Integrated Cyber Security and Cyber Forensic Training


Linux Training + Windows Basics Training+ Linux Hardening Training + Cyber Security Training

This Training Module is for those who is highly Interested and ready to make his/her career in   cyber Security and Ethical Hacking Field with indepth Knowledge.

PHASE 1: Linux Training with Cyber Security Lab setup

PHASE 2: Windows OS Basic training(Specially security Options)

PHASE 3: Linux Server Hardening Training

PHASE 4: Cyber Security and Cyber Security Training With Cryptography as mentioned below.

 

1. Viruses Detection and prevention
2. Crypto-malware and malware detection
3. Ransomware attack Concept and Prevention
4. Learn about Worm
5. Trojan symptoms and awareness
6. Rootkit scanning and configuration
7. Keylogger
8. Adware and it’s effect
9. Spyware and it’s dangerous effect
10. Bots
11. RAT
12. Logic bomb
13. Backdoor created by Hackers

Compare and contrast types of attacks.

1. Social engineering attack
Phishing attack
Spear phishing attack
Shoulder surfing

Principles (reasons for effectiveness)

2. Application/service attacks
DoS attack live demonstaration
DDoS attack and it’s functionality
Man-in-the-middle attack

Injection

Privilege escalation
ARP poisoning
DNS poisoning
Domain hijacking
Man-in-the-browser and security

MAC spoofing
IP spoofing

 

 Cryptographic attacks:
Birthday
Known plain text/cipher text
create Dictionary

Dictionary attack
Brute force
Online vs. offline
Collision
Downgrade

 

Weak implementations

 

Attributes of hackers
Internal/external
Level of sophistication
Resources/funding
Intent/motivation

Use of open-source intelligence

 

Penetration testing vs. vulnerability scanning

Explain the impact associated with types of vulnerabilities.

1. Race conditions

2. Vulnerabilities Reasons and Types:

End-of-life systems
Embedded systems
Lack of vendor support
3. Improper input handling
4. Improper error handling
5. weak configuration
6. Default configuration
7. Resource exhaustion
8. Untrained users
9. Improperly configured accounts
10. Vulnerable business processes
11. Weak cipher suites and implementations
12. Memory/buffer vulnerability

13. System sprawl/undocumented assets
14. Architecture/design weaknesses
15. New threats/zero day
16. Improper certificate and key management

 

Install and configure network components, both hardware and software-based, to support organizational security.
Firewall
ACL
Application-based vs. network-based
Stateful vs. stateless

Proxy
proxy server
Chainproxy
Virtual server
Application/multipurpose

Access point
SSID
MAC filtering
Signal strength
Band selection/width
Antenna types and placement
Fat vs. thin

USB blocking

Given a scenario, use appropriate software tools to assess the security posture of an organization.

1. Protocol analyzer
2. Network scanners

Rogue system detection
Network mapping
3. Wireless scanners/cracker
4. Password cracker for Windows/Linux
5. Vulnerability scanner
6. Configuration compliance scanner
7. Exploitation frameworks
8. Data  tools
9. Stenography tools
10. Honeypot
11. Backup utilities
12. Banner grabbing
13. Passive vs. active
14. Command line tools

ping
netstat
tracert
nslookup/dig
arp
ipconfig/ip/ifconfig
tcpdump
nmap
netcat

Given a scenario, troubleshoot common security issues.

1. Unencrypted credentials/clear text
2. Logs and events anomalies
3. Permission issues
4. Access violations
5. Certificate issues
6. Data exfiltration
7. Misconfigured devices
8. Weak security configurations
9. Personnel issues

Policy violation
Insider threat
Social engineering
Social media
Personal email

10. Unauthorized software
11. Baseline deviation
12. License compliance violation (availability/integrity)
13. Asset management
14. Authentication issues

Given a scenario, analyze and interpret output from security technologies.

1. HIDS/HIPS
2. Antivirus
3. File integrity check
4. Host-based firewall
5. Application whitelisting
6. Removable media control
7. Advanced malware tools
8. Patch management tools
9. UTM
10. DLP
11. Data execution prevention
12. Web application firewall

Given a scenario, deploy mobile devices securely.
Connection methods
Cellular
WiFi
Bluetooth
NFC
USB

Mobile device management concepts

Application management
Content management
Remote wipe
Geo fencing
Geo location

Screen locks
Push notification services
Passwords and pins
Bio metrics
Context-aware authentication
Containerization
Storage segmentation
Full device encryption

Use cases

Voice and video
Time synchronization
Email and web
File transfer
Directory services
Remote access
Domain name resolution
Routing and switching
Network address allocation
Subscription service

Architecture and Design

Explain use cases and purpose for frameworks,
best practices and secure configuration guides.
1. Industry-standard frameworks and reference architectures
Regulatory
Non-regulatory
National vs. international
Industry-specific frameworks

Benchmarks/secure configuration guides

Platform/vendor-specific guides
Web server
Operating system
Application server
Network infrastructure devices
General purpose guides

Defense-in-depth/layered security

Vendor diversity
Control diversity
Administrative
Technical
User training

Given a scenario, implement secure network architecture concepts.

Zones/topologies
DMZ
Extranet
Intranet
Wireless
Guest
Honeynets
NAT

Operating systems

Types
Network
Server
Workstation
Appliance
Mobile OS
Patch management
Disabling unnecessary ports and services
Least functionality
Secure configurations
Trusted operating system
Application whitelisting/blacklisting
Disable default accounts/passwords

Peripherals

Wireless keyboards
Wireless mice
Displays
WiFi-enabled MicroSD cards
Printers/MFDs
External storage devices
Digital cameras

Explain the importance of secure staging deployment concepts.

