Course Outline: ICSI | CyberSecurity Essentials

Module 1: Information Security

Lessons:

• What is Security
• Confidentiality, Integrity and Availability triad
• Privacy
• Non-Repudiation
• Types of Attacks
• Threats, Vulnerabilities and Risk
• Risk Management

Review Questions

Module 2: Identification, Authentication and Authorisation

Lessons:

• Identification
• Authentication
• Password and Multifactor Authentication
• Biometrics
• Authorization

Review Questions

Module 3: Access Control

Lessons:

• Access Control Lists (ACLs)
• Access Control Models and Methodologies
• Discretionary Access Control
• Mandatory Access Control
• Role-based Access Control

Review Questions

Module 4: Law and Compliance

Lessons:

• Laws and Regulations
• Compliance (Regulatory & Industry Compliance)

Review Questions

Module 5: Fundamentals of Encryption

Lessons:

• The History of Encryption
• Modern Encryption Methods
• Windows and Linux Encryption
• Hashing

Review Questions

Labs:

• Enabling BitLocker
• Encrypting a Folder Using EFS
• Use HashGenerator to generate hashes
• Use Ophcrack to crack password hashes

Module 6: Network Infrastructure and Security

Lessons:

• IP Protocols
• Management Protocols
• Routers and Switches
• Firewalls
• Firewall Implementation
• Proxy Servers
• Windows Firewalls
• Linux Firewalls
• Wireless Security
• Mobile Device Security
• Network Security Tools

Review Questions

Labs:

• Configuring Windows Firewall
• Configuring iptables Rules

Module 7: Microsoft Windows Infrastructure

Lessons:

• Active Directory Domain Services
• Group Policy Objects
• Configuring Windows
• Windows Update

Review Questions

Labs:

• Password Policies

Module 8: UNIX / Linux Server

Lessons:

• Configuring Linux
• Third Party Software Updates
• Core Operating System updates

Review Questions

Labs:

• Linux File Permissions
• Disabling Linux Services

Module 9: Assessing System Security

Lessons:

• Risk Assessment
• Conducting an Initial Assessment
• Probing the Network
• Vulnerabilities
• Documenting Security

Review Questions

Labs:

• Probing the Network using Nmap
• Identify details regarding a specific vulnerability

Module 10: Application Security

Lessons:

• Software Development Vulnerabilities
• Buffer Overflows
• Input Validation Attacks
• Authentication, Authorisation and Cryptographic Attacks
• Web Security
• Database Security
• Application Security tools

Review Questions

Module 11: Incident Response and Recovery

Lessons:

• What is Incident Response
• The Incident Response Process Model
• Why Incident Response is needed
• Disaster Recovery
• Business Continuity
• Fault Tolerance

Review Questions

Labs:

• Backup Windows 10
• Backup files using CPIO
• Backup files with TAR

Course: ICSI | CPT Certified Penetration Tester

This course is designed to teach how to perform penetration tests, how to think like an attacker and also demonstrates the tools needed to perform penetration testing.

Students will learn and perform information gathering, target discovery and enumeration, vulnerability mapping, system exploitation including Windows Domain attacks, and Azure AD (Active Directory), privilege escalation and maintaining access to compromised systems with over 40 detailed hands-on labs.

Module 1: Introduction to Kali Linux

Lessons:

• Kali Linux History
• Kali Linux Installation
• Kali Linux Configuration
• Basic Search Utilities

Labs:

• Finding Files
• Starting and Stopping Services

Module 2: Introduction to Penetration Testing

Lessons:

• What is Penetration testing
• Benefits of Penetration Testing
• Vulnerability Scans
• Methodologies
• Ethical Issues
• Legal Issues

Review Questions

Module 3: Standards

Lessons:

• Penetration Testing Execution Standard (PTES)
• PCI DSS
• NIST 800-115
• CREST UK
• OWASP Top 10
• ISO 27002

Review Questions

Module 4: Network Essentials

Lessons:

• TCP/IP
• IP Protocols
• Network Architectures
• Domain Name Server (DNS)
• Management Protocols
• Network Protocols
• Using Netcat

Labs

• Using Netcat

Module 5: Cryptography

Lessons:

• Basics of Cryptography
• History of Encryption
• Symmetric Encryption
• Asymmetric (Public Key) Encryption
• Digital Signatures
• Hashing
• MAC and HMAC
• Encoding
• Password Crackers
• Steganography
• Cryptanalysis

