Difference between revisions of "Cyber Security"

From KENET Training
Jump to: navigation, search
 
(20 intermediate revisions by the same user not shown)
Line 2: Line 2:
  
 
Security within the campus network has become an area that the network and system administrators need to focus more on. This workshop will focus on empowering the system administrators on how to secure the services and servers within the campus and also empower the network administrators on how to secure the campus network.
 
Security within the campus network has become an area that the network and system administrators need to focus more on. This workshop will focus on empowering the system administrators on how to secure the services and servers within the campus and also empower the network administrators on how to secure the campus network.
Objective
+
 
 +
<span style="background:#00C000"> REGISTRATION CLOSED </span>
 +
 
 +
==Objective==
 +
 
 
This training will enable the network and system administrators run secure services within the campus network.
 
This training will enable the network and system administrators run secure services within the campus network.
  
Line 25: Line 29:
  
 
Systems/Network Administrators in charge of security;
 
Systems/Network Administrators in charge of security;
 +
 +
==Timetable==
 +
{| class="wikitable"
 +
! Day
 +
! 8.30-10.30
 +
! 10.30-10.50
 +
! 10.50-13.00
 +
! 1300-1400
 +
! 1400-1600
 +
! 1600-1620
 +
! 1620-1800
 +
|-
 +
| Monday
 +
| Welcome and registrationFundamentals of security [[http://training.kenet.or.ke/images/c/c9/01-intro-security.pdf]]
 +
| Tea Break
 +
| Attacks and Threats [[http://training.kenet.or.ke/images/f/ff/02.Attacks_and_Threats-02.pdf]]
 +
| Lunch
 +
| Switching security [[http://training.kenet.or.ke/images/1/17/SWITCHING_SECURITYv2.pdf]]
 +
| Tea Break
 +
| Switching security
 +
|-
 +
| Tuesday
 +
| Application and Network Attacks
 +
| Tea Break
 +
| Application and Network Attacks Lab [[http://training.kenet.or.ke/images/b/b2/Training-lab-notes.pdf]]
 +
| Lunch
 +
| Network Security and Defense [[http://training.kenet.or.ke/images/f/f7/NETWORK_SECURITY.pdf]]
 +
| Tea Break
 +
| Network Security and Defense Lab [[http://training.kenet.or.ke/images/2/27/Zone_Based_firewall.pdf]] Wireless Security [[http://training.kenet.or.ke/images/8/87/14-Wireless_Security.pdf]]
 +
|-
 +
| Wednesday
 +
| Host, Application, and Data Security Presentation [[http://training.kenet.or.ke/images/e/e8/06.Host-Application-%26-Data-Security-04.pdf]]
 +
| Tea Break
 +
| Host, Application, and Data Security Mod Security [[http://training.kenet.or.ke/images/c/cb/Mod-security-exercise-02.txt]] Ip tables[[http://training.kenet.or.ke/images/6/6e/Iptables-exercise-02.txt]] SSH keys [[http://training.kenet.or.ke/images/8/85/Ssh-key-exercise-02.txt]]
 +
| Lunch
 +
| Digital Certificates & PKI [[http://training.kenet.or.ke/images/2/21/KENET_PKI_digCert_presentation_March2014_v2.pdf]]
 +
 +
| Tea Break
 +
| Digital Certificates & PKI Lab 1 [[http://training.kenet.or.ke/images/9/95/Crypto_PublicKey_lab.pdf]] Lab 2 [[http://training.kenet.or.ke/images/0/09/Lab.txt]]
 +
|-
 +
| Thursday
 +
| Web/Software application security [[http://training.kenet.or.ke/images/3/3b/Web-Application-Security.pdf]]
 +
| Tea Break
 +
| Web/Software application security
 +
| Lunch
 +
| Vulnerability Assessment and Mitigating Attacks [[http://training.kenet.or.ke/images/5/56/Vulnerabiity_Assessment_and_Penetration_testing_.pdf]]
 +
| Tea Break
