(Available also for Customised Training by Duration, Venue & Fee)
Course Contents
DAY ONE
Having a security mindset
• What is Internet Security?
• What is at risk?
o Identity theft - people impersonating you
o Data theft of valuable personal and official data
o Accounts hacking using loopholes to gain access and commit crime
o Political damage through carelessness about what you place and share online. (There no delete button on the internet.)
• What does having a security mindset mean?
Understanding How the Internet Works
• The inter-network of computers and devices reachable from anywhere
• The technical structure of the internet
• The critical features of Internet to be aware of:
o No one is in control
o Whatever gets on the internet - no true delete option
o All internet service companies keep a permanent copy of everything
o People whose full-time job is finding and exploiting Internet loopholes
o Experts at online fraud and hacking
o Spywares and malwares to control and monitor your computer without you knowing
o Porn websites, gambling websites, free downloads websites and free movies websites
Take-away Guidelines - Privacy
• Supplementing Passwords
• Effectively Erasing Files
• How Anonymous Are You?
• Understanding Encryption
• Protecting Your Privacy
• Choosing and Protecting Passwords
Take-away Guidelines - Email and Communications
• Understanding your computer: email clients
• Understanding digital signatures
• Using instant messaging and chat rooms
• Caution with email attachments
• Staying safe on social networking sites
• Benefits of blind copies (Bcc)
• Reducing spam
• Benefits and risks of free email services.
DAY TWO
Internet Security Architecture
• The OSI Reference Model
o Layer 1: Physical Layer
o Layer 2: Data Link Layer
o Layer 3: Network Layer
o Layer 4: Transport Layer
o Layer 5: Session Layer
o Layer 6: Presentation Layer
o Layer 7: Application Layer
• Understanding TCP/IP protocols
• Firewalls and their vital role
• Setting up proxys and VPN as further protection
• Authentication and Authorization
Classes of Internet Attack
• Denial of Service Attack
• IP Spoofing Attack
• Sniffer Attack
• Man-in-the-middle Attack
• Trojan or Backdoor Attack
• Brute Force Attack
• Malware Attack
• DNS Spoofing
• Injection Attacks
• Phishing Attacks
• Cryptographic Attacks
• Social Engineering Attacks
Take-away Guidelines - Attacks and Threats
• Securing data
• Handling destructive malware
• Understanding Hidden Threats: Rootkits and Botnets
• Dealing with Cyberbullies
• Identifying Hoaxes and Urban Legends
• Understanding Corrupted Software Files
• Recognizing Fake Antiviruses
• Recognizing and Avoiding Spyware
• Understanding Denial-of-Service Attacks
• Avoiding Social Engineering and Phishing Attacks
• Preventing and Responding to Identity Theft
• Recovering from Viruses, Worms, and Trojan Horses.
DAY THREE
What Should You Do To Be Safe?
• The right password policy
• Information governance
• Effective antivirus with internet protection
• Updated versions of computer’s operating system
• Avoid indiscriminate plugging of external storage devices
• Discipline with movies, music and software online
• Discipline with social media and professional accounts
• Discipline with torrent sites
• Documents back up
• Appropriate set-up of DMZ, Firewalls and VPNs
Take-away Guidelines - Mobile Devices
• Protecting Portable Devices: Physical Security
• Holiday Traveling with Personal Internet-Enabled Devices
• Cybersecurity for Electronic Devices
• Using Caution with USB Drives
• Securing Wireless Networks
• Protecting Portable Devices: Data Security
• Defending Cell Phones and PDAs Against Attack.
DAY FOUR
Recovering From an Attack
• Resetting accounts immediately
• Information sharing
• Ignoring strange messages
• Setting up Email Signing and Domain Keys Identified Mail
• Optional configuration of Sender Policy Framework
• Configuring appropriate firewalls
• Blocking vulnerable ports
• Setting up access lists to critical infrastructure
• MAC hardware address white list
• Reconfiguring network devices to block exploited loopholes
• Damage estimating and containment
• Updating antivirus and full system scan
• Using signed certificates
• Biometric authentication
Take-away Guidelines - Safe Browsing
• Shopping Safely Online
• Understanding Bluetooth Technology
• Understanding Web Site Certificates
• Avoiding Copyright Infringement
• Understanding Your Computer: Web Browsers
• Understanding Internationalized Domain Names
• Evaluating Your Web Browser's Security Settings
• Browsing Safely: Understanding Active Content and Cookies
Take-away Guidelines - Software and Apps
• Understanding Voice over Internet Protocol (VoIP)
• Risks of File-Sharing Technology
• Reviewing End-User License Agreements
• Understanding Your Computer: Operating Systems
• Understanding Patches.
DAY FIVE
General Security
• Before You Connect a New Computer to the Internet
• Securing Your Home Network
• Prepare for Heightened Phishing Risk
• International Mobile Safety Tips
• Real-World Warnings Keep You Safe Online
• Understanding Anti-Virus Software
• Understanding Firewalls
• Good Security Habits
• Coordinating Virus and Spyware Defense
• Safeguarding Your Data
General Information
• Understanding Internet Service Providers (ISPs)
• Guidelines for Publishing Information Online.
