PT. HM. SAMPOERNA, Tbk. - Pasuruan Jawa Timur

Inhouse Training Microsoft Excel VBA Macro Programming

PT. PLN PERSERO MALUKU / MALUKU UTARA

Inhouse Training Android Apps. Development with phonegap

O-Shop, SCTV, Infotech (Jakarta)

Public Training Magento E-Commerce Advanced Level

PT. ASKRINDO - JAKARTA

Training IT Project Management based on PMBOK 5

Bank Fama International - Bandung

Inhouse Training Open Office Calc

Friday, July 30, 2021

HERY PURNAMA CERTIFIED TRAINER cissp CISA, CISM, CDPSE, CRISC, CCISO, CDMP, CTFL , ITILF - JAKARTA BANDUNG

HERY PURNAMA 081-223344-506 IS A CERTIFIED TRAINER FOR TRAINING : CISSP , CISA, CISM, CDPSE, CRISC, CCISO, CDMP, CTFL , ITILF IN JAKARTA BANDUNG INDONESIA (inhousetrainer.net).

SYLLABUS TRAINING ,

Certified Information Systems Security Professional (CISSP) 



Durations  :


5 Days (09.00 – 16.00)


Descriptions :

The CISSP certification training develops your expertise in defining the IT architecture and in designing, building, and maintaining a secure business environment using globally approved information security standards. The CISSP training covers industry best practices and prepares you for the CISSP certification exam held by (ISC)².

A CISSP certification validates your skills in IT security. Cybersecurity Ventures predicts a total of 3.5 million Cyber Security jobs by 2021. The global Cyber Security market is expected to reach USD $282.3 Billion by 2024, growing at a rate of 11.1-percent annually.


Objectives :

This Certified Information Systems Security Professional (CISSP) certification course. To obtain the CISSP certification, candidates need to pass an exam that consists of mostly multiple-choice questions. The purpose of this course is to prepare you for the certification exam by introducing you to the concepts and terminology you need to know to pass.


This course is designed to provide you with extensive knowledge, learning strategies, and instructor support along the way. In addition to the exam, you must meet a few other requirements in order to become a Certified Information Systems Security Professional. You must demonstrate that you follow the CISSP Code of Ethics, have a minimum of five years full-time paid work experience in the systems security field, and hold an IS or IT degree. With that in mind, before enrolling in this course, be sure that this is the right course for you.


This course is designed for people who want to become certified security professionals and are looking for jobs that require the CISSP certification. The prerequisites for this course are basic knowledge in networking and some knowledge of systems operations. Throughout this course, you will learn about the basics of asset security, cryptography, security and risk management, and various threats and attacks. This is a theoretical course — not a practical one — and we will cover many regulations, laws, policies, standards, and encryption protocols. With the flashcards, interactive diagrams, video lessons, and instructor support included with this course, you are equipped with everything you need to successfully pass the exam and earn your CISSP certification.


Participants :


The CISSP Course is ideal for experienced security practitioners, managers and executives interested in proving their knowledge across a wide array of security practices and principles, including those in the following positions:

Chief Information Security Officer

Chief Information Officer

Director of Security

IT Director/Manager

Security Systems Engineer

Security Analyst

Security Manager

Security Auditor

Security Architect

Security Consultant

Network Architect


Prerequisites :

Roughly five years of direct full-time security work experience is recommended, but not required



Outlines :

