Cyber Security Training
Learning Objective: In this module, you will learn about the essential building blocks and basic concepts around cyber security such as Confidentiality, Integrity, Availability, Authentication, Authorization, Vulnerability, Threat & Risk and so on. In addition to these concepts, you will also explore the core topics such as Security Governance, Audit, Compliance and Security Architecture.
Need of Cyber Security
Vulnerability, Threat and Risk
Risk Governance & Risk Management
Computer Security Architecture & Design
Learning Objective:In this module you will learn, various forms of Cryptographic techniques, their pragmatic relevance & weaknesses. You will learn how cryptography, its components, methods and its usage are employed in the enterprise to store and transmit messages safely.
Background of Cryptography
Data Encryption Standard (DES)
The Advanced Encryption Standard (AES)
International Data Encryption Algorithm (IDEA)
Elliptic Curve Cryptosystems (ECC)
Cryptographic Hash Functions
Attacks against Encrypted Data
Digital Certificates and its Format (X.509, X.500)
Certificate Authority, Certificate Repository, Certificate Revocation lists
Digital Certificate life cycle (Initialize, Issue, Cancel)
Computer Networks & Security
Learning Objective: In this module, you will glance over various aspects related to Computer Networks and in-parallel delve into understanding the weaknesses & concepts around securing the networks.
Network architecture, protocols, and technologies: Layered architecture, Open Systems Interconnect (OSI) Model
Transmission Control Protocol/Internet Protocol (TCP/IP)
Hybrid TCP/IP Model
Application Layer Protocols: HTTP, SNMP, DNS, POP, SMTP
Transport layer protocols: Transmission Control Protocol (TCP), User Datagram Protocol (UDP)
Network/Internet layer protocols: Internet Protocol (IP) v4, IPv6, IPsec protocols
Link layer protocols: Address Resolution Protocol (ARP) / Reverse ARP / Proxy ARP, Ethernet, VLAN
Learning Objective:In this module, you learn the importance of Application level security. You will glance over various known application weaknesses, techniques to attack them and various controls/ solutions to these vulnerabilities. You will also get an overview of Secure SDLC methodology.
Importance of Application Security
OWASP Top 10 web application vulnerabilities
SSDLC (Secure Software Development Life Cycle)
Data & Endpoint Security
Learning Objective:In this module, you will glance over, various aspects related to data and endpoint (host) security. This being a primary need, is a very crucial topic.
Data Security Controls
Host/ Endpoint Security Controls
IdAM (Identity & Access Management)
Learning Objective:Identity and access management (IdAM) is the security discipline that enables the appropriate individuals to access the right resources at the right times for the right reasons. IdAM addresses the mission-critical need to ensure appropriate access to resources across increasingly heterogeneous technology environments, and to meet the increasingly rigorous compliance requirements. This security practice is a crucial undertaking for any enterprise. Enterprises that develop mature IAM capabilities can reduce their identity management costs and more importantly, become significantly more responsive in supporting new business initiatives. In this module you will glance over, various aspects related to the principle of Identity & Access Management. This covers various intricacies around concepts of Authorization, Authentication, Identity & access management and its benefits to an enterprise.
IAM life cycle
Identity & Access Management Process and activities (Role Based, Single Sign on)
Learning Objective:In this module you will glance over a vast topic of securing the cloud! You will first have an overview of types of cloud infrastructure and then delve into security concerns & potential solutions.
Cloud Computing Architectural Framework
Concerns & Best Practices
Governance and Enterprise Risk Management
Legal Issues: Contracts and Electronic Discovery
Compliance and Audit Management
Information Management and Data Security
Interoperability and Portability
Traditional Security, Business Continuity, and Disaster Recovery
Data Centre Operations
Encryption and Key Management
Identity, Entitlement, and Access Management
Security as a Service
Phases of a Cyber Attack
Learning Objective:In this module, you will gain an overview of techniques & controls involved during various phases of a cyber-attack.
Phase 1 —Reconnaissance: Adversary identifies and selects a target
Phase 2 —Weaponize: Adversary packages an exploit into a payload designed to execute on the targeted computer/network
Phase 3 —Deliver: Adversary delivers the payload to the target system
Phase 4 —Exploit: Adversary code is executed on the target system
Phase 5 —Install: Adversary installs remote access software that provides a persistent presence within the targeted environment or system
Phase 7 —Act on Objectives: Adversary pursues intended objectives e.g., data exfiltration, lateral movement to other targets
Security Processes in practice for Businesses
Learning Objective:A business primarily is about making profits via achieving set targets and by catering best to customers and keeping shareholders and investors happy. This involves huge number of complex and interdependent discrete processes to run smoothly, efficiently and in a well monitored way. Today IT being one of the core enablers & also an increasingly major business platforms – threats are more than likely to cause enough disruption that may cause the business to derail completely. In this module we will glance over a variety of such business processes - to appreciate the relation, applicability and practicability of various information/ cyber security and risk management concepts that may be put in place to help the business stay predictable, safer and within a controlled cyber risk profile thereby enabling it to continue chasing its set targets.
Key Security Business Processes
Corp. & Security Governance
IT Strategy management
Supplier (third party) management
IT Operations management
Overview of top 20 security controls
This course does not have any sections.