IT Security Training: Cybersecurity Essentials


Course Delivery

Live Instructor-Led Training

Course Description

The course Cybersecurity Essentials (IT Security) is a full lifecycle exploration of corporate IT Security. The training starts with a review of key networking concepts including IP addressing, switches, routers, VLANs, VOIP and concludes with a comprehensive study of cybersecurity concepts such as information assurance, cryptography, authentication and legal and regulatory considerations. The course then leverages theses foundation concepts to explore the practical aspects of securing routers, switches and computers that run Windows and Linux. The training also covers intrusion detection systems (IDS) and essential policies and procedures that support IT security in an organization. The course course concludes with a detailed study of hacker attacks, including attack methods, the attack vector, incident handling and mitigation techniques.

Course Dates and Pricing


Sep 10 - 14, 2018$3,500.00Oct 8 - 12, 2018$3,500.00Nov 5 - 9, 2018$3,500.00Dec 3 - 7, 2018$3,500.00

Course Outline

Network Fundamentals

The OSI Reference Model and Packet Structure
Essential IP Concepts: IP Addresses and Subnets
Obtaining an IP Address: Static and Dynamic Addressing
Essential IP Concepts: Transport Protocols (TCP and UDP)
IP Behaviour: Understanding Sockets, Ports and Application Protocols
Understanding Routers and Layer 3 Switches
Working with and Understanding VLANs
Exploring VOIP Technologies

IT Security: Essential Concepts

Information Assurance Foundations
Cryptography and Secure Communications
Program Security: Flaws and Defenses
Operating System Security
Identification and Authentication
Trusted Operating Systems and Database Management Systems
Network Security: Threats, Controls and Technologies
Management of Security
Legal, privacy and ethical issues

Implementing Router Security

Firewalls: Roles and Concepts
Cisco IOS: The Role of Router Filters, QoS and NAT
Cisco IOS: Implementing Classes and Class Maps
Cisco IOS: Implementing ACLs
Cisco IOS: Implementing Policies

Securing the Computer: Windows

Exploring NIST Cybersecurity Guidance
Creating an Information Security Policy
Creating Users and Managing Permissions on Windows
Enforcing Password Complexity and Password Aging
Managing Domain Administrators and the Administrator Account
Managing Permissions: Windows File System and Share Based Security
Creating Group Policy and Enforcing Domain Security
Securing the SAM Database

Securing the Computer: Linux

Creating Users and Managing Permissions on Linux
Using PAM Modules to Enforce Password Complexity and Age Requirements
Managing root Access
Limiting Remote Logins
Securing SSH
Managing Permissions: Linux File System and Share Based Security
Securing Key Security Files
Implementing SELinux (Optional)

Implementing Computer Security

Understanding Computer Vulnerabilities
Implementing Logging and Audit on a Computer
Disabling Vulnerable Hardware
Disabling Non-Essential Services
Designing and Implementing a Software Update Strategy
Validating the Integrity of an Update

Intrusion Detection

The role of Intrusion Detection vs Authentication and Authorization
What Intrusion Detection Can and Cannot Provide
The Types of Intrusion Detection: NIDS, NNIDS and HIDS
Where IDSs Should be Positioned
The Critical Role of Processes

Implementing an IDS

Overview of the Security Onion
Implementing Alerts
Working with Asset Data
Packet Captures and Full Content Data
Capturing and Working with Host Data
Capturing and Working with Session Data
Capturing and Working with Transaction Data
Implementation Case Study: Web Service Intrusion Detection

Policies and Procedures

Overview of Key Processes
Exploring Information Security Management
Exploring Business Continuity Management
The Risk Management Process from A to Z
Risk Identification: Creating the Risk Register
Risk Evaluation: Determining Probability and Impact
Performing SPOA Analysis and Business Impact Analysis
Risk Management: Planning for Mitigation
Risk Audits: Principles and Application
Writing a Communication Plan
Updating the IT Service Continuity Plan and the Business Continuity Plan
Designing Effective Incident Management
Providing Problem Management
The Role of Change Management and Emergency Change Management
The Importance of Service Asset Configuration Management

