Cybersecurity Essentials
5-day hands-on training seminar, $3295
RCCSP
  Professional
    Education
       Alliance

Overview

In this hands-on network training course participants will learn about the challenges of designing a secure network, threats to which an organization's system is exposed, and ways to protect it. The course uses lectures and hands-on excercises during which participants will work with live viruses, including botnets, worms, and Trojans to gain a thorough understanding of internet security basics and best practices. Attendees will review standard cybersecurity terminology, compliance requirements, mitigate controls and work with live viruses including botnets, worms, and Trojans in a lab environment.

In addition to standard cybersecurity terminology and technical cybersecurity components, attendees will also learn about the non-technical aspects of cybersecurity for the purposes of risk mitigation exposure, including risk management, threat determination, disaster recovery, security policy management, and business continuity planning. This course provides an excellent foundation for individuals seeking CISSP, CEH, CISA, or CISM training.

Participants will learn:

  • Current cyber threats and cybersecurity site references
  • Government-mandated directives and compliance requirements
  • Cyber roles required to successfully design secure systems
  • The attack cycle perpetrated by malicious hackers
  • Enterprise policy requirements
  • Best strategies for securing the enterprise with layered defenses
  • How security zones and detailed logging augment information assurance
  • Forensic challenges and incident response planning
  • Risk management process
  • Goals achievable with auditing, scanning, and testing systems
  • Industry recommendations for maintaining secure access control
  • Standards-based cryptographic solutions for securing communications

Who Should Participate

Cybersecurity Essentials training course is ideal for security professionals, including security analysts, intel analysts, policy analysts, security operations personnel, network administrators, system integrators, VARS, and security consultants.

Agenda

Cybersecurity Introduction, Job Roles, and Functions

  • Security Fundamentals
    • Security Importance
    • Human Influence
  • Vulnerabilities
    • Typical Attack Sequence
    • Social Engineering
    • Footprinting
    • Well-Known Parts
    • Port Scanning
    • Password/Passphrase Vulnerabilities
    • Track Covering

Social Media Concerns

  • Social Media
    • Types
    • Vulnerabilities
    • Social Networking Sites
    • Social Engineering
  • Phishing
    • Phishing via E-mail
  • Online Attacks
    • Statistical Data
    • Security Breach Sources

Cyber Awareness

  • CNCI
    • Definition and Purpose of CNCI
    • CNCI Initiative Details
  • Legalities
    • Laws and Rules
    • Legal Compliance
  • Cyber Attacks
    • Malware
    • Viruses
    • Worms
    • Logic Bombs
    • Botnet
    • Trojan Horse
    • OSI Model
    • DNS

Cyber Services

  • Cyber Threats
    • Denial of Service Vulnerabilities
  • Server Hardening
    • Web Server Hardening
    • Mail Server Hardening
    • FTP Server Hardening
    • DNS Server Hardening
    • Other Servers
    • Workstation Considerations
    • Network Appliances
    • Wireless Access Hardening
    • VLAN Security
    • Software Attacks

Risk Management and Assessment

  • Risk Management
  • Risk Management Process
    • Steps
    • ALE Formula
    • CRAMM Process
    • Risk Management Lifecycle
    • Protected Assets
    • CIA Triad
  • Threat Determination Process
  • Risk Assessment
    • Scenarios
    • Criticality
    • Prioritization
  • Risk Management Lifecycle
    • Steps
    • Policy
    • Assessment
    • Baselines and ePolicy
  • Vulnerabilities
    • Vulnerability Categories
    • Self-Assessment
    • Weak Links in Security
    • Technical Controls
    • Due Care
    • Insurance against Losses

Security Policy Management

  • Security Policies
    • Security Policy Definition
    • Security Policy Use
    • Security Policy Importance
    • Legal Issues
    • Policy Example
    • Policy References
    • Policies, Guides, Standards, Procedures, and Controls
  • Coverage Matrix
    • Preparing a Coverage Matrix
    • Example Security Coverage Matrix
    • Granular View of a Security Matrix
  • Basic Policies

