ＨｉｄｅＺｅｒｏＯｎｅ

Digital Forensics is defined as the process of preservation, identification, extraction, and documentation of computer evidence which can be used by the court of law. It is a science of finding evidence from digital media like a computer, mobile phone, server, or network. A digital forensic analyst exploits digital evidence and investigates computer security incidents to derive useful information in support of system/network vulnerability mitigation.

Syllabus

Setting up a Forensic Workstation

Enumerating the Network Infrastructure as a Forensics Analyst

Specialized Testing: Sessions and Tokens

Web App Pen Testing: MappingSpecialized Testing: XSS

Specialized Testing: SQL InjectionSpecialized Testing: CSRF

Specialized Testing: DeserializationSpecialized Testing: API Testing

Pluralsight – Web App Pen Testing

This series provides the foundational knowledge needed to ethically and effectively discover and exploit vulnerabilities in systems by assuming both the mindset and toolset of an attacker. Through learning how systems are attacked you will gain an understanding of how best to protect systems and improve your organization’s security

Syllabus

Understanding Ethical Hacking

Reconnaissance/Footprinting

Scanning Networks

Enumeration

Vulnerability Analysis

Pluralsight: Ethical Hacking Fundamentals

You’ve heard this story before. Bad actor walks into a network and pillages the place in swift action. CIO asks: “Where did we go wrong?” SysAdmin replies “our password, remote access, workstation restriction, and lack of application safelisting policies. Oh, and our SIEM didn’t notify us. We just weren’t ready for that attack.”

In a significant change from the original course, students will be introduced to Microsoft Azure and Sentinel. Each student will be responsible for deploying a cloud lab that includes an Active Directory domain, a C2 server, and integration with AZ Sentinel’s detection platform. All of this will be taught through a proven framework for purple team operations that results in better business outcomes.

Each student will then pollute the AD domain with garbage using BadBlood and wreak havoc on the environment through an updated iteration of the following labs:

• Organizational reconnaissance
• Bloodhound, Sharphound and Neo4j
• Plumhound
• Group policy preferences
• Command and control operations
• Canary accounts for detecting password sprays and Kerberoasting
• File share poisoning via URL and LNK files
• Pass the hash attacks
• DCSync operations
• Password cracking with John the Ripper
• Kerberoasting attacks
• Atomic Red Team

Applied Purple Teaming w/ Kent Ickler and Jordan Drysdale

The next generation of security leadership must bridge the gap between security staff and senior leadership by strategically planning how to build and run effective security programs. Yet, creating a security strategy, executing a plan that includes sound policy coupled with top-notch leadership is hard for IT and security professionals because we spend so much time responding and reacting. We almost never do strategic planning until we get promoted to a senior position, and then we are not equipped with the skills we need to run with the pack. This information security course will provide you with the tools to build a cybersecurity strategic plan, an entire IT security policy, and lead your teams in the execution of your plan and policy. By the end of class you will have prepared an executive presentation, read 3 business case studies, responded to issues faced by 4 fictional companies, analyzed 15 case scenarios, and responded to 15 Cyber42 events.

Syllabus

MGT514.1: Strategic Planning Foundations
MGT514.2: Strategic Roadmap Development
MGT514.3: Security Policy Development and Assessment
MGT514.4: Leadership and Management Competencies
MGT514.5: Strategic Planning Workshop

MGT514: Security Strategic Planning, Policy, and Leadership