Difference between revisions of "Cybersecurity Resilience Workshop -Track 1: Securing institutional e-mail, websites and identity systems"

From KENET Training
Jump to: navigation, search
(Created page with "{| class="wikitable" style="width:100%;" |+ Track 1: Identity & Services Roadmap ! Time !! Day 1 (Foundation) !! Day 2 (Email) !! Day 3 (Identity) !! Day 4 (Roaming) !! Day 5...")
 
 
(75 intermediate revisions by the same user not shown)
Line 1: Line 1:
 +
KENET is pleased to invite you to the Cybersecurity Resilience Workshop - Track 1. This track focuses on fortifying the institutional digital perimeter by mastering the core protocols of DNS, Email, and Identity. Participants will transition from managing local services to building a "Circle of Trust" through the deployment of DNSSEC, DMARC/SPF/DKIM email protections, and eduroam infrastructure. The training will be held from February 23rd to February 27th, 2026, at the Abai Lodges and Spa in Kirinyaga.
 +
 +
 +
 +
The training will be held from February 23rd to February 27th, 2026
 +
 +
=Objective=
 +
 +
By the end of the program, attendees will be able to architect a full-lifecycle Identity Management (IdM) system, configure an Identity Provider (IdP) for global federation, and ensure all services meet international compliance and security standards. The ultimate objective is to provide seamless, secure access to resources while protecting the institution's brand and data integrity from modern cyber threats.
 +
 +
=Who Should Attend?=
 +
 +
This course is designed for Cybersecurity specialists, Systems administrators and webmasters.
 +
 +
=Prerequisites=
 +
 +
1. Laptop for the sessions with Wi-Fi capability
 +
2. Intermediate to expert knowledge of Linux and the command line operations.
 +
 +
=Course content=
 +
'''Note''': All lab manuals and slides can be found in the [Workshop Resource Folder] at the bottom of this page.
 +
 +
 +
 +
==Trainers==
 +
 +
{| class="wikitable sortable" style="width:75%;"
 +
|+ '''List of Training Team Members'''
 +
! Full Name
 +
! Initials (Inst.)
 +
! Role
 +
! Organization
 +
|-
 +
 +
| Nyanjau Kimani
 +
| NK
 +
| Program Manager
 +
| KENET
 +
|-
 +
| Alfred Kipruto
 +
| AKip
 +
| Quality Assurance
 +
| KENET
 +
|-
 +
| Zeinab Mzungu
 +
| ZM
 +
| Logistics & Support
 +
| KENET
 +
|-
 +
| Caroline Gachuhi
 +
| CG
 +
| Registration & Support
 +
| KENET
 +
|-
 +
| Amos Koech
 +
| AKoech
 +
| Trainer
 +
| KENET
 +
|-
 +
| Anne Inapat
 +
| AI
 +
| Trainer
 +
| KENET
 +
|-
 +
| Anthony Kimani
 +
| AK
 +
| Trainer
 +
| KENET
 +
|-
 +
| Kevin Chege
 +
| KC
 +
| Trainer/Labs
 +
| ISOC
 +
|-
 +
| Kelvin Kariuki
 +
| KK
 +
| Trainer
 +
| MMU
 +
|-
 +
| Lilian Maina
 +
| LM
 +
| Trainer
 +
| KENET
 +
|-
 +
| Samuel Macharia
 +
| SK
 +
| Trainer
 +
| KENET
 +
|}
 +
 +
==Participants==
 +
 +
 +
==TimeTable==
 
{| class="wikitable" style="width:100%;"
 
{| class="wikitable" style="width:100%;"
|+ Track 1: Identity & Services Roadmap
+
|+ Master Schedule: Track 1: Securing Institutional Emails, Websites and Identity Systems
! Time !! Day 1 (Foundation) !! Day 2 (Email) !! Day 3 (Identity) !! Day 4 (Roaming) !! Day 5 (Ops)
+
! Time !! Day 1 (Joint) !! Day 2 () !! Day 3 () !! Day 4 () !! Day 5 ()
 +
|-
 +
| **07:00** || **Welcome and registrations** || colspan="4" style="background:#eee; text-align:center;" | ''Sessions start at 08:00''
 +
|-
 +
| **08:00** || **Introductions & Objectives (JOINT)** (AKip) || style="background:#f9f9f9;" | '''Recap''' || style="background:#f9f9f9;" | '''Recap''' || style="background:#f9f9f9;" | '''Recap''' || style="background:#f9f9f9;" | '''Recap'''
 
