Difference between revisions of "Cyber Security"
From KENET Training
| (23 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| − | + | Cyber Security Workshop | |
Security within the campus network has become an area that the network and system administrators need to focus more on. This workshop will focus on empowering the system administrators on how to secure the services and servers within the campus and also empower the network administrators on how to secure the campus network. | Security within the campus network has become an area that the network and system administrators need to focus more on. This workshop will focus on empowering the system administrators on how to secure the services and servers within the campus and also empower the network administrators on how to secure the campus network. | ||
| − | Objective | + | |
| + | <span style="background:#00C000"> REGISTRATION CLOSED </span> | ||
| + | |||
| + | ==Objective== | ||
| + | |||
This training will enable the network and system administrators run secure services within the campus network. | This training will enable the network and system administrators run secure services within the campus network. | ||
| Line 24: | Line 28: | ||
==Target Group:== | ==Target Group:== | ||
| − | + | Systems/Network Administrators in charge of security; | |
| + | |||
| + | ==Timetable== | ||
| + | {| class="wikitable" | ||
| + | ! Day | ||
| + | ! 8.30-10.30 | ||
| + | ! 10.30-10.50 | ||
| + | ! 10.50-13.00 | ||
| + | ! 1300-1400 | ||
| + | ! 1400-1600 | ||
| + | ! 1600-1620 | ||
| + | ! 1620-1800 | ||
| + | |- | ||
| + | | Monday | ||
| + | | Welcome and registrationFundamentals of security [[http://training.kenet.or.ke/images/c/c9/01-intro-security.pdf]] | ||
| + | | Tea Break | ||
| + | | Attacks and Threats [[http://training.kenet.or.ke/images/f/ff/02.Attacks_and_Threats-02.pdf]] | ||
| + | | Lunch | ||
| + | | Switching security [[http://training.kenet.or.ke/images/1/17/SWITCHING_SECURITYv2.pdf]] | ||
| + | | Tea Break | ||
| + | | Switching security | ||
| + | |- | ||
| + | | Tuesday | ||
| + | | Application and Network Attacks | ||
| + | | Tea Break | ||
| + | | Application and Network Attacks Lab [[http://training.kenet.or.ke/images/b/b2/Training-lab-notes.pdf]] | ||
| + | | Lunch | ||
| + | | Network Security and Defense [[http://training.kenet.or.ke/images/f/f7/NETWORK_SECURITY.pdf]] | ||
| + | | Tea Break | ||
| + | | Network Security and Defense Lab [[http://training.kenet.or.ke/images/2/27/Zone_Based_firewall.pdf]] Wireless Security [[http://training.kenet.or.ke/images/8/87/14-Wireless_Security.pdf]] | ||
| + | |- | ||
| + | | Wednesday | ||
| + | | Host, Application, and Data Security Presentation [[http://training.kenet.or.ke/images/e/e8/06.Host-Application-%26-Data-Security-04.pdf]] | ||
| + | | Tea Break | ||
| + | | Host, Application, and Data Security Mod Security [[http://training.kenet.or.ke/images/c/cb/Mod-security-exercise-02.txt]] Ip tables[[http://training.kenet.or.ke/images/6/6e/Iptables-exercise-02.txt]] SSH keys [[http://training.kenet.or.ke/images/8/85/Ssh-key-exercise-02.txt]] | ||
| + | | Lunch | ||
| + | | Digital Certificates & PKI [[http://training.kenet.or.ke/images/2/21/KENET_PKI_digCert_presentation_March2014_v2.pdf]] | ||
| + | |||
| + | | Tea Break | ||
| + | | Digital Certificates & PKI Lab 1 [[http://training.kenet.or.ke/images/9/95/Crypto_PublicKey_lab.pdf]] Lab 2 [[http://training.kenet.or.ke/images/0/09/Lab.txt]] | ||
| + | |- | ||
| + | | Thursday | ||
| + | | Web/Software application security [[http://training.kenet.or.ke/images/3/3b/Web-Application-Security.pdf]] | ||
| + | | Tea Break | ||
| + | | Web/Software application security | ||
| + | | Lunch | ||
| + | | Vulnerability Assessment and Mitigating Attacks [[http://training.kenet.or.ke/images/5/56/Vulnerabiity_Assessment_and_Penetration_testing_.pdf]] | ||
| + | | Tea Break | ||
| + | | Vulnerability Assessment and Mitigating Attacks | ||
| + | |- | ||
| + | | Friday | ||
| + | | Access Control and Physical (Environmental) Security | ||