Review Questions

Module 6: Scripting

Lessons:

• Scripting
• Windows PowerShell (Command Line Interface)
• Linux Shell (Command Line Interface)

Labs:

• Writing a Simple Bash Script

Module 7: Information Gathering

Lessons:

• Passive Information Gathering
• Registration Records
• Google Searching
• Active Information Gathering
• DNS Enumeration
• Host Discovery
• Port and Operating System Discovery
• Fingerprinting and Enumeration

Labs:

• Using Shodan
• DNS Enumeration
• Host Discovery
• Port and operating System Discovery
• Fingerprinting and Enumeration
• Information Gathering

Module 8: Vulnerability Assessment

Lessons:

• Vulnerabilities
• Packet Capture
• Network Scanners
• Nmap NSE
• Metasploit Framework
• Web Application Scanners

Labs:

• Using Wireshark
• Using OpenVas
• Using Nmap Scripts
• Using Metasploit Framework
• Finding Vulnerabilities

Module 9: Reconnaissance and Exploitation of Windows Services

Lessons:

• Important Windows Files
• Windows Logs
• The Registry
• Active Directory Roles
• Active Directory Database
• Active Directory Reconnaissance
• User and System Enumeration
• Windows Vulnerabilities
• Windows Privilege Escalation
• Antivirus Evasion
• Harvesting Credentials
• Windows Password Cracking

Labs:

• Active Directory Reconnaissance
• User and System Enumeration
• Windows Vulnerabilities
• Windows Privilege Escalation
• Evading Windows Defender
• Responder
• Dumping Credentials from Memory
• Extract SAM File from Windows Registry
• Attacking SMB

Module 10: Reconnaissance and Exploitation of Linux/UNIX Services

Lessons:

• Linux Permissions Review
• User Enumeration
• Linux/Unix Service Enumeration
• Linux/Unix Vulnerabilities
• Linux Privilege Escalation
• Linux/Unix Passwords

Labs

• User Enumeration
• Service Enumeration
• Exploit ProFTP
• Linux Privilege Escalation
• Linux/Unix Vulnerabilities

Module 11: Reconnaissance and Exploitation of Web-Based Applications

Lessons:

• Web Protocols
• Web Servers
• Web Application Structure Discovery
• Cross-Site Scripting (XSS)
• SQL Injection
• Directory Traversal
• File Uploads
• Command Execution

Labs:

• XSS
• SQL Injection
• Directory Traversal
• File Uploads
• Command Execution

Module 12: Databases

Lessons

• Databases
• Microsoft SQL Server
• Oracle RDBMS
• MySQL

Labs

• Assessing Databases

Module 13: Lateral Movement

Lessons

• Discovery
• Windows Situational Awareness
• Linux Situational Awareness
• Lateral Movement

Labs

• Pass the Hash
• Port Forwarding

Module 14: Data Exfiltration

Lessons

• Data from Local System
• Data Exfiltration with Frameworks

Labs

• Data Exfiltration with Metasploit

Module 15: Maintaining Access and Covering Tracks

Lessons

• Persistence
• Windows Persistence
• Windows Persistence with Scheduled Tasks
• .bash Startup File Manipulation
• Local Job Scheduling
• Linux Persistence by Adding User Accounts
• Windows Persistence by Adding User Accounts

Labs

• Maintaining Access

Module 16: Pen Testing Cloud Services (Azure)

Lessons

• Introduction to Cloud Computing
• Cloud Security
• Threats and Attacks
• Azure
• Azure AD
• Access Control
• Attacking Azure with PowerZure

Labs

• Attacking Azure

Course: ICSI | CDFE Digital Forensics, Incident Response and Threat Hunting

In this course, we will discuss what Incident Response and Digital Forensics are, the legal implications they have and how they are structured. We will also perform various exercises on digital forensics tools in order to get a clear understanding of the technicality that digital forensics assumes.

We will study how to capture images of memory, storage, network packets and logs and how to correlate them in order to draw conclusions. Finally, we will look at malware and threat analysis, which are more than ever relevant today.