|-
 
|-
| **07:00** || **Welcome & Registration** || -- || -- || -- || --
+
| **08:20** || **Housekeeping (JOINT)** (ZM/Akip) || **Module 13:** Intro to Identity and Access Management (IAM) in Education (AK) || **Module 3:** Email Security Basics (KK) || *Module 9:** Installing and Configuring an Identity Provider (AK) || **Module 17:** Future of Identity and Trust in Education(AK)
 
|-
 
|-
| **08:00** || **Pax Intro & Objectives** || **Mod 3:** Email Security Basics || **Mod 13:** Identity Management || **Mod 7:** Intro to eduroam || **Mod 10:** Fed. Member & Testing
+
| **08:35** || style="background:#f0f0f0;" | (08:35 - 09:00 Joint Session) || style="background:#f0f0f0;" | (Contd) || style="background:#f0f0f0;" | (Contd) || style="background:#f0f0f0;" | (Contd) || style="background:#f0f0f0;" | (Contd)
 
|-
 
|-
| **08:20** || **Housekeeping** || (Cont.) || (Cont.) || (Cont.) || (Cont.)
+
| **09:00** || **ICANN Grant Funded Training Project - an overview (JOINT)** (AKip/NK/BO)
 +
[https://training.kenet.or.ke/images/d/d5/KENET_Program_Overview_ICANN_BO.pdf [1]] [https://training.kenet.or.ke/images/b/b8/ICANN_KENET_Grant_-_Project_Overview_2026.pdf [1.2]]
 +
|| **Module 14:** Authentication and Authorization Protocols (AK) || **Module 4:** Securing Email (DKIM, SPF, DMARC) (Akoech/KK) || (Contd) || **Module 12: ** Best Practices for eduroam, and IdP** (AI/AK)  
 
|-
 
|-
| **09:00** || **Project Overview** || **Mod 4:** Email Sec (TLS/SSL) || **Mod 14:** AuthN & AuthZ Protocols || **Mod 8:** eduroam Infrastructure || **Mod 11:** Monitor & Troubleshoot
+
| style="background:#eef;" | **10:00** || colspan="5" style="background:#eef; text-align:center;" | '''Tea break (10:00 – 10:30)'''
 
|-
 
|-
| **10:00** || **Tea Break** || **Tea Break** || **Tea Break** || **Tea Break** || **Tea Break**
+
| **10:30** || **Lab Environment & Topology Walkthrough (Lab Support)** (KC)  || **Module 15:** Federated Identity & Trust (AK)  || (Contd) || (Contd) || Assessment -section 1 MCQs** (ZM)
 
|-
 
|-
| **11:00** || **Mod 1:** Intro to DNS || **Mod 5:** Adv. Email Security || **Mod 15:** Federated Identity || **Mod 9:** Setting up an IdP || **Mod 12:** Server Hardening
+
| **11:30** || **Module 1 on Intro to IP addressing and Routing (JOINT)** (KK) || **Module 14:** LDAP Identity Management Lab (AK) || **Module 6:** Best Practices for Securing Managed Email Services (KK) || (Contd) || Assessment -section 2 - LAB
 
|-
 
|-
| **13:00** || **Lunch Break** || **Lunch Break** || **Lunch Break** || **Lunch Break** || **Lunch Break**
+
| **12:30** || **Module 1: DNS and its roles (JOINT)** (Akoech) || (Contd) || (Contd) || (Contd) || (Contd)
 
|-
 
|-
| **14:00** || **Mod 2:** DNS Security || **Mod 6:** DNS/Email Best Practice || **Mod 17:** Future of Identity || **Mod 9:** IdP Setup (Cont.) || **Mod 16:** Compliance & GDPR
+
| style="background:#efe;" | **13:00** || colspan="1" style="background:#efe; text-align:center;" | '''Lunch break - Break into respective rooms after lunch''' || colspan="4" style="background:#efe; text-align:center;" | '''Lunch break'''
 
