Price: $1,699.00
Length: 2 Days
Print Friendly, PDF & Email

Fundamentals of Threats And Risk Management Training

Fundamentals of Threats And Risk Management Training Course Description

Cyber-attacks are being more vulnerable these days, which convinces us to practice the Cyber Security in order to protect the cyber world from the attacks. TONEX as a leader in security industry for more than 15 years has recently released the Cyber Security training for threats and risk management.

TONEX has served the industry and academia with high quality conferences, seminars, workshops, and exclusively designed courses in cyber security area and is pleased to inform professional fellows about the most comprehensive training on Cyber Security Risk management and threats.

By taking the fundamentals of threats and risk management training, you will learn the history behind the cyber security and requirements of a secured network in modern cyber world. The training also helps you to understand the common threats and attacks in a cyber-world and results of each attack on security and reliability of a network.

The fundamentals of threats and risk management training course simply teaches you the concept of cyber world, definition of threats, different types of vulnerabilities in the system security, definition of network, common types of network attacks with examples, and effect of internet on network security these days.

Learn about the malware in cyber security, different types of viruses, Trojan horses, and spyware. . This course will address the latest techniques, tools and case studies from information studies in enterprise level and component level down to the field, network and IT level.

Learn how malware, exploits and malicious code attacks can harm the cyber security and what procedures should be done to secure the network in case these attacks happen to the system.

Recognize the network security issues, destructive behavior of unauthorized network access to cybercrimes and effect of firewalls. Moreover, learn how to detect the cyber criminals, close the access to them, and perform the back up in case of criminal attack.

This training will not only help you to understand that detecting the threats and protecting the system against them will help to secure a cyber-world, but also teaches you the recent advancement and risk management techniques to handle the threats.

If you are a professional who specialize in managing or designing security solutions and risk based management provider, you will benefit the presentations, examples, case studies, discussions, and individual activities upon the completion of Cyber Security Boot-Camp training and will prepare yourself for your career.

Finally, the fundamentals of threats and risk management training will help you to identify the cyber criminals, conduct the risk management process and develop the appropriate incident response in advance to protect the system against vulnerabilities.

Audience

The fundamental of threats and risk management training is a 2-day course designed for:

  • All individuals who need to understand the concept of risk management and threats.
  • Cyber security professionals, network engineers, security analysts, policy analysts
  • Security operation personnel, network administrators, system integrators and security consultants
  • Computer engineers working on cyber security technology
  • Test engineers who need to learn the security issues in networks
  • Security traders to understand the cyber security systems.
  • Investors and contractors who plan to make investments in security system industry.
  • Technicians, operators, and maintenance personnel who are or will be working on cyber security projects
  • Managers, accountants, and executives of cyber security industry.

Training Objectives

Upon completion of the Cyber Security Boot-Camp training course, the attendees are able to:

  • Understand the foundation and history behind the cyber security
  • Explain different types of threats and attacks in cyber world
  • Understand how to recognize the threats and classify different methods of defense
  • Process the risk management techniques in networks
  • Identify different types of spywares, malwares or malicious codes in cyber security
  • Understand the policies and regulations of cyber security networks
  • Manage the detection and protection solution depends on the type of attack
  • Identify the attackers and understand the method of hacking in different cyber secured networks
  • Define types of incidents in cyber security
  • Access additional external resources to supplement knowledge of cyber security

Training Outline

The fundamentals of threats and risk management training course consists of the following lessons, which can be revised and tailored to the client’s need:

Introduction to Cyber Security

  • Definition of Cyber security
  • Information security principles
  • System engineering approaches for Cyber security
  • Cyber world
  • Cyber space
  • Cyber domain
  • Cyber ecosystem
  • Cyber culture
  • Cyber environment
  • Cognitive layer of cyber world
  • Service layer of cyber world
  • Semantic layer in cyber world
  • Syntactic layer of cyber world
  • Physical layer of cyber world
  • Professional terms used in cyber security
  • concepts and approaches in cyber security
  • impact of legal issues in cyber security
  • online security resources
  • Basic security terminology
  • Microsoft security advisor

Threats and Vulnerabilities

  • Threats to be dangerous for the system security
  • Definition of threats
  • Different types of threats
  • System security in one term
  • Phishing and spear phishing
  • Malicious code
  • Weak and default passwords
  • Unpatched or outdated software vulnerabilities
  • Removable media

Network Attacks

  • DOS Attacks
  • Denial of Service Flooding Attacks
  • Disassociation Attacks
  • Disclosure Attacks
  • Reading/Revealing Information
  • MITM Attacks
  • Modification Attacks Changing Information
  • Destructive Attacks
  • Escalation of Privilege
  • Network Security Architectures
  • Sniffing
  • Password grabbing
  • Brute Force
  • Password attempts
  • Buffer Overflows
  • Spoofing Attacks
  • Forging IP/MAC/Etc.
  • Flooding: SYN, UDP, ICMP
  • Flooding Redirection: using ICMP, ARP, STP, MITM Attacks
  • Anti-Virus: Worms, Viruses, Trojans Masquerading Social Engineering

