Security Advanced Notions


Table of Contents


Companies large and small face a critical stage, cyber-attacks have transformed dramatically over the past few years. Unfortunately, organizations are still being breached too often and are under more pressure than ever to secure their systems. The Network Security course aims to address cyber challenges experienced on the network level. The course covers various attack techniques and how to defend against them.

By the end of the course, participants will have the ability to build and maintain a secure network, protect data, manage vulnerabilities, implement active access control measures, and regularly monitor the network for inconsistencies.
The course sets the groundwork for later specialization in cyber forensics, advanced cyber defense and penetrating testing.

How to make the most of this course?

In order to succeed in the course, the following requirements must be met:

  • Participation in all practical laboratories
  • Self-work at home between lessons
  • Repetition of materials, self-learning, performing tasks, etc…

In addition to regular classroom studies, the participant is required to practice at least 10 hours a week in order to gain practical experience in the field.
A personal computer suitable for running virtual machines, with an Internet connection
Transition of the scenarios in the Cyberium Arena.

Target audience

The course targets participants with basic knowledge in IT or networking, who wish to understand corporate cybersecurity and cyber defense on a technical perspective.

  • IT security personnel
  • Incident responders
  • Security analysts


  • Becoming familiar with the cyber threat landscapes
  • Acquiring the knowledge and tools to recognize threats in the network.
  • Testing networks and network-based-systems for vulnerabilities.
  • Understanding cyber-attacks.
  • Becoming familiar with a variety of available tools for performing security-related tasks.


To be best prepared to succeed in this program, participants should have basic familiarity or experience with:

  • Principles of network connectivity.
  • Principles of IT systems
  • Principles of Information Systems
  • Basic operating system fundamentals including Windows or Linux.

As well as knowledge of the syllabus covered in courses Cybersecurity Introduction (NS101) and  Cybersecurity Advanced Notions ( NS102 ) or practical exposure



During this module, participants will study the fundamentals of the Linux OS – How to use basic commands, manipulation of text and command outputs, understanding the Terminal-Emulator, permissions, and other security concepts.

Technical content

  • Virtualization
    o Introduction to Virtualization
    o About Linux Distro
    o Installing Linux o Working with VMWare
    o Bridged vs. NAT
  • Working with Linux o Linux Directories
    o Linux Users
    o Packages
    ▪ Packages Commands
    ▪ Updating
  • Installing and Managing
    o File Manipulation Commands
    o Text and File Manipulation Technics
    o Writing Linux Scripts
    ▪ Permissions
    ▪ Variables
    ▪ Conditions
    ▪ Loops
    ▪ Automation


During this module, participants will study the basics of network infrastructures, common network types, network layers, and communications between protocols, communication between network devices from different layers, and network anonymity methods.

Technical content

  • Protocols and Services
    o TCP/IP and OSI Model
    ▪ Network Routing Basics
    o DNS
    o DHCP
    o ARP
    o Remote connection Protocols
    o Important Protocols
  • Wireshark – Diving into Packets
    o Non-Secure and Secure Packets
    o Filtering and parsing
    o Extracting Objects and Files from PCAP Files


Large organizations these days suffer greatly from network attacks and malicious intrusions. Those who manage the organization’s network have an immense impact on ensuring its safety. This module will introduce participants to Network Forensics and will learn the ability to locate and better understand various attacks.

Technical content

  • Windows Tools
    o Advanced Wireshark
    ▪ OS-Fingerprinting
    ▪ Detecting Suspicious Traffic
    ▪ GeoIP Mapping
    o NetworkMiner
    o Sysinternals
    ▪ Procmon
    ▪ TCPview
  • Linux Tools
    o TShark – Network Analyzing Automation
    ▪ Capture Packet Data from Live Network
    ▪ Filter Packets from Live Network
    ▪ Filter Packet from PCAP File
    ▪ Traffic Statistics
    ▪ Automating Network Capture and Filtering
    ▪ File-Carving
    o Zeek Tools: Bro and Bro-Cut
    ▪ Extracting Information
    ▪ Parsing Traffic Logs
    o CAPInfo


The primary goal of this module is to teach participants to embrace the attacker’s state-of-mind to recognize the necessary defense mechanisms. Participants will deal with several types of attacks. They will learn about hash functions; furthermore, they will learn how wireless networks are attacked and how the organization is vulnerable to those attacks. Social engineering and honeypot techniques will also be demonstrated.