 +
| Vulnerability Assessment and Mitigating Attacks
 +
|-
 +
| Friday
 +
| Access Control and Physical (Environmental) Security
 +
| Tea Break
 +
| Access Control and Physical (Environmental) Security
 +
| Lunch
 +
| Closing ceremony and certificate
 +
| Tea Break
 +
|
 +
|}
 +
 +
{| {{table}}
 +
| align="center" style="background:#f0f0f0;"|'''NO:'''
 +
| align="center" style="background:#f0f0f0;"|'''Title'''
 +
| align="center" style="background:#f0f0f0;"|'''First Name'''
 +
| align="center" style="background:#f0f0f0;"|'''Last Name'''
 +
| align="center" style="background:#f0f0f0;"|'''Other Names'''
 +
| align="center" style="background:#f0f0f0;"|'''Institution'''
 +
| align="center" style="background:#f0f0f0;"|'''Job Title'''
 +
| align="center" style="background:#f0f0f0;"|'''E-mail'''
 +
|-
 +
| 1||Mrs||Brenda||Isaboke||Nyangweso||Adventist University of Africa||ICT Administrator||nyangwesob@aua.ac.ke
 +
|-
 +
| 2||Mr.||Sila||Too||Kimutai||Moi University||Assistant System Librarian||sktoo@mu.ac.ke
 +
|-
 +
| 3||Mr.||Samson ||Too||Kipketer||Moi University||IT Technician||samkiptoo@mu.ac.ke
 +
|-
 +
| 4||Miss.||Doreen ||Wasike||Khayanga||Moi University||Senior assistant hardware engineer||doreen@mu.ac.ke
 +
|-
 +
| 5||Mr.||Edward||Savatia||Mahanga||Kibabii University College||Systems Administrator||esavatia@yahoo.com
 +
|-
 +
| 6||Mr.||Markphalen||Odiwuor||Ochola||Kenya Medical Research Institute – KEMRI RTCIP||IT Officer||modiwuor@kemri-ucsf.org
 +
|-
 +
| 7||Mr.||Alex||Mugambi||K||Egerton University||Network Administrator||mugambi@egerton.ac.ke
 +
|-
 +
| 8||Mr.||Joseph||Samuel||Kombe||Taita Taveta University College||System Software Technologist||joskombe@gmail.com
 +
|-
 +
| 9||Mr.||Rogers||Koech||Kipchirchir||University of Eldoret||System Administrator||rkoech@uoeld.ac.ke
 +
|-
 +
| 10||Mr.||James||Kimondo||Muturi||Pwani University||Networks Administrator||j.muturi@pu.ac.ke
 +
|-
 +
| 11||Mr.||Joseph||Nyakoni||M||Kenya Industrial Research Institute (KIRDI)||Head ICT Operations ||joseph_nyakoni@kirdi.go.ke
 +
|-
 +
| 12||Mr.||Arthur ||Oyoo||||Kenya Industrial Research Institute (KIRDI)||RESEARCH SCIENTIST||arthuroyoo@yahoo.com
 +
|-
 +
| 13||Mr.||David ||Mwangi||||Management University of Africa ||Head ICT Services ||dmwangi@mua.ac.ke
 +
|-
 +
| 14||Mr.||Amba ||Samedi||||University of Eastern Africa - Baraton ||Web Network Administrator ||samedia@ueab.ac.ke
 +
|-
 +
| 15||Mr.||Hussein||Hassanali||||Technical University of Mombasa ||Network Administrator||hhassanali@tum.ac.ke
 +
|-
 +
| 16||Mr.||Jared ||Otieno  ||Nyanjom||Multi Media Unviersity||Webmaster ||jnyanjom@mmu.ac.ke
 +
|-
 +
| 17||Mr.||Mesfin||Teshome||Abeje||Africa International University||IT/Network Administrator - Acting IT Director||mesfin.teshome@africainternational.edu
 +
|-
 +
| 18||Mr.||Chris  ||Wanyoike||||Kenya School of Monetary Studies ||IT Services ||�
 +
|-
 +
| 19||Mr.||Martin ||Njau||||Kenya Education Network ||Systems Administrator||mnjau@kenet.or.ke
 +
|-
 +
| 20||Ms.||Nyanjau||Kimani||||Kenya Education Network ||Systems Administrator||pkimani@kenet.or.ke
 +
|-
 +
| 21||Mr.||Robert ||Okal ||Japheth||International Livestock Research Institution (ILRI)||ICT Infrastructure Specialist ||rokal@cgiar.org
 +
|-
 +
| 22||Mr.||GEORGE||OGOTI||||International Livestock Research Institution (ILRI)||SERVER SPECIALIST||gogoti@cgiar.org
 +
|-
 +
| 23||Mr.||Arthur ||Wainaina||||JKUAT||||
 +
|-
 +
|
 +
|}
 +
 +
==Group Photo==
 +
 +
[[File:DSC 5401.JPG]]
  
