Our cyber range training in Singapore is designed to equip participants with the necessary knowledge and skills to monitor intelligence-gathering and anticipate potential threats to an ICT system proactively through an intensive cyber range training. This SkillsFuture course in Singapore involves the hands-on pre-emptive analysis of potential perpetrators (blue team training), anomalous activities (red team training) and evidence-based knowledge and inferences on perpetrators’ motivations and tactics.

Target Audience:

• IT professionals who are responsible for or moving to cyber security related roles, e.g. Security Operations Analyst, Associate Security Analyst, Security Executive.

Pre-requisites:

• TCP/IP networking including but not limited to IP addressing, DNS, switching, routing, and NAT
• Windows and Linux, including but not limited to the use of command line interface for file and user management, and text editing (vim, nano).
• Firewall, IDS/IPS, VPN and other security devices

Course Duration:

• 5 Days ( 35 hours )

Course Content:

Module 1: Define & Identify Cybersecurity Risks, Threats and Challenges in an Organisation

• Network Security Best Practices & Risk Management
• Challenges: Assume Breach & Compromise
• Security Monitoring and Security Intelligence

Module 2: Conduct Assets Vulnerability Scans Using the PICERII (Preparation, Identification, Containment, Eradication, Recovery) Framework

• Asset Management
• Vulnerability Assessment
• PICERII Framework
• Security Threat Intelligence Sources & Exchanges

Module 3: Deploy HIDS/NIDS/SIEM and Troubleshoot Log Forwarding for Windows and Linux Assets

• IDS/IPS Systems
• SIEM: Alarms, Events, Logs & Tickets
• Event Processing Workflow
• Network Data, Logs Management & Elastic Stack

Module 4: Identify the Strategies to Response and Contain Common Attack Vectors

• Indicator of Compromise
• Behavior Analysis
• TTP (Tactics, Techniques & Procedures)
• MITRE ATT&CK Framework

Module 5: Conduct Continues Security Threats Monitoring

• Continuous Security Monitoring
• Correlation & Cross-Correlation
• Threat Hunting

Module 6: Conduct Network Forensics Investigation

• Cybersecurity First Responder & Forensic Investigation

Module 7: Run, Schedule and View Final Cybersecurity Incident Report

• Cybersecurity Incident Management

Module 8: Create Policies or Directives to Alarm on Critical Events in the Future and Transform Them into Organisation’s Asset

• Policy & Directive Management
• Standards Compliance (PCI DSS, etc.)
• Table-top & Cyber range Exercises

Course Customization Options

To request a customized training for this course, please contact us to arrange.

This 3-days course aims to introduce students to basic principles of packet networks analysis using Wireshark tool – the world’s most popular network analyzer. It covers in detail, all basics elements and features of Wireshark. The course starts with reviewing key concepts and formalisms of ISO OSI Reference Model (ITU-T X.200) to more efficiently troubleshoot network layer by layer, and TCP/IP protocol suite. The essential part of the training is dedicated to methods and aspects of packet capturing process and offline analysis of the captured traffic. The goal of the analysis is to identify and resolve problems related to certain services and protocols, verify communication between peers at each layer of the OSI model, as well as prevent problems before they occur. In-depth lectures are supported by a numerous examples and practical exercises based on sample capture files with traffic patterns from real-live networks. The course assumes participants have some background in modern computer networks.

Course Objectives:

• Acquire good understanding of basic terms and objects of the ISO OSI Reference Model and TCP/IP
• protocol suite, and ability to apply it to real world problem solving.
• Build a solid foundation in the key skills of packet network analysis and troubleshooting using Wireshark – a tool for packet capture and analysis.
• Understand the elements, main capabilities as well as limitations of Wireshark, in particular, capturing
• process, traffic filtering mechanisms (similarities and differences between capture and display filters),
• common and protocol-specific features.
• Identify root cause of common poor network performance problems.
• Analyze user-application functionality.

Target Audience:

Information technology students and specialists, customer service engineers, application support engineers,and network engineers who:

• need to learn essential packet network analysis and troubleshooting skills, including locating the cause of problems at any layer from physical to application layer, such us high-latency, packet loss, limited throughput,
• understand practical network analysis techniques.

