IT security in action: detecting, fending off and preventing cyber attacks
.svg)
.svg)
.svg)
Machine Learning Engineer
1. basics of cyber security
- Hacking versus IT security
- Attackers, motivations and tactics
- General definitions and important metrics
- Attack techniques and tactics according to Mitre Att&ck
2. initial infections
- Different types of social engineering
- Password-based procedures
- Advantages and disadvantages of password policies
- Phishing and bypassing MFA / 2FA
- Attacks on Microsoft 365 systems
- Adversary-in-the-browser attacks
- Browser-in-the-browser attacks
- Recognize and prevent phishing
- Browser-based types of attack
- Attacks with peripheral devices
- Exploit engineering versus social engineering
3. Infrastructure security
- Introduction of the attack chain
- Enumeration and footprinting
- Discovery and port scanning
- Offline cracking via hashing process
- Reverse and bind shells
- Assessment of vulnerabilities
- Command injections, webshells and SSRF
- Introduction to Metasploit
4. linux security
- Linux-Exploitation
- Lateral movement and pivoting
- Privilege Escalation
- Post Exploitation
4. windows security
- Windows security basics
- The Windows Credential System
- IPS invasion
- Pivoting
- Memory Corruptions
- Exploit Mitigations
- Meterpreter
- Keylogging
- Client-Side-Exploitation
- The Sysinternals Suite
- Library hijacking
5. Active Directory security
- Active Directory basics
- Coercion attacks
- Pass the Hash (PTH) and Pass the Ticket (PTT)
- AD persistence (Golden Tickets and Silver Tickets)
- Impersonation
- Kerberoasting
- Over-pass the hash / Pass the key
- Skeleton Key
- Machine Account Quota
- AdminSDHolder
- Enterprise Access Model
- Privileged Acess Workstations
6. post exploitation
- Native and meterpreter commands for post exploitation
- Living-off-the-land attacks
- Fileless malware
- Lateral Movement (RDP, WMI, WinRM, DCOM RPC)
7. defense-in-depth
- Introduction to the Defense-in-Depth concept
- Hardening of Windows and Active Directory
- The kill chain
- Network defense
- Basics of the ISMS
- Threat modeling and protecting crown jewels
- Development and operation of Security Operations Centers (SOC)
- Incident response guidelines
- Threat intelligence
8. ransomware
- Preventive and secure backup strategies
- Disaster recovery with RPO and RTO
- Restoration of data
- Protective measures against ransomware
- Weighing up: To pay or not to pay?
- Decryption considerations
- Overview of ransomware tools
9. case studies and practical exercises
This course offers a curriculum that consists largely of practical exercises and case studies. As a result, the essential safety concepts are covered in depth. Each topic has been carefully selected to provide participants with both the necessary knowledge and practical skills that can be immediately applied in their daily work.
You can make sensible decisions in your daily work environment to improve IT security efficiently and sustainably.
Numerous practical exercises will enable you to recognize and fend off attacks and close existing security gaps.
You will learn how to fend off 0-day and 1-day attacks and meet the technical and organizational requirements of the GDPR and NIS2 regulations.
You will gain an overview and in-depth knowledge of attack vectors as well as response and protection measures.
You will learn how to deal with the constantly changing challenges in the field of cyber security.
This training training is conducted in a group of a maximum of 15 participants using the Zoom video conferencing software.
Individual support from the trainers is guaranteed - in the virtual classroom or individually in break-out sessions.
every participant is given access to an IT security lab, a virtual environment in which a company network is simulated - with various operating systems (Windows, Linux, BSD), servers, clients, firewalls, PDCs, proxies, NG firewalls, IPS, WAF and endpoint protection. Various security exercises are carried out in the lab. The IT Security Lab can be accessed online via a web browser.
This course is aimed at IT security officers, IT administrators (client, server, network), programmers, engineers engineers and employees in Security Operations Centers (SOC) as well as anyone who wants to look at security risks through the eyes of the attacker and develop better solution scenarios.
Initial experience in the operation and administration of IT systems (Windows and Linux) and basic knowledge of IT security are required.
.svg)
