• Course
  • Vendor

In this cybersecurity course, you will gain a global perspective of the challenges of designing a secure system, touching on all the cyber roles needed to provide a cohesive security solution.

  • Course Start Date: 2019-04-01
  • Time: 08:30:00 - 16:30:00
  • Duration: 5 days 08:30 AM - 04:30 PM
  • Location: Toronto
  • Delivery Methods(s): Instructor Led

Course Outline

Pre-Requisites

- TCP/IP Networking or equivalent knowledge - TCP/IP Networking

Lessons

Description

Investigate cybersecurity threats and master techniques needed to protect your network.

When you consider just a few of the consequences of a security breach - your proprietary information completely accessible, hefty fines for security lapses, news headlines about your company's security breach, it becomes obvious: An in-depth and thorough understanding of cyber security fundamentals and best practices is absolutely necessary.

In this cybersecurity course, you will gain a global perspective of the challenges of designing a secure system, touching on all the cyber roles needed to provide a cohesive security solution. Through lecture, labs, and breakout discussion groups, you will learn about current threat trends across the Internet and their
impact on organizational security. You will review standard cybersecurity terminology and compliance requirements, examine sample exploits, and gain hands-on experience mitigating controls. In a contained lab environment, you will work with live viruses, including botnets, worms, and Trojans.

In addition to technical cybersecurity components, you will learn and explore the non-technical aspects of cybersecurity necessary to mitigate risk and lessen exposure, including risk management, threat determination, disaster recovery, security policy management, and business continuity planning. This course provides an excellent foundation for those proceeding to CISSP, CEH, CISA, or CISM training.

What You'll Learn
  • Current cyber threats and cybersecurity site references
  • Government-mandated directives and compliance requirements
  • Cyber roles required to successfully design secure systems
  • The attack cycle perpetrated by malicious hackers
  • Enterprise policy requirements
  • Best strategies for securing the enterprise with layered defenses
  • How security zones and detailed logging augment information assurance
  • Forensic challenges and incident response planning
  • Risk management process
  • Goals achievable with auditing, scanning, and testing systems
  • Industry recommendations for maintaining secure access control
  • Standards-based cryptographic solutions for securing communications
Who Needs to Attend

Cybersecurity professionals, including security analysts, intel analysts, policy analysts, security operations personnel, network administrators, system integrators, VARS, and security consultants