|-
 
|-
| **16:00** || **Tea Break** || **Tea Break** || **Tea Break** || **Tea Break** || **Tea Break**
+
| **14:00** || **Module 2: DNS Security & DNS Security Lab** (AKoech) || **Module 8:** Secure Wi-Fi Authentication (eduroam & RADIUS) (SK/AI) & **Module 8:** Implementing Secure Wi-Fi Authentication Using FreeRADIUS - Lab (AI/SK) || **Module 5:** Common Web Vulnerabilities& Security Assessment Lab (Akoech/KK)  || **Module 10:** eduroam/freeRADIUS Monitoring & Troubleshooting (SK/AI) & LAB (Configuring and propagating eduroam SSID on AP controller) (SK)
 +
|| **Module 5:** Compliance and DPA 2019 -security&safeguards (LM) [JOINT] **Vote of Thanks (Guest Speaker)
 
|-
 
|-
| style="background:#f0f0f0;" | **16:30** || **Day's Recap** || **Day's Recap** || **Day's Recap** || **Day's Recap** || **Final Recap & Closing**
+
| **16:00** || **Recap** (All) || **Recap** (All) || **Recap** (All) || **Recap** (All) || style="background:#f0f0f0;" | (16:00 - 16:30 **Certificate Award** **Post-Training Survey**)
 
|-
 
|-
| **17:00** || **End of Day 1** || **End of Day 2** || **End of Day 3** || **End of Day 4** || **End of Training**
+
| style="background:#eef;" | **16:30** || **Tea break and Day End** || **Tea break and Day End** || **Tea break and Day End** || **Tea break and Day End** || **Tea break & End of Training!**
 
|}
 
|}
 +
 +
==Training Feedback Survey==
 +
 +
[https://www.surveymonkey.com/r/V2N5QRP_KENET-Cybersecurity-Post-Training-Survey Link to Feedback Survey]
 +
 +
==Workshop Training Resources==
 +
<div style="background-color:#e6ffe6; padding:10px; border-radius:5px; margin-top:10px;">
 +
'''Track 1: Securing Domains, Email, Web & Identity and Federation Services'''
 +
* [https://filesender.kenet.or.ke/download.php?token=db8229bd-fd5d-43bd-8527-b4fbdfff5bf2&files_ids=543 Download Track 1 Resources]
 +
</div>
 +
 +
<div style="background-color:#e6f7ff; padding:10px; border-radius:5px;">
 +
'''JOINT Sessions'''
 +
* [https://training.kenet.or.ke/images/d/d5/KENET_Program_Overview_ICANN_BO.pdf Download Project Overview]
 +
* [https://training.kenet.or.ke/images/b/b8/ICANN_KENET_Grant_-_Project_Overview_2026.pdf Download Project Overview_2]
 +
</div>
 +
 +
<div style="background-color:#e6f7ff; padding:10px; border-radius:5px;">
 +
'''Additional Resources from NSRC -a KENET Training Partner'''
 +
* [https://learn.nsrc.org/cndo/REN_ecosystem Access NSRC REN_ecosystem]
 +
</div>
 +
 +
==Session Photos==

Latest revision as of 08:23, 20 February 2026

KENET is pleased to invite you to the Cybersecurity Resilience Workshop - Track 1. This track focuses on fortifying the institutional digital perimeter by mastering the core protocols of DNS, Email, and Identity. Participants will transition from managing local services to building a "Circle of Trust" through the deployment of DNSSEC, DMARC/SPF/DKIM email protections, and eduroam infrastructure. The training will be held from February 23rd to February 27th, 2026, at the Abai Lodges and Spa in Kirinyaga.


The training will be held from February 23rd to February 27th, 2026

Objective

By the end of the program, attendees will be able to architect a full-lifecycle Identity Management (IdM) system, configure an Identity Provider (IdP) for global federation, and ensure all services meet international compliance and security standards. The ultimate objective is to provide seamless, secure access to resources while protecting the institution's brand and data integrity from modern cyber threats.

Who Should Attend?

This course is designed for Cybersecurity specialists, Systems administrators and webmasters.

Prerequisites

1. Laptop for the sessions with Wi-Fi capability 2. Intermediate to expert knowledge of Linux and the command line operations.