| + | | Tea Break | ||
| + | | Access Control and Physical (Environmental) Security | ||
| + | | Lunch | ||
| + | | Closing ceremony and certificate | ||
| + | | Tea Break | ||
| + | | | ||
| + | |} | ||
| + | |||
| + | {| {{table}} | ||
| + | | align="center" style="background:#f0f0f0;"|'''NO:''' | ||
| + | | align="center" style="background:#f0f0f0;"|'''Title''' | ||
| + | | align="center" style="background:#f0f0f0;"|'''First Name''' | ||
| + | | align="center" style="background:#f0f0f0;"|'''Last Name''' | ||
| + | | align="center" style="background:#f0f0f0;"|'''Other Names''' | ||
| + | | align="center" style="background:#f0f0f0;"|'''Institution''' | ||
| + | | align="center" style="background:#f0f0f0;"|'''Job Title''' | ||
| + | | align="center" style="background:#f0f0f0;"|'''E-mail''' | ||
| + | |- | ||
| + | | 1||Mrs||Brenda||Isaboke||Nyangweso||Adventist University of Africa||ICT Administrator||nyangwesob@aua.ac.ke | ||
| + | |- | ||
| + | | 2||Mr.||Sila||Too||Kimutai||Moi University||Assistant System Librarian||sktoo@mu.ac.ke | ||
| + | |- | ||
| + | | 3||Mr.||Samson ||Too||Kipketer||Moi University||IT Technician||samkiptoo@mu.ac.ke | ||
| + | |- | ||
| + | | 4||Miss.||Doreen ||Wasike||Khayanga||Moi University||Senior assistant hardware engineer||doreen@mu.ac.ke | ||
| + | |- | ||
| + | | 5||Mr.||Edward||Savatia||Mahanga||Kibabii University College||Systems Administrator||esavatia@yahoo.com | ||
| + | |- | ||
| + | | 6||Mr.||Markphalen||Odiwuor||Ochola||Kenya Medical Research Institute – KEMRI RTCIP||IT Officer||modiwuor@kemri-ucsf.org | ||
| + | |- | ||
| + | | 7||Mr.||Alex||Mugambi||K||Egerton University||Network Administrator||mugambi@egerton.ac.ke | ||
| + | |- | ||
| + | | 8||Mr.||Joseph||Samuel||Kombe||Taita Taveta University College||System Software Technologist||joskombe@gmail.com | ||
| + | |- | ||
| + | | 9||Mr.||Rogers||Koech||Kipchirchir||University of Eldoret||System Administrator||rkoech@uoeld.ac.ke | ||
| + | |- | ||
| + | | 10||Mr.||James||Kimondo||Muturi||Pwani University||Networks Administrator||j.muturi@pu.ac.ke | ||
| + | |- | ||
| + | | 11||Mr.||Joseph||Nyakoni||M||Kenya Industrial Research Institute (KIRDI)||Head ICT Operations ||joseph_nyakoni@kirdi.go.ke | ||
| + | |- | ||
| + | | 12||Mr.||Arthur ||Oyoo||||Kenya Industrial Research Institute (KIRDI)||RESEARCH SCIENTIST||arthuroyoo@yahoo.com | ||
| + | |- | ||
| + | | 13||Mr.||David ||Mwangi||||Management University of Africa ||Head ICT Services ||dmwangi@mua.ac.ke | ||
| + | |- | ||
| + | | 14||Mr.||Amba ||Samedi||||University of Eastern Africa - Baraton ||Web Network Administrator ||samedia@ueab.ac.ke | ||
| + | |- | ||
| + | | 15||Mr.||Hussein||Hassanali||||Technical University of Mombasa ||Network Administrator||hhassanali@tum.ac.ke | ||
| + | |- | ||
| + | | 16||Mr.||Jared ||Otieno ||Nyanjom||Multi Media Unviersity||Webmaster ||jnyanjom@mmu.ac.ke | ||
| + | |- | ||
| + | | 17||Mr.||Mesfin||Teshome||Abeje||Africa International University||IT/Network Administrator - Acting IT Director||mesfin.teshome@africainternational.edu | ||
| + | |- | ||
| + | | 18||Mr.||Chris ||Wanyoike||||Kenya School of Monetary Studies ||IT Services ||� | ||
| + | |- | ||
| + | | 19||Mr.||Martin ||Njau||||Kenya Education Network ||Systems Administrator||mnjau@kenet.or.ke | ||
| + | |- | ||
| + | | 20||Ms.||Nyanjau||Kimani||||Kenya Education Network ||Systems Administrator||pkimani@kenet.or.ke | ||
| + | |- | ||
| + | | 21||Mr.||Robert ||Okal ||Japheth||International Livestock Research Institution (ILRI)||ICT Infrastructure Specialist ||rokal@cgiar.org | ||
| + | |- | ||
| + | | 22||Mr.||GEORGE||OGOTI||||International Livestock Research Institution (ILRI)||SERVER SPECIALIST||gogoti@cgiar.org | ||
| + | |- | ||
| + | | 23||Mr.||Arthur ||Wainaina||||JKUAT|||| | ||
| + | |- | ||
| + | | | ||
| + | |} | ||
| + | |||
| + | ==Group Photo== | ||
| + | |||
| + | [[File:DSC 5401.JPG]] | ||
| + | |||
==Course content== | ==Course content== | ||
| Line 35: | Line 161: | ||
Availability | Availability | ||
