Cybersecurity Foundations

Similar documents
ETHICAL HACKING & COMPUTER FORENSIC SECURITY

Cisco Prime Collaboration Assurance

CompTIA Security+ (Exam SY0-401)

Course overview. CompTIA Security+ Certification (Exam SY0-501) Study Guide (G635eng v107)

Security+ SY0-501 Study Guide Table of Contents

Curso: Ethical Hacking and Countermeasures

CPTE: Certified Penetration Testing Engineer

Syllabus: The syllabus is broadly structured as follows:

Cyber Security & Ethical Hacking Training. Introduction to Cyber Security Introduction to Cyber Security. Linux Operating System and Networking: LINUX

Hacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK

Cisco 360 Learning Program for CCIE Collaboration Advanced Workshop

FRONT RUNNER DIPLOMA PROGRAM Version 8.0 INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months

CompTIA Security+ Certification

Strategic Infrastructure Security

ACS / Computer Security And Privacy. Fall 2018 Mid-Term Review

EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led

Securing Windows Server 2016

Mobile MOUSe HACKING REVEALED ONLINE COURSE OUTLINE

Advanced Diploma on Information Security

Certified Ethical Hacker (CEH)

Designing, Optimizing, and Maintaining a Database Administrative Solution for Microsoft SQL Server 2008

CompTIA Cybersecurity Analyst+

Administrering System Center 2012 Configuration Manager vd

Software Development & Education Center Security+ Certification

CCISO Blueprint v1. EC-Council

n Given a scenario, analyze and interpret output from n A SPAN has the ability to copy network traffic passing n Capacity planning for traffic

E-guide Getting your CISSP Certification

Certified Professional Ethical Hacker

CASP CompTIA Advanced Security Practitioner Study Guide: (Exam CAS-001)

ECCouncil Exam v9 Certified Ethical Hacker Exam V9 Version: 7.0 [ Total Questions: 125 ]

Design and implement cloud data platform solutions.

CPEH Certified Professional Ethical Hacker

Chapter 4. Network Security. Part I

AURA ACADEMY Training With Expertised Faculty Call Us On For Free Demo

Certified Professional Ethical Hacker

Development II in Microsoft Dynamics AX 2012

Network Security. Kitisak Jirawannakool Electronics Government Agency (public organisation)

CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker. Upcoming Dates. Course Description. Course Outline

Ethical Hacking and Prevention

SINGLE COURSE. NH9000 Certified Ethical Hacker 104 Total Hours. COURSE TITLE: Certified Ethical Hacker

CIH

Advanced Ethical Hacking & Penetration Testing. Ethical Hacking

CompTIA CSA+ Cybersecurity Analyst

EC-Council - EC-Council Certified Security Analyst (ECSA) v8

CS System Security 2nd-Half Semester Review

Erasable Programmable Read-Only Memory (EPROM) Electrically Erasable Programmable Read-Only Memory (EEPROM) CMOS 2.2.

Programming for InfoSphere Streams V3 with SPL

"Charting the Course... Certified Professional Ethical Hacker. Course Summary

Certified Vulnerability Assessor

Fundamentals of Information Systems Security Lesson 8 Mitigation of Risk and Threats to Networks from Attacks and Malicious Code

Scanning. Course Learning Outcomes for Unit III. Reading Assignment. Unit Lesson UNIT III STUDY GUIDE

Advanced Security Tester Course Outline

Implementing Cisco Cybersecurity Operations

TestBraindump. Latest test braindump, braindump actual test

Understanding Cisco Cybersecurity Fundamentals

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Module 1: Penetration Testing Planning and Scoping. Module 2: Basic Usage of Linux and its services

CSIRT in general CSIRT Service Categories Reactive Services Proactive services Security Quality Management Services CSIRT. Brmlab, hackerspace Prague

n Learn about the Security+ exam n Learn basic terminology and the basic approaches n Implement security configuration parameters on network

HOLY ANGEL UNIVERSITY COLLEGE OF INFORMATION AND COMMUNICATIONS TECHNOLOGY CYBER SECURITY COURSE SYLLABUS

PROTECTING INFORMATION ASSETS NETWORK SECURITY

Training for the cyber professionals of tomorrow

CompTIA Security+(2008 Edition) Exam

CEH v8 - Certified Ethical Hacker. Course Outline. CEH v8 - Certified Ethical Hacker. 12 May 2018

Advanced z/os Performance: WLM, Sysplex, UNIX Services and Web

E-Commerce Security Pearson Prentice Hall, Electronic Commerce 2008, Efraim Turban, et al.

