From Cryptography to Forensics

March 14-16 (Tues-Thus)

Timing: 9:00AM – 15:00PM

Training Provider -DCIPark – Cybernode

No. of Days - 3 days

Level - Level 0 – Novice to Level 1 – Advanced Beginner

Prerequisite Knowledge -

  • Attendees must be graduates with a university-level degree with experience in networking, Linux operating systems, and general cyber security concepts.

Hardware/Software Requirements -

  • Attendees require a laptop or workstation with an external monitor no less than 27" in size to ensure clear visibility of the cyber range guest operating systems. Laptops or Workstations must be of a recent model with a fast CPU and at least 16 GB of RAM, with access to the Cyber Range browser-based. Cybernode recommends using an external mouse and an external keyboard for these sessions.
  • In addition to the hardware and software requirements, attendees should also possess writing materials such as pens and a notepad to complete the exercises that do not require hardware and software.

Overview

A short extract from Cybernode's flagship Cyber Security Boot Camp Program, From Cryptography to Forensics provides attendees with the core fundamentals of Cryptography and Access Control, and Threat and Open-Source Intelligence with a final day wrap-up into Incident Response and Digital Forensics.

Who Should Attend

Attendees who have an interest in Cyber Security, Cryptography, Threat Intelligence or Digital Forensics

Why Should You Take This Course

Attendees interested in Cryptography, Threat Intelligence or Digital Forensics need to know the core fundamentals of each of these domains before undertaking specialised training within these domains. Undertaking these modules and the other modules of Cybernode's flagship Cyber Security Boot Camp Program provide attendees with the fundamental knowledge of not only these specific domains but numerous Cyber Security domains, providing attendees with the initial steps of having a career in Cyber Security.

What will the students get

In addition to the extensive knowledge gained across these modules, attendees will receive a secured copy of the slide deck material used throughout the sessions

Key Learning Objectives

Day 1: Cryptography and Access Control
  • Apply access control methods to protect computing assets
  • Explain the differences between access control models
  • Explain the principles of symmetric and asymmetric cryptography
  • Recognise the differences between block and stream ciphers
Day 2: Threat and Open Source Intelligence
  • Describe the differences between Threat Data and Threat Intelligence
  • Distinguish between the different well-known and common Threat Modelling methodologies
  • Identify threats in social networks using Open-Source Intelligence (OSINT) and Social Media Intelligence (SOCMINT) Methodologies
  • Demonstrate the capturing of Personally Identifiable Information (PII) using OSINT and SOCMINT
Day 3: Incident Response and Digital Forensics
  • Summarise the life cycle of Incident Response
  • Distinguish between an Incident Response Plan, Policy, Procedure, Capability, and Team
  • Distinguish between an Incident and an Event
  • Describe Digital Forensics and its related disciplines

Topics Covered / Agenda

Day 1:

Cryptography and Access Control
  • Cryptography Fundamentals
  • Encryption & Decryption; Asymmetric vs Symmetric
  • Plaintext, Cleartext, Ciphertext, Codetext
  • Ciphers; Block Cipher vs Stream Cipher
  • Algorithms; AES, DES, 3DES, IDEA, Blowfish, Twofish
  • Modes of Operations; ECB, CBC, CFB, OFB, CTR, GCM
  • Access Control
  • Identification, Authentication & Authorisation
  •  AAA; Authentication, Authorisation, Accounting
  •  Multi-Factor Authentication
  •  Access Control Models
  •  Users & Permissions

Day 2:

Threat and Open Source Intelligence
  • Threat Intelligence
  • Threat Data vs Threat Intelligence
  • Threat Modelling & Common Models
  • Intelligence Gathering Disciplines
  • Open Source Intelligence (OSINT)
  • Social Media Intelligence (SMI, SOMINT, SOCMINT, etc.)
  • HUMINT, GEOINT, MASINT, SIGINT, TECHINT, CYBINT/DNINT, FININT, etc.

Day 3:

Incident Response and Digital Forensics
  • Incident Response
  • Cyber Attacks… What are they?
  • Plan, Policy, Procedure, Capability, Team
  • Incident Response Life Cycle
  • Digital Forensics
  • What is it?
  • Disciplines of Digital Forensics
  • Digital Evidence
  • Stages of a Forensic Examination
  • Memory Forensic Analysis