Scribd
Upload
4 views

Fundamentals of Computer Network Security

Uploaded by

Ali GHORBEL
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
4 views

Fundamentals of Computer Network Security

Uploaded by

Ali GHORBEL
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 5

4 COURS DE SPÉCIALISATION

Fundamentals of Computer Network Security


Offert par

À propos de ce Spécialisation
This specialization in intended for IT professionals, computer programmers, managers, IT security
professionals who like to move up ladder, who are seeking to develop network system security skills.
Through four courses, we will cover the Design and Analyze Secure Networked Systems, Develop
Secure Programs with Basic Cryptography and Crypto API, Hacking and Patching Web Applications,
Perform Penetration Testing, and Secure Networked Systems with Firewall and IDS, which will
prepare you to perform tasks as Cyber Security Engineer, IT Security Analyst, and Cyber Security
Analyst.

The learning outcomes of this specialization include:

 you should be able to create public/private keys, certificate requests, install/sign/verify them
for web server and client authentication, secure emails, and code signing.
 you should be able to write secure web apps with Crypto API to implement the confidentiality,
integrity, and availability basic security services.
 you should be able to hack web applications with vulnerabilities and patch them.
 you should be able to apply penetration testing tool to exploit vulnerable systems.
 you should be able to crack passwords given the hashes in password file using AWS P2 GPU.
 you should be able to configure firewall and IDS for secure network systems
 you should be able to specify effective security policies and implement efficient enforcement
procedures by applying security design principles for securing network systems.

Cours dans ce Spécialisation

COURS1

Design and Analyze Secure Networked Systems


In this MOOC, we will learn the basic cyber security concepts, how to identify vulnerabilities/threat
in a network system.
We will apply CIA basic security services in the triage of recent cyberattack incidents, such as OPM
data breach.
We will learn the risk management framework for analyzing the risks in a network system, and apply
the basic security design principles to protect the data and secure computer systems.
We will examine the trustworthiness of programs and data installed in our systems and show the
proper way to verify their integrity and authenticity.
We will apply principle of least privileges for controlling the shared access given to different groups
of users and system processes.
On Amazon Cloud instances, we will use GnuPG software to generate public/private key pair for
signing/verifying documents and open source software, and for encrypting documents.
We will learn how to publish software, the related signature and release key on web server and publish
public key to PGP key server for others to retrieve.
We will learn Public Key Infrastructure (PKI) and Linux utility to serve as a CA for an organization,
learn how to sign certificate request for clients or servers in secure email and web applications.
COURS2

Basic Cryptography and Programming with Crypto API


In this MOOC, we will learn the basic concepts and principles of crytography, apply basic
cryptoanalysis to decrypt messages encrypted with mono-alphabetic substitution cipher, and discuss
the strongest encryption technique of the one-time-pad and related quantum key distribution systems.
We will also learn the efficient symmetric key cryptography algorithms for encrypting data, discuss
the DES and AES standards, study the criteria for selecting AES standard, present the block cipher
operating modes and discuss how they can prevent and detect the block swapping attacks, and
examine how to defend against replay attacks.
We will learn the Diffie-Hellman Symmetric Key Exchange Protocol to generate a symmetric key
for two parties to communicate over insecure channel.
We will learn the modular arithmetic and the Euler Totient Theorem to appreciate the RSA
Asymmetric Crypto Algorithm, and use OpenSSL utility to realize the basic operations of RSA
Crypto Algorithm. Armed with these knowledge, we learn how to use PHP Crypto API to write secure
programs for encrypting and decrypting documents and for signing and verify documents. We then
apply these techniques to enhance the registration process of a web site which ensures the account
created is actually requested by the owner of the email account.

COURS3

Hacking and Patching


In this MOOC, you will learn how to hack web apps with command injection vulnerabilities in a web
site of your AWS Linux instance. You will learn how to search valuable information on a typical
Linux systems with LAMP services, and deposit and hide Trojans for future exploitation. You will
learn how to patch these web apps with input validation using regular expression. You will learn a
security design pattern to avoid introducing injection vulnerabilities by input validation and replacing
generic system calls with specific function calls. You will learn how to hack web apps with SQL
injection vulnerabilities and retrieve user profile information and passwords. You will learn how to
patch them with input validation and SQL parameter binding. You will learn the hacking
methodology, Nessus tool for scanning vulnerabilities, Kali Linux for penetration testing, and
Metasploit Framework for gaining access to vulnerable Windows Systems, deploying keylogger, and
perform Remote VNC server injection. You will learn security in memory systems and virtual
memory layout, and understand buffer overflow attacks and their defenses. You will learn how to
clone a Kali instance with AWS P2 GPU support and perform hashcat password cracking using
dictionary attacks and known pattern mask attacks.
COURS4

Secure Networked System with Firewall and IDS


In this MOOC, we will focus on learning how network systems are secured using firewalls and IDS.
This will include understanding the basic components of network security, constructing a dual-
firewall DMZ, and defining security policies to implement and enforce these rules.
Building upon these lessons we will go in-depth on the popular Linux firewall.
Finally we will learn about Network IDS and Host IDS, including a deep dive into Snort.
Cours 1 : Design and Analyze Secure Networked Systems

SEMAINE 1
Cybersecurity Concepts and Security Principles

In this module, we will introduce the basic cyber security concepts, enable you to identity root causes
of vulnerabilities in a network system and distinguish them from the threats from both inside and
outside. We will analyze the enabling factors of recent cyber attack incidences and discuss the basic
security services for their defense and triage. We will introduce the risk management framework for
analyzing the risks in a network system, and apply the basic security design principles to protect the
data and secure the computer systems. Trust is critical and in the center of any secure systems. We will
examine the source and authenticity of the programs and data installed in systems we used daily and
show the proper way to check their integrity, and verify their authenticity.

6 vidéos , 5 lectures, 2 quiz

SEMAINE 2
Protect Data Access and Verify Source of Trust
In this module we apply principle of least privileges for controlling the proper access given to users
and system process. We will demonstrate such an access control by using an example of project
document access control using the Unix file access mechanism. We use OPM data breach example to
show the impact and the need for principle of adequate data protection. Trust is critical and in the
center of any secure systems. We will examine the source and authenticity of the programs and data
installed in systems we used daily and show the proper way to check their integrity, and verify their
authenticity.
3 vidéos , 3 lectures, 2 quiz

SEMAINE 3
Using GPG to Sign/Verify Software
In this module, we introduce GPG software tool for generating public key private key pair for
signing/verifying the documents and to encrypt documents, and publish our public key on our web
server and PGP key server for others to retrieve. We will use GnuPG software tool to verify the
common opensource software packages such as apache and putty. We will also learn how to sign
software and the proper way to list the software package, their pgp signature, and our signing public
key on a web site.

3 vidéos , 3 lectures, 2 quiz

SEMAINE 4
Be a CA, Setup Secure Server and Client Certificate
In this module, we will learn the Public Key Infrastructure (PKI), how CA operates, and the
certificates signing and verification process. We will utilize the utility command in a Linux system to
serve as a CA for an organization, learn how to sign certificate request for clients or servers both
secure email or secure web access purpose. We will earn how to generate server certificate requests as
a webmaster, send them to CA for signing and install the signed certificates in Apache web server for
secure web access. We will also set up apache web server for requiring clients to present their client
certificates for mutual authentication. We will also guide you to set client certificate on browser for
mutual authentication and on a mail client for signing and encrypting emails.
6 vidéos , 5 lectures, 2 quiz

You might also like