Course Overview:
Our cyber range training in Singapore is designed to equip participants with the necessary knowledge and skills to monitor intelligence-gathering and anticipate potential threats to an ICT system proactively through an intensive cyber range training. This SkillsFuture course in Singapore involves the hands-on pre-emptive analysis of potential perpetrators (blue team training), anomalous activities (red team training) and evidence-based knowledge and inferences on perpetrators’ motivations and tactics.
Target Audience:
- IT professionals who are responsible for or moving to cyber security related roles, e.g. Security Operations Analyst, Associate Security Analyst, Security Executive.
Pre-requisites:
- TCP/IP networking including but not limited to IP addressing, DNS, switching, routing, and NAT
- Windows and Linux, including but not limited to the use of command line interface for file and user management, and text editing (vim, nano).
- Firewall, IDS/IPS, VPN and other security devices
Course Duration:
- 5 Days ( 35 hours )
Course Content:
Module 1: Define & Identify Cybersecurity Risks, Threats and Challenges in an Organisation
- Network Security Best Practices & Risk Management
- Challenges: Assume Breach & Compromise
- Security Monitoring and Security Intelligence
Module 2: Conduct Assets Vulnerability Scans Using the PICERII (Preparation, Identification, Containment, Eradication, Recovery) Framework
- Asset Management
- Vulnerability Assessment
- PICERII Framework
- Security Threat Intelligence Sources & Exchanges
Module 3: Deploy HIDS/NIDS/SIEM and Troubleshoot Log Forwarding for Windows and Linux Assets
- IDS/IPS Systems
- SIEM: Alarms, Events, Logs & Tickets
- Event Processing Workflow
- Network Data, Logs Management & Elastic Stack
Module 4: Identify the Strategies to Response and Contain Common Attack Vectors
- Indicator of Compromise
- Behavior Analysis
- TTP (Tactics, Techniques & Procedures)
- MITRE ATT&CK Framework
Module 5: Conduct Continues Security Threats Monitoring
- Continuous Security Monitoring
- Correlation & Cross-Correlation
- Threat Hunting
Module 6: Conduct Network Forensics Investigation
- Cybersecurity First Responder & Forensic Investigation
Module 7: Run, Schedule and View Final Cybersecurity Incident Report
- Cybersecurity Incident Management
Module 8: Create Policies or Directives to Alarm on Critical Events in the Future and Transform Them into Organisation’s Asset
- Policy & Directive Management
- Standards Compliance (PCI DSS, etc.)
- Table-top & Cyber range Exercises
