ICS Security Training | SCADA Systems Security Training
Commitment | 5 Days, 7-8 hours a day. |
Language | English |
User Ratings | Average User Rating 4.8 See what learners said |
Price | REQUEST |
Delivery Options | Instructor-Led Onsite, Online, and Classroom Live |
COURSE OVERVIEW
Learn the best practices for securing SCADA networks and systems. This ICS Security Training | SCADA Systems Security Training course teaches you how to defend against both internal and external attackers to provide holistic security for critical industrial automation systems! SCADA controls our nation’s mission-critical infrastructure, everything from the power grid to water treatment facilities
ICS Security | SCADA Systems Security: ENO Institute has joined forces with industry leaders to equip security professionals and control system engineers with the cybersecurity skills they need to defend national critical infrastructure. This SCADA Systems Security Training Workshop provides a foundational set of standardized skills and knowledge for industrial cybersecurity professionals. The ICS Security | SCADA Systems Security course is designed to ensure that the workforce involved in supporting and defending industrial control systems is trained to keep the operational environment safe, secure, and resilient against current and emerging cyber threats.
ICS SECURITY TRAINING | SCADA SYSTEMS SECURITY TRAINING COVERS THE FOLLOWING TOPICS:
- ICS Security | SCADA Systems Security: SCADA/ICS Overview
- ICS Security | SCADA Systems Security: SCADA Security Governance
- ICS Security | SCADA Systems Security: Pentesting SCADA Systems
- ICS Security | SCADA Systems Security: SCADA Security Controls
- And More…
WHAT'S INCLUDED?
- 5 days of ICS Security Training | SCADA Systems Security Training Workshop with an expert instructor
- ICS Security – SCADA Systems Security Workshop Electronic Course Guide
- Certificate of Completion
- 100% Satisfaction Guarantee
RESOURCES
- ICS Security | SCADA Systems Security – https://www.wiley.com/
- ICS Security | SCADA Systems Security – https://www.packtpub.com/
- ICS Security | SCADA Systems Security – https://store.logicaloperations.com/
- ICS Security | SCADA Systems Security – https://us.artechhouse.com/
- ICS Security | SCADA Systems Security – https://www.amazon.com/
RELATED COURSES
- 5G Wireless Security Training
- Cloud Security Fundamentals Training
- Introduction to Cyber Security Training
- Certified Ethical Hacking (CEH) Training v12
- CompTIA Security+ Certification Training (SY0-601)
- Certified Powershell Hacker (CPSH) Training
- Cybersecurity Foundations Training
- Cyber Threats Detection and Mitigation Training
- Cyber Threats Hunting (CCTHP) Training
- Cyber Threat Intelligence Analysis Training
- Cybersecurity Investigations and Network Forensics Analysis
ADDITIONAL INFORMATION
COURSE OBJECTIVES
This ICS Security Training | SCADA Systems Security Training course prepares you to properly secure the used in a variety of industries, including power transmission, oil and gas, and water treatment. You’ll build the knowledge and skills needed to successfully pass the CSSA exam, including:
- SCADA security policy development
- SCADA security standards and best practices
- Access control
- SCADA protocol security issues
- Securing field communications
- User authentication and authorization
- Detecting cyber-attacks on SCADA systems
- Vulnerability assessment
CUSTOMIZE IT
- We can adapt this ICS Security | SCADA Systems Security Training course to your group’s background and work requirements at little to no added cost.
- If you are familiar with some aspects of this SCADA Systems Security Training course, we can omit or shorten their discussion.
- We can adjust the emphasis placed on the various topics or build the ICS Security Training course around the mix of technologies of interest to you (including technologies other than those included in this outline).
- If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the SCADA Systems Security Training course in a manner understandable to lay audiences.
AUDIENCE/TARGET GROUP
The target audience for this ICS Security | SCADA Systems Security course:
- SCADA system operators
- SCADA analysts
- Control systems engineers
- ICS and SCADA consultants
- IT and security professionals with a desire to learn how to protect critical infrastructure
CLASS PREREQUISITES
The knowledge and skills that a learner must have before attending this SCADA Systems Security course are:
- Understanding of computer hardware and operating systems
- Basic knowledge of SCADA systems
COURSE SYLLABUS
SCADA/ICS OVERVIEW
- Introduction to CSSA
- Industrial Control Systems (ICS)
- Types of ICS
- ICS components
- BPCS & SIS
- Control system strengths and weaknesses
- ICS PCN & Protocols
- PCN evolution
- Modbus / DNP3 / HART
- Lab: Modbus PLC
- IT vs. ICS
- RS-232 and RS-485
- TASE 2.0 / ICCP
- CIP
- PROFIBUS / PROFINET
- FOUNDATION Fieldbus
- Open vs. proprietary protocols
- HMI applications
- HMI/OIT implementations
- OPC and OPC UA
- Data historians
- Integration software (ERP/MES)
SCADA SECURITY GOVERNANCE
- Threat to SCADA
- SCADA attacks and threats case studies
- Lab: Attacking the infrastructure
- SCADA security challenge
- Security frameworks, strategy, policies
- Standards, procedures, and guidelines
- SCADA security standards bodies (NIST / ISA / CFATS / NERC CIP)
- ICS Security Training | SCADA Systems Security Training
- Risk management process
- Lab: “Theoretical” assessment with CSET
- SCADA security assessment methodology
- NESCOR guide to vulnerability assessment
- SCADA/ICS Security Training Workshop
PENTESTING SCADA SYSTEMS
- Security assessment strategy
- Pentesting steps
- Safety and security considerations
- Information gathering
- Architecture analysis
- Host, application, and platform fingerprinting
- DNS and SNMP recon
- Lab: SNMP recon
- Host and port scanning
- Security considerations
- Scanning tools and techniques
- Lab: Scanning ICS/SCADA networks
- Network communications capture and analysis
- RF signal capture
- Sniffing network traffic
- Device functionality analysis
- Lab: Datasheet analysis
- Vulnerability identification
- Common SCADA vulnerabilities
- Finding vulnerabilities
- Physical access
- Vulnerability scanning
- Server OS testing
- Patch levels
- Default and insecure configurations
- Authentication and remote access
- Firmware analysis
- Attacking ICS
- Attacking standard services (HTTP, FTP)
- Attacking server OS
- ICS Security Training | SCADA Systems Security Training
- Lab: Exploiting OS-level vulnerabilities (Shellshock exploit)
- Attacking ISC Protocols
- Lab: Capturing and manipulating protocol data
- Attacking wireless communications
- Lab: Recovering ZigBee network keys
- Lab: WEP/WPA2 password cracking
SCADA SECURITY CONTROLS
- Categorization of system controls
- Physical security & safety
- Identification, Authentication & Authorization (IA&A)
- IA&A and access control
- Remote access security
- Encryption
- Logical security
- Lab: Firewall rule design
- Monitoring, detection, and protection
- Secure SCADA architecture
- Lab: Security architecture (group discussion)
- IDS/IPS (Introduction to Snort)
- Log monitoring and management
- Lab: SCADA honeypot (Conpot)
- Lab: Snort SCADA rules (Quickdraw)
- Incident response
- Anti-malware
- Application whitelisting
- Patch management
- Active Directory and group policy
- Summary of good security practice