Cyber Security & Cyber Forensics Investigation
Cyber Security & Cyber Forensics Investigation Training will educate the participants into an interactive environment where they will be shown about how to create a secured network, configure a server with security protocols, scan, test, hack and secure their own networks to understand the security vulnerabilities. With forensics in hand participants will be better able to understand the incident analysis for any cyber attack and follow-up procedures for tracking back. The lab-intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems. Participants will understand how our defense measure works and then to scan their networks attack their own.
Cyber Security & Cyber Forensics Investigation
Networking Devices(Layer1,2,3)
Different types of network layer attacks
Firewall (ACL, Packet Filtering, DMZ, Alerts and Audit Trials)
IDS,IPS and its types (Signature based, Anomaly based, Policy based, Honeypot based)
VPN and its types
Tunneling Protocols , Tunnel and Transport Mode
Authentication Header, Encapsulation Security Payload (ESP)
IPSEC Protocol, Suite – IKE PHASE 1, Generic Routing Encapsulation(GRE).
WAN Topologies
Standard IP based Switching
CEF based Multi-Layer switching, MPLS Characteristics
Frame Mode MPLS Operation, MPLS VPN
Security Services for E-mail-attacks possible through E-mail
Establishing keys, Privacy, Authentication of the source
Message Integrity, Non-repudiation
Pretty Good Privacy-S/MIME.
SSL/TLS Basic Protocol, Computing the keys
Client authentication, PKI as deployed by SSL Attacks fixed in v3
Exportability-Encoding-Secure Electronic
Transaction (SET), Kerberos.
Introduction to Incident
Incident Response Methodology Steps
Activities in Initial Response Phase after detection of an incident
Initial Response & Volatile Data Collection from Windows system
Initial Response & Volatile Data Collection from Unix system
Forensic duplication:Forensic Duplicates as Admissible Evidence
Forensic Duplication Tool Requirements
Creating a Forensic Duplicate/Qualified Forensic, Duplicate of a Hard Drive
File Systems-FAT,NTFS, Forensic Analysis of File Systems
Storage Fundamentals-Storage Layer
Hard Drives Evidence Handling
Types of Evidence, Challenges in evidence handling
Overview of evidence handling procedure
Collecting Network Based Evidence
Investigating Routers
Network Protocols
Email Tracing, Internet Fraud
Data Analysis Techniques
Investigating Live Systems (Windows &Unix)
Investigating Hacker Tools
Ethical Issues
Cyber Crime
Overview of wireless technologies and security
Personal Area Networks, Wireless Local Area Networks
Metropolitan Area Networks, Wide Area Networks
Wireless threats, vulnerabilities and security
Wireless LANs, War Driving, War Chalking, War Flying
Common Wi-fi security recommendations, PDA Security
Cell Phones and Security, Wireless DoS attacks, GPS Jamming, Identity theft
CIA triad in mobile phones-Voice
SMS and Identification data interception in GSM
Introduction, practical setup and tools
implementation- Software and Hardware Mobile phone tricks
Netmonitor, GSM network service codes, Mobile phone codes
Catalog tricks and AT command set- SMS security issues
Crime and mobile phones
Evidences, Forensic procedures, Files present in SIM card
Device data, External memory dump, Evidences in memory card
Operators systems, Android forensics, Procedures for handling an android device
Imaging android USB mass storage devices, Logical and physical techniques
Digital forensics
Introduction – Evidential potential of digital devices
Closed vs. open systems
Evaluating digital evidence potential, Device handling
Seizure issues, device identification
Networked devices and contamination
Digital forensics examination principles
Previewing, imaging, continuity, hashing and evidence locations
Seven element security model, Developmental model of digital systems
Audit and logs, Evidence interpretation, Data content and context
Security and Privacy for Mobile and Wireless Networks
Introduction- State of the Art, Areas for Future Research
General Recommendation for Research, Pervasive Systems
Enhancing Trust Negotiation with Privacy Support
Trust Negotiation, Weakness of Trust Negotiation
Extending Trust Negotiation to Support Privacy
Mobile system architectures, Overview of mobile cellular systems
GSM and UMTS Security & Attacks, Vulnerabilities in Cellular Services
Cellular Jamming Attacks & Mitigation, Security in Cellular VoIP Services
Mobile application security
Overview of Wireless security, Scanning and Enumerating 802.11 Networks
Attacking 802.11 Networks, Attacking WPA protected 802.11 Networks
Bluetooth Scanning and Reconnaissance, Bluetooth Eavesdropping
Attacking and Exploiting Bluetooth, Zigbee Security, Zigbee Attacks
Security in Ad Hoc Wireless Networks, Network Security Requirements
Issues and Challenges in Security Provisioning, Network Security Attacks
Key Management in Adhoc Wireless Networks, Secure Routing in Adhoc Wireless Network
Introduction, RFID Security and privacy, RFID chips Techniques and Protocols
RFID anti-counterfeiting, Man-in-the-middle attacks on RFID systems
Digital Signature Transponder
Combining Physics and Cryptography to Enhance Privacy in RFID Systems
Scalability Issues in Large-Scale Applications
An Efficient and Secure RFID Security Method with Ownership Transfer
Policy-based Dynamic Privacy Protection Framework leveraging Globally Mobile RFIDs
User-Centric Security for RFID based Distributed Systems
Optimizing RFID protocols for Low Information Leakage
RFID: an anti-counterfeiting tool
Computer Infection Program, Life cycle of malware
Virus nomenclature, Worm nomenclature, Tools used in computer virology
Non self-reproducing Malware, Working principle of Trojan Horse
Implementation of Remote access and file transfer
Working principle of Logical Bomb, Case Study: Conflicker C worm
Trigger Mechanisms, Testing virus codes, Case Study: Brute force logical bomb
Overview of Wireless security, Scanning and Enumerating 802.11 Networks
