Cyber Security - Bootcamp

The course focuses on the methodologies and practices the basic security concepts
utilized by cyber security professionals. The course utilizes tools and techniques to
Program
educate students on the fundamentals of cyber security and associated practices for
Description
securing networks and operating systems. Skill learned are evaluated through hands-
on application of critical security concepts.
• Identify the key components of cybersecurity network architecture
• Apply cybersecurity architecture principles
• Identify security tools and hardening techniques
Learning • Analyze threats and risks within context of the cybersecurity architecture
Outcomes • Appraise cybersecurity incidents to Apply appropriate response
• Evaluate decision making outcomes of cybersecurity scenarios
• Access additional external resources to supplement knowledge of
cybersecurity
Targeted Job
Cyber security Analyst
Roles (not
Cyber security Engineer
limited to:)

Weeks Modules
Module 1: Introduction to Cyber Security and Security Essentials
The Need for Cybersecurity
Physical security
Attacks, Concepts and Techniques
Protecting Your Data and Privacy
Protecting the Organization
1
Will Your Future Be in Cybersecurity?
Cybersecurity - A World of Experts and Criminals
The Cybersecurity Cube
Cybersecurity Threats, Vulnerabilities, and Attacks
The Art of Protecting Secrets, ensuring integrity and. Five nines concept
Protecting a Cybersecurity Domain and Becoming a Cybersecurity Specialist

Module 2: Cyber Operations (CyberOps) Basics

Security Concepts
2
Security Monitoring
Host-Based Analysis
 Network Intrusion Analysis
Security Policies and Procedures
Tools: Splunk, Syslog-ng, OSSEC, Graylog, Wireshark, tcpdump, Tshark, Snort, Bro,
and Suricata

Module 3: Computer Network and Security, Cryptography, IDAM,

Data and Endpoint Security
Network architecture, protocols, and technologies: Layered architecture, Open
Systems Interconnect (OSI) Model
Hybrid TCP/IP Model
Application Layer Protocols: HTTP, SNMP, DNS, POP, SMTP
Types of encryption carryon: DES, Triple DES, AES, IDEA, Blowfish, RC4, RC5, RC6,
Asymmetric Cryptography, The Diffie-Hellman Algorithm, RSA
OWASP Top 10 web application vulnerabilities
3
Authorization, Authentication, Access Control, Privilege levels
Data Security Controls
Cloud Security
Identity, Entitlement, and Access Management
Virtualization
Security as a Service
Tools: OpenSSL, GnuPG, TrueCrypt, Nessus, Acunetix, Burp Suite, Kerberos,
RADIUS, TACACS+, LDAP, PGP, Symantec Endpoint Encryption, BitLocker, Cloudflare,
AWS, Microsoft Azure, SailPoint, BeyondTrust, and Okta

Module 4: CND Module

Secure IDS Configuration and Management
Secure VPN Configuration and Management
Network Traffic Monitoring and Analysis
4 Network Risk and Vulnerability Management
Data Backup and Recovery
Network Incident Response and Management
Overview of top 20 security controls
Tools: Snort, Suricata, OpenVPN, IPSEC, SSL VPNs, Wireshark, tcpdump, Tshark,
Nessus, Qualys, OpenVAS, Rsync, Bacula, Amanda, OSSIM, AlienVault, Security Onion

Module 5: CEH Module

Introduction to Ethical Hacking
5 Overview of current security Trends
Understanding the element of Information Security
Understanding Information Security Threats
 Overview of current Security Threats and attack vectors
Overview of hacking concept, types and phases
Understanding Ethical hacking and concept
Tools: Nmap, Metasploit, Burp Suite, Wireshark, Snort, Bro, Suricata, Kali Linux,
John the Ripper, Aircrack-ng

Module 6: Operation Analyst- EPS

Understanding network carryon: network protocols, network security, network
architecture
Network Security Tools & Techniques: Firewalls, IPS, IDS, SIEM, etc
6
Endpoint Security Tools & Techniques: Anti-malware, Encryption, DLP, etc
Incident Response & Management: Logging, Monitoring, Analysis, Remediation
Tools: TCP/IP, UDP, ICMP, FTP, HTTP, fire carryon: walls, IDS, IPS, SIEM, anti-
malware, encryption, DLP, SIEM, OSSEC, Splunk

Module 7: Operation Analyst- Data Protection

Data Protection Principles and Best Practices
Data Loss Prevention (DLP)
Data Encryption
7 Data Masking
Data Classification
Data Governance
Tools: PGP, Symantec Endpoint Encryption, BitLocker, Symantec DLP, McAfee DLP,
Forcepoint DLP, OpenSSL, GnuPG, TrueCrypt, Informatica, Imperva, Oracle, Symantec
Data Loss Prevention, McAfee Data Loss Prevention, Collibra, Informatica, Talend

Module 8: Operation Analyst- IDAM

Identity and Access Management (IAM)
Identity and Access Governance (IAG)
Identity and Access Provisioning (IAP)
8
Identity and Access Auditing (IAA)
Identity and Access Risk Assessment (IARA)
Tools: SailPoint, BeyondTrust, Okta, SailPoint, BeyondTrust, Okta, SailPoint,
BeyondTrust, Okta, SailPoint, BeyondTrust, Okta, SailPoint, BeyondTrust, Okta

Module 9: Operation Engineer- NWS

Network Security Tools & Techniques: Firewalls, IPS, IDS, etc
9
Network Security Monitoring & Analysis
Network Security Incident Response & Management
 Network Security Risk & Vulnerability Management carryon: patching, hardening, etc
Tools: Firewalls, IDS, IPS, SIEM, Wireshark, tcpdump, Tshark, OSSIM, AlienVault,
Security Onion, Nessus, Qualys, OpenVAS

Module 10: Operation Engineer- App Sec

Application Security Tools & Techniques: WAF, Vulnerability Scanning, etc
Application Security Monitoring & Analysis
10 Application Security Incident Response & Management
Application Security Risk & Vulnerability Management carryon: patching, hardening,
etc
Tools: WAF, vulnerability scanning, code review, Wireshark, tcpdump, Tshark,
OSSIM, AlienVault, Security Onion, Nessus, Qualys, OpenVAS carryon:

Module 11: Management

Governance
Risk Management Overview
Risk and Controls Assessments
Information Security Controls
11 Compliance
Audit Management
Security Program Management & Operations
Tools: COBIT, ISO 27001, ITIL, RiskIT, OCTAVE, FAIR, NIST 800-53, SANS 20, CIS CSC,
HIPAA, PCI DSS, GLBA, AuditBoard, Internal Audit Manager, SecurityScorecard,
RiskLens, CloudCheckr

Module 12: Management Cont.…

Security operations
Strategic Planning
12 Finance
Procurement
Vendor Management
Revision and overall assessments carryon: KRI and KPI PI carryon: KRI and KPI