Course Duration:

• 21 hours – 3 days

Course Content:

Day 1: Network analysis overview

• ISO OSI reference model. Protocols, services, applications.
• TCP/IP networksessentials. Protocols: Ethernet,ARP,IP,ICMP,DHCP,TCP,UDP,FTP,HTTP.
• Troubleshooting tools, methodologies.

Introduction to Wireshark

• What is Wireshark? Portable Wireshark. Resources.
• Wireshark GUI structure: Panes (Packet List, Details, Packet Bytes), Status Bar, … .
• Architecture and processing flow. What and why cannot be seen with Wireshark?
• Supported protocols. Dissectors.
• Preferences and configurations; global and profile specific.
• Time values.
• Lab exercises.

Day 2: Capture Traffic

• Things to consider before start.
• Promiscuous mode.
• Capture filters.
• Automatic stop criteria.
• Lab exercises.

Traffic analysis: tools and approaches

• Analysis checklist.
• Quantitative analysis. (a) Basic predefined descriptive statistics and summaries: Capture Properties, Protocol Hierarchy, Conversations, Endpoints, Packets Lengths, IPspecific. (b) Protocol specific analysis (e.g.: TCP Stream Graphs).
• Flow visualization.
• Filtering traffic: Display filters, following stream.
• Using features: nameresolution,colorization,marking,ignoring,commenting,usingtimereferences, time shifts, … .
• Accessing options through Right-Click functionality.
• Understanding Expert System.
• Interpretation (reference patterns), OS/driver Offload features impact.
• Saving results
• Lad exercises and case studies

Day 3 Traffic analysis: common issues in network performance assessment

• Cause of performance problems.
• Packet loss.
• Bandwidth issues. Layered approach to measurement.
• Latency: assessing end to end latency, visualization.
• Lab exercises.

Traffic analysis: protocols

• Application layer: HTTP, FTP.
• Transport Layer: TCP, UDP.
• (a) Packet loss and recovery. (b) Previous segment lost and Out-of-Order Segments events. (c) Duplicate TCP ACKs and Fast Retransmissions. (d) TCP Retransmissions. (e) TCP Zero Window, Window changes and other window problems.
• Network Layer: IPv4, fragmentation.
• Data-Link Layer: Ethernet II.
• Lab exercises and case studies (vulnerabilities in the IP and TCP protocols).

Course Customization Options

To request a customized training for this course, please contact us to arrange.

This course explains what a blockchain is, where it is currently in use and where it can be potentially used.

Learn the basics of blockchain technology to discover why businesses worldwide are adopting it. Your understanding of blockchain for business starts here.

Course Objectives:

• To thoroughly train the delegates on Blockchain Tech.

Pre-requisites:

• System having Ubuntu operating system for the development and demonstration of Blockchain use cases.

Target Audience:

• Technical & Functional

Course Duration:

• 35 hours – 5 days

Course Content:

Issues with a traditional system

History of Blockchain

• A flashback to the 1990s
• 1990s flashback
• From tribes to platforms
• Blockchain and trade
• The new firm, and the promise of Blockchain
• An example of the new firm
• Understanding an example of the new firm

Blockchain and Bitcoin fundamentals

• What is Blockchain?
• What is Bitcoin?
• The origin of Bitcoin and Blockchain
• Understanding the origin of Bitcoin
• UTXO
• What is the Ethereum network?
• Understanding the Ethereum Network
• The technology stack of Blockchain
• Understanding the tech stack
• How is the technology evolving?
• Understanding Blockchain tech evolution
• Alternative Blockchain like Ethereum, Hyper ledger, and Ripple

Why the Blockchain?

• How do we represent values?
• The internet of values
• Blockchain use cases

What is the Blockchain (and what it’s not)?

