Computer security, the „Dark side“ view

In this module participants will learn more about essential security terms. That includes X-teaming (focusing on the blue/red/purple team) as well as the data protection concepts in all states (@rest, in-transit and in-use). Participants will also learn about zero-trust model and SDP (Software Defined Perimeter).

In this module, basic risk management concepts will be reviewed, and qualitative and quantitative risk management process will be explained. Importance of the Risk management in the business environment will be covered, as well as the options for organizations to deal with the risks they are exposed due to the cyber threats. Additionally, the threat modeling will be introduced as a concept, including the GRC (Governance, Risk Management and Compliance), security policies and audits.

Participants will learn about hacking methodology (reconnaissance, scanning, gaining access, maintaining access, covering tracks). Attack demonstrations will provide 360-degree perspective on the hacking process, showing the initial compromise through vulnerable application, and then using the compromised computer as a pivot to compromise the entire organization including the AD (Active Directory).

This module reviews the attacks conducted by professional penetration testers, including the penetration testing purpose and phases (they are slightly different from hacking phases, and yet, almost the same). Besides that, responsibilities of both the penetration testers and customers, including the risks that arise from conducting the penetration test, will be discussed. Anonymized penetration testing report will be shared with the delegates to provide an insight into the type of vulnerabilities that can be identified during the penetration testing projects.

Participants will learn about the basic networking concepts required for understanding of the network sniffing and MitM attacks. The OSI and TCP/IP models will be discussed, and how the data is moving from one computer to another. It will be then followed by the insight into MitM attacks and respective entry points, like ARP spoofing (IPv4). During the attack demonstration, Wireshark and Network miner will be used to analyze the traffic, while Bettercap tool will be used to create the MitM attacks including the attacks on HTTPS protocol.

Protocols, tools and techniques used for authentication and authorization on both, Windows and Linux, are in the focus of this module. Participants will learn how to create good passwords and how to crack the password using dictionary, brute force and pre-calculated hashes attacks. Authentication methods will be defined including the biometrics and dongle-based authentication. The structure of both, Windows and Linux password storing will be defined. During the attack demonstrations, participants will have an opportunity to learn how to reset domain administrator password, local Windows, and Linux passwords.

Participants will learn about web technologies mostly used today and HTTP protocol. Some of the web application attacks will be reviewed too, like SQL injection, XSS, parameter tampering and directory traversal. Attack demonstrations will be performed using the tools like Burp and Zap. This module is an introduction to “Web application (in)security” course.

Use of wireless connectivity is constantly increasing. However, networks are usually unsafe. This module covers Wi-Fi security concepts and options that are available to hack WEP, WPA, WPA2 and WPA3 protocols.

• Polaznicima pripada sertifikat o pohađanju kursa Computer security, the „Dark side“ view za ostvarenih minimalno 70% prisustva od ukupnog fonda časova