Cyber Security Essentials Bootcamp

Overview

Cybersecurity Essentials Bootcamp is a 4-day instructor-led course packed full of hands-on labs and practical exercies, which teach the effective steps to prevent, detect and respond to a cyber incident. With actionable techniques acquired within the course that can directly apply, making a genuine difference in the workplace. Each module is packed with extensive hands-on exercises that covers leading edge skills, applied knolwedge of best practice preventative tooling, in addition to the existing threat landscape of emerging technologies such as: Internet of Things, Cloud, Smart Cities, Connected and Autonomous Vehicles and Cryptocurrency and blockchain.

This course is designed for IT and Security Professionals and Managers who want to understand the essentails of cybersecurity and current threat landscape. Perfect for those whishing to build and or pivot to a defensive security posture, for those charged with maintaining and defending against cyber attacks. This course will be of benefit to junior and mid level cyber roles, who are interested in Security Operations, Forensic Analysis, GRC Officers, Security Auditors and Secure Developers, all with a passion to be as effective as possible in thier security discipline.

Prerequisites

• Basic knowledge of networking is desirable but not essential, particularly awareness of protocols and internet services.
• Basic knowledge of Windows and Linux operating systems is desirable but not essential.
• QACISMP and or QAFCCS are ideal prerequisite courses for those completely new to applied technical security concepts, tools and services.

Learning outcomes

• Understand the threats faced by modern networks, systems and application platforms
• Understand the techniques used to detect, prevent and respond to these threats
• Build enablement solutions for detection and situational awareness
• Respond, contain and start hunting out known and unknown threats
• Use leading ‘open source’ security tools to serve active and passive defence techniques
• Discover and analyse ‘high risk’ weakness within systems
• Create an actionable and auditable policies
• Understand cryptography and its applications in a digital world
• Begin to analyse, attribute and predict the threats and create an active defence posture

Course Outcomes

Critical Security Control

• Introduction to Cybersecurity
• Social Engineering and Malware
• Defence in Depth and Security Controls
• Security Tools
• Incident Management

Module Labs:

• Lab 1: Using a Forensic Tool to investigate external threats
• Lab 2: Utilising Google Dorking for Intelligence Gathering
• Lab 3: Using a Network Scanner to harvest service information
• Lab 4: Building a security case in Wireshark

Modern Network Architecture

• Network Security Tools
• Wireless Security
• Physical Security Controls
• Secure Protocols and Services
• Secure System and Network Design
• Secure Cloud Services and Virtualisation

Module Labs:

• Lab 5: Utilising Windows Firewall Defender and Windows Centre
• Lab 6: Securing Windows Web Server Apache
• Lab 7: Auditing compliance in Linux using Lynis
• Lab 8: Exploring Internet of Security Things
• Lab 9: Building a security case for cloud solution

Principles of Risk

• Business Continuity
• Risk Management
• Vulnerability Scanning and Penetration Test
• Corporate Security Policies
• Forensic Collection and Preservation

Module labs:

• Lab 10: Performing a Table-top Incident Response Exercise
• Lab 11: Using MITRE ATT&CK Framework for threat hunting
• Lab 12: Exploring the use of Digital Forensics
• Lab 13: Scanning web server for vulnerabilities

Operation System & Application Security

• Application Exploits
• Web Server Exploits
• Web Browser Exploits
• Secure Application Design
• Secure Coding
• Auditing Applications

Module labs:

• Lab 14: Performing SQL Injection on a Vulnerable Web Server
• Lab 15: Using Metasploit and creating a backdoor shell

Applied Cryptography

• Cryptography Application
• Identity and Access Management
• Cryptocurrency and Blockchain

Module Labs:

• Lab 16: Setting password security baselines on windows
• Lab 17: Auditing security baselines on windows
• Lab 18: Investigating cryptocurrency using OSINT tools (Part 1)
• Lab 19: Investigating cryptocurrency using OSINT tools (Part 2)