14
Sep 2020

Professional Certificate in Cyber Security Live Simulation Blue Team VS Red Team

Course Information

Start Date14 Sep 2020, Monday
End Date16 Sep 2020, Wednesday
Time09:00 am - 05:00 pm
Venue100 Orchard Road, Concorde Hotel Singapore
Fee$1,800 (Excluding GST) Inclusive of materials and certificate
Contact6720 3333 (Ms Chye Fen) chyefen@asm.edu.sg
Register Now
Get Group Quote
LIVE Stream

Introduction

In today’s advanced digital world, cyber threats are growing in scale and sophistication. Organisations are increasingly vulnerable to attacks due to technology advancement such as remote access, big data cloud computing and more. Security incidents may occur any day, anytime and anywhere. These security incidents can heavily impact organisation’s reputation, bottom line and market standing.
Organisations need to be well-prepared for the unforeseen cyber security incident. Organisations must test their own systems and know if it is vulnerable. In this highly productive 3-day workshop, participants will learn the techniques to test systems against commonly known vulnerabilities, and how to fix and remove the vulnerabilities from systems.

3 Days Hand-On Simulation and Learning with Cyber-Security Specialist, Ronald Shiflet

This Professional Certificate programme focuses on letting participants gain an exposure to and knowledge of practical cyber security in a real environment. They will learn how to use a comprehensive approach to gain insight into an organisation’s overall security to test its ability to detect, respond to, and recover from an attack.

Participants will be given just enough theory to get started performing the attacks and defences (though you will have the tutor and step-by-step instructions present to guide you through the processes towards knowledge and mastery).
Participants, wherever possible, should bring in their own laptops with power supplies, capable of running Oracle VirtualBox virtualization software effectively throughout all 3 days (all other hardware and software will be provided).

Learning Outcomes
  • Understanding and identify cyber security trends
  • Monitoring and using of tools and mechanism to detect cyber threats
  • Developing and Implementing cyber security strategies to tackle cyber threats
  • Developing and analyzing key report of threat data
  • Understanding the compliance and law of cyber security
Who Should Attend?
  • Anyone who wishes to know the roles of attack and defense in cyber security;
  • Working professionals, such as managers and engineers in the IT, security and legal industries;
  • Auditors who want to build deeper technical skills;
  • Corporate attorneys and legal professionals;
  • Anyone who wants to know how to protect their company data and confidential information.
Eligibility Criteria

Other Statement of Attainment, modular certificate or equivalent n.e.c.

Trainer's Profile

Cyber-Security Specialist: Ronald Shiflet (Director, Secure Information Technologies)

Ronald is the Director of Secure Information Technologies, a leading cyber security agency that specialized in Project Management, Security, Networking and IT Service Level Management. Ronlad has over 20 years of industry experience in information technology across Europe and Asia. Ronald holds a BSc Degree in Computer Information Systems from DeVry University and a Master of Technology, Telecommunications from DePaul University. He is a highly experience and innovative Security Consultant, whose work in mainly based on his over 20 years’ experience running his security consulting firm. He has extensive experience in digital forensic investigation, anti-forensic, penetration testing, mobile forensics and network security.

Course Outlines

DAY 1: RECONNAISSANCE AND SCANNING

Whether online or in a bank lobby, most crimes begin with a thorough investigation and review of the target site. On Day 1, we learn to scan the network, find (enumerate) the services, determine (fingerprint) the operating systems and locate their vulnerabilities so that we can later exploit them (which will be covered on Day 3).

AM (Red Team – Attack Mode)
# Network Mapping (NMAP)
# Vulnerability Scanning (NESSUS)

PM (Blue Team – Prevent Mode)
# Intrusion Detection (SNORT)
# Intrusion Interception (FIREWALL)

DAY 2 – SNIFFING AND CRACKING

On day 2, we get into the exciting world of eavesdropping and cracking. We will sniff network traffic, locate and decrypt passwords where possible, and bash down the door with brute force where not.

AM (Red Team – Attack Mode)
# Sniffing Network Data/Passwords (Wireshark)
# Password Cracking (John the Ripper)
# Brute Forcing Website Access (Hydra)

PM (Blue Team – Prevent Mode)
# Encryption (Secure Shell and Secure Sockets)
# System Hardening(1)

DAY 3 – EXPLOITATION AND EXFILTRATION

It all comes together on Day 3. We take all the knowledge gained of our target systems’ vulnerabilities and exploit them. We will exfiltrate their databases through SQL Injection and totally infiltrate their operating systems with the infamous Metasploit framework.

AM (Red Team – Attack Mode)
# Exfiltration (SQL Injection)
# Infiltration (Metasploit Framework)

PM (Blue Team – Prevent Mode)
# Parameterized SQL
# System Hardening (2)
Experienced