Course Outline

1. Cybersecurity Introduction, Job Roles, and Functions

  • Security Fundamentals
- Security Importance
- Human Influence
  • Vulnerabilities
- Typical Attack Sequence
- Social Engineering
- Footprinting
- Well-Known Parts
- Port Scanning
- Password/Passphrase Vulnerabilities
- Track Covering
2. Social Media Concerns
  • Social Media
- Types
- Vulnerabilities
- Social Networking Sites
- Social Engineering
  • Phishing
- Phishing via E-mail
  • Online Attacks
- Statistical Data
- Security Breach Sources
3. Cyber Awareness
  • CNCI
- Definition and Purpose of CNCI
- CNCI Initiative Details
  • Legalities
- Laws and Rules
- Legal Compliance
  • Cyber Attacks
- Malware
- Viruses
- Worms
- Logic Bombs
- Botnet
- Trojan Horse
- OSI Model
- DNS
4. Cyber Services
  • Cyber Threats
- Denial of Service Vulnerabilities
  • Server Hardening
- Web Server Hardening
- Mail Server Hardening
- FTP Server Hardening
- DNS Server Hardening
- Other Servers
- Workstation Considerations
- Network Appliances
- Wireless Access Hardening
- VLAN Security
- Software Attacks
5. Risk Management and Assessment
  • Risk Management
  • Risk Management Process
- Steps
- ALE Formula
- CRAMM Process
- Risk Management Lifecycle
- Protected Assets
- CIA Triad
  • Threat Determination Process
  • Risk Assessment
- Scenarios
- Criticality
- Prioritization
  • Risk Management Lifecycle
- Steps
- Policy
- Assessment
- Baselines and ePolicy
  • Vulnerabilities
- Vulnerability Categories
- Self-Assessment
- Weak Links in Security
- Technical Controls
- Due Care
- Insurance against Losses
6. Security Policy Management
  • Security Policies
- Security Policy Definition
- Security Policy Use
- Security Policy Importance
- Legal Issues
- Policy Example
- Policy References
- Policies, Guides, Standards, Procedures, and Controls
  • Coverage Matrix
- Preparing a Coverage Matrix
- Example Security Coverage Matrix
- Granular View of a Security Matrix
  • Basic Policies
7. Vulnerability Assessment and Tools
  • Vulnerability Testing
  • Penetration Testing
- Risks of Penetration Testing
- Methodologies
- Testing
- Technology Testing Tools
8. Business Continuity Planning
  • Disaster Types
  • Disaster Recovery Plan
- Goals
- Steps for Creation
- Contents
- Design Requirements
- Priorities
- Recovery Strategies
- High Availability Considerations
- Data Collection
- Written Plan Documentation
- Plan Testing Sequence
  • Business Continuity Planning
  • Business Continuity Planning Process
- BCP Process Steps
- Controls
9. Host Security
  • Types of Hosts
- General Configuration Guidelines
  • Clean Systems
  • Unnecessary Services
- Rules to Follow
- Warning Banners
  • Limiting Access
- Administrators
- Users
- Configuring and Logging
- Security Patches
  • Security Baselines
- Traffic Filtering
  • Monitoring
10. Architectural Integration
  • General Security Integration
  • Services
- Needs
  • Security Zones
- Filtering
- Screened Subnets
- Trusted Zones
  • Devices
- Routers
- Firewalls
- DMZ Hosts
  • Extenuating Circumstances
- Business-to-Business
- Exceptions to Policy
- Special Services and Protocols
- Configuration Management
  • Development
- Certification and Accreditation
- Common Criteria
11. Authentication and Cryptography
  • Authentication
- Identification
- Issues
  • Cryptosystems
- Elements
- Password Protocols
- Hashes
- Kerberos
- Symmetric Encryption
- Asymmetric Encryption
- Digital Signatures
  • Certificate Services
- Certificate Authorities
- Registration Authorities
- Models
- Policies
- Lifecycle
- Distribution
12. Securing Communications
  • Terminology
- Tunnels
- Applying Cryptography to OSI Model
  • Securing Services
- E-Mail
- FTP and Telnet
  • Transport
- SSL and TLS
- Gateway-to-Gateway VPN
- IPSec
  • Wireless
- Wireless Weakness
- Wireless Security
  • Steganography and NTFS Data Streams
- Steganography
- NTFS Alternate Data Streams
13. Intrusion Detection and Prevention Systems
  • Intrusion
- Definition
  • Defense in Depth
- Perimeter Router
- Firewall Monitoring
- Network Device Logging
- Host Monitoring
- Events Correlation
  • IDS/IPS
- Placement of IDS Monitors and Sensors
- Monitoring
- Host-Based and Network-Based Differences
- Policy Management
- Behavioral Signatures
  • IDS/IPS Weakness
- Encryption
- Coverage
- Overwhelmed
- False Positives
- Incorrect Configuration
14. Cyber Challenge Activities
  • Network Analysis Review
15. Forensic Analysis
  • Incident Handling
- Response
- Time and Reaction Sensitivity
- Issues for Consideration
- Response Procedures
- Evidence
  • Logging
- Process
- Log Analysis Tools
16. Cyber Evolution
  • Cyber Organization
- Cyber Forces
- Internet Leadership
- Internet Defenders
  • Cyber Future
- Future Challenges
- Evolving Needs
- Cyber Maturity Barriers
- Einstein 2 and Future
- Goals
Labs
  • Lab 1: Social Media
- Phishing and Spyware
- Windows Activation
- Antivirus Notice
- Commercial Web Site
  • Lab 2: Cyber Awareness
- Scanning with Nmap
- Scanning with Zenmap
  • Lab 3: Cyber Services
- Telnet Banner Grabbing
- FTP Banner Grabbing
- SMTP Banner Grabbing
- Netcat
  • Lab 4: Risk Assessment
- Use Nessus to Identify Assets and Threats
- Asset Worksheet Completion
  • Lab 5: Business Continuity Plan
- Team Members/Key Contacts
- Team Status Reporting
- Priority IT Systems
- IT System Backup Details
- Recovery Process
  • Lab 6: Vulnerability Assessments and Audits
- Mapping Site Content Using Teleport Pro
- Using Cheops for Graphical Display of Network
- Working with LANguard
  • Lab 7: Host Security - Malware
- Connecting Remotely
- RECUB Service
  • Lab 8: Authentication and Cryptography
- Perform activities using Ettercap utility
- Perform and Witness a Man in the Middle (MITM) Attack
  • Lab 9: Cryptographic Attacks
- Using Steganographic Tools
- Advanced NTFS File Streaming
  • Lab 10: SNORT (Eagle X IDS) Install
- Installing Eagle X
- Configuring Eagle X
- Configure Rule to Ignore Hosts in SNORT
  • Lab 11: Cyber Challenge Activities
- Identifying Assets and Threats
- Completing Asset Worksheet
  • Lab 12: Forensics Analysis IIS Event Log Analysis
- Identifying Common Attacks through IIS Log Analysis

