Cyber Security – Bootcamp

Description:

Welcome to the Cybersecurity Boot Camp, a comprehensive 8-week program designed to equip participants with the skills and knowledge necessary to excel in the field of Cyber Security.

This boot camp will cover a wide range of topics related to cyber security such as access controls, network security, security operations. Students will get an understanding of Business Continuity Planning, Disaster Recovery Planning, and Incident Response Concepts. Learn about physical and logical access controls for an organization. Understand the concepts behind Confidentiality, Integrity, and Availability (CIA Triad) and handling risk management.

Immerse yourself in the dynamic realm of cybersecurity through real-world simulations, practical exercises, and a specialized focus on the CompTIA Cybersecurity Analyst (CYSA+) certification.

Students will then learn about network security including various types of attacks. There will be hands-on sessions for some of these topics. Understand security operations such as patch, configuration, change management.

This workshop will start with Agile Scrum Methodology since the whole workshop would be executed like an Agile project.

Students will then learn the basics of Linux and Bash Shell scripting, Python programming Fundamentals, and best practices.

Duration: 8 weeks

Course Code: BDT326

• Understanding of how computers work
• One or more years technical experience
• Programming experience with Python & SQL would be a plus.

• Candidates must understand how computer systems work and have some basic understanding of computer programming.

• Candidates must understand how computer systems work and have some basic understanding of computer programming.

Course Outline:

 Agile Scrum Methodology

• Scrum Introduction
• Scrum Team
• Scrum Artifacts
• Sprint Increment
• Spring planning.
• Backlog
• Retrospective
• Project description and Case Study
• Practice exam and Knowledge check.
• Certification (optional)

Python Programming – Fundamentals

1. Set up

• Set up development environment – Visual Studio Code
• Using python shell
• Executing python script
• Understanding python strings
• Print statements in Python.

2.Data Structures in python

• Integers
• Lists
• Dictionaries
• Tuple
• Sets
• File
• Mutable and Immutable structures

3.Selection and Looping Constructs

• If/else/elif statements
• Boolean type
• “in” membership
• For loop
• While Loop
• List and Dictionary Comprehension

4.Functions

• Defining functions
• Variable scope – Local and Global
• Arguments
• Polymorphisms

5.Modules

• Creating modules
• Importing Modules
• Different types of imports
• Dir and help
• Examining some built-in modules

SQL

• SQL Fundamentals
• Writing SQL Queries
• Working Tables and Indexes
• Predefined SQL functions
• Uses for SQL
• A/C/I/D
• Data Models
• Database Terminology
• Normalization
• First, Second & Third Normal Forms
• ANSI SQL
• Standardization & SQL Dialects
• DDL, DML, DTL, DQL, and DCL
• Data Integrity
• Types of Integrity
• Constraints
• Data Types
• Triggers
• What are Joins?
• Join Syntax
• Join Predicates
• Types of Joins
• The ‘using’ keyword

Core Linux Fundamentals:

 1. Basic Linux Tasks

• Linux and its history
• CLI and Shell
• Bash commands
• Man pages & other help resources

2.Users and Groups

• What are users and groups?
• Create, Modify and Delete users
• Create, Modify and Delete user groups
• Account profiles

3.File Permissions & Ownership

• File & Directory ownership
• Modifying permissions
• Special permissions and attributes

4.Storage

• Storage partitions
• Creating partitions
• Volumes and their management
• Mounting file systems
• Linux Directory structure

5.Files and Directories

• Working with text files
• Searching files
• Manipulating file outputs

6.Kernel Modules

• What are kernel modules
• The Linux Kernel
• Installing and Configuring Kernel modules
• Monitoring kernel modules

7.Linux Boot Process

• Linux boot process
• Linux boot components
• GRUB and configuring it

8.System Components

• Linux system components
• Localization options
• GUI
• Services
• CPU and Memory issues

9.Devices

• What are Linux devices?
• Configuring and Monitoring devices

10.Networking

• Linux server roles
• Connecting to a network
• Configuring network identity
• DHCP & DNS
• Cloud Technologies
• Virtualization technologies

