This module provides some instruction on the writing of code, but is primarily focused on how the code works. Fundamentals of coding and memory handling are included. Some security implications of these low-level memory operations are discussed.
This is the third module in the Cyber Intelligence: Analyzing Cyber Adversaries and Threats course. The purpose of this module is to introduce students to the emerging discipline of cyber intelligence that uses the intelligence cycle to conduct analysis and support decision making.
This is the second module in the Cyber Intelligence: Analyzing Cyber Adversaries and Threats course. The purpose of this module is to introduce students to the emerging discipline of cyber intelligence. The material is approached from the perspective of what are examples of sophisticated cyber threats and how are they driving businesses to consider an intelligence-driven approach to cyber security called cyber intelligence.
This module focuses on cybersecurity concepts and principles. It lays the knowledge foundation for students who don’t have much experience in the subject matter. It aims to provide an overview of major factors that have distinct impacts on cybersecurity, including software, hardware, network, and people. As a high-level introduction, this module prepares students for hands-on work that illustrates the applications of malicious software and techniques (e.g., Keylogger), as well as defense (e.g., encryption).
The goal of this course is to provide high school students and educators an introduction to the technological aspects of cyber security with hands on practice. This foundational course covers the following category of topics: legal and ethical issues; foundational knowledge required for cybersecurity and for hands on practice including: using the Linux command line, basics of computer networking and basics of web technology; steps in hacking including reconnaissance and exploits; cryptography; secure design of systems, and hardening operating systems.
This module on digital forensics will familiarize you with forensics terminology and approaches, along with hands-on experience with a variety of forensic tools used by investigators to conduct incident response, find evidence of criminal behavior, and examine the effects of malware infection. The module will focus on Windows forensics and will use a Linux-based forensic workstation for hands-on analysis. Tools for conducting forensic examinations using a Windows system will also be introduced.
This is the first module in the Cyber-Physical Industry course; however, it can be taught as a standalone module. The purpose of this module is to introduce students to concepts associated with system assets and system operations in industrial control systems.
This exercise provides hands-on experience applying concepts learned during Lesson 2: Windows Filesystem and Browser Forensics in the Digital Forensics Module. Students will use tools on the SANS SIFT Workstation Linux distribution to examine partial Windows file system images and find browser and recycle bin artifacts.
This Intermediate level, real world lab exercise has students log into a worm-infected CentOS Linux server (ssh terminal only) and follow prescribed steps to secure, clean up and lock down the infected server. Students will use utilities such as chkconfig, service, ps, and kill to examine running services and shut down potentially malicious ones; netstat and nmap to identify rogue network services; iptables to properly configure the firewall; and, package management software such as rpm and yum to verify and repair system packages.
This introductory lab has students scanning a small network subnet using nmap to identify live hosts and open ports. Targets include three virtual machines: a web server, a vulnerable Samba server, and an FTP server, as well as other open network ports. It teaches Linux utilities for reconnaissance and scanning such as whois, ifconfig, and nmap with various command-line switches.