DAY 1 

CISSP Introduction

DOMAIN 1 : SECURITY AND RISK MANAGEMENT

Understand and Apply Concepts of Confidentiality, Integrity, and Availability

Information Security

Evaluate and Apply Security Governance Principles

Alignment of Security Functions to Business Strategy, Goals, Mission,

and Objectives

Vision, Mission, and Strategy

Governance

Due Care

Determine Compliance Requirements

Legal Compliance

Jurisdiction

Legal Tradition

Legal Compliance Expectations

Understand Legal and Regulatory Issues That Pertain to Information Security in a

Global Context

Cyber Crimes and Data Breaches

Privacy

Understand, Adhere to, and Promote Professional Ethics

Ethical Decision-Making

Established Standards of Ethical Conduct

(ISC)² Ethical Practices

Develop, Document, and Implement Security Policy, Standards, Procedures,

and Guidelines

Organizational Documents

Policy Development

Policy Review Process

Identify, Analyze, and Prioritize Business Continuity Requirements

Contribute to and Enforce Personnel Security Policies and Procedures

Understand and Apply Risk Management Concepts

Understand and Apply Threat Modeling Concepts and Methodologies

Apply Risk-Based Management Concepts to the Supply Chain

Establish and Maintain a Security Awareness, Education, and Training Program

Questions & Answers

DOMAIN 2 : ASSET SECURITY

Asset Security Concepts

Data Policy

Data Governance

Data Quality

Data Documentation

Data Organization

Identify and Classify Information and Assets

Asset Classification

Determine and Maintain Information and Asset Ownership

Asset Management Lifecycle

Software Asset Management

Protect Privacy

Cross-Border Privacy and Data Flow Protection

Data Owners

Data Controllers

Data Processors

Data Stewards

Data Custodians

Data Remanence

Data Sovereignty

Data Localization or Residency

Government and Law Enforcement Access to Data

Collection Limitation

Understanding Data States

Data Issues with Emerging Technologies

Ensure Appropriate Asset Retention

Retention of Records

Determining Appropriate Records Retention

Retention of Records in Data Lifecycle

Records Retention Best Practices

Determine Data Security Controls

Technical, Administrative, and Physical Controls

Establishing the Baseline Security

Scoping and Tailoring

Standards Selection

Data Protection Methods

Establish Information and Asset Handling Requirements

Marking and Labeling

Handling

Declassifying Data

Storage

Questions & Answers

DAY 2

DOMAIN 3: SECURITY ARCHITECTURE AND ENGINEERING

Implement and Manage Engineering Processes Using Secure Design Principles

Saltzer and Schroeder’s Principles

ISO/IEC

Defense in Depth

Using Security Principles

Understand the Fundamental Concepts of Security Models

Select Controls Based upon Systems Security Requirements

Understand Security Capabilities of Information Systems

Assess and Mitigate the Vulnerabilities of Security Architectures, Designs, and

Assess and Mitigate Vulnerabilities in Web-Based Systems

Assess and Mitigate Vulnerabilities in Mobile Systems

Insecure Devices

Mobile Device Management

Assess and Mitigate Vulnerabilities in Embedded Devices

Apply Cryptography

Cryptographic Lifecycle

Cryptographic Methods

Public Key Infrastructure

Key Management Practices

Digital Signatures

Non-Repudiation

Integrity

Understand Methods of Cryptanalytic Attacks

Digital Rights Management

Apply Security Principles to Site and Facility Design

Implement Site and Facility Security Controls

Physical Access Controls

Wiring Closets/Intermediate Distribution Facilities

Server Rooms/Data Centers

Media Storage Facilities

Evidence Storage

Restricted and Work Area Security

Utilities and Heating, Ventilation, and Air Conditioning

Environmental Issues

Fire Prevention, Detection, and Suppression

Questions & Answers

DOMAIN 4 : COMMUNICATION AND NETWORK SECURITY

Implement Secure Design Principles in Network Architectures

Open Systems Interconnection and Transmission Control

Internet Protocol Networking

Implications of Multilayer Protocols

Converged Protocols

Software-Defined Networks

Wireless Networks

Internet, Intranets, and Extranets

Demilitarized Zones

Virtual LANs

Secure Network Components

Firewalls

Network Address Translation

Intrusion Detection System

Security Information and Event Management

Network Security from Hardware Devices

Transmission Media

Endpoint Security

Implementing Defense in Depth

Content Distribution Networks

Implement Secure Communication Channels According to Design

Secure Voice Communications

Multimedia Collaboration

Remote Access

Data Communications

Virtualized Networks

Questions & Answers

DAY 3

DOMAIN 5 : IDENTITY AND ACCESS MANAGEMENT

Control Physical and Logical Access to Assets

Information

Systems

Devices

Facilities

Manage Identification and Authentication of People, Devices, and Services

Identity Management Implementation

Single Factor/Multifactor Authentication

Accountability

Session Management

Registration and Proofing of Identity

Federated Identity Management

Credential Management Systems

