• Implement AAA on Cisco routers using local router database and external ACS
• Explain the functions and importance of AAA
• Describe the features of TACACS+ and RADIUS AAA protocols
• Configure AAA authentication
• Configure AAA authorization
• Configure AAA accounting
• Mitigate threats to Cisco routers and networks using ACLs
• Explain the functionality of standard, extended, and named IP Access Control List used by routers to filter packets
• Configure and verify IP ACLs to mitigate given threats (filter IP traffic destined for Telnet, SNMP, and DDoS attacks) in a network using CLI
• Configure IP ACLs to prevent IP address spoofing using CLI
• Discuss the caveats to be considered when building ACLs
• Implement secure network management and reporting
• Use CLI and SDM to configure SSH on Cisco routers to enable secured management access
• Use CLI and SDM to configure Cisco routers to send Syslog messages to a Syslog server
• Mitigate Common Layer 2 attacks
• Describe how to prevent layer 2 attacks by configuring basic Catalyst switch security features
• Implement the Cisco IOS firewall feature set using SDM
• Describe the operational strengths and weaknesses of the different firewall technologies
• Explain stateful firewall operations and the function of the state table
• Implement Zone Based Firewall using SDM
• Implement the Cisco IOS IPS feature set using SDM
• Define network based vs. host based intrusion detection and prevention
• Explain IPS technologies, attack responses, and monitoring options
• Enable and verify Cisco IOS IPS operations using SDM
• Implement site-to-site VPNs on Cisco Routers using SDM
• Explain the different methods used in cryptography
• Explain IKE protocol functionality and phases
• Describe the building blocks of IPSec and the security functions it provides
• Configure and verify an IPSec site-to-site VPN with pre-shared key authentication using SDM

After completing this module, you will be able to achieve these certifications

• Cisco: Cisco Certified Internetwork Expert (CCIE) Security - The pinnacle Cisco certification for network security expertise.
• Juniper Networks:
• Juniper Networks Certified Security Specialist (JNCSS) - Provides fundamental network security knowledge.
• Juniper Networks Certified Security Professional (JNCSP) - Offers advanced network security skills for Juniper products.
• Fortinet: Fortinet NSE 7 - FortiGate Security Administration - Specializes in managing Fortinet's FortiGate security firewalls. (Note: Vendor-specific certification)
• CompTIA: Security+ - Covers general network security concepts and technologies.
• (ISC)²: SSCP with Architecture concentration - Combines the SSCP core with network security architecture knowledge.
• Check Point: Check Point Certified Security Expert (CCSE) - Validates expertise in securing Check Point security gateways. (Note: Vendor-specific certification)
• Palo Alto Networks: Palo Alto Networks Certified Network Security Engineer (PAN- OS) - Specializes

1. Lab Environment Setup – Virtualization & Basic OS

Objective: To understand lab environment and gain lab setup capabilities.

Key Topics:

• Virtualization platform concepts

• Installation of VMware Workstation and VirtualBox

• Installation of Kali Linux and basic configuration

• Network settings for virtual machines

2. Linux Fundamentals – Navigation & Users

Objective: To understand Linux fundamentals and basic operations.

Key Topics:

• Introduction to Linux fundamentals

• User creation and management

3. Linux Fundamentals – File & Network Operations

Objective: To understand Linux fundamentals and basic operations.

Key Topics:

• File operations (creating, deleting, moving, permissions)

• Basic Linux networking commands and concepts

4. Linux Fundamentals – Package Management & Advanced Commands

Objective: To understand Linux fundamentals and basic operations.

Key Topics:

• Package management (apt, yum, dnf)

• Essential Linux commands (grep, find, ssh, scp, etc.)

5. Cybersecurity Fundamentals – Core Concepts

Objective: Understand information security, processes, frameworks, and concepts.