Module 1: Incident Response

Lessons:

• What is Incident Response
• The Incident Response Process Model
• The Role of Digital Forensics
• Why Incident Response is Needed
• The Incident Response Framework
• The CSIRT Response Charter
• The Incident Response Team
• The Incident Response Plan
• Incident Classification
• The Incident Response Playbook
• Escalation Procedures
• Incident Response Capability Maintenance

Review Questions

Module 2: Identification, Authentication and Authorisation

Lessons:

• Digital Forensic Fundamentals
• UK Laws and Regulations
• Digital Forensic Process
• Forensics Lab

Review Questions

Module 3: Collection of Network Evidence

Lessons:

• Collection of Network Evidence
• Preparation
• Evidence from Network Devices
• Collection of Evidence

Review Questions

Module 4: Capturing Evidence from Host Systems

Lessons:

• Capturing Evidence from Host Systems
• Methods for Acquiring Evidence
• Procedures for Collecting Evidence
• Acquiring Memory
• Acquiring Memory Remotely
• Virtual Machines Captures
• Non-Volatile Data

Review Questions

Labs

• Acquiring Memory with FTK Imager
• Acquiring Memory with WinPmem
• Capturing Registry and Logs using FTK Imager

Module 5: Forensic Imaging

Lessons:

• Forensic Imaging
• Forensic Imaging Overview
• Evidence Drive Preparation
• Dead Imaging
• Live Imaging

Review Questions

Labs:

• Drive Wiping with Eraser
• Encrypting a Drive’s Repository Partition with VeraCrypt
• Creating a Forensic Image with a GUI Tool
• Create a Forensic Image with a CLI Tool
• Creating a Live image using FTK Imager Lite
• Forensic Imaging

Module 6: Analysing Network Evidence

Lessons:

• Analysing Network Evidence
• Wireshark

Labs:

• Network Traffic Identification: PING
• Network Traffic Identification: DNS Query
• Network traffic Identification: TCP Three-Way Handshake
• Traffic Analysis: Host Footprinting / File Extractions
• Analysing Network Evidence

Module 7: Analysis of System Memory

Lessons:

• Analysis of System Memory
• Memory Analysis Methodology

Labs:

• Analysis of Memory File Using Volatility
• Analysis of System Memory

Module 8: Analysis of System Storage

Lessons:

• Analysis of System Storage
• Types of System Storage
• File Systems
• Commercial Tools
• Must Have Tools for Incident Responders
• File Carving
• Email Analysis
• Registry Analysis
• Hashing
• Web Browser Analysis
• File Analysis
• Timestamps and Timeline Analysis
• Event Log Analysis
• Shortcut Files and Jump List Analysis
• Prefetch File Analysis
• Thumbnail Caches Analysis
• GREP Searches
• File Recovery
• Recovering Passwords

Labs:

• File Carving
• Email Header Analysis
• Reading Offline Files with Regedit
• Reading Offline Registry Files with Windows Registry Recovery
• Reading Offline Files with RegRipper
• Hashing Folders and Their Contents for Comparison
• Hashing Individual Files for Comparison
• Hashing Evidence Files for Validation
• Analysing Chrome Internet Cache and History
• File Analysis – Microsoft Office Files
• File Analysis – EXIF Data from Graphic Files
• Combining Timestamps for a Timeline
• Examining Event Logs
• Shortcut File Analysis
• Jump List Analysis
• Prefetch File Analysis
• Analysing Thumbs.db from Windows XP
• Analysing Cache Images within Microsoft Files
• GREP Searching Through Log Files
• Mounting a Forensic Image with FTK Imager and Recovering Files
• Recovering Files from Forensic Images with Autopsy
• Recovering Passwords

Module 9: Log Analysis

Lessons:

• Collecting Data from Network Devices
• Collecting Data from Host Machines and Application Protocols
• Log Analysis Tools
• Using SIEM’s for Log Analysis

Labs

• Using Log Parser to Analyse Logs
• Analysing Logs with Linux Tools
• Log Analysis with Splunk

Module 10: Creating Forensics Reports

Lessons:

• Creating Forensic Reports
• What Should Be Documented
• Documentation Types
• Sources to Include
• Audience
• Tracking Incidents
• Written Reports

Review Questions

Module 11: Malware Analysis

Lessons:

• Malware Analysis
• Malware Types and Definition
• Malware Analysis Methodology

Labs

• Performing Static Analysis
• Performing Dynamic Analysis
• Malware Analysis

Module 12: Threat Intelligence

Lessons:

