· Hacking History

· Cyber Attacks Trends

· External and Internal threats

· Hackers Types

· Threats and attacks

· Security Criteria’s

· Threat Taxonomy Models summary

· Security Layers

· Defending concept according OSI Layers

· Security modules and functionalities

· NAT- Network Address Translation

· Firewalls Types

· Network Access Control (NAC)

· IDS and IPS

· Encryption protocols: IPSec, TLS and SRTP

· Replay Attacks Protection

· Server Hardening

· Network Layer (IP) services – 3rd Layer

· IP Header Structure

· MTU and Fragmentation process

· IP Addressing – issues and solutions

· Transportation Layers: TCP, UDP, SCTP

· Public and Private keys

· Symmetric and Asymmetric encryption keys

· DES and Triple DES

· AES and RSA methods

· PFF, Proxy GW, Stateful Inspection

· Management menu

· Rules and policy

· What is IPTables?

· Chains and Chain Policy

· Creating Rules and Rules Examples

· Connection States

· User Defined Chains

· Logging Events/Packets

· Advanced Examples

· Managing IPTables Firewall

· Basic Scanning Techniques

· Discovery Option

· Operation System Detection

· Nmap Script Engine

· Nmap GUI

· Vulnerabilities Information Sources

· Vulnerabilities Scanners

· What is Kali Linux?

· Some Kali Facts

· Installing Kali Linux

· Tools Categories

· Kali Desktop

· Kali Top Tools

· Kali Linux Alternatives

· NMAP – Networks Scanning for Topology analysis and network Mapping

· OpenVAS for vulnerabilities scanning and analysis

· Numbers Harvesting

· Conferences eavesdropping

· Password capture

· FW Rules setting

· Denial of Service and DDoS attacks

· Port scanning and vulnerabilities

· Blocking scenarios

· Certificates and X.509 ITU-T Standard

· HTTP digest authentication

· Authentication scheme for a trusted domain

· Authentication Challenges

· What is Penetration Testing?

· Reasons for Pen Testing

· Hackers and Pen Testing

· Vulnerabilities

· What do we test

· Pen Testing Phases

· Types of Testing

· Areas of Penetration Tests

· References

· Hands-on Session

· John the Ripper/Crunch

· Brute-force search

· Brute-force attack

· Password cracking/ WPA2 crack

· Policy enforcement

· Organization Security personal and hierarchic

· Chief Information Security Officer – CISO

· Penetration Tester / Hacker

· Forensics

· Information Security Administrator: ISAD

· Information Security Auditor

· Application Development Security Expert

· InfoSec Systems Project Manager

· InfoSec Incident Expert

· Physical InfoSec Expert

· Behavior Analysis Expert and To-Do-List

· Summary

· Q&A

· Evaluation