| Module 1: Security Management Practices
(安全管理實務) |
- Security Overview
- Data Classification
- Employment Policies and Practices
- Risk Management
- Roles and Responsibilities |
|
| Module 2: Access Control Systems &
Methodology (資訊存取控制系統及方法) |
- Access Control Overview
- Identification and Authentication
- Passwords
- Access Control Techniques
- Access Control Administration
- Monitoring and Intrusion Detection |
|
| Module
3: Telecommunications & Network Security (通訊與網路安全) |
- Security Overview
- Internet, Intranet, and Extranet Security TCP/IP LANs, WANs,
and VPNs Network Layer Security Protocols Transport Layer Security
Application Layer Security Protocols |
|
| Module
4: Applications & Systems Development (應用程式與系統開發安全) |
- Application Development Introduction
- Malicious Code
- Methods of Attack
- Databases and Data Warehousing
- Knowledge-Based Systems
- Systems Development Life Cycle
- Security and Protection |
|
| Module
5: Cryptography (密碼學) |
- Cryptographic Terms and Technologies
- Message Authentication
- Certificate Authority |
|
| Module
6: Operations Security (作業安全) |
- Operations Security Overview
- Security Audits
- Violation Analysis
- Auditing - Monitoring
- Resource Protection
- E-Mail Security
- The Web
- File Transfer
- Anatomy of an Attack
- Separation of Duties and Responsibilities |
|
| Module
7: Security Architecture & Models (安全架構與模型) |
- Common Computer Architectures and Designs Storage
Types Principles of Common Security Models
- Common Flaws and Security Issues with System Architectures
and Designs Timing Attacks |
|
| Module
8: Business Continuity & Disaster Recovery Planning (業務持續運作與災害復原計畫)
|
- Business Continuity Plan Process
- Recovery
- Primary Strategies
- Assurance and Trust |
|
| Module
9: Law, Investigations, Ethics (資訊法律、電腦犯罪調查與電腦倫理) |
- Types of Computer Crime
- Major Categories of Laws
- Computer Crime-Related Laws
- Due Care
- Investigation and Ethics |
|
| Module
10: Physical Security (實體安全) |
- Introduction to Physical Security
- The Perimeter
- Inside the Building
- Intrusion Detection Systems
- Compartmentalized Areas |
