Erasable Programmable Read-Only Memory (EPROM) Electrically Erasable Programmable Read-Only Memory (EEPROM) CMOS 2.2.

Transcription

1 Day INTRODUCTION 1.1 What is Security? 1.2 What is Cyber Security? 1.3 What is Information Security? 1.4 What are the Layers of Security? 1.5 What are the Classification of Security? 1.6 What are the Issues in Information Security? 1.7 Security Analyst Who? What if there is none? Responsibilities Essential Skills Knowledge Base 1.8 Common Man Perspective Adware Spyware Virus Trojan Worm Malware Firewall Antivirus 2. BASICS OF COMPUTERS AND OPERATING SYSTEMS 2.1 Basic Computer Hardware Microprocessor Motherboard BIOS 2.2 Computer Memory Read-Only Memory (ROM) Programmable Read-Only Memory (PROM)

2 Erasable Programmable Read-Only Memory (EPROM) Electrically Erasable Programmable Read-Only Memory (EEPROM) CMOS Random Access Memory (RAM) Cache Memory Common Memory Errors Hard Disks IDE Interface SCSI Interface System Bus Interface Expansion Cards Formatting Disks Partitioning Disks 2.3 Operating Systems Computer System Operation Operating System Operations Dual-Mode Operation Timer Process Management Memory Management Storage Management File-system Management Mass-storage Management Caching I/O Systems Protection and Security Client-Server Computing Peer-to-Peer Computing Operating System Services

3 System Calls Process Control File Management Device Management Information Maintenance Communication Protection System Programs Free Software and Proprietary Software Day File Concept 2.5 File Systems FAT NTFS UFS EXT2, EXT3 3. INTRODUCTION TO NETWORKING 3.1 What is a Network? 3.2 History of Networking 3.3 OSI Model Physical Layer Data Link Layer Network Layer Transport Layer Session Layer Presentation Layer Application Layer Summary of Layers 3.4 TCP/IP Model The Link Layer

4 3.4.2 The Internet Layer The Transport Layer The Application Layer 3.5 Network Topologies Mesh Topology Star Topology Bus Topology Ring Topology 3.6 Transmission Media Guided (Wired) Media Twisted Pair Cable Coaxial Cable Fiber Optic Cable Unguided (Wireless) Media Radio Waves Microwaves Infrared 3.7 Types of Networks Personal Area Network (PAN) Local Area Network (LAN) Metropolitan Area Network (MAN) Wide Area Network (WAN) Day Network Devices Categories of Connecting Devices Passive Hub Repeater Active Hub Bridge Transparent Bridge

5 Source Routing Bridge Switch Router Gateway Network Interface Card 3.9 Modes of Transmission Unicasting Multicasting Broadcasting 3.10 Modes of Communication Simplex Half Duplex Full Duplex 3.11 Crimping 3.12 Standards International Organization for Standardization (ISO) National Institute of Standards and Technology (NIST) Institute of Electrical and Electronics Engineers (IEEE) American National Standards Institute (ANSI) World Wide Web Consortium (W3C) Open Web Application Security Project (OWASP) Open Source Security Testing Methodology Manual (OSSTMM) SysAdmin, Audit, Network and Security (SANS) Payment Card Industry Data Security Standard (PCI DSS) 3.13 Addressing Physical Address Logical Address IPv4 Address

6 Classful Addressing Classless Addressing Two-level Hierarchy: No Subnetting Three-level Hierarchy: Subnetting Multiple-level Hierarchy Network Address Translation (NAT) IPv6 Address Port Address Application-Specific Address Day Virtual LANs 3.15 Network Protocols BOOTP: Bootstrap Protocol DHCP: Dynamic Host Configuration Protocol DNS: Domain Name System (Service) protocol FTP: File Transfer Protocol HTTP: Hypertext Transfer Protocol S-HTTP: Secure Hypertext Transfer Protocol IMAP & IMAP4: Internet Message Access Protocol (version 4) NTP: Network Time Protocol POP and POP3: Post Office Protocol (version 3) SMTP: Simple Mail Transfer Protocol SNMP: Simple Network Management Protocol TELNET: Terminal emulation protocol of TCP/IP TFTP: Trivial File Transfer Protocol RDP: Reliable Data Protocol TCP: Transmission Control Protocol

7 UDP: User Datagram Protocol IP: Internet Protocol (IPv4) IPv6: Internet Protocol version ICMP: Internet Message Control Protocol IGMP: Internet Group Management Protocol ARP: Address Resolution Protocol RARP: Reverse Address Resolution Protocol SSH: Secure Shell Protocol TLS: Transport Layer Security Protocol Day OVERVIEW OF NETWORK SECURITY 4.1 What is Network Security? 4.2 What is Perimeter Security? 4.3 What is Gateway Security? 4.4 What is SIEM? 4.5 What is Monitoring? 4.6 What is Incident Response? 4.7 What is Support? 4.8 What is Forensics? 4.9 What is Backup Process? 4.10 What is Disaster Recovery? 4.11 What is Policies & Procedures? 4.12 What is VA & PT? 5. OVERVIEW OF APPLICATION SECURITY 5.1 What is Web App Security? 5.2 What is Mobile App Security? 5.3 What is Code Review? 5.4 What is Code Analysis? 5.5 What is Threat Modelling? 5.6 Understanding Algorithms?

