Course Outline
Everything about IT security in practice (IT security specialist)
1. Introduction to security issues (16 hours)
- Basic concepts of computer security Practical system configuration Linux Selected aspects of computer networks Computer networks in the system Linux Popular IT security myths
2. Security of operating systems (12 hours)
- Authentication Access control models and systems Directory services LDAP Virtualization, containerization and constrained environments Data security - backups Basic security errors and attacks on operating systems
3. Cryptography (16 hours)
- Introduction to cryptography and cryptanalysis (4 hours) Integrity - checksums, protection against Man in the Middle attacks, password storage and cracking Digital signature and certificates Public Key Infrastructure Data security - encryption TPM and HSM systems - introduction
4. Theft and Identity Protection (2 hours)
- Privacy Data leaks and their consequences Electronic payments
5. Security systems (8 hours)
- Firewalls IPS/IDS systems Data Leakage Prevention systems Workstation protection systems Configuration and testing of sample security systems (Snort, OSSEC) Designing a secure computer network
6. Network security and remote access services (12 hours)
- VPN tunnels and sample solution configuration (OpenVPN) Authentication and encryption of DNS and DNSSEC network protocols
7. Threats (6 hours)
- Sources of threats. Modeling, classification and assessment of threats. Attack methodologies
8. Penetration Testing - Ethical Hacking (16 hours)
- Security testing methods and patterns Passive and active information gathering Detection of the victim's computer systems Vulnerability detection and assessment Attack Escalation of privileges and access maintenance Cover-up of traces Test report Legal and organizational aspects Social engineering - social engineering Attempt to conduct your own penetration test in a lab
9. Security of web applications (12 hours)
- Typical problems of web applications Attacks on web applications Application security tests Methods of testing and evaluating web applications
10. Legal and organizational aspects of security (12 hours)
- Security policy and procedures Information security management systems - ISO 27000 GDPR and other legal regulations important in IT work
11. Incident Response and Forensic Analysis (12 hours)
- How to prepare before an incident? Incident detection and response Response methodologies Forensics and post-intrusion analysis Post-incident procedures and reports
Requirements
- knowledge of basic issues concerning computer networks (IP addressing, Ethernet, basic services - DNS, DHCP) - knowledge of Windows and Linux operating systems (basic administration, system terminal)
Audience
The course is addressed to all people who want to deepen their knowledge related to IT security, both in terms of technical aspects (IPS/IDS systems, remote access, data leakage protection, incident detection), as well as secure network design and compliance with the most important requirements legal and organizational.
We especially invite to participate in the training: - people responsible for network and service security, - network and system administrators who want to learn about security systems, - people from other IT departments who would like to retrain towards security-related positions or gain additional skills in their current work, - people who run their own IT-related business who want to learn about the world of security, - everyone interested in the topic.
Testimonials (8)
Overview of Risk topics and preparing for exam
Leszek - EY GLOBAL SERVICES (POLAND) SP Z O O
Course - CRISC - Certified in Risk and Information Systems Control
A wide range of knowledge of the lecturer.
Marcin Szklarski - Santander Consumer Bank
Course - CCSK Plus (Certificate of Cloud Security Knowledge - Plus)
Lot's of information explained very well. Good examples, interesting exercises. Trainer showed us his real world experience.
Gergely Bathó - GE Medical Systems Polska Sp. Z O.O.
Course - Application Security for Developers
Lap Qradar
Sutthikan Noisombat - NTT
Course - IBM Qradar SIEM: Beginner to Advanced
The simple explanation of the trainer
Mohammed salem - Palestinian Police
Course - Open Source Intelligence (OSINT) Advanced
Accessing tools and being able to ask questions to someone friendly who I felt wouldn't judge me
Kiara
Course - Open Source Cyber Intelligence - Introduction
The Burpe suite i need more training in this
Gontse Ntshegi - Vodacom
Course - Android Security
Azure web security, it was more what i was expecting, the penetration testing i would never do in my job