• Threat Intelligence
• Threat Intelligence Actor Groups
• Advanced Persistent Threat
• Types of Threat Intelligence
• Threat Intelligence Life Cycle
• Sourcing Threat Intelligence
• Threat Intelligence Platforms
• Threat Intelligence Use Types

Review Questions

Labs:

• Hashing Evidence – Known Bad Hashes

Course: ICSI | CIL Certified ISO 27001 Lead Implementer

The ISO 27001 is the most acknowledged and globally recognized standard for implementing an Information Security Management System (ISMS) within any organization. The value of information assets and the importance of thoroughly securing them against today’s ever increasing threats, highlight the significance of developing and implementing effective and holistic security management systems. The course highlights the importance of information security and provides the necessary tools and methodologies for students to master the concepts of ISMS implementation, in line with ISO 27001.

Module 1 – Introduction

Module 2 – ISO/IEC 27000:2014 (Overview and vocabulary)

Module 3 – ISO/IEC 27001:2013 Mandatory Certification Requirements

Module 4 – ISO/IEC 27005:2011 Information Security Risk Management

Module 5 – ISO 27001 – Annex A Controls

Module 6 – ISO/IEC 27003 Implementation of ISMS Framework

Module 7 – ISO/IEC 27007 – ISMS Audit and Certification

Course: CREST CPSA/CRT Exam Preparation

This course will prepare students for the CREST CPSA theoretical and CRT practical exam, as a CREST accredited course, it is closely aligned with the CREST CPSA / CRT technical syllabus.

The CREST Registered Penetration Tester examination is recognised by the NCSC as providing the minimum standard for CHECK Team Member status and is designed to assess a candidate’s ability to carry out basic vulnerability assessment and penetration testing tasks.

Appendix A: Soft Skills and Assessment Management
Module 1: Engagement Lifecycle (A1)
Module 2: Law and Compliance (A2)
Module 3: Scoping (A3)
Module 4: Understanding, Explaining and Managing Risk (A4)
Module 5: Record Keeping, Interim Reporting and Final Results (A5)
Appendix A Quiz

Appendix B: Core Technical Skills
Module 1: IP Protocols (B1)
Module 2: Network Architectures (B2)
Module 3: Network Mapping and Target Identification (B4)
Guided Exercise: Network Mapping and Target Identification (B4) (CRT)
Guided Exercise: Interpreting Tool Output (B5) (CRT)
Module 4: Filtering Avoidance Techniques (B6)
Module 5: OS Fingerprinting (B8)
Guided Exercise: OS Fingerprinting (B8) (CRT)
Guided Exercise: Application Fingerprinting and Evaluating Unknown Services (B9) (CRT)
Module 6: Cryptography (B11)
Module 7: Applications of Cryptography (B12)
Module 8: File System Permissions (B13)
Guided Exercise: File System Permissions  (B13) (CRT)
Module 9: Audit Techniques (B14)
Appendix B Quiz

Appendix C: Background Information Gathering & Open Source
Module 1: Registration Records (C1)
Module 2: Domain Name Server (DNS) (C2)
Guided Exercise: Domain Name Server (DNS) (C2) (CRT)
Module 3: Google Hacking and Web Enumeration (C4)
Module 4: Information Leakage from Mail Headers (C6)
Appendix C Quiz

Appendix D: Networking Equipment
Module 1: Management Protocols (D1)
Guided Exercise: Management Protocols (D1) (CRT)
Module 2: Network Traffic Analysis (D2)
Module 2: Network Traffic Analysis (D2)
Module 4: IPsec (D4)
Module 5: VoIP (D5)
Module 6: Wireless (D6)
Module 7: Configuration Analysis (D7)
Appendix D Quiz

Appendix E: Microsoft Windows Security Assessment
Module 1: Domain Reconnaissance (E1)
Guided Exercise: Domain Reconnaissance and Active Directory (E1 & E3) (CRT)
Module 2: User Enumeration (E2)
Guided Exercise: User Enumeration (E2) (CRT)
Module 3: Active Directory (E3)
Module 4: Windows Passwords (E4)
Module 5: Windows Vulnerabilities (E5)
Guided Exercise: Windows Vulnerabilities and Common Windows Applications (E5 & E9) (CRT)
Module 6: Windows Patch Management Strategies (E6)
Module 7: Desktop Lockdown (E7)
Module 8: Exchange (E8)
Module 9: Common Windows Applications (E9)
Appendix E Quiz

