Cybersecurity Foundations Training

Print Friendly, PDF & Email
Introduction

Cybersecurity Foundations Training Course with Hands-on Labs

Investigate cybersecurity threats and master techniques needed to protect your network with this Cybersecurity Foundations Training.

In this Cybersecurity Foundations Training course, you will gain a global perspective of the challenges of designing a secure system, touching on all the cyber roles needed to provide a cohesive security solution.

Through lecture, labs, and breakout discussion groups, you will learn about current threat trends across the Internet and their impact on organizational security. You will review standard cybersecurity terminology and compliance requirements, examine sample exploits, and gain hands-on experience mitigating controls. In a contained lab environment, you will work with live viruses, including botnets, worms, and Trojans.

In addition to technical Cybersecurity components, you will learn and explore the non-technical aspects of cybersecurity necessary to mitigate risk and lessen exposure, including risk management, threat determination, disaster recovery, security policy management, and business continuity planning. This Cybersecurity Foundations Training course provides an excellent foundation for those proceeding to CISSP, CEH, CISA, or CISM training.

Duration: 5 days

Cybersecurity Foundations Training Related Courses

Customize It!

• We can adapt this Cybersecurity Foundations Training course to your group’s background and work requirements at little to no added cost.
• If you are familiar with some aspects of this Cybersecurity Foundations Training course, we can omit or shorten their discussion.
• We can adjust the emphasis placed on the various topics or build the Cybersecurity Foundations Training course around the mix of technologies of interest to you (including technologies other than those included in this outline).
• If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the Cybersecurity Foundations Training course in manner understandable to lay audiences.

Audience / Target Group

The target audience for this Cybersecurity Foundations Training course is defined here:

• Cybersecurity professionals, including security analysts, intel analysts, policy analysts, security operations personnel, network administrators, system integrators, VARS, and security consultants
• Network professionals looking to advance their knowledge and explore cybersecurity as a career path
• Executives and managers looking to increase their ability to communicate with security professionals and implement a robust security solution at the organizational level
• Individuals wants to improve their understanding of cybersecurity fundamentals, including threats, mitigating controls, and organizational responsibilities

Cybersecurity Foundations Training - Prerequisites

The knowledge and skills that a learner must have before attending this Cybersecurity Foundations Training course are:

• TCP/IP Networking or equivalent knowledge
• Understanding Networking Fundamentals
• TCP/IP Networking

Cybersecurity Foundations Training - Objectives:

After completing this Cybersecurity Foundations Training course, attendees will be able to:

• Increase your awareness of security
• Interpret/analyze tool output for network mapping/footprinting
• Reduce attack surface of systems
• Review networking as it applies to security controls
• Explore different data protection principles
• Examine the role of PKI/certificates in building trusted relationships between devices in a network
• Implement login security and other identity management solutions
• Reduce attack surface of network devices
• Explore current malware threats and anti-malware solutions
• Explore social engineering threats, methods, and techniques
• Examine software vulnerabilities and security solutions for reducing the risk of exploitation
• Explain monitoring capabilities and requirements and how those may raise privacy concerns
• Identify physical security controls and the relationship between physical and IT security
• Explain incident response capabilities
• Identify legal considerations and investigative techniques when it comes to cybersecurity
• Research trends in cybersecurity

Cybersecurity Foundations Training - Course Content:

1. The Cyber Battlefield

• Critical Business Security
• Worldwide Internet Growth
• Security Fundamentals
• Security Goals
• Terminology Threats and Exposures
• Exploits and Exposures
• Hackers and Crackers
• Attack Methods
• Social Engineering
• Common Attack Vectors
• Traffic Analysis
• Responding to Threats and Attacks
• Documents and Procedures to Manage Risk
• Vulnerability Scanners
• Penetration Testing
• The OSSTMM
• NIST
• Risks of Penetration Testing

