Cybersecurity Fundamentals

by Global Knowledge Claim Listing

This cybersecurity course gives you a holistic perspective on the challenges of designing a secure system, touching on all the roles needed to deliver a cohesive security solution. 

Price : Enquire Now

Contact the Institutes

Fill this form

Advertisement

Global Knowledge Logo

img Duration

Please Enquire

Course Details

This cybersecurity course gives you a holistic perspective on the challenges of designing a secure system, touching on all the roles needed to deliver a cohesive security solution. 

Through lectures, labs and discussion groups, you will better understand current Internet threat trends and their impact on organizational security. You will review standard cybersecurity terminology and compliance requirements. 

You will review Exploit examples and gain hands-on experience with mitigation measures. In the Laboratory, you will work with live viruses, such as botnets, worms and Trojan horses.

 

Who Should Wait? 

IT security professionals, including analysts, Intel analysts, policy analysts, security operations personnel, network administrators, system integrators, VARS and security consultants

 

What You Will Learn

  • Current cyber threats and cybersecurity reference sites

  • Government-Ordered Guidelines and Compliance Requirements

  • Cyber ??roles needed to successfully design secure systems

  • Cycle of Attacks Perpetrated by Malicious Hackers

  • Company policy requirements

  • Optimal strategies for securing the enterprise, with layered defenses

  • Potential of security zones and a detailed log to increase information security

  • Forensic Challenges and Incident Response Planning

  • Risk management process

  • Achievable goals with system verification, digitalization and testing

  • Industry Recommendations for Maintaining Secure Access Control

  • Encryption solutions to secure communications

 

The Lesson Plan

  • The cyber battlefield

  • Critical Business Security

  • The growth of the Internet around the world

  • Security principles

  • Security goals

  • Threat and exposure terminology

  • Exhibitions and exploits

  • Hackers and code crackers

  • Attack methods

  • Social engineering

  • Common attack vectors

  • Traffic analysis

  • Respond to threats and attacks

  • Risk management documents and procedures

  • Penetration testing

  • OSSTMM

  • NIST

  • Penetration Testing Risks

  • Structure of the Internet and TCP/IP

  • CNCI

  • Initiatives

  • Legal Compliance Standards

  • Laws

  • Federal Agency Compliance

  • Business regulatory compliance

  • Internet Leadership IANA

  • Regional Internet Registry

  • Protocols and RFCs

  • TCP/IP model

  • Network access layer

  • Internet layer

  • Host-to-Host

  • Process layer

  • Domain Name Service

  • Vulnerability assessment and tools

  • Vulnerabilities and exploits

  • Vulnerability Assessment Tools

  • Application level scanners

  • System level scanners

  • System level testing tools

  • Open Source system level scanner tools

  • Commercial system level scanner tools

  • Advanced attack techniques and advanced tools

  • Commercial Exploit Tools

  • Free exploit tool: Metasploit

  • Free exploit tool: BeFF

  • Random data tests (Fuzz)

