Cyber Security Awareness for IT-Pros(with lab)
Delivery: classroom, hands on, lab // Duration: 1 day
This classroom training is aimed at IT specialists with administrative rights, i.e. primarily administrators, but also developers or architects who plan systems or set up and operate test environments. In this training course, the participants are shown the connection between their own behavior and effective cyber security through numerous demos and hands-on lab exercises. The participants work with their own laptops on virtual server systems and slip into the role of the attacker. They actively scan the systems for exploitable vulnerabilities, use current attack tools and hack into the course systems.
Learning Objectives
By the end of this course, students will be able to:
-
Understand the changing threat landscape and its impact on their jobs.
-
Understand why and how the resilience against cyber-attacks needs to be improved.
-
Understand the requirements in guidelines and instructions.
The participants will be positively disposed towards a required change in their own behavior, as they recognize their own benefit and the benefit for the company.
Course Content
-
Intro: AAdvanced Persistent Threats
-
APT attacks on the human factor
-
Social Engineering
-
Spear phishing
-
Trojans, viruses and USB gadgets
-
-
APT attacks on systems
-
Reconnaissance and analysis: port and vulnerability scans
-
Exploitation of vulnerabilities
-
Lateral movement: Credential Dumping and Pass the Hash/Ticket
-
-
What does the current security strategy look like?
-
Technology - Processes - People
-
Prevention - Detection - Response
-
-
Prevention: Improve your resilience
-
Hardening / Patching
-
What does hardening mean and why is compliance elementary?
-
Why do systems have to be patched promptly?
-
-
Secure Administration
-
Role Based Access Control (RBAC)
-
Password management & PIM/PAM solutions
-
-
Security Architectures
-
-
Detection & Response
-
SIEM systems
-
Malware analysis
-
-
Summary and Call to Action
Target Audience
This one-day course is aimed at IT specialists with administrative rights. The training is designed for Windows and Linux administrators as well.
Pre-requisite for Course Registration
Basic IT know-how of IT systems.
Certification
For the ISH Cyber Security Awareness for IT-Pros (with Lab) will be no certificate issued. You will receive a Confirmation of Participation at the end of the one day course.