SecureSet Academy employs world class instructors who are at the top of their game who educate according to our industry-vetted, proprietary curriculum. We understand that cybersecurity is a broad field with multiple domains. This makes is difficult for anyone person to have mastered them all. As a result, we find domain experts who not only excel in their individual domains, but can also relate their expertise back to the broader field. In this manner we are able to offer a comprehensive curriculum in cybersecurity from top level experts. Below are six modules that are part of our broader curriculum for our Academy program.
MODULE 1: NETWORK SECURITY
This course will focus on core ideas in network security. The first portion of the class will review basic network protocols: Ethernet, 802.11 (wifi), IP, UDP, TCP, ARP, DHCP, DNS, ICMP, BGP, SMTP, POP/IMAP, FTP, HTTP, IGMP, etc. Then we will introduce attacks on these basic technologies: TCP hijacking, ARP cache poisoning and domain spoofing, as well as countermeasures. We will then explain sniffing and port scanning, firewalls, IDSes and NIDSes. We will cover wireless protocols and their security. Then we will segue into AppSec with a focus on web security. Finally we will look at denial of service and attack payloads.
MODULE 2: SYSTEM SECURITY
This course will focus on core ideas in system security. The first portion of the class will review the three central desktop OSes: Windows, OS X, and Linux, along with the two preeminent mobile OSes: Android and iOS. We will cover basic configuration of standard services and what happens when this is not done correctly. We will study Windows Security, then Linux Security. We will cover standard attacks such as buffer and heap overflows, heap spraying, format string exploits and race conditions. Finally we will talk about payloads and persistent access.
MODULE 3: STRATEGY & ANALYSIS
This course will cover a wide range of topics consisting of security culture, ethics, security economics, security professionalism, psychology of analysis, criminal psychology, threat intelligence and much more. The purpose of this course is to help students gain an appreciation of what it means to be a security professional and how to operate in the profession ethically and effectively.
MODULE 4: APPLIED CRYPTOGRAPHY
This course will focus on core primitives of cryptography (block ciphers, public key algorithms, and hashing), and then work upwards toward modes-of-operation, encryption and authentication primitives. Finally we will understand high level secure protocols built from these underlying components; this includes SSL/TLS, SSH, Electronic Voting, and Crypto Currencies. We will also study vulnerabilities and misconfigurations of these technologies to best understand where practitioners often go wrong during an implementation.
MODULE 5: DECTECTION & LOG MANAGEMENT
This course will instruct students on computer information systems security monitoring, intrusion detection, and crisis management. It includes topics such as alarm management, signature configuration, sensor configuration, and troubleshooting components. It also emphasizes identifying, resolving, and documenting network crises and activating the response team.
MODULE 6: POLICY & REGULATIONS
This course is designed to teach students how to engage all functional levels within the enterprise to deliver information system security. To this end, the course will address a range of topics, each of which is vital to securing the modern enterprise. These topics include inter alia plans and policies, enterprise roles, security metrics, risk management, standards and regulations, physical security, and business continuity. Each piece of the puzzle must be in place for the enterprise to achieve its security goals; adversaries will invariably find and exploit weak links.