MARCRAFT Cyber Security Essentials

  

Email
Category:

Description

Cybersecurity skills are in high demand, as threats continue to plague enterprises around the world.

This package includes:

In today’s global IT environment, cybersecurity goes well beyond traditional network security.

Based on the Cybersecurity Frameworks established by the National Institute of Standards and Technology (NIST), Marcraft’s Cybersecurity Essentials – Concepts and Practices course covers both theory and hands-on labs.  Topics in this 180-hour course include:

  • Critical Infrastructure Security Systems and Devices
  • Intelligent Computing and Controlling Devices and Systems Security
  • Business Information Technology (IT) Network Security Systems and Techniques
  • Industrial/Utility Industrial Control System (ICS) Networks and Devices Security
  • Medical Network and Data System Security
  • Ethical Hacking Roles and Tools

Concepts & Practices

INFRASTRUCTURE SECURITY

    • Access Control & Security Policies
    • Physical Security Controls
    • Authentication Systems
    • Biometric Scanners
    • Remote Access Monitoring
    • Security Controllers
    • Sensors
    • Keypads
    • Output Devices
    • Camera Specifications & Deployment Strategies
    • Video Recorders, Switchers & Monitors

LOCAL HOST SECURITY

    • Securing Outer Perimeter Portals
    • BIOS Security Subsystems
    • Local System Hardening
    • Physical Port Access
    • BIOS Port Enabling Functions
    • Removable Media Access
    • BIOS Boot Device/Sequence Controls
    • Operating Systems
    • OS Kernel & File System Security
    • File System Attacks
    • Common Operating System Security Tools
    • Physical Authentication Devices
    • Using Local Administrative Tools
    • Event Logging and Auditing
    • Implementing Data Encryption
    • Implementing Local Protection Tools
    • Software-Based Local Firewalls
    • Using Local Intrusion Detection Tools
    • Configuring Browser Security Options
    • Malicious Software Protection
    • Hardening Operating Systems
    • Overseeing Application Software Security
    • Software Exploitation
    • Applying Software Updates and Patches

LOCAL NETWORK SECURITY

    • OSI Model
    • Networking Topologies & Protocols
    • Network Control Strategies
    • Physical Server Access Control
    • Server Software Security
    • Configuring/Hardening Server OS
    • User Accounts
    • Network Authentication Options
    • Establishing Resource Controls
    • Conducting Backups
    • Distributed Intrusion Detection Architectures
    • Vulnerability Scanning
    • Remote Monitoring
    • Simple Network Management Protocol
    • Network Connectivity Devices
    • Network Connectivity Device Vulnerabilities
    • Network Transmission Media Security
    • Network Hardening

CYBER SECURITY

    • Basic Internet Concepts
    • Internet Services
    • Standards and RFCs
    • Network Address Translation
    • Port Address Translation
    • Port Forwarding or Mapping
    • Network Segmentation
    • Software-Defined Networking
    • Network Virtualization
    • VLANs
    • Firewalls
    • Network Appliances
    • Proxy Servers
    • DMZs
    • Implementing Security
    • IP and MAC Authentication
    • Authentication Protocols
    • Encryption
    • Digital Certificates
    • Hash Tables
    • Basic Tools
    • Monitoring Tools and Software
    • Zero-Day Vulnerabilities
    • SQL Injection
    • Social Engineering Exploits
    • Network Threats and Attacks
    • Dictionary Attacks
    • Denial of Service Attacks
    • Tarpitting
    • Spam
    • Other Exploits

ENVIRONMENTS & TESTING

ENTERPRISE NETWORK SECURITY

    • Common Enterprise Network Security Structures
    • Storage Virtualization
    • VLAN Attacks
    • Network Segmentation
    • VLAN Network Segmentation
    • Controlling Intersegment Data Movement
    • Tunneling
    • ACL/Network Layer Security
    • Configuring Access Control Lists
    • Configuring Services and Protocols
    • Small Business Zoning
    • Flat Business Networks
    • Front-End & Mid-Tier Servers
    • Back-End Database Servers
    • Risk Management & Mitigation
    • Incident Response Planning
    • Business Continuity Planning
    • Disaster Recovery Planning
    • Environmental Security Activities
    • Employee Awareness and Training
    • Acceptable Use, Due Care & Privacy
    • Separation of Duties & Need-to-Know
    • Privilege Management
    • Password Management Policies

INDUSTRIAL CYBER SECURITY SYSTEMS

    • Open & Closed Loop Control Systems
    • Dedicated & Distributed Control Systems
    • Industrial Sensors
    • Final Control Elements/Actuators
    • Industrial Process Controllers
    • Field Devices
    • Industrial Networks
    • SCADA for Process Control
    • Common Industrial Network Structures
    • Industrial Network Communication Media
    • Asynchronous Serial Standards
    • Ethernet Networking
    • Remote Access Communication Media
    • Industrial Network Protocols
    • Utility Generation Control Networks
    • Utility Distribution Control Networks
    • Utility Data Collection Networks
    • Smart Meters
    • Customer Data Management Systems
    • Industrial and Utility Network Security
    • Global Security Standards, Practices, & Regulations
    • Boundary Protection
    • Wide Area Network Security
    • SCADA Security
    • ICS Risk Assessments

MEDICAL NETWORK SECURITY

    • VoIP Phone Systems
    • Medical Records Security
    • Electronic Health Records
    • Government Regulations
    • Clinical Document Architecture
    • Data Segmentation for Privacy
    • Access Control
    • Audit Controls
    • Data Storage and Retention
    • Data Purging and Destruction
    • Backup and Recovery
    • PACS
    • Vendor Neutral Archives
    • Radiology Information Systems
    • DICOM
    • Digital Signatures
    • Metadata
    • Transmission Security
    • e-Prescribing Systems
    • Medical Diagnostic Instrumentation
    • Wireless Technologies
    • Telemetry Applications
    • Wireless Sensor Networks
    • The Internet of Things
    • Exploiting Mobile Devices

INTRODUCTION TO ETHICAL HACKING

    • Ethical and Legal Hacking
    • Black, White & Gray Hats
    • Security Breach Examples
    • The Lockheed Martin Cyber Kill Chain
    • Network Enumeration/Port Scanning
    • Social Engineering
    • The Pentest Process
    • IP Header Manipulation
    • Defending Against IP Spoofing
    • Session Hijacking
    • MAC Spoofing & Flooding
    • ARP Spoofing/Poisoning
    • Man-in-the-Middle Attacks
    • DNS Spoofing & SQL Injection
    • DoS vs. DDoS Attacks
    • Ping Flood & Smurf Attacks
    • UDP & SYN Flood Attacks
    • Password Attacks
    • Wireless Attacks
    • Wardriving
    • Rogue Access Points
    • WEP Key Cracking
    • Beacon & Deauthenticate Flood
    • Documentation & Reporting

MARCRAFT also offers a high school level program for institutions looking to give students a head start into this growing industry.