Vulnerability Assessment and Tools

  • Vulnerability Testing
  • Penetration Testing
    • Risks of Penetration Testing
    • Methodologies
    • Testing
    • Technology Testing Tools

Business Continuity Planning

  • Disaster Types
  • Disaster Recovery Plan
    • Goals
    • Steps for Creation
    • Contents
    • Design Requirements
    • Priorities
    • Recovery Strategies
    • High Availability Considerations
    • Data Collection
    • Written Plan Documentation
    • Plan Testing Sequence
  • Business Continuity Planning
  • Business Continuity Planning Process
    • BCP Process Steps
    • Controls

Host Security

  • Types of Hosts
    • General Configuration Guidelines
  • Clean Systems
  • Unnecessary Services
    • Rules to Follow
    • Warning Banners
  • Limiting Access
    • Administrators
    • Users
    • Configuring and Logging
    • Security Patches
  • Security Baselines
    • Traffic Filtering
  • Monitoring

Architectural Integration

  • General Security Integration
  • Services
    • Needs
  • Security Zones
    • Filtering
    • Screened Subnets
    • Trusted Zones
  • Devices
    • Routers
    • Firewalls
    • DMZ Hosts
  • Extenuating Circumstances
    • Business-to-Business
    • Exceptions to Policy
    • Special Services and Protocols
    • Configuration Management
  • Development
    • Certification and Accreditation
    • Common Criteria

Authentication and Cryptography

  • Authentication
    • Identification
    • Issues
  • Cryptosystems
    • Elements
    • Password Protocols
    • Hashes
    • Kerberos
    • Symmetric Encryption
    • Asymmetric Encryption
    • Digital Signatures
  • Certificate Services
    • Certificate Authorities
    • Registration Authorities
    • Models
    • Policies
    • Lifecycle
    • Distribution

Securing Communications

  • Terminology
    • Tunnels
    • Applying Cryptography to OSI Model
  • Securing Services
    • E-Mail
    • FTP and Telnet
  • Transport
    • SSL and TLS
    • Gateway-to-Gateway VPN
    • IPSec
  • Wireless
    • Wireless Weakness
    • Wireless Security
  • Steganography and NTFS Data Streams
    • Steganography
    • NTFS Alternate Data Streams

Intrusion Detection and Prevention Systems

  • Intrusion
    • Definition
  • Defense in Depth
    • Perimeter Router
    • Firewall Monitoring
    • Network Device Logging
    • Host Monitoring
    • Events Correlation
  • IDS/IPS
    • Placement of IDS Monitors and Sensors
    • Monitoring
    • Host-Based and Network-Based Differences
    • Policy Management
    • Behavioral Signatures
  • IDS/IPS Weakness
    • Encryption
    • Coverage
    • Overwhelmed
    • False Positives
    • Incorrect Configuration

Cyber Challenge Activities

  • Network Analysis Review

Forensic Analysis

  • Incident Handling
    • Response
    • Time and Reaction Sensitivity
    • Issues for Consideration
    • Response Procedures
    • Evidence
  • Logging
    • Process
    • Log Analysis Tools

Cyber Evolution

  • Cyber Organization
    • Cyber Forces
    • Internet Leadership
    • Internet Defenders
  • Cyber Future
    • Future Challenges
    • Evolving Needs
    • Cyber Maturity Barriers
    • Einstein 2 and Future
    • Goals

