Introduction
Cybersecurity refers to the body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access. Cybersecurity is a collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user’s assets. Organization and user’s assets include connected computing devices, related personnel, organizational infrastructure, applications, services, telecommunications systems and networks. It also includes transmitted and/or stored information in the cyber environment. Cybersecurity aims to ensure the attainment and maintenance of the security properties of the organization and user’s assets against relevant security risks in the cyber environment.
Course Outline
Introduction to Information Security Concepts and Principles
- Definition of Security
- Concept of Cyberspace
- Concept of Cybercrime
- Introduction to Cybersecurity and its importance in today’s world
Introduction to Cryptography
- Public Key Cryptosystem
- Private Key Cryptosystem
- Hashing Functions
- Popular Algorithms
Physical and Environmental Security
- Identifying Assets, Threats and Vulnerabilities
- Computer and Physical security
- Firewalls
- VPNs
Security Management
- Security Governance
- Risk Management
- Business continuity Management
- Laws and Regulations
Communications and Network Security
- Types of Malware
- Wireless/ Wired Network Attacks
- IDS/IPS systems
- Secure Network Protocols
Digital Forensics
- Introduction to Digital Forensics
- Gathering and Analyzing Evidence
After completing this course, students are well-prepared and equipped to tackle the more advanced Cyber Security (Advanced) course.
Introduction
In today’s world, it is of utmost importance that organizations be prepared to protect themselves from threats in cyberspace.
Cybersecurity is a collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user’s assets.
In the earlier session, we had focused on introducing important fundamental concepts related to cybersecurity. Introduction to cryptography, types of firewalls, different types of malware attacks and security managements were key topics discussed along with use of basic security administrator tools.
In this module, we will focus on advanced skills, tools and techniques needed to learn to protect the networks from different types of attacks, secure organizational assets, identify vulnerabilities, ensure the privacy of customers, and build secure systems and infrastructures.
Course Outline
Advanced Information and Network Security
- Advanced Cryptography
- Denial of Service attacks
- Interception attacks
- DNS Poisoning
- ARP Poisoning
- Network Devices related Security
Exploit Programming
- Introduction to Exploit Programming
- Popular Malware Attacks
- Buffer overflow attacks
- Integer overflow attacks
Mobile Security
- Mobile Malware
- Phishing, SMishing
- Operating System and Device Vulnerabilities
- Forensic Analysis of Mobile Malware
Wireless Security
- Scanning 802.11 Networks
- Attacking 802.11 Wireless Networks
- Exploiting Bluetooth
- Other Wireless Networks
Web Applications Security
- Types of Application Attacks
- Cross-site scripting (XSS)
- XML injection
- SQL injection
- Directory Traversal
- Cookies
- Session Hijacking
Security in a Nutshell
- Advanced Digital Forensics
- Linux Security
- Windows Server Security
- Access Control Mechanisms
- Cloud Security
- Email Security
Students looking for a more digestible yet exciting course can take a look at our Cyber Security (Basic) course.
