Course Outline
Everything about IT security in practice (IT security specialist)
1. Introduction to security issues (16 hours)
- Basic concepts of computer security Practical system configuration Linux Selected aspects of computer networks Computer networks in the system Linux Popular IT security myths
2. Security of operating systems (12 hours)
- Authentication Access control models and systems Directory services LDAP Virtualization, containerization and constrained environments Data security - backups Basic security errors and attacks on operating systems
3. Cryptography (16 hours)
- Introduction to cryptography and cryptanalysis (4 hours) Integrity - checksums, protection against Man in the Middle attacks, password storage and cracking Digital signature and certificates Public Key Infrastructure Data security - encryption TPM and HSM systems - introduction
4. Theft and Identity Protection (2 hours)
- Privacy Data leaks and their consequences Electronic payments
5. Security systems (8 hours)
- Firewalls IPS/IDS systems Data Leakage Prevention systems Workstation protection systems Configuration and testing of sample security systems (Snort, OSSEC) Designing a secure computer network
6. Network security and remote access services (12 hours)
- VPN tunnels and sample solution configuration (OpenVPN) Authentication and encryption of DNS and DNSSEC network protocols
7. Threats (6 hours)
- Sources of threats. Modeling, classification and assessment of threats. Attack methodologies
8. Penetration Testing - Ethical Hacking (16 hours)
- Security testing methods and patterns Passive and active information gathering Detection of the victim's computer systems Vulnerability detection and assessment Attack Escalation of privileges and access maintenance Cover-up of traces Test report Legal and organizational aspects Social engineering - social engineering Attempt to conduct your own penetration test in a lab
9. Security of web applications (12 hours)
- Typical problems of web applications Attacks on web applications Application security tests Methods of testing and evaluating web applications
10. Legal and organizational aspects of security (12 hours)
- Security policy and procedures Information security management systems - ISO 27000 GDPR and other legal regulations important in IT work
11. Incident Response and Forensic Analysis (12 hours)
- How to prepare before an incident? Incident detection and response Response methodologies Forensics and post-intrusion analysis Post-incident procedures and reports
Requirements
- knowledge of basic issues concerning computer networks (IP addressing, Ethernet, basic services - DNS, DHCP) - knowledge of Windows and Linux operating systems (basic administration, system terminal)
Audience
The course is addressed to all people who want to deepen their knowledge related to IT security, both in terms of technical aspects (IPS/IDS systems, remote access, data leakage protection, incident detection), as well as secure network design and compliance with the most important requirements legal and organizational.
We especially invite to participate in the training: - people responsible for network and service security, - network and system administrators who want to learn about security systems, - people from other IT departments who would like to retrain towards security-related positions or gain additional skills in their current work, - people who run their own IT-related business who want to learn about the world of security, - everyone interested in the topic.
Testimonials (8)
Overview of Risk topics and preparing for exam
Leszek - EY GLOBAL SERVICES (POLAND) SP Z O O
Course - CRISC - Certified in Risk and Information Systems Control
A wide range of knowledge of the lecturer.
Marcin Szklarski - Santander Consumer Bank
Course - CCSK Plus (Certificate of Cloud Security Knowledge - Plus)
Pushing changes on an ongoing basis, when on the 3rd day I started to get more lost than before and it was harder to spot the error quickly, I was quickly able to check out the latest changes and stay up to date with the material
Paulina
Course - Advanced Java Security
Machine Translated
Lap Qradar
Sutthikan Noisombat - NTT
Course - IBM Qradar SIEM: Beginner to Advanced
Accessing tools and being able to ask questions to someone friendly who I felt wouldn't judge me
Kiara
Course - Open Source Cyber Intelligence - Introduction
The simple explanation of the trainer
Mohammed salem - Palestinian Police
Course - Open Source Intelligence (OSINT) Advanced
the balance between lectures and practice, the rhythm, the trainer knowledge and pedagogic skill
Armando Pinto - EID
Course - C/C++ Secure Coding
Very good knowledge and character.