Exploring Methods of Attack

Understanding the Hacker’s Mindset
Exploring Methods of Attack
The top 10 Security Vulnerabilities
Exploring Session Highjacking
Exploring Man in the Middle
Exploring SQL Injection
Exploring XSS
Exploring Sensitive Data Exposure
Exploring Broken Authentication
Exploring WIFI Cracks and Security Protocols
A Note on Ransomware
Where Denial of Service (DOS) fits in
Advanced Persistent Threat Management Techniques

Other Useful Concepts

Offensive and Defensive Information Warfare
Implementing Honeypots
Implementing OS and Software Service Packs
Preventing Unauthorized Devices
Providing User Education
Ensuring Regular Security Testing
Using Appropriate Cryptographic Algorithms
Exploring Stenography and Known File Formats

The Vector of Attack

The Target Scoping Stage
The Information Gathering Stage
About Target Discovery
Enumerating the Target
Vulnerability Mapping
Social Engineering
Target Exploitation
Privilege Escalation
Putting it all Together

Incident Handling

Practice makes Perfect: Training Personnel to React to an Attack Situation
How to know when you are under attack
Before you begin: Identifying the Root Cause
Identifying and Executing the Response
Limiting the Scope of the Damage
Reviewing Logs and Identifying Compromised Systems
Communicating with Affected Individuals
Preventing Future Attacks
Performing a Post-Mortem

Course Locations

  • Ottawa

  • Montreal

  • Toronto

Related IT Security Training

IT Security Training: Essential Concepts

The course Essential Concepts (IT Security Training) introduces the art and science of IT security. The training begins with an overview of IT security management and its various disciplines. The course then discusses threat types & the complete Plan, Detect, Respond and Protect lifecycle. The training includes the use of firewalls, anti-virus, information security policies, user management, network management & more. If you to create, publish, implement and maintain a corporate Information Security Policy, this is the course for you. Training course titled IT Security Training: Essential Concepts that will allow you to hone your professional skills.

Sep 18 - 21, 2018$2,775.00Oct 16 - 19, 2018$2,775.00Nov 13 - 16, 2018$2,775.00Dec 11 - 14, 2018$2,775.00

IT Security Training: Offensive & Defensive Hack Proofing

The course Offensive & Defensive Hack Proofing (IT Security Training) is an introduction to white hat hacking. The course teaches you how to perform every stage of the hacking process so that you may protect your environment. The training includes tools for information gathering & target scoping, target discover & enumeration, vulnerability mapping & social engineering. You are taught how to use the Metasploit Framework to perform target identification & exploitation so that you may stop it from happening to you. The progressive & hands-on practical lab allow you to execute a hack from initial identification to privilege escalation & maintenance. Stop hackers in their tracks today! Training course titled IT Security Training: Offensive & Defensive Hack Proofing that will allow you to hone your professional skills.

Sep 11 - 14, 2018$3,350.00Oct 23 - 26, 2018$3,350.00Nov 20 - 23, 2018$3,350.00Dec 18 - 21, 2018$3,350.00

IT Security Training: The Definitive Boot Camp

The course The Definitive Boot Camp (IT Security Training) provides an introduction to the complex world of IT security. Corporate IT systems are more at risk today than they have ever been. The availability of information and the increased appetite for information and data requires organizations to expose their systems more and more to the vagaries of public consumption. This level of access means that an increasing number of people can compromise corporate data and IT infrastructure. Therefore, it is more important than ever for all employees to have a good understanding of the concepts and technologies that allow enforcement of the organization’s security policy. Why take the risk? Familiarize yourself and your staff with the many IT security concepts and technologies that protect you every day. Training course titled IT Security Training: The Definitive Boot Camp that will allow you to hone your professional skills.

Sep 17 - 18, 2018$1,150.00Oct 15 - 16, 2018$1,150.00Nov 12 - 13, 2018$1,150.00Dec 10 - 11, 2018$1,150.00

Server 2016 Training: Mastering Active Directory

The course Mastering Active Directory (Server 2016 Training) explores the design & implementation of Domains & Forests using Active Directory Domain Services with Windows Server 2016. The training includes active directory installation & configuration, domain & forest design & implementation as well as the creation & maintenance of Active Directory users & security groups. The course covers Active Directory schemas & fields, RODCs, global catalog servers, Active Directory replication, GPOs & GPO templates, Nano Servers, Server Virtualization and more. Training course titled Server 2016 Training: Mastering Active Directory that will allow you to hone your professional skills.