Concept of Network and Effect of Internet in Cyber Security

  • Basics of networks
  • Physical network, Local network
  • Speed of a network
  • concept of connection speed
  • Data transmission
  • IP address
  • History of the internet
  • Basics of network utilities
  • Network devices important for cyber security
  • network communication
  • Importance of network communication in cyber security
  • media access control (MAC) addresses
  • Uniform resource locators (URL)
  • Critical infrastructures
  • Energy transmission and distribution network
  • Telecommunication and information system network
  • Community technology network
  • Financial system network
  • Food supply network
  • Security network
  • Health care system
  • Supervisory control and data acquisition system (SCADA)
  • Responsibilities of cyber security
  • Cyber security training
  • National and international cooperation toward cyber security

Malware in Cyber Security

  • Viruses as the most common threats
  • Spreading a virus
  • Common types of viruses in Cyber Security
  • W32
  • Netsky-p
  • Troj
  • Invo-zip
  • MacDefender
  • Sobig virus
  • Mimail
  • Nonvirus
  • How to avoid viruses?
  • Trojan Horses
  • Well-known Trojans
  • Auto start of Trojans
  • Buffer-overflow attack
  • Sasser virus
  • Spyware
  • Legal usage of spyware
  • How to identify a spyware
  • Rootkit
  • Malicious web-based code
  • Logic bombs
  • Spam
  • Detecting viruses and spywares
  • Antivirus software
  • Antispyware software

Information Assurance in Cyber Security

  • Why should we protect the network?
  • Concept of confidentiality
  • Concept of integrity in information assurance
  • Availability of information
  • Management process
  • Network protection
  • Risk management
  • Knowledge of your team
  • Personnel training for information assurance
  • Understanding the threat
  • Securing the system
  • Personal devices security
  • Common access card security
  • Continuity of operation plans
  • Facility disaster recovery plan
  • Information technology contingency plan
  • Incident response
  • Information assurance enforcement

Network Security

  • The ISO/OSI reference model
  • Popular networks
  • UUCP
  • The language of the internet
  • Open design
  • TCP
  • UDP
  • Risk management; vital part of network security
  • Destructive behavior
  • Unauthorized access
  • Firewalls and network security
  • Hybrid system network security
  • Single point of failure in network
  • Secure modems/dial back system
  • Crypto-capable routers
  • Virtual private networks

Website Security in Presence of Cyber Criminals

  • Updating the software
  • Close the access resources
  • Credential security
  • Performing the back ups
  • Hosting companies
  • Website builders
  • Backup functions
  • Dynamic cloud hosting

Insider Threats in a Cyber World

  • Definition of insider threat
  • Location of insider threats on security agenda
  • Growing insider threats
  • Active directory and insider threats
  • Network management and compliance
  • Trends of insider activities
  • Enterprise-wide risk assessment for insiders threats
  • Insider threat awareness incorporation into security training
  • Enforcing policies and controls
  • Monitoring suspicious or disruptive behavior
  • Managing the negative issues regarding the insider threats
  • Strict password implementation
  • Recognizing the assets
  • Separation of duties and least privilege
  • Beating insider threats

Risk Management Techniques in Cyber Security

  • Identifying the cyber criminals
  • Economic companies as a cyber-threat
  • Identifying the hackers
  • Risk management process
  • Implementing industry standards
  • Evaluating and managing the organization
  • Providing oversight
  • Incident response development
  • Situational awareness of cyber threats
  • Risk management regime
  • User education
  • Incident management
  • Malware protection
  • Network security management
  • Risk management applications
  • Strategic planning
  • Resource decisions
  • Operational planning
  • Real-world events

Hands-on and In-Class Activities

  • Labs
  • Workshops
  • Group Activities

Sample Workshops Labs for Fundamentals of Threats and Risk Management Training

  • Risk Response monitoring and control
  • How to Identify Threats and Vulnerabilities in an IT Infrastructure
  • Execute risk strategies
  • Align Threats and Vulnerabilities to the Risk Management Controls
  • Contingency plans and workarounds
  • Risk evaluation
  • Reassessing risk
  • Perform a Qualitative Risk Assessment for an IT Infrastructure
  • Risk documentation
  • Identify Risks, Threats, and Vulnerabilities in an IT Infrastructure Using Zenmap GUI (Nmap)

Fundamentals of Threats and Risk Management Training

Request More Information

  • Please complete the following form and a Tonex Training Specialist will contact you as soon as is possible.

    * Indicates required fields

  • This field is for validation purposes and should be left unchanged.