8 5.7 Understanding Programming? 5.8 Understanding OWASP and SANS? 5.9 What is SDLC? 5.10 What is DevOps? 5.11 What is API? 5.12 What is VA & PT? Day Host Configuration Kali Linux Installation IP address Configuration Windows Defender Configuration Firewall Configuration Backup and Restore 7. Server Configuration Server OS installation IP Address Configuration Domain Creation and Configuration User Creation and Permissions Workgroup Creation DNS Configuration DHCP Configuration Active Directory Groups and Policies Web Server Installation Webpage Hosting Day 8 8. Backup and Restore 9. Configuring Network Devices 9.1 Configuring Switches X

9 9.1.2 Authentication, Authorization Access Control List MAC Address table DHCP relay and DHCP server DHCP Snooping DNS Denial of Service Energy Efficient Ethernet (EEE) Ethernet port configuration Commands IGMP Snooping IP Addressing Link Aggregation Control protocol(lacp) Link layer Discovery Protocol(LLDP) Loopback Detection RMON (Remote Network Monitoring) SNMP protocol Virtual LAN Day Windows Server Configuration 10.1 Installing windows server 10.2 NTFS file system and its features file permissions, quota, VSS, offline files 10.3 DHCP Deployment and configuration 10.4 DNS Forward and reverse lookup, primary/secondary/stub zone, forwarders, root hints, caching only DNS, Dynamic DNS Installing Active Directory domain controllers 10.6 Active Directory user, group management 10.7 Create and manage Group Policy objects (GPOs) Day Configure security policies 10.9 Configure application restriction policies

10 10.10 Configure Windows Firewall Configure file and disk encryption Configure routing Configure NAT Configure VPN Configure RADIUS servers Configure Network Access Protection Day 11 Day 12 Day Configuring Routers 9.3 Configuring Firewalls 9.4 Gateways 9.5 IDS/IPS 9.6 VPNs 9.7 Proxy Day FSMO roles Active Directory backup and restoration Active Directory object and container level recovery Advance Group Policy Object configuration and management Configure Network Load Balancing (NLB) Manage Virtual Machine (VM) Implement Dynamic Access Control Day Advanced DHCP Advanced DNS Active Directory Forest trust relationship Active Directory sites and services Active Directory Certificate services Day 16

11 9.8 DMZ 9.9 Honeypots 9.10 Load balancers 9.11 Log Analyzer 9.12 UTM Day Information/Cyber Security - Profiling 11.1 Essential Terminologies 11.2 Information Security Threat Categories 11.3 Information Warfare 11.4 Categories of Hackers 11.5 Network Vulnerability Assessment 11.6 Penetration Testing 11.7 Types of Security Policies 12. Web Application Security Standards & Technologies - Profiling 12.1 Web Application Technologies 12.2 Web Application Threats and Security 12.3 OWASP Top SANS Top 25 Day Hacking Perspective & Defensive Attacks 13.1 Common Issues in a Network 13.2 Types of Threats Internal Threats External Threats Structured Threats Unstructured Threats 13.3 Network Security Attacks Reconnaissance Attacks ICMP Scanning

12 DNS Footprinting Network Information Extraction using Nmap Scan Port Scanning Social Engineering Attacks Password Attacks Day Linux Server Configuration 14.1 Basics of Linux 14.2 Linux Administration 14.3 User and Group Administration Day File and Directory Management 14.5 Networking with Linux Day Access Attacks Network Sniffing Man-in-the-Middle Attack Replay Attack Privilege Escalation DNS Poisoning DNS Cache Poisoning ARP Poisoning DHCP Starvation DHCP Spoofing Switch Port Stealing MAC Spoofing MAC Flooding Xmas Attack

13 Denial of Service Attacks Ping of Death IP Header Manipulation Smurfing Distributed Denial of Service (DDoS) Day Malware Attacks Virus Worm Trojan Adware Spyware Backdoor Rootkit Botnet Logic Bomb Ransomware Armored Virus Polymorphic Malware Day Wireless LANs 15.1 Wireless concepts 15.2 Encryption standards 15.3 Threats 15.4 Different ways of hacking wireless network 15.5 Tools for hacking 15.6 Countermeasures 15.7 Bluetooth and other wireless 15.8 Bluetooth hijacking

14 Day Linux Package (Application) Management 14.7 Task Scheduling with cron 14.8 Linux Network Services Day Integrating Linux with Linux Integrating Linux with Windows Systems Disk Management Day Cryptography 16.1 Introduction to cryptography 16.2 History of cryptography 16.3 Steganography 16.4 Cryptograph concepts Symmetric encryption Asymmetric encryption Government access key (GAK) 16.5 Encryption Algorithms Ciphers Data encryption standards(des) Advanced encryption standards(aes) RC4,RC5,RC6 algorithms RSA MD SHA SSH 16.6 Tools 16.7 Public key infrastructure PKI encryption

15 SSL TLS PGP 16.9 Disk encryption Cryptographic attacks Cryptanalysis tools Day Network Infrastructure 17.1 Physical Security 17.2 Host-based Security 18. Network Security Controls 18.1 Access Control 18.2 Identification 18.3 Authentication 18.4 Authorization 18.5 Accounting 18.6 Cryptography 18.7 Security Policy 19. Footprinting 20. Reconnaissance Day Scanning 21.1 Wireshark Day Nmap Day Port Scanners 23. Vulnerability Scanners

16 24. Enumeration Day Real-Time Hacking 25.1 System Hacking 25.2 Mobile Hacking 25.3 Social Engineering Day Network Incident Response and Management 27. Computer Forensics 28. Documentation and Reporting