Description
LASTUPDATED:11/2019
BONUS:Finishing this course you will get free voucher for IT Security Academy Online Examination Center where you can archive your IT SecurityCertificate.
Before we begin: the practical use of the course you are going to see has been proven by thousands of people all over the world – beginners and computer geeks as well. People who make their first steps in computer / network security and professionals: network administrators, programmers, pentesters, black- and white hat hackers. Please, read carefully what we'd like to share with you.
Welcome to IT Secutiry Academy! IT Security Academy (ISA) is a company that associates ITsec Professionals. Now we are proud to share our knowledge online. Certified experts (CISS, MCSE:MS, CEH, CISSP) have created courses from Beginner to Advanced level. Our goal is to provide the highest quality materials you've ever seen online and prepare you not only for certification exams, but also teach you pratical skills. You're welcome to join us and start your training now.
About the training
This course is ideal for everyone, regardless of their skills and expertise. The arrangement and presentation of learning resources will let both novices and more advanced students broaden their knowledge of IT security.
Training is starting with IT Security current threat and trends. Afterwards we are discussing popular security myths. Great part of the training relates to Network security.
We will start with local networks, talk about protocols and theirs vulnerabilities. You will learn how to design secure computer networks and subnets. You will become real network administrator.
Next you will discover why wireless networks could be so dangerous. You will learn standards, protocols and security solutions. Wi-Fi networks are an integral part of our lives, but not everyone realizes that if it is inadequately protected, your enterprise or home network can disclose your confidential passwords and give attackers easy access to the machines you’re administrating.
Topics covered include core issues related to effectively securing the most popular Microsoft OS: identity theft, authentication, authorization, encryption. We identify typical mistakes and guide you towards achieving good OS protection.
Who this course is for:
- Future IT Security Managers
- Network and Enterprise OS Administrators
- IT Professionals
Course content
- Security Policies
- Security policies - introduction
- What is security?
- Information security
- Information security - level up
- Security issues
- Why are security solutions fallible?
- Security policy issues
- Introduction to threat modelling and classification
- Threat modelling - STRIDE
- STRIDE: Spoofing identity
- STRIDE: Tampering with Data
- STRIDE: Denial of Service
- Threat Modelling and Classification - notes for the examination
- Risk Management
- Introduction to Risk Management
- Attack Methods
- Local attacks
- Target scanning and enumeration techniques #1
- Target scanning and enumeration techniques #2
- Passive scanning
- Attack Methodologies - notes for the examination
- Introduction to risk assessment
- DREAD: Risk assessment model
- DREAD: Exploitability
- EXERCISE: Risk Assessment
- Risk Assessment - notes for the examination
- Introduction to Social Engineering and rogue software
- Manipulation tactics
- EXERCISE: Social Engineering attacks
- SE with KALI / BackTrack
- Rogue Software
- Fraud tools #1
- Fraud tools #2
- Social Engineering and Rogue Software - notes for the examination
- Defence in Depth
- Introduction to Defence in Depth
- How to use Defence in Depth model?
- DiD: OS and LAN Layers
- DiD: Perimeter and Physical Access Layers
- DiD: Demonstration
- Automated attack targeting a service
- Automated user-targeting attack
- The Defence in Depth Model - notes for the examination
- Immutable Laws of Security
- Introduction to Immutable laws of security - Law #1
- Law #2
- Law #3
- Law #4
- Law #5
- Law #6
- Law #7
- Law #8
- Law #9
- Law #10
- Laws for administrators
- Immutable Laws of Security - notes for the examination
- Disaster Recovery
- Introduction to Disaster Recovery
- How to reduce losses?
- Ensuring continous availability
- Threat discovery #1
- Threat discovery #2
- Audit users and keep control accounts
- High risk users
- Collecting and analysing evidence
- Forensics example
- CONFICKER: CASE STUDY
- How to reduce losses - notes for the examination
- Application Security
- Introduction to Application Security
- Attacks on applications
- SQL Injection
- EXERCISE: Analyze the application
- Blind SQL Injection
- Automated SQL Injection
- Cross-site scripting - XSS
- Application Attacks - notes for the examination
- Program security assessment
- Unsafe applications
- Program Security Assessment - notes for the examination
- Application Security - Configuration and Management
- Here’s what you’ll learn in this module
- Managing applications
- Software updates
- MS Update
- System Center Configuration Manager
- Blocking applications
- Software restrictions policies
- EXERCISE: Application control rules
- Isolating applications
- How to protect users without interrupting their work - notes for the examination
- Cryptography
- Introduction to cryptography
- History of ciphers
- Symmetric and asymmetric ciphers
- Symmetric-key algorithms
- Block ciphers
- Data encryption standard
- DES-X
- Advanced encryption standards
- Block cipher modes
- Stream Ciphers - RC4
- Asymmetric-key algorithms
- RSA
- ELGAMAL
- HASH functions
- Digital signature
- Hybrid Schemes
- Symmetric and Asymmetric Ciphers - notes for the examination
- Public Key Infrastructure
- Introduction to cryptology
- Public key infrastructure
- Implementing public key infrastructure
- What will PKI allow you?
- EXERCISE: Certificates
- Certificate life cycle
- Planning the PKI
- PKI Administration
- Public Key Infrastructure - Trust but verify - notes for the examination
- Prepare for the examination
- Answer sample questions which you can find during the examination
- Your BONUS
- BONUS: Examination - your voucher
- Certificate - see how it looks like
- BONUS LECTURE: Learn more and get to know our other courses
- Thank you
