OSSTMM PROFESSIONAL SECURITY EXPERT (OPSE)
What is OPSE?
The OSSTMM Professional Security Expert (OPSE) is one internationally recognized professional certification, which certifies an in-depth knowledge of the ISECOM methodology – OSSTMM in all its fields of application, without detailing the purely practical and technological aspects. Unlike allother professional certifications of ISECOM, its release foresees a purely theoretical cutting course and passing an exam final in English (closed multiple-choice test). The purpose of the OPSE certification is to provide the tools and the skills to understand dynamics, purposes and interoperability OSSTMM methodology and Security Testing activities in in relation to the different regulations and the different safety standards.
Who should attend?
To be able to design for:
- IT Security Managers (CSO and CISO)
- Security Manager and Project Manager for security activities
- Security Consultant
- ISO / IEC 27001 Lead Auditor
- Security Testing Team Manager
- All those who work in the field of security
- Planning and Strategy.
Learning Objectivies
The OPSE certification course splits into 2 days, to which it takes, adds 1 dedicated to the final exam. During the course days, the following contents will be treated:
- Understanding the dynamics of the OSSTMM: Define the concepts of approach and evaluation related to verifications safety common to all channels and modules that compose them the OSSTMM methodology in its most recent and relative versions nomenclatures.
- Define the rules of engagement: Understand how to apply and manage the rules of engagement (Rules of Engagement) in terms of legality and ethics, from the proposal to the presentation of results according to OSSTMM methodology.
- Security metrics: Learn the knowledge needed to calculate and measure protection elements and countermeasures according to methodology OSSTMM.
- Interoperability elements: Define and understand the methods of interaction between the methodology OSSTMM and its results, with safety regulations and standards, providing the means for a qualitative assessment of the level of safety found
- OSSTMM activity planning: Understand the dynamics and procedures for planning and managing thesecurity audits involving OSSTMM certified resources edefine the allocation of the number of hours according to the Rules of Thumbs
- Reporting: Learn the guidelines provided by the methodology to fill in theISECOM official reporting model, in the context of the release of the security certification based on OSSTMM.
Prerequirements
- Experience with basic security issues
- Basic knowledge of the main network architectures
- Basic knowledge of the main information technologies
- Good ability to read and understand the English language
Exam Format:
- Exam time: 3 hours
- Questions: 28 multiple choice, single answer, skills-based against a remote test network.
- Passing: 60% or better for certification. Scores of 90% or better include a seal of excellence