Course Schedule

Sep 05, 2020 Sat and Sun 9:00 A.M - 2:00 P.M EST -

Course Curriculum

                                                                                     Cyber Security and Risk Management

 

Phase 1: Foundation Training   

Module 1        Overview of enterprise applications and N-Tier Infrastructure        

Module 2        Operating System –Windows Server 2012/2016, UNIX        

Module 3        Networking, Active Directory and DNS         

Module 4        Power Shell Scripting, Batch Scripting           

Module 5        Incident, Problem and Change Management process

Module 6         Infrastructure setup 

  • Installation of Virtual Machine on Physical Server
  • Installation of Virtual Machine on Cloud
  • Configure VPN
  • Connect Remote  Windows Servers
  • Connect Remote Unix Server

Phase 2: Security Management

 Module 7

  • Identifying Security Fundamentals
  • Identify Information Security Concepts
  • Identify Basic Security Controls
  • Identify Basic Authentication and Authorization Concepts
  • Identify Basic Cryptography Concepts

Module 8

  • Analyzing Risk       
    • Analyze Organizational Risk
    • Analyze the Business Impact of Risk

Module 9

  • Identifying Security Threats     
  • Identify Social Engineering Attacks
  • Identify Malware
  • Identify Software-Based Threats
  • Identify Network-Based Threats
  • Identify Wireless Threats
  • Identify Physical Threats

Module 10

  • Conducting Security Assessments      
  • Identify Vulnerabilities
  • Assess Vulnerabilities
  • Plan for remediation of findings

Module 11

  • Implementing Host and Software Security  
  • Implement Host Security
  • Implement Cloud and Virtualization Security
  • Implement Mobile Device Security
  • Incorporate Security in the Software Development Lifecycle

 

 

Module 12

  • Implementing Network Security         
  • Configure Network Security Technologies
  • Secure Network Design Elements
  • Implement Secure Networking Protocols and Services
  • Secure Wireless Traffic

 

Module 13

  • Managing Identity and Access 
  • Implement Identity and Access Management
  • Configure Directory Services
  • Configure Access Services
  • Manage Accounts

 

Module 14

 

  • Implementing Cryptography
  • Identify Advanced Cryptography Concepts
  • Select Cryptographic Algorithms
  • Configure a Public Key Infrastructure
  • Enroll Certificates
  • Back Up and Restore Certificates and Private Keys
  • Revoke Certificates

 

Module 15

 

  • Implementing Operational Security  
  • Evaluate Security Frameworks and Guidelines
  • Incorporate Documentation in Operational Security
  • Implement Security Strategies
  • Manage Data Security Processes
  • Implement Physical Controls

 

Module 16

  • Addressing Security Incidents 
  • Troubleshoot Common Security Issues
  • Respond to Security Incidents
  • Investigate Security Incidents

 

Module 17

 

  • Ensuring Business Continuity   
  • Select Business Continuity and Disaster Recovery Processes
  • Develop a Business Continuity Plan

 

Module 18

  •  Network Penetration Test
  • Plan for Network Penetration Testing
  • External Network Penetration Testing
  • Internal Network Penetration Testing
  • Wireless Network Penetration Testing
  • Generate Report for Network Penetration Testing

 

Module 19 

  • Application Penetration Test
  • Plan for application Penetration Testing
  • External Application Penetration Testing
  • Internal Application Penetration Testing
  • Generate Report for Application Penetration Testing

 

Module 20

  • DDoS
  • Overview of DDoS
  • How to onboard an application under DDoS
  • Monitoring Application under DDoS

 

Module 21

  • Web Application Firewall (WAF)
  • Overview of WAF
  • How to onboard an application under WAF
  • Monitoring Application under WAF
  • WAF Blocking mode vs alert mode

 

 

Module 22

  • Policies, Standards, Guideline
  • Overview of Policies ,Standards and Guidelines
  • ISO format
  • Application Security policy ,standards
  • Network Security policy, standards

 

 

Phase 3: Real-World Project

           

Module 23   Boot Camp

•          Boot Camp with real-world project - Each student will be required to complete a real-time project lab that covers the entire course curriculum.

 

Phase 4: Job Marketing

           

Module 24   Real-world Job Interview Preparation

•          Professional real-world Resume Writing

•          Project Analysis

•          Interview Preparation

•          Mock Interview

 

LABS

 

 

  • Information Gathering
  • Network information gathering
  • Application and domain information gathering

 

  • Identifying Security Threats       
  • Identify Social Engineering Attacks
  • Identify Malware
  • Identify Software-Based Threats
  • Identify Network-Based Threats
  • Identify Wireless Threats
  • Identify Physical Threats

 

  • Conducting Security Assessments        
  • Identify Vulnerabilities
  • Assess Vulnerabilities
  • Plan for remediation of findings

 

  • Vulnerability Scanning
  • Vulnerability Scanning Overview and Considerations 206
  • How Vulnerability Scanners Work
  • Manual vs. Automated Scanning
  • Internet scanning vs Internal Scanning
  • Authenticated vs Unauthenticated Scanning
  • Vulnerability Scanning with Nessus
  • Authenticated Scanning With Nessus
  • Vulnerability Scanning with Nmap