Key Topics:

• Cybersecurity fundamentals

• CIA Triad (Confidentiality, Integrity, Availability)

6. Cybersecurity Fundamentals – Threats & Attacks

Objective: Understand information security, processes, frameworks, and concepts.

Key Topics:

• Attacks, threats, and vulnerabilities

• Attack approaches

7. Cybersecurity Fundamentals – Kill Chain & Frameworks

Objective: Understand information security, processes, frameworks, and concepts.

Key Topics:

• Cyber Kill Chain

• MITRE ATT&CK Framework

• Cybersecurity frameworks & compliances (NIST, ISO 27001 – overview)

8. Introduction to Penetration Testing – Concepts & Methods

Objective: Understand penetration testing concepts, standards, and techniques.

Key Topics:

• Penetration testing concepts

• Black-box, White-box, and Grey-box testing

9. Introduction to Penetration Testing – Rules & Scoping

Objective: Understand penetration testing rules and scope definition.

Key Topics:

• Rules of engagement

• Scoping of penetration tests

• Communication during penetration tests

10. Information Gathering – OSINT Frameworks

Objective: Gain capabilities for OSINT gathering and correlation.

Key Topics:

• OSINT frameworks (Maltego, Shodan, Google Dorking)

11. Information Gathering – Techniques from the Internet

Objective: Gain capabilities for OSINT gathering and correlation.

Key Topics:

• Whois, DNS records, public archives

12. Network Scanning – Concepts & Techniques

Objective: Understand network scanning techniques and tactics.

Key Topics:

• Network scanning concepts

• Ping scan, port scan, stealth scan

13. Network Scanning – Nmap Fundamentals

Objective: Understand network scanning techniques and tactics.

Key Topics:

• Network scanning using Nmap

• TCP, UDP, and reverse scanning

14. Network Scanning – Advanced Nmap

Objective: Understand advanced network scanning techniques.

Key Topics:

• Scanning hosts behind firewalls

• Nmap scripting engine (NSE)

15. Network Enumeration – Concepts & DNS/SMTP

Objective: Gather detailed information through enumeration.

Key Topics:

• Enumeration concepts and methods

• DNS and SMTP enumeration

16. Network Enumeration – FTP, SMB, NFS & HTTP

Objective: Gather detailed service-level information.

Key Topics:

• FTP, SMB, NFS enumeration

• HTTP, SNMP, SSH enumeration

17. Vulnerability Scanning – Concepts & Tools

Objective: Understand vulnerability assessment processes.

Key Topics:

• Vulnerability assessment concepts

• Tools: Nessus, OpenVAS (introduction)

18. Vulnerability Scanning – Automated & Manual Assessment

Objective: Perform vulnerability assessments.

Key Topics:

• Automated scanning

• Manual scanning

• Basic vulnerability reporting

19. Vulnerability Exploitation – Concepts & Shells

Objective: Understand exploitation and security bypass.

Key Topics:

• Exploitation concepts

• Reverse shell and bind shell

20. Vulnerability Exploitation – Methods & Demonstration

Objective: Gain hands-on exploitation experience.

Key Topics:

• Exploitation methods and techniques

• Live exploitation demonstrations

21. File Transfer – Windows & Linux

Objective: Transfer files to target systems.

Key Topics:

• Windows file transfer (PowerShell, SMB)

• Linux file transfer (scp, wget, netcat)

22. Linux Privilege Escalation – Enumeration & Kernel Exploits

Objective: Escalate user privileges to root.

Key Topics:

• Privilege enumeration

• Kernel exploits

23. Linux Privilege Escalation – File Permissions & Applications

Objective: Escalate user privileges to root.

Key Topics:

• File permission exploits

• Application version exploits

24. Linux Privilege Escalation – Advanced Techniques

Objective: Escalate user privileges to root.

Key Topics:

• LD_PRELOAD

• Cron jobs, SUID/SGID, sudo misconfigurations

25. Windows Privilege Escalation – Enumeration & Services

Objective: Escalate user privileges to administrator.

