www.pnytrainings.com PROFESSIONAL DIPLOMA IN ADVANCE CYBER SECURITYTrainings WHERE SUCCESS BEGINS www.pnytrainings.comwww.pnytrainings.com PREREQUISITES: Anyone who wants or needs to perform basic of Cyber Security WHY THIS DIPLOMA??? > The Professional Diploma in Advance Cyber Security is developed for network engineers/ administrators that fully develops and evaluates your networking and security knowledge and helps you add value to any organization's network. > This is designed to prepare the applicants to identify, design and recommend the best network solutions for small to medium-sized businesses. It provides. the installation, configuration, and troubleshooting information that technical support people require to install and configure the networking products sold through two tier distribution > Lectures, labs and interactive cases are provided to increase your understanding of the products and to best position them to meet customers’ requirements. This curriculum includes basic mitigation of security threats, introduction to wireless networking concepts and terminology, WAN technologies and performance-based skills. DIPLOMA OUTCOMES: > This makes you a solid, well-rounded network/security engineer. Completing the certification process not only gives you a certificate, but it also trains you in multiple levels and areas regarding the ability to work with routed, switched and firewall networks. > You will be able to work within the following domains: > Installation > Configuration > Operation & Troubleshooting A GLIMPSE OF THE OVERALL CONTENT OF PROFESSIONAL DIPLOMA IN ADVANCE CYBER SECURITY The diploma covers the following topics: Gp “== Trainings =www.pnytrainings.com > Information Security Fundamentals > Cyber Security Advance Research > Website Security > CCNA (basic to advance networking) > MCSA 2012 (basic to pro) > Cisco & MicroTik Configuration > Penetration Getting Setup > Bash Scripting > Python For Hacking > Bug Bounty Programs > Security Standards and Management VALUE-ADDED FEATURES OF THIS DIPLOMA: > You'll be trained by the networking professionals, > Diploma is the foundation that networking careers are built upon > Diploma will give you more career options > Diploma will prepare you for network evolution in the digital era > Trainings help increase your paycheck Sony “== Trainings =Cone Coe ee Understanding and combating cyber threats. The course covers threat source and nature of cyber threats with likely targets and threat scenarios. Effective Cyber Securityisonly possible through identifying, analyzing, classifying and understanding the threat. Complete penetration testing from scratch to advance. INTRODUCTION TO INFORMATION SECURITY FUNDAMENTALS & BEST PRACTICES 1.1. CYBER SECURITY AWARENESS - THREATS AND COUNTERMEASURES 1.1.1. Protecting Your Computer & its Contents 1.1.2. Privacy Guidelines & Safe Internet Usage 1.1.3. Ethics in Cyber Security & Cyber Law 1.1.4, Intellectual Property 1.2. PROFESSIONAL ETHICS 1.2.1. Internet Fraud 1.2.2. Cybercrimes 1.2.3. Secure Software & Browser Security 1.2.4. Cookies & Browser Storage 1.2.5. Managing a Business Information Continuity Plan 1.3. VULNERABILITIES & CONTROLS 1.3.1. Information Risk Management 1.3.2. Risk Response Development & Control 1.3.3. Security Policy, Compliance, & Business Continuity 1.3.4. Cyber Incident Analysis & Response 1.4. CYBER SECURITY ADVANCE RESEARCH BACKGROUND 1.4.1. Defining Cybersecurity 1.4.2. Threat Landscape 1.4.3. Purpose and Applicability 1.4.4. Relationship to Other Security Control Publications 1.4.5. Management, Operational, and Technical Controls 1.4.6. Write your own research pape & Publishing your research GY, Pe rena o1.5. ETHICAL HACKING AS