Skills & Competency for CSIRT
-
Upload
yahya-nursalim -
Category
Documents
-
view
230 -
download
0
Transcript of Skills & Competency for CSIRT
![Page 1: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/1.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 1/40
![Page 2: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/2.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 2/40
respond to incidents
perform analysis tasks
communicate effectively with your constituency
competent problem solversmust easily adapt to change
must be effective in their daily activities
![Page 3: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/3.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 3/40
mission and goals (of the CSIRT)
nature and range of services offered
available staff expertise
constituency size and technology base
anticipated incident load
severity or complexity of incident reports
funding
![Page 4: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/4.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 4/40
Personal Skills
Technical Skill
![Page 5: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/5.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 5/40
Personal Skills
![Page 6: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/6.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 6/40
Communication
![Page 7: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/7.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 7/40
Presentation Skill
![Page 8: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/8.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 8/40
Diplomacy
![Page 9: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/9.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 9/40
Ability to follow
Policies and
Procedures
Compliance
![Page 10: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/10.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 10/40Team Skills
![Page 11: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/11.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 11/40
Integrity
![Page 12: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/12.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 12/40
Knowing One's Limits
![Page 13: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/13.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 13/40Coping with Stress
![Page 14: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/14.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 14/40
Problem Solving
![Page 15: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/15.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 15/40
Time Management
![Page 16: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/16.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 16/40
Technical Skills
![Page 17: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/17.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 17/40
![Page 18: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/18.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 18/40
Technical
Foundation
![Page 19: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/19.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 19/40
Security Principles
![Page 20: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/20.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 20/40
Security
Vulnerabilities/Weaknesses
![Page 21: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/21.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 21/40
The Internet
![Page 22: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/22.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 22/40
The Risks
![Page 23: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/23.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 23/40
Network Protocols
![Page 24: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/24.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 24/40Network Applications and Services
![Page 25: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/25.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 25/40
Network Security Issues
![Page 26: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/26.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 26/40
Host/System Security Issues
M li i C d
![Page 27: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/27.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 27/40
Malicious Code(Viruses, Worms, Trojan Horse programs)
![Page 28: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/28.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 28/40
![Page 29: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/29.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 29/40
Incident
Handling
![Page 30: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/30.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 30/40
Local Team Policies and Procedures
U d di /Id if i
![Page 31: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/31.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 31/40
Understanding/Identifying
Intruder Techniques
![Page 32: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/32.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 32/40
Communicating with Sites
![Page 33: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/33.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 33/40
Incident
Analysis
![Page 34: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/34.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 34/40
Maintenance of Incident Records
![Page 35: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/35.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 35/40
P e r s o n
a l S k i l
l sCommunication
Presentation Skill
Diplomacy
Compliance
Team Skill
IntegrityKnow the limits
Coping with Stress
Problem Solving
Time Management T
e c h n i c a l S k i l
l sTechnical Foundation
• Security Principles
• Security Vulnerabilities/Weaknesses
• The Internet
• Risks
• Network Protocols
• Network Applications and Services
• Network Security Issues
• Host/System Security Issues
• Malicious Code (Viruses, Worms,Trojan Horse programs)
• Programming Skills
Incident Handling
• Local Team Policies and Procedures
• Understanding/Identifying IntruderTechniques
• Communicating with Sites
• Incident Analysis
• Maintenance of Incident Records
![Page 36: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/36.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 36/40
IT Security Roadmap
IT FundamentalsIT Security
Fundamentals
Role-basedSpecialist
• NetworkAdministrator
• IT Security Specialist
• IT Security Manager
0 – 1 Years
Experience
1 – 2 Years
Experience
> 3 Years
Experience
![Page 37: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/37.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 37/40
Function vs Certification
Security Design and
Compliance Skills
SpecializedSecurity Skills
Network
Security Skills
Basic Security
Concept
Foundation Security
Knowledge
Vendor Specific
Vendor Neutral
Information
Worker
IT Worker
IT Admin
IT Manager
IT Executive
Career Level Required Skills Certifications
![Page 38: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/38.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 38/40
![Page 39: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/39.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 39/40
DoD Information Assurance (IA)
Workforce Strategy
• Improved IA posture
• Increased confidence that personnel performing IA functions are capable of doing the job
• Mechanism in place to “raise the bar” on IA skills
Certify theWorkforce
• Ability to place trained/capable personnel in IA jobs
• Ability to define standard IA personnel requirements
Manage theWorkforce
• Personnel enabled to hone IA skills, keep up with latest technology, threats andvulnerabilities
Sustain theWorkforce
• Local commanders understand impact of IA on mission accomplishment
• Standard allies and coalition partners can emulate IA for other workforces(acquisition, legal, audit etc.)
Extend theDiscipline
![Page 40: Skills & Competency for CSIRT](https://reader031.fdocuments.in/reader031/viewer/2022021113/577ce3c71a28abf1038cfd04/html5/thumbnails/40.jpg)
7/30/2019 Skills & Competency for CSIRT
http://slidepdf.com/reader/full/skills-competency-for-csirt 40/40
Didik Partono Rudiarto
Tim Ahli ID-SIRTII