Integrated Cyber Security and Cyber Forensic Training
Linux Training + Windows Basics Training+ Linux Hardening Training + Cyber Security Training
This Training Module is for those who is highly Interested and ready to make his/her career in cyber Security and Ethical Hacking Field with indepth Knowledge.
PHASE 1: Linux Training with Cyber Security Lab setup
PHASE 2: Windows OS Basic training(Specially security Options)
PHASE 3: Linux Server Hardening Training
PHASE 4: Cyber Security and Cyber Security Training With Cryptography as mentioned below.
1. Viruses Detection and prevention
2. Crypto-malware and malware detection
3. Ransomware attack Concept and Prevention
4. Learn about Worm
5. Trojan symptoms and awareness
6. Rootkit scanning and configuration
7. Keylogger
8. Adware and it’s effect
9. Spyware and it’s dangerous effect
10. Bots
11. RAT
12. Logic bomb
13. Backdoor created by Hackers
Compare and contrast types of attacks.
1. Social engineering attack
Phishing attack
Spear phishing attack
Shoulder surfing
Principles (reasons for effectiveness)
2. Application/service attacks
DoS attack live demonstaration
DDoS attack and it’s functionality
Man-in-the-middle attack
Injection
Privilege escalation
ARP poisoning
DNS poisoning
Domain hijacking
Man-in-the-browser and security
MAC spoofing
IP spoofing
Cryptographic attacks:
Birthday
Known plain text/cipher text
create Dictionary
Dictionary attack
Brute force
Online vs. offline
Collision
Downgrade
Weak implementations
Attributes of hackers
Internal/external
Level of sophistication
Resources/funding
Intent/motivation
Use of open-source intelligence
Penetration testing vs. vulnerability scanning
Explain the impact associated with types of vulnerabilities.
1. Race conditions
2. Vulnerabilities Reasons and Types:
End-of-life systems
Embedded systems
Lack of vendor support
3. Improper input handling
4. Improper error handling
5. weak configuration
6. Default configuration
7. Resource exhaustion
8. Untrained users
9. Improperly configured accounts
10. Vulnerable business processes
11. Weak cipher suites and implementations
12. Memory/buffer vulnerability
13. System sprawl/undocumented assets
14. Architecture/design weaknesses
15. New threats/zero day
16. Improper certificate and key management
Install and configure network components, both hardware and software-based, to support organizational security.
Firewall
ACL
Application-based vs. network-based
Stateful vs. stateless
Proxy
proxy server
Chainproxy
Virtual server
Application/multipurpose
Access point
SSID
MAC filtering
Signal strength
Band selection/width
Antenna types and placement
Fat vs. thin
USB blocking
Given a scenario, use appropriate software tools to assess the security posture of an organization.
1. Protocol analyzer
2. Network scanners
Rogue system detection
Network mapping
3. Wireless scanners/cracker
4. Password cracker for Windows/Linux
5. Vulnerability scanner
6. Configuration compliance scanner
7. Exploitation frameworks
8. Data tools
9. Stenography tools
10. Honeypot
11. Backup utilities
12. Banner grabbing
13. Passive vs. active
14. Command line tools
ping
netstat
tracert
nslookup/dig
arp
ipconfig/ip/ifconfig
tcpdump
nmap
netcat
Given a scenario, troubleshoot common security issues.
1. Unencrypted credentials/clear text
2. Logs and events anomalies
3. Permission issues
4. Access violations
5. Certificate issues
6. Data exfiltration
7. Misconfigured devices
8. Weak security configurations
9. Personnel issues
Policy violation
Insider threat
Social engineering
Social media
Personal email
10. Unauthorized software
11. Baseline deviation
12. License compliance violation (availability/integrity)
13. Asset management
14. Authentication issues
Given a scenario, analyze and interpret output from security technologies.
1. HIDS/HIPS
2. Antivirus
3. File integrity check
4. Host-based firewall
5. Application whitelisting
6. Removable media control
7. Advanced malware tools
8. Patch management tools
9. UTM
10. DLP
11. Data execution prevention
12. Web application firewall
Given a scenario, deploy mobile devices securely.
Connection methods
Cellular
WiFi
Bluetooth
NFC
USB
Mobile device management concepts
Application management
Content management
Remote wipe
Geo fencing
Geo location
Screen locks
Push notification services
Passwords and pins
Bio metrics
Context-aware authentication
Containerization
Storage segmentation
Full device encryption
Use cases
Voice and video
Time synchronization
Email and web
File transfer
Directory services
Remote access
Domain name resolution
Routing and switching
Network address allocation
Subscription service
Architecture and Design
Explain use cases and purpose for frameworks,
best practices and secure configuration guides.
1. Industry-standard frameworks and reference architectures
Regulatory
Non-regulatory
National vs. international
Industry-specific frameworks
Benchmarks/secure configuration guides
Platform/vendor-specific guides
Web server
Operating system
Application server
Network infrastructure devices
General purpose guides
Defense-in-depth/layered security
Vendor diversity
Control diversity
Administrative
Technical
User training
Given a scenario, implement secure network architecture concepts.
Zones/topologies
DMZ
Extranet
Intranet
Wireless
Guest
Honeynets
NAT
Operating systems
Types
Network
Server
Workstation
Appliance
Mobile OS
Patch management
Disabling unnecessary ports and services
Least functionality
Secure configurations
Trusted operating system
Application whitelisting/blacklisting
Disable default accounts/passwords
Peripherals
Wireless keyboards
Wireless mice
Displays
WiFi-enabled MicroSD cards
Printers/MFDs
External storage devices
Digital cameras
Explain the importance of secure staging deployment concepts.
