HBFITES Data Center, Collaboration, Security, Storage, Wireless, Telepresence Training +91-9886770046 info@hbfites.com

ICS - Introduction to Cyber Security

Description

In 2014 the world has continued to watch as breach after breach results in millions of credit card and personal information records being posted on the Internet. The Internet Storm Center reports an average of over 700,000 detected intrusion attempts daily and thats only the events they catch! There is no question that Cyber Security is a necessity and an increasing global concern, the challenge is where to start the daunting task of securing your infrastructure, training your end users and preparing your organization to face the year ahead.

Introduction to Cyber Security is the foundational training for all users whether management, IT, end user or programmer. Equip your team with the up to date knowledge of threats we all face and the hands-on skills to address them. With information culminated from the most trusted sources; CERT, NIST, DHS and others, this course presents an objective, complete, and cutting edge view of our current environment as well as a vision of the near future of Cyber Security.

Objectives

Attending students will learn:

  • Overview of the Hacking Cycle
  • Phases of Network Reconnaissance
  • Use and Methodology of Network Scanning Tools
  • DNS Analysis and Manipulation
  • Malware Types
  • Defensive Postures
  • Security Appliance Types and Uses
  • Defense in Depth Model
  • Access Control Mechanisms
  • Authentication Protocol Types and Uses
  • Encryption Protocol Types and Uses
  • VPN Protocol Types and Uses

Prerequisites

You should possess knowledge of the following:

  • There are no prerequisites, however a basic understanding of computer and network terminology is recommended

Who Should Attend

  • IT Administrators seeking an understanding of security threats and basic mitigation controls
  • Database Administrators desiring an increased security awareness
  • Managers of network resources who want an understanding of the current threat landscape
  • End Users needing a heightened awareness of Cyber Security

Outline

The Current Threat Landscape

  • Prevalence of Common Threats
  • Cost of Malware and Breaches
  • Examples of Attack Time lines
  • Attacker Goals
  • Top 10 Threats

The Hacking Cycle-Enumeration

  • Reconnaissance
    • Passive Information Gathering tools and techniques, Whois
  • Social Engineering
  • Scanning
    • Ping and other ICMP based Scanning
    • TCP Syn and Port Scans
    • UDP Host and Port Scans
    • ICMP Message Quoting
  • Operating System Fingerprinting, Baselines and Operating System Host Hardening

TCP/IP Protocol Exploitation

  • IPv4 and IPv6 Header Review
  • IPv4 and IPv6 Manipulation and Analysis
  • TCP and UDP Overview and Analysis

DNS

  • DNS Record Types
    • MX, NS, SOA, A, AAAA, CNAME, PTR, NAPTR, SRV
  • Host DNS Resolver Files and Functions
  • DNS Server Types
    • Caching, Forwarding, Authoritative
  • DNS Zone Transfers
  • DNS Security (DNSSEC)

DHCP

  • DHCP Message Types
  • DHCP Options, Usage and Security

ICMP

  • ICMP Message Types
  • ICMP Usage and Security

Malware

  • Virus Types
    • Armored, Stealth, Polymorphic, Retro, Macro, Multipartite, Resident, NonResident
  • Worms, Trojan Horses, Rootkits, Illicit Servers, Botnets
  • Spyware
    • Keyloggers, Screen Capture, Cookie Grabbing, Browser High-jacking

Anti-virus Software

  • Disk Scanning and Definitions
  • Memory-Resident Scanners
  • Heuristics and Execution Prevention
  • Boot-time Scanning

Host Based Intrusion Detection

  • Inoculation (Base-lining)
  • Behavior Based and Heuristic Detection

Spyware Protection

  • Anti-Spyware Software
  • Private Browsing and Browser Plug-ins
  • Private Data Storage and Deletion

Defense-In-Depth

  • Ingress/Egress Routers
    • Layer 3 and Layer 4 Filtering, Access Control Lists
  • Stateful Firewalls
    • Reflexive ACLs, Content Inspection, Flood Mitigation, Maintence
  • Application Layer Proxy or Firewalls
    • Content Filtering, Anti-Virus, Anti-Spam, Caching and NAT
  • Intrusion Detection Systems
    • Packet Capture and Analysis, Active vs. Passive, Sensor Placement, Signatures
  • HoneyPots

Access Control

  • Physical Controls
    • Perimeters, Barriers, Surveillance
  • Access Control Models
    • Mandatory, Rule and Role Based, Discretionary
  • Authentication Factors Types
  • Passwords and Password Cracking
  • Authentication Protocols

Encryption

  • Confidentiality, Integrity, Authentication and Non-Repudiation
  • Symmetric and Asymmetric Ciphers
  • Hashing Algorithms
  • X.509 Certificates
  • The Public Key Infrastructure
  • PGP
  • SSL/TLS
    • Versions
    • Handshake
    • Certificate Validation
  • SSH
    • Message Encryption
    • Forward and Reverse Tunnels

Lab Outline

Lab 1 - Internet Research and Information Gathering
Lab 2 - Using Whois, NSLookup, and Dig for DNS Reconnasiance
Lab 3 - Identifying Social Engineering Attempts
Lab 4 - Observing Network Scanning with Wireshark
Lab 5 - Using Netstat and other utilities to base line a Windows System
Lab 6 - Examining Malformed Packets with Wireshark
Lab 7- Capture and Analyze TCP and UDP Conversations
Lab 8 - Capture and Analyze the DNS Query and Response Process
Lab 9 - Explore an DHCP Scope. Observe the DHCP Process
Lab 10 - Analyze ICMP Messages and Identify Source Operating Systems
Lab 11 - Internet Research and Information Gathering
Lab 12 - Install and Configure Anti-Virus, Scan an Infected system
Lab 13 - Analyze ACLs, Capture Packets designed to evade the ACLs
Lab 14 - Deploy and Configure a Personal Fire wall
- Analyze Firewall Logs
Lab 15 - Analyze and IDS setup. Read and Interpret IDS logs.
Lab 16 - Discussion- common physical access controls mechanisms and how they are defeated
Lab 17 - Use password cracking tools to reveal weak passwords
Lab 18 - Capture and Inspect encrypted traffic
Lab 19 - Hash files using MD-5, SHA-1 and SHA-2, compare hash outputs
Lab 20 - Examine an X.509v3 Certificate
- View Trusted Root CAs in various Browsers
- Observe OCSP Validation of a Certificate
Lab 21-Create a PGP Certificate
- Sign and Encrypt and Email using PGP
Lab 22 -Capture and Analyze an SSL Session
- Identify the Certificate and Issuing Authority
Lab 23 -Create and SSH Tunnel