11.Packages and Software

• Package managers
• Repositories

12.Securing Linux Systems

• Securing Linux Systems
• Cybersecurity best practices
• Encrypting Volume
• Configuring SSH
• Firewalls and configuring them
• Logging Services
• Backup, Restore and Verify data
• Compressing files

13.Bash Scripting

• Understanding shell scripting
• Bash shell fundamentals
• Scripting and programming
• Control statements

14.Task Automation

• What is task automation?
• Scheduling jobs
• Scheduling tasks
• Version Control System (Git)

Cyber Security Fundamentals:

 1. Security Principles

• Why Cybersecurity?
• Information security vs IT security vs Cybersecurity
• Privacy
• Basic Cybersecurity Terms
• Understanding CIA Triad
• Identity and Access Management
• Risk Management
• Access Control Categories
• Governance vs Management

2. Business Continuity Plan, Disaster Recovery Plan, and Incidence Response

• Business Continuity Planning – what it is and what is involved?
• Disaster Recovery Planning – purpose and objectives, MOR, MTD
• Incidents Response – monitoring & detection of security events

3. Access Control

• Physical Security = what is involved?
• Perimeter Defense
• Logical Access Control
• Central vs Decentralized Logical Access Controls
• Access Control: RBAC, ABAC, DAC

4. Network Security - I

• Network Basics and Definitions
• The OSI Model
• The TCP Model
• IP address, port number and MAC address
• IP protocols: SSL/TLS, IPSec, VPNs, SSH
• NAT: Network Address Translation
• Wireless networks

5. Network Security - II

• Understanding VLANs and Routers
• Software Defined Networks (SDNs)
• Attacks & Hackers
• Intrusion Detection & Prevention Systems (IDS-IPS)
• Firewalls and Next Generation firewalls
• Virtualization, Cloud and Distributed Computing
• Fault Tolerance
• Secure Design Principles

6. Variety of Attacks

1. Port scanning and firewalls

2. Hacker Attacks

• Password Attacks
• DoS and DDoS
• Network Attacks
• Man in the middle attack
• Social Engineering

3. Web Application Security

• SQL Injection
• Blind SQL injection
• Mitigating SQL injection attacks
• Vulnerability Management

4. Malware

• Introduction
• Viruses and Worms
• Trojans
• Spyware, Adware and Ransomware
• Logic Bombs and Rootkits
• Antimalware

7. Security Operations

• Configuration Management
• Patch Management
• Change Management
• Cryptography & Hashing
• Data handling, data storage and data retention
• Training and Awareness
• Social Engineering attacks

 8. Wireshark

• When to use a network sniffing tool,
• Complete basic configurations on the tool.
• Manipulate data in the application.
• Identify various traffic flows and protocols.
• Extract data and files from a PCAP Files
• Create a cyber incident Report.

9. Cloud Security

• Cloud Computing
• Shared Responsibility
• SASE (Secure Access Service Edge)

10. AI, Quantum Computing

• AI (Artificial Intelligence)
• Impact of AI on Cybersecurity
• Leveraging AI for security
• Quantum Computing and its impact on Cybersecurity

11. Laws, Regulations and Standards

• Factors Affecting the Regulations
• Widely Adopted Regulations (HIPAA, GDPR, CCPA, etc.)
• Compliance Frameworks (NIST, ISO, etc.)

12. Cybersecurity Tools

• Categories of Tools
• Selection of Tools

Continuous Integration & Continuous Deployment (CI/CD):

 1. Introduction to CI/CD

• Introduction to CI/CD
• Continuous Integration, Continuous Delivery, Continuous Deployment
• Continuous Integration pipelines
• Creating pipelines
• Automating Deployments

Project & Use Case

• Project Overview
• Complete projects to get experience and practice.
• Industry Use Case Studies

Certification

• Certification Overview
• Identify the right certification for you.
• Tips to prepare for certification.