| − | + | ===Attacks and Threats=== | |
| + | |||
Worms & Trojans | Worms & Trojans | ||
| + | |||
Malware and Social Engineering Attacks | Malware and Social Engineering Attacks | ||
| + | |||
Attacks Using Malware | Attacks Using Malware | ||
| + | |||
Social Engineering Attacks | Social Engineering Attacks | ||
| − | + | ===Switching security=== | |
| + | |||
Port Security | Port Security | ||
| + | |||
Understanding Switch Security Issues | Understanding Switch Security Issues | ||
| + | |||
Protecting Against VLAN Attacks | Protecting Against VLAN Attacks | ||
| + | |||
Protecting Against Spoofing Attacks | Protecting Against Spoofing Attacks | ||
| + | |||
Securing Network Services | Securing Network Services | ||
| + | |||
Secure Network Switches to Mitigate Security Attack | Secure Network Switches to Mitigate Security Attack | ||
| − | + | ||
| + | ===Application and Network Attacks=== | ||
| + | |||
Application Attacks | Application Attacks | ||
| + | |||
Rogue DHCP Server protection | Rogue DHCP Server protection | ||
| + | |||
Web Application Attacks | Web Application Attacks | ||
| + | |||
Client-Side Attacks | Client-Side Attacks | ||
| + | |||
Buffer Overflow Attacks | Buffer Overflow Attacks | ||
| + | |||
Network Attacks | Network Attacks | ||
| + | |||
Denial of Service (DoS) | Denial of Service (DoS) | ||
| + | |||
Interception | Interception | ||
| + | |||
Poisoning | Poisoning | ||
| + | |||
Attacks on Access Rights | Attacks on Access Rights | ||
| − | + | ||
| + | ===Network Security and Defense=== | ||
| + | |||
Security Through Network Devices | Security Through Network Devices | ||
| + | |||
Security Through Network Technologies | Security Through Network Technologies | ||
| + | |||
Network Address Translation (NAT) | Network Address Translation (NAT) | ||
| + | |||
Network Access Control (NAC) | Network Access Control (NAC) | ||
| + | |||
Security Through Network Design Elements | Security Through Network Design Elements | ||
| + | |||
Demilitarized Zone (DMZ) | Demilitarized Zone (DMZ) | ||
| + | |||
Subnetting | Subnetting | ||
| + | |||
Virtual LANs (VLANs) | Virtual LANs (VLANs) | ||
| + | |||
Remote Access | Remote Access | ||
| + | |||
Wireless Network Security | Wireless Network Security | ||
| − | + | === Host, Application, and Data Security=== | |
| + | |||
Securing Devices. | Securing Devices. | ||
| + | |||
Physical Security | Physical Security | ||
| + | |||
Hardware Security | Hardware Security | ||
| + | |||
Securing the Operating System Software | Securing the Operating System Software | ||
| + | |||
Securing with Anti-Malware Software | Securing with Anti-Malware Software | ||
| + | |||
Monitoring System Logs | Monitoring System Logs | ||
| + | |||
Application Security | Application Security | ||
| − | + | ===Digital Certificates & PKI=== | |
| + | |||
Introduction to cryptography/symmetric and public key cryptography | Introduction to cryptography/symmetric and public key cryptography | ||
| − | |||
| − | |||
| − | |||
| − | + | Digital certificates | |
| + | |||
| + | Digital signatures | ||
| + | |||
| + | Public Key Infrastructure | ||
| + | |||
| + | ===Web/Software application security=== | ||
| + | |||
web applications vulnerabilities | web applications vulnerabilities | ||
| + | |||
Cross Site Scripting | Cross Site Scripting | ||
| + | |||
SQL Injection | SQL Injection | ||
| + | |||
Denial of Service | Denial of Service | ||
| + | |||
Code Execution | Code Execution | ||
| + | |||
Local File include | Local File include | ||
| + | |||
General web application security recommendations | General web application security recommendations | ||
| + | |||
Guard against malicious user input | Guard against malicious user input | ||
| − | + | ===Vulnerability Assessment and Mitigating Attacks=== | |
| + | |||
Assessment Techniques | Assessment Techniques | ||
| + | |||
Assessment Tools | Assessment Tools | ||
| + | |||
Vulnerability Scanning? | Vulnerability Scanning? | ||
| + | |||
Penetration Testing | Penetration Testing | ||
