Description
Cybersecurity skills are in high demand, as threats continue to plague enterprises around the world.
This package includes:
- Hands-on Lab Equipment (for 24 students)
- Physical Asset Protection panel and accessories
- PLC with factory simulation software
- Complete software hacking support tools
- Medical device, probes, and software
- Optional networking equipment and software
- 180 Hours of Curriculum/Theory
In today’s global IT environment, cybersecurity goes well beyond traditional network security.
Based on the Cybersecurity Frameworks established by the National Institute of Standards and Technology (NIST), Marcraft’s Cybersecurity Essentials – Concepts and Practices course covers both theory and hands-on labs. Topics in this 180-hour course include:
- Critical Infrastructure Security Systems and Devices
- Intelligent Computing and Controlling Devices and Systems Security
- Business Information Technology (IT) Network Security Systems and Techniques
- Industrial/Utility Industrial Control System (ICS) Networks and Devices Security
- Medical Network and Data System Security
- Ethical Hacking Roles and Tools
Concepts & Practices
INFRASTRUCTURE SECURITY
-
- Access Control & Security Policies
- Physical Security Controls
- Authentication Systems
- Biometric Scanners
- Remote Access Monitoring
- Security Controllers
- Sensors
- Keypads
- Output Devices
- Camera Specifications & Deployment Strategies
- Video Recorders, Switchers & Monitors
LOCAL HOST SECURITY
-
- Securing Outer Perimeter Portals
- BIOS Security Subsystems
- Local System Hardening
- Physical Port Access
- BIOS Port Enabling Functions
- Removable Media Access
- BIOS Boot Device/Sequence Controls
- Operating Systems
- OS Kernel & File System Security
- File System Attacks
- Common Operating System Security Tools
- Physical Authentication Devices
- Using Local Administrative Tools
- Event Logging and Auditing
- Implementing Data Encryption
- Implementing Local Protection Tools
- Software-Based Local Firewalls
- Using Local Intrusion Detection Tools
- Configuring Browser Security Options
- Malicious Software Protection
- Hardening Operating Systems
- Overseeing Application Software Security
- Software Exploitation
- Applying Software Updates and Patches
LOCAL NETWORK SECURITY
-
- OSI Model
- Networking Topologies & Protocols
- Network Control Strategies
- Physical Server Access Control
- Server Software Security
- Configuring/Hardening Server OS
- User Accounts
- Network Authentication Options
- Establishing Resource Controls
- Conducting Backups
- Distributed Intrusion Detection Architectures
- Vulnerability Scanning
- Remote Monitoring
- Simple Network Management Protocol
- Network Connectivity Devices
- Network Connectivity Device Vulnerabilities
- Network Transmission Media Security
- Network Hardening
CYBER SECURITY
-
- Basic Internet Concepts
- Internet Services
- Standards and RFCs
- Network Address Translation
- Port Address Translation
- Port Forwarding or Mapping
- Network Segmentation
- Software-Defined Networking
- Network Virtualization
- VLANs
- Firewalls
- Network Appliances
- Proxy Servers
- DMZs
- Implementing Security
- IP and MAC Authentication
- Authentication Protocols
- Encryption
- Digital Certificates
- Hash Tables
- Basic Tools
- Monitoring Tools and Software
- Zero-Day Vulnerabilities
- SQL Injection
- Social Engineering Exploits
- Network Threats and Attacks
- Dictionary Attacks
- Denial of Service Attacks
- Tarpitting
- Spam
- Other Exploits
ENVIRONMENTS & TESTING
ENTERPRISE NETWORK SECURITY
-
- Common Enterprise Network Security Structures
- Storage Virtualization
- VLAN Attacks
- Network Segmentation
- VLAN Network Segmentation
- Controlling Intersegment Data Movement
- Tunneling
- ACL/Network Layer Security
- Configuring Access Control Lists
- Configuring Services and Protocols
- Small Business Zoning
- Flat Business Networks
- Front-End & Mid-Tier Servers
- Back-End Database Servers
- Risk Management & Mitigation
- Incident Response Planning
- Business Continuity Planning
- Disaster Recovery Planning
- Environmental Security Activities
- Employee Awareness and Training
- Acceptable Use, Due Care & Privacy
- Separation of Duties & Need-to-Know
- Privilege Management
- Password Management Policies
INDUSTRIAL CYBER SECURITY SYSTEMS
-
- Open & Closed Loop Control Systems
- Dedicated & Distributed Control Systems
- Industrial Sensors
- Final Control Elements/Actuators
- Industrial Process Controllers
- Field Devices
- Industrial Networks
- SCADA for Process Control
- Common Industrial Network Structures
- Industrial Network Communication Media
- Asynchronous Serial Standards
- Ethernet Networking
- Remote Access Communication Media
- Industrial Network Protocols
- Utility Generation Control Networks
- Utility Distribution Control Networks
- Utility Data Collection Networks
- Smart Meters
- Customer Data Management Systems
- Industrial and Utility Network Security
- Global Security Standards, Practices, & Regulations
- Boundary Protection
- Wide Area Network Security
- SCADA Security
- ICS Risk Assessments
MEDICAL NETWORK SECURITY
-
- VoIP Phone Systems
- Medical Records Security
- Electronic Health Records
- Government Regulations
- Clinical Document Architecture
- Data Segmentation for Privacy
- Access Control
- Audit Controls
- Data Storage and Retention
- Data Purging and Destruction
- Backup and Recovery
- PACS
- Vendor Neutral Archives
- Radiology Information Systems
- DICOM
- Digital Signatures
- Metadata
- Transmission Security
- e-Prescribing Systems
- Medical Diagnostic Instrumentation
- Wireless Technologies
- Telemetry Applications
- Wireless Sensor Networks
- The Internet of Things
- Exploiting Mobile Devices
INTRODUCTION TO ETHICAL HACKING
-
- Ethical and Legal Hacking
- Black, White & Gray Hats
- Security Breach Examples
- The Lockheed Martin Cyber Kill Chain
- Network Enumeration/Port Scanning
- Social Engineering
- The Pentest Process
- IP Header Manipulation
- Defending Against IP Spoofing
- Session Hijacking
- MAC Spoofing & Flooding
- ARP Spoofing/Poisoning
- Man-in-the-Middle Attacks
- DNS Spoofing & SQL Injection
- DoS vs. DDoS Attacks
- Ping Flood & Smurf Attacks
- UDP & SYN Flood Attacks
- Password Attacks
- Wireless Attacks
- Wardriving
- Rogue Access Points
- WEP Key Cracking
- Beacon & Deauthenticate Flood
- Documentation & Reporting
MARCRAFT also offers a high school level program for institutions looking to give students a head start into this growing industry.