Course Schedule

April 27, Saturday Sat and Sun (14 Weeks ) 9:00 AM -12:00 PM EST -

Course Curriculum

                                             Cloud Security and Posture Management

 

Phase 1: Foundation Training   

Module 1        Overview of enterprise applications and N-Tier Infrastructure        

Module 2        Operating System –Windows Server 2012/2016, UNIX        

Module 3        Networking, Active Directory and DNS         

Module 4        Power Shell Scripting, Batch Scripting           

Module 5        Incident, Problem and Change Management process

Module 6         Infrastructure setup 

  • Installation of Virtual Machine on Physical Server
  • Installation of Virtual Machine on Cloud
  • Configure VPN
  • Connect Remote  Windows Servers
  • Connect Remote Unix Server

Phase 2: Security Management

 Module 7

  • Identifying Security Fundamentals
  • Identify Information Security Concepts
  • Identify Basic Security Controls
  • Identify Basic Authentication and Authorization Concepts
  • Identify Basic Cryptography Concepts

Module 8

  • Analyzing Risk       
    • Analyze Organizational Risk
    • Analyze the Business Impact of Risk

Module 9

  • Identifying Security Threats     
  • Identify Social Engineering Attacks
  • Identify Malware
  • Identify Software-Based Threats
  • Identify Network-Based Threats
  • Identify Wireless Threats
  • Identify Physical Threats

Module 10

  • Conducting Security Assessments      
  • Identify Vulnerabilities
  • Assess Vulnerabilities
  • Plan for remediation of findings

Module 11

  • Implementing Host and Software Security  
  • Implement Host Security
  • Implement Cloud and Virtualization Security
  • Implement Mobile Device Security
  • Incorporate Security in the Software Development Lifecycle

 

 

Module 12

  • Implementing Network Security         
  • Configure Network Security Technologies
  • Secure Network Design Elements
  • Implement Secure Networking Protocols and Services
  • Secure Wireless Traffic

 

Module 13

  • Managing Identity and Access 
  • Implement Identity and Access Management
  • Configure Directory Services
  • Configure Access Services
  • Manage Accounts

 

Module 14

 

  • Implementing Cryptography
  • Identify Advanced Cryptography Concepts
  • Select Cryptographic Algorithms
  • Configure a Public Key Infrastructure
  • Enroll Certificates
  • Back Up and Restore Certificates and Private Keys
  • Revoke Certificates

 

Module 15

 

  • Implementing Operational Security  
  • Evaluate Security Frameworks and Guidelines
  • Incorporate Documentation in Operational Security
  • Implement Security Strategies
  • Manage Data Security Processes
  • Implement Physical Controls

 

Module 16

  • Addressing Security Incidents 
  • Troubleshoot Common Security Issues
  • Respond to Security Incidents
  • Investigate Security Incidents

 

Module 17

 

  • Ensuring Business Continuity   
  • Select Business Continuity and Disaster Recovery Processes
  • Develop a Business Continuity Plan

 

Module 18

  •  Network Penetration Test
  • Plan for Network Penetration Testing
  • External Network Penetration Testing
  • Internal Network Penetration Testing
  • Wireless Network Penetration Testing
  • Generate Report for Network Penetration Testing

 

Module 19 

  • Application Penetration Test
  • Plan for application Penetration Testing
  • External Application Penetration Testing
  • Internal Application Penetration Testing
  • Generate Report for Application Penetration Testing

 

Module 20

  • DDoS
  • Overview of DDoS
  • How to onboard an application under DDoS
  • Monitoring Application under DDoS

 

Module 21

  • Web Application Firewall (WAF)
  • Overview of WAF
  • How to onboard an application under WAF
  • Monitoring Application under WAF
  • WAF Blocking mode vs alert mode

 

 

Module 22

  • Policies, Standards, Guideline
  • Overview of Policies ,Standards and Guidelines
  • ISO format
  • Application Security policy ,standards
  • Network Security policy, standards

 

 

Phase 3: Real-World Project

           

Module 23   Boot Camp

•          Boot Camp with real-world project - Each student will be required to complete a real-time project lab that covers the entire course curriculum.

 

Phase 4: Job Marketing

           

Module 24   Real-world Job Interview Preparation

•          Professional real-world Resume Writing

•          Project Analysis

•          Interview Preparation

•          Mock Interview

 

LABS

 

 

  • Information Gathering
  • Network information gathering
  • Application and domain information gathering

 

  • Identifying Security Threats       
  • Identify Social Engineering Attacks
  • Identify Malware
  • Identify Software-Based Threats
  • Identify Network-Based Threats
  • Identify Wireless Threats
  • Identify Physical Threats

 

  • Conducting Security Assessments        
  • Identify Vulnerabilities
  • Assess Vulnerabilities
  • Plan for remediation of findings

 

  • Vulnerability Scanning
  • Vulnerability Scanning Overview and Considerations 206
  • How Vulnerability Scanners Work
  • Manual vs. Automated Scanning
  • Internet scanning vs Internal Scanning
  • Authenticated vs Unauthenticated Scanning
  • Vulnerability Scanning with Nessus
  • Authenticated Scanning With Nessus
  • Vulnerability Scanning with Nmap

 

  • Web Application Attacks
  • Web Application Assessment Methodology
  • Web Application Enumeration
  • Inspecting URLs
  • Inspecting Page Content
  • Viewing Response Headers
  • Inspecting Sitemaps
  • Locating Administration Consoles
  • Web Application Assessment Tools
  • DIRB
  • Burp Suite
  • Nikto
  • Exploiting Web-based Vulnerabilities
  • Exploiting Admin Consoles
  • Cross-Site Scripting (XSS)
  • Directory Traversal Vulnerabilities
  • File Inclusion Vulnerabilities
  • SQL Injection

