INFORMATION SECURITY TRAINING CATALOG (2015)

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "INFORMATION SECURITY TRAINING CATALOG (2015)"

Transcription

1 INFORMATICS AND INFORMATION SECURITY RESEARCH CENTER CYBER SECURITY INSTITUTE INFORMATION SECURITY TRAINING CATALOG (2015) Revision TÜBİTAK BİLGEM SGE Siber Güvenlik Enstitüsü P.K. 74, Gebze, Kocaeli, Türkiye Tel: +90 (262) , Fax: +90 (262)

2 Information Security Trainings Basic Trainings Information Security Awareness for End Users Information Security Awareness for Managers Social Engineering: Attack and Defense Methods... 6 Intermediate Level Trainings ISO Information Security Management System Implementation Cyber Incident Response Team Business Continuity / Disaster Recovery Planning Windows Security Microsoft Systems Security Linux Security TCP/IP Network Security Active Network Device Security System Security Audit Basic Security Audit Wireless Network Security Log Management Advanced Trainings Oracle Database Security MS SQL Server Database Security Web Applications Security Security Information and Event Management Systems Penetration Testing and Ethical Hacking Log Analysis Master Level Trainings Information Systems Forensics Computer Network Forensics Windows Malware Analysis Secure Software Development... 31

3 Basic Trainings 3

4 1. Information Security Awareness for End Users Users of information systems. Basic knowledge to use information systems as a regular user. Role of user in information security Contribution of user to corporate Information Security Management System (ISMS) Access to computers Password security security Security while accessing the Internet Virus protection Setup, use and disposal of storage media File access and sharing Information backup Social engineering User responsibilities in computer incidents 3 hours Attendees will become familiar with the basics of information security and will enhance their awareness about the importance of corporate information security too. They will learn their duties and responsibilities as a contributor to a corporate ISMS. 4

5 2. Information Security Awareness for Managers Managers who wish to improve their understanding in the field of information security. Staff who has a general understanding about information systems wish to obtain further information about information security. General information about information systems. Basic concepts of information security Security policy Organizational security Human resource security Risk assessment and risk mitigation Business continuity Information security incident management Operating system security Network security Web security Digital certificates and certificate distribution systems Password management Antivirus systems 2 days Attendees will obtain information about the basic concepts of information security and overall fuctioning of ISMS. Introduction will be made based on the technical aspects of information systems security. 5

6 3. Social Engineering: Attack and Defense Methods All information system users, whereas the attendance of system administrators is critical. Classroom should be equipped with one personal computer per attendee since the training includes hands-on exercises. Social engineering concept Attack techniques Examples of social engineering attacks Social engineering tests Prevention methods Several social engineering applications 2 days Attendees will become familiar with the social engineering attacks, which is quite common and may lead to loss of confidential information, or even the reputation of an institution. Attendees will acquire the capacity of offering social engineering trainings as well. 6

7 Intermediate Level Trainings 7

8 4. ISO Information Security Management System Implementation Staff obliged to establish and maintain an ISO based ISMS as well as staff responsible for processes that will be subject to an ISO audit. Familiarity with quality management systems is helpful but not indispensable. What is an ISMS and why is it needed? Plan-Do-Check-Act process in ISO Risk assessment and treatment in information systems ISO control categories o Security Policy o Organization of Information Security o Asset management o Human resource security o Physical and environmental security o Communications and operations management o Access control o Information systems acquisition, development and maintenance o Information security incident management o Business continuity management o Conformance ISO conformance audit o Audit planning o Audit checklists o Non-conformances and reporting Several applications 3 days Attendees wil be able to establish ISMS in their institutions. Attendees will also be acquainted with audit concepts. Note: Upon request, a two-day version of the course may be presented as well. 8

9 5. Cyber Incident Response Team Staff obliged to establish or manage CERT (Computer Emergency Response Team) in their institutions. Staff working in the information security department of their institutions. Some experience is required about both the business processes and the information system infrastructure of the institution. Introduction (History, computer incident examples, CERT and security organization examples) Basic questions and titles about CERT (What is CERT? What is the scope of operational framework of CERT?) Computer incident management process (incident management service definition and functions) Operational components of CERT (software, hardware, policy and procedures) CERT project plan 2 days Objective of the training is to elevate the level of course attendees to a position where they can establish CERTs in their institutions. 9

10 6. Business Continuity / Disaster Recovery Planning Staff responsible for the management of business continuity / disaster recovery process, managers of institutions where business continuity / disaster recovery plan does not exist, developers of business continuity / disaster recovery plans, staff that has a role in the business continuity / disaster recovery plan, emergency team members and security auditors. None Principles associated with the management of business continuity project Threats that may target all institutions Risk assessment and designation of security controls How to conduct the business impact analysis Developing the business continuity strategy Design of emergency response and related activities, how to improve readiness How to construct the disaster recovery teams In case of disaster o How to minimize the impact o How to execute recovery in designated duration o Emergency communication requirements Development and application of the business continuity plan Training and awareness activities for quick and correct response Testing and updating the business cotinuity plan 2 days Attendees will accumulate sufficient information to develop business continuity plans in their institutions. 10

11 7. Windows Security Windows network administrators, Microsoft Active Directory administrators, staff from institutions which are planning safe migration to Microsoft systems, staff interested in Microsoft systems security. Basic knowledge of Windows and computer networks. Windows operating system security (XP/2003/Windows 7/2008-R2) IPSec, PKI ( Public Key Infrastructure ) and EFS ( Encrypting File System ) Powershell development for Windows environment 3 days Course includes theoretical information as well as hands-on practice to equip attendees with the capability to apply Windows security best practices in their institutions. 11

12 8. Microsoft Systems Security Windows network administrators, Microsoft Active Directory administrators, staff from institutions which are planning safe migration to Microsoft systems, IIS and Exchange administrators, staff interested in Microsoft systems security. Basic knowledge of Windows, Exchange, Active Directory and networks. Microsoft Web Services Security (IIS 7.5) Microsoft PowerShell Active Directory and Network Services Security (Group policy, DNS, DHCP) Patch management in Microsoft systems 4 days Attendees will acquire advance level information within the scope of Microsoft systems security. They will have the capability to apply Microsoft systems security best practices in their institutions. 12