Course content

Note: All lab manuals and slides can be found in the [Workshop Resource Folder] at the bottom of this page.


Trainers

List of Training Team Members
Full Name Initials (Inst.) Role Organization
Nyanjau Kimani NK Program Manager KENET
Alfred Kipruto AKip Quality Assurance KENET
Zeinab Mzungu ZM Logistics & Support KENET
Caroline Gachuhi CG Registration & Support KENET
Amos Koech AKoech Trainer KENET
Anne Inapat AI Trainer KENET
Anthony Kimani AK Trainer KENET
Kevin Chege KC Trainer/Labs ISOC
Kelvin Kariuki KK Trainer MMU
Lilian Maina LM Trainer KENET
Samuel Macharia SK Trainer KENET

Participants

TimeTable

Master Schedule: Track 1: Securing Institutional Emails, Websites and Identity Systems
Time Day 1 (Joint) Day 2 () Day 3 () Day 4 () Day 5 ()
**07:00** **Welcome and registrations** Sessions start at 08:00
**08:00** **Introductions & Objectives (JOINT)** (AKip) Recap Recap Recap Recap
**08:20** **Housekeeping (JOINT)** (ZM/Akip) **Module 13:** Intro to Identity and Access Management (IAM) in Education (AK) **Module 3:** Email Security Basics (KK) *Module 9:** Installing and Configuring an Identity Provider (AK) **Module 17:** Future of Identity and Trust in Education(AK)
**08:35** (08:35 - 09:00 Joint Session) (Contd) (Contd) (Contd) (Contd)
**09:00** **ICANN Grant Funded Training Project - an overview (JOINT)** (AKip/NK/BO)

[1] [1.2]

**Module 14:** Authentication and Authorization Protocols (AK) **Module 4:** Securing Email (DKIM, SPF, DMARC) (Akoech/KK) (Contd) **Module 12: ** Best Practices for eduroam, and IdP** (AI/AK)
**10:00** Tea break (10:00 – 10:30)
**10:30** **Lab Environment & Topology Walkthrough (Lab Support)** (KC) **Module 15:** Federated Identity & Trust (AK) (Contd) (Contd) Assessment -section 1 MCQs** (ZM)
**11:30** **Module 1 on Intro to IP addressing and Routing (JOINT)** (KK) **Module 14:** LDAP Identity Management Lab (AK) **Module 6:** Best Practices for Securing Managed Email Services (KK) (Contd) Assessment -section 2 - LAB
**12:30** **Module 1: DNS and its roles (JOINT)** (Akoech) (Contd) (Contd) (Contd) (Contd)
**13:00** Lunch break - Break into respective rooms after lunch Lunch break
**14:00** **Module 2: DNS Security & DNS Security Lab** (AKoech) **Module 8:** Secure Wi-Fi Authentication (eduroam & RADIUS) (SK/AI) & **Module 8:** Implementing Secure Wi-Fi Authentication Using FreeRADIUS - Lab (AI/SK) **Module 5:** Common Web Vulnerabilities& Security Assessment Lab (Akoech/KK) **Module 10:** eduroam/freeRADIUS Monitoring & Troubleshooting (SK/AI) & LAB (Configuring and propagating eduroam SSID on AP controller) (SK) **Module 5:** Compliance and DPA 2019 -security&safeguards (LM) [JOINT] **Vote of Thanks (Guest Speaker)
**16:00** **Recap** (All) **Recap** (All) **Recap** (All) **Recap** (All) (16:00 - 16:30 **Certificate Award** **Post-Training Survey**)
**16:30** **Tea break and Day End** **Tea break and Day End** **Tea break and Day End** **Tea break and Day End** **Tea break & End of Training!**

Training Feedback Survey

Link to Feedback Survey

Workshop Training Resources

Track 1: Securing Domains, Email, Web & Identity and Federation Services

JOINT Sessions

Additional Resources from NSRC -a KENET Training Partner

Session Photos

Retrieved from "http://training.kenet.or.ke/index.php?title=Cybersecurity_Resilience_Workshop_-Track_1:_Securing_institutional_e-mail,_websites_and_identity_systems&oldid=1665"