A CAREER 1.5.1. Career Paths 1.5.2. Network Architecture 1.5.3. System Administration 1.5.4. Applications and Databases 1.5.5. Certifications 1.5.6. High-Level Certifications 15,7. Skill- and Vendor-Specific Certifications 1.5.8. Associations and Organizations 1.5.9. Professional Organizations 1.5.10, Conferences & Local Communities 1.5.12. Mailing Lists & Putting It All Together SECURE WEB DEVELOPMENT 2.1, WEB BASICS AND AUTHENTICATION SECURITY 2.1.1, HTTP basics 2.1.2. Overview of web technologies 2.1.3. Web application architecture 2.1.4, Recent attack trends 2.1.5. Authentication vulnerabilities and defense 2.1.6. Authorization vulnerabilities and defense 2.2. PROACTIVE DEFENSE AND OPERATION SECURITY 2.2.4, Cross-site scripting vulnerability and defenses 2.2.2. Web environment configuration security 2.2.3. Intrusion detection in web application 2.2.4, Incident handling 2.2.5. Honeytoken 2.3. VALIDATION CONCERNS 2.3.1. Character Encoding 2.3.2. Input Validation & Output Encoding 2.3.3. Blacklisting and Whitelisting 2.3.4. Validation Techniques 2.3.5. Regular Expressions G, ~Cou Cotes RST 2.3.6. Servlet Filters 2.3.7. Output Encoding & Content Security Policy 2.3.8. Prepared Statements 2.3.9. CSRF Defense 2.4. AUTHENTICATION AND SESSION MANAGEMENT 2.4.1. Authentication Factors 2.4.2. Authentication Attacks 2.4.3, Basic Authentication 2.4.4. Form-based Authentication CCNA (BASIC TO ADVANCE NETWORKING) 3.1. BASIC NETWORK CONCEPT 3.1.1. OSI Reference model 3.1.2. TCP/IP & UCP. 3.1.3. Basic Network topologies 3.1.4. Network Design 3.1.5. Internet protocol (ip) Addressing 3.1.6. IPv4 and IPV6 3.2. ACCESSING NETWORK DEVICES. 3.2.1. How to access a router/switch (cisco/huawei/mikrotik/tplink/dlink) 3.2.2. Basic configuration of router/switch (cisco/huawei/mikrotik/tplink/dlink) 3.2.3. How to secure a router/switch (cisco/huawei/mikrotik/tplink/dlink) 3.3. SWITCHING 3.3.1. (NTP)Network Time protocol 3.3.2. (STP)Spanning Tree Protocol 3.3.3. VLAN(Virtual LAN) 3.3.4. VTP(Virtual Truncking Protocol) and its modes 3.3.5. DTP(Dynamic Trunking Protocol) 3.4. LAYER 2 SECURITY ROUTING 3.4.1. Routing Protocol(Static/ Dynamic) Sony “== Trainings —Cou Cotte ESS 3.4.2. RIP (Router information Protocol) 3.4.3. OSPF (Open Shortest Path First) 3.4.4. VPN (Virtual Private Network) 3.4.5. Wireless Deployment (LAN/WAN) 3.4.6. WAN Technologies 3.4.7. Configuring WLAN MCSA 2012 (BASIC TO PRO) 4.1. INSTALLING WINDOWS SERVER 2012 4.1.1. NTFS file system and its features - file permissions, quota & offline files 4.1.2. Hyper-V - Creating and configuring virtual machines 4.1.3. Hyper-V - Creating and configuring virtual machine storage 4.1.4. Hyper-V - Creating and configuring virtual networks 4.1.5. IPv4 and IPv6 4.1.6. DHCP - Deployment and configuration 4.17. DNS - Forward and reverse lookup, & Zoning 4.1.8, Installing Active Directory domain controllers 4.1.9. Active Directory user, group, OU management 4.1.10, Create and manage Group Policy objects (GPOs) 4.1.11. Configure security policies 4.1.12. Configure application restriction policies 4.1.13, Configure Windows Firewall 4.2. ADMINISTERING WINDOWS SERVER 2012 4.2.1. Windows Deployment Services (\WDS) 4.2.2. Install and configure Windows Server Update Service (WSUS) 4.2.3. Configure Distributed File System (DFS) 4.2.4. Configure File Server Resource Manager (FSRM) 4.2.5. Configure file and disk encryption 4.2.6. Configure VPN 4.2.7. Configure Network Access Protection 4.2.8. Active Directory backup and restoration 4.2.9. Advance Group Policy Object configuration and management Gp S= Trainings =Cone Catt: 4.3. CONFIGURING ADVANCED WINDOWS SERVER 2012 SERVICES 4.3.1. Configure Network Load Balancing (NLB) 4.3.2. Configure