13 9. Linux Security Experts responsible for the security of Linux based systems, system administrators studying how to secure Linux based Internet applications, system administrators eager to learn about security tests and system hardening tools. Experience as Linux system administrator. Secure setup Configuration of startup services Secure configuration of kernel File system access control User access control Management of system logs Security audit tools Security hardening tools Security script programming 3 days Attendees will be able to realize the security hardening of Linux based operating systems. They will acquire ability to use free software security tools on their systems. They will also acquire capability of using or developing tools that will help them discover security breaches in their systems. 13

14 10. TCP/IP Network Security System and network administrators, security and penetration test experts, staff of IT security department, IT security auditors. Basic knowledge of networks. Protocols of the TCP/IP protocol stack Operation principles of different layers of the TCP/IP stack and threats targeting these layers Security vulnerabilities of TCP/IP protocols and mitigation techniques Techniques, protocols and devices that are used to assure network security Packet capturing software such as Wireshark, analysis of packets and protocols Concepts such as SSL, IPSec, VPN and digital certificates Network components such as Firewall, IDS/IPS and Proxy 2 days Applied work about the security of TCP/IP networks will bring a wealth of information and capabilities to the attendees. The attendees are expected to apply good security practices in their institutions network. 14

15 11. Active Network Device Security System and network administrators, security and penetration test experts, staff of IT security department, IT security auditors. Basic knowledge of networks Within the scope of (hardening of) active devices, network design and assuring the security of networks, the following topics will be studied theoretically with hands-on exercises. Steps toward hardening of active devices that are commonly used today in the internal networks and they are also used to connect networks to the outside world, such as o Backbone switch, o Router, o Firewall, o Content filter Security controls applicable to active devices, such as o Physical security, o Equipment security, o Identity authentication, o Authorization and monitoring, o Patch management, o Access control lists, o Remote management conrtrol, etc. 2 days The attendees are expected to learn security controls applicable to active network devices through the theoretical and the applied parts of the course. The attendees are also expected to apply these security controls in their institutions. 15

16 12. System Security Audit Information technology auditors, information security experts eager to enhance their system security audit abilities, system and network administrators willing to understand the security audit approach and prepare their systems to security audits. Basic network and operating system (Windows and Unix) information, familiarity with peripheral protection systems. Vulnerability and threat definitions Open source security vulnerability scanners and how to use them Discovering the topology of a network Peripheral protection systems audit Windows audit Audit of Unix/Linux systems 4 days Attendees will learn how to use security vulnerability scanners. Attendees will also learn how to conduct security audit of operating systems, peripheral protection systems and web applications. 16

17 13. Basic Security Audit Information technology auditors, information security experts eager to enhance their system security audit abilities, system and network administrators willing to understand the security audit approach and prepare their systems to security audits. Basic network and Windows operating system information. Vulnerability and threat definitions Open source security vulnerability scanners and how to use them o Nessus, Nmap, MBSA Windows audit o Security templates o Security Configuration and Analysis 1 day Attendees will learn how to use security vulnerability scanners and how to conduct security audit of Windows operating system. Note: This course is a one-day-long (shorter) version of 12. System Security Audit. 17

18 14. Wireless Network Security Wireless network administrators, system or network administrators who wish to install and setup wireless networks, IT experts who wish to obtain information about wireless network security. Basic knowledge of networks. Security risks in wireless local area networks Secure wireless communication architecture Software tools that are used for securing or attacking wireless networks 2 days Attendees will obtain information about the risks of wireless communication and techniques to mitigate these risks. Additional information will be supplied about wireless network audit tools. Note: The course includes hands-on exercises and the number of attendees is limited to 18. Upon request, a one-day-long version of the course maybe offered, excluding the handson exercises as well. 18

19 15. Log Management System and network administrators Information systems experts b. Information security managers and expertsprerequisites Basic knowledge of operating systems and information systems. Basic concepts about log management, Configuration settings needed in order to collect logs, Log analysis techniques, Crucial points in log management system setup, Analysis of large log files, Instant tracking of log files, Log files to be investigated during a security breach, Log files to be collected due to legal or institutional policies, Common mistakes and problems of log collection process, Log collection standards. 2 days Attendees will obtain knowledge on how to setup log management systems in order to collect logs efficiently from information systems due to legal or institutional policies and obtain ability to analyse these logs according to corporate needs. 19

20 Advanced Trainings 20

21 16. Oracle Database Security Database administrators, database security auditors. General information about databases and basic database management. Database basics Identity control Access control lists Database security audits Network security Database backup Audit of access tools Advanced security measures 3 days At the end of the course, auditors will be able to conduct security audit of databases whereas managers will be able to implement secure management of databases. Note: Although this course deals with Oracle database, general topics applicable to all databases are covered. 21

22 17. MS SQL Server Database Security Database administrators, database security auditors. General information about databases and basic knowledge of database management. SQL Server 2005/2008, general topics Operating system configuration Network configuration SQL Server 2005/2008 setup and maintenance SQL Server 2005/2008 configuration Access control and authorization Audit and log management Backup and disaster recovery procedures Replication Software application development Surface Area Configuration tool SQL Server 2005/2008 test and monitoring tools 3 days At the end of the course, attendees will learn SQL Server 2005/2008 database security mechanisms and factors affecting security. They will gain ability to conduct security audit to an SQL Server 2005/2008 database. Database managers, in the meantime, will learn how to manage their database securely. 22

23 18. Web Applications Security HTTP based application developers and auditors. Basic knowledge of Web technologies (HTTP, HTML, web servers, internet browsers) and at least one of the programming languages used in web applications (PHP, Java, ASP.NET, Perl, etc.). Information gathering Configuration management User authentication Input / output validation Session management Authorization Application logic Log management Failure management Secure application management 2 days The attendees will learn important security components of HTTP based applications, most common mistakes, how to avoid making these mistakes and how to assure sustainable application security. 23

