GeekBrains begins training information security specialists
Our training portal begins to prepare information security specialists . The course is designed for those who plan to work in this direction, maintain data confidentiality, identify network vulnerabilities, and repel intruders. It will be useful for programmers who learn how to take into account potential threats when creating websites and applications and protect the code from tampering. Particular attention should be paid to system administrators in the framework of advanced training: understanding how to make the network as secure as possible, teach users the correct responses to attacks, can have a positive effect on wage growth.
The training program is designed for 5 months: three practical courses and two months internships. During this time, students will become familiar with modern vectors of attacks on web platforms, potential vulnerabilities of mobile applications, learn how to conduct security audits using the OWASP model, create websites and applications that are resistant to hacker attacks, start working with pentesting tools, and learn how to prevent DoS attacks. and anti-malware.
Course program:
Attack and protection of web and mobile applications
On the course, you will get acquainted with OWASP projects, understand the principles by which the Top-10 vulnerability rating is compiled, learn how to identify and eliminate threats to web and mobile platforms.
TCP / IP network stack
Learn how to work with TCP / IP protocols that connect computers and local area networks to the worldwide Internet. Get acquainted with the basics of system administration or expand your professional horizons. Programmers will help to take into account the program execution environment Sysadmins will find out how the TCP / IP protocol versions have changed and why their implementation in UNIX is recognized as a reference.
Ethical hacker
On the course you will learn about current hacking methods and concepts of hacking, how to identify and analyze the vulnerabilities of IT-systems, detect and prevent unauthorized intrusions.
Everyone can enter the course “Information Security Specialist”. The student will need basic knowledge of HTML, JavaScript and PHP. For absolute beginners, there is a series of webinars that will help to tighten the skills to the desired level. The teachers are practitioners with experience in information security, certified ethical hackers. All classes are held online in the evening.
Attack and protection of web and mobile applications. 1 month
The OWASP (Open Web Application Security Project) is an open source web application security project. The project considers all vectors of attacks on WEB-platforms and timely publishes TOP-10 of the most dangerous vulnerabilities of web applications. The project is non-profit and non-affiliated: management believes that freedom from the influence of stakeholders and organizations simplifies the collection and dissemination of useful and truthful information about application security.
Lesson 1. OWASP TOP 10 and web security
Lesson 2. Attack and protection of sites.
Lesson 3. Attack and protection of sites.
Lesson 4. A-5
Lesson 5. A-7
Lesson 6: A-9, A-10, and other vulnerabilities.
Lesson 7. Owasp Top 10 Mobile
Lesson 8. OWASP Top 10 Mobile
TCP / IP network stack. 1 month
The TCP / IP protocol family is widely used around the world to connect computers to the Internet. A single Internet network consists of a variety of networks of different physical nature, from Ethernet networks like Ethernet and Token Ring, to global networks like NSFNET. The currently widely used version 4 of TCP / IP protocols was standardized in 1981 in the form of documents called RFCs (Request For Comment). The full transition of the ARPANET network to new protocols was completed in 1982. This network played the role of the “germ” of the worldwide Internet network built on the basis of the TCP / IP protocols. The implementation of TCP / IP protocols was the most successful in versions of BSD4.2 and BSD4.3 of the UNIX operating system. This implementation is a reference (stanart "de facto") for all subsequent ones. To study the course does not require special knowledge. The course will be interesting to programmers who want to broaden their horizons.
Lesson 1. Basics of computer networks. Ethernet technology. Part 1
Lesson 2. Physical and channel level. Ethernet technology. Part 2
Lesson 3. Network level. Part 1
Lesson 4. Network level. Part 2
Lesson 5. Transport Level
Lesson 6. In-depth study of network technologies. Part 1
Lesson 7. In-depth study of network technologies. Part 2
Lesson 8. Application Level
Ethical hacker. 1 month
The ethical hacker / white hacker is a cybersecurity expert who understands the principles and possible directions of attacks on IT systems and users. He opposes the actions of "black" hackers - quickly identifies and blocks their activity. His duties also include investigating computer incidents and deanonymizing intruders. An ethical hacker will test the network for vulnerabilities, tell employees the rules of network security and help restore protection after hacking.
Lesson 1. Introduction to the profession
Lesson 2. Anonymity, de-anonymization. User authentication methods
Lesson 3. Network Analysis and Control
Lesson 4. Sniffing and social engineering.
Lesson 5: Hacking Wireless Networks and Cryptography
Lesson 6. Malware and methods of countering it.
Lesson 7. Overview of programming languages ​​(not requiring compilation) and devices for pentesting
Lesson 8. The path of the "white" hacker. Defensive protection
Graduates of the course will receive a certificate of the established sample and the nominal certificate of the IT-portal GeekBrains and Mail.Ru Group.
')
Source: https://habr.com/ru/post/348730/
All Articles