1. Sandboxing
2. Environment
Development
Test
Staging
Production
3. Secure baseline
Integrity measurement
Summarize secure application development and deployment concepts.
Development life-cycle models
Waterfall vs. Agile
Proper error handling
Proper input validation
Normalization
Stored procedures
Code signing
Encryption
Obfuscation/camouflage
Code reuse/dead code
Server-side vs. client-side execution and validation
Memory management
Use of third-party libraries and SDKs
Data exposure
. Code quality and testing
Static code analyzers
Dynamic analysis (e.g., fuzzing)
Stress testing
Sandboxing
Model verification
Compiled vs. runtime code
Summarize cloud and virtualization concepts.
1. Hypervisor
2. Cloud storage
3. Cloud deployment models
SaaS
PaaS
IaaS
Private
Public
Hybrid
Community
6. On-premise vs. hosted vs. cloud
7. VDI/VDE
8. Cloud access security broker
9. Security as a Service
Snapshots
Revert to known state
Rollback to known configuration
Live boot media
Elasticity
Scalability
Distributive allocation
Redundancy
Fault tolerance
High availability
RAID
Explain the importance of physical security controls.
1. Lighting
2. Signs
3. Fencing/gate/cage
4. Security guards
5. Alarms
6. Safe
7. Secure cabinets/enclosures
8. Protected distribution/Protected cabling
9. Airgap
10. Mantrap
11. Faraday cage
12. Lock types
13. Biometrics
14. Barricades/bollards
15. Tokens/cards
16. Environmental controls
Hot and cold aisles
Fire suppression
17. Cable locks
18. Screen filters
19. Cameras
20. Motion detection
21. Logs
22. Infrared detection
23. Key management
. Biometric factors
Fingerprint scanner
Retinal scanner
Iris scanner
Voice recognition
Facial recognition
False acceptance rate
False rejection rate
Crossover error rate
File system security
Database security
Given a scenario, differentiate common account management practices
Account types
User account
Shared and generic accounts/credentials
Guest accounts
Service accounts
Privileged accounts
General Concepts
Least privilege
Onboarding/offboarding
Permission auditing and review
Usage auditing and review
Time-of-day restrictions
Recertification
Standard naming convention
Account maintenance
Group-based access control
Location-based policies
Account policy enforcement
Credential management
Group policy
Password complexity
Expiration
Recovery
Disablement
Lockout
Password history
Password reuse
Password length
Risk Management
Mandatory vacations
Job rotation
Separation of duties
Clean desk
Background checks
Exit interviews
Role-based awareness training
Data owner
System administrator
System owner
User
Privileged user
Executive user
NDA
Onboarding
Continuing education
Acceptable use policy/rules of behavior
Explain risk management processes and concepts.
1. Threat assessment
Environmental
Manmade
Internal vs. external
2. Risk assessment
Asset value
Risk register
Likelihood of occurrence
Supply chain assessment
Impact
Quantitative
Qualitative
Testing
Penetration testing authorization
Vulnerability testing authorization
Risk response techniques
Accept
Transfer
Avoid
Mitigate
Change management
Given a scenario, follow incident response procedures
Incident response plan
Documented incident types/category definitions
Roles and responsibilities
Reporting requirements/escalation
Cyber-incident response teams
Incident response process
Preparation
Identification
Containment
Eradication
Recovery
Lessons learned
Summarize basic concepts of forensics.
1. Order of volatility
2. Chain of custody
3. Legal hold
4. Data acquisition
Capture system image
Network traffic and logs
Capture video
Record time offset
Take hashes
Screenshots
Witness interviews
Active logging
Explain disaster recovery and continuity of operation concepts.
1. Recovery sites
Hot site
Warm site
Cold site
2. Order of restoration
3. Backup concepts
Differential
Incremental
Snapshots
Full
Geographic considerations(Cloud Computing Security)
Off-site backups
Distance
Location selection
Legal implications
Data sovereignty
Given a scenario, carry out data security and privacy practices.
1. Data destruction and media sanitization
Burning
Shredding
Pulping
Pulverizing
Degaussing
Purging
Wiping
Cryptography and PKI
Compare and contrast basic concepts of cryptography.
1. Symmetric algorithms
2. Modes of operation
3. Asymmetric algorithms
4. Hashing
5. Salt, IV, nonce
6. Elliptic curve
7. Weak/deprecated algorithms
8. Key exchange
9. Digital signatures
10. Diffusion
11. Confusion
12. Collision
13. Steganography
14. Obfuscation
15. Stream vs. block
16. Key strength
17. Session keys
18. Ephemeral key
19. Secret algorithm
20. Data-in-transit
21. Data-at-rest
22. Data-in-use
23. Random/pseudo-random number generation
24. Key stretching
25. Implementation vs. algorithm selection
Crypto service provider
Crypto modules
26. Perfect forward secrecy
27. Security through obscurity
28. Common use cases
Explain cryptography algorithms and their basic characteristics.
1. Symmetric algorithms
AES
DES
3DES
RC4
Blowfish/Twofish
Stream vs. block
3. Asymmetric algorithms
RSA
DSA
PGP/GPG
4. Hashing algorithms
MD5
SHA
5. Certificate formats
DER
PEM
PFX
CER
P12
P7B
Learn Linux CCNA CEH IPv6 Cyber-Security Online 