Cybersecurity Fundamentals

by Global Knowledge Claim Listing

This cybersecurity course gives you a holistic perspective on the challenges of designing a secure system, touching on all the roles needed to deliver a cohesive security solution. 

Price : Enquire Now

Contact the Institutes

Fill this form

Advertisement

Global Knowledge Logo

img Duration

Please Enquire

Course Details

This cybersecurity course gives you a holistic perspective on the challenges of designing a secure system, touching on all the roles needed to deliver a cohesive security solution. 

Through lectures, labs and discussion groups, you will better understand current Internet threat trends and their impact on organizational security. You will review standard cybersecurity terminology and compliance requirements. 

You will review Exploit examples and gain hands-on experience with mitigation measures. In the Laboratory, you will work with live viruses, such as botnets, worms and Trojan horses.

 

Who Should Wait? 

IT security professionals, including analysts, Intel analysts, policy analysts, security operations personnel, network administrators, system integrators, VARS and security consultants

 

What You Will Learn

  • Current cyber threats and cybersecurity reference sites

  • Government-Ordered Guidelines and Compliance Requirements

  • Cyber ??roles needed to successfully design secure systems

  • Cycle of Attacks Perpetrated by Malicious Hackers

  • Company policy requirements

  • Optimal strategies for securing the enterprise, with layered defenses

  • Potential of security zones and a detailed log to increase information security

  • Forensic Challenges and Incident Response Planning

  • Risk management process

  • Achievable goals with system verification, digitalization and testing

  • Industry Recommendations for Maintaining Secure Access Control

  • Encryption solutions to secure communications

 

The Lesson Plan

  • The cyber battlefield

  • Critical Business Security

  • The growth of the Internet around the world

  • Security principles

  • Security goals

  • Threat and exposure terminology

  • Exhibitions and exploits

  • Hackers and code crackers

  • Attack methods

  • Social engineering

  • Common attack vectors

  • Traffic analysis

  • Respond to threats and attacks

  • Risk management documents and procedures

  • Penetration testing

  • OSSTMM

  • NIST

  • Penetration Testing Risks

  • Structure of the Internet and TCP/IP

  • CNCI

  • Initiatives

  • Legal Compliance Standards

  • Laws

  • Federal Agency Compliance

  • Business regulatory compliance

  • Internet Leadership IANA

  • Regional Internet Registry

  • Protocols and RFCs

  • TCP/IP model

  • Network access layer

  • Internet layer

  • Host-to-Host

  • Process layer

  • Domain Name Service

  • Vulnerability assessment and tools

  • Vulnerabilities and exploits

  • Vulnerability Assessment Tools

  • Application level scanners

  • System level scanners

  • System level testing tools

  • Open Source system level scanner tools

  • Commercial system level scanner tools

  • Advanced attack techniques and advanced tools

  • Commercial Exploit Tools

  • Free exploit tool: Metasploit

  • Free exploit tool: BeFF

  • Random data tests (Fuzz)