Sun Fire Midrange Server Administrator

Security Issues and Best Practices for Water Facilities

ECCouncil Exam v8 Certified Ethical Hacker v8 Exam Version: 7.0 [ Total Questions: 357 ]

Certified Cyber Security Analyst VS-1160

Course Outline. CISSP - Certified Information Systems Security Professional 2015 (Course & Labs)

TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION

Cyber Criminal Methods & Prevention Techniques. By

Pearson: Certified Ethical Hacker Version 9. Course Outline. Pearson: Certified Ethical Hacker Version 9.

V8 - CEH v8 - Certified Ethical Hacker. Course Outline. CEH v8 - Certified Ethical Hacker. 03 Feb 2018

Comptia.Certkey.SY0-401.v by.SANFORD.362q. Exam Code: SY Exam Name: CompTIA Security+ Certification Exam

Table of Contents (CISSP 2012 Edition)

CompTIA Advanced Security Practitioner (CASP) (Exam CAS-001)

CUNY John Jay College of Criminal Justice MATH AND COMPUTER SCIENCE

Cyber Common Technical Core (CCTC) Advance Sheet Windows Operating Systems

Pearson CISSP Cert Guide with Labs. Course Outline. Pearson CISSP Cert Guide with Labs. 17 Oct

Certification Exam Outline Effective Date: November 2018

CHCSS. Certified Hands-on Cyber Security Specialist (510)

Computer Information Systems (CIS) CIS 105 Current Operating Systems/Security CIS 101 Introduction to Computers

Cybersecurity Auditing in an Unsecure World

CCNA Cybersecurity Operations. Program Overview

A Measurement Companion to the CIS Critical Security Controls (Version 6) October

locuz.com SOC Services

TestOut Network Pro - English 5.0.x COURSE OUTLINE. Modified

Ethical Hacker Foundation and Security Analysts Course Semester 2

Administering Windows Server 2012

Computer Information Systems (CIS) CIS 105 Current Operating Systems/Security CIS 101 Introduction to Computers

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

IS316 Fundamentals of Network Security, Firewalls and VPNs [Onsite and Online]

CCNA Cybersecurity Operations 1.1 Scope and Sequence

Pearson: Certified Ethical Hacker Version 9. Course Outline. Pearson: Certified Ethical Hacker Version 9.

Course 831 Certified Ethical Hacker v9

Security analysis and assessment of threats in European signalling systems?

Computer Network Vulnerabilities

Transcription:

Cybersecurity Foundations Varighed: 5 Days Kursus Kode: 9701 Beskrivelse: In this cybersecurity course, you will gain a global perspective of the challenges of designing a secure system, touching on all the cyber roles needed to provide a cohesive security solution. Through lecture, labs, and breakout discussion groups, you will learn about current threat trends across the Internet and their impact on organizational security. You will review standard cybersecurity terminology and compliance requirements, examine sample exploits, and gain hands-on experience mitigating controls. In a contained lab environment, you will work with live viruses, including botnets, worms, and Trojans. Målgruppe: Cybersecurity professionals, including security analysts, intel analysts, policy analysts, security operations personnel, network administrators, system integrators, VARS, and security consultants Agenda: After completing this course you should be able to understand: Current cyber threats and cybersecurity site references Government-mandated directives and compliance requirements Cyber roles required to successfully design secure systems The attack cycle perpetrated by malicious hackers Enterprise policy requirements Best strategies for securing the enterprise with layered defenses How security zones and detailed logging augment information assurance Forensic challenges and incident response planning Risk management process Goals achievable with auditing, scanning, and testing systems Industry recommendations for maintaining secure access control Standards-based cryptographic solutions for securing communications Forudsætninger: Attendees should meet the following prerequisites: TCP/IP Networking or equivalent knowledge Test og certificering Recommended as preparation for the following exams: There are no exams currently aligned to this course Yderligere Kurser: The following courses are recommended for further study: CEH - Certifed Ethical Hacker CISM - Certified Information Security Manager