Key Topics:

• Windows privilege enumeration

• Service exploits

• Unquoted service path

26. Windows Privilege Escalation – DLL, Startup & Scheduled Tasks

Objective: Escalate user privileges to administrator.

Key Topics:

• DLL hijacking

• Startup applications

• Scheduled tasks

27. Windows Privilege Escalation – SeImpersonate & Pivoting

Objective: Escalate privileges and pivot networks.

Key Topics:

• SeImpersonate privilege escalation

• Network pivoting using Metasploit

28. Web Application Penetration Testing – Intro & Information Gathering

Objective: Understand web pentesting fundamentals.

Key Topics:

• Web pentesting concepts

• Scoping

• Banner grabbing

• Subdomain enumeration

29. Web Application Penetration Testing – Discovery & Methodology

Objective: Discover web structures and vulnerabilities.

Key Topics:

• Directory busting

• Crawling and spidering

• Web pentesting methodology

30. Web Application Penetration Testing – Burp Suite Fundamentals

Objective: Gain hands-on experience with Burp Suite.

Key Topics:

• Proxy, Intruder, Repeater

• Extensions

• Burp Collaborator

31. Web Application Penetration Testing – SQL Injection

Objective: Understand and exploit SQL injection.

Key Topics:

• Error-based and blind SQL injection

• SQLMap

• Authentication bypass

32. Web Application Penetration Testing – OWASP Top 10 (Part 1)

Objective: Learn common web vulnerabilities.

Key Topics:

• OWASP Top 10 overview

• IDOR

• Broken access control

33. Web Application Penetration Testing – OWASP Top 10 (Part 2)

Objective: Learn advanced web vulnerabilities.

Key Topics:

• XSS (reflected, stored, DOM)

• CSRF

• Shell via XSS

34. Web Application Penetration Testing – File Upload & Shells

Objective: Exploit file upload vulnerabilities.

Key Topics:

• File upload bypass

• Reverse shells

• Web shells

35. Web Application Penetration Testing – Automated Tools

Objective: Perform automated web assessments.

Key Topics:

• Burp Suite Scanner

• Acunetix (introduction)

36. Vulnerable Machine Walkthroughs – Introduction & Methodology

Objective: Demonstrate full attack lifecycle.

Key Topics:

• Walkthrough methodology

• Enumeration to post-exploitation

37. Vulnerable Machine Walkthroughs – Walkthrough 1 & 2

Objective: Hands-on vulnerable machine practice.

38. Vulnerable Machine Walkthroughs – Walkthrough 3 & 4

Objective: Hands-on vulnerable machine practice.

39. Vulnerable Machine Walkthroughs – Walkthrough 5 & 6

Objective: Hands-on vulnerable machine practice.

40. Mobile Application Penetration Testing – High-Level Concepts

Objective: Understand mobile app pentesting basics.

Key Topics:

• Android vs iOS

• OWASP Mobile Top 10

41. Mobile Application Penetration Testing – Automated & Dynamic Tests

Objective: Understand mobile app testing methods.

Key Topics:

• MobSF

• Dynamic testing

42. Mobile Application Penetration Testing – Network Traffic Analysis

Objective: Analyze mobile app traffic.

Key Topics:

• Proxying mobile traffic

• Burp Suite for mobile

43. API Penetration Testing – Concepts & Tools

Objective: Understand API security testing.

Key Topics:

• REST and SOAP

• Postman, Swagger

44. API Penetration Testing – Sample Test Cases

Objective: Identify common API vulnerabilities.

Key Topics:

• Broken authentication

• Mass assignment

45. Wireless Penetration Testing – Concepts & Threats

Objective: Understand wireless security risks.

Key Topics:

• WEP, WPA, WPA2, WPA3

• Deauthentication attacks

46. Wireless Penetration Testing – Password Cracking & Evil Twin

Objective: Perform wireless attacks.

