Computer Security Certificate

Computer Security Certificate (UA-CSC) (3 Months – 36 hours of lectures and lab works)

 

Certificate Objectives:

This certificate is intended for technical professionals who want to become expert in securing computing systems and web applications. Upon successful completion of the program, the UA-CSC will enable you to use the data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze computing systems and application events for the purpose of detecting and mitigating attacks against their operations.

The skills to be learned according to the National Initiative on Cybersecurity for Education (NICE) (NIST SP 800-181) are the following:

  1. Skill in conducting vulnerability scans and recognizing vulnerabilities (S0001)

  2. Skill in applying and incorporating information technologies into proposed solutions (S005)

  3. Skill in applying confidentiality, integrity, and availability principles (S006)

  4. Skill in applying Host/network access control list (S0007)

  5. Skill in assessing the robustness of security systems and designs.

  6. Skill in detecting host and network-based intrusions via intrusion detection technologies (S0025)

  7. Skill in using Virtual Private Network (VPN) devises and encryption (S0059)

  8. Skill in identifying, modifying, and manipulating applicable system components within Windows, Unix, or Linux (e.g., passwords, user accounts, files).

  9. Skill in one-way hash functions (e.g., Secure Hash Algorithm (HAS), Message Digest Algorithm (MD5)) (S0089)

  10. Skill in protecting a network against malware (S0079)

  11. Skill in network hardening techniques (e.g., removing unnecessary services, password polices, network segmentation, etc.) (S0121)

 

The course outline of the UA-CSC is as follows:

 

  • Block 1: Overview of Computing Systems and Configuration: Week 1 (4 hours)

    • Overview of Operating Systems (Windows, Linux)

    • Overview of Virtualization Systems and Cloud Computing

    • Hands-on in operating system configurations and commands (2 hours)

    • Block 1 Test

 

  • Block 2: Introduction to Computing Systems and Vulnerability Analysis – Week 2 ( 4 hours)

    • Review of computing and applications attacks (virus, malware, spyware, etc.) (1 hour)

    • Review of Threat and Vulnerability Analysis (1 hour)

    • Hands-on lunch computing system and application attacks (2 hours)

    • Block 2 Test

 

  • Block 3: Computing System Access Control and Management: - Week 3 ( 4 hours)

    • Access Control Techniques

    • One-way Hash Functions and Encryptions

    • VPN Tools

  • Hands-on in using these monitoring tools (4 hours)

  • Block 3 Test

 

  • Block 4: Computing System Monitoring Tools: - Weeks 4 and 5 ( 8 hours)

    • Network Monitoring Tools

    • OSSEC

    • Nagios

  • Hands-on in using computing system monitoring tools (4 hours)

  • Block 4 Test

 

  • Block 5: Computing System Vulnerability Analysis – Weeks 6 ( 4 hours)

  • Computing Vulnerability Analysis Tools

  • Hands on using a vulnerability analysis tools

  • Block 5 Test

 

  • Block 6: Computer Hijacking Control and Attacks – Weeks 7 & 8 ( 8 hours)

  • Buffer Overflow

  • Integer/Formatting Attacks

  • Browser Exploitations and Attacks

  • Phishing and mail Attacks

  • Rootkits

  • Cross-site scripting attacks

  • Hands on launching network attacks

  • Block 6 Test

 

  • Block 7: Computer Security Tools – Week 9 & 10 (4 hours)

  • Host-based Signature Based Intrusion Detection Systems

    • Snort

    • Suricata

  • Anomaly based Host-based IDS

  • Hands on using Host-based IDS tools

  • Block 7 Test

 

  • Block 8: Secure Computing System Design and Configuration – Week 11 & 12 (8 hours)

  • Computing System attack mitigation strategies

  • Secure Computing system Designs and configurations

  • Hands on using hardening computing systems design tools

  • Block 8 Test