24 19. Security Information and Event Management Systems Information system administrators, information system security administrators, IT auditors. Familiarity with information system components and security components of IT systems. Centralized log management systems Requirement for event correlation systems Advantages of event correlation systems Event correlation steps OSSIM attack correlation systems OSSIM overview Basic components of OSSIM Tools utilized by OSSIM OSSIM setup OSSIM component configuration Policies Data fusion from separate components Attack correlation System maintenance and update 4 days Attendees will obtain information about centralized attack correlation systems. They will learn how to gather logs being accumulated on separate security components centrally, how to monitor attacks conducted from an internal or an external network and take necessary steps against an attack. 24

25 20. Penetration Testing and Ethical Hacking Staff who are supposed to conduct penetration tests and security audits in their institutions, staff working in information security departments of their institutions. Experience and awareness of security issues, intermediate level of knowledge about Linux, Windows and TCP/IP, intermediate level of experience about information system infrastructure. Introduction (What is Penetration test? Crucial points before, during and after penetration tests and penetration test methodologies) Discovery (Discovery categories. Applied nmap exercise; port scanning, service and operating system discovery, etc.) Vulnerability discovery (Vulnerability concept. Nessus exercise; policy designation, scanning and vulnerability analysis) Exploit (Exploit and payload concepts. Metasploit exercise; msfconsole, meterpreter, post-exploit and auxiliary modules, etc.) Network penetration tests and layer two attacks (Network sniffing, MAC table flooding, ARP poisoning, VLAN hopping, DHCP IP pool exhaustion attacks) External network tests and information gathering (Active and passive information gathering, Google hacking, etc.) Social engineering (Using and telephone. Customized payload and malware generation macro, pdf and exe. Relay vulnerability. Post-exploitation ) Web application tests (Input-output detection, XSS and SQL-i attacks) 5 days Attendees will be able to participate and contribute to penetration tests. 25

26 21. Log Analysis System and network administrators Information systems experts b. Information security managers and expertsprerequisites Basic knowledge of operating systems, databases and computer networks. Overview to log analysis, Log analysis standards, rules and legal regulations, Log collection and viewer tools, Common mistakes in log analysis, Incident response, Log analysis in different stages of incident response, Contribution of log analysis to incident response. 5 days Attendees will learn basic concepts about log collection and log analysis, will obtain ability to use log analysis in incident response, will learn which logs can be used in which part of an incident response. Furthermore attendees will obtain ability to use several log collection tools. 26

27 Master Level Trainings 27

28 22. Information Systems Forensics Staff from IT department who are eager to conduct information systems forensic analysis. Basic knowledge of Linux and Windows operating systems. Computer incident response Preliminary stages of computer forensic analysis Information about NTFS, FAT32, ext2, ext3 file systems such as, how files are opened, saved and deleted in these systems Non-volatility of data in different components of a computer (RAM, Stack area, hard disks etc.) Data storage and retrieval from these components Conducting computer incident forensic analysis on a Linux system and presentation of related tools In the applied part of the course, setting up the forensic analysis environment and conducting, with tools, the analysis of a suspected file Conducting computer incident forensic analysis on a Windows system and presentation of related tools Legal framework about forensic analysis and storage of data in a format which is suitable for presenting to a court as an evidence 3 days Attendees will be able to conduct computer forensic analysis on their own. 28

29 23. Computer Network Forensics Network, system and security administrators, IT staff eager to conduct computer network forensic analysis. Basic knowledge of TCP/IP, networks, Linux and Windows operating system. The following topics will be covered in order to conduct incident analysis and to collect evidence in case of a cybercrime without refering to storage components such as hard disks and RAM. Another objective is to detect incidents and malicious network traffic exploiting incorrect configuration of network components. Foundations of forensic analysis Network packet capturing technologies: Hardware, software and tools Basic network protocols and components Network security component log analysis: Logs of firewalls, intrusion detection and prevention systems, etc. Analysis of network protocols (HTTP, SMTP, DNS etc.) Deep packet inspection Detection of malicious network traffic: Man in the middle attack, DNS cache poisoning etc. attacks Detection of network traffic tunneling techniques: DNS, ICMP, SSH tunnelling etc. Analysis of encrypted network traffic: SSL traffic listening technique Reconstruciton of network traffic to obtain original data Network flow analysis 4 days Attendees will be able to conduct forensic analysis and to collect evidence without accessing storage components after cybercrimes. They will be able to detect malicious network traffic and security incidents due to network components as well. 29

30 24. Windows Malware Analysis IT staff eager to conduct Windows malware analysis. Being familiar with high-level programming features such as parameters, loops and functions, Being informed about basic concepts of Windows operating system ( process, thread, memory management, registry, handle etc.), Having basic information about IP, HTTP, TCP, UDP, etc. network protocols, Wireshark etc. packet capturing tools, Having introductory level knowledge of assembly and x86 architecture is required. Windows operating system, basic concepts Basic static analiysis Behaviour analysis Code analysis Hidden execution methods Static analiysis prevention methods Dinamic analysis prevention methods Memory dump analysis Analysis of Web (browser) based malware Analysis of malicious documents 5 days Attendees will obtain applicable information about reverse engineering. Attendees will also acquire Windows and web based malware and malicious document analysis capability. 30

31 25. Secure Software Development Software developers/engineers, software project managers, software quality control team and system architects. Intermediate experience with a programming language. Security problems of software Security problems of technology components where software is running Basic elements of secure software development process How to integrate a secure software development lifecycle to a software development process Source code samples, demonstrating most common vulnerabilities and how to prevent them Technology that maybe applied to assure secure operation of components such as application server and database, where software is running, since software depends on these systems. 3 days Attendees will learn basic secure coding principles, secure software design and development, threat modeling and principles of security tests. 31

32 2015 TÜBİTAK BİLGEM SGE Siber Güvenlik Enstitüsü P.K. 74, Gebze, Kocaeli, Türkiye Tel: +90 (262) , Fax: +90 (262)

INFORMATION SECURITY TRAINING CATALOG (2016)

INFORMATION SECURITY TRAINING CATALOG (2016) INFORMATICS AND INFORMATION SECURITY RESEARCH CENTER CYBER SECURITY INSTITUTE INFORMATION SECURITY TRAINING CATALOG (2016) Revision 4.0 2015 TÜBİTAK BİLGEM SGE Siber Güvenlik Enstitüsü P.K. 74, Gebze,

More information

2016 TÜBİTAK BİLGEM Cyber Security Institute

2016 TÜBİTAK BİLGEM Cyber Security Institute 2016 Revision 5.0 2016 TÜBİTAK BİLGEM Cyber Security Institute 1 ... 3 1. Information Security Awareness for End Users... 4 2. Information Security Awareness for Managers... 5 3. Social Engineering: Attack

More information

PND at a glance: The World s Premier Online Practical Network Defense course. Self-paced, online, flexible access

PND at a glance: The World s Premier Online Practical Network Defense course. Self-paced, online, flexible access The World s Premier Online Practical Network Defense course PND at a glance: Self-paced, online, flexible access 1500+ interactive slides (PDF, HTML5 and Flash) 7+ hours of video material 10 virtual labs

More information

Description: Objective: Attending students will learn:

Description: Objective: Attending students will learn: Course: Introduction to Cyber Security Duration: 5 Day Hands-On Lab & Lecture Course Price: $ 3,495.00 Description: In 2014 the world has continued to watch as breach after breach results in millions of

More information

Vulnerability Assessment and Penetration Testing

Vulnerability Assessment and Penetration Testing Vulnerability Assessment and Penetration Testing Module 1: Vulnerability Assessment & Penetration Testing: Introduction 1.1 Brief Introduction of Linux 1.2 About Vulnerability Assessment and Penetration

More information

If you know the enemy and know yourself, you need not fear the result of a hundred battles.

If you know the enemy and know yourself, you need not fear the result of a hundred battles. Rui Pereira,B.Sc.(Hons),CIPS ISP/ITCP,CISSP,CISA,CWNA/CWSP,CPTE/CPTC Principal Consultant, WaveFront Consulting Group ruiper@wavefrontcg.com 1 (604) 961-0701 If you know the enemy and know yourself, you

More information

Information Security. Training

Information Security. Training Information Security Training Importance of Information Security Training There is only one way to keep your product plans safe and that is by having a trained, aware and a conscientious workforce. - Kevin

More information

Ethical Hacking and Information Security. Foundation of Information Security. Detailed Module. Duration. Lecture with Hands On Session: 90 Hours

Ethical Hacking and Information Security. Foundation of Information Security. Detailed Module. Duration. Lecture with Hands On Session: 90 Hours Ethical Hacking and Information Security Duration Detailed Module Foundation of Information Security Lecture with Hands On Session: 90 Hours Elements of Information Security Introduction As technology

More information

Penetration Testing with Kali Linux

Penetration Testing with Kali Linux Penetration Testing with Kali Linux PWK Copyright 2014 Offensive Security Ltd. All rights reserved. Page 1 of 11 All rights reserved to Offensive Security, 2014 No part of this publication, in whole or

More information

information security and its Describe what drives the need for information security.

information security and its Describe what drives the need for information security. Computer Information Systems (Forensics Classes) Objectives for Course Challenges CIS 200 Intro to Info Security: Includes managerial and Describe information security and its critical role in business.

More information

CRYPTUS DIPLOMA IN IT SECURITY

CRYPTUS DIPLOMA IN IT SECURITY CRYPTUS DIPLOMA IN IT SECURITY 6 MONTHS OF TRAINING ON ETHICAL HACKING & INFORMATION SECURITY COURSE NAME: CRYPTUS 6 MONTHS DIPLOMA IN IT SECURITY Course Description This is the Ethical hacking & Information

More information

IT Networking and Security

IT Networking and Security elearning Course Outlines IT Networking and Security powered by Calibrate elearning Course Outline CompTIA A+ 801: Fundamentals of Computer Hardware/Software www.medallionlearning.com Fundamentals of Computer

More information

Network Security Administrator

Network Security Administrator Network Security Administrator Course ID ECC600 Course Description This course looks at the network security in defensive view. The ENSA program is designed to provide fundamental skills needed to analyze

More information

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM Course Description This is the Information Security Training program. The Training provides you Penetration Testing in the various field of cyber world.

More information

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks

More information

Open Source Security Tool Overview

Open Source Security Tool Overview Open Source Security Tool Overview Presented by Kitch Spicer & Douglas Couch Security Engineers for ITaP 1 Introduction Vulnerability Testing Network Security Passive Network Detection Firewalls Anti-virus/Anti-malware

More information

Chapter 1 The Principles of Auditing 1

Chapter 1 The Principles of Auditing 1 Chapter 1 The Principles of Auditing 1 Security Fundamentals: The Five Pillars Assessment Prevention Detection Reaction Recovery Building a Security Program Policy Procedures Standards Security Controls

More information

CYBERTRON NETWORK SOLUTIONS

CYBERTRON NETWORK SOLUTIONS CYBERTRON NETWORK SOLUTIONS CybertTron Certified Ethical Hacker (CT-CEH) CT-CEH a Certification offered by CyberTron @Copyright 2015 CyberTron Network Solutions All Rights Reserved CyberTron Certified

More information

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,

More information

Networking: EC Council Network Security Administrator NSA

Networking: EC Council Network Security Administrator NSA coursemonster.com/uk Networking: EC Council Network Security Administrator NSA View training dates» Overview The EC-Council's NSA certification looks at network security from a defensive view. The NSA

More information

Information Technology Career Cluster Introduction to Cybersecurity Course Number: 11.48100

Information Technology Career Cluster Introduction to Cybersecurity Course Number: 11.48100 Information Technology Career Cluster Introduction to Cybersecurity Course Number: 11.48100 Course Description: Introduction to Cybersecurity is designed to provide students the basic concepts and terminology

More information

CSSIA CompTIA Security+ Domain. Network Security. Network Security. Network Security. Network Security. Network Security

CSSIA CompTIA Security+ Domain. Network Security. Network Security. Network Security. Network Security. Network Security Security+ Supported Labs - V1 Lab 1 Network Devices and Technologies - Capturing Network Using tcpdump to Capture Network with Wireshark with Network Miner 2 Secure Network Administration Principles -

More information

Learn Ethical Hacking, Become a Pentester

Learn Ethical Hacking, Become a Pentester Learn Ethical Hacking, Become a Pentester Course Syllabus & Certification Program DOCUMENT CLASSIFICATION: PUBLIC Copyrighted Material No part of this publication, in whole or in part, may be reproduced,

More information

CH ENSA EC-Council Network Security Administrator Detailed Course Outline

CH ENSA EC-Council Network Security Administrator Detailed Course Outline CH ENSA EC-Council Network Security Administrator Detailed Course Outline Summary Duration Vendor Audience 5 Days hands-on training EC-Council Security Professionals Level Technology Category Advance Ethical

More information

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus National Cyber League Certified Ethical Hacker (CEH) TM Syllabus Note to Faculty This NCL Syllabus is intended as a supplement to courses that are based on the EC- Council Certified Ethical Hacker TM (CEHv8)

More information

CompTIA Security+ (Exam SY0-410)

CompTIA Security+ (Exam SY0-410) CompTIA Security+ (Exam SY0-410) Length: Location: Language(s): Audience(s): Level: Vendor: Type: Delivery Method: 5 Days 182, Broadway, Newmarket, Auckland English, Entry Level IT Professionals Intermediate

More information

Microsoft Systems Architecture 2.0 (MSA 2.0) Security Review An analysis by Foundstone, Inc.

Microsoft Systems Architecture 2.0 (MSA 2.0) Security Review An analysis by Foundstone, Inc. Microsoft Systems Architecture 2.0 (MSA 2.0) Security Review An analysis by Foundstone, Inc. Foundstone Labs October, 2003 Table of Contents Table of Contents...2 Introduction...3 Scope and Approach...3

More information

Security + Certification (ITSY 1076) Syllabus

Security + Certification (ITSY 1076) Syllabus Security + Certification (ITSY 1076) Syllabus Course: ITSY 1076 Security+ 40 hours Course Description: This course is targeted toward an Information Technology (IT) professional who has networking and

More information

Guidelines for Website Security and Security Counter Measures for e-e Governance Project

Guidelines for Website Security and Security Counter Measures for e-e Governance Project and Security Counter Measures for e-e Governance Project Mr. Lalthlamuana PIO, DoICT Background (1/8) Nature of Cyber Space Proliferation of Information Technology Rapid Growth in Internet Increasing Online

More information

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak Medical Image Manager (MIM) Version 6.1.

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak Medical Image Manager (MIM) Version 6.1. Medical Device Security Health Imaging Digital Capture Security Assessment Report for the Kodak Medical Image Manager (MIM) Version 6.1.1 Part Number 1G0119 Version 1.0 Eastman Kodak Company, Health Group

More information

NSA/DHS CAE in IA/CD 2014 Mandatory Knowledge Unit Checklist 4 Year + Programs

NSA/DHS CAE in IA/CD 2014 Mandatory Knowledge Unit Checklist 4 Year + Programs Mandatory Knowledge Units 1.0 Core2Y 1.1 Basic Data Analysis The intent of this Knowledge Unit is to provide students with basic abilities to manipulate data into meaningful information. 1.1.1 Topics Summary

More information

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak DryView 8150 Imager Release 1.0.

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak DryView 8150 Imager Release 1.0. Medical Device Security Health Imaging Digital Capture Security Assessment Report for the Kodak DryView 8150 Imager Release 1.0 Page 1 of 9 Table of Contents Table of Contents... 2 Executive Summary...

More information

Information Technology Career Cluster Advanced Cybersecurity Course Number: 11.48200

Information Technology Career Cluster Advanced Cybersecurity Course Number: 11.48200 Information Technology Career Cluster Advanced Cybersecurity Course Number: 11.48200 Course Description: Advanced Cybersecurity is designed to provide students the advanced concepts and terminology of

More information

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0 EUCIP - IT Administrator Module 5 IT Security Version 2.0 Module 5 Goals Module 5 Module 5, IT Security, requires the candidate to be familiar with the various ways of protecting data both in a single

More information

EC-Council Ethical Hacking and Countermeasures

EC-Council Ethical Hacking and Countermeasures EC-Council Ethical Hacking and Countermeasures Description This class will immerse the students into an interactive environment where they will be shown how to scan, test, hack and secure their own systems.

More information

Computer Hacking Forensic Investigator v8

Computer Hacking Forensic Investigator v8 CÔNG TY CỔ PHẦN TRƯỜNG CNTT TÂN ĐỨC TAN DUC INFORMATION TECHNOLOGY SCHOOL JSC LEARN MORE WITH LESS! Computer Hacking Forensic Investigator v8 Course Description: EC-Council releases the most advanced Computer

More information

EC-Council Certified Security Analyst / License Penetration Tester (ECSA/LPT) v4.0 Bootcamp

EC-Council Certified Security Analyst / License Penetration Tester (ECSA/LPT) v4.0 Bootcamp EC-Council Certified Security Analyst / License Penetration Tester (ECSA/LPT) v4.0 Bootcamp ECSA/LPT is a security class like no other! Providing real world hands on experience, it is the only in-depth

More information

FRONT RUNNER DIPLOMA PROGRAM INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months

FRONT RUNNER DIPLOMA PROGRAM INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months FRONT RUNNER DIPLOMA PROGRAM INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months MODULE: INTRODUCTION TO INFORMATION SECURITY INFORMATION SECURITY ESSENTIAL TERMINOLOGIES SECURITY

