Courses

Cyber Protection Implementation

About this course

Over the years, the magnitude of the damage of cybercrime in the world has been revealed. The theft of billions of dollars of information, the irreversible damage to organizations, the damage to the reliability of systems, and the damage will increase as computing dependence grows.

Together with the ever-increasing threat, organizations around the world are looking for people who can protect their trade secret, their customers and, if necessary, understand what damage was done in the event of an attack. The profile of these people is high technical ability, a desire to learn and improve together with familiarity with the world of attack and defense, a defense tool and the ability to respond quickly.

The program implements cyber protection as a practical course that gives people with high technical ability the tools required to significantly improve organizational protection. The course includes challenges that participants will face when they look for work in industry. The course is a vast knowledge base for the participant who wishes to enter the information security market.

The Course includes preparation for exams and certification from Israel's National Cyber Bureau in the field of Cyber Protection Implementer.

The course is also intended for participants who arrive without prior knowledge or background in the field.


Course Details

Hours506
Evening Program17:00-22:00 Twice a week, Mondays & Wednesdays for One Year

Classes Start 12/17/2018
RequirementsPass all graded assignments to complete the course
LanguageHebrew/English


Syllabus

Introduction
  • Information Security - Cyberspace, Attack vectors, Defense mythologies, Information security roles
  • Hardware - Computer hardware, Hardware for information security (Writeblocks, HD Readers etc.)
  • Windows 10 - Control Panel, Permissions, Shares, Event Viewer
    • Infrastructure
  • Active Directory - Users & Groups management, services, GPO, SMB, LLMNR, NetBIOS
  • Servers - DNS, ESX, Storage, Web (General)
  • Database - SQL, Big data, JSON
    • Operation Systems
  • Windows - Registry, WMI, NTFS, Memory, Processes, DLL & PE, Windows Architecture, Hooking, Buffer Overflow
  • Linux - Commands, Users & Groups management, Services, Boot, File system, Logs etc
  • End point security - Client hardening, AV, HIPS, Application control
  • Android - Services, Permissions
  • IOS - Services, Permissions
    • Identity And Access Management
  • Physical and logical assets control
  • Identification and authentication of people and devices
  • Identity as a service and Third-party identity services
  • Access control attacks
    • Network & Endpoint Security
  • Removable Devices
  • Network - Firewall, IDS, IPS
  • Behavioral analysis solutions
  • DLP
  • Access Control methodology
    • Development (Software Development Security)
  • Python - Basics, Debug, Exceptions, Regular expression, Data processing, Scapy
  • Secure development lifecycle - Methods, Standardization. Code obfuscation, Anti reverse
  • Development environment security controls
  • Software security effectiveness
  • Acquired software security impact
    • Networking
  • Basic - OSI, TCP/IP, Packet Tracer & IOS, Network components
  • Network attacks - Understand network flooding, Poisoning, Spoofing
  • Network analysis - Wireshark, Firewall, IPS/IDS, Application filters, Reconnaissance, Wireless
  • Secure network architecture design (e.g. IP and non-IP protocols, segmentation)
  • Secure communication channels
  • Network security - VPN, Proxy, Tunneling
  • Sniffing, Packet Sniffers, Pcap & WinPcap, Wireshark, Active Sniffing Methods
  • Routing Protocols Analysis
  • Firewall & IDS
    • Encryption
  • Signature - Understanding Hash, MD5, Sha1, Sha 256, Digital signature
  • Encryption methods - Key management, Protocols, RSA, Diffie Helman, Kerberos
    • Web
  • Basic - HTML, JavaScript, PHP, HTTP, Websockets
  • Web vulnerabilities - OWASP top 10, SQL mapping
  • Web security - WAF, Secure modules and methods
  • Cloud - Architecture, Cloud protection
    • Forensics & Malware Analysis
  • HD analysis - Data gathering, Forensics methods, Artifacts
  • Memory analysis - Memory architecture, Memory gathering, Volatility
  • Malware analysis - Basic static analysis, Basic dynamic analysis, sandboxes
  • Reverse Engineering - Assembly, IDA Pro
    • Security Operations
  • Investigations support and requirements
  • Logging and monitoring activities
  • Provisioning of resources and Resource protection techniques
  • Incident management and Preventative measures
  • Patch and vulnerability management
  • Disaster recovery processes and plans
  • Physical security and Personnel safety concerns
    • Security And Risk Management
  • Confidentiality, integrity, and availability concepts
  • Security governance principles
  • Professional ethic
  • Security policies, standards, procedures and guidelines
  • Backup and DR processes
    • Laws
  • Privacy - Privacy issues
  • Regulations - Standardization
  • Law - Laws and governance decisions
  • Compliance methods
  • Security methodologies - ITIL, COBT
  • Audit - Auditing process
    • Asset Security
  • Ownership (e.g. data owners, system owners)
  • Information and asset classification
  • Data security controls
  • Appropriate retention



    • Create your website or online store with Mozello

    Quickly, easily, without programming.
    Report abuse Learn more