 |
If you cannot read this properly, please go to this site:
http://www.cbsgroup.com.sg/workshops/2DayPenetrationTestingandCyberDefence.htm
This email is an advertisement. You are currently subscribed to our mailing list.
We sincerely apologize if you find this email an intrusion of your privacy or a source of inconvenience to you.
If you no longer wish to receive our email advertisements - please reply "unsubscribe" Thank you.
|
|
|
|
|
2 Day Informational & Practical Oriented Workshop on Penetration Testing and Cyber Defence
Overview
The most precise method to estimate your organization’s information security stance is to examine how it stands up against an attack. Unintentional or deliberate destruction of data, hardware failure or cyber attack can happen anytime and organization needs to identify these threats by penetrating the resources.
A penetration test process is an activity evaluating security measures of company information assets by simulating an attack from a malicious source. The process involves an active analyzes on system design, operational strength and weaknesses, technical flaws, vulnerabilities and poor system configuration.
This course is built on hand-on penetration practice to address detailed pre-test planning, including setting up an effective penetration testing infrastructure, methodology for penetration, evaluating the security of network services and the operation system behind them.
Three reasons for penetration testing:
- Identify possible threats facing your organization information assets
- Reduce your organizations IT security costs by identifying and resolving vulnerabilities and weakness
- Provide your organization with complete assessment of organizational security policy, design and implementation.
|
Course Outline
Introduction
- The need of professional penetration tester
- Scope and purpose of penetration testing
- Building a testing infrastructure
- Type of penetration testing
- Introduction to Open source Tools which give a hand in penetration testing
Information gathering and port scanning
- Advance information gathering and techniques
- Network tracing, port scanning and OS fingerprint
- Building a testing infrastructure
Password Attack and Password profiling
- FTP, POP3, SNMP Bruteforce
- Offline password Attack
- Rainbow Tables
- Windows SAM
Web Attack
- SQL injections
- Cookie manipulation
- Using Google as a hacking tool
Working with Exploits
- Exploit category, server side and client side
- Introduction to Backtrack
- Introduction to Metasploit
Cyber Crime and Investigation
- Introduction to cyber crime
- Handling Real world investigation
- Digital Forensics
- Performing the Forensics Process
What you will take away from this course
- Key Elements of the Coaching process
- Lab scenarios and manual
- Course manual
Methodology
- Be acquainted The increasingly sophisticated methods of criminals
- Dynamic and Interactive learning
- Demonstration of real life case studies
- In class practice and exercises
Must Attend
This Master Class is specifically designed for key decision makers in both government agencies ad private sectors:
- Senior officers from government & not-for- profit sector
- GMs, Profit-Centre Managers who have assumed security/IT
- Auditors who need to build deeper technical skills
- Penetration tester and Ethical hackers
- Corporate Attorneys / Legal Professionals
- Engineers / Technical Managers
- Product & Marketing Managers
- IT manager
- Security manager
Pre requirement
- A fair understanding of various network services (TCP/IP, DNS, DHCP)
- A fair understanding of computer and network security
- Participants are required to bring along a Laptop for training
About Your Speaker
Ali Fazeli has been involved in the information technology filed since his younger days. He later pursed his higher studies in the filed of internet security and management from Curtin university, Australia. He is a highly interactive and innovative trainer, whose work in mainly based on research and applied knowledge from extensive experiences in Computer security and Data recovery. He has extensive experience in digital forensic investigation, Anti-forensic and cyber war.
For more than 10 years, Ali has assist and trained numerous information technology security professional in Asia. He is accredited as a specialist in the successful investigation and prosecution of fraudsters and other scum from the dark and under world of internet. Today, Ali spent a substantial amount of his time in advising and trains IT security professionals in maritime industry. As the principal trainer and founder of infinity forensics, Ail has contributed extensively in helping numerous governments and private organizations to face the information technology risk and security. He has consulted and advised numerous organizations such as Nanyang polytechnic, Grant Thornton, Oscar maritime in Singapore.
He was involved in designing, planning and implementing a military tactical network and live image processing in 2007. Currently Ali has been approached by the law enforcement, and requested his knowledge and expertise in creating a customized training and education methodology for the sole purpose of investigating cyber criminals. Since 2007 his company infinity forensics has been chosen as main partner of X-way software technology AG in Singapore
Some of the Training experience:
- Disaster recovery and incident respond (Singapore - October 2006)
- Real-time image acquisition (China July-2007)
- WinHex, computer forensics and data recovery software training (Shenzhen December- 2007)
- Anti-Forensics VS computer forensic science (Singapore - March 2008)
- A practical approach to computer forensics investigation (Singapore September 2009)
|
|
 |
|