2. The Structure of the Internet and TCP/IP

• CNCI
• Initiatives
• Legal Compliance Standards
• Acts
• Federal Agency Compliance
• Commercial Regulatory Compliance
• Internet Leadership IANA
• Regional Internet Registry
• Protocols and RFCs
• TCP/IP Model
• Network Access Layer
• Internet Layer
• Host-to-Host Layer
• Process Layer
• Domain Name Service

3. Vulnerability Assessment and Tools

• Vulnerabilities and Exploits
• Vulnerability Assessment Tools
• Application-Level Scanners
• System-Level Scanners
• System-Level Testing Tools
• Open Source System-Level Scanner Tools
• Commercial System-Level Scanner Tools
• Advanced Attack Techniques and Tools
• Commercial Exploit Tools
• Free Exploit Tool: Metasploit
• Free Exploit Tool: BeEF
• Fuzz Testing
• Preventing Exploits and Attacks
• Patch Management
• Common Vulnerabilities and Exposures
• Alerts and Software
• Tools
• Vulnerability Research
• Common Security Sites
• Patch Management
• Tools

4. Cyber Awareness

• Social Engineering
• Social Engineering Goals
• What Makes Social Engineering Possible
• Targets
• Attacks
• Phishing
• Phishing via Email
• Online Attacks
• Statistical Data
• Sources of Security Breaches
• Preventing Social Engineering
• Cyber Awareness: Policies and Procedures
• Security Policy Topics
• Social Media
• Social Networking Sites

5. Cyber Attacks: Footprinting and Scanning

• Footprinting
• Gathering Information
• Unearthing Initial Information
• Internet Archive
• People Search
• Locations and Mapping
• Job Boards
• Financial Information
• Google and Search Operators
• Identifying the Target Network and Its Range
• WHOIS Utility
• DNS Online Search Tools
• Traceroute
• Footprinting Countermeasures
• Detecting Live Systems
• Bypassing Authentication
• War Dialing
• Wardriving
• ICMP: Ping
• Port Scanning
• Performing TCP and UDP Scans
• Port Numbers
• TCP Flags
• TCP ThreeWay Handshake
• Port Scanning Techniques
• TCP Full Connect Port Scan
• TCP HalfOpen (SYN) Scanning
• Nmap HalfOpen Scan
• UDP Port Scan
• Nmap Scan Types and Switches
• Port Scanning Tools
• OS Fingerprinting
• Active Stack Fingerprinting
• Passive Fingerprinting
• Proxies and Anonymizers
• Scanning Countermeasures

6. Cyber Attacks: Breaking and Entering

• Password Attacks
• Privilege Escalation
• Maintaining Access
• Windows Authentication
• SysKey Encryption
• LAN Manager Password Encryption
• Windows LAN Manager and NTLM Hashes
• Linux Password Encryption
• SAM Database Insecurities
• Password Extraction Cracking
• Password Cracking Techniques
• Password Cracking Tools
• LCP
• John the Ripper
• Cain and Abel
• Password Cracking Countermeasures
• Covering Tracks
• Principle of Exchange
• Clearing the Logs
• Hiding Tools, Files, and Programs
• NTFS Alternate Data Streaming
• Information Hiding: Methods
• Steganography
• Steganography Detection
• Rootkits
• Countermeasures: Rootkits

7. Cyber Attacks: Backdoors and Trojans

• Malware
• Trojans
• Trojan Infection Mechanisms
• Well-Known Trojans
• Distribution Methods Wrappers
• Trojan Autostart Methods
• Covert Communications
• Stealth Technique: Avoiding Detection
• Backdoor Countermeasures
• Malware Countermeasure
• Anti-Spyware Software
• Malware Countermeasure Practices

8. Cyber Assessment and Risk Management

• Risk Management Steps
• Determining ALE
• CRAMM Process
• Risk Management Lifecycle
• Protected Assets
• CIA Triad
• Quantitative Risk Assessment
• Threat Determination Process
• Risk Assessment
• Lifecycle
• Steps
• Vulnerability Categories
• Business Assets vs. Risk
• Benefits of Risk Management
• Policy
• Assessment

