Cybersecurity professionals who can protect and defend an organization's network are in high-demand.
Put your detective-like qualities to work by gaining knowledge toward a career in fighting cybercrime.
Future Cybersecurity professionals can choose a pathway of six security courses comprising more than 300 hours of interactive learning, thereby focusing on problems that you will need to be able to solve.
More information: https://ciscointeractivepathways.com/Cybersecurity-Pathways.html
| | |
|
Be a Cloud Protector
As organizations move to the cloud, who will keep it safe? We need information security professionals who are cloud savvy. Gain in-demand cloud skills and answer the call in this fast-growing field.
In this course, you will learn the fundamentals of cloud computing and prepare for the Certificate of Cloud Security Knowledge (CCSK).
The CCSK certificate is widely recognized as the standard of expertise for cloud security and gives you a cohesive and vendor-neutral understanding of how to secure data in the cloud.
Recommended preparation: Introduction to Cybersecurity and Cybersecurity Essentials (or equivalent)
You'll Learn These Core Skills:
In-depth understanding of the full capabilities of cloud computing.
Knowledge to effectively develop a holistic cloud security program relative to globally accepted standards
Understand best practices for Identity and Access Management (IAM), cloud incident response, application security, data encryption, Security as a Service, and securing emerging technologies.
Prepare for Certificate of Cloud Security Knowledge (CCSK) certification.
Length: 35 hours
Level: Intermediate
| | |
|
During the IPD Week on 5 May 2021 Tom Cordemans will be demonstrating best practices to teach about network security.
Tom says: "Learning protocols can be hard and sometimes boring. By using the hacker's perspective you can tackle the learning process in a different way. Let's find out. We'll use DHCPv4 as an example."
We encourage all instructors to take part in Tom's workshop. Tom is an instructor in higher education both in Bruges and Brussels. Moreover, Tom is an active advisor for BiASC.
Diving into networking protocols by using the hacker’s perspective
| | |
|
Did you know?
More than 99% of malware is sent by either web server or email
| | |
|
During the summer a new CyberOps Course will be released focussing on the new CyberOps Associate certification. BiASC is ready to support all Cisco Academies and instructors interested in CyberSecurity Operations.
The CyberOps Associate Course aligns with the new CBROPS 200-201 Certification Exam. The major difference between the previous CCNA CyberOps and the CyberOps Associate certification is the shift in the requirement for two exams to certify to one exam. The new, consolidated CyberOps Associate has been updated to cover the latest fundamentals for entry-level cybersecurity operations job roles (SOC analyst).
The course covers: Security concepts, security monitoring, host-based analysis, network intrusion analysis, and security policies and procedures. This includes some new topics such as: access control models for digital assets, malware analysis and interpretation, identifying protected data, and understanding key SOC metrics to expedite detection and containment of breaches. Networking fundamentals have been removed and are part of the CCNA certification.
| | |
|
What is Torchlight's Academic CyberSecurity Tournament?
A CyberSecurity Tournament is being organized in February for IT students in Information Security.
Several partners within the industry will be challenging the participants within their respective arenas.
This is an opportunity to meet and challenge your potential future colleagues, to have fun, to win prizes and to learn and gain lots of experience.
A ceremony will be held after the tournament to congratulate the participants, thank the partners and distribute their prizes. Additionally the winner of the tournament will receive a certificate of accomplishment.
More information: https://docs.google.com/forms/d/e/1FAIpQLSen6cT-AhqZGIV6Xo6HeSvx9iS8ereZiNlDgp4-Ji0CqsZ8mg/viewform
| | |
|
This Month is a Cyber Security Awareness Month. Cisco has prepared a special page with useful resources. They have posted two Cybersecurity courses on it.
If you’re thinking about exploring a path in cyber, read our experts' personal stories on how they did it, and sign up to free online training.
Want to know how to protect yourself and your loved ones online? Here are some tips.