Integrate Identity as a Third-Party Service

On-Premise

Cloud

Federated

Implement and Manage Authorization Mechanisms

Role-Based Access Control

Rule-Based Access Control

Mandatory Access Control

Discretionary Access Control

Attribute-Based Access Control

Manage the Identity and Access Provisioning Lifecycle

User Access Review

System Account Access Review

Provisioning and Deprovisioning

Auditing and Enforcement

Questions & Answers

DAY 4

DOMAIN 6 : SECURITY ASSESSMENT AND TESTING

Design and Validate Assessment, Test, and Audit Strategies

Assessment Standards

Conduct Security Control Testing

Vulnerability Assessment

Penetration Testing

Log Reviews

Synthetic Transactions

Code Review and Testing

Misuse Case Testing

Test Coverage Analysis

Interface Testing

Collect Security Process Data

Account Management

Management Review and Approval

Key Performance and Risk Indicators

Backup Verification Data

Training and Awareness

Disaster Recovery and Business Continuity

Analyze Test Output and Generate Report

Conduct or Facilitate Security Audits

Internal Audits

External Audits

Third-Party Audits

Integrating Internal and External Audits

Auditing Principles

Audit Programs

Questions & Answers

DOMAIN 7: SECURITY OPERATIONS

Understand and Support Investigations

Evidence Collection and Handling

Reporting and Documentation

Investigative Techniques

Digital Forensics Tools, Techniques, and Procedures

Understand Requirements for Investigation Types

Administrative

Criminal

Civil

Regulatory

Industry Standards

Conduct Logging and Monitoring Activities

Define Auditable Events

Time

Protect Logs

Intrusion Detection and Prevention

Security Information and Event Management

Continuous Monitoring

Ingress Monitoring

Egress Monitoring

Securely Provision Resources

Asset Inventory

Asset Management

Configuration Management

Understand and Apply Foundational Security Operations Concepts

Need to Know/Least Privilege

Separation of Duties and Responsibilities

Privileged Account Management

Job Rotation

Information Lifecycle

Service Level Agreements

Apply Resource Protection Techniques to Media

Marking

Protecting

Transport

Sanitization and Disposal

Conduct Incident Management

An Incident Management Program

Detection

Response

Mitigation

Reporting

Recovery

Remediation

Lessons Learned

Third-Party Considerations

Operate and Maintain Detective and Preventative Measures

White-listing/Black-listing

Third-Party Security Services

Honeypots/Honeynets

Anti-Malware

Implement and Support Patch and Vulnerability Management

Understand and Participate in Change Management Processes

Implement Recovery Strategies

Backup Storage Strategies

Recovery Site Strategies

Multiple Processing Sites

System Resilience, High Availability, Quality of Service, and Fault Tolerance

Implement Disaster Recovery Processes

Response

Personnel

Communications

Assessment

Restoration

Training and Awareness

Test Disaster Recovery Plans

Read-Through/Tabletop

Walk-Through

Simulation

Parallel

Full Interruption

Participate in Business Continuity Planning and Exercises

Implement and Manage Physical Security

Physical Access Control

The Data Center

Address Personnel Safety and Security Concerns

Travel

Duress

Questions & Answers

DAY 5

DOMAIN 8: SOFTWARE DEVELOPMENT SECURITY

Understand and Integrate Security in the Software Development Lifecycle

Development Methodologies

Maturity Models

Operations and Maintenance

Change Management

Integrated Product Team

Identify and Apply Security Controls in Development Environments

Security of the Software Environment

Configuration Management as an Aspect of Secure Coding

Security of Code Repositories

Assess the Effectiveness of Software Security

Logging and Auditing of Changes

Risk Analysis and Mitigation

Assess the Security Impact of Acquired Software

Acquired Software Types

Software Acquisition Process

Relevant Standards

Software Assurance

Certification and Accreditation

Define and Apply Secure Coding Standards and Guidelines

Security Weaknesses and Vulnerabilities at the

Security of Application Programming Interfaces

Secure Coding Practices

Questions & Answers



Wednesday, May 12, 2021

TRAINER ISO 45005 HERY PURNAMA

HERY PURNAMA 081223344506 Adalah seorang Trainer berpengalaman lebih daro 20 tahun sebagai pengajar di bidang IT , ISO ataupun Public Management,  Semenjak mewabahnya pandemi di akhir tahun 2019 dan puncaknya terjadi di 2020, ISO telah mempublikasikan dokumen ISO / PAS 45005 yang terkait perlindungan kesehatan dan keselamatan pekerja agar tetap bekerja dengan aman selama pandemi. Dan sejak diterbitkannya publikasi tersebut Hery Purnama sudah memberikan banyak training dan panduan di berbagai instansi pemerintahan, industry ataupun swasta tentang bagaimana mengaplikasikan ISO 45005 terutama pengelolaan resikonya

Berikut SIlabus ISO/ PAS 45005 yang akan diberikan oleh Bapak Hery Purnama


ISO/PAS 45005:2020
Manajemen kesehatan dan keselamatan kerja
Pedoman umum untuk bekerja dengan aman selama pandemi COVID-19


Durasi : 09.00 – 16.00 WIB ( 3  Hari )

