Cybersecurity – Attacker, Brandväggar, Kryptering
This is a training for you who want to learn everything about security in web- and network-related environments. We go through how hackers work, common mistakes and how to detect and protect your network against intrusions!
This is a very appreciated and fun course, where you get to do things you didn't think were possible (or at least didn't think were so easy). Many participants go home with a smile on their face and at the same time a concern for their own computer environment but with a new toolbox of tips and tricks to secure their IT environment!
The goal is to give you a great awareness of the fundamental problems that exist in today's protocols, equipment, and services. You get a real-life foundation to stand on because the training is very practical and lab-intensive. The training covers a large number of areas, everything from what to take into account when building or setting requirements for a new product, being responsible for operating networks or servers, to how attackers locate and exploit vulnerabilities in non-updated systems.
Plats
Stockholm
Göteborg
Utbildningsformer
Classroom
Längd
5 dagar
Pris
34900 kr
Target Audience
The training is aimed at those who want to gain a deep understanding of security issues on networks and computers.
You will learn
After completing the training, you will have:
- Practical and theoretical knowledge of how the attacker uses various techniques to destroy, steal and change data on computers and networks and carry out DOS attacks.
- Solid knowledge of the security issues with today's networks and application protocols
- Understand firewall technology in depth
- Good knowledge of vulnerabilities and attacks to exploit them
- Understanding of the technology behind malware
- Knowledge of various techniques for detecting network or computer intrusions
- Hands-on experience with methods and tools used to attack and verify security
- Basic knowledge of cryptography
Prerequisites
Participants in this course must understand the basics of networking and be a proficient computer user
Content: Cybersecurity – Attacks, Firewalls, Encryption
1. Introduction
2. Policies and security standards
- Security classification of information
- IT security instructions for users
- System security plan
- NIS2, Requirements and control of municipalities and regions as well as socially important functions
- Design, implementation and compliance ISMS
- ISO 27000
- Guidelines for information security
- Processing of personal data
- Things to consider when procuring cloud services
- Physical security
- Organisation
- System security analysis, availability plan and System Security Plan
3. Network protocols from a security point of view
- Deep repetition of TCP/IP at the bit level
- Security issues related to TCP/IP, ARP, DNS, HTTP, FTP, SMTP and POP3 protocols. As well as how to go about protecting yourself against these.
- Buffer overflows
- DOS and DDOS attacks
- Hijacking and interception
- NAT
4. Malicious code, Malicious software
- Today's viruses, Trojans and worms work in new ways.
- Targeted attacks are not detected by the antivirus.
- How do they work and how do you protect yourself against them.
5. Verify security
- Host-based security scanners
- Network-based security scanners
6. Vulnerabilities, Vulnerabilities
- Vulnerabilities/ Exploits
- CAN/CVE
- Reference pages
- Checklists and updates
7. Web Security
- Input validation
- SQL injection
- Problems with sessions
- Client security
8. Firewalls
- Packet filtering
- Stateful inspection
- Firewall rules
- Proxy
- VPN
9. Intrusion detection, IDS
- Network-based IDSs
- Host-based IDSs
10. Logging and auditing
- Centralized logging
- Event Viewer, syslog-ng
- NTP on sources when logging
11. Cryptography
- Confidentiality, Integrity, Availability, Non repudiation, traceability
- Asymmetric cryptography
- Symmetric cryptography
- HASH algorithms
- RSA/DES/AES/MD5/SHA1
- Certificates and CA (certificate authority)
- PKI, Public key infrastructure
- X509v3
12. Cryptography in practice
- How are the above techniques used in different applications/protocols?
- SSH, SCP, SFTP
- SSL/TLS, HTTPS, FTPS.POP3S
- IPSec
- File, partition and disk encryption
13. From the attacker's point of view How would an attack take place? Scenario and discussions based on the different parts of the course.
- Collect information
- Access internal parts.
- Further attacks internally, new targets.
14. WLAN - wireless networks
- Construction of wireless networks
- Review of current standards
- WEP, WPA, 802.11i (WPA2)
- Attacks and software
- How to protect yourself
Practical exercises The training is lab-intensive where the labs are interspersed with theory. The training is based on trying out techniques that attackers use and then going through different types of solutions to the respective security problems. Example lab 1 of a total of 25:
- You can use vulnerability scanners (nessus) to identify different types of vulnerabilities, and then find a working attack.
- The training shows different possibilities for the attacker to proceed with the attack. For example, you may try to hide from users/administrators in the system. Other examples are setting up back doors to be able to remotely control the computer later.
- You gain insight into the possibilities of using the attack to, for example, steal/change information or destroy important functions.
- You use sniffer technology to carry out a Man-in-the-middle attack so that you gain access to all traffic on the local LAN or a WAN connection, both encrypted and unencrypted traffic.
- You can build a trojan yourself that allows remote control of the affected computer.
- Set up a firewall and build up the associated regulations.