• Three layer model
• Blockchain design goals
• Blockchain implementations
• Blockchain key components

Key Characteristics how Blockchain Operate

Type of Blockchain you can work with

• What are the different available platforms
• Which is most feasible platform to work with

Types of Blockchain

• Permission less (Public)
• Permission (Private)
• Consortium

Hash Function

• Block hash
• Cryptohraphic hashing
• How block hashes works in Bitcoin

Bitcoin in details

• Key concepts of Bitcoin
• Birth of Bitcoin
• Bitcoin pricing
• Future of Bitcoin Mining
• Important dates in Bitcoin History

Mining

What is mining?

Types of Mining

• Solo Mining
• Pool Mining
• Cloud Mining
• Role of Bitcoin Miners
• What is the different mining algorithm

Types of Consensus Mechanism

• PoW
• PoS
• PBFT
• DPOS
• POA

Value of Blockchain

• Cryptography
• Digital Tokens
• Smart Contracts
• Birth of Smart Contracts
• DAO and DAC

Cryptography

• Symmetric
• Asymmetric
• Digital Signature

Limitation and Common Misconceptions

• Limitations and Misconceptions about Blockchain/Bitcoin

Forks

• Hard Fork
• Soft Fork
• Segregated Witness
• Hard Fork vs Soft Fork

Node

• Types of Nodes
• Task of Nodes

Blockchain Demo presentation

• Demo Ethereum Ecosystem
• Introduction
• What is Ethereum?
• A Short History Lesson
• Interfacing with Ethereum Networks
• Metamask Setup
• Ethereum Accounts
• Receiving Ether

Course Customization Options

To request a customized training for this course, please contact us to arrange.

This dynamic instructor led course covers all known aspects of Blockchain security that exist in the Blockchain environment today. This course provides a detailed overview of all Blockchain security issues, including threats, risk mitigation, node security integrity, confidentiality, best security practices, advanced Blockchain security and more.

Course Objectives:

Those who attend the Security for Blockchain Professionals course and pass the exam certification will have a demonstrated knowledge of:

• Identifying and differentiating between security threats and attacks on a Blockchain network.
• Blockchain security methods, best practices, risk mitigation, and more.
• All known (to date) cyber-attack vectors on the Blockchain.
• Performing Blockchain network security risk analysis.
• A complete understanding of Blockchain’s inherent security features and risks.
• An excellent knowledge of best security practices for Blockchain System/Network Administrators.
• Demonstrating appropriate Blockchain

Pre-requisites:

This course is highly technical. To prepare for the class student should know:

• Have a comprehensive understanding of Hyperledger, Ethereum, or Blockchain Architecture

Target Audience:

• Blockchain Architects
• Blockchain Developers
• Application Developers
• Blockchain System Administrators
• Network Security Architects
• Cyber Security Experts
• IT Professionals w/cyber security experience

Course Duration:

• 21 hours – 3 days

Course Content:

1. Fundamental Blockchain Security

• Cryptography for the Blockchain
• A Brief Introduction to Blockchain
• Blockchain Security Assumptions
• Limitations of Basic Blockchain Security

2. Consensus in the Blockchain

• Blockchain Consensus and Byzantine Generals
• Introduction to Blockchain Consensus Security o Proof of Work
• Proof of Stake
• Other Blockchain Consensus Algorithms

3. Advanced Blockchain Security Mechanisms

• Architectural Security Measures
• Permissioned Blockchains
• Checkpointing
• Advanced Cryptographic Solutions o Multiparty Signatures
• Zero-Knowledge Proofs
• Stealth Addresses
• Ring Signatures
• Confidential Transactions

4. Smart Contract Security

• Introduction to Smart Contracts
• Smart Contract Security Considerations
• Smart Contract Code Auditing

5. Blockchain Risk Assessment

• Blockchain Risk Considerations
• Regulatory Requirements
• Blockchain Architectural Design

6. Basic Blockchain Security

• User Security
• Node Security
• Network Security

7. Blockchain for Business

• Introduction to Ethereum Security
• Introduction to Hyperledger Security
• Introduction to Corda Security

8. Securely Implementing Business Blockchains

• Business Operations
• Data Management
• Infrastructure
• Legal and Regulatory Compliance

9. Network-Level Vulnerabilities and Attacks

• 51% Attacks
• Denial of Service Attacks
• Eclipse Attacks
• Replay Attacks
• Routing Attacks
• Sybil Attacks

