Objectives
The program begins with an introductory level cybersecurity skills training, then progresses to advanced cybersecurity techniques such as reverse engineering, penetration testing techniques, and more. This training program will enable you to:
• Implement technical strategies, tools, and techniques to secure data and information for your organization
• Adhere to ethical security behavior to analyze and mitigate risks
• Understand security in cloud computing architecture in depth
• Understand legal requirements, privacy issues, and audit methodologies within a cloud environment
• Focus on IT compliance and enterprise systems integrity to create a more secure enterprise IT framework
what will you learn
1. Inactive survey conduct
Attackers spend 70-80 percent of their time gathering information about their target. Doing so answers a lot of questions that saves them time during the activity. It makes sense that you as a security professional would do the same. In this module, Passive Survey Conducting, you will learn about effective untraceable data collection, referred to as a survey. First, you will see what information can be discovered about your target using public and open source information. Next, you'll discover what WHOIS, nslookup, and even Google can reveal about your target. Finally, you'll explore some of the apps designed to help automate this stage of the survey. Upon completion of this unit, you will have the skills and knowledge of passive reconnaissance needed to perform penetration testing.
2. Take an active survey
So far, we've been "calm" about the survey. But the passive side is that we often don't see every system through passive ways. This was the active poll come to play. In this module, Conducting Active Reconnaissance, you will gain the ability to discover more network nodes and collect system information during penetration tests. First, you will learn how to discover all targets on a given network. Next, you will discover how to use enumeration to find services and even accounts on targets. Next, you'll see how to scan each point for vulnerabilities that could allow someone to gain unauthorized access to protected digital or electronic materials, and might get around routers or even firewalls to get in. Finally, you will explore how to research different types of scripts and some great tools to help automate your tasks. Upon completion of this course, you will have the skills and knowledge to discover many nodes, service accounts and even some of the vulnerabilities needed to cover every aspect of an active survey step in any pent-up engagement.
3. Gathering information and identifying weaknesses
Now that you have identified, enumerated, and exposed vulnerabilities through both active and passive reconnaissance efforts, you need to know what to do with that data. In this module Gathering Information and Identifying Weaknesses, you will learn basic knowledge and gain the ability to analyze the weaknesses that you have discovered. First, you will learn how to choose the right vulnerability scanner, whether it is open source, commercial, on-premises or cloud-based. Next, you will discover how to organize said data by classifying assets, identifying false positives and preparing for judgment. Finally, you will explore how to turn this data into actionable exploits. Upon completion of this unit, you will possess the skills and knowledge to analyze vulnerabilities or command you to prepare for the next stage of the penetration testing lifecycle.
4. Application testing
There are many different ways that software flaws can be exposed through design and implementation, so you will need to perform a variety of tests thoroughly to evaluate each application for which the company is responsible. In this module, Testing Applications, you will learn how to exploit vulnerabilities in web-based applications while participating. First, you will learn the commonalities between web applications. Once you understand this, you will be able to use this knowledge to your advantage. Next, you will explore the different types of authentication, injection, and web shell attacks that you can use to exploit these applications. Finally, you will use specific analysis techniques on compiled programs to see if you can compromise on these types of applications. Upon completion of this module, you will have the skills and knowledge of penetration testing needed to exploit most any application in any interaction.
5. Digital Forensics
This unit will teach you the basics of safety and evidence acquisition, examination and analysis to create a cybercrime timeline.
6. Digital Forensics: Getting Started with File Systems
Do you like the idea of being able to find what others can't? In this unit, Digital Forensics: Getting Started with File Systems, you'll dive into digital forensics and file systems and how digital forensics investigators use them to prove what happened or didn't happen on the system. You'll start by covering topics, such as paths, sectors, groups, blocks, and slack space. Next, you will explore in more depth Permissions and Metadata. Finally, you'll look at the timestamps, and jot it all down while using the autopsy as your tool. By the end of this course, you'll know how to navigate Autopsy and the original Windows, Linux, and Mac OS X operating systems to find forensic evidence at the file system level.
7. Kali Linux Digital Forensics Tools: Imaging and Hash
Kali Linux (formerly BackTrack) is known as the premier Linux distribution system for application and network penetration testers. Kali also includes many useful digital forensic tools for formal forensic investigations, IT problem solving, and learning about digital forensics. Professional digital forensic examiners, IT staff, and students new to digital forensics will all find the information and demonstrations of digital imaging and cryptographic hashing tools in this course extremely useful.
8. Practical coding using Python
Security is very important in today's world. In this module, Practical Coding with Python, you will learn the practical side of coding with the great programming language Python, and gain the confidence to master the skill of coding using real-life examples. First, you will learn about hashing algorithms. Next, you will discover symmetric encryption using Python. Finally, you will explore the many angles of asymmetric encryption using public and private keys. When you have finished this unit, you will have the necessary skills and knowledge about coding to use in your career.
9. Social Engineering with Social Engineering Toolkit
The Social Engineer Toolkit (SET) is an open source Python-based tool intended for penetration testing around social engineering. Vulnerability scanners will find security problems in computer systems. If you want a good tool, SET is here to help you assess your company's security cavity. In this module, Social Engineering Using the Social Engineer Toolkit, you will learn the social engineering attacks that SET supports. First, you will discover how a SET phishing attack works with an email attack. Next, you'll explore how to use a website attack vector, along with creating a payload and a listener. Next, you'll delve into powerful PowerShell attacks and how to take advantage of this command line tool to bypass security on Windows. Next, you'll explore the world of electronics to learn how to use the hardware-based module in SET. Finally, you will learn various ways to deal with the Social Engineer Toolkit, such as Wireless Access Point Attack, QRCode Generator, SMS Spoofing, and Infectious Media Generator. By the end of this unit, you will have the basic knowledge to use the social engineer's toolkit efficiently.
10. Penetration testing with Metasploit Framework
Penetration testing workflow is a huge challenge in our career as security professionals. In this unit course, Penetration Testing with Metasploit Framework, you will learn how to take your ethical hacking skills to the next level by using Metasploit in your career as a penetration tester. First, you will learn how to list and enumerate services. Then, you will discover new ways to exploit vulnerabilities. Finally, you will explore how to raise your privileges and move sideways on the network. Upon completion of this unit, you will possess the skills and knowledge needed to conduct a successful penetration test like a pro.