 
==Course content==
 
==Course content==

Latest revision as of 09:50, 31 March 2014

Cyber Security Workshop

Security within the campus network has become an area that the network and system administrators need to focus more on. This workshop will focus on empowering the system administrators on how to secure the services and servers within the campus and also empower the network administrators on how to secure the campus network.

REGISTRATION CLOSED

Objective

This training will enable the network and system administrators run secure services within the campus network.

Who Should Attend?

This course is designed for system and network administrators who are interested in learning and implementing best practices for running a secure and stable campus network.

Prerequisites

I.A laptop with wireless capability

II.IPv4 addressing and general network concepts

III. Knowledge of UNIX and/or Linux

IV. At least three years’ experience as a systems / network administrator in a medium to large campus network

V. Residential


Target Group:

Systems/Network Administrators in charge of security;

Timetable

Day 8.30-10.30 10.30-10.50 10.50-13.00 1300-1400 1400-1600 1600-1620 1620-1800
Monday Welcome and registrationFundamentals of security [[1]] Tea Break Attacks and Threats [[2]] Lunch Switching security [[3]] Tea Break Switching security
Tuesday Application and Network Attacks Tea Break Application and Network Attacks Lab [[4]] Lunch Network Security and Defense [[5]] Tea Break Network Security and Defense Lab [[6]] Wireless Security [[7]]
Wednesday Host, Application, and Data Security Presentation [[8]] Tea Break Host, Application, and Data Security Mod Security [[9]] Ip tables[[10]] SSH keys [[11]] Lunch Digital Certificates & PKI [[12]] Tea Break Digital Certificates & PKI Lab 1 [[13]] Lab 2 [[14]]
Thursday Web/Software application security [[15]] Tea Break Web/Software application security Lunch Vulnerability Assessment and Mitigating Attacks [[16]] Tea Break Vulnerability Assessment and Mitigating Attacks
Friday Access Control and Physical (Environmental) Security Tea Break Access Control and Physical (Environmental) Security Lunch Closing ceremony and certificate Tea Break
NO: Title First Name Last Name Other Names Institution Job Title E-mail
1 Mrs Brenda Isaboke Nyangweso Adventist University of Africa ICT Administrator nyangwesob@aua.ac.ke
2 Mr. Sila Too Kimutai Moi University Assistant System Librarian sktoo@mu.ac.ke
3 Mr. Samson Too Kipketer Moi University IT Technician samkiptoo@mu.ac.ke
4 Miss. Doreen Wasike Khayanga Moi University Senior assistant hardware engineer doreen@mu.ac.ke
5 Mr. Edward Savatia Mahanga Kibabii University College Systems Administrator esavatia@yahoo.com
6 Mr. Markphalen Odiwuor Ochola Kenya Medical Research Institute – KEMRI RTCIP IT Officer modiwuor@kemri-ucsf.org
7 Mr. Alex Mugambi K Egerton University Network Administrator mugambi@egerton.ac.ke
8 Mr. Joseph Samuel Kombe Taita Taveta University College System Software Technologist joskombe@gmail.com
9 Mr. Rogers Koech Kipchirchir University of Eldoret System Administrator rkoech@uoeld.ac.ke
10 Mr. James Kimondo Muturi Pwani University Networks Administrator j.muturi@pu.ac.ke