Cancellation Policy

We require 16 calendar days notice to reschedule or cancel any registration. Failure to provide the required notification will result in 100% charge of the course. If a student does not attend a scheduled course without prior notification it will result in full forfeiture of the funds and no reschedule will be allowed. Within the required notification period, only student substitutions will be permitted. Reschedules are permitted at anytime with 16 or more calendar days notice. Enrollments must be rescheduled within six months of the cancel date or funds on account will be forfeited.

Training Location

GK at ctc Toronto
595 Bay Street

Toronto, ON
Canada   

About Global Knowledge

x

Global Knowledge is the world's leading learning services and professional development solutions provider. We deliver learning solutions to support customers as they adapt to key business transformations and technological advancements that drive the way that organizations around the world differentiate themselves and thrive. Our learning programs, whether designed for a global organization or an individual professional, help businesses close skills gaps and foster an environment of continuous talent development.

Training Provider Rating

This vendor has an overall average rating of 4.38 out of 5 based on 421 reviews.

No comment
No comment
No comment
No comment
No comment
No comment
No comment
No comment
No comment
Wasn’t as advanced as I thought it would be. There was an issue when the day my course was the first time they used a new platfo ... Read more
x

Wasn’t as advanced as I thought it would be. There was an issue when the day my course was the first time they used a new platform.. from adobe to something called zoom; I had to call support line cause it stated our instructor wasn’t present. Thankfully I called cause everyone online was in the adobe virtual classroom waiting for what looked like a teacher who didn’t show up for class (IT didn’t get anything resolved until 10mins after start time). I felt like he was really getting hung up on very basic knowledge for the first half of the course (talking about how to create tabs and drag formulas as an example). I completed files a few times before he was done explaining. There was a scheduled fire drill for them (roughly 30mins)that also cut into our time, which wasn’t deducted from the hour lunch break or the two, fifteen min breaks. I also really wish he touched base more on the automating workbook functions portion which we barely did. I'm happy there were/are those study guides (learning videos) and exams to take on my own time that I hope after I've had the class are still available for me to learn from.

No comment
No comment
No comment
No comment
It was difficult to practice on my PC while trying to watch the presentation online.
No comment
David was excellent!! I am very for having this course!!
No comment
Everything was great, but the instructor wasted a lot of time talking about unrelated subjects (like demo-ing different programs, ... Read more
x

Everything was great, but the instructor wasted a lot of time talking about unrelated subjects (like demo-ing different programs, talking about other classes, and talks about how Excel/technology has changed) took up way too much time. The course could have been condensed or better focus would have been great

Did not actually receive the course materials yet (and the course has concluded). Ratings assume that I will receive the course m ... Read more
x

Did not actually receive the course materials yet (and the course has concluded). Ratings assume that I will receive the course materials as soon as possible.

Course Reviews

No Reviews Yet