COURSES & SCHEDULE

IT/Cyber Security Training

Python Course

Course Summary
Python is a modern object-oriented programming language well-suited for a variety of uses, from scripting to data mining to web applications. This course does an overview of Python, so that student can get started right away. We will learn the details of the language, its syntax and structure, exception handling, functions, classes and Python’s powerful object model. Students will learn how to use eclipse IDE to develop Python code, execute them, and save and export them. Multiple projects will be developed using Python.

Coursebook/Reference Book:
Python Programming for Beginners: An Introduction to the Python Computer Language and Computer Programming 978-1501000867

  • Installing python
  • Setting up Eclipse IDE to work with Python
  • Creating main script
  • White spaces in Python
  • Commenting code
  • Working with variables and values
  • Using conditionals
  • Writing Python functions
  • Day 2
  • Mutable and immutable objects in Python
  • Working with numbers and strings
  • Aggregating values using lists and tuple
  • Creating associative (hashable) lists using Python dictionaries
  • Determining type and identity of variables
  • Python while and for loops
  • Python iterators
  • Controlling loops using break, continue, and else
  • Using Regular Expressions (Regex) with Python
  • Handling exceptions (errors) in Python
  • Defining functions with variable arguments
  • Day 3
  • Understanding Python classes and objects
  • Using methods
  • Using object data
  • Understanding inheritance
  • Applying polymorphism to classes
  • Understanding strings as objects
  • Working with common string methods
  • Formatting strings
  • Splitting and joining strings
  • Day 4
  • Creating containers using lists, tuples, and dictionaries
  • Reading and writing to files using Python
  • Using Python to connect and work with SQLite databases
  • Introduction to Anaconda Python

Data Mining Course

  • Day 1
  • Installing Python
  • Setting up Eclipse IDE to work with Python
  • Creating main script
  • White spaces in Python and commenting code
  • Working with variables and values
  • Using conditionals
  • Writing Python functions
  • Day 2
  • Mutable and immutable objects in Python
  • Working with numbers and strings
  • Aggregating values using lists and tuple
  • Creating associative (hashable) lists using Python dictionaries
  • Determining type and identity of variables
  • Python while and for loops
  • Python iterators
  • Controlling loops using break, continue, and else
  • Using Regular Expressions (Regex) with Python
  • Handling exceptions (errors) in Python
  • Defining functions with variable arguments
  • Day 3
  • Understanding Python classes and objects
  • Using methods
  • Using object data
  • Understanding inheritance
  • Applying polymorphism to classes
  • Understanding strings as objects
  • Working with common string methods
  • Formatting strings
  • Splitting and joining strings
  • Day 4
  • Creating containers using lists, tuples, and dictionaries
  • Reading and writing to files using Python
  • Using Python to connect and work with SQLite databases
  • Creating a project n Python using SQLite
  • Day 5
  • Installing Python extensions: Numpy, Matplotlib, Seaborn, Pandas
  • Working with iPython Notebook
  • Working with Python dicts and comprehensions
  • Understanding Pandas and Pandas data frames
  • Data mining using iPython, Nympy, Pandas
  • Plotting data using Matplotlib and Se

Cyber Attacks & Defense Course

Course Summary Cyber security is the body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access. In a computing context, the term security implies cyber security. Ensuring cyber security requires coordinated efforts throughout an information system. Elements of cyber security include:

  • Application Security
  • Information Security
  • Network Security
  • Disaster Recovery/Business Continuity Planning
  • End-user Education

In this course, all the above security areas will be discussed. Demos and labs will supplement the lecture material in detail. Lecture/Discussion (30-40%) and Hands-on Exercises (60-70%).