  • Preventing exploits and attacks

  • Patch management

  • Common exposures and vulnerabilities

  • Software and alerts

  • Tools

  • Vulnerability scan

  • Common Security Sites

  • Patch management

  • ? Tools

  • Cybersecurity Awareness

  • Social engineering

  • ? Objectives of social engineering

  • ? What makes social engineering possible

  • ? Targets

  • ? Attack

  • ? Phishing

  • ? Email phishing

  • ? Online attacks

  • ? Statistical data

  • ? Sources of security breaches

  • ? Prevention of social engineering

  • Cybersecurity Awareness: Policies and Procedures

  • ? Security policy topics

  • ? Social media

  • ? Social networking sites

  • Cyber ??attacks: Footprinting and scanning

  • Footprinting

  • ? Information collection

  • ? Unearth the initial information

  • ? Internet archive

  • ? People search

  • ? Locations and mapping

  • ? Job bulletins

  • ? Financial information

  • ? Google and search engines

  • Identification of the target network and its scope

  • ? WHOIS utility

  • ? Online DNS Lookup Tools

  • ? Traceroute

  • ? Countermeasures to footprinting

  • Detection of dynamic systems

  • ? Bypass authentication

  • ? War Dialing

  • ? Wardriving

  • ? ICMP: Ping

  • ? Port scanning

  • ? Perform TCP and UDP scans

  • ? Port numbers

  • TCP Flags

  • ? ThreeWay Handshake TCP

  • Port Scanning Techniques

  • ? Full Connect TCP port scanning

  • ? TCP HalfOpen (SYN) scanning

  • ? Nmap HalfOpen Scanning

  • ? UDP port scanning

  • ? Nmap scanning types and switches

  • ? Port Scanning Tools

  • ? OS Fingerprinting

  • ? Active Stack Fingerprinting

  • ? Passive Fingerprinting

  • Proxies and anonymizers

  • Scanning Countermeasures

  • Cyberattacks: Break-in

  • Password attack

  • Privilege escalation

  • Maintaining access

  • Windows Authentication

  • ? SysKey encryption

  • ? LAN Manager password encryption

  • ? Windows LAN Manager and NTLM hashes

  • ? Linux password encryption

  • ? Insecurities of the SAM database

  • Password decoding

  • ? Password cracking techniques

  • ? Password cracking tools

  • ? LCP

  • ? John the Ripper

  • ? Cain and Abel

  • Password cracking countermeasures

  • Cover the tracks

  • ? Principle of exchange

  • Clearing the log

  • Masking tools, files and programs

  • ? NTFS Alternate Data Streaming

  • Information Hiding: Methods

  • ? Steganography

  • ? Steganography detection

  • ? Rootkits

  • Countermeasures: Rootkits

  • Cyberattacks: Backdoor and Trojans

  • Malware

  • Trojan horse

  • ? Trojan horse infection mechanisms

  • ? Notorious Trojans

  • ? Distribution method wrappers

  • ? Trojan autostart methods

  • Secret communications

  • Stealth technique: Avoid detection

  • Backdoor Countermeasures

  • Malware Countermeasure

  • Anti-spyware software

  • Anti-Malware Practices

  • Cyber ??risk assessment and management

  • Risk management measures

  • Determine ALE

  • CRAMM process

  • Risk management cycle

  • Protected assets

  • CIA Triad

  • Quantitative risk assessment

  • Threat Determination Process

  • Risk Assessment

  • Life cycle

  • Steps

  • Vulnerability Categories

  • Company assets vs. risks

  • Benefits of Risk Management

  • Policy

  • Environmental assessment

  • Security policy management

  • Security policy

  • Use

  • Importance

  • Legal notices

  • Example

  • Policy References

  • Policies, guides, standards, procedures and controls

  • Security policy coverage matrix

  • Example: Internet Security Coverage Matrix

  • Granular view of a security matrix

  • Basic policies

  • Securing servers and hosts

  • Host Types

  • General configuration guidelines

  • Clean systems

  • Unnecessary services

  • Warning banners

  • Limiting access

  • Configuration and logging

  • Security fixes

  • Safety lines

  • Traffic Filter Monitoring

  • DoS vulnerabilities

  • Server hardening

  • Web server reinforcement

  • Strengthening the mail server

  • Strengthening the FTP server

  • DNS server hardening

  • ? Other servers

  • Workstation Considerations

  • Network devices

  • Strengthening wireless access

  • VLAN Security

  • Software attacks

  • Securing communications

  • Application of cryptography to the OSI model

  • Tunnels

  • Securing services

  • ? Email

  • ? Telnet and FTP

  • ? SSL and TLS

  • ? Gateway-to-Gateway VPN

  • ? Host-to-Gateway VPN

  • ? IP security

  • ? Wireless access communication

  • ? Wireless security

  • Authentication and encryption solutions

  • Authentication

  • Authentication issues

  • Password authentication of encryption systems

  • Hash functions

  • Kerberos cryptographic advantages

  • PKI components of symmetric key encryption, asymmetric encryption, digital signatures

  • Modeled

  • Policies

  • Life cycle

  • Distribution

  • Firewalls and edge devices

  • General security integration

  • Services

  • Service needs

  • ? Security zones

  • ? Filtering

  • ? Selected subnets

  • ? Trust zones

  • ? Devices

  • ? Routers

  • ? Firewall

  • ? DMZ Host

  • ? Other security considerations

  • Business-to-Business Communications

  • Exceptions to the policy

  • ? Special services and protocols

  • Configuration management

  • Software development security

  • Certification and accreditation

  • Common criteria

  • Intrusion prevention and detection

  • Defense in depth

  • Network device logging

  • ? Host monitoring and recording

  • ? Event correlation

  • ? Surveillance placement and IDS sensors

  • ? Monitoring

  • ? Differences between host-based and network-based

  • ? Policy management

  • ? Behavioral signatures

  • ? IDS and IPS weaknesses

  • ? Encryption

  • ? Bad configuration

  • Forensic analysis

  • Incident management

  • Reaction to the security incident

  • ? Time and reaction sensitivity

  • ? Incident management questions and considerations

  • ? Reaction procedures

  • ? Evidence

  • ? Log

  • ? Log analysis tools

  • ? Active ports

  • ?Dependency Walker

  • ? File maintenance

  • Business recovery and continuity

  • Types of disasters

  • Business Resumption Plan (PRA)

  • DRP Objectives

  • Creating a DRP

  • DRP Content

  • DRP Design Requirements

  • DRP Priorities

  • Recovery Strategies

  • High availability

  • Data collection documentation

  • RRD test

  • Business Continuity Planning

  • BCP steps

  • Cyber ??revolution

  • Cyberforces

  • Cyberterrorism

  • Cybersecurity: crime, war or fear campaign?

  • 7 Cyber ??Compliance Initiatives

  • Cyber ??defense in depth

  • Education and formatio

  • Montreal Branch

    800 Boulevard René-lévesque West Bureau 990, Montreal

Check out more Cybersecurity courses in Canada

Cisnet Logo

Network+

The Network+ course serves as a general introduction to computer networking, including local and wide-area network technology. This course prepares you for the CompTIA Network+ Certification Examination

by Cisnet [Claim Listing ]
SETC Training Logo

IT Security Training

The IT Security courses at SETC Training Ottawa teach you to design and build a complete security solution while you contemplate potential vulnerabilities and threats.

by SETC Training [Claim Listing ]
Academy of Learning Logo

CompTIA Security+

This course is designed to prepare the student for the CompTIA Security+ (SY0-501) certification exam and focuses on knowledge of security concepts, tools, and procedures to react to security incidents.

by Academy of Learning [Claim Listing ]
Sault College Logo

Network Architecture and Security Analytics

Do you love making networks work? The Network Architecture and Security Analytics (NASA) program at Sault College is designed to build on your already-amazing computer skills and deepen your knowledge in the design, operation, analysis, and security of enterprise networks.

by Sault College [Claim Listing ]
Toronto School Of Management Logo

Diploma In Cybersecurity Specialist Co-op

This one-year program is ideal for those looking to becoming familiar with all aspects of cyber security such as blockchain, big data and the IoT (Internet of Things). This program is powered by CompTIA, giving you the knowledge to build a solid foundation towards the Security+ certification.

by Toronto School Of Management [Claim Listing ]

© 2024 coursetakers.com All Rights Reserved. Terms and Conditions of use | Privacy Policy