About us Contact us Send Your Inquiry Search Website

Cyber Security Training

 

A. Cyber Security Training

Overview:

The Cyber Security Training Course Provides Complete Knowledge About Cyber Security and Penetration Testing. Students Will Take Computers Apart And Re-assemble Them To Demonstrate Their Intimate Familiarity With Cyber Security. They Can Also Troubleshoot Problem Of Websites and applications. Students gain insight through classroom and hands on learn to manage various levels of network systems, including private home networks and multi-departmental company networks. Program specializations are available in Routing and Switching, wireless networks, network security, telecommunication network design, cloud network and operating systems.

1.       Introduction to Cyber Laws

2.       Web and Mobile Application  security

3.       Computer Network

4.       Software Tools and Testing Methodologies

5.       Linux Programming Lab

6.       Introduction to Cloud Computing

7.       Network security and Cryptography

8.       Information security and audit Monitoring

9.       Ethical Hacking Fundamentals

10.     Web Technology

11.     Cloud Security

12.     Penetration Testing

13.     Risk Management

14.     Open Port / Service Identification

15.     Vulnerability Probe

16.     Metasploit

17.     Wireshark

18.     Nmap

19.     Burp Suit

20.     SQL (Structure Quarry Language)

 


B. Cryptography Training

 

Introduction to Cryptography

Introduction to Cryptography introduces course participants to the field of cryptography. The participants will learn the foundations of modern cryptography, symmetric, types of cryptography, symmetric key cryptography, asymmetric key cryptography, hash functions, cryptographic algorithms, protocols, stream and block ciphering and other topics including: IPSec, SSL/TLS, OpenPGP, SSH, Kerberos Feistel Networks, traditional DES/3DES, AES, encryption modes of operation and principles of the public key algorithms.

Cryptography is the science of using mathematics to encrypt and decrypt data.; Phil Zimmermann

Cryptography is the art and science of keeping messages secure.’ Bruce Schneier

Cryptography is an indispensable tool for protecting information in information systems, mission critical applications and network-centric operations a and missions. Introduction to Cryptography course explains the inner workings of cryptographic primitives and how to correctly use them with real case studies, examples and workshops.

Audience

Introduction to cryptography training course is a 2-day course designed for:

  • All individuals who need to learn the concept of cryptography.

  • Professionals in the areas of system and software security and application of cryptography

  • Cyber security professionals, network engineers, security analysts, policy analysts

  • Security operation personnel, network administrators, system integrators and security consultants

  • Technicians, operators, and maintenance personnel who are or will be working on cybersecurity projects

Training Objectives

Upon completion of the cryptography training course, the attendees are able to:

  • Learn the concept of cryptography and basic terminologies related to key encryption

  • Explain different types of ciphers, their classification, and operation principles

  • Differentiate the symmetric and asymmetric key encryption

  • Explain the concept of public key infrastructure and cryptographic tools

  • Learn about applications of the digital signatures, digital certificates and protection against threats

  • Recognize the cryptographic threats and tools to mitigate them

Course Outline/Agenda

The cryptography training course consists of the lessons, case studies, workshops, labs and group projects, which can be revised and tailored to the client’s need:

Introduction to Cryptography

  • Information security and cryptography

  • Backgrounds and functions

  • Cryptography Definitions

  • Terminology

  • Cryptography Services

  • Confidentiality (secrecy)

  • Integrity (anti-tampering)

  • Authentication

Components of a Basic Cryptosystem

  • Plaintext

  • Encryption Algorithm

  • Ciphertext

  • Decryption Algorithm

  • Encryption Key

  • Decryption Key

  • Digital signatures

  • Authentication and identification

  • Public key cryptography

Types of Cryptography

  • Symmetric Key Cryptography

  • Asymmetric Key Cryptography

  • Hash Functions

Symmetric (Private Key) Encryption

  • Symmetric encryption schemes

  • Modern stream ciphers

  • Block ciphers

  • Symmetric key distribution

  • Key management

  • Secret key distribution

  • Formal approaches to protocol checking

  • Message authentication codes

Asymmetric Encryption

  • Asymmetric encryption schemes

  • Notions of security

  • Hybrid encryption

PKI and Encryption

  • Concept of public key infrastructure (PKI)

  • Basic definitions before PKI

  • Public key crypto

  • Certificate

  • Certificate authority

  • Relationship between PKI and basic terms

Hash Functions and Data Integrity

  • Introduction to hash functions

  • Classification of hash functions

  • General classification

  • Basic properties of hash functions

  • Iterated hash functions

  • Formatting and initialization of hash functions

Digital Signature

  • Introduction to digital signatures

  • Basic definition

  • Digital signature schemes

  • Types of attacks on signature schemes

  • RSA and related signature schemes

  • Possible attacks on RSA signature

  • The Rabin public key signature scheme

  • ISO/IEC 9796 formatting

Digital Certificate

  • Definition of digital certificate

  • CA’s identity

  • Owner’s identity

  • Owner’s public key

  • Certificate expiration date

  • CA’s signature for certificate

  • Types of digital certificate

  • Identity certificates

  • Accreditation certificates

  • Authorization and permission certificates

  • Parties to digital certificate

  • Public and private keys

  • Certificate validation

  • 509 certificate

  • Third party digital signature certification authorities

  • New certificate research

  • Companies providing digital certificate

  • RSA

  • Thawte

  • Verisign

Cryptographic Threats and Tools

  • Impersonation

  • Pretend to be someone else to gain access to information or services

  • Lack of secrecy

  • Eavesdrop on data over network

  • Corruption

  • Modify data over network

  • Break-ins

  • Take advantage of implementation bugs

  • Denial of Service

  • Flood resource to deny use from legitimate users

  • Firewalls

  • Filtering "dangerous: traffic at a middle point in the network

  • Network level security (e.g. IPsec)

  • Host-to-host encryption and authentication

  • Providing security without application knowledge

  • Application level security

  • True end-to-end security

  • Extra effort per application

  • Libraries help, like SSL/TLS

Hands-on and In-Class Activities

  • Labs

  • Workshops

  • Group Activities

Cryptography and Modern Cryptography Workshop

  • Working with Block ciphers

  • Case studies: AES and 3DES.

  • How to use block ciphers

  • Message integrity: definition and applications

  • Case studies: SHA and HMAC

  • Authenticated encryption: security against active attacks

  • Public key cryptography

  • Public key encryption

  • Digital signatures: definitions and applications

  • How to sign using RSA

  • Hash based signatures

  • Working with certificates, certificate transparency, certificate revocation

  • Authenticated key exchange and SSL/TLS session setup

  • Cryptography and quantum computers

  • Practical Constructions of Symmetric-Key Primitives, Public-Key (Asymmetric) Cryptography, and end-to-end encryption

  • Message Authentication Codes (MAC) and hash functions and applications

  • Digital Signature Schemes

  • Protocols for identification and login


 


Back | Top