Cyber Security
Information Risk Management
Course Description:
In this course, you will learn about the general information security risk management framework and its practices and how to identify and model information security risks and apply both qualitative and quantitative risk assessment methods. Understanding this framework will enable you to articulate the business consequences of identified information security risks. These skills are essential for any successful information security professional.
Course Duration:
3 Days
Topics Covered:
- Security strategies relating to issues such as privacy, legal and regulatory compliance, social and geopolitical impacts, national security and evolving technologies
- Best practices for protecting mobile workforces, developing security metrics, managing electronic evidence, handling e-crime and e-discovery, and securing information in the cloud
- How to develop and maintain risk assessments and risk management plans
- Standards for business continuity and disaster recovery planning
- Techniques for designing information assurance strategies
Network & Perimeter Security
Course Description:
Knowledge and skills required for Network Administrators and Information Technology professionals to be aware of security vulnerabilities, to implement security measures, to analyze an existing network environment in consideration of known security threats or risks, to defend against attacks or viruses, and to ensure data privacy and integrity. Terminology and procedures for implementation and configuration of security, including access control, authorization, encryption, packet filters, firewalls, and Virtual Private Networks (VPNs).
Course Duration:
5 Days
Topics Covered:
- Define areas of security concern, discuss network security, and identify network risks.
- Distinguish between and define internal and external threats to data and services.
- Describe the vulnerabilities of various media (susceptibility to wiretaps or eavesdropping).
- Secure access to resources on the network using passwords, permissions, and access control lists (ACLs).
- Evaluate various anti-virus software programs, software firewalls, and hardware firewalls.
- Define and identify types of firewalls, including Network Address Translation (NAT).
- Discuss weaknesses of various operating systems and known and recommended fixes (patches).
- Detect unauthorized attempts to access resources by monitoring (auditing).
- Install and configure intrusion detection programs; analyze reports and recommend responses.
- Provide solutions for known vulnerabilities in communications: email, remote access, file transfer, and electronic commerce.
- Provide end-to-end security for the transmission of data between hosts on the network.
- Describe vulnerabilities inherent in wireless technologies and present suggested solutions.
Monitoring, Detection & Analysis
Course Description:
Learn modern, powerful techniques to inspect and analyze network traffic, so you can quickly detect abuse and attacks and respond to them. Firewalls and antivirus are not enough to protect modern computer networks–abuse and attacks are common and cannot be prevented. Instead, networks are now monitored to detect security incidents, and security teams respond to them to limit the harm they cause. This class prepares students for jobs in monitoring and incident response, providing skills that are in high demand
Course Duration:
3 Days
Topics Covered:
- Explain the importance of network security monitoring and compare it to other types of defenses, such as firewalls
- Implement and configure Security Tools to detect abuse and attacks on networks
- Detect intrusions on the server-side and client-side of networks, and respond effectively to limit the damage they cause
Incident Response & Management
Course Description:
When computer networks are breached, incident response (IR) is required to assess the damage, eject the attackers, and improve security measures so they cannot return. This class covers the IR tools and techniques required to defend modern corporate networks. This course provides current and future managers of computer security incident response teams with a practical view of the issues that they will face in operating an effective team. The course provides insight into the work that CIRT staff may be expected to handle. The course also provides prospective or current managers with an overview of the incident handling process and the types of tools and infrastructure needed to be effective.
Course Duration:
3 Days
Topics Covered:
- Incident management process
- Developing CIRT policies and procedures
- Requirements for developing CIRT services
- Building and managing the CIRT infrastructure
- Coordinating response & handling major events
- Working with law enforcement
- Evaluating CSIRT operations
- Incident management capability metrics
Cyber Threat Intelligence
Course Description:
This course will introduce students to the topic of cyber threat intelligence and provide them with a background on common frameworks & tradecraft skills leveraged by government & private enterprise intelligence operations when profiling cyber adversaries, specifically the APT. An emphasis will be placed on topics including but not limited to the intelligence cycle, levels of intelligence, analysis of competing hypothesis (ACH) and the diamond model for intrusion analysis. Students will be trained on various open source methods to collect, analyze and produce technical threat intelligence reports that can be utilized by incident responders and C-level executives alike to reduce risk across an organization.
Course Duration:
3 Days
Topics Covered:
- Stages of the Intelligence Cycle
- Levels of Intelligence
- Sources of Intelligence Collection
- Cyber Kill Chain Model
- Diamond Model for Intrusion Analysis & Threat Modeling
- ATT&CK Matrix
- Analysis of Competing Hypothesis (ACH)
- Cyber Threat Information Sharing
- Adversary Infrastructure Enumeration
- Malware Analysis & Threat Hunting
- Open Source Intelligence Analysis (OSINT) Techniques