failover clustering 4.3.3. Manage Virtual Machine (VM) migration 4.3.4. Configure advanced file services 4.3.5. Configuring Hyper-V site level fault tolerance 4.3.6. Advanced DHCP, DNS 4.3.7. Active Directory Forest trust relationship 4.3.8. Active Directory sites and services CISCO & MICROTICK (NETWORK SECURITY AND FIREWALLS) 5.1. BASICS OF THE FIREWALL 5.1.1, Introduction to Firewalls 5.1.2. Cisco Erase Configuration 5,13. Cisco ASDM Configuration & Cisco Security Levels 5.2. NAT 7 PAT 5.2.1, Cisco Dynamic NAT Configuration 5.2.2. Cisco Dynamic NAT with DMZ 5.2.3. Cisco PAT Configuration 5.2.4, Cisco Per-Session vs Multi-Session PAT 5.2.5, Cisco Static NAT 5.2.6. Cisco NAT Port Forwarding 5.2.7. Cisco Hairpin Internal Server 5.3. ACCESS-LISTS 5.3.1. Cisco Access-List Introduction 5.3.2. Cisco Remove Access-List 5.3.3. Cisco Object-Group Access-List 5.3.4. Cisco Time Based Access-List 5.3.5. VLANs and Trunking 5.3.6. Cisco Sub-Interfaces, VLANs and Trunking Sony “== Trainings ~~Cove Cotte ST 5.4. IPSEC VPN 5.4.1. Cisco Site-to-Site IKEv1 IPsec VPN 5.4.2. Cisco Site-to-Site IKEv1 IPsec VPN Dynamic Peer 5.4.3. Cisco Site-to-Site IKEv1 IPsec VPN Dynamic Peers 5.4.4. Cisco Site-to-Site IPsec VPN Digital Certificates 5.4.5. Cisco Site-to-Site IKEv2 IPsec VPN 5.4.6. Cisco Remote Access IPsec VPN 5.47. Cisco VPN Filter 5.5. SSLVPN 5.5.1. Cisco Anyconnect Remote Access SSL VPN 5.5.2. Cisco Self Signed Certificates 5.5.3. Cisco Anyconnect Local CA User Certificates 5.6. NETWORK MANAGEMENT 5.6.1. Cisco Clock Configuration 5.6.2. Cisco Syslog Configuration 5.6.3. Cisco Active / Standby Failover Configuration PENETRATION TESTING SETUP 6.1. PERFORMING THE PENETRATION TEST 1. Internal Pentesting 2. Personal Skills 3. Download Links and Support Files 4. Virtual Images 5. Hardware Configuration Files 6. Computer Crime Laws 7. Types of Laws 6.1.8. Type of Computer Crimes and Attacks 6.1.9. Confidentiality Agreement 6.1.10. Company Obligations 6.1.11. Contractor Obligations DAARBAAH 6.2, SETTING UP HACKING LAB Sony ‘= Trainings =Cove Cotte ET 6.2. SETTING UP HACKING LAB 6.2.1. Targets in a Pentest Lab 6.2.2. Problems with Learning to Hack 6.2.3, Real-World Scenarios 6.2.4. Turn-Key Scenarios 6.3. METHODOLOGIES AND FRAMEWORKS 6.3.1, Introduction 6.3.2. Information System Security Assessment Framework 6.3.3. Planning and Preparation 6.3.4. Assessment 6.3.5. Reporting 6.3.6. Clean-up 637. Destroy Artifacts 6.3.8. Open Source Security Testing Methodology Manual 6.3.9. Rules of Engagement BASH SCRIPTING 7.1. A SIMPLE BASH SCRIPT 7.1.4. Running your own Script 7.1.2. Using the Metasploit Framework 7.1.3. Starting Metasploit 7.1.4. Finding Metasploit Modules 7.1.5. The Module Database 7.1.6. Built-In Search 717. Setting Module Options 7.2. PAYLOADS (OR SHELLCODE) 7.2.1. Finding Compatible Payloads 7.2.2. A Test Run 7.2.3. Types of Shells 7.2.4. Bind Shells 7.2.5. Reverse Shells 7.3. SETTING A PAYLOAD MANUALLY Gp SS Trainings ~Cove Cotte OT 7.3.1. Msfcli 7.3.2. SSL Attacks 7.3.3. SSL Basics 7.3.4. Using Ettercap for SSL Man-in-the-Middle Attacks 73.5. SSL Stripping 7.3.6. Using SSLstrip PYTHON FOR HACKING 8.1. INTRODUCTION 8.1.1. Python in Depth 8.1.2. Strings and expressions 8.1.3. Functions and conditionals 8.1.4. Variables and lists 8.1.5. loops 8.2, PENETRATION TESTING 8.2.1. What is penetration testing? 