 

  • Web Application Attacks
  • Web Application Assessment Methodology
  • Web Application Enumeration
  • Inspecting URLs
  • Inspecting Page Content
  • Viewing Response Headers
  • Inspecting Sitemaps
  • Locating Administration Consoles
  • Web Application Assessment Tools
  • DIRB
  • Burp Suite
  • Nikto
  • Exploiting Web-based Vulnerabilities
  • Exploiting Admin Consoles
  • Cross-Site Scripting (XSS)
  • Directory Traversal Vulnerabilities
  • File Inclusion Vulnerabilities
  • SQL Injection

 

  • Password Attacks
  • Wordlists
  • Standard Wordlists
  • Brute Force Wordlists
  • Common Network Service Attack Methods
  • HTTP htaccess Attack with Medusa
  • Remote Desktop Protocol Attack with Crowbar
  • SSH Attack with THC-Hydra
  • HTTP POST Attack with THC-Hydra
  • Leveraging Password Hashes
  • Retrieving Password Hashes
  • Passing the Hash in Windows
  • Password Cracking

 

  • Active Directory Attacks
  • Active Directory Theory
  • Active Directory Enumeration
  • Active Directory Authentication
  • NTLM Authentication
  • Kerberos Authentication
  • Cached Credential Storage and Retrieval
  • Service Account Attacks
  • Low and Slow Password Guessing
  • Active Directory Lateral Movement
  • Pass the Hash
  • Overpass the Hash
  • Pass the Ticket
  • Distributed Component Object Model
  • Active Directory Persistence
  • Golden Tickets
  • Domain Controller Synchronization

 

  • Network Penetration Test
  • Plan for Network Penetration Testing
  • External Network Penetration Testing
  • Internal Network Penetration Testing
  • Wireless Network Penetration Testing
  • Foot printing
  • Scanning and Enumeration
  • System Hacking
  • Malware
  • Sniffing
  • Social Engineering
  • Denial of Service
  • Session Hijacking

 

  • Application Penetration Test
  • Plan for application Penetration Testing
  • External Application Penetration Testing
  • Internal Application Penetration Testing
  • Web Servers and Apps
  • SQL Injection
  • OWASP top 10

 

  • Network exploitation
  • FTP Exploits
  • Man-in-the middle exploits
  • Wireless Exploits
  • Application Exploits
  • SQL Injection
  • Code Vulnerabilities
  • Local Host Vulnerabilities
  • Privileged Escalation (Unix)
  • privileged Escalation (Windows)

 

  • Penetration Tet Reports
    • Network Penetration Test Report

 

  • Remediation
  • Design remediation strategy

 

 

 

Description

Course Overview:
As enterprise-wide technological transformation takes place across industries, the need to protect data breaches and make companies’ digital assets fully secure is becoming more crucial than ever.The regulations like General Data Protection Regulations have further underlined the need for fortified cyber security in the context of individual and business privacy.

Cybersecurity jobs are in high demand. According to the Bureau of Labor Statistics, the rate of growth for jobs in information security is projected at 37% from 2012–2022 that’s much faster than the average for all other occupations.
 
The Highest-Paid Cybersecurity Jobs:
>> Application Security Engineer: This cybersecurity role tops the list with an average salary range that falls between $100,000 to $210,000, according to Salary Outlook guide.
>> Network Security Analyst: Another of the highest-paid cybersecurity jobs, Network Security Analysts make on average between $90,000 and $150,000.
>> Cybersecurity Analyst: The average annual salary for this cybersecurity title falls between $90,000 and $185,000.
>> Penetration Tester: The Penetration Tester role nets an average salary between $80,000 and $130,000. 
>> IS Security Engineer: This role nets an average salary range of $90,000 to $150,000..


Who should Attend?
>> Anyone who wants to start Cyber Secuirty Specialist as a career
>> Anyone who wants to upgrade the IT Skills 
>> Software Test Engineer
>> Performance Test Engineer
>> Database/Network Administrator

Benefits of the Course:
>> Completion of this course will get you ready for a job as a Cyber Security Engineer

>> Completion of this course will get you ready to take any high level IT program like Penetration Test Engineer, or Security Officer.

>> Completion of this course will build a strong IT Security foundation for yourself

Prerequisites:

  1. Students who completed at least one computer training program or have some work experience in IT field with some knowledge in computer Networking or Programming.
  2. Completion of Digital Point Technologies - Manual Testing, Backend and System Testing Training Program.
  3. Completion of Digital Point Technologies - Selenium, Cucumber, and Appium Automation Testing Training Program.


Class Schedule:  SAT and SUN  9:00AM to 2:00PM   | MON and WED 7:00PM to 11:00P.M  | TUE and THU 7:00P.M to 11:00P.M

 

 

Course Catalog

Please Click to View The Catalog :       Download