Get the latest cyber threat information from Cisco’s dedicated threat intelligence team, Cisco Talos
Get the latest insights into how to keep cyber criminals at bay
| | |
|
More than 91% of malware uses DNS to gain command and control, exfiltrate data, or redirect web traffic.
Watch this webinar session to learn how DNS-layer security can help you block threats before they can reach your network or endpoints.
URL: https://learn-umbrella.cisco.com/webcasts/getting-to-know-dns-security-again-2
| | |
|
Before, During, and After a Security Attack, 17 April, 9:00 a.m. Pacific Daylight Time: Register Here
Have you ever wondered what happens before a bad actor attacks a network? The hope is that their attempt to infiltrate the infrastructure will be eliminated by the layers of security protection built into the network. However, sometimes the attackers exploit an unknown, so-called, 0-day vulnerability to get inside. Do not panic – even during the attack, we can collect valuable information and learn how the attack is being-executed and if or where it is spreading.
Moreover, based on the collected information, we know where we should concentrate our cleaning efforts after the attack has been discovered and eliminated. Join this session to learn more about threat protection, and how simple scripts with programmability and automation can turn your response time to an attack from minutes to seconds.
If you register, you will get access to the recording.
| | |
|
The diagram shows the OAuth architecture, and the relationships between the Resource Owner (you, the user), the Resource Provider (which authenticates users and authorizes the third-party applications), and the Third-Party Application (such as a money management app, an online shopping cart, a mobile phone ticket repository, online storage, and more). If you have ever used the feature, “Log in with Facebook,” or “Sign in with Google,” on web sites that are not administered by Facebook or Google, then you have used OAuth. Facebook or Google is the “resource provider,” verifying that you, the “resource owner,” have successfully authenticated; after successful authentication, the “resource provider,” can provide access to the “third party,” based on what the “resource owner” (you) have authorized the resource provider to provide. This fragment is based on the Cisco Learning Library, interactive online course materials: Introducing Cloud Consumer Security (SECICC) v1.0
OAuth is an open authorization protocol, which allows access to application environments without the explicit sharing of login credentials. You can think of OAuth as a “go-between” authenticator, similar to RADIUS or TACACS, except that usernames and passwords are never exchanged in an OAuth framework.
It’s important to keep in mind that OAuth is a protocol, not an application service itself. Using OAuth requires an application. This is very similar to SSH.
Simply building OAuth into an application does not guarantee integration or support. In the OAuth framework, the Third-Party Application needs to “register” with the Resource Provider in order to exchange Authorization Grants and Tokens.
| | |
|
| | |
|
A new course called IoT Security will be available soon. With BiASC we are currently evaluating this course, which is still under limited availability.
What is IoT Security about?
Internet of Things is one of the key pillars in the forces of digital disruption that enable digital transformation in every industry. At the same time, the enormous increase of connected IoT devices is not only enabling the digitization of industries, but also increases the landscape of possible security threats. The IoT Security course provides the learner with introductory skills to perform Vulnerability and Risk Assessments on IoT solutions in a specific business context. Students who complete the IoT Security course will be able to assess, research, and provide risk mitigation strategies for common security vulnerabilities in IoT systems. Students seeking a career in the rapidly growing IoT and Security domains will learn practical tools for evaluating security vulnerabilities in IoT solutions, perform threat modeling, and use risk management frameworks to recommend threat mitigation measures.
Research practice and ethical hacking
As in the CyberOperations course students have to accept the ethical hacking agreement.
One of the practice labs is with Shodan explained on the SANS Penetration Testing Website. Also Kali Linux will be used.
Shodan is a search engine that takes a distinct departure from most Internet search engines. Instead of searching through content intentionally served up and delivered to web browsers, Shodan allows us to search for Internet-connected devices.
URL: https://pen-testing.sans.org/blog/2015/12/08/effective-shodan-searches
Next Steps
If instructors in Belgium are interested, we will organise an IoT Security initial training between October and December 2018, as well as in May 2019. Please send a mail to <yvan@biasc.be> if you would like to receive more information
| | |
|
The Cisco ASA and Cisco ASA-X firewalls provides nearly infinite flexibility in so far as their NAT configuration. From the modularity of using objects, to the simplicity of configuring Auto NAT, to the granularity of Manual NAT, to the precision of NAT precedence — the ASA can do it all.