Sep 26 - 28, 2018$1,675.00Oct 24 - 26, 2018$1,675.00Nov 21 - 23, 2018$1,675.00Dec 19 - 21, 2018$1,675.00

.NET Training: Building Secure Applications

The course Building Secure Applications (.NET Training) teaches you build secure code which is resistant to hacker attacks. As applications become a more an more important part of our professional lives, security vulnerabilities become a key liability. The training includes encryption & message digests, code access security, authentication, session management, authorization and role based security. The course concludes with a study of symmetric % asymmetric encryption together with common hacks and security vulnerabilities such as SQL Injection, XSS scripting & session hijacking to name a few. Training course titled .NET Training: Building Secure Applications that will allow you to hone your professional skills.

Sep 26 - 28, 2018$2,250.00Oct 24 - 26, 2018$2,250.00Nov 21 - 23, 2018$2,250.00Dec 19 - 21, 2018$2,250.00

Cisco Training: Mastering Network Security

The course Mastering Network Security (Cisco Training) delves into the details of Cisco network security. Every aspect of the security policy implementation is covered, starting with basic protocol considerations to the use of firewalls, IPS and IPv6. The training includes ACLs, tunneling and routing protocols. Training course titled Cisco Training: Mastering Network Security that will allow you to hone your professional skills.

Sep 18 - 21, 2018$2,775.00Oct 16 - 19, 2018$2,775.00Nov 13 - 16, 2018$2,775.00Dec 11 - 14, 2018$2,775.00

IT Security Training: Advanced Hacking and Intrusion Detection

The course Advanced Hacking and Intrusion Detection (IT Security Training) explores advanced hacking from an offensive security perpsective. The course covers hacking with Metasploit and discussed common attack techniques including SQL Injection, Cross-Site Scripting, Phishing, Spoofing & more. The training also discusses how to plan & implement an Intrusion Detection System together with the design & implementation of related IT security processes including Incident, Problem, Event and IT Security management. Training course titled IT Security Training: Advanced Hacking and Intrusion Detection that will allow you to hone your professional skills.

Sep 18 - 21, 2018$3,350.00Oct 16 - 19, 2018$3,350.00Nov 13 - 16, 2018$3,350.00Dec 11 - 14, 2018$3,350.00

IT Security Training: An Introduction to Penetration Testing

The course An Introduction to Penetration Testing (IT Security Training) is an introduction to white hat hacking. The course teaches you how to perform every stage of the hacking process so that you may protect your environment. The training includes tools for information gathering & target scoping, target discover & enumeration, vulnerability mapping & social engineering. You are taught how to use the Metasploit Framework to perform target identification & exploitation so that you may stop it from happening to you. Training course titled IT Security Training: An Introduction to Penetration Testing that will allow you to hone your professional skills.

Sep 5 - 7, 2018$2,250.00Oct 3 - 5, 2018$2,250.00Oct 31 - Nov 2, 2018$2,250.00Nov 28 - 30, 2018$2,250.00

IT Security Training: Inspecting Networks with SNORT

The course Inspecting Networks with SNORT (IT Security Training) is a complete exploration of SNORT from installation and configuration to the development of complex rules for malicious data extraction and network intrusion detection. The training starts with an overview of the theoretical foundations of network data analysis with SNORT. This is followed by a detailed investigation of working with SNORT pre-processors to analyze traffic and detect malicious attacks. The training course also discusses the use of filters and events and the writing of SNORT rules for payload detection, non-payload detection and post detection processing. The training ends with a discussion of best practices and challenges in writing rules and the use of the AppId pre-processor for user created application detectors. Wow! This is quite the jam packet IT security course. Training course titled IT Security Training: Inspecting Networks with SNORT that will allow you to hone your professional skills.

