A. Cyber Security Training
Overview:
The Cyber Security
Training Course Provides Complete Knowledge About Cyber Security
and Penetration Testing. Students Will Take Computers Apart And
Re-assemble Them To Demonstrate Their Intimate Familiarity With
Cyber Security. They Can Also Troubleshoot Problem Of Websites
and applications. Students gain insight through classroom and
hands on learn to manage various levels of network systems,
including private home networks and multi-departmental company
networks. Program specializations are available in Routing and
Switching, wireless networks, network security,
telecommunication network design, cloud network and operating
systems.
1.
Introduction to Cyber Laws
2. Web and
Mobile Application security
3. Computer
Network
4. Software
Tools and Testing Methodologies
5. Linux
Programming Lab
6.
Introduction to Cloud Computing
7. Network
security and Cryptography
8. Information
security and audit Monitoring
9. Ethical
Hacking Fundamentals
10.
Web Technology
11.
Cloud Security
12.
Penetration Testing
13.
Risk Management
14.
Open Port / Service Identification
15.
Vulnerability Probe
16.
Metasploit
17.
Wireshark
18.
Nmap
19.
Burp Suit
20.
SQL (Structure Quarry Language)
B. Cryptography Training
Introduction to Cryptography
Introduction to Cryptography introduces course participants to
the field of cryptography. The participants will learn the
foundations of modern cryptography, symmetric, types of
cryptography, symmetric key cryptography, asymmetric key
cryptography, hash functions, cryptographic algorithms,
protocols, stream and block ciphering and other topics
including: IPSec, SSL/TLS, OpenPGP, SSH, Kerberos Feistel
Networks, traditional DES/3DES, AES, encryption modes of
operation and principles of the public key algorithms.
Cryptography is the science of using mathematics to encrypt and
decrypt data.; Phil Zimmermann
Cryptography is the art and science of keeping messages secure.’
Bruce Schneier
Cryptography is an indispensable tool for protecting information
in information systems, mission critical applications and
network-centric operations a and missions. Introduction to
Cryptography course explains the inner workings of cryptographic
primitives and how to correctly use them with real case studies,
examples and workshops.
Audience
Introduction to cryptography training course is a 2-day course
designed for:
-
All
individuals who need to learn the concept of cryptography.
-
Professionals in the areas of system and software security
and application of cryptography
-
Cyber
security professionals, network engineers, security
analysts, policy analysts
-
Security operation personnel, network administrators, system
integrators and security consultants
-
Technicians, operators, and maintenance personnel who are or
will be working on cybersecurity projects
Training
Objectives
Upon
completion of the cryptography training course, the attendees
are able to:
-
Learn
the concept of cryptography and basic terminologies related
to key encryption
-
Explain different types of ciphers, their classification,
and operation principles
-
Differentiate the symmetric and asymmetric key encryption
-
Explain the concept of public key infrastructure and
cryptographic tools
-
Learn
about applications of the digital signatures, digital
certificates and protection against threats
-
Recognize the cryptographic threats and tools to mitigate
them
Course
Outline/Agenda
The
cryptography training course consists of the lessons, case
studies, workshops, labs and group projects, which can be
revised and tailored to the client’s need:
Introduction to Cryptography
-
Information security and cryptography
-
Backgrounds and functions
-
Cryptography Definitions
-
Terminology
-
Cryptography Services
-
Confidentiality (secrecy)
-
Integrity
(anti-tampering)
-
Authentication
Components
of a Basic Cryptosystem
Types of
Cryptography
Symmetric
(Private Key) Encryption
-
Symmetric
encryption schemes
-
Modern
stream ciphers
-
Block
ciphers
-
Symmetric
key distribution
-
Key
management
-
Secret
key distribution
-
Formal
approaches to protocol checking
-
Message
authentication codes
Asymmetric
Encryption
PKI and
Encryption
-
Concept
of public key infrastructure (PKI)
-
Basic
definitions before PKI
-
Public
key crypto
-
Certificate
-
Certificate authority
-
Relationship between PKI and basic terms
Hash
Functions and Data Integrity
-
Introduction to hash functions
-
Classification of hash functions
-
General
classification
-
Basic
properties of hash functions
-
Iterated
hash functions
-
Formatting and initialization of hash functions
Digital
Signature
-
Introduction to digital signatures
-
Basic
definition
-
Digital
signature schemes
-
Types of
attacks on signature schemes
-
RSA and
related signature schemes
-
Possible
attacks on RSA signature
-
The Rabin
public key signature scheme
-
ISO/IEC
9796 formatting
Digital
Certificate
-
Definition of digital certificate
-
CA’s
identity
-
Owner’s
identity
-
Owner’s
public key
-
Certificate expiration date
-
CA’s
signature for certificate
-
Types of
digital certificate
-
Identity
certificates
-
Accreditation certificates
-
Authorization and permission certificates
-
Parties
to digital certificate
-
Public
and private keys
-
Certificate validation
-
509
certificate
-
Third
party digital signature certification authorities
-
New
certificate research
-
Companies
providing digital certificate
-
RSA
-
Thawte
-
Verisign
Cryptographic Threats and Tools
-
Impersonation
-
Pretend
to be someone else to gain access to information or services
-
Lack of
secrecy
-
Eavesdrop
on data over network
-
Corruption
-
Modify
data over network
-
Break-ins
-
Take
advantage of implementation bugs
-
Denial of
Service
-
Flood
resource to deny use from legitimate users
-
Firewalls
-
Filtering
"dangerous: traffic at a middle point in the network
-
Network
level security (e.g. IPsec)
-
Host-to-host encryption and authentication
-
Providing
security without application knowledge
-
Application level security
-
True
end-to-end security
-
Extra
effort per application
-
Libraries
help, like SSL/TLS
Hands-on
and In-Class Activities
-
Labs
-
Workshops
-
Group
Activities
Cryptography and Modern Cryptography Workshop
-
Working
with Block ciphers
-
Case
studies: AES and 3DES.
-
How to
use block ciphers
-
Message
integrity: definition and applications
-
Case
studies: SHA and HMAC
-
Authenticated encryption: security against active attacks
-
Public
key cryptography
-
Public
key encryption
-
Digital
signatures: definitions and applications
-
How to
sign using RSA
-
Hash
based signatures
-
Working
with certificates, certificate transparency, certificate
revocation
-
Authenticated key exchange and SSL/TLS session setup
-
Cryptography and quantum computers
-
Practical
Constructions of Symmetric-Key Primitives, Public-Key
(Asymmetric) Cryptography, and end-to-end encryption
-
Message
Authentication Codes (MAC) and hash functions and applications
-
Digital
Signature Schemes
-
Protocols
for identification and login