| + | |||
Creating a Security Posture | Creating a Security Posture | ||
| + | |||
Configuring Controls | Configuring Controls | ||
| + | |||
Hardening | Hardening | ||
| + | |||
Reporting | Reporting | ||
| − | + | ===Access Control and Physical (Environmental) Security=== | |
| + | |||
Identification | Identification | ||
| + | |||
Authorization | Authorization | ||
| + | |||
Authentication | Authentication | ||
| + | |||
Accounting | Accounting | ||
| − | + | ||
| + | ===Cyber Law === | ||
| + | |||
Legal regulations | Legal regulations | ||
| + | |||
Investigations and | Investigations and | ||
Compliance | Compliance | ||
Latest revision as of 09:50, 31 March 2014
Cyber Security Workshop
Security within the campus network has become an area that the network and system administrators need to focus more on. This workshop will focus on empowering the system administrators on how to secure the services and servers within the campus and also empower the network administrators on how to secure the campus network.
REGISTRATION CLOSED
Contents
- 1 Objective
- 2 Who Should Attend?
- 3 Prerequisites
- 4 Target Group:
- 5 Timetable
- 6 Group Photo
- 7 Course content
- 7.1 Security Fundamentals
- 7.2 Attacks and Threats
- 7.3 Switching security
- 7.4 Application and Network Attacks
- 7.5 Network Security and Defense
- 7.6 Host, Application, and Data Security
- 7.7 Digital Certificates & PKI
- 7.8 Web/Software application security
- 7.9 Vulnerability Assessment and Mitigating Attacks
- 7.10 Access Control and Physical (Environmental) Security
- 7.11 Cyber Law
Objective
This training will enable the network and system administrators run secure services within the campus network.
Who Should Attend?
This course is designed for system and network administrators who are interested in learning and implementing best practices for running a secure and stable campus network.
Prerequisites
I.A laptop with wireless capability
II.IPv4 addressing and general network concepts
III. Knowledge of UNIX and/or Linux
IV. At least three years’ experience as a systems / network administrator in a medium to large campus network
V. Residential
Target Group:
Systems/Network Administrators in charge of security;
Timetable
| Day | 8.30-10.30 | 10.30-10.50 | 10.50-13.00 | 1300-1400 | 1400-1600 | 1600-1620 | 1620-1800 |
|---|---|---|---|---|---|---|---|
| Monday | Welcome and registrationFundamentals of security [[1]] | Tea Break | Attacks and Threats [[2]] | Lunch | Switching security [[3]] | Tea Break | Switching security |
| Tuesday | Application and Network Attacks | Tea Break | Application and Network Attacks Lab [[4]] | Lunch | Network Security and Defense [[5]] | Tea Break | Network Security and Defense Lab [[6]] Wireless Security [[7]] |
| Wednesday | Host, Application, and Data Security Presentation [[8]] | Tea Break | Host, Application, and Data Security Mod Security [[9]] Ip tables[[10]] SSH keys [[11]] | Lunch | Digital Certificates & PKI [[12]] | Tea Break | Digital Certificates & PKI Lab 1 [[13]] Lab 2 [[14]] |
| Thursday | Web/Software application security [[15]] | Tea Break | Web/Software application security | Lunch | Vulnerability Assessment and Mitigating Attacks [[16]] | Tea Break | Vulnerability Assessment and Mitigating Attacks |
| Friday | Access Control and Physical (Environmental) Security | Tea Break | Access Control and Physical (Environmental) Security | Lunch | Closing ceremony and certificate | Tea Break |
| NO: | Title | First Name | Last Name | Other Names | Institution | Job Title | |
| 1 | Mrs | Brenda | Isaboke | Nyangweso | Adventist University of Africa | ICT Administrator | nyangwesob@aua.ac.ke |
| 2 | Mr. | Sila | Too | Kimutai | Moi University | Assistant System Librarian | sktoo@mu.ac.ke |
| 3 | Mr. | Samson | Too | Kipketer | Moi University | IT Technician | samkiptoo@mu.ac.ke |
| 4 | Miss. | Doreen | Wasike | Khayanga | Moi University | Senior assistant hardware engineer | doreen@mu.ac.ke |