Oct 23 - 26, 2018$3,500.00Nov 20 - 23, 2018$3,500.00Dec 18 - 21, 2018$3,500.00

IT Security Training: Network Forensics Analysis

The course Network Forensics Analysis (IT Security Training) explores the complexities of gathering digital evidence over a network. The training starts with a general discussion of evidence types and related evidence gathering techniques. This is followed by a detailed exploration of the fundamental tools of the digital forensics trade including the Squid proxy server, common packet analysis tools including tcpdump, Wireshark and NetFlow. The course includes a detailed study of application level protocols and services, firewalls, intrusion detection systems (IDS) and network security managers. The training concludes with an exploration of centralized logging, the Elastic Stack, wireless network considerations, encryption and SSL inspection. Training course titled IT Security Training: Network Forensics Analysis that will allow you to hone your professional skills.

Sep 3 - 7, 2018$3,500.00Oct 1 - 5, 2018$3,500.00Oct 29 - Nov 2, 2018$3,500.00Nov 26 - 30, 2018$3,500.00

IT Security Training: Windows Forensics from A to Z

The course Windows Forensic Forensics Analysis (IT Security Training) explores the complexities of gathering digital evidence on everything Windows. The training starts with a general discussion of evidence types and related evidence gathering techniques. This is followed by a detailed exploration of love response and the collection of both volatile and non-volatile data on the Windows platform. The training course covers the analysis of Windows memory, the FAT and NTFS file systems and various Windows artefacts including web browsers, event logs, page files and more. Training course titled IT Security Training: Windows Forensics from A to Z that will allow you to hone your professional skills.

Sep 10 - 14, 2018$3,500.00Oct 22 - 26, 2018$3,500.00

Java Training: The Complete Security Workshop

The course The Complete Security Workshop (Java Training) is essential for any developer who is working on front-end web applications or working on the security infrastructure of JEE applications. The course content aims to demystify Java SE and EE security at all levels. Starting with an overview of threats and risks, the student is guided in a hands-on exploration of JAAS (Java Authentication and Authorization services), followed by creating custom security providers and best practices. Training course titled Java Training: The Complete Security Workshop that will allow you to hone your professional skills.

Sep 18 - 21, 2018$2,775.00Oct 16 - 19, 2018$2,775.00Nov 13 - 16, 2018$2,775.00Dec 11 - 14, 2018$2,775.00

Linux Training: Security & Hacking Complete Course

The course Security & Hacking Complete Course (Linux Training) focuses on Linux security and hacking. Beginning with a Linux security deep-dive, the course discusses the anatomy of a hacker attack on Linux. Every part of the Linux OS is included in the discussion including the kernel, networking components, databases, web servers & more. Training course titled Linux Training: Security & Hacking Complete Course that will allow you to hone your professional skills.

Sep 4 - 7, 2018$2,775.00Oct 2 - 5, 2018$2,775.00Oct 30 - Nov 2, 2018$2,775.00Nov 27 - 30, 2018$2,775.00

Server 2016 Training: Windows Advanced Active Directory

The course Windows Advanced Active Directory (Server 2016 Training) covers advanced Active Directory installation, configuration and maintenance. The training includes GPO, global catalog servers, service replication, sites, replication topology, PowerShell scripting & troubleshooting. If you need to know everything about the Active Directory, this is the course for you. Training course titled Server 2016 Training: Windows Advanced Active Directory that will allow you to hone your professional skills.

Sep 25 - 28, 2018$2,775.00Oct 23 - 26, 2018$2,775.00Nov 20 - 23, 2018$2,775.00Dec 18 - 21, 2018$2,775.00

Server 2016 Training: Windows Advanced Security

The course Windows Advanced Security (Server 2016 Training) is an exploration of Windows Server security. Beginning with a tour of threat types, the training includes a complete exploration of the Plan, Detect, Respond and Protect lifecycle with Windows Server. If you want to protect your Windows servers from malware and hacker attacks, this is the course for you. Training course titled Server 2016 Training: Windows Advanced Security that will allow you to hone your professional skills.

Sep 4 - 7, 2018$2,775.00Oct 2 - 5, 2018$2,775.00Oct 30 - Nov 2, 2018$2,775.00Nov 27 - 30, 2018$2,775.00