Key Topics:

• Aircrack-ng, Hashcat

• Evil Twin attack

47. Reporting – Concepts & Report Types

Objective: Learn professional report writing.

Key Topics:

• Reporting best practices

• Executive and technical reports

48. Reporting – Generation Tools & Management

Objective: Manage penetration testing reports.

Key Topics:

• Dradis

• Remediation tracking

49. Penetration Project Handling – Process & Challenges

Objective: Handle real-world penetration testing projects.

Key Topics:

• Planning, execution, post-engagement

• Real-world challenges

50. Penetration Project Handling – Documents & Improvement

Objective: Improve penetration testing practices.

Key Topics:

• SOW, NDA

• Continuous learning

Module Overview:

This course is designed to teach participants comprehensive understanding of the job tasks required as a SOC analyst. Participants also learn comprehensive understanding of a complete SOC workflow and Threat Hunting.

Topics Covered in Certificate Course in Cyber security Operation Center Analysis and Threat Hunting Module:

• Cyber Security Operations Management
• Understanding Cyber Threats, IoCs, and Attack Methodology
• Analyze and Management of Incidents, Events, and Logging
• Incident Detection with Security Information and Event Management (SIEM)
• Enhanced Incident Detection with Threat Intelligence
• Incident Response Management

After completing this module, you will be able to achieve these certifications

• (ISC)²: Certified Secure Incident Analyst (CSIS) - Develops skills crucial for SOC operations and threat hunting.
• GIAC: GIAC Security Essentials (GSEC) - Provides foundational knowledge for cybersecurity operations.
• SANS Institute: Security Information and Event Management (SEC551) - Focuses on utilizing security information and event management (SIEM) tools.
• GIAC: GIAC Security Leadership (GSLC) - Develops leadership skills for managing a security operations center (SOC).
• CompTIA: Security+ - Covers security operations center (SOC) concepts and technologies.

Module Overview:

Gain an understanding of digital forensics analysis by learning about forensic principles, evidence continuity and methodology to employ when conducting a digital forensic investigation.

This five-day course will provide you with a practical base understanding of the legalities, best practice and methodologies used in the current digital forensic investigation environment. The course content covers seizure, evidence handling and data preservation, through to investigation and interpretation, and finally the reporting and presentation of findings.

Topics Covered in Certificate Course in Digital Forensic Investigation Module:

• Introduction to Digital Forensics
• Investigation Guidelines and Process
• Identification & Seizure
• Understanding Electronic Data
• Physical and Logical Disks
• File Systems and Data Storage
• Dates, Times and Metadata
• Forensic Analysis Techniques
• Windows Artifacts
• Forensic Challenges
• Reporting
• Electronic data
• Investigating Windows artifacts
• Malicious Software
• Network Analysis
• Methods of Deception
• Introduction to memory analysis
• Partitions and core directories of Major Operating Systems
• Introduction to memory analysis
• Imaging using Linux tools and forensic distributions
• Reporting

After completing this module, you will be able to achieve these certifications

• GIAC: GIAC Computer Forensic Analyst (GCFA) - In-depth training for computer forensics analysis.
• SANS Institute: Forensic Technologies (FOR508) - Covers various digital forensics tools and techniques.
• International Association of Forensic Computer Examiners (IAFCe): Certified Forensic Computer Examiner (CFCE) - Industry-recognized certification for forensic examiners.
• EC-Council: Computer Hacking Forensic Investigator (CHFI) - Combines hacking knowledge with forensic investigation skills.
• Digital Forensics Certification Board (DFCB): Certified Computer Examiner (CCE)
• Validates skills for conducting computer examinations.
• AccessData: Certified Examiner for Computer Evidence (EnCE) - Focuses on utilizing AccessData forensic tools. (Note: Vendor-specific certification)
• Magnet Forensics: Certified Magnet Forensic Analyst (CMFA) - Teaches skills for using Magnet Forensics tools. (Note: Vendor-specific certification)