Cyber Security Expert®
Cyber Security Expert®
8 Days, 5 Professional Certifications
This course is designed for Cybersecurity Engineering Experts® who desire to possess the right skill sets for architecting, engineering, designing and planning cybersecurity solutions across industries. It covers the engineering concepts, challenges, capacities, plans and strategies as well as how cybersecurity applies to application technology aspects and deciding factors in determining and implementing best engineering course of action principles. The CSE® certification strengthens the engineering strategy, design, solution selection and awareness of future technologies, leading to effective engineering of cybersecurity solution by enhancing and preparing professionals for process advancements
Upcoming CSE℠ Events
Sorry no post found.
Course Description
This course is designed for Cybersecurity Engineering Experts® who desire to possess the right skill sets for architecting, engineering, designing and planning cybersecurity solutions across industries. It covers the engineering concepts, challenges, capacities, plans and strategies as well as how cybersecurity applies to application technology aspects and deciding factors in determining and implementing best engineering course of action principles. The CSE® certification strengthens the engineering strategy, design, solution selection and awareness of future technologies, leading to effective engineering of cybersecurity solution by enhancing and preparing professionals for process advancements
Who should take this course?
- Managers
- Executives
- Directors
- Strategic Planners
- Professionals
what you study
The CSE® course focuses on best practices to be applied, methodologies and approach to enhance the long-run objectives as well as Cybersecurity deep understanding of the engineering requirements for an effective and cybersecure application and the application ecosystems.
Learning Outcomes
This course teaches how to streamline cybersecurity engineering architecture and design processes, increase efficiency and strengthened design posture whilst maintaining a highly Cybersecure Application Ecosystem. The core concepts are based on demonstrated principles, which are optimized from lessons learned from Cybersecurity front-runners.
Prerequisites
- None.
Course Features
- CSIS®
- CSES®
- CSTP®
Day 1
Introduction
Cybersecurity Overview
The outset of Cybersecurity
Governance
Risk Integration
Legislative Requirement
Security Requirement
Internal Threats
External Threats
Physical Security Threats
Cybercrime: Leading Business Risk Globally
Major Cyber Breaches
Cybersecurity Complexity
Infinity Paradigm
Definition of Cybersecurity
Cybersecurity Principles
Cybersecurity Principles
The Layers
The Four Principles
Principle 1 & its key Activities
Principle 2 & its key Activities
Principle 3 & its key Activities
Principle 4 & its key Activities
Cybersecurity Dimensions: Attack & Defense
Cybersecurity Attack
Security Threat to Networks
Two types of Attacks
Stages of an Attack
Cybersecurity Defense
Layered Security & Configuration of Perimeter
Firewall
Intrusion Detection & Penetration System
Cybersecurity Risk & Consequences
Consequences of Attack
Maturity
Culture Shift
Appetite
Advice
Putting a Price on Risk
Day 2
Cybersecurity Trends
Understanding the threat landscape
Common Threat Agents and Vulnerabilities
Zero-Day Vulnerabilities
Attributes of Cyber Attack
Understanding the attributes of an Attack
Malware & Types of attack
Obfuscation and Mutations in Malware
Weaknesses of Existing Cybersecurity Standards
Available standards
Weaknesses of existing standards
Why IDCA is critical to filling the gaps
Network Access Control & Wireless Network Security
An Overview of Network Access Control (NAC)
NAC Policies
The Network Access Control/Network Access Protection (NAC/NAP) Client/Agent
The Enforcement Points
Enforcement Point Action
Authentication and Authorization
NIST & Cybersecurity
ISO 27001 For Information Security
Cybersecurity in Cloud
Types of Cloud Assets
Compute Assets
Storage Assets
Network Assets
Asset Management Pipeline
Procurement Leaks
Processing Leaks
Finding Leaks
Protecting data in the cloud
Tokenization
Encryption
Cybersecurity for IoT and Edge/or 5G Computing
IoT Security Challenges & Landscape
Why IoT Security devices are targeted
Edge Motivation
Edge Definition
Evolution of IT Computing Models
Advantages of Edge Computing
Edge Layered Stack
OWASP (Open Web Application Security Project) Top 10 Internet of Things
Examination
Day 1
Introduction
Secure by Design Principles
Five Principles for Design of Cybersecurity Systems
Before Designing a system, the Context must be Established
Make it very Difficult for Attackers to Compromise your AE
The Design Must Make AE Downtime Very Difficult to Occur
Being Able to Detect Attacks
Reduce the Impact Should an Attack Occur
Application Security Architecture
The Application Ecosystem
Application Security
Application Architecture
TOGAF Security Architecture Phases
SABSA Secure Application Development