11 Mr. Joseph Nyakoni M Kenya Industrial Research Institute (KIRDI) Head ICT Operations joseph_nyakoni@kirdi.go.ke
12 Mr. Arthur Oyoo Kenya Industrial Research Institute (KIRDI) RESEARCH SCIENTIST arthuroyoo@yahoo.com
13 Mr. David Mwangi Management University of Africa Head ICT Services dmwangi@mua.ac.ke
14 Mr. Amba Samedi University of Eastern Africa - Baraton Web Network Administrator samedia@ueab.ac.ke
15 Mr. Hussein Hassanali Technical University of Mombasa Network Administrator hhassanali@tum.ac.ke
16 Mr. Jared Otieno Nyanjom Multi Media Unviersity Webmaster jnyanjom@mmu.ac.ke
17 Mr. Mesfin Teshome Abeje Africa International University IT/Network Administrator - Acting IT Director mesfin.teshome@africainternational.edu
18 Mr. Chris Wanyoike Kenya School of Monetary Studies IT Services
19 Mr. Martin Njau Kenya Education Network Systems Administrator mnjau@kenet.or.ke
20 Ms. Nyanjau Kimani Kenya Education Network Systems Administrator pkimani@kenet.or.ke
21 Mr. Robert Okal Japheth International Livestock Research Institution (ILRI) ICT Infrastructure Specialist rokal@cgiar.org
22 Mr. GEORGE OGOTI International Livestock Research Institution (ILRI) SERVER SPECIALIST gogoti@cgiar.org
23 Mr. Arthur Wainaina JKUAT

Group Photo

DSC 5401.JPG

Course content

Security Fundamentals

Confidentiality

Integrity

Availability

Attacks and Threats

Worms & Trojans

Malware and Social Engineering Attacks

Attacks Using Malware

Social Engineering Attacks

Switching security

Port Security

Understanding Switch Security Issues

Protecting Against VLAN Attacks

Protecting Against Spoofing Attacks

Securing Network Services

Secure Network Switches to Mitigate Security Attack

Application and Network Attacks

Application Attacks

Rogue DHCP Server protection

Web Application Attacks

Client-Side Attacks

Buffer Overflow Attacks

Network Attacks

Denial of Service (DoS)

Interception

Poisoning

Attacks on Access Rights

Network Security and Defense

Security Through Network Devices

Security Through Network Technologies

Network Address Translation (NAT)

Network Access Control (NAC)

Security Through Network Design Elements

Demilitarized Zone (DMZ)

Subnetting

Virtual LANs (VLANs)

Remote Access

Wireless Network Security

Host, Application, and Data Security

Securing Devices.

Physical Security

Hardware Security

Securing the Operating System Software

Securing with Anti-Malware Software

Monitoring System Logs

Application Security

Digital Certificates & PKI

Introduction to cryptography/symmetric and public key cryptography

Digital certificates

Digital signatures

Public Key Infrastructure

Web/Software application security

web applications vulnerabilities

Cross Site Scripting

SQL Injection

Denial of Service

Code Execution

Local File include

General web application security recommendations

Guard against malicious user input

Vulnerability Assessment and Mitigating Attacks

Assessment Techniques

Assessment Tools

Vulnerability Scanning?

Penetration Testing

Creating a Security Posture

Configuring Controls

Hardening

Reporting

Access Control and Physical (Environmental) Security

Identification

Authorization

Authentication

Accounting

Cyber Law

Legal regulations

Investigations and Compliance