Indhold: The Cyber Battlefield Authentication and Cryptographic Solutions Lab 6: Cyber Attacks and Passwords Critical Business Security Authentication Crack Passwords via the GUI Worldwide Internet Growth Authentication Issues Crack Passwords via the CLI Security Fundamentals Cryptosystems Password Authentication Hide Files with NTFS Security Goals Hash Functions Terminology Threats and Exposures Kerberos Cryptographic Benefits Lab 7: Cyber Attacks and Backdoors Exploits and Exposures Symmetric Key Encryption Asymmetric Hackers and Crackers Encryption Digital Signatures PKI Perform Netcat Banner Grabbing Attack Methods Components Perform Netcat Shoveling Social Engineering Models Use Netcat to Port Scan Common Attack Vectors Policies Create and Detect a Trojan Traffic Analysis Lifecycle Responding to Threats and Attacks Distribution Lab 8: Risk Assessment Documents and Procedures to Manage Risk Vulnerability Scanners Firewalls and Edge Devices Review Profile and Complete a Criticality Penetration Testing Ranking The OSSTMM General Security Integration Complete a Criticality Review NIST Services Complete a Threat Profile Risks of Penetration Testing Needs for Services Evaluate the Support Policy and Cost Security Zones The Structure of the Internet and TCP/IP Filtering Lab 9: Security Policies Screened Subnets CNCI Trusted Zones Review Security Policies Initiatives Devices Develop an Incident Response Policy Legal Compliance Standards Routers Acts Firewalls Lab 10: Host Security Federal Agency Compliance DMZ Hosts Commercial Regulatory Compliance Other Security Considerations Use the RECUB Trojan Internet Leadership IANA Business-to-Business Communications Identify the RECUB Service Regional Internet Registry Exceptions to Policy Harden the System Protocols and RFCs Special Services and Protocols TCP/IP Model Configuration Management Lab 11: Covert Communications Network Access Layer Software Development Security Internet Layer Certification and Accreditation Hide Messages Using S-Tools Host-to-Host Layer Common Criteria Use Spam Mimic Process Layer Intrusion Detection and Prevention Domain Name Service Defense in Depth Lab 12: Authentication and Cryptography Network Device Logging Vulnerability Assessment and Tools Host Monitoring and Logging Use Ettercap Events Correlation Use Dsniff Vulnerabilities and Exploits Placement of IDS Monitors and Sensors Explore Cain and Abel Vulnerability Assessment Tools Monitoring Application-Level Scanners Host-Based and Network-Based Lab 13: Snort IDS System-Level Scanners Differences System-Level Testing Tools Policy Management Install Snort IDS Open Source System-Level Scanner Tools Behavioral Signatures Configure Eagle X IDS Commercial System-Level Scanner Tools IDS and IPS Weaknesses Configure Rule to Ignore Hosts in Snort Advanced Attack Techniques and Tools Encryption Commercial Exploit Tools Incorrect Configuration Lab 14: Forensic Analysis Free Exploit Tool: Metasploit Free Exploit Tool: BeEF Forensic Analysis Examine an IIS Event Log and Identify Fuzz Testing Common Preventing Exploits and Attacks Incident Handling Use CurrPorts to Identify Anomalies Patch Management Security Incident Response Use Jotti for Forensic Analysis Common Vulnerabilities and Exposures Time and Reaction Sensitivity Alerts and Software Incident Handling Issues and Lab 15: Business Continuity Plan Tools Considerations Vulnerability Research Response Procedures Identify When a Disaster Has Occurred Common Security Sites Evidence Determine Key Assets Patch Management Logging Identify Potential Controls Tools Log Analysis Tools Active Ports Cyber Awareness Dependency Walker