8.2.2. The five phases of penetration testing 8.3. OVERVIEW OF KALI LINUX 8.3.1. Kali deployments 8.3.2. Exploit methods 8.3.3. The Kali menu and toolbox 8.4. PREPARING THE DEVELOPMENT ENVIRONMENT 8.4.1. Installing a virtual machine 8.4.2. Installing and configuring Kali Linux 8.4.3. Installing and configuring Python Kali Linux 8.4.4. Setting up a Box Lab 8.5. SYSTEM SHELLS 8.5.1. Using Weevely 8.5.2. Generating shellcode with MSFvenom 8.5.3. Injecting images with jhead 8.5.4. Using shellcode in exploits G Z pny = TrainingsCotes Cs. 8.6. PYTHON AND KALI LINUX 8.6.1. Creating a penetration program with Python 8.6.2. Working with TCP Client and TCP Service 8.6.3. Using raw binary packets 8.6.4. Port scanning with NMAP_ 8.7. MAPPING 8.7.1. Applying sniffing methods 8.7.2. Using SQL injection: offensive and defensive 8.7.3. Implementing brute force methods 8.8. METASPLOITABLE 8.8.1. Targeting Metasploitable 8.8.2. Exploiting the distribute compile system 8.8.3. Exploiting network files 8.8.4. Achieving root 8.9. END-TO-END TESTING 8.9.1. Exploiting with EternalBlue 8.9.2. Using Devel exploits 8.9.3. Using Kronos exploits 8.10. ADVANCE PYTHON HACKING TECHNIQUES BUG BOUNTY ( BASIC TO PRO) 9.1, TOP 10 BUG BOUNTY TIPS 9.2. WHAT IS BUG BOUNTY? 9.2.1. Identification and reporting of bugs and vulns in a responsible way. 9.2.2. All depends on interest andhardwork,notondegree.age,branch,college, etc. Pony “== Trainings = 9.3. WHAT TO STUDY? 9.3.1. Internet, HTTP, TCP/IP 9.3.2. NetworkingCove Conte ee 9.3. WHAT TO STUDY? 9.3.1. Internet, HTTP, TCP/IP 9.3.2. Networking 9.3.3. Command line 9.3.4. Linux 9.3.5. Web technologies, javascript, php, java 9.3.6, At least 1 prog language (Python/C/JAVA/Ruby..) 9.4. CHOOSE YOUR PATH (IMP) 9.5. RESOURCES 9.6. WRITEUPS, ARTICLES, BLOGS 9.7. PRACTICE (IMP) 9.8. TOOLS 9.9. TESTING LABS 9.10. REPORT 9.10.1. Create a descriptive report 9.10.2. Follow responsible disclosure 9.10.3. Create POC and steps to reproduc 9.11. WORDS OF WISDOM 9.12, BUG BOUNTY PRO (TASKS) 9.12.1, 2 FA Authentication Issue 9.12.2. Arbitrary injection 9.12.3. CORS Misconfigurations 9.12.4. Cross-site Request Forgery (CSRF) 9.12.5. Exploiting Password Recovery Functionality 9.12.6. Logical issues 9.12.7. Remote Code Execution 9.12.8. Session Management Issues Yi, “== Trainings S9.12.9. Web Application Vulnerability 9.12.10. WebApp Bug Bounty SECURITY STANDARDS AND TOP 10 TOOLS 10.1, BUILD YOUR OWN SCANNER 10.1.1, Lua introduction 10.1.2. Basics to pro 10.1.3. Project 1 10.1.4, Project 2 10.1.5. Project 3 10.1.6. Project 4 10.17. Project 5 10.2. BUILD AUTOMATED SYSTEM 10.2.1. Learning to automated system 10.2.2. Applications and benefits 10.2.3. Build zero-day automated system 10.3. EVALUATE AUTOMATED SYSTEM ON MULTIPLE OS'S 10,3.1. Project 1 INSTRUCTOR PROFILES: Mr. Sajid Hussain Raza is a top online instructor, who has got expertise in various Computer Science fields and CEH such as ethical Hacking, cyber securities, Al, Machine Learning etc. He teaches online courses to over 2,000 students across the World. His Cyber Security courses have received high admiration for the compre- hensive tutorials and practical approach with lots of hands on examples. He is also an Electrical & Electronics Engineer, a Computer expert, a Blogger and a budding Chartered Accountant from America. Mr. Talat Hussain is a technical engineer with over 5+ years’ experience in (Cisco, Mikrotik, Huawei Certified) networking industry. Talat's main areas of skill are in Network Engineering, Support Network Design, and Configuration of WAN/LAN/Wireless & Deployment. Talat has also Professional Experience with UBNT, Microsoft & Others, Routing, Switching, Network Security (Firewall, Wireless, Network Monitoring System, Management, Server Form, Virtualization, Cloud, and Storage. Yony S TrainingsZZ www.pnytrainings.com Zp Y S Trainings & info@pnytrainings.com UAN: 0304 1111774 | @ BES 9 ARFA SOFTWARE TECHNOLOGY PARK Johar Town Branch Address: Ist Floor 256 / A, Block R2 Near Shaukat Khanum Hospital, next to Standard Chartered, Lahore 9 eee eC La ee ncaa Cea