Length: 3 Days
Cyber Threat Simulation Training
Cyber Threat Simulation Training covers principles of cyber threats, advanced cyber warfare and threat simulation principles. Cyber Threat Simulation Training is split into multiple parts consisting of basic cybersecurity, advanced cybersecurity, principles of cyber threat and hands-on threat simulation exercises. Gain an overview of the cyber threats and learn how to simulate, test and evaluate various global threats using your cyber systems. Cyber Threat Simulation Training course includes the perspectives of the Department of Defense (DoD) and industry cyber threat simulation and evaluates practitioners on their knowledge and skills and cover roles, responsibilities, processes, procedures, methods and tools to simulate cyber threats effectively in the cyber space. Cyber Threat Simulation will train you and your team in the tactical, operational, and strategic level cyber threat modeling and simulation skills. Learn how your security team, threat hunting, incident response more efficient, accurate and effective.
Learn about
- Basic cyber threat principles
- Principles on threat environment
- Principles of cyber simulation and modeling
- Cyber threat simulation principles
- Web application cyber threat fundamentals
- Network and application reconnaissance
- Data exfiltration & privilege escalation
- Exploit application misconfigurations and more
- Firewall and Threat Prevention at work
- Tools to model and simulate cyber threat
- Tools to monitor attack traffic
Who Should Attend
- Cyber Threat Analysts
- Digital Forensic Analysts
- Incident Response Team Members
- Threat Hunters
- Federal Agents
- Law Enforcement Officials
- Military Officials
Course Modules
Cyberwarfare and Cyberterrorism
- The concept of simulating
- Providing a detailed postmortem of how an attacker overview of Cyber Threats
- Fear Factors
- Spectacular Factors
- Vulnerability Factors
- Professional Hackers to Cyberterrorists
- Syntactic Cyber Attacks
- Semantic Cyber Attacks
- Viruses
- Worms
- Trojan horses
- Critical Infrastructures as targets
- Military
- Telecommunications
- Broadcasting
- Control Systems
- ICS/SCADA
- Sensors
- Energy and EMS
- Finance
- Transportation
- Water
Overview of Global Cyber Threats
- Tactical, operational, and strategic level threats
- Bot-network Operators
- Types of Bot-network operators
- Tools to Coordinate Attacks
- Tools to Distribute Phishing Schemes
- Tools to Distribute Spam, and Malware
- Spam and Malware Attacks
- Underground Markets
- Purchasing a Denial-of-Service Attack
- Servers to Relay Spam
- Servers for phishing Attacks
- Criminal groups
- Foreign intelligence services
- Hackers
- Insiders
- Phishers
- Spammers
- Spyware/malware authors
- Terrorists
Principles of Cyber Threat Simulation
- Cyber Threat Intelligence
- Threat Modeling and Simulation (TM&S)
- Use of cyber threat models
- Emulators, prototypes, simulators, and stimulators
- Statically or over time models
- Developing data as a basis for making managerial or technical decisions
- Interface of real-world systems with models or simulations
- Working with model elements, standards and specifications
- Modeling system descriptions, interfaces, and data communication methods
- What can you to mitigate the risk
Cyber Threat Intelligence
- Collection, classification, and exploitation of knowledge about adversaries
- Accurate, timely, and detailed information
- Incident responders
- Information systems and network defenders
- Critical infrastructure teams
- Threat hunting teams
- Tactical, operational, and strategic level threat intelligence
- Threat intelligence
- Modeling way to detect, respond to, and defeat advanced persistent threats (APTs)
Simulating Cyber Threats
- Modeling Bot-network Operation
- Bot-network Operation Use cases
- Hackers breaking into systems
- Taking over multiple systems
- Ways to coordinate attacks
- Methods to distribute phishing schemes, spam, and malware attacks
- Simulating Criminal Groups Activities
- Criminal Groups cyber threat Use cases
- Attacking systems for monetary gain
- Organized crime groups using spam, phishing, and spyware/malware
- Identity theft and online fraud
- International corporate spies and organized crime organizations
- Industrial espionage and large-scale monetary theft
- Simulating Foreign Intelligence Services
- Cyber Threat Use Cases for Foreign intelligence services
- Cyber tools as part of their information-gathering and espionage activities
- Analyzing information warfare doctrine, programs, and capabilities
- Analyzing ways to disrupting the supply, communications, and economic infrastructures
- Disrupting military power
- Simulating Hackers
- Cyber Threat Use Cases for hackers
- Modeling ways to beak into networks
- Ways to download attack scripts and protocols from the Internet
- Plan and launch of attacks against victim sites
- While attack tools
- Insiders Simulation
- Cyber Threat Use Cases for insiders
- The disgruntled organization insider
- Sources of computer crime
- knowledge about computer intrusions b
- Knowledge of a target system
- Modeling ways to gain unrestricted access
- Modeling ways to damage to the system or to steal system data
- Insider threat outsourcing vendors and employees
- Introducing malware into systems
- Phishers Simulating
- Individuals, or small groups, who execute phishing schemes in an attempt to steal identities or information for monetary gain. Phishers may also use spam and spyware/malware to accomplish their objectives.
- Spammers Simulating
- Cyber Threat Use Cases for Spammers
- Phishing schemes
- Distributing spyware/malware, or attack organizations (
- DoS (denial of service)
- Spyware/malware Authors Simulating
- Individuals or organizations with malicious intent
- Modeling ways to carry out attacks against users
- Producing and distributing spyware and malware
- Analyzing Melissa Macro Virus, the Explore.Zip worm, the CIH (Chernobyl) Virus, Nimda, Code Red, Slammer, and Blaster.
- Simulating Terrorists Activities
Incident Detection and Response Threat Simulation
- Advanced persistent threats (APT)
- Well-resourced, trained adversaries
- Analyzing multi-year intrusion campaigns
- Ways to target highly sensitive economic, proprietary, or national security information
- Orchestrated test emulating adversarial tools, tactics, techniques and procedures
- Capabilities to detect, monitor and mitigate advanced threats
- Attack simulation
- test network security on demand and without exploits
- Penetration testing, tabletop exercise, vs. threat simulation
- Attack simulation
TONEX Cyber Threat Workshop
Threat Actions and Capabilities
- Indicators from Logs and Network Traffic
- Indicators of Compromise
- Identifying New Information
- Understanding the Compromise
- Maltego Open-Source Intelligence
- Passively Discovering Activity
- Historical Data and Logs
- Current Threat Capabilities
- Detecting Future Threat Actions and Capabilities
- Analyzing Access to Threats
- Delaying and Degrading Adversary Tactics and Malware
- Tactical Cyber Threat Requirements
- Logs, Packet Capture, and Other Data Sources
Analyzing Threats
- Analyzing Tactical/Operational Threat
- Analyzing Operational Threat Intelligence
- Analyzing Strategic Threat Intelligence
- Simulating Malicious Actions
- Modeling Network and Host-Based Data
- Simulating Multiple Kill Chains
- Simulating Different Simultaneous Intrusions
- Simulating and Constructing Multiple Kill Chains
- Simulating Related Intrusions Linkage
- Data Pivoting
- Maltego and Data Transforms