Hands-On Excercises

  1. Excercise 1: Social Media
    • Phishing and Spyware
    • Windows Activation
    • Antivirus Notice
    • Commercial Web Site
  2. Excercise 2: Cyber Awareness
    • Scanning with Nmap
    • Scanning with Zenmap
  3. Excercise 3: Cyber Services
    • Telnet Banner Grabbing
    • FTP Banner Grabbing
    • SMTP Banner Grabbing
    • Netcat
  4. Excercise 4: Risk Assessment
    • Use Nessus to Identify Assets and Threats
    • Asset Worksheet Completion
  5. Excercise 5: Business Continuity Plan
    • Team Members/Key Contacts
    • Team Status Reporting
    • Priority IT Systems
    • IT System Backup Details
    • Recovery Process
  6. Excercise 6: Vulnerability Assessments and Audits
    • Mapping Site Content Using Teleport Pro
    • Using Cheops for Graphical Display of Network
    • Working with LANguard
  7. Excercise 7: Host Security - Malware
    • Connecting Remotely
    • RECUB Service
  8. Excercise 8: Authentication and Cryptography
    • Perform activities using Ettercap utility
    • Perform and Witness a Man in the Middle (MITM) Attack
  9. Excercise 9: Cryptographic Attacks
    • Using Steganographic Tools
    • Advanced NTFS File Streaming
  10. Excercise 10: SNORT (Eagle X IDS) Install
    • Installing Eagle X
    • Configuring Eagle X
    • Configure Rule to Ignore Hosts in SNORT
  11. Excercise11: Cyber Challenge Activities
    • Identifying Assets and Threats
    • Completing Asset Worksheet
  12. Excercise 12: Forensics Analysis IIS Event Log Analysis
    • Identifying Common Attacks through IIS Log Analysis

Dates, Locations and Registration

Prerequisites:

TCP/IP Networking

Follow-On Courses:

CISSP Certification

Related Courses:

Security+ Certification

Home

Training & Certification:
   w Call Center
   w IT Support Center
   w ITIL
   w Help Desk

   w Telecom

Call Center Operations
Technical Support
Call Center Technology
Online Support
Customer Satisfaction
Knock Your Socks Off
Help Desk Institute
Telecom Books
Communication Skills
Call Center Monitoring
Metrics / Benchmarking
CRM
Hiring & Retention
Outbound Telesales
Novelty Gifts & Humor
Half-Priced Books

Subject Index
Catalog Index

Shipping Options
About Us
Contact Us

Registration Fees

The per student registration fee for the hands-on classroom session is $3,295, and includes the seminar, course materials, and morning and afternoon refreshments.

Classoom training begins at 8:30 AM each day and concludes at 4:30 PM unless otherwise directed. Please arrive early on the first day to sign-in and meet fellow attendees. If you register less than one week in advance of a class, please bring your confirmation letter. Business casual attire is appropriate.

Register securely online with confidence or please call (708) 246-0320.

Seminar Schedule
Apr 14-18, 2014 Boston, MA Microtek Boston
Apr 21-25, 2014 Chicago, IL Schaumburg Offices
May 5-9, 2014 Washington, DC Arlington Offices
May 19-23, 2014 New York, NY New York Offices
Jun 2-6, 2014 Morristown, NJ Morristown Offices
Jun 9-13, 2014 Atlanta, GA Atlanta Offices
Jun 16-20, 2014 San Jose, CA Santa Clara Offices
Jul 7-11, 2014 Washington, DC Arlington Offices
Jul 21-25, 2014 Raleigh, NC Cary Training Ctr
Jul 28-Aug 1, 2014 Chicago, IL Schaumburg Offices
Aug 4-8, 2014 Dallas, TX Irving Training Center
Aug 18-22, 2014 New York, NY New York Offices
Aug 25-29, 2014 Orlando, FL Microtek Orlando
Sep 15-19, 2014 Houston, TX Houston Training Center
Sep 22-26, 2014 Atlanta, GA Atlanta Offices

More Training and Certification Courses


Terms & Conditions

Seminar provider is not responsible for losses due to cancellation. In all circumstances, seminar provider's liability shall be limited to fees received.

Seminar agenda and assigned instructors are subject to change.

Public Training Terms & Conditions

Payment is due prior to the seminar.

Public seminar cancellation policy.  Registrants may cancel up to fourteen days in advance of the seminar start date for a full refund, less administrative fees of $400.  Or, you may transfer your registration to another member of your company at no additional charge.  Registrants canceling within fourteen days of the seminar will receive training credit, less administrative fees of $400 toward any other Resource Center seminar.

In the unlikely event that a seminar must be cancelled by seminar provider due to unavoidable circumstances, you will be notified at least two weeks prior to the seminar date, and your payment will be refunded.  Seminar provider is not responsible for losses due to cancellation including losses on advanced purchase airfares.  We strongly recommend that attendees traveling by air to attend the seminar purchase only refundable tickets.Become a certified callcenter manager