GSAtrain

​

This cyber security training will cover the following modules:

Module 1: Introduction

• Intelligence report - the latest threats and notes from the field
• Anatomy of APT's and targeted attacks

Module 2: Initial Recon

• Advanced information gathering
• Social engineering using social networking, emails and similar.
• Public and private harvesting using public resources and information leakage
• System reconnaissance
• Network and host-based enumeration
• System and service enumeration
• Vulnerability analysis

Module 3: Remote attacks

• The anatomy of exploitation
• Buffer owerflows
• Attack frameworks
• Password based attacks, passive and active
• Man in the middle attacks

Module 4: Web/SQL-based attacks

• The anatomy of web/SQL-exploitation
• Basic web/SQL injections
• Advanced web/SQL injections
• File upload attacks
• Various other web-based attacks

Module 5: Client-Side attacks

• Web-browser-based attacks
• Cross-site scripting attacks
• Cross-site request forgery
• DOM-based attacks
• Exploit-based attacks using attack frameworks

Module 6: Lateral Movement

• Remote access tools and trojans
• Lateral movement using dependencies
• Passing the hash
• Passing the dutchie
• Credential extraction and reuse including certificate stealing.

Module 7: Cloud based attacks

• The anatomy of cloud-based-exploitation
• Invisible virtualized guest attacks and data theft.

Module 8: Miscellaneous attacks

• Wireless attacks
• Physical attacks including attacks on encrypted laptops.
• Mobile platforms

Cyber Security Defenses - Windows Platforms
In this course we will cover the latest features, tools and components that are available for defending your Windows infrastructure and preventing cybercriminals from successfully compromising your systems and data. The experts will share the tactics and techniques that they have implemented in government agencies, financial institutions and premier enterprises around the world. By taking this course you will be armed with all the tools and knowledge needed to effectively defend your Windows infrastructure.

Module 1: Introduction

• Intelligence report - The latest features, tools and techniques from the field.
• Windows enterprise hardening strategies.

Module 2:System hardening

• Security Policy configuration, security compliance and enterprise distribution
• System Security update strategies - Patch management
• Implementing applocker in the real world
• Bitlocker

Module 3: Enterprise Authentication and authorization

• PKI-based authentication
• Virtual Smartcards, smartscards
• Mechanism Authentication Assurance
• Active directoy autentication strategies
• RODC
• Kerberos proxy
• Fine grained Password policies
• Managed service accounts
• Claims based authentication
• Authorization
• Dynamic access control

Module 4: Secure systems administration

• WinRM
• Powershell remoting
• Secure RDP

Module 5: Network security

• IPSEC
• Domain isolation
• Server/service isolation
• Network Access Protection
• Advanced firewall
• Direct access
• Restrict NTLM

Module 6: Auditing

• Advanced auditing