supervisory Components o Specialized Applications o Master Servers o Exercise: HMI Programming

Types of ICS Systems o DCS vs. SCADA

IT & ICS Differences o ICS Lifecycle Challenges

Physical Security

ICS Network Architecture vs. Network Models

Design Example

Exercise: Architecting a Secure DCS

Module 2: ICS Attack Surface

ICS Attack Surface o Exercise: Information Leakage

Attacks on HMIs and UIs

Intro to SamuraiSTFU

Exercise: Password Fuzzing

Web Attacks

Exercise: Authentication Bypass with SQL Injection

Attacks on Control Servers

Attacks on Network Communications

Exercise: Spoofing Modbus

Attacks on Remote Devices

Exercise: Analyzing Firmware o Firmware Attacks

Module 3: Defending ICS Servers and Workstations

Windows in ICS

Linux/Unix in ICS

Updates and Patching

Processes and Services

Configuration Hardening

Exercise: Bastille Linux

Endpoint Defenses

Exercise: Firewalls

Automation and Auditing

Exercise: Powershell

Log Management o Exercise: Windows Logs

Databases and Historians

Module 4: Defending ICS Networks and Devices

Network Fundamentals

Ethernet

TCP/IP Protocol Suite

ICS Protocols over TCP/IP o Exercise: Network Capture Analysis

Enforcement Zone Devices o Firewalls

Unidirectional Gateways

Honeypots

Wireless in Control Systems

Satellite Protocols

Mesh Protocols

Bluetooth and WiFi

Defenses

Exercise: Network Capture Forensics

Field and Plant Floor Equipment

Cryptography Fundamentals

Module 5: ICS Security Governance

Information Assurance Foundations

Data Classification

Depth in Defense

Security Policies

Policy Hierarchy

Policy Governance

Contingency and Continuity Planning

Risk Assessment and Auditing

Risk Governance

Calculating Risk

Exercise: Attack Tree Analysis

Password Management

Incident Handling

Six Steps

Table Top Exercise

Exercise: Incident Response

Resources

  • In The Classroom

  • Live, Online

  • Private Team Training

  • Indiviual Private Session

Please Register for More Information

Enroll Now
Privacy by SafeUnsubscribe