10. System-Level Vulnerabilities and Attacks

• The Bitcoin Hack
• The Verge Hack
• The EOS Vulnerability
• The Lisk Vulnerability

11. Smart Contract Vulnerabilities and Attacks

• Reentrancy
• Access Control
• Arithmetic
• Unchecked Return Values
• Denial of Service
• Bad Randomness
• Race Conditions
• Timestamp Dependence
• Short Addresses

12. Security of Alternative DLT Architectures

• Introduction to DAG-Based DLTs
• Advantages of DAG-Based DLTs
• Limitations of DAG-Based DLTs

Course Customization Options

To request a customized training for this course, please contact us to arrange.

This Blockchain Architecture training is for technical leaders who need to make decisions about architecture, environment, and development platforms.

Course Objectives:

• What is Blockchain
• How does Blockchain work
• Types of Blockchains
• How is Blockchain different from what we have today
• What are the cases for Blockchain
• What does a Blockchain app look like
• How do I design a Blockchain app
• How do I develop a Blockchain app
• How do I test a Blockchain app

Pre-requisites:

• Basic understanding of Blockchain implementation knowledge and experience.

Target Audience:

• This course is designed for technical business executives who are tasked with making business decisions about leveraging Blockchain technology in their businesses.

Course Duration:

• 21 hours – 3 days

Course Content:

Module 1: What is Blockchain 

• Blockchain Basic Principles
• Centralized and Decentralized Ledgers
• Mechanics of Blockchain
• What is a Block?
• How are Blocks Chained Together?

Module 2: How Does Blockchain Work 

• Benefits and Drawbacks of Blockchain
• Cryptography
• Public Key Cryptography
• Cryptographic Hashing
• Blockchain Consensus
• Proof of Work Consensus
• Proof of Stake Consensus
• Other Consensus Mechanisms Explained
• Lifecycle of a Public Blockchain Transaction

Module 3: Types of Blockchains 

• Public vs Private Blockchains
• Open vs Closed Blockchains
• Open Source Blockchain Projects
• Blockchain Smart Contracts
• Tokens and Coins
• Using Gas in Ethereum
• “Blockless” Solution Platforms

Module 4: How is Blockchain Different than what we have Today 

• Types of Networks
• Centralized Networks
• Distributed Networks
• Decentralized Networks
• Software vs Firmware
• Blockchain vs Database

Module 5: What does a Blockchain Application Look Like

• Blockchain Application Architecture
• Integrated Development Environment (IDE)
• User Interaction Layer
• Middle/Interface Layer
• Smart Contracts/Chaincode

Module 6: How do I design a BlockChain Application? 

• Guiding Design Principles
• Personas (User Types)
• User Stories (Application Interaction)
• Application Functional Requirements
• Application Technical Requirements
• Design Tasks
• Fundamental Design Questions

Module 7: How do I develop a Blockchain Application? 

• Fundamental Design Concepts
• Calling External Contracts
• Error Handling
• Pull vs Push Payments On-Chain Data
• Local Testing Recommendations
• Not Using Agile Development Process
• Technology Design Decisions
• Monolithic vs Modular
• Complexity Models

Module 8: How do I test a Blockchain Application? 

• Blockchain Testing Approaches
• Unit Testing
• Developer Level Testing
• Configuration & Environment Testing
• Load/Performance Testing
• Volume/Stress Testing
• Regression Testing
• Application Bug Classifications
• User Load Testing
• Key Blockchain Architecture Testing Questions

Module 9: Use Cases for BlockChain 

• Real world implementations of Blockchain
• Summary and Closing Remarks

Course Customization Options

To request a customized training for this course, please contact us to arrange.

Certified Penetration Tester is 5 days hands-on training and certification programme that enables the participants to handle the vulnerability assessment and penetration test for their customers. Personnel with skills in Penetration Testing will be able to assess identified networks and systems to find security vulnerabilities in line with industry best practices. They will be able to apply both technical and business techniques to conduct a penetration test, document vulnerabilities and produce comprehensive reports with recommended solutions.