1. Sandboxing
2. Environment
Development
Test
Staging
Production
3. Secure baseline
Integrity measurement

Summarize secure application development and deployment concepts.

Development life-cycle models
Waterfall vs. Agile
Proper error handling
Proper input validation
Normalization
Stored procedures
Code signing
Encryption
Obfuscation/camouflage
Code reuse/dead code
Server-side vs. client-side execution and validation
Memory management
Use of third-party libraries and SDKs
Data exposure

. Code quality and testing

Static code analyzers
Dynamic analysis (e.g., fuzzing)
Stress testing
Sandboxing
Model verification

 Compiled vs. runtime code

Summarize cloud and virtualization concepts.

1. Hypervisor

2. Cloud storage
3. Cloud deployment models

SaaS
PaaS
IaaS
Private
Public
Hybrid
Community
6. On-premise vs. hosted vs. cloud
7. VDI/VDE
8. Cloud access security broker
9. Security as a Service

Snapshots
Revert to known state
Rollback to known configuration
Live boot media
Elasticity
Scalability
Distributive allocation
Redundancy
Fault tolerance
High availability
RAID

 

Explain the importance of physical security controls.

1. Lighting
2. Signs
3. Fencing/gate/cage
4. Security guards
5. Alarms
6. Safe
7. Secure cabinets/enclosures
8. Protected distribution/Protected cabling
9. Airgap
10. Mantrap
11. Faraday cage
12. Lock types
13. Biometrics
14. Barricades/bollards
15. Tokens/cards
16. Environmental controls

Hot and cold aisles
Fire suppression
17. Cable locks
18. Screen filters
19. Cameras
20. Motion detection
21. Logs
22. Infrared detection
23. Key management

. Biometric factors

Fingerprint scanner
Retinal scanner
Iris scanner
Voice recognition
Facial recognition
False acceptance rate
False rejection rate
Crossover error rate

File system security

Database security

Given a scenario, differentiate common account management practices

Account types

User account
Shared and generic accounts/credentials
Guest accounts
Service accounts
Privileged accounts

General Concepts

Least privilege
Onboarding/offboarding
Permission auditing and review
Usage auditing and review
Time-of-day restrictions
Recertification
Standard naming convention
Account maintenance
Group-based access control
Location-based policies

Account policy enforcement

Credential management
Group policy
Password complexity
Expiration
Recovery
Disablement
Lockout
Password history
Password reuse
Password length

Risk Management

Mandatory vacations
Job rotation
Separation of duties
Clean desk
Background checks
Exit interviews
Role-based awareness training
Data owner
System administrator
System owner
User
Privileged user
Executive user
NDA
Onboarding
Continuing education
Acceptable use policy/rules of behavior

 

Explain risk management processes and concepts.
1. Threat assessment
Environmental
Manmade

Internal vs. external

2. Risk assessment

Asset value
Risk register
Likelihood of occurrence
Supply chain assessment
Impact
Quantitative
Qualitative
Testing
Penetration testing authorization
Vulnerability testing authorization
Risk response techniques
Accept
Transfer
Avoid
Mitigate

Change management

Given a scenario, follow incident response procedures

Incident response plan
Documented incident types/category definitions
Roles and responsibilities
Reporting requirements/escalation
Cyber-incident response teams

Incident response process

Preparation
Identification
Containment
Eradication
Recovery
Lessons learned

Summarize basic concepts of forensics.

1. Order of volatility
2. Chain of custody
3. Legal hold
4. Data acquisition
Capture system image
Network traffic and logs
Capture video
Record time offset
Take hashes
Screenshots

Witness interviews

Active logging

Explain disaster recovery and continuity of operation concepts.

1. Recovery sites
Hot site
Warm site
Cold site

2. Order of restoration
3. Backup concepts

Differential
Incremental
Snapshots
Full

Geographic considerations(Cloud Computing Security)

Off-site backups
Distance
Location selection
Legal implications
Data sovereignty

Given a scenario, carry out data security and privacy practices.

1. Data destruction and media sanitization

Burning
Shredding
Pulping
Pulverizing
Degaussing
Purging
Wiping

Cryptography and PKI

Compare and contrast basic concepts of cryptography.
1. Symmetric algorithms
2. Modes of operation
3. Asymmetric algorithms
4. Hashing
5. Salt, IV, nonce
6. Elliptic curve
7. Weak/deprecated algorithms
8. Key exchange
9. Digital signatures
10. Diffusion
11. Confusion
12. Collision
13. Steganography
14. Obfuscation
15. Stream vs. block
16. Key strength
17. Session keys
18. Ephemeral key
19. Secret algorithm
20. Data-in-transit
21. Data-at-rest
22. Data-in-use
23. Random/pseudo-random number generation
24. Key stretching
25. Implementation vs. algorithm selection
Crypto service provider
Crypto modules
26. Perfect forward secrecy
27. Security through obscurity
28. Common use cases

Explain cryptography algorithms and their basic characteristics.

1. Symmetric algorithms
AES
DES
3DES
RC4
Blowfish/Twofish

Stream vs. block

3. Asymmetric algorithms

RSA
DSA
PGP/GPG

4. Hashing algorithms

MD5
SHA

5. Certificate formats

DER
PEM
PFX
CER
P12
P7B