Deskripsi : ISO (the International Organization for Standardization) adalah sebuah organisasi yang tersusun atas federasi dari berbagai komite yang memiliki kepentingan untuk mencipatakan  berbagai standarisasi internasional di setiap bidang yang di wakili teknisnya oleh komite, setiap komite bisa terdiri atas organsasi , pemerintahan ataupun non organisasi yang berkompetensi

Dokumen ISO 45005 dipublikasikan sebagai respon  terhadap pandemi COVID-19 dan peningkatan risiko penyakit ini terhadap kesehatan, keselamatan, dan kesejahteraan orang .
Didalam dokumen mencakup  semua pengaturan terhadap orang, termasuk mereka yang bekerja di rumah atau di lingkungan bergerak (mobile) , dan pekerja serta pihak berkepentingan lainnya termasuk membahas aspek tempat kerja fisik. Pemerintah, regulator, dan badan profesional lainnya di seluruh dunia agar tetap bekerja dengan aman selama pandemi COVID-19.

Dokumen ini memberikan satu set pedoman umum dan juga prinsip-prinsip yang terkait :
• Langkah-langkah yang wajar untuk mengelola risiko yang timbul dari COVID-19 sedang terjadi, atau akan terjadi, dan diterapkan untuk melindungi kesehatan dan keselamatan pekerja dan pihak terkait lainnya
• Pekerja tidak boleh diminta untuk bekerja kecuali langkah-langkah ini telah diterapkan.



Tujuan Training : Training ISO 45005 ini memberikan panduan kepada Organisasi bagaimana mengelola resiko yang timbul akibat COVID-19 untuk melindugi kesehatan dan keselaman pekerja

ISO 45005 dibuat cocok untuk berbagai ukuran skala industri baik kecil ataupun besar, termasuk juga untuk organisasi yang :

• Telah beroperasi selama pandemi;
• Melanjutkan atau berencana untuk melanjutkan operasi setelah penutupan penuh atau sebagian;
• Menempati kembali tempat kerja yang telah ditutup sepenuhnya atau sebagian;
• Baru dan berencana beroperasi untuk pertama kalinya.

Target Peserta : - Management Level
- HSE Staff
- Public

Prasyarat : - Tidak ada persyaratan khusus

Materi Training :
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Planning and assessment of risks
4.1 Understanding the context of the organization
4.2 Leadership and worker participation
4.3 General planning
4.4 Workplaces
4.5 Roles
4.6 Activities
4.7 Emergency preparedness and response
4.8 Planning for changes to restrictions
5 Suspected or confirmed cases of COVID-19
5.1 General
5.2 Managing illness in a physical workplace
5.3 Managing illness of workers at home or in mobile settings
5.4 Testing, contact tracing and quarantine
6 Psychological health and well-being
7 Inclusivity
8 Resources
9 Communication
9.1 General
9.2 For first entry into a workplace
9.3 Ongoing communication
10 Hygiene
11 Use of personal protective equipment, masks and face coverings
12 Operations
12.1 General
12.2 First return to a workplace
12.3 Entering and leaving the workplace
12 Operations
12.1 General
12.2 First return to a workplace
12.3 Entering and leaving the workplace
12.4 Moving around and between workplaces
12.5 Work zones and workstations
12.6 Use of common areas
12.7 Meetings and visits to the workplace
12.8 Working with the public
12.9 Work-related travel
12.10 Deliveries
13 Performance evaluation
13.1 Monitoring and evaluation
13.2 Management review, incidents and reporting
14 Improvement
Annex A Protective security considerations
A.1 General
A.2 Operations and practices
A.3 Measures
Annex B Accessibility and inclusion considerations



 







Best Regards,

HERY PURNAMA

IT Certified Trainer
http://www.inhousetrainer.net

 Call/ SMS/WA :  081.223344.506
 
 
 Social Net :

Hometown : Bandung - Jawa Barat






Wednesday, April 28, 2021

Kalender 2021, Libur, Hari Raya, Cuti Bersama

Kalender 2021 Indonesia, Hari Libur, Hari Raya , Tanggal merah dan kalender Cuti Bersama di bulan Januari, Februari, Maret, April, Mei, Juni, Juli, Agustus, September, Oktober, Nopember, Desember tahun 2021


Cek dahulu kalender 2021 dan koordinasikan jadwal kebutuhan IT training Anda bersama Hery Purnama , silahkan akses www.inhousetrainer.net atau whatsapp 081-223344-506

Sunday, April 25, 2021

TRAINER KATALON STUDIO SOFTWARE TESTING TOOL

Hery Purnama 081223344506 is a Katalon Studio Trainer in Jakarta, Bandung. 