Social Engineering Social Engineering Goals What Makes Social Engineering Possible Targets Attacks Phishing Phishing via Email On Attacks Statistical Data Sources of Security Breaches Preventing Social Engineering Cyber Awareness: Policies and Procedures Security Policy Topics Social Media Social Networking Sites Cyber Attacks: Footprinting and Scanning Footprinting Gathering Information Unearthing Initial Information Internet Archive People Search Locations and Mapping Job Boards Financial Information Google and Search Operators Identifying the Target Network and Its Range WHOIS Utility DNS On Search Tools Traceroute Footprinting Countermeasures Detecting Live Systems Bypassing Authentication War Dialing Wardriving ICMP: Ping Port Scanning Performing TCP and UDP Scans Port Numbers TCP Flags TCP ThreeWay Handshake Port Scanning Techniques TCP Full Connect Port Scan TCP HalfOpen (SYN) Scanning Nmap HalfOpen Scan UDP Port Scan Nmap Scan Types and Switches Port Scanning Tools OS Fingerprinting Active Stack Fingerprinting Passive Fingerprinting Proxies and Anonymizers Scanning Countermeasures Log Maintenance Disaster Recovery and Business Continuity Disaster Types Disaster Recovery Plan (DRP) DRP Goals Creating a DRP DRP Contents DRP Design Requirements DRP Priorities Recovery Strategies High Availability Data Collection Documentation DRP Testing Business Continuity Planning BCP Steps Cyber Evolution Cyber Forces Cyber Terrorism Cyber Security: Crime, War, or Fear Mongering? Cyber Future 7 Compliance Initiatives Cyber Defense in Depth Education and Training Labs Lab 1: Lab Setup Access the Virtual Lab Environment Configure BackTrack and Redhat Security Spin Rebuild Your Physical Computer Lab 2: Understanding TCP/IP Convert Binary to Decimal Convert Decimal to Binary Convert Hexadecimal to Decimal Analyze Wireshark Traffic Lab 3: Vulnerability Assessment Use Nessus Identify Coding Issues Lab 4: Cyber Awareness Identifying Social Engineering Attacks Detect Phishing Using Internet-Based Tools Cyber Attacks: Breaking and Entering Password Attacks Privilege Escalation Maintaining Access Windows Authentication SysKey Encryption LAN Manager Password Encryption Windows LAN Manager and NTLM Hashes Linux Password Encryption Lab 5: Cyber Scanning Trace Domains and IP Addresses Map Web Site Content with Teleport Pro Use Cheops for Graphical Display of Network Use GFI LanGuard Scan Using Nmap Scan Using Zenmap Perform Banner Grabbing

SAM Database Insecurities Password Extraction Cracking Password Cracking Techniques Password Cracking Tools LCP John the Ripper Cain and Abel Password Cracking Countermeasures Covering Tracks Principle of Exchange Clearing the Logs Hiding Tools, Files, and Programs NTFS Alternate Data Streaming Information Hiding: Methods Steganography Steganography Detection Rootkits Countermeasures: Rootkits Cyber Attacks: Backdoors and Trojans Malware Trojans Trojan Infection Mechanisms Well-Known Trojans Distribution Methods Wrappers Trojan Autostart Methods Covert Communications Stealth Technique: Avoiding Detection Backdoor Countermeasures Malware Countermeasure Anti-Spyware Software Malware Countermeasure Practices Cyber Assessment and Risk Management Risk Management Steps Determining ALE CRAMM Process Risk Management Lifecycle Protected Assets CIA Triad Quantitative Risk Assessment Threat Determination Process Risk Assessment Lifecycle Steps Vulnerability Categories Business Assets vs. Risk Benefits of Risk Management Policy Assessment Security Policy Management Security Policy Use Importance Legal Issues Example Policy References Policies, Guides, Standards, Procedures, and Controls Security Policy Coverage Matrix Example: Internet Security Coverage Matrix Granular View of a Security Matrix

Basic Policies Securing Hosts and Servers Types of Hosts General Configuration Guides Clean Systems Unnecessary Services Warning Banners Limiting Access Configuring and Logging Security Patches Security Bases Traffic Filtering Monitoring DoS Vulnerabilities Server Hardening Web Server Hardening Mail Server Hardening FTP Server Hardening DNS Server Hardening Other Servers Workstation Considerations Network Appliances Wireless Access Hardening VLAN Security Software Attacks Securing Communications Applying Cryptography to OSI Model Tunnels Securing Services Email FTP and Telnet SSL and TLS Gateway-to-Gateway VPN Host-to-Gateway VPN IP Security Wireless Access Communication Wireless Security Flere Informationer: For yderligere informationer eller booking af kursus, kontakt os på tlf.nr.: 44 88 18 00 training@globalknowledge.dk www.globalknowledge.dk Global Knowledge, Stamholmen 110, 2650 Hvidovre

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback