0

Cyber Security

Security Management

  • What is Security Operations
  • Finding the sweet spot
  • Security and Control
  • Security Goals
  • Reliability vs Security
  • Typical Security Flaws

Incident Response & Continuity Management

  • Incident Response vs Business Continuity
  • Incident Response Plans
  • Business Continuity Plans
  • GRC Information Security Basics + PCI DSS Basic
  • ISO27001 Implementation
  • Risk Assessment
  • PCI DSS

Security Education

  • Data Protection
  • Data Leakage Prevention (High Level)
  • Enterprise Data Encryption & Data Masking (High Level)
  • Data Discovery & Data Classification (High Level Overview)
  • SOC Security Operation Center – Incident Management Basics + SIEM Tool Basic Concepts
  • Cyber Threats + Malware Analysis
  • SIEM Architecture and its Components

Security Information Event Management

  • SIEM Processes & Architecture
  • SIEM Features & Functions
  • Security Auditing
  • Event Definition
  • Audit Logs – What to Collect from Where
  • Data Analysis

Vulnerability Management

  • Vulnerability Management Process
  • Vulnerability Scanning
  • Remediation

Threat Detection

  • Intruder Behaviour
  • IDS Systems
  • Anomaly Detection
  • HIDS & NIDS
  • Open Source IDS
  • Honeypots
  • Advanced Threats

Security Assessments

  • Penetration Testing
  • Scanning (NMap)
  • Firewall & IDS Evasion
  • Kali Linux
  • Metasploit
  • Meterpreter
  • Hydra
  • Social Engineering Toolkit

Simulated Attack – Defend – Attack

  • Additional LABs and SOC Process Adherence
  • Live security and attack events will be generated, and participants will observe relevance and classify further action as per SOC operational procedures.

Introduction to Common Threats/Tools and Their Countermeasures

  • Network and Security Monitoring Tools: SIEM (Arcsight / QRadar / McAfee Security Logger / SolarWinds), Syslog Server
  • Identification of Security Threats and Events: Port Scan, Host Scan, IP Floods (SYN Flood, UDP Flood, Ping Flood), Virus Outbreaks, Buffer Overflow, SQL Injections, Web and App Vulnerabilities, Honeypots, Weak Security Controls
  • Cyber Security Threat Landscape and Mitigation Methods: SNMP, Syslog
  • Security Event Analysis and Handling Threat Events
  • Minimizing False Positives and Handling Massive Alert Storms
  • Advanced Persistent Threat
  • Zero-Day Malware Attacks and Prevention
  • Sandboxing – Cloud and Private

Overview and Demonstration of Commonly Generated Security Events

  • Firewalls (Layer 4 & WAF): Clear Text Sessions, SSL/HTTPS Decryption, Misuse of Non-Encrypted Communication, Long Session Timeouts
  • IPS: Network/IP Scans, Host/Port Scans, HTTP Tunneling, Security Bypass Attempts
  • Antivirus/Client Systems: OS & Browser Vulnerabilities, Malware Outbreaks, Unmanaged or Partially Secured Clients
  • Servers: Weak Authentication, Insecure Applications, HTTP vs HTTPS Security, Resource Overflows
  • Network Routers: Cleartext Authentication, IP Spoofing, Unauthenticated Routing
  • Wireless: Weak Authentication, Packet Sniffing
  • Switches: Layer 2 (MAC/ARP) Vulnerabilities, Man-in-the-Middle Attacks
  • Mail Servers: Clear Text vs Protected Mail, Mail Floods, SMTP/TLS Issues, Spam Handling
Fee: Rs 12,499 + 18% GST

or Click here to Register

Enquiry Form
close slider











    Please prove you are human by selecting the flag.