Lalu Apakah Katalon Studio ? , Katalon adalah salah satu software testing tool yang cukup populer , tool ini merupakan bagian dari aktifitas CI/CD, katalon mensupport aktifitas continues testing di platform aplikasi web, mobile apps dan desktop , tool lain yang serupa dengan katalon adalah selenium


Regards,



HERY PURNAMA
Certified Trainer

www.inhousetrainer.net
Phone/Whatsapp 081-223344-506
hery@purnama.info , hery.purnama@gmail.com,
inhousetrainer@yahoo.com
   

Tuesday, March 30, 2021

Jadwal Puasa Bandung Sekitarnya 2021 / 1442H

Download Informasi Jadwal Puasa Ramadhan Di bandung jawa barat dan sekitarnya 13 April 2021 , Jadwal imsyakiyah 1442 H , Selamat menjalankan ibadah puasa



Sumber :

http://falakiyah.nu.or.id/JadwalImsakiyahPuasa.aspx

Monday, March 15, 2021

Part 5 - Excel VBA Macro, Object Addressing

 Excel VBA Macro, Object Addressing by Hery Purnama

Part 3 - Excel VBA Macro, Relative References

PART 3 - RELATIVE REFERENCES, EXCEL VBA MACRO BY HERY PURNAMA

Part 2 - Excel VBA Macro, Recording Macro

Tutorial Excel VBA Macro, Recording Macro by Hery Purnama

Part 1 - Excel VBA Macro, Overview and Macro Preparations

Part 1 - Excel VBA Macro, Overview and Macro Preparations by Hery Purnama

Friday, March 5, 2021

TRAINING PYTHON DATA ANALYTICS AND DATA VISUALIZATION

 Hery Purnama 081223344506 is trainer for TRAINING PYTHON DATA ANALYTICS AND DATA VISUALIZATION in Bandung, Jakarta, Surabaya, Palembang, Medan.

Python for Data Analysis and Visualization

 

DURATION (ONLINE) : 3 DAYS (09.00 – 14.00)

LEVEL : BASIC TO INTERMEDIATE

 

DESCRIPTIONS :

Di dalam pelatihan ini Anda akan mempelajari dasar-dasar Python untuk bisa menjelajahi berbagai jenis data. Anda akan belajar bagaimana menyiapkan data untuk analisis, melakukan analisis statistik, membuat visualisasi data yang informatif dan bermakna, memprediksi tren di masa yang akan datang dari data tersedia, dan banyak hal lainnya lagi yang akan Anda dapatkan selama pelatihan.

 

OBJECTIVES :

Setelah pelatihan ini Anda diharapkan memiliki skill dasar dalam hal

           Dasar Pemograman Python

           Predictive Modelling

           Data Analysis

           Data Visualization (DataViz)

           Model Selection.

 

PREREQUISITES :

Tidak dibutuhkan keahlian minimal khusus untuk bisa mengikuti pelatihan ini, setidaknya Anda telah terbiasa menggunakan komputer, memiliki ketertarikan dalam dunia pengolahan data dan pemograman

PARTICIPANTS

·         Data Science

·         Data Analyst

·         Software Engineer / Programmer

 

TOPICS:

INTRO & SETUP

·         Installation Setup and Overview

·         IDEs and Course Resources

·         iPython/Jupyter Notebook Overview

·         Basic Python

LEARNING NUMPY

·         Intro to numpy

·         Creating arrays

·         Using arrays and scalars

·         Indexing Arrays

·         Array Transposition

·         Universal Array Function

·         Array Processing

·         Array Input and Output

 

INTRO TO PANDA

·         Series

·         DataFrames

·         Index objects

·         Reindex

·         Drop Entry

·         Selecting Entries

·         Data Alignment

·         Rank and Sort

·         Summary Statistics

·         Missing Data

·         Index Hierarchy

 

DATA READING

·         Reading and Writing Text Files

·         JSON with Python

·         HTML with Python

·         Microsoft Excel files with Python

·         Merge

·         Merge on Index

·         Concatenate

·         Combining DataFrames

·         Reshaping

·         Pivoting

·         Duplicates in DataFrames

·         Mapping

·         Replace

·         Rename Index

·         Binning

·         Outliers

·         Permutation

·         GroupBy on DataFrames

·         GroupBy on Dict and Series

·         Agreration  

·         Splitting Applying and Combining

·         Cross Tabulation

 

DATA VISUALIZATION

·         Installing Seaborn

·         Histograms

·         Combining Plot Styles

·         Box and Violin Plots

·         Regression Plots

·         Heatmaps and Clustered Matrices

 

PROJECT EXAMPLE PRACTICE