Description

This training program guides you in integrating security into your Information System architecture, while addressing the security requirements of modern businesses. It offers an in-depth analysis of threats and intrusion techniques, along with an overview of the main security solutions available on the market. You will gain the technical and legal knowledge necessary to ensure and effectively manage the security of your information system.

Who is this training for ?

For whom ?

• CISO.
• CIO.
• Architects.
• Developers.
• Project managers.
• Pre-sales salespeople.
• System & network administrators.

Prerequisites

Training objectives

Understand the evolution of cybercrime and its implications

Manage the security of cloud environments, applications, and endpoints

Grasp the fundamentals of cryptography

Implement and oversee information system security monitoring processes

Training program

• Introduction to Information Security and Cybercrime
  • Core Security Principles: defense-in-depth, cyber risk modeling.
  • Risk Management Methods: ISO 27005, EBIOS Risk Manager.
  • Overview of ISO 2700x Standards.
  • The Evolution of Cybercrime.
  • Emerging Threats: APTs, spear phishing, watering hole attacks, crypto-jacking, etc.
  • Software Vulnerabilities and Security Flaws.
  • The Cyberattack Lifecycle (Kill Chain model).
  • Zero-day Vulnerabilities, Zero-day Exploits, and Exploit Kits.
• Firewall, virtualisation et Cloud computing
  • Perimeter Protection: firewalls and DMZ zones.
  • Types of Firewalls: UTM, enterprise, next-generation (NG), and NG-v2 firewalls.
  • Intrusion Prevention Systems (IPS): traditional and next-generation IPS (NG-IPS) solutions.
  • Virtualization: assessment of security vulnerabilities.
  • Cloud Computing Risks: insights from CESIN, ENISA, and the Cloud Security Alliance (CSA).
  • CASB (Cloud Access Security Broker) solutions: securing cloud-based data and applications.
  • Cloud Controls Matrix (CSA CCM): using the framework to evaluate Cloud service providers.
• Client workstation security
  • Understanding key threats targeting endpoints.
  • Anti-virus and anti-spyware solutions.
  • Effective management of security patches on endpoints.
  • Ransomware: preventive measures and remediation strategies.
  • Securing removable devices.
  • Vulnerabilities in web browsers and plugins.
  • Understanding drive-by download attacks.
  • Threats via USB devices, including BadUSB and Rubber Ducky.
• Crypto Fundamentals
  • Key cryptographic techniques.
  • Public-key and symmetric algorithms.
  • Hash functions: simple, salted, and keyed (HMAC).
  • Public Key Infrastructure (PKI) and its architecture.
  • Common Criteria (CC) certification and ANSSI qualification of cryptographic products.
• User authentication and authorization
  • Biometric authentication and related legal considerations.
  • Challenge/response authentication mechanisms.
  • Common attack techniques: brute force, keyloggers, credential stuffing, and more.
  • Multi-factor authentication (MFA).
  • Smart card authentication and X.509 client certificates.
  • HOTP and TOTP standards by OATH.
  • FIDO Alliance protocols UAF and U2F (Fast ID Online).
• Flow security
  • Crypto APIs for SSL and the evolution from SSL v2 to TLS v1.3.
  • Common attacks against SSL/TLS protocols.
  • Vulnerabilities and attacks on HTTPS traffic.
  • Hardware-based key protection and FIPS 140-2 certifications.
  • Quick methods to evaluate the security of an HTTPS server.
  • IPsec standard: AH and ESP modes, IKE protocol, and key management.
  • Overcoming issues between IPSec and NAT.
  • SSL VPNs: benefits and comparison with IPSec.
  • Using SSH and OpenSSH for secure remote administration.
  • Legal considerations of real-time network traffic decryption.
• Wifi security
  • Specific attacks targeting Wi-Fi networks.
    Techniques for detecting rogue access points (Rogue AP).
  • Security mechanisms of wireless access points.
  • Identification and overview of Wi-Fi related risks.
  • IEEE 802.11i security standard.
  • KRACK attack on WPA and WPA2.
  • Advances in WPA3 and DragonBlood vulnerabilities.
  • User and device authentication over Wi-Fi.
  • Wi-Fi authentication best practices in corporate environments.
  • Audit tools and open-source software: aircrack-ng, Netstumbler, WiFiScanner, etc.
• Smartphone Security
  • Threats and attacks targeting mobile devices.
  • Strengths and weaknesses of iOS and Android platforms.
  • Viruses and malware affecting smartphones.
  • Mobile device management solutions: MDM and EMM.
• Application security
  • Applying the defense-in-depth principle.
  • Security differences between web and mobile applications.
  • Main risks according to OWASP.
  • Focus on XSS, CSRF, SQL injection, and session hijacking attacks.
  • Key secure development practices.
  • Including security clauses in development contracts.
  • Web Application Firewalls (WAF): roles and operation.
  • Assessing an application’s security level.
• Active security management and supervision
  • Security audits: scope and frameworks (ISO 27001, GDPR, etc.).
  • Penetration testing: black box, gray box, and white box approaches.
  • Using Bug Bounty platforms.
  • Effective incident response strategies.
  • Implementing a Security Information and Event Management (SIEM) solution.
  • In-house management versus outsourcing of a Security Operations Center (SOC).
  • Advanced SOC 2.0 technologies: CASB, UEBA, Deceptive Security, EDR, SOAR, machine learning, and more.
  • ANSSI certifications (PASSI, PDIS, PRIS) for outsourced security services.
  • Incident response procedures according to ISO 27035 and NIST SP 800-61 R2.