Technical content

  • Cyber Security Vectors
    o Anti-Viruses
    o Firewalls and FWNG
    o DoS and DDoS
    o CNC Servers and Botnets
    o Wireless Attack Concepts
    ▪ Handshake Based Authorization
    ▪ Deauthentication Attacks MiTM
    ▪ Evil-Twin
    o Steganography
  • Network Attacks
    o Introduction to Scanning
    o Scanning Methods in Nmap
    o Scanning with Shodan
    o MiTM
    o ARP poisoning
    ▪ DNS Spoofing
    o DHCP Starvation
    o LLMNR Attacks
    ▪ Offline Password Brute-Force
    ▪ Working with Responder
  • Cyber Attack Practice
    o Backdooring
    ▪ Payloads: Reverse vs. Bind
    ▪ Multi-Handler
    o Privilege Escalation


The following labs are part of the actual NS106 course:

  • Lab 1 ​Linux and Basic Commands
  • Lab 2 Text Manipulation
  • Lab 3 Using the Internet
  • Lab 4 Linux Services
  • Lab 5 Scanning with Nmap
  • Lab 6 Scanning with Shodan
  • Lab 7 Linux Bash Scripts
  • Lab 8 Offline Brute-Force
  • Lab 9 Online Brute-Force
  • Lab 10 NetCat
  • Lab 11 Using Wireshark
  • Lab 12 Using Tshark
  • Lab 13 Anonymous
  • Lab 14 Exploits
  • Lab 15 File Structure
  • Lab 16 Steganography
  • Lab 17 Trojans
  • Lab 18 Network Attacks

Real Cases Studies

Case Study #1( NR001)
During the World Cup in Romania, fans dream about finding affordable tickets. This summer, according to the Federal Trade Commission, scammers are duping fans with phishing emails that include enticing, but fake, free trips to Romania. The research discovered a large number of phishing emails, and they require your assistance to investigate them.
Case Study #2 (NR002)
A network administrator of a big company suspects that an employee was tricked by a scam email, in which he accidentally downloaded a Trojan malware.
Case Study #4 (ICF004)
The German police are seeking your help in gathering information related to the IP address that could lead to the cell phone device used by a DHL blackmailer who last year parceled out bombs to different addresses in Brandenburg and Berlin.
Case Study #5 (NR005)
Recently a large credit card company had a large data breach. The credit card database was hacked, stolen, and leaked to the DarkNet. Now, the company requested your firm’s assistance to find the attackers and mitigate the leak. Use your forensics knowledge to solve the data leak.
NS106 Network Research

 Course type

This course is delivered in the following ways:

  • Virtual classroom with proctored labs and scenarios executed in our Cyberium Arena
  • In situe classroom with proctored labs and scenarios executed in our Cyberium Arena

All sessions are recorded and attendees can replay them  during 30 days. All course material is electronically made available to the participant.

 Course Group: FOUNDATION


 Course Group:


 Hands-on / Theory MiX

The following course incorporates a high level of hands-on labs exercises, as well as real life case studies.

1 %
Case Studies


This course prepares the participant to the following certifications:

  • LPIC-2 (LPI)
  • Linux+ (Comptia)

Required Equipment

Network connection

As this course extensively uses a cloud based Learning Management System, including a lab arena, attendees need a stable broadband connection to the Internet.

BYOD - Bring Your Own Device

As it is a very practical course, and in order for the participants to make the most of the course, they need a laptop with the following capabilities:

  • Audio and Video
  • 8 GB RAM
  • 200 GB Disk Space
  • Virtualization capabilities ( supporting latest version of Virtualbox or similar virtual machine application)

And also a Good Headset with Mic.
More Details