Course Information

Duration: 3-Day / 24 Hours

Who Should Attend: Cyber Security Attack / Defend Strategist (CSAD)is designed for anyone who have little or no understanding, knowledge of, or experience in Cyber Security and would like the opportunity to learn in a supportive and encouraging environment.

Course Objective

Cyber Security Attack / Defend Strategist (CSAD) is designed for anyone keen on acquiring advanced knowledge of, or experience in Cyber Security.

Pre-Requisite

It is preferred that participants successfully completed and receive a Certificate of Competency in Cyber Security Essentials (CSE) .

Examination

Participants are required to attempt an examination upon completion of course. This exam tests a candidate’s knowledge and skills related to Cyber Security Attack / Defend based on the syllabus covered.

Certification

Participants will be awarded a Certificate of Competency and recognized as a Cyber Security Attack / Defend Strategist (CSAD) upon meeting the requirements and passing the examination.

Module 1 Building a Hacking Lab

Participants will be introduced the latest advancement of Cyber Security Concepts. Participants will also acquire knowledge on how to install / setup Kali Linux (Attacker), Vulnerable Virtual Machines (Target), Cloud Computing and Virtualization concepts.

Topics Covered

• Introduction to Real-World Hacking
• Kali Linux VM Configuration
• Configure Vulnerable VMs
• Cloud VM vs Container

Module 2 Hiding Identity

In the process of hacking, it is an important to hide your identity or achieving anonymity. Anonymity will allow you to do things on the internet invisibly

Topics Covered

• ProxyChains
• VPN Services
• TOR Network

Module 3 Open-Source Intelligence

Acquire essential knowledge on how to perform opensource intelligence on enumerate sensitive information of Target to make the process of hacking look seamless.

Topics Covered

• OSINT
• Internet Archives / WHOIS / Netcraft
• Google Hacking Database & Shodan
• Network Scanning Methodology
• Identify Live Hosts & Port Scanning
• Enumerating Sensitive Information

Module 4 Password Cracking

In this module, participants will learn how to perform different types of password attacks, including cracking hashes and brut-force.

Topics Covered

• Attack Vector
• Password Cracking Tools
• Cracking the Hashes
• Sniffing Password

Module 5 Malware Threats

Participants will understand the different types of malware and how attackers are distributing malware using undetectable to security devices

Topics Covered

• Type of Malware
• Creating & Distributing Malware
• Art to Avoiding Detection

Module 6 Social Engineering Attack

Discover popularly techniques used to perform attacks like sniffing, MITM, spoofing and phishing using social engineering. This increases the ease of conducting a mass attack surface area.

Topics Covered

• MITM Description
• Sniffing & Spoofing Attack
• Phishing & Spear Phishing Attack
• Social Media Phishing
• Web Based Delivery

Module 7 Hacking Web Server & Database

Web Servers and Database technologies are widely used everywhere and most of them are vulnerable. In this module, participants will learn how to identify vulnerabilities and mitigation.

Topics Covered

• Basic WEB Technologies
• OWASP Top 10
• Hacking WEB Server
• SQL Injection Methodlogy
• SQL Injection Tools

Module 8 Wireless Hacking

Open and Free WIFI Access Points / Network are often used by hackers to spy on sensitive data of users. In this module, participants will gain an in-depth understanding on how to to securely use and configure wireless networks.

Topics Covered

• Wireless Basics
• WPA / WPA2 Attack
• Rogue Access Points

Module 9 Evading IDs, Firewalls and Honeypots

100% security is only a marketing strategies. Learn how hackers bypass security domains of targets. Participants will also learn how to harden / defend IT infrastructure through extensive practical / hands-on exercises.

Topics Covered

• IDS / IPS Configuration
• Honeypots
• Firewalls (Vendor-Centric vs Open Source)
• ACL – Access Control List