Course Objectives:

• To understand different attacks used by hackers
• To learn how to conduct a vulnerability assessment on the network and systems
• To learn ways to harden the network and systems thus securing the corporate network and systems
• To prepare and submit Vulnerability Assessment & Pentest Reports

Pre-requisites:

• Should possess an understanding of operating systems.

Target Audience:

• Security Penetration Tester

Course Duration:

• 35 hours – 5 days

Course Content:

• Introduction to Vulnerability Assessment & Penetration Testing
• Information Intelligence Techniques
• Scanning & Vulnerability Assessment
• Cracking & Social Engineering
• Exploitation & Pentest
• PowerShell Exploitation
• Web Pentest
• Wireless Pentest

Course Customization Options

To request a customized training for this course, please contact us to arrange.

This course introduces the students the latest ethical hacking tools, this course provides a variety of hands-on practice penetration testing as well as ethical hacking skills to determine vulnerable environments and improve the security.

Course Objectives:

• Upon successful completion of the course you will officially become a Security Professional, which is among the most respected and sought-after designation within the information security space.

Pre-requisites:

• Basic knowledge of Linux is a plus

Target Audience:

• Cyber Security enthusiasts
• Managers who want to understand information security
• Operations personnel who do not have security as their primary job function but need an understanding of security to be effective
• IT engineers and supervisors
• System Administrators
• Forensic analysts, penetration testers, and auditors
• Anyone new to information security with some background in information systems and networking.

Course Duration:

• 21 hours – 3 days

Course Content:

Day 1

• Information Gathering using Kali
• Internet based Information Gathering
• Active Information Gathering
• Passive Information Gathering
• Buffer Overflows
• Vulnerability Scanning
• Buffer Overflow Exploit
• Other Exploits
• Hands on Lab

Day 2

• Vulnerability Scanning
• Privilege Escalation
• Client-Side Attacks
• Web App Attacks
• Port Tunnelling
• Authorization Testing
• Authentication Testing
• Hands on Lab

Day3

• Metasploit Framework
• Evade Antivirus
• Attacks
• File transfers and its vulnerabilities
• Server-Side exploits
• Hands on Lab

Course Customization Options

To request a customized training for this course, please contact us to arrange.

This Public Key Infrastructure – Implement and Manage course helps any individual to gain knowledge in managing robust PKI and having better understanding of topics surrounding public key infrastructure. Moreover, the PKI course is a preparation for the increasingly critical component – which ensures confidentiality, integrity, and authentication in an enterprise. Our PKI course provides the knowledge and skills necessary to select, design and deploy PKI, to secure existing and future applications within your organization. It also gives a deeper look into the foundations of cryptography and the working principles of the algorithms being used.

Throughout the whole course, participants will gain in-depth knowledge on the following topics:

• Legal aspects of a PKI
• Elements of a PKI
• PKI management
• Trust in a digital world
• Digital signature implementation
• Trust models
• Smart Cards
• NDES, CEP/CES
• SSL
• OCSP

After completing the PKI course, every individual will be able to successfully design, setup, deploy, Troubleshoot and manage a public key infrastructure (PKI). This is a 5-day course is considered essential for anyone who needs to understand Public Key Infrastructure (PKI) and the issues surrounding its implementation. It covers the issues and technologies involved in PKI in-depth and gives hands-on practical experience of setting up and maintaining a variety of PKI solutions. Detailed knowledge of issues surrounding PKI helps to put recent attacks which have appeared in the news headlines into context and enable valid decisions to be made about their relevance to your organization.

Course Objectives:

• To introduce the student to the theoretical aspects of the foundations and benefits of Public Key Infrastructure (PKI), including different types of encryption, digital signatures, digital certificates and Certificate Authorities.
• To give students hands on experience of implementing and using PKI solutions with a variety of applications.
• To give students an understanding of the concepts of evaluating and selecting PKI technologies

Pre-requisites:

• An Ideal candidate must have basic knowledge of Windows Servers and Networking
• For practical revision, students require windows server 2012 R2 machines???