More information

https://elearn.zdresearch.com https://training.zdresearch.com/course/pentesting

https://elearn.zdresearch.com https://training.zdresearch.com/course/pentesting https://elearn.zdresearch.com https://training.zdresearch.com/course/pentesting Chapter 1 1. Introducing Penetration Testing 1.1 What is penetration testing 1.2 Different types of test 1.2.1 External Tests

More information

Network Security: A Practical Approach. Jan L. Harrington

Network Security: A Practical Approach. Jan L. Harrington Network Security: A Practical Approach Jan L. Harrington ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Morgan Kaufmann is an imprint of

More information

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013 CS 356 Lecture 25 and 26 Operating System Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control

More information

Microsoft Technologies

Microsoft Technologies NETWORK ENGINEERING TRACK Microsoft Technologies QUARTER 1 DESKTOP APPLICATIONS - ESSENTIALS Module 1 - Office Applications This subject enables users to acquire the necessary knowledge and skills to use

More information

FedVTE Training Catalog SUMMER 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

FedVTE Training Catalog SUMMER 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov FedVTE Training Catalog SUMMER 2015 advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov Access FedVTE online at: fedvte.usalearning.gov If you need any assistance please

More information

EC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led

EC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led EC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led Certification: ENSA Exam 312-38 Course Description This course looks at the network security in defensive view.

More information

Course Title: Penetration Testing: Security Analysis

Course Title: Penetration Testing: Security Analysis Course Title: Penetration Testing: Security Analysis Page 1 of 9 Course Description: The Security Analyst Series from EC-Council Press is comprised of five books covering a broad base of topics in advanced

More information

FedVTE Training Catalog SPRING 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov

FedVTE Training Catalog SPRING 2015. advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov FedVTE Training Catalog SPRING 2015 advance. Free cybersecurity training for government personnel. fedvte.usalearning.gov If you need any assistance please contact the FedVTE Help Desk here or email the

More information

Topics in Network Security

Topics in Network Security Topics in Network Security Jem Berkes MASc. ECE, University of Waterloo B.Sc. ECE, University of Manitoba www.berkes.ca February, 2009 Ver. 2 In this presentation Wi-Fi security (802.11) Protecting insecure

More information

Montgomery College Germantown Campus NW246: Network Defense and Countermeasures Master Course Syllabus

Montgomery College Germantown Campus NW246: Network Defense and Countermeasures Master Course Syllabus Montgomery College Germantown Campus NW246: Network Defense and Countermeasures Master Course Syllabus Course Description: The purpose of this course is to prepare students for Level One of the Security

More information

Certified Ethical Hacker Exam 312-50 Version Comparison. Version Comparison

Certified Ethical Hacker Exam 312-50 Version Comparison. Version Comparison CEHv8 vs CEHv7 CEHv7 CEHv8 19 Modules 20 Modules 90 Labs 110 Labs 1700 Slides 1770 Slides Updated information as per the latest developments with a proper flow Classroom friendly with diagrammatic representation

More information

Description: Course Details:

Description: Course Details: Course: Malicious Network Traffic Analysis Duration: 5 Day Hands-On Lab & Lecture Course Price: $ 3,495.00 Description: There are a tremendous amount of network based attacks to be aware of on the internet

More information

PTSv2 in pills: The Best First for Beginners who want to become Penetration Testers. Self-paced, online, flexible access

PTSv2 in pills: The Best First for Beginners who want to become Penetration Testers. Self-paced, online, flexible access The Best First for Beginners who want to become Penetration Testers PTSv2 in pills: Self-paced, online, flexible access 900+ interactive slides and 3 hours of video material Interactive and guided learning

More information

ITEC441- IS Security. Chapter 15 Performing a Penetration Test

ITEC441- IS Security. Chapter 15 Performing a Penetration Test 1 ITEC441- IS Security Chapter 15 Performing a Penetration Test The PenTest A penetration test (pentest) simulates methods that intruders use to gain unauthorized access to an organization s network and

More information

NETWORK SECURITY (W/LAB) Course Syllabus

NETWORK SECURITY (W/LAB) Course Syllabus 6111 E. Skelly Drive P. O. Box 477200 Tulsa, OK 74147-7200 NETWORK SECURITY (W/LAB) Course Syllabus Course Number: NTWK-0008 OHLAP Credit: Yes OCAS Code: 8131 Course Length: 130 Hours Career Cluster: Information

More information

EC-Council Certified Security Analyst (ECSA)

EC-Council Certified Security Analyst (ECSA) EC-Council Certified Security Analyst (ECSA) v8 Eğitim Tipi ve Süresi: 5 Days VILT 5 Day VILT EC-Council Certified Security Analyst (ECSA) v8 Learn penetration testing methodologies while preparing for

More information

Unit 3 Research Project. Eddie S. Jackson. Kaplan University. IT540: Management of Information Security. Kenneth L. Flick, Ph.D.

Unit 3 Research Project. Eddie S. Jackson. Kaplan University. IT540: Management of Information Security. Kenneth L. Flick, Ph.D. Running head: UNIT 3 RESEARCH PROJECT 1 Unit 3 Research Project Eddie S. Jackson Kaplan University IT540: Management of Information Security Kenneth L. Flick, Ph.D. 10/07/2014 UNIT 3 RESEARCH PROJECT 2

More information

SANS Top 20 Critical Controls for Effective Cyber Defense

SANS Top 20 Critical Controls for Effective Cyber Defense WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a

More information

Exhibit B5b South Dakota. Vendor Questions COTS Software Set

Exhibit B5b South Dakota. Vendor Questions COTS Software Set Appendix C Vendor Questions Anything t Applicable should be marked NA. Vendor Questions COTS Software Set Infrastructure 1. Typically the State of South Dakota prefers to host all systems. In the event

More information

Table of Contents. Introduction. Audience. At Course Completion

Table of Contents. Introduction. Audience. At Course Completion Table of Contents Introduction Audience At Course Completion Prerequisites Certified Professional Exams Student Materials Course Outline Introduction This four-day, instructor-led course provides students