This article covers each of these concepts in detail, explaining what they mean, when to use them, and how to apply them. If you read it from start to finish, and were able to follow with the examples and illustrations, then you can decidedly consider yourself an address translation expert on the Cisco ASA platform.
Part 1 – NAT Syntax
Objects - Real and Mapped - Auto NAT - Manual NAT
Part 2 – NAT Configuration Examples
Static NAT - Static PAT - Dynamic PAT - Dynamic NAT
Part 3 – Advanced NAT
Policy NAT - Twice NAT - NAT Precedence - Identity NAT
Here is the complete guide: http://www.practicalnetworking.net/stand-alone/cisco-asa-nat/
April 16, 2018 By
| | |
|
Here is the presentation for the ASA workshop prepared by Nico Declerck. The materials were used at the recent BiASC Workshop Day at Cisco Diegem on 20 April 2018.
| | |
|
OPEN SESSION!
BiASC and Cisco Netacad are offering a Cybersecurity Essentials Course Deep Dive in English for existing as well as new and potential instructors.
More information and Registration: http://cs.co/netacadcyber/
| | |
|
In het kader van Digitale Versnelling Nederland worden in maart en april webinars georganiseerd met sprekers die ervaring hebben in de verschillende domeinen van CyberSecurity. De doelgroep voor de Cyber Security webinars is iedereen (binnen en buiten het securitydomein) die interesse heeft in hacken, innovatie en overheidsbeleid ten aanzien van CyberSecurity in Nederland. De Netacad cursus Introduction to CyberSecurity wordt gekoppeld aan de webinars.
Continue reading "CyberSecurity Webinars - maart & april 2018 - Cisco DVN" »
| | |
|
After the CyberSecurity Operations course you will be able to analyse and explain the actions of a botnet.
A botnet consists of a group of "zombie" computers that run robots (or bots) and a master control mechanism that provides direction and control for the zombies. The originator of a botnet uses the master control mechanism on a command-and-control server to control the zombie computers remotely using IRC or other means.
A botnet typically operates as follows:
A botnet operator infects computers by sending them malicious bots. A malicious bot is self-propagating malware that is designed to infect a host and connect back to the command-and-control server. In addition to its worm-like ability to self-propagate, a bot can include the ability to log keystrokes, gather passwords, capture and analyze packets, gather financial information, launch DoS attacks, relay spam, and open back doors on the infected host.
Bots have all the advantages of worms, but are generally much more versatile in their infection vector, and are often modified within hours of publication of a new exploit. Bots have been known to exploit back doors that are opened by worms and viruses, which allows the bots to access networks that have good perimeter control. Bots can infect networks in a way that escapes immediate detection.
The bot on the newly infected host logs in to the command-and-control server and awaits for the commands. Often, the CnC traffic is sent using either IRC, P2P, DNS, HTTP, and HTTPS. When using HTTPS, the CnC traffic will be encrypted using TLS or SSL, making it harder to detect.
Instructions are sent from the CnC server to each bot (zombie) in the botnet to execute actions. When the zombies receive the instructions, they begin generating malicious traffic that is aimed at the victim. Zombies mostly run a covert channel to communicate with the command-and-control server that the attacker controls.
| | |
|
In the new CCNA CyberSecurity Operations course you learn how to understand attack patterns and how to deal with it as a network defender. Only six steps are necessary to start malicious activity in which a command and control (C2) server is involved. In the image above you see a typical network attack in which a victim's computer is being compromized step by step.
Source
Chris Sanders, Security Onion 2016: The Investigators Labyrinth: A Data-Driven Perspective, 29:38
Published on Youtube 12 SEP 2016
URL: https://www.youtube.com/watch?v=nW9g2K69qOA
| | |
|
Recent Comments