Target Audience:

• This course is recommended for anyone using, managing, deploying or designing PKI solutions with ADCS components.
  

Course Duration:

• 35 hours – 5 days

Course Content:

Introduction to PKI 

• Basic Security Concepts
• Public Key Infrastructure Defined
• Digital Certificates and Signatures
• Smart Cards
• PKI Standards
• Basic cryptography
• Uses of Cryptography
• History of Cryptography including early methods
• Symmetric and Asymmetric Encryption plus Algorithms
• Diffie-Hellman Key Generation
• Hashing for Integrity plus Algorithms
• Cryptographic Functions
• Hashing
• Cryptographic Keys
• Key Types
• Key Lengths

Practical uses for encryption and associated issues 

Signed and Encrypted Email using S/MIME and PGP Secure connections to websites Digitally signing PDFs Encrypting files Encrypting hard drives Encrypting “containers” SSL, VPN and Wireless PKI and Cloud Computing Attacks on Encryption Certificate Authorities Public v Private CAs Regulations governing CAs CA Certificate Policies Types of Certificates Provided CA Hierarchies Certificate Authority Operations Certificate expiration Certificate revocation

Certificate Revocation Lists (CRL) 

• Base and Delta CRL Overview
• CRL Overlap
• Design Principles

Online Certificate Status Protocol (OCSP) 

• Key recovery
• Installing a CA and issuing certificates

Smart Card Logon 

• Smart Card Concept
• Working and Logon Process in Detail

SSL in Detail 

• Working of SSL using Network Traces
• Troubleshooting of SSL issues
• Discuss some common error codes

Certificates & Certificate Stores 

• Digital Certificates
• Keypairs
• Windows Certificate Stores

Lab : Deploy a 2-tier PKI 

• Certificate Validation
• Chain Building
• Revocation checking
• Troubleshooting Tools and Techniques

Lab : Online Certificate Status Protocol 

• Overview
• OCSP Process
• Limitations
• Design Configurations
• Weaknesses

Enterprise Templates

• Overview
• Template Schema Versions
• Template Properties
• Template Configuration Versioning

Certificate Enrollment Types 

• Enrollment Overview
• Certificate Authority Web Enrollment (CAWE)
• Cross Forest Enrollment

Automated Certificate Enrollment 

• Certificate Autoenrollment Overview
• Group Policy Settings
• Autoenrollment Processes
• Troubleshooting

Certificate Enrollment Web Services (CES/CEP) and NDES (SCEP) 

• Overview
• Infrastructure Requirements
• Installation & Configuration
• Top 5 Deployment Issues
• Top 10 Risks
• Whats new in 2019 or 2020 or 2016 ???
• Summary of Public Key Infrastructure
• Troubleshooting
• Common ADCS Mistakes
• ADCS Known Issues
• Troubleshooting CA Issues
• ADCS Debug Logs
• ADCS Configuration
• Certutil
• Hands on with OpenSSL
• Summary and Closing

Course Customization Options

To request a customized training for this course, please contact us to arrange.

This training course is designed to learn from the basics of Python programming to the specific skills and tools needed to manage network devices en masse using programming and reduces implementation time for software-based technologies in a Cisco enterprise.

Python programming to the specific skills and tools needed to manage network devices using programming with hands – on training. Reducing implementation time for software-based technologies in a Cisco.

Course Objectives:

• Automate configuration of multiple Cisco devices.
• Use the following DevOps / learning tools to enable efficient use of APIs and data models and effectively create Python scripts:

• • Postman
  • IDEs for both Windows and Linux
  • Notepad++
  • Sublime
  • PyCharm
  • Microsoft Visual Studio
  • Anaconda
  • Linux VI Editor
  • Lint tools for XML and JSON
  • Visore for Cisco Data Center
  • PI Inspector for Cisco ACI
  • YANG Validator

• Python scripts
• APIs and data models
• Use the following APIs to automate configuration and management of Cisco networking devices:
• Paramiko

• • REST
  • XML
  • JSON
  • NETCONF
  • RESTCONF

• Use the YANG and MIT data models

Pre-requisites:

• Basic understanding of Python
• Knowledge on Cisco networking device, ACI

Target Audience:

• Cisco Engineers

Course Duration:

• 35 hours – 5 days

Course Content:

• Fundamental Python Programming
• Python data structure
• Using Python to read from and write to a file
• Python loops and conditional code
• GitHub
• Programming Python Functions
• Python Libraries, Packages, and Modules
• Integrated Development Environments
• Python code analysis and error handling
• Cisco-supported APIs and automation protocols
• Cisco IOS XE RESTCONF API
• Cisco IOS XE NETCONF API
• Cisco ASA REST API
• Cisco IOS XR NETCONF API
• Cisco Nexus NX-OS APIs
• YANG data model
• Cisco Application Centric Infrastructure
• Cisco ACI whitelists Extracting XML and JSON from the Cisco ACI
• Modifying the ACI policy with Postman and Python
• The Cisco ACI Visore tool
• Cisco UCS topology
• Configuring UCS with Python

Labs 

• Practice the effects of fundamental Python commands
• Program Python data structure
• Create Python scripts to interact with files
• Write scripts to demonstrate Python loops and conditional code
• Create a Python script
• Share files using Git and GitHub
• Write Python Functions
• Write Python code of Modules and Packages
• Implement Python code in IDEs
• Debug and test Python code
• Create, execute, and validate a Python script with an IDE
• Explore and validate automation protocols
• Perform a configuration change on an IOS XE device with the RESTCONF API
• Perform a configuration change on an IOS XE device with the NETCONF API
• Perform a configuration change on an ASA device with the REST API
• Perform a configuration change on an IOS XR device with the NETCONF API
• Perform a configuration change on a Nexus NX-OS device using APIs
• Troubleshoot existing Python scripts with an IDE
• Analyze YANG files with the online YANG validator tool
• Perform an ACI fabric discovery
• Manually configure a Cisco ACI whitelist
• Extract XML and JSON from the Cisco ACI
• Utilize the API inspector and Postman to create Python scripts
• Use the Cisco ACI Visore tool
• Create a Python script to modify an ACI fabric
• Manually configure Cisco UCS
• Configure UCS with Python
• Create a Python script to modify a UCS configuration

Course Customization Options

To request a customized training for this course, please contact us to arrange.

Nowadays the web applications are playing an important role in our IT world, that’s why securing the web applications and its environment in now more important than ever, the course helps students to understand the technologies that are being used under the different services and systems so that they are able to make informed decisions when choosing a cloud vendor. The course also covers the different types of cloud products, their working, their benefits and the migration process to the cloud. The Web Application security course enables the students to establish industry acceptable auditing standards with current best practices and policies specifically for the web applications and cloud environment. The students can learn, implement and penetration test the concepts taught in this course in real-world scenarios.

Course Objectives:

• Understand and identify possible exploits in live web applications •Identify and secure vulnerabilities
• Different penetration testing methods
• Identify OWASP top 10 vulnerabilities
• Working with Virtualization for testing environments
• Using all the knowledge to protect your web application

Pre-requisites:

This course assumes that you have a basic understanding of technology and Information technology having some basic knowledge of computer networks could be helpful for some of the modules in the course.

Target Audience:

• Web Developers
• IT Managers who willing to understand web security in an advance manner.
• Security professionals who want to fill the gaps in their information Security knowledge
• IT engineers who want to build secure network against the attacks
• Network Administrators

Course Duration:

• 35 hours – 5 days

Course Content:

Module 1: 

• Overview of web technologies
• Web application architecture
• Attack trends
• Authentication vulnerabilities
• Authorization vulnerabilities

 Module 2: 

• SSL vulnerabilities and testing
• Session vulnerabilities
• Cross-site request forgery
• Input-related flaws
• SQL injection

Module 3: 

• Cross-site scripting
• Web services config security
• Vulnerability detection in web application
• Incident handling

Module 4: 

• XML security
• AJAX technologies
• AJAX common attacks
• Invalid redirect and forwards
• Insecure direct object references
• Closing and Remarks

Course Customization Options

To request a customized training for this course, please contact us to arrange.