More information

CompTIA Network+ N Official Cert Guide Mapping Guide to CompTIA Network+ Simulator Labs

CompTIA Network+ N Official Cert Guide Mapping Guide to CompTIA Network+ Simulator Labs CompTIA Network+ N10 005 Official Cert Guide Mapping Guide to CompTIA Network+ Simulator Labs Domain 1.0: Network Concepts 1.1 Compare the layers of the OSI and TCP/IP Models TCP/IP Model Layer Matching

More information

Protecting Your Organisation from Targeted Cyber Intrusion

Protecting Your Organisation from Targeted Cyber Intrusion Protecting Your Organisation from Targeted Cyber Intrusion How the 35 mitigations against targeted cyber intrusion published by Defence Signals Directorate can be implemented on the Microsoft technology

More information

MCSE SYLLABUS. Exam 70-290 : Managing and Maintaining a Microsoft Windows Server 2003:

MCSE SYLLABUS. Exam 70-290 : Managing and Maintaining a Microsoft Windows Server 2003: MCSE SYLLABUS Course Contents : Exam 70-290 : Managing and Maintaining a Microsoft Windows Server 2003: Managing Users, Computers and Groups. Configure access to shared folders. Managing and Maintaining

More information

Loophole+ with Ethical Hacking and Penetration Testing

Loophole+ with Ethical Hacking and Penetration Testing Loophole+ with Ethical Hacking and Penetration Testing Duration Lecture and Demonstration: 15 Hours Security Challenge: 01 Hours Introduction Security can't be guaranteed. As Clint Eastwood once said,

More information

Windows Remote Access

Windows Remote Access Windows Remote Access A newsletter for IT Professionals Education Sector Updates Issue 1 I. Background of Remote Desktop for Windows Remote Desktop Protocol (RDP) is a proprietary protocol developed by

More information

Medical Device Security Health Group Digital Output

Medical Device Security Health Group Digital Output Medical Device Security Health Group Digital Output Security Assessment Report for the Kodak Color Medical Imager 1000 (CMI-1000) Software Version 1.1 Part Number 1G0434 Revision 2.0 June 21, 2005 CMI-1000

More information

Windows Operating Systems. Basic Security

Windows Operating Systems. Basic Security Windows Operating Systems Basic Security Objectives Explain Windows Operating System (OS) common configurations Recognize OS related threats Apply major steps in securing the OS Windows Operating System

More information

IT Networking and Security

IT Networking and Security elearning Course Outlines IT Networking and Security powered by Calibrate elearning Course Outline CompTIA A+ 801: Fundamentals of Computer Hardware/Software powered by Calibrate www.medallionlearning.com

More information

Malicious Network Traffic Analysis

Malicious Network Traffic Analysis Malicious Network Traffic Analysis Uncover system intrusions by identifying malicious network activity. There are a tremendous amount of network based attacks to be aware of on the internet today and the

More information

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster Security Standards Symantec shall maintain administrative, technical, and physical safeguards for the Symantec Network designed to (i) protect the security and integrity of the Symantec Network, and (ii)

More information

CompTIA Network+ (Exam N10-005)

CompTIA Network+ (Exam N10-005) CompTIA Network+ (Exam N10-005) Length: Location: Language(s): Audience(s): Level: Vendor: Type: Delivery Method: 5 Days 182, Broadway, Newmarket, Auckland English, Entry Level IT Professionals Intermediate

More information

ANNEXURE-1 TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/1896. Network Security Software Nessus- Technical Details

ANNEXURE-1 TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/1896. Network Security Software Nessus- Technical Details Sub: Supply, Installation, setup and testing of Tenable Network Security Nessus vulnerability scanner professional version 6 or latest for scanning the LAN, VLAN, VPN and IPs with 3 years License/Subscription

More information

Linux Server Support by Applied Technology Research Center. Proxy Server Configuration

Linux Server Support by Applied Technology Research Center. Proxy Server Configuration Linux Server Support by Applied Technology Research Center Proxy Server Configuration We configure squid for your LAN. Including transparent for HTTP and proxy for HTTPS. We also provide basic training

More information

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus National Cyber League Certified Ethical Hacker (CEH) TM Syllabus Note to Faculty This NCL Syllabus is intended as a supplement to courses that are based on the EC- Council Certified Ethical Hacker TM (CEHv8)

More information

Firewalls, Tunnels, and Network Intrusion Detection

Firewalls, Tunnels, and Network Intrusion Detection Firewalls, Tunnels, and Network Intrusion Detection 1 Part 1: Firewall as a Technique to create a virtual security wall separating your organization from the wild west of the public internet 2 1 Firewalls

More information

Ovation Security Center Data Sheet

Ovation Security Center Data Sheet Features Scans for vulnerabilities Discovers assets Deploys security patches easily Allows only white-listed applications in workstations to run Provides virus protection for Ovation Windows stations Aggregates,

More information

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design Learning Objectives Identify common misconceptions about firewalls Explain why a firewall

More information

How are we keeping Hackers away from our UCD networks and computer systems?

How are we keeping Hackers away from our UCD networks and computer systems? How are we keeping Hackers away from our UCD networks and computer systems? Cybercrime Sony's Hacking Scandal Could Cost The Company $100 Million - http://www.businessinsider.com/sonys-hacking-scandal-could-cost-the-company-100-million-2014-12

More information

MCSE Objectives. Exam 70-236: TS:Exchange Server 2007, Configuring

MCSE Objectives. Exam 70-236: TS:Exchange Server 2007, Configuring MCSE Objectives Exam 70-236: TS:Exchange Server 2007, Configuring Installing and Configuring Microsoft Exchange Servers Prepare the infrastructure for Exchange installation. Prepare the servers for Exchange

More information

A Decision Maker s Guide to Securing an IT Infrastructure

A Decision Maker s Guide to Securing an IT Infrastructure A Decision Maker s Guide to Securing an IT Infrastructure A Rackspace White Paper Spring 2010 Summary With so many malicious attacks taking place now, securing an IT infrastructure is vital. The purpose