Application Security Architecture Governance
Application Architecture Security Checklist
Operating Systems & Virtualization
Overview
Attacker Model
Operating System Role and its Security Design Considerations
Symmetric Key Ciphers & Wireless LAN Security
Overview
Block Ciphers
The Feistel Function in a DES Operation
Triple DES (3DES)
AES Encryption and why it was Developed
128vs129vs256-Bit AES
Security Challenges with AES
Confidentiality Modes
Stream Cipher
WLAN Security Journey
Wi-Fi Protected Setup (WPS)
Day 2
Hash & Authentication
Overview
Hash Function Properties
Authentication
Hash Function Properties
Hash Function History
Issues with SHA2
Migration to SHA-3
Hash Message Authentication Code (HMAC)
Key Derivation Function (KDF) & Pseudorandom Function (PRF)
Authentication Based Password
Dictionary Attack
Malware Password Cracking Technique
Unix Encrypted Password System
UNIX/LINUX Password Hash
The MD-5 Based Scheme
SSHA Scheme
Automated Password Generator
Online Authentication
One-Time Password (OTP) & Token
SecurID Simple Authentication & Security (SASL)
HMAC-Based One-Time Password (HOTP)
Cryptographic Token Initialization
Data Encryption
Overview
The Need for Data Encryption
Case Study
Mathematical Introduction to Cryptography
Classical Cryptography
Euclidean Algorithm
Modular Arithmetic
Public Key Cryptographic Infrastructure and Certificates
Overview
The Need for Data Encryption
Case Study
Mathematical Introduction to Cryptography
Classical Cryptography
Euclidean Algorithm
Modular Arithmetic
Data Protection: Using Transport Layer Security
About TLS
Deploying TLS for Web Servers
TLS Secure Configuration Recommended
Protecting Mail Servers with TLS
Choosing Certificate Authority
CA Choice
Testing
TLS Recommended Cryptographic Profiles
Day 3
Transport Layer Security v1.3
TLS 1.2 vs TLS1.3 – How they differ
Removed Algorithms and Ciphers
Faster and Refined Handshake
AEAD Bulk Encryption
Simplified Ciphers Suites
Support
Upgrade
Troubleshooting Common Errors
Running Old Versions
Virtual Private Networks for Network Layer Security
Network Security Overview
Internet Protocol Security (IPSec)
IPSec Services
IPSec Modes
Security Association
The Encapsulating Security Protocol (ESP)
The Authentication Header
Anti-Replay Service
The internet Key Exchange (IKE)
Hardware Security
Hardware Design Process Brief Overview
Trust Root
Threat Model
Hardware Security Measurement
IoT Platforms Security Evaluation Standard
Secure Platform
Secure Element and Smartcard
Trusted Platform Module
Web & Mobile Security
Security Challenges
Background
Web & Mobile Ecosystem
Appification
OWASP Top 10 Mobile Security Risk unpacked
Examination
Day 1
Network Security Systems Technologies
Network Access Control
ZTNA (Zero Trust Network Access) as a Service
Network Detection and Response (NDR)
Unified Threat Management (UTM)
Microsegmentation Software
Firewalls
Intrusion Detection and Prevention Software
SSL/TLS Decryption
SSL VPN
Firewall Security Management
Advanced Threat Protection
IoT Security
Enterprise Infrastructure VPN
Enterprise Networking Technologies
Network Virtualization
Wireless LAN
Wireless WAN
WAN Edge
Web Security Gateways
Internet Management Technologies
Internet Security
DNS Security
Security Services Technologies
Managed Security Services
Customer Identity and Access Management
Managed Detection and Response (MDR)
Web Application Firewall (WAF)
DDoS
Privileged Access Management
Application Security Technologies
Application Security
Software Configuration Management
Patch Management
Day 2
Security Software Technologies:
Virtualization Security
Mobile Identity Solutions
Container Security
Threat Intelligence Platforms
Security Incident Response
Directory Servers
Active Directory Bridge
Digital Asset Security Platforms
Extended Detection and Response (XDR)
Endpoint Detection and Response (EDR)
Cloud Workload Security
Mobile Threat Defense
Single Sign-On (SSO)
Data Loss Prevention
Security Information and Event Management (SIEM)
Vulnerability Management
Endpoint Protection (EPP) for Business
Fraud Detection and Prevention
Web Content Filtering
Identity Management (IM)
Endpoint Encryption
Mobile Data Protection
Cloud Access Security Brokers
Access Management
Security Orchestration Automation and Response (SOAR)
Active Directory Management
Secure Access Service Edge (SASE)
Enterprise Password Managers
User Behavior Analytics - UEBA
Cloud and Data Center Security
Endpoint Compliance
Identity and Access Management as a Service (IDaaS)
Anti-Malware Tools
Day 3
Access Control Technologies:
Physical Access Control
Barriers
Bollards
Turnstiles and Portals
Guard Facilities
Token and Cipher Systems:
Identification Cards and Badges
Keycard Door Systems
Cipher Lock
Magnetic Stripe Cards
Contact Smart Card
Contactless Smart Card
Wiegand Cards
Key Fobs
Biometric Access Control Technologies:
Facial Recognition
Fingerprint Recognition
Hand/Finger Geometry Recognition
Vascular Pattern Recognition
Iris Recognition
Retina Scan
Voice Recognition
Signature Dynamics Recognition
Multimodal