In today’s Internet-dependent business environment, organizations must link their systems across enterprise-wide and virtual private networks as well as connect mobile users.
In this course, you learn how to analyze risks to your networks and the steps needed to select and deploy the appropriate countermeasures to reduce your exposure to network threats.
“Cyber awareness has become the need of the hour.”
Learning Objective:
Analyze your exposure to security threats and protect your organization’s systems and data
Deploy firewalls and data encryption to minimize threats
Manage risks emanating from inside the organization and from the Internet
Preventing unwanted network access with a personal firewall.
Course Outline
Part I – Cyber Crime, Frauds and Risks
1. Security goals
Confidentiality
Integrity
Authentication
Authorization
Accountability
Non repudiation
Availability
2. Security Mechanisms
Cryptography
Message Authentication Codes and Cryptographic Hash Functions
Passwords, Biometrics and Authentication Protocols
Access control (MAC, DAC, RBAC, ABAC)
Captchas and resource control
Auditing/logging
Non-repudiation protocols
3. Attacks (Buffer Overflow, SQL and Command Injection, DNS cache poisoning, X
SS, XSRF, DoS/DDoS, Malware, etc.) and Threat Modeling
4. Laws of Security
5. Secure coding principles
6. Cyber-crime, cyber bullying and cyber terrorism
7. Internet Safety and data security
Part II. Computer Security from the Data Science Perspective
Unique Challenges of security domain
Data Mining techniques (association rule mining, clustering, anomaly detection) with applications to malware detection
Machine Learning techniques (Decision Trees, Support Vector Machines, Neural Networks, one class learning, semi-supervised learning) with applications to intrusion detection and malware detection.
Part III. Email Masquerade and Social Engineering Attacks
Fake emails, phishing and spear-phishing – fundamental characteristics
Natural language processing/Natural language generation
Comprehensive detection methods for social engineering attacks
Education and training regimes
Target Audience
Any person with basic knowledge on computer and interest towards Information Security / Cyber Security Domain can attend this workshop.