Security Advanced Notions
NS106
Table of Contents
Description
Companies large and small face a critical stage, cyber-attacks have transformed dramatically over the past few years. Unfortunately, organizations are still being breached too often and are under more pressure than ever to secure their systems. The Network Security course aims to address cyber challenges experienced on the network level. The course covers various attack techniques and how to defend against them.
By the end of the course, participants will have the ability to build and maintain a secure network, protect data, manage vulnerabilities, implement active access control measures, and regularly monitor the network for inconsistencies.
The course sets the groundwork for later specialization in cyber forensics, advanced cyber defense and penetrating testing.
How to make the most of this course?
In order to succeed in the course, the following requirements must be met:
- Participation in all practical laboratories
- Self-work at home between lessons
- Repetition of materials, self-learning, performing tasks, etc…
In addition to regular classroom studies, the participant is required to practice at least 10 hours a week in order to gain practical experience in the field.
A personal computer suitable for running virtual machines, with an Internet connection
Transition of the scenarios in the Cyberium Arena.
Target audience
The course targets participants with basic knowledge in IT or networking, who wish to understand corporate cybersecurity and cyber defense on a technical perspective.
- IT security personnel
- Incident responders
- Security analysts
Objectives
- Becoming familiar with the cyber threat landscapes
- Acquiring the knowledge and tools to recognize threats in the network.
- Testing networks and network-based-systems for vulnerabilities.
- Understanding cyber-attacks.
- Becoming familiar with a variety of available tools for performing security-related tasks.
Pre-requisites
To be best prepared to succeed in this program, participants should have basic familiarity or experience with:
- Principles of network connectivity.
- Principles of IT systems
- Principles of Information Systems
- Basic operating system fundamentals including Windows or Linux.
As well as knowledge of the syllabus covered in courses Cybersecurity Introduction (NS101) and Cybersecurity Advanced Notions ( NS102 ) or practical exposure
Syllabus
Description
During this module, participants will study the fundamentals of the Linux OS – How to use basic commands, manipulation of text and command outputs, understanding the Terminal-Emulator, permissions, and other security concepts.
Technical content
- Virtualization
o Introduction to Virtualization
o About Linux Distro
o Installing Linux o Working with VMWare
o Bridged vs. NAT - Working with Linux o Linux Directories
o Linux Users
o Packages
▪ Packages Commands
▪ Updating - Installing and Managing
o File Manipulation Commands
o Text and File Manipulation Technics
o Writing Linux Scripts
▪ Permissions
▪ Variables
▪ Conditions
▪ Loops
▪ Automation
Description
During this module, participants will study the basics of network infrastructures, common network types, network layers, and communications between protocols, communication between network devices from different layers, and network anonymity methods.
Technical content
- Protocols and Services
o TCP/IP and OSI Model
Network Routing Basics
o DNS
o DHCP
o ARP
o Remote connection Protocols
o Important Protocols - Wireshark – Diving into Packets
o Non-Secure and Secure Packets
o Filtering and parsing
o Extracting Objects and Files from PCAP Files
Description
Large organizations these days suffer greatly from network attacks and malicious intrusions. Those who manage the organization’s network have an immense impact on ensuring its safety. This module will introduce participants to Network Forensics and will learn the ability to locate and better understand various attacks.
Technical content
- Windows Tools
o Advanced Wireshark
▪ OS-Fingerprinting
▪ Detecting Suspicious Traffic
▪ GeoIP Mapping
o NetworkMiner
o Sysinternals
▪ Procmon
▪ TCPview - Linux Tools
o TShark – Network Analyzing Automation
▪ Capture Packet Data from Live Network
▪ Filter Packets from Live Network
▪ Filter Packet from PCAP File
▪ Traffic Statistics
▪ Automating Network Capture and Filtering
▪ File-Carving
o Zeek Tools: Bro and Bro-Cut
▪ Extracting Information
▪ Parsing Traffic Logs
o CAPInfo
Description
The primary goal of this module is to teach participants to embrace the attacker’s state-of-mind to recognize the necessary defense mechanisms. Participants will deal with several types of attacks. They will learn about hash functions; furthermore, they will learn how wireless networks are attacked and how the organization is vulnerable to those attacks. Social engineering and honeypot techniques will also be demonstrated.
Technical content
- Cyber Security Vectors
o Anti-Viruses
o Firewalls and FWNG
o DoS and DDoS
o CNC Servers and Botnets
o Wireless Attack Concepts Handshake Based Authorization Deauthentication Attacks MiTM Evil-Twin
o Steganography - Network Attacks
o Introduction to Scanning
o Scanning Methods in Nmap
o Scanning with Shodan
o MiTM
o ARP poisoning DNS Spoofing
o DHCP Starvation
o LLMNR Attacks Offline Password Brute-Force Working with Responder - Cyber Attack Practice
o Backdooring Payloads: Reverse vs. Bind Multi-Handler
o Privilege Escalation
Labs
The following labs are part of the actual NS106 course:
- Lab 1 Linux and Basic Commands
- Lab 2 Text Manipulation
- Lab 3 Using the Internet
- Lab 4 Linux Services
- Lab 5 Scanning with Nmap
- Lab 6 Scanning with Shodan
- Lab 7 Linux Bash Scripts
- Lab 8 Offline Brute-Force
- Lab 9 Online Brute-Force
- Lab 10 NetCat
- Lab 11 Using Wireshark
- Lab 12 Using Tshark
- Lab 13 Anonymous
- Lab 14 Exploits
- Lab 15 File Structure
- Lab 16 Steganography
- Lab 17 Trojans
- Lab 18 Network Attacks
Course type
This course is delivered in the following ways:
- Virtual classroom with proctored labs and scenarios executed in our Cyberium Arena
- In situe classroom with proctored labs and scenarios executed in our Cyberium Arena
All sessions are recorded and attendees can replay them during 30 days. All course material is electronically made available to the participant.
Course Group: FOUNDATION
Course Group:
FOUNDATION
Duration: Hands-on / Theory MiX
The following course incorporates a high level of hands-on labs exercises, as well as real life case studies.
CERTIFICATION
This course prepares the participant to the following certifications:
- LPIC-2 (LPI)
- Linux+ (Comptia)
Required Equipment
Network connection
As this course extensively uses a cloud based Learning Management System, including a lab arena, attendees need a stable broadband connection to the Internet.
BYOD - Bring Your Own Device
As it is a very practical course, and in order for the participants to make the most of the course, they need a laptop with the following capabilities:
- Audio and Video
- 8 GB RAM
- 200 GB Disk Space
- Virtualization capabilities ( supporting latest version of Virtualbox or similar virtual machine application)
And also a Good Headset with Mic.
More Details
