(647) 313 1970info@sazanconsulting.com

Cyber Security

Duration: 6 weeks

Classes only on Weekends

Program Outline

Session 1 Ethical Hacking Tools and Countermeasures

  • Introduction to Ethical Hacking
    • Understanding Elements of Information Security
    • Understanding Information Security Threats and Attack Vectors
    • Overview of Hacking Concepts, Types and Phases
    • Understanding Ethical Hacking Concepts and Scope
    • Overview of Information Security Management and Defense-In-Depth
    • Overview of Policies Procedures and Awareness
    • Overview of Physical Security and Controls
    • Understanding Incident Management Process
    • Overview of Vulnerability Assessment and Penetration Testing
    • Overview of Information Security Acts and Laws
  • Footprinting and Reconnaissance (Techniques and Countermeasures)
    • Understanding Footprinting Concepts
    • Footprinting through Search engines
    • Footprinting using advanced Google Hacking techniques
    • Footprinting through Social Networking Sites
    • Understanding Different Techniques for Email Footprinting
    • Understandign Different Techniques for WHOIS and DNS Footprinting
    • Footprinting and Reconnaissance Counter measures

 

Session 2: Network Scanning (Methods and Countermeasures)

    • Understanding different techniques to check for Live Systems
    • Understanding different techniques to check for Open Ports
    • Understanding various Scanning Techniques
    • Understanding various IDS Evasion Techniques
    • Understanding Banner Grabbing
    • Using Proxies and Anonymizers for Attack
    • Understanding IP Spoofing and various Detection Techniques
    • Countermeasures of Network Scanning
  • Enumeration (Methods and Countermeasures)
    • Understanding Enumeration Concepts
    • Understanding Different Techniques for NetBIOS Enumeration
    • Understanding Different Techniques for SNMP Enumeration
    • Understanding Different Techniques for LDAP Enumeration
    • Understanding Different Techniques for NTP Enumeration
    • Understanding Different Techniques for SMTP and DNS Enumeration
    • Enumeration Countermeasures

 

Session 3.   System Hacking (Methods and Countermeasures)

  • Understanding Techniques to Gain Access to the System
  • Understanding Privilege Escalation Techniques
  • Understanding Techniques to Create and Maintain Remote Access to the System
  • Overview of Different Types of Rootkits
  • Overview of Steganography and Steganalysis Techniques
  • Understanding Techniques to Hide the Evidence of Compromise
  • Network Sniffing (Methods and Countermeasures)
    • Overview of Sniffing Concepts
    • Understanding Network Sniffing Attacks
    • Use of Different Various Sniffing Tools
    • Implementing Sniffing Countermeasures
    • Understanding various techniques to detect Sniffing

 

Session 4: Malware Threats

  • Introduction to Malware and Malware Propagation Techniques
  • Overview of Trojans, Their Types and How to Infect Systems
  • Overview of Viruses, Their Types, and How They Infect Files
  • Overview of Computer Warms, their Types and How to Infect Systems
  • Understanding the Malware Analysis Process
  • Understanding Different Techniques to Detect Malware
  • Malware Threats Countermeasures
  • Vulnerability Management Planning and Implementation

 

  • Tenable Nessus
    • Registration and Installation of Tenable Nessus
    • Host Discovery Scan through Nessus
    • Basic Host Scan
    • Advance host scan through Nessus
    • Fine tuning of Nessus scan engine
    • Exploration of all advanced options in Nessus Community Edition

Session 5: Checkpoint Security Gateway

    • Understanding Architecture of Checkpoint Firewall
    • Installation of Checkpoint Security Gateway and Management Server
    • Implement NAT Policy
    • Implement Access Control Policy
    • Implement IPS Inspection Policy
    • Implementation of URL Filtering Policy
    • Log Analysis and Troubleshooting options in Checkpoint Security Gateway
    • Fine Tuning Options of Checkpoint Firewall
  • Security Incident and Event Management (SIEM) Solution
    • Understanding need of SIEM Solution
    • Understanding Security Operation Center (SOC) Environment
    • Understanding Architecture and various components of McAfee SIEM
    • Installation of ESM, Receiver and ELM
    • Adding Data Sources to Receiver
    • Event Analysis and Filtering of Events
    • Create and Edit Dashboards
    • Create Alarm and Watchlists
    • Editing Policies through Policy Editor
    • Investigate events and Incidents

 

Session 6: Cloud Security (AWS)

  • Introduction to AWS
  • Understanding Compliances through Amazon Artifact
  • Understanding Network ACLs
  • Understanding and use of Security groups
  • Understanding of AWS Certificate Manager
  • Understanding requirement of Cloud HSM
  • Understanding and Implementation of AWS Directory Service
  • Understanding AWS Guard Duty
  • Understanding AWS Inspector
  • Usage of AWS Secrets Manager
  • Understanding of AWS Single Sign-On
  • Understanding options in AWS WAF
  • Requirement and understanding of AWS Shield
  • Compliances
    • Complying with Laws and Regulations
    • Overview, Understanding and usage of ISO 27001
    • Overview, Understanding and usage of CIS Controls

 

Pre-requisite for Program: Basic understanding of Operating Systems, good understanding of Networking concepts

Job roles: Security Engineer, Cyber Security Specialist, Cyber Security Analyst, Ethical Hacker