Attacking 802.11 Networks, Attacking WPA protected 802.11 Networks
Bluetooth Scanning and Reconnaissance, Bluetooth Eavesdropping
Attacking and Exploiting Bluetooth, Zigbee Security, Zigbee Attacks
Computer Virus in Interpreted programming language
Designing Shell bash virus under Linux, Fighting over infection
Antiviral fighting, Polymorphism, Case study: Companion virus
Klez Virus, Clone Virus, Doom Virus, Black wolf worm, Sassar worm, Happy worm 99
Ethical Hacking terminology, Five stages of hacking, Vulnerability Research
Legal implication of hacking, Impact of hacking, Foot Printing & Social Engineering
Information gathering methodologies, Competitive Intelligence
DNS Enumerations, Social Engineering attacks
Port Scanning-Network Scanning, Vulnerability Scanning, NMAP scanning tool
OS Fingerprinting, Enumeration, Password cracking techniques, Key loggers
Escalating privileges, Hiding Files, Steganography technologies, Countermeasures
Active and passive sniffing, ARP Poisoning, Session Hijacking, DNS Spoofing
Conduct SQL Injection attack, Countermeasures
The big picture, Learning from experience, Weaknesses in Information Security
The extent of crime in cyberspace, The cyberspace crimoid syndrome
Policies and technologies, A new framework for information security
Risk assessment, Richard Baskerville’s risk assessment methodology
Generations of risk assessment techniques, Quantitative approach to risk assessment
Problems with Quantitative approach, NIST ALE- Baseline approach
Measuring ROI on security, Security patch management
Purposes of Information Security management,the building blocks of information security
Human side of information security,Security management,Securing new technology
Overview of SSE CMM- SSE CMM relationship to other initiatives- Capability
levels- Security Engineering- Security Engineering process overview- Basic
process areas- Configuration management- Base practices- Establish
Configuration management. Maintaining information security during downsizing
Business case for Information Security,Information Security Management in industry
Protecting high tech trade secrets, Outsourcing Security
What is Risk?, Information Security Risk Assessment Overview
Drivers, Laws and Regulations,Risk Assessment Frame work,Practical Approach
Data Collection,The Sponsors,The Project Team,Data Collection Mechanisms
Executive Interviews,Document Requests,IT Assets Inventories,Profile & Control Survey
Data Analysis,Compiling Observations,Preparation of catalogs,System Risk Computation
Impact Analysis Scheme,Final Risk Score,Risk Assessment, System Risk Analysis
Risk Prioritization,System Specific Risk Treatment,Issue Registers,Methodology Result
Risk Registers,Security Audit Process,Pre-planning audit,Audit Risk Assessment
Performing Audit,Internal Controls,Audit Evidence,Audit Testing,Audit Finding
Storage System, Introduction to Information Storage and Management
Storage System Environment, Data Protection Raid,Intelligent Storage System
Storage Networking Technologies and Virtualization, Storage Networks
Network Attached Storage, IP SAN, Content Addressed Storage, Storage Virtualization
Backup & Recovery,Local Replication,Remote Replication,Securing storage Infrastructure
Storage Security Framework,Risk Triad,Storage Security Domains
Security Implementation in Storage Networking
Managing & Monitoring the Storage Infrastructure,Storage Management Activities
Developing an Ideal Solution
Cloud Computing definition,Private, public and hybrid cloud,Cloud types,IaaS,PaaS,SaaS
Benefits and challenges of cloud computing,Public vs private clouds
Role of virtualization in enabling the cloud,Business Agility,Benefits & challenges to Cloud
Technologies and the processes required when deploying web services
Deploying a web service from inside and outside a cloud architecture
Advantages and Disadvantages,Development environments for service development
Amazon, Azure, Google App,Security Concepts,Confidentiality, privacy, integrity
Authentication,non- repudiation,Availability,accesscontrol,defence in depth Least privilege
How these concepts apply in the cloud and their importance in PaaS, IaaS and SaaS.
Multi-tenancy Issue,Isolation of users/VMs from each other,How the cloud provide this
Virtualization System Security Issues,ESX and ESXi Security, ESX file system security
Storage considerations, backup and recovery,Virtualization System Vulnerabilities
Security management in the cloud,Security management standards
SaaS, PaaS, IaaS availability management,Access control
Data security and storage in cloud
Fundamentals Of Cyber Security, Introduction-Cyber Security and its problem
Intervention Strategies, edundancy, Diversity and Autarchy,Issues In Cyber Security
Private ordering solutions,Regulation and Jurisdiction for global Cyber security
Copy Right-source of risks,Pirates, Internet Infringement, Postings, Criminal liability
First Amendments, Data Loss,Intellectual Property Rights,Copy Right-source of risks
Pirates, Internet Infringement,Fair Use, Postings, Criminal liability
First Amendments, Data Loss,Trademarks, Defamation,Privacy-Common Law Privacy
Constitutional law, Federal Statutes,Anonymity, Technology expanding privacy rights
Procedural Issues,Duty of Care,Criminal Liability,Electronic Contracts & Digital Signatures
Misappropriation of information,Civil Rights, Tax, Evidence
Legal Aspects Of Cyber Security, Ethics, Legal Developments
Late 1990 to 2000, Cyber security in Society,Security in cyber laws case
Studies, General law and Cyber Law, A Swift Analysis
Duration of the courses: 120 Hours
Audience
Those interested to take up Cyber Security Courses, Students who are pursuing graduation, those who are interested in Networking & Security.
Key Benefits
At the end of the training, students will establish and govern minimum standards for credentialing professional information security specialists in cyber security measures and reinforce the trianing as a unique and self-regulating profession.