Securing the information systems environment is one of the important tasks of the organization IT. This course focuses on the design, analysis, and implementation of enterprise-level security for enterprise and service-providers networks. This course will expose the student to secure networks, cloud and systems concepts, endpoint, and applications security.
This course is the first course in the Cyber Security Architect track, in which we talk about network and security protocols, along with the methods to hack and protect the organization network.
Target Audience
Basics knowledge in computing and programming languages
Duration
30 Hours + exercises
Content
1. Introduction to data networks [8 Hours + Exercise]
- Introduction to data networks and the OSI-RM
- LANs (Local Area Networks), Ethernet and LAN switching
Wide Area Networks (WAN? protocols – Carrier Ethernet and Multi-Protocol label Switching (MPLS) - Introduction to TCP/IP
- IPv4 and IPv6 – Protocols and addressing
- Layer 4 protocols – UDP, TCP, QUIC/GQUIC and SCTP
- Routers and routing protocols
- Application protocols – HTTP, DNS, VoIP and more
- Encapsulation and tunnelling protocols
- Network security basics – Firewalls, Intrusion Detection/Prevention, Network Access Control
- Class exercise: Wireshark and reconnaissance tools basics
- Home exercise: Understanding network structures.
2. Data Networks Structure and Weakness Points [2 Hours + Exercise]
- What are the risks – attack types and tools.
- Data Centre’s and enterprise networks architecture and components
- Data, control, and management planes
- Cloud connectivity and threats
- The new world networks – SDN/NFV and potential threats
- Type of attacks and where they are implemented.
- Class exercise: getting to know hacking tools.
- Class exercise: Attack tools and how to design a network attack.
- Home exercise: Try to attack a secured environment.
3. Security architecture and protocols [8 Hours + Exercise]
- Cyber security concepts – Confidentiality, Integrity, and availability
- Attacks basics – types of attacks, network vs. applications attacks
- Types of attacks – Malwares, worms, viruses, DoD/DDoS and more.
- Security assessments, Penetration tests, risk vectors
- Defences and defence strategies
- Encryptions basics and protocols
- Authentication basics and protocols
- Authorization and access control protocols
- Certificates and digital signatures
- IPSec and key-management protocols
- SSL/TLS and Proxies
- IKE and public key infrastructure
- RADIUS/TACACS and AAA systems
- Network security components – FW, IDS/IPSs, NAC, WAFs and others
- Class exercise: Building a secured environment.
- Home exercise: Continue to build a secured environment.
4. Network based attacks and tools [4 Hours + Exercise]
- Windows-based and Linux-based tools
- Active and passive attacks
- Reconnaissance and information gathering
- DoS/DDoS attacks and flooding
- Spoofing and smurf attacks
- Storm identification, where can it block the network and what to
- Class exercise: Getting to know ethical hacking tools.
- Home exercise: Attacks and defences.
5. Information gathering, reconnaissance and Eavesdropping [4 Hours + Exercise]
- Packet analysis tools – Wireshark, TCPDump and others
- Using Linux/Shell tools and Python/Pyshark for deep network analysis
- Advanced packet dissection with LUA
- ARP spoofing, session hijacking and data hijacking tools, scripts and techniques
- Packet generation and replaying tools and when to use them
- Class exercise: Working with Wireshark, writing Python/Pyshark scripts
- Home exercise: Identification of network based attacks
6. Attacks on Network Devices and their characteristics [4 Hours + Exercise]
- Network devices structure and components
- Memory and buffers structure and exhaustion attacks
- Memory corruption and exploit mitigations.
- Storage structure and exhaustion attacks
- CPUs structure and exhaustion attacks
- Class exercise: Building and activating a Linux router.
- Home exercise: Practicing attacks against Linux router.