$1990 per person
This three-day course provides an overview of cybersecurity principles and mechanisms and highlights the challenges of protecting computing systems from determined adversaries. The course provides an understanding of the foundational elements of information security. It also gives the student an awareness of the current threat environment and architectures, mechanisms and technologies used to contain constrain, and control adversarial actions.
Real world examples are provided to help understand the capabilities of cyber adversaries and the impact of their activities.
The course is valuable to scientists, engineers and operators who are entering the field or as a review for employees who want a comprehensive overview. A complete set of notes and references will be provided to all attendees.
- Objectives and concepts of cybersecurity
- Techniques and tactics of cyber attackers
- Foundational elements needed to secure a system
- Tradeoffs between cryptographic techniques and applications
- Value and limitations of firewalls, instrusion detection and prevention systems
- Architectures to control and constrain adversary behavior
- Current capabilities for trustworthy computing and their applications
- Cloud and database security challenges
- Current standards and protocols for secure communication and authentication
Current Threat Environment. Characteristics and motivation of cyber attackers. Recent cyber incidents discussed.
Objectives and Concepts. Confidentiality, Integrity and Availability. Identity, Authentication, Authorization and Accountability. Identify, Protect, Detect, Respond, Recover. Design principles.
Cryptographic Tools. Cryptographic algorithms and applications. Symmetric encryption, asymmetric encryption, and hash functions.
Identification and Authentication. Validation of the identity of an entity. Multi-factor authentication. Biometric measures.
Access Control. Control of access to computing resources and data. Access control models including DAC, MAC, RBAC, and ABAC.
Malicious Behavior. Malious software behavior and characteristics. Injection attacks. Denial of service attacks. Phishing attacks. Attack stages and activities.
Monitoring and Detection. Network and host activity monitoring. Anomaly and signature detection models.. Integrity measurement. Sandboxing and execution monitoring. Auditing.
Flow and Activity Control. Firewalls and intrusion prevention systems. Software execution control. Architectures to control and constrain.
OS and Software Security. Software security design principles. Common software flaws. OS security challenges and capabilities.
Trustworthy Computing. Motivation and security models for high assurance computing. Methodologies to assess level of assurance. Capabilities available in computing systems today.
Cloud and Database Security. Cloud and database security challenges including access control, management, and data inference.
Wireless Security. Capabilities of current standard, WPA2 and planned standard, WPA3. WiFi control and management vunerabilties.
If this course is not on the current schedule of open enrollment courses and you are interested in attending this or another course as an open enrollment, please contact us at (410) 956-8805 or firstname.lastname@example.org. Please indicate the course name, number of students who wish to participate. and a preferred time frame. ATI typically schedules open enrollment courses with a 3-5 month lead time. For on-site pricing, you can use the request an on-site quote form, call us at (410) 956-8805, or email us at email@example.com.