More information

74% 96 Action Items. Compliance

74% 96 Action Items. Compliance Compliance Report PCI DSS 2.0 Generated by Check Point Compliance Blade, on July 02, 2013 11:12 AM 1 74% Compliance 96 Action Items Upcoming 0 items About PCI DSS 2.0 PCI-DSS is a legal obligation mandated

More information

McAfee Next Generation Firewall (NGFW) Administration Course

McAfee Next Generation Firewall (NGFW) Administration Course McAfee Product Education McAfee Next Generation Firewall (NGFW) Administration Course The McAfee NGFW Administration course from Education Services provides attendees with hands-on training on the design,

More information

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits) Page 1 of 6 Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits) TNCC Cybersecurity Program web page: http://tncc.edu/programs/cyber-security Course Description: Encompasses

More information

Web Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability

Web Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability Web Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability WWW Based upon HTTP and HTML Runs in TCP s application layer Runs on top of the Internet Used to exchange

More information

Ovation Security Center Data Sheet

Ovation Security Center Data Sheet Features Scans for vulnerabilities Discovers assets Deploys security patches transparently Allows only white-listed applications to run in workstations Provides virus protection for Ovation Windows workstations

More information

Introduction to Cyber Security / Information Security

Introduction to Cyber Security / Information Security Introduction to Cyber Security / Information Security Syllabus for Introduction to Cyber Security / Information Security program * for students of University of Pune is given below. The program will be

More information

Linux Network Security

Linux Network Security Linux Network Security Course ID SEC220 Course Description This extremely popular class focuses on network security, and makes an excellent companion class to the GL550: Host Security course. Protocols

More information

Module 3: Resolve Software Failure This module explains how to fix problems with applications that have problems after being installed.

Module 3: Resolve Software Failure This module explains how to fix problems with applications that have problems after being installed. CÔNG TY CỔ PHẦN TRƯỜNG CNTT TÂN ĐỨC TAN DUC INFORMATION TECHNOLOGY SCHOOL JSC LEARN MORE WITH LESS! 50331 - Windows 7, Enterprise Desktop Support Technician Duration: 5 days About this Course This five-day

More information

Hack Proofing Your Organization

Hack Proofing Your Organization Hack Proofing Your Organization Who am I Gary Bates Director of Information Services for the City of Harker Heights Microsoft Certified System Engineer Microsoft Certified Information Technology Professional

More information

TESTING OUR SECURITY DEFENCES

TESTING OUR SECURITY DEFENCES INFOSECURITY WITH PLYMOUTH UNIVERSITY TESTING OUR SECURITY DEFENCES Dr Maria Papadaki maria.papadaki@plymouth.ac.uk 1 1 Do we need to test our defences? Can penetration testing help to improve security?

More information

Windows 7, Enterprise Desktop Support Technician

Windows 7, Enterprise Desktop Support Technician Course 50331D: Windows 7, Enterprise Desktop Support Technician Page 1 of 11 Windows 7, Enterprise Desktop Support Technician Course 50331D: 4 days; Instructor-Led Introduction This four-day instructor-ledcourse

More information

INCIDENT RESPONSE CHECKLIST

INCIDENT RESPONSE CHECKLIST INCIDENT RESPONSE CHECKLIST The purpose of this checklist is to provide clients of Kivu Consulting, Inc. with guidance in the initial stages of an actual or possible data breach. Clients are encouraged

More information

NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense

NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense Cyber Investigations Data Management Systems Security Data Security Analysis Digital Forensics Health Care Security Industrial

More information

Cisco Advanced Services for Network Security

Cisco Advanced Services for Network Security Data Sheet Cisco Advanced Services for Network Security IP Communications networking the convergence of data, voice, and video onto a single network offers opportunities for reducing communication costs

More information

Cybersecurity Foundations

Cybersecurity Foundations Cybersecurity Foundations Course Number: 13198 Category: Technical Applications Duration: 5 Days Overview When you consider just a few of the consequences of a security breach - your proprietary information

More information

Guideline on Auditing and Log Management

Guideline on Auditing and Log Management CMSGu2012-05 Mauritian Computer Emergency Response Team CERT-MU SECURITY GUIDELINE 2011-02 Enhancing Cyber Security in Mauritius Guideline on Auditing and Log Management National Computer Board Mauritius

More information

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

2. From a control perspective, the PRIMARY objective of classifying information assets is to: MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected

More information

CompTIA Security+ Certification Study Guide. (Exam SYO-301) Glen E. Clarke. Gravu Hill

CompTIA Security+ Certification Study Guide. (Exam SYO-301) Glen E. Clarke. Gravu Hill CompTIA Security+ Certification Study Guide (Exam SYO-301) Glen E. Clarke McGraw-Hill is an independent entity from CompTIA,This publication and CD may be used in assisting students to prepare for the

More information

FREQUENTLY ASKED QUESTIONS

FREQUENTLY ASKED QUESTIONS FREQUENTLY ASKED QUESTIONS Secure Bytes, October 2011 This document is confidential and for the use of a Secure Bytes client only. The information contained herein is the property of Secure Bytes and may

More information

Track 2: Introductory Track PREREQUISITE: BASIC COMPUTER EXPERIENCE

Track 2: Introductory Track PREREQUISITE: BASIC COMPUTER EXPERIENCE Anne Arundel Community College Tracks Anne Arundel Community College s computer technologies courses have been organized into 10 suggested tracks. The tracks are arranged to ensure that students have the

More information

Network/Internet Forensic and Intrusion Log Analysis

Network/Internet Forensic and Intrusion Log Analysis Course Introduction Enterprises all over the globe are compromised remotely by malicious hackers each day. Credit card numbers, proprietary information, account usernames and passwords, and a wealth of

More information

Implementing Cisco IOS Network Security

Implementing Cisco IOS Network Security Implementing Cisco IOS Network Security IINS v3.0; 5 Days, Instructor-led Course Description Implementing Cisco Network Security (IINS) v3.0 is a 5-day instructor-led course focusing on security principles

More information