| 5 | Mr. | Edward | Savatia | Mahanga | Kibabii University College | Systems Administrator | esavatia@yahoo.com |
| 6 | Mr. | Markphalen | Odiwuor | Ochola | Kenya Medical Research Institute – KEMRI RTCIP | IT Officer | modiwuor@kemri-ucsf.org |
| 7 | Mr. | Alex | Mugambi | K | Egerton University | Network Administrator | mugambi@egerton.ac.ke |
| 8 | Mr. | Joseph | Samuel | Kombe | Taita Taveta University College | System Software Technologist | joskombe@gmail.com |
| 9 | Mr. | Rogers | Koech | Kipchirchir | University of Eldoret | System Administrator | rkoech@uoeld.ac.ke |
| 10 | Mr. | James | Kimondo | Muturi | Pwani University | Networks Administrator | j.muturi@pu.ac.ke |
| 11 | Mr. | Joseph | Nyakoni | M | Kenya Industrial Research Institute (KIRDI) | Head ICT Operations | joseph_nyakoni@kirdi.go.ke |
| 12 | Mr. | Arthur | Oyoo | Kenya Industrial Research Institute (KIRDI) | RESEARCH SCIENTIST | arthuroyoo@yahoo.com | |
| 13 | Mr. | David | Mwangi | Management University of Africa | Head ICT Services | dmwangi@mua.ac.ke | |
| 14 | Mr. | Amba | Samedi | University of Eastern Africa - Baraton | Web Network Administrator | samedia@ueab.ac.ke | |
| 15 | Mr. | Hussein | Hassanali | Technical University of Mombasa | Network Administrator | hhassanali@tum.ac.ke | |
| 16 | Mr. | Jared | Otieno | Nyanjom | Multi Media Unviersity | Webmaster | jnyanjom@mmu.ac.ke |
| 17 | Mr. | Mesfin | Teshome | Abeje | Africa International University | IT/Network Administrator - Acting IT Director | mesfin.teshome@africainternational.edu |
| 18 | Mr. | Chris | Wanyoike | Kenya School of Monetary Studies | IT Services | � | |
| 19 | Mr. | Martin | Njau | Kenya Education Network | Systems Administrator | mnjau@kenet.or.ke | |
| 20 | Ms. | Nyanjau | Kimani | Kenya Education Network | Systems Administrator | pkimani@kenet.or.ke | |
| 21 | Mr. | Robert | Okal | Japheth | International Livestock Research Institution (ILRI) | ICT Infrastructure Specialist | rokal@cgiar.org |
| 22 | Mr. | GEORGE | OGOTI | International Livestock Research Institution (ILRI) | SERVER SPECIALIST | gogoti@cgiar.org | |
| 23 | Mr. | Arthur | Wainaina | JKUAT | |||
Group Photo
Course content
Security Fundamentals
Confidentiality
Integrity
Availability
Attacks and Threats
Worms & Trojans
Malware and Social Engineering Attacks
Attacks Using Malware
Social Engineering Attacks
Switching security
Port Security
Understanding Switch Security Issues
Protecting Against VLAN Attacks
Protecting Against Spoofing Attacks
Securing Network Services
Secure Network Switches to Mitigate Security Attack
Application and Network Attacks
Application Attacks
Rogue DHCP Server protection
Web Application Attacks
Client-Side Attacks
Buffer Overflow Attacks
Network Attacks
Denial of Service (DoS)
Interception
Poisoning
Attacks on Access Rights
Network Security and Defense
Security Through Network Devices
Security Through Network Technologies
Network Address Translation (NAT)
Network Access Control (NAC)
Security Through Network Design Elements
Demilitarized Zone (DMZ)
Subnetting
Virtual LANs (VLANs)
Remote Access
Wireless Network Security
Host, Application, and Data Security
Securing Devices.
Physical Security
Hardware Security
Securing the Operating System Software
Securing with Anti-Malware Software
Monitoring System Logs
Application Security
Digital Certificates & PKI
Introduction to cryptography/symmetric and public key cryptography
Digital certificates
Digital signatures
Public Key Infrastructure
Web/Software application security
web applications vulnerabilities
Cross Site Scripting
SQL Injection
Denial of Service
Code Execution
Local File include
General web application security recommendations
Guard against malicious user input
Vulnerability Assessment and Mitigating Attacks
Assessment Techniques
Assessment Tools
Vulnerability Scanning?
Penetration Testing
Creating a Security Posture
Configuring Controls
Hardening
Reporting
Access Control and Physical (Environmental) Security
Identification
Authorization
Authentication
Accounting
Cyber Law
Legal regulations
Investigations and Compliance
