Our 2 days cyber security foundation course equips you with knowledge about various modern digital security threats and provides you with insight about actions to mitigate these threats. The course is focused on non-network technical staff and aimed at people from business and IT. The course provides various options available to deal with myriads of threats including open source and commercial tools.
Cyber security is a vast field and this course helps participants get an understanding of the overall landscape and also to narrow down on areas where they should be focusing on in the near term. Protection of critical infrastructure from data breaches is generally known as cyber security.
Cyber Security Foundation Course
Our Cyber security foundation course addresses common breaches in an enterprise and steps to prevent breaches.
A typical breach remains undiscovered for over 200 days. What does that say about your current defense strategy? More likely that the attackers may be using completely different methods than what you are used to. This critical gap between current enterprise defense strategy and the evolution in adversary tactics is responsible for a growing number of successful intrusions
Let’s assume that your organization has invested significant amount of money in Malware detection. A malware is a piece of software that has been downloaded in your network probably because a user clicked on a link. The piece of software could be sending out critical information periodically. A proactive security analyst or your malware detection software may be able to identify and eliminate the presence of this malware. However, research suggests that Malware is responsible for only 40% of breaches, and external attackers are increasingly leveraging malware-free intrusion approaches to blend in and “fly under the radar” by assuming insider credentials within victim organizations.
Emulating legitimate users
The idea behind a malware-free intrusion is very simple—malware, even if it’s unknown to antivirus, is still very noisy. The obvious answer is that you break in without using malware, emulating legitimate insiders. Insider detection has always been one of the hardest problems to solve in cyber security because the attacker, by definition, looks like someone who is supposed to be inside your network and is doing things that are largely legitimate and expected. Thus, wherever the adversaries can emulate this behavior, they are quite successful in achieving their objective of stealth.
The objective of this course is to apprise the participant of the various components that have enabled the services we use, as well as to explain how these very same tools have simultaneously been diverted for malicious purposes.
How does Phishing work?
|Big Data/ Data Science Foundation course Funding is applicable to only Malaysia Citizens and Permanent Residents (PR’s)|
|SGD||Self Sponsored Below 40||Self Sponsored Above 40||Non SME Company Employee
|Non SME Company Employee
|SME Company Employee
Above or Below 40
|CITREP claim back||2303.7||2500||2303.7||2500||2500||2000|
|Total to pay iKompass||2986.37||2986.37||3521.37||3521.37||3521.37||2087.57|
|Nett including GST*||682.67||486.37||1217.67||1021.37||1021.37||0|
|*Nett Investment is after funding. Full amount needs to be paid to training provider. Participant will claim funding after course completion|
Cyber Security Foundation
Cyber Security Lifecyle
We examine the components of technology that are being diverted. We start with application code and how it can best be protected with isolation approaches. We look at the general principles of a secure system and then how hackers approach such systems. We follow with an examination of the various forms of infection, including viruses, worms, bots, and Trojans. We then examine encryption, using the Rivest–Shamir–Adelman (RSA) algorithm as our working example. Internet Protocol Security (IPSec)—which is at the heart of the secure virtual private network (VPN) connectivity widely employed by malaysia businesses—is discussed, along with the contrasting use by hackers of their own undetectable VPN, example, the Terracotta VPN, which makes the hackers’ activity appear to be normal traffic entering and traversing “protected” systems.
We will examine web applications, complete web systems, domain name systems (DNSs), and the general structure of the public Internet. And, given that the world has rapidly migrated into a totally mobile, instantaneous communication and download, we examine the present vulnerability of the ubiquitous “smart” devices.
