Curs Cybersecurity acreditat
  • Ore studiu: 72

  • Durata: 3 luni

  • Certificare: Ministerul Muncii

Programă curs Cybersecurity

1. Security Operations and Administration

Understand security concepts

  • Confidentiality

  • Privacy

  • Integrity

  • Availability

  • Accountability

  • Non-repudiation

  • Least privilege

  • Segregation of duties

Identify and implement security controls

  • Technical, physical controls, administrative control

  • Assessing compliance

  • Periodic audit and review

Document and maintain functional security controls

  • Deterrent controls

  • Preventative controls

  • Detective controls

  • Corrective controls

  • Compensating controls

Participate in asset management lifecycle

  • Process, planning, design and initiation

  • Development/acquisition

  • Inventory and licensing

  • Implementation/assessment

  • Operation/maintenance

  • Archiving and retention requirements

  • Disposal and destruction

Participate in change management lifecycle

  • Change management (roles, responsibilities, processes)

  • Security impact analysis

  • Configuration management

  • Collaborate with physical security operations

2. Access Controls

Implement and maintain authentication methods

  • Single/multi-factor authentication

  • SSO, ADFS, OpenID Connect

  • Device authentication

  • OAuth2, SAML

Support internetwork trust architectures

  • Trust relationships

  • Internet, intranet and extranet

  • Third-party connections

Participate in the identity management lifecycle

  • Authorization

  • Proofing

  • Provisioning/de-provisioning

  • Maintenance

  • Entitlement

  • Identity and access management

Understand and apply access controls

  • Mandatory

  • Discretionary

  • Role-based, rule-based

3. Risk Identification, Monitoring and Analysis

Understand the risk management process

  • Risk visibility and reporting

  • Risk management concepts and frameworks

  • Risk tolerance, risk treatment

  • Understand legal and regulatory concerns

Participate in security assessment and vulnerability management activities

  • Security testing

  • Risk review

  • Vulnerability management lifecycle

Operate and monitor security platforms

  • Source systems

  • Anomalies, intrusions, unauthorized changes, compliance monitoring

  • Log management

  • Event aggregation and correlation

Analyze monitoring results

  • Security baselines and anomalies

  • Visualizations, metrics, and trends

  • Event data analysis

  • Document and communicate findings

4. Incident Response and Recovery

Support incident lifecycle

  • Preparation

  • Detection, analysis and escalation

  • Containment

  • Eradication

  • Recovery

  • Lessons learned/Implementation of new countermeasure

Understand and support forensic investigations

  • Legal and ethical principles

  • Evidence handling

  • Reporting of analysis

Understand and support business continuity plan (BCP) and disaster recovery plan (DRP) activities

  • Emergency response plans and procedures

  • Interim or alternate processing strategies

  • Restoration planning

  • Backup and redundancy implementation

  • Testing and drills

5. Cryptography

Understand reasons and requirements for cryptography

  • Confidentiality

  • Integrity and authenticity

  • Data sensitivity

  • Regulatory and industry best practice

Apply cryptography concepts

  • Hashing

  • Salting

  • Symmetric/Asymmetric encryption/Elliptic curve cryptography (ECC)

  • Non-repudiation (digital signatures/certificates, HMAC, audit trails)

  • Strength of encryption algorithms and keys

  • Cryptographic attacks, cryptanalysis, and countermeasures

Understand and implement secure protocols

  • Services and protocols

  • Common use cases

  • Limitations and vulnerabilities

Understand and support public key infrastructure systems

  • Fundamental key management concepts (storage, rotation, composition, generation, destruction, exchange, revocation, escrow)

  • Web of Trust

6. Network and Communications Security

Understand and apply fundamental concepts of networking

  • OSI model, TCP/IP model

  • Network topologies

  • Network relationships (P2P, client-server)

  • Transmission media types (wired, wireless)

  • Software-defined networking

  • Commonly used ports and protocols

Understand network attacks (DDoS, MITM, DNS poisoning) and countermeasures

Manage network access controls

  • Network access controls, standards and protocols

  • Remote access operation and configuration

Manage network security

  • Logical and physical placement of network devices (inline, passive, virtual)

  • Segmentation (physical/logical, data/control plane, virtual local area network, access control list, firewall zones, micro-segmentation)

  • Secure device management

Operate and configure network-based security devices

  • Firewalls and proxies (filtering methods, web application firewall)

  • Intrusion detection systems (IDS) and intrusion prevention systems (IPS)

  • Routers and switches

  • Traffic-shaping devices

Secure wireless communications

  • Technologies (cellular network, Wi-Fi, Bluetooth, Near-Field Communication)

  • Authentication and encryption protocols (WEP, WPA, EAP)

  • Internet of Things (IoT)

7. Systems and Application Security

Identify and analyze malicious code and activity

  • Malware (rootkits, spyware, scareware, ransomware, trojans, virus, worms, trapdoors, backdoors, fileless)

  • Malicious activity countermeasures (user awareness, system hardening, patching, isolation, data loss prevention)

  • Malware countermeasures (scanners, antimalware, code signing)

  • Social engineering (phishing, impersonation)

  • Malicious activity (insider threat, data theft, DDoS, botnet, zero-day exploits, web-based attacks, advanced persistent threat)

  • Behaviour analytics (machine learning, Artificial Intelligence, data analytics)

Implement and operate endpoint device security

  • Host-based intrusion prevention system (HIPS)

  • Host-based firewalls

  • Application whitelisting

  • Endpoint encryption

  • Trusted Platform Module (TPM)

  • Secure browsing

  • Endpoint Detection and Response (EDR)

Administer Mobile Device Management (MDM)

  • Provisioning techniques (COPE, BYOD)

  • Containerization

  • Encryption

  • Mobile application management (MAM)

Operate and maintain secure virtual environments

  • Deployment models

  • Data storage, processing, and transmission

  • Service models (IaaS, PaaS, SaaS)

  • Third-party/outsourcing requirements

  • Virtualization

  • Legal and regulatory concerns

  • Shared responsibility model

Understand and configure cloud security

  • Hypervisor

  • Virtual appliances

  • Containers

  • Continuity and resilience

  • Attacks and countermeasures

  • Shared storage