  • Day 1
  • Defense in depth concepts
    • People
      • Policies and procedures
      • Physical security
      • Training and awareness
      • Personnel security
      • Facilities
      • System security administration
    • Technology
      • Information assurance architecture
      • A criteria (security, interoperability, PKI)
      • Acquisition/integration of evaluated products
      • System risk assessment
    • Operations
      • Security policy
      • Security management
      • Certification and accreditation
      • Key management
      • Readiness assessment
      • Recovery
  • Day 2
  • Security policies and procedures
    • Differences between policies and procedures
    • Enforcement
    • Using online templates
  • Security education
    • Security awareness
    • Security training
    • Ongoing education
    • Management role
    • HR role
    • Legal role
    • IT role
  • Data encryption for data in-transit and at rest
    • Symmetric encryption
    • Asymmetric encryption
    • Open standards
    • PKI
    • Hashing
  • Physical security
    • Policies and Procedures
    • Signs
    • CCTV
    • Locks
    • Bollards
    • Logging
    • Biometrics
  • Day 3
  • Securing mobile devices
    • Centralized managed devices
    • MDMs
    • BYOD management and risks
  • Securing servers (Web, FTP, DNS, Application, DHCP)
    • Secure coding
    • Developer role
    • Administrator role
    • End user role
    • Management role
  • Securing routers, switches, gateways, and network devices
    • Physical security
    • Administrator role
    • Networkdesign
  • Network attacks and penetration testing
    • Nmap
    • MITM
    • DHCP starvation
    • Metasploit framework
    • Social engineering toolkit
    • Hydra
    • Maltego
    • Wireshark
    • Password cracking
  • Day 4
  • Developing secure code
    • Developer education
    • Management role
    • Outsourcing
    • Code review
  • Security in social media
    • Privacy policies
    • User education
    • Social engineering
    • Positives and negatives of OSN
  • Steganography
    • Text manipulation
    • Hiding data
    • Water marking
    • Encryption

Security Analysis & Hacking

  • Introduction to Ethical Hacking and information gathering
  • Foot-printing and reconnaissance
    • Discussion: what are foot-printing and reconnaissance?
    • Discussion: best practices for prevention of foot-printing and reconnaissance
    • Lab: pinging traceroute
    • Lab: using WhoIs services
    • Lab: using email tracking tools
    • Lab: collecting and mirroring site information
  • Function of an ethical hacker
    • Discussion: contractual obligations
    • Discussion: Following best practices
    • Discussion: When to say no to the client
  • Techniques to scan and attack a network
    • Discussion: best practices for hardening networks
    • Discussion: social and technical approaches
    • Lab: checking for open ports
    • Lab: banner grabbing
    • Lab: OS fingerprinting
    • Lab: sniffing a network
    • Lab: protecting web servers
    • Lab: protecting database servers
    • Lab: protecting application servers
    • Lab: SQL injection
    • Lab: Cross-site scripting
  • Analyzing system risk and weakness
    • Discussion: best practices for hardening systems
    • Lab: password hacking (localandoverthenetwork)
    • Lab: locating hidden files in the file system
    • Lab: password recovery
    • Lab: monitoring systems remotely
    • Lab: recognizing and protecting against
    • Trojans, viruses, and worms
  • Applying countermeasure
    • Discussion: overall best counter measures
    • Lab: encryption for data at rest
    • Lab: encryption for data in transit
    • Lab: strong password policy requirements
    • Lab: using proxies and VPNs
  • Social engineering
    • Discussion: what is social engineering?
    • Discussion: policies and education regarding social engineering
    • Lab: being an effective social engineer
    • Lab: phishing and pharming
    • Lab: credential harvesting
    • Lab: phishing sites and their detection
    • Lab: using metasploit
    • Lab: steganography
  • Evading IDSs, firewalls, and honeypots
    • Discussion: what’s a honeypot, an IDS, and a firewall?
    • Lab: using snort for intrusion detection
    • Lab: hardening the firewall
  • Buffer overflow and cryptography
    • Discussion:what is buffer overflow?
    • Discussion: what is cryptography?
    • Lab: observing a buffer overflow
    • Lab: preventing buffer overflows with good coding practices
    • Lab: performing encryption using TrueCrypt
    • Lab: performing encryption using Pretty Good Privacy (PGP)
    • Lab: using VPNs
    • Lab: using IPSec
  • Performing penetration testing
    • Discussion: best practices for pen testing