Understand the basics of Cyber Security and why it is important in today’s context. Differentiate between Threats, Vulnerabilities, and risk. Various Cybersecurity domains and its application in the industry. CIA pillars of Cybersecurity. Understand why security Governance and compliance are important for various industries like BFSI manufacturing etc. What is Information security Risk and how it is important for an organization to consider for all its digital initiatives.
Class Discussion with Real Life examples
Understand the OS kernel basics, memory handling, I/O, and security architecture of the following- Windows, Linux, iOS, Android, etc. Objective of OS hardening CIS benchmark for OS hardening. OS Patching and its significance.
Class Discussion and Lab session
Define Network Security and what are the Network vulnerabilities. Types of network attacks and mitigation technologies. Understanding Identity security, Password, OTP, PIN, QR Code etc. Understanding how digital frauds are executed and how to prevent these attacks. Concepts of network function virtualization, network segmentation, and NAC improve security. Concepts of how web security works and can be improved. VLAN, VPN, VDI, etc.
Class Discussion and Lab session
Understand how a hacker plans to compromise a system. Define all steps of the cyber attack. Understand what all Tactics, Techniques, and Procedures are used by the attackers.
Class Discussion and Lab session
Understand Application vulnerabilities and attacks. Understand application development lifecycle and how security can be embedded from design stage. Understand various software development models – waterfall, agile etc. and benefits of DevOps, CI/CD pipeline. Understand OWASP Top 10 Application Vulnerabilities and how to mitigate. Understand Threat Models – STRIDE, DREAD, MART etc.
Class Discussion and Lab session
Understand Cloud architecture, security, vulnerabilities, attacks and mitigations. IaaS, PaaS, SaaS models. Responsibilities of Cloud service provider and cloud consumers. Differences between on-prem and cloud models. Various cloud service providers.
Class Discussion and Lab session
Understand the basics of Cryptography. Why it is used in context of Confidentiality and integrity. Understand Digital Certificate, Digital Sign, and various cryptographic usage in digital domains like HTTPS, SSL, TLS, IPSec, AES, RSA, etc.
Classroom discussion
Understanding the basics, differences, and applicability of the following standards and frameworks in the industry: NIST SP 800-53, NIST CSF, ISO 27001, 27018, 27031, 27037, 27040, 27799, COBIT, CIS Controls, SANS Top 20, HITRUST CSF, PCI-DSS, OWASP Top 10.
Classroom discussion
Understand the fundamentals of AI and ML. How this is different from conventional software platforms. Understand the vulnerabilities, threats, and attacks on AI systems. Understand the MITRE ATT&CK – ATLAS framework for AI security. Understanding ISO CD 27090.
Classroom discussion
Understanding the vulnerability assessment technology, process, and tools. Why it is important and relevant for information security. Why risk-based vulnerability is gaining popularity. Why pen-test is important. Role of RED, BLUE, and PURPLE team. Various tools used by these teams.
Classroom and Lab sessions
Understanding security monitoring and the role of Security Operation Centre (SOC). What a SOC delivers to the organization. How SOC helps an organization to detect/protect from cyber attacks. Why threat intelligence is important and how it helps in overall security infrastructure.
Classroom and Lab sessions
Understanding the basics of OT security. Learn best practices for securing OT environments, including OT DMZ, network segmentation, and securing OT protocols like Profinet, Modbus, and CIP. Explore OT security use cases.
Classroom and Lab sessions
Understanding the basics of OT security. Learn best practices for securing OT environments, including OT DMZ, network segmentation, and securing OT protocols like Profinet, Modbus, and CIP. Explore OT security use cases.
Class Discussion
Learn about different security models and their applications, including Subject and Object concepts, the Rainbow Series, ITSEC classes, and TPM.
Class Discussion with Examples
A case study on Information Security Management Systems, focusing on managing a Data Center (DC), policies, procedures, implementation, and continuous improvement.
Class Discussion with real life examples
Understand the importance of professional ethics in an organizational setting, and how to adhere to and promote them.
Class Discussion
Understand the importance of professional ethics in an organizational setting, and how to adhere to and promote them.
Class Discussion
Copyright ©2024. FICD (Future Institute of Cyber Defense). All Rights Reserved.
Website Designed by Prateeksha Web Design