  • Preventing exploits and attacks

  • Patch management

  • Common exposures and vulnerabilities

  • Software and alerts

  • Tools

  • Vulnerability scan

  • Common Security Sites

  • Patch management

  • ? Tools

  • Cybersecurity Awareness

  • Social engineering

  • ? Objectives of social engineering

  • ? What makes social engineering possible

  • ? Targets

  • ? Attack

  • ? Phishing

  • ? Email phishing

  • ? Online attacks

  • ? Statistical data

  • ? Sources of security breaches

  • ? Prevention of social engineering

  • Cybersecurity Awareness: Policies and Procedures

  • ? Security policy topics

  • ? Social media

  • ? Social networking sites

  • Cyber ??attacks: Footprinting and scanning

  • Footprinting

  • ? Information collection

  • ? Unearth the initial information

  • ? Internet archive

  • ? People search

  • ? Locations and mapping

  • ? Job bulletins

  • ? Financial information

  • ? Google and search engines

  • Identification of the target network and its scope

  • ? WHOIS utility

  • ? Online DNS Lookup Tools

  • ? Traceroute

  • ? Countermeasures to footprinting

  • Detection of dynamic systems

  • ? Bypass authentication

  • ? War Dialing

  • ? Wardriving

  • ? ICMP: Ping

  • ? Port scanning

  • ? Perform TCP and UDP scans

  • ? Port numbers

  • TCP Flags

  • ? ThreeWay Handshake TCP

  • Port Scanning Techniques

  • ? Full Connect TCP port scanning

  • ? TCP HalfOpen (SYN) scanning

  • ? Nmap HalfOpen Scanning

  • ? UDP port scanning

  • ? Nmap scanning types and switches

  • ? Port Scanning Tools

  • ? OS Fingerprinting

  • ? Active Stack Fingerprinting

  • ? Passive Fingerprinting

  • Proxies and anonymizers

  • Scanning Countermeasures

  • Cyberattacks: Break-in

  • Password attack

  • Privilege escalation

  • Maintaining access

  • Windows Authentication

  • ? SysKey encryption

  • ? LAN Manager password encryption

  • ? Windows LAN Manager and NTLM hashes

  • ? Linux password encryption

  • ? Insecurities of the SAM database

  • Password decoding

  • ? Password cracking techniques

  • ? Password cracking tools

  • ? LCP

  • ? John the Ripper

  • ? Cain and Abel

  • Password cracking countermeasures

  • Cover the tracks

  • ? Principle of exchange

  • Clearing the log

  • Masking tools, files and programs

  • ? NTFS Alternate Data Streaming

  • Information Hiding: Methods

  • ? Steganography

  • ? Steganography detection

  • ? Rootkits

  • Countermeasures: Rootkits

  • Cyberattacks: Backdoor and Trojans

  • Malware

  • Trojan horse

  • ? Trojan horse infection mechanisms

  • ? Notorious Trojans

  • ? Distribution method wrappers

  • ? Trojan autostart methods

  • Secret communications

  • Stealth technique: Avoid detection

  • Backdoor Countermeasures

  • Malware Countermeasure

  • Anti-spyware software

  • Anti-Malware Practices

  • Cyber ??risk assessment and management

  • Risk management measures

  • Determine ALE

  • CRAMM process

  • Risk management cycle

  • Protected assets

  • CIA Triad

  • Quantitative risk assessment

  • Threat Determination Process

  • Risk Assessment

  • Life cycle

  • Steps

  • Vulnerability Categories

  • Company assets vs. risks

  • Benefits of Risk Management

  • Policy

  • Environmental assessment

  • Security policy management

  • Security policy

  • Use

  • Importance

  • Legal notices

  • Example

  • Policy References

  • Policies, guides, standards, procedures and controls

  • Security policy coverage matrix

  • Example: Internet Security Coverage Matrix

  • Granular view of a security matrix

  • Basic policies

  • Securing servers and hosts

  • Host Types

  • General configuration guidelines

  • Clean systems

  • Unnecessary services

  • Warning banners

  • Limiting access

  • Configuration and logging

  • Security fixes

  • Safety lines

  • Traffic Filter Monitoring

  • DoS vulnerabilities

  • Server hardening

  • Web server reinforcement

  • Strengthening the mail server

  • Strengthening the FTP server

  • DNS server hardening

  • ? Other servers

  • Workstation Considerations

  • Network devices

  • Strengthening wireless access

  • VLAN Security

  • Software attacks

  • Securing communications

  • Application of cryptography to the OSI model

  • Tunnels

  • Securing services

  • ? Email

  • ? Telnet and FTP

  • ? SSL and TLS

  • ? Gateway-to-Gateway VPN

  • ? Host-to-Gateway VPN

  • ? IP security

  • ? Wireless access communication

  • ? Wireless security

  • Authentication and encryption solutions

  • Authentication

  • Authentication issues

  • Password authentication of encryption systems

  • Hash functions

  • Kerberos cryptographic advantages

  • PKI components of symmetric key encryption, asymmetric encryption, digital signatures

  • Modeled

  • Policies

  • Life cycle

  • Distribution

  • Firewalls and edge devices

  • General security integration

  • Services

  • Service needs

  • ? Security zones

  • ? Filtering

  • ? Selected subnets

  • ? Trust zones

  • ? Devices

  • ? Routers

  • ? Firewall

  • ? DMZ Host

  • ? Other security considerations

  • Business-to-Business Communications

  • Exceptions to the policy

  • ? Special services and protocols

  • Configuration management

  • Software development security

  • Certification and accreditation

  • Common criteria

  • Intrusion prevention and detection

  • Defense in depth

  • Network device logging

  • ? Host monitoring and recording

  • ? Event correlation

  • ? Surveillance placement and IDS sensors

  • ? Monitoring

  • ? Differences between host-based and network-based

  • ? Policy management

  • ? Behavioral signatures

  • ? IDS and IPS weaknesses

  • ? Encryption

  • ? Bad configuration

  • Forensic analysis

  • Incident management

  • Reaction to the security incident

  • ? Time and reaction sensitivity

  • ? Incident management questions and considerations

  • ? Reaction procedures

  • ? Evidence

  • ? Log

  • ? Log analysis tools

  • ? Active ports

  • ?Dependency Walker

  • ? File maintenance

  • Business recovery and continuity

  • Types of disasters

  • Business Resumption Plan (PRA)

  • DRP Objectives

  • Creating a DRP

  • DRP Content

  • DRP Design Requirements

  • DRP Priorities

  • Recovery Strategies

  • High availability

  • Data collection documentation

  • RRD test

  • Business Continuity Planning

  • BCP steps

  • Cyber ??revolution

  • Cyberforces

  • Cyberterrorism

  • Cybersecurity: crime, war or fear campaign?

  • 7 Cyber ??Compliance Initiatives

  • Cyber ??defense in depth

  • Education and formatio

  • Montreal Branch

    800 Boulevard René-lévesque West Bureau 990, Montreal

Check out more Cybersecurity courses in Canada

Wilfrid Laurier University Logo

Cybercrime (An Introduction)

This course is designed to provide you with an overview of criminal activity perpetrated using computers, the internet, and other network-connected digital devices.

by Wilfrid Laurier University [Claim Listing ]
Ammolite Analytx Logo

Cybersecurity Professional Fast Track

In collaboration with the employer community, we rapidly train essential skill sets required to secure high-paying entry-level information security jobs.

by Ammolite Analytx [Claim Listing ]
  • Price
  • Start Date
  • Duration
CC Cyber Security Logo

CCCS Cybersecurity Awareness and Prevention Training

The CCCS Cybersecurity Awareness and Prevention Training course teaches you specific rules on how to identify phishing emails, browsing, and mobile devices. Best practices to take control over social engineering.

by CC Cyber Security [Claim Listing ]
Digital Boundary Group Logo

Advanced Exploitation Security Training

DBG's instructor-led course will teach students to recognize potential exploitation paths through a series of structured labs that simulate common attacks performed by DBG testers everyday.

by Digital Boundary Group [Claim Listing ]
Ferro Technics Inc. Logo

Certified Chief Information Security Officer (C|CISO)

The C|CISO certification is an industry-leading program that recognizes the real-world experience necessary to succeed at the highest executive levels of information security.

by Ferro Technics Inc. [Claim Listing ]
  • Price
  • Start Date
  • Duration

© 2024 coursetakers.com All Rights Reserved. Terms and Conditions of use | Privacy Policy