Appendix F: Unix Security Assessment
Module 1: User Enumeration (F1)
Guided Exercise: User Enumeration (F1) (CRT)
Module 2: UNIX/Linux Vulnerabilities (F2)
Guided Exercise: Unix Vulnerabilities (F2) (CRT)
Module 3: FTP (F3)
Guided Exercise: FTP (F3) (CRT)
Module 4: Sendmail/SMTP (F4)
Guided Exercise: Sendmail/SMTP (F4) (CRT)
Module 5: Network File System (NFS) (F5)
Guided Exercise: Network File System (NFS) (F5) (CRT)
Module 6: R-Services (F6)
Guided Exercise: R-Services (F6) (CRT)
Module 7: X11 (F7)
Guided Exercise: X11 (F7) (CRT)
Module 8: RPC Services (F8)
Guided Exercise: RPC Services (F8) (CRT)
Module 9: SSH (F9)
Guided Exercise: SSH (F9) (CRT)
Appendix F Quiz

Appendix G: Web Technologies
Module 1: Web Server Operation & Web Servers and Their Flaws (G1 & G2)
Guided Exercise: Web Server Operation (G1) (CRT)
Guided Exercise: Web Servers & Their Flaws (G2) (CRT)
Module 2: Web Enterprise Architectures (G3)
Module 3: Web Protocols (G4)
Guided Exercise: Web Protocols (G4) (CRT)
Module 4: Web Markup Languages (G5)
Module 5: Web Programming Languages (G6)
Module 6: Web Application Servers (G7)
Guided Exercise: Web Application Servers (G7) (CRT)
Module 7: Web APIs (G8)
Module 8: Web Sub-Components (G9)
Appendix G Quiz

Appendix H: Web Testing Methodologies
Web Application Reconnaissance (H1)
Threat Modelling and Attack Vectors (H2)
Information Gathering from Web Mark-up (H3)
Authentication Mechanisms (H4)
Authorisation Mechanisms (H5)
Input Validation (H6)
Information Disclosure in Error Messages (H8)
Use of Cross Site Scripting (XSS) (H9)
Use of Injection Attacks (H1)
Session Handling (H11)
Encryption (H12)
Source Code Review (H13)
Appendix H Quiz

Appendix I: Web Testing Techniques
Guided Exercise: Web Site Structure Discovery (I1) (CRT)
Guided Exercise: Cross Site Scripting Attacks (I2) (CRT)
Guided Exercise: SQL Injection (I3) (CRT)
Guided Exercise: Parameter Manipulation (I6) (CRT)
SQL Injection (I3)

Appendix J: Databases
Module 1: Databases
Module 2: Microsoft SQL Server (J1)
Guided Exercise: Microsoft SQL Server (J1) (CRT)
Module 3: Oracle RDBMS (J2)
Guided Exercise: Oracle RDBMS (J2) (CRT)
Module 4: MySQL (J3)
Guided Exercise: MySQL (J3) (CRT)
Appendix J Quiz

Candidates over the age of 18 are eligible to enrol in the programme, provided they have successfully completed the personal interview and technical assessment, and can demonstrate good knowledge of the English language.

This is a 12-week programme and must be completed in that timeframe. 

The ICSI | MasterPath Certificate in Cybersecurity is granted to all who have obtained the following three certifications:

1. ICSI | Certified Penetration Tester (CPT)
2. ICSI | Certified Digital Forensics Examiner (CDFE)
3. ICSI | Certified ISO 27001 Lead Implementer (CIL)

Yes. This programme is 100% online. Students can do it from the comfort of their own home or wherever they have a computer and internet.

Yes. This programme was designed to take complete beginners in addition to business professionals. 

We help get you a job in cybersecurity. 92% of our UK graduates are employed in a tech role within six months of completing this programme.

Our careers team will help you with:

• CV writing services
• LinkedIn profile
• Cover letter
• Personal Statement
• Interview coaching
• Introducing you to employers

UK / EU citizens and UK residents with the right to work for at least 2 further years.

Repayment Terms:

a. Deposit of £500
a.  7% Income Share for 36 Repayment Months
b. Only make repayments when earnings exceed £22,000
c. Max Cap: 175%
d. No further obligation to repay after 72 months from the course end date