 

  • Password Attacks
  • Wordlists
  • Standard Wordlists
  • Brute Force Wordlists
  • Common Network Service Attack Methods
  • HTTP htaccess Attack with Medusa
  • Remote Desktop Protocol Attack with Crowbar
  • SSH Attack with THC-Hydra
  • HTTP POST Attack with THC-Hydra
  • Leveraging Password Hashes
  • Retrieving Password Hashes
  • Passing the Hash in Windows
  • Password Cracking

 

  • Active Directory Attacks
  • Active Directory Theory
  • Active Directory Enumeration
  • Active Directory Authentication
  • NTLM Authentication
  • Kerberos Authentication
  • Cached Credential Storage and Retrieval
  • Service Account Attacks
  • Low and Slow Password Guessing
  • Active Directory Lateral Movement
  • Pass the Hash
  • Overpass the Hash
  • Pass the Ticket
  • Distributed Component Object Model
  • Active Directory Persistence
  • Golden Tickets
  • Domain Controller Synchronization

 

  • Network Penetration Test
  • Plan for Network Penetration Testing
  • External Network Penetration Testing
  • Internal Network Penetration Testing
  • Wireless Network Penetration Testing
  • Foot printing
  • Scanning and Enumeration
  • System Hacking
  • Malware
  • Sniffing
  • Social Engineering
  • Denial of Service
  • Session Hijacking

 

  • Application Penetration Test
  • Plan for application Penetration Testing
  • External Application Penetration Testing
  • Internal Application Penetration Testing
  • Web Servers and Apps
  • SQL Injection
  • OWASP top 10

 

  • Network exploitation
  • FTP Exploits
  • Man-in-the middle exploits
  • Wireless Exploits
  • Application Exploits
  • SQL Injection
  • Code Vulnerabilities
  • Local Host Vulnerabilities
  • Privileged Escalation (Unix)
  • privileged Escalation (Windows)

 

  • Penetration Tet Reports
    • Network Penetration Test Report

 

  • Remediation
  • Design remediation strategy

 

 

 

Description

What is Cloud Security?

Technologies are evolving and  enterprises are transitioning their IT infrastructure  to the cloud-based environments. Cloud security is a collection of security measures designed to protect cloud-based infrastructure, applications, and data. These measures ensure user and device authentication, data and resource access control, data privacy protection, and regulatory data compliance. Cloud security is employed in cloud environments to protect a company's data from distributed denial of service (DDoS) attacks, malware, hackers, and unauthorized user access or use.

What is Cloud Security Posture Management (CSPM)?

Cloud security posture management (CSPM) automates the identification and remediation of risks across cloud infrastructures, including Infrastructure as a Service (IaaS), Software as a Service (SaaS), and Platform as a Service (PaaS). CSPM is used for risk visualization and assessment, incident response, compliance monitoring, and DevOps integration, and can uniformly apply best practices for cloud security to hybrid, multi-cloud, and container environments.

CSPM strategies include

  1. Design and publish Technical hardening requirements(THRs)
  2. Create the THRs baseline on monitoring tool
  3. Continuously monitor and assess compliance policy
  4. Perform risk identification
  5. Remediation of the misconfiguration findings
  6. Assurance

How Does Cloud Security Posture Management Work?

Cloud Security Posture Management provides discovery and visibility, misconfiguration management and remediation, continuous threat detection, and DevSecOps integration, as follows:
  • Discovery and Visibility: CSPM provides discovery and visibility into cloud infrastructure assets and security configurations. 
  • Misconfiguration Management and Remediation: CSPM eliminates security risks and accelerates the delivery process by comparing cloud application configurations to industry and organizational benchmarks so violations can be identified and remediated in real-time.
  • Continuous Threat Detection: CSPM proactively detects threats across the application development lifecycle by cutting through the noise of multi-cloud environment security alerts with a targeted threat identification and management approach.
  • DevSecOps Integration: CSPM reduces overhead and eliminates friction and complexity across multi-cloud providers and accounts. Cloud-native, agentless posture management provides centralized visibility and control over all cloud resources.
Benefits of the Course:
 
Cloud Security jobs are in high demand. Completion of this course will get you ready for a job as a Cloud Security Engineer/Analyst/Specialist. 
 
The Highest-Paid Cloud Security Jobs:
  • Cloud Security Engineer: This cybersecurity role tops the list with an average salary range that falls between $100,000 to $210,000
  • Cybersecurity Analyst: The average annual salary for this cybersecurity title falls between $90,000 and $185,000.
  • Cloud Security Specialist: The Penetration Tester role nets an average salary between $80,000 and $130,000. 
  • Cloud Security Operation Engineer: This role nets an average salary range of $120,000 to $250,000..


Who should Attend?

  • Anyone who wants to start Cyber Security Specialist  or Cloud Security Specialist as a career
  • Anyone who wants to upgrade the IT Skills 
  • Software Test Engineer
  • Performance Test Engineer
  • Database/Network Administrator

Prerequisites:

  1. Students who completed at least one computer training program or have some work experience in IT field with some knowledge in computer Networking or Programming.
  2. Completion of Digital Point Technologies - Manual Testing, Backend and System Testing Training Program.
  3. Completion of Digital Point Technologies - Selenium, Cucumber, and Appium Automation Testing Training Program.


Class Schedule:  SAT and SUN  9:00 AM to 12:00 PM   | MON and WED 7:00 PM to 11:00 PM  | TUE and THU 7:00 PM to 11:00 PM

 

Course Catalog

Please Click to View The Catalog :       Download