Cyber Security Foundation Course outline
|9:30 - 10:00||Cyber security Introduction||Theory||As the world moves towards innovative solutions such as smart cars and Internet of Things, simultaneously, the “evil” side is growing even faster in its capability, employing those very same technologies for malicious purposes. We’ll explore the current state of cyber security||Case studies|
|10:00 - 10:30||Hackers motivations||Theory||As an example, a customers file containing 70 million customer records with credit card info, social security number, was sold to middlemen on the dark web at $50 apiece (approx $4 billion in total) and then resold by those middlemen to criminal groups and individuals at a standard price of $350 for each ID. While the biggest motivation is money, its not always just about money.||Discussion|
|10:30 - 10:45 Tea break|
|10:45 - 12:00||How Systems are breached
||Theory||Usually, the goal of the hacker is to “become” the target employee. To this end, they may want to observe all the keystrokes that the employee initiates. The hacker seeks all the passwords and special-access information that the employee normally uses to gain entry to these systems. This is achieved through spear phishing and waterholes.||Discussion|
|12:00 - 13:00 Lunch|
|13:00 - 14:00||Establishing an Undetectable Anonymous Persistent Presence||Practical||Frequently, the hackers will employ their special VPN to enter the target site so they look like regular off-site users accessing the systems. Once the password files are downloaded, they must be decrypted. Although the files contain thousands of user passwords, the attackers only need to decrypt an initial working set, so brute-force techniques are employed.||Case Study|
|14:00 - 14:45||Tools Used by Hackers to Acquire Valid Entry Credentials||Practical||The most common method of stealing sensitive information and authentication credentials in order to traverse the portals to an enterprise’s network is with a keystroke grabber. These programs are secretly installed on target computers to record or log the keys struck on a keyboard by the user on the affected device||Demos|
|14:45 -15:00 Tea break|
|15:00 - 17:30||Common Attacks||Practical||Denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks Man-in-the-middle (MitM) attack Phishing and spear phishing attacks Drive-by attack Password attack SQL injection attack Cross-site scripting (XSS) attack Eavesdropping attack Birthday attack Malware attack Viruses, Worms, Bugs, and Botnets||Demos|
|9:30 - 10:00||Counter Measures – Securing Code||Theory||Code Isolation and Confinement. Malware creators take advantage of unknowing users who download or use infected code. Such infected code can be directed toward a variety of devices including our computers, tablets, and smartphones. Specialized codecs for media are examples of components that are frequently used to conceal code.. We will cover various confinement measures.||Discussion|
|10:00 - 10:45||Counter Measures – Securing Architecture||Theory||Hacking and the deployment of an appropriate security architecture are at the forefront of every company’s attention. As many companies are experiencing their systems being hacked, security architectures can be put in place to minimize the severity of such attacks.||Discussion|
|10:30 - 10:45 Tea break|
|10:45 - 11:15||Access Control Concepts||Theory||Access control is an approach to restricting system access only to authorized users. The system knows who the user is, and their identity is authenticated by name, password, or further identification credentials. Any user’s access request or process is passed through a reference monitor acting as a gatekeeper and must be validated before the user or the process is granted access.||IAM|
|11:15 - 12:00||Cryptography and the RSA Algorithm||Theory||Cryptography is the practice of applying encryption techniques to ensure secure communication in the presence of third parties (whom we will consider adversaries). Generally, cryptography is about constructing and analyzing protocols that block adversaries, protect data confidentiality and data integrity, and provide authentication for the sender and the message.||Case Study|
|12:00 - 13:00 Lunch|
|13:00 - 14:00||Browser Security and Cross-Site Scripting||Practical||Browser security is an important topic in information security because a large portion of the population uses computers, primarily for browsing the Internet. A simple lack of browser security knowledge plagues many Internet users who fall victim to constant pop-ups, adware, spyware, and other forms of malware|
|14:00 - 14:45||Session Management, User Authentication, and Web Application Security||Practical||An open field, file, or form that will take input and allow server processing may not have properly cleansed that input, allowing the remote execution of hidden and embedded code in that data that was not intended to be run on that server.||Discussion|
|14:00 - 14:45||Cybercrime-as-a-Service (CaaS)||Practical||Over the past 20 years, cybercrime has become a mature industry estimated to produce more than $1 trillion in annual revenues. From products like exploit kits and custom malware to services like botnet rentals and ransomware distribution, the breadth of cybercrime offerings has never been greater. The result: more, and more serious, forms of cybercrime.||Case study|
|14:45 -15:00 Tea break|
|15:00 - 17:30||Security Incident and Event Management (SIEM) Machine Learning and AI for Cyber Security||Practical||Security Incident and Event Management (SIEM) is a process that helps cyber security implementation by gathering security-related information (network and application logs for example) at a centralized location or tags those information assets at the edge (the location where the data is generated in the case of IoT) and uses this information for identification of anomalies which indicates breaches to the security infrastructure of an enterprise. Various machine learning algorithms can be used for detection and prevention of cyber attacks. We will discuss some common algorithms for anomaly detection, pattern recognition etc.,||Demos|