9. Security Policy Management

• Security Policy
• Use
• Importance
• Legal Issues
• Example
• Policy References
• Policies, Guides, Standards, Procedures, and Controls
• Security Policy Coverage Matrix
• Example: Internet Security Coverage Matrix
• Granular View of a Security Matrix
• Basic Policies

10. Securing Hosts and Servers

• Types of Hosts
• General Configuration Guidelines
• Clean Systems
• Unnecessary Services
• Warning Banners
• Limiting Access
• Configuring and Logging
• Security Patches
• Security Baselines
• Traffic Filtering Monitoring
• DoS Vulnerabilities
• Server Hardening
• Web Server Hardening
• Mail Server Hardening
• FTP Server Hardening
• DNS Server Hardening
• Other Servers
• Workstation Considerations
• Network Appliances
• Wireless Access Hardening
• VLAN Security
• Software Attacks

11. Securing Communications

• Applying Cryptography to OSI Model
• Tunnels
• Securing Services
• Email
• FTP and Telnet
• SSL and TLS
• Gateway-to-Gateway VPN
• Host-to-Gateway VPN
• IP Security
• Wireless Access Communication
• Wireless Security

12. Authentication and Cryptographic Solutions

• Authentication
• Authentication Issues
• Cryptosystems Password Authentication
• Hash Functions
• Kerberos Cryptographic Benefits
• Symmetric Key Encryption Asymmetric Encryption Digital Signatures PKI Components
• Models
• Policies
• Lifecycle
• Distribution

13. Firewalls and Edge Devices

• General Security Integration
• Services
• Needs for Services
• Security Zones
• Filtering
• Screened Subnets
• Trusted Zones
• Devices
• Routers
• Firewalls
• DMZ Hosts
• Other Security Considerations
• Business-to-Business Communications
• Exceptions to Policy
• Special Services and Protocols
• Configuration Management
• Software Development Security
• Certification and Accreditation
• Common Criteria
• Intrusion Detection and Prevention
• Defense in Depth
• Network Device Logging
• Host Monitoring and Logging
• Events Correlation
• Placement of IDS Monitors and Sensors
• Monitoring
• Host-Based and Network-Based Differences
• Policy Management
• Behavioral Signatures
• IDS and IPS Weaknesses
• Encryption
• Incorrect Configuration

14. Forensic Analysis

• Incident Handling
• Security Incident Response
• Time and Reaction Sensitivity
• Incident Handling Issues and Considerations
• Response Procedures
• Evidence
• Logging
• Log Analysis Tools
• Active Ports
• Dependency Walker
• Log Maintenance

15. Disaster Recovery and Business Continuity

• Disaster Types
• Disaster Recovery Plan (DRP)
• DRP Goals
• Creating a DRP
• DRP Contents
• DRP Design Requirements
• DRP Priorities
• Recovery Strategies
• High Availability
• Data Collection Documentation
• DRP Testing
• Business Continuity Planning
• BCP Steps

16. Cyber Evolution

• Cyber Forces
• Cyber Terrorism
• Cyber Security: Crime, War, or Fear Mongering?
• Cyber Future 7 Compliance Initiatives
• Cyber Defense in Depth
• Education and Training

LABS

Lab 1: Explore HR Security
Lab 2: Interpret Scanning Results
Lab 3: Harden Servers and Workstations
Lab:4 Security Architecture
Lab 5: Protect Data
Lab 6: Configure a PKI
Lab 7: Manage Passwords
Lab 8: Explore Hardening Recommendations and Known Vulnerabilities
Lab 9: Detect Malware
Lab 10: Social Engineering
Lab 11: Privilege Escalation
Lab 12: Monitor a System
Lab 13: Implement Physical Security
Lab 14: Incident Response
Lab 15: Review Legal Considerations

Request More Information

Time Frame: 0-3 Months4-12 Months

No Comments Yet.

Leave a comment

0