Cyber Security Boot Camp

Please confirm if this course is available in current course offerings.

To express interest for a different date, please fill out the

Expression of Interest form

Contact information

For further information or to request a quotation, please contact the Professional Education Courses Unit on:

Enquiries Phone: 02 5114 5573

Enquiries Email: ProfEdCourses@adfa.edu.au

In-house delivery

UNSW Canberra Professional Education Courses may be available for in-house delivery at your organisation's premises. In-house courses allow maximum attendance without the additional travel costs. Courses can be developed to suit the specific staff development and training needs of your organisation. Recommended for groups of 10 or more.

This is a 101 IT cyber security short course designed to teach you about IT security issues, looking at the types of attacks that are happening now, how they work and how to protect yourself and your organisation against them.

This is an intensive, zero to hero, five day course covering:

  • Overview of Computer Science/IT
  • Networking Fundamentals
  • Open Source Intelligence
  • Cyber Security Knowledge Domains
  • Roles in Industry
  • Cyber Security Threat Modelling using STRIDE methodology
  • Real world case studies
  • Information resources for staying current

The course is centred around the crucial and relevant cyber security skills and techniques needed to protect and defend your organisation’s business assets and information systems. Training is delivered in a boot camp style format and with integrated hands-on lab exercises designed to give you the chance to test your newly acquired skills.

Learning outcomes

On completion of this course, participants should be able to:

  • Understand the cyber threats and vulnerabilities of computer networks, protocols, applications and network equipment. 
  • Understand basic cybersecurity issues, privacy principles and organisational requirements relating to data confidentiality, integrity, and availability.
  • Understand common attack vectors, different classes of attacks and types of cyber attackers.
  • Understand basic cryptography and cryptographic key management concepts.
  • Use Linux command line tools to determine network content, passwords and vulnerabilities.

 

*This course is now available via live simulcast

Reviews

“The gradual nature of the course, beginning with general computing concepts and gradually introducing more complex cyber security content was ideal for the introductory nature of the course.”

“Provided a good introduction to cyber security. The instructor translated technical information into easier to understand concepts.”

“I found a lot of the information relevant and it was great to watch appropriate videos that either cemented the information or gave real world examples.”

 

Course Information

Day 1

Computer networks

Day 1 of the course gives an overview of the history of cyber security before diving into computer networks: what components they are comprised of, how they physically and virtually connect to the internet and the limitations that make them susceptible to attacks.

Topics

Computer and PLCs, Internet of Things (IoT), IP Addresses, Computer Networks, OSI Model, Cables, Switches & Modems, Cloud Computing.

Day 2

The IT and Cyber Industries; Threats and Countermeasures - Theft

The first part of the session focuses on the IT profession in general and looks at the various work roles within the industry. We will then move onto Cyber Security roles and disciplines and how these relate to attack and response processes. Fundamental security frameworks, theft attacks and countermeasures will also be discussed.

Topics

IT roles and disciplines, Cyber roles and disciplines, Social Engineering, Security Fundamentals, Cyber Attacks, Cryptography, Encryption.

Day 3

Threats and Countermeasures – Coding, Denial of Service

Day 3 will focus on malicious code, denial of service attacks and relevant countermeasures. An overview of threat modelling and identification methodologies will be covered and students will participate in a practical threat modelling exercise.

Topics

Flawed Code, Malware, PenTesting, Firewalls, IDS/IPS, White Listing, Proxy Listing, Denial of Service Attacks, Threat Modelling and STRIDE.

Day 4

Interceptions, Impersonation; Cybercrime, Actors and Stuxnet

The day will start off with a rundown of the different methods of interception and social engineering techniques employed during attacks as well as encryption and authentication based countermeasures. We will discuss key players involved in cybercrime activities and look at several attack case studies.

Topics

Threats of Interception, Asymmetrical Cryptography, Countermeasure of Authentication, Passwords, Keyloggers, Cyber Actors, Stuxnet.

Day 5

Practical Cyber Security Exercises

The final day of the course will give students the opportunity to put their newly acquired skills and knowledge into practice. Hands on lab based exercises will cover scanning and banner grabbing, SMB & SMTP enumeration with Kali Linux, hacking FTP Telnet and SSH, password cracking in penetration testing and vulnerability assessment with OpenVAS.

Topics

Metasploitable, SMB/SMTP Enumeration with Kali Linux, Hacking FTP Telnet & SSH, Penetration testing, OpenVAS.

Cyber Security Boot Camp
filter Download 516.31 KB PDF
Cyber Security Boot Camp

This course maps to the following NICE Framework KSAs (Knowledge, Skills & Abilities):

K0001: Knowledge of computer networking concepts and protocols, and network security methodologies.

K0005: Knowledge of cyber threats and vulnerabilities.

K0011: Knowledge of capabilities and applications of network equipment including routers, switches, bridges, servers, transmission media, and related hardware.

K0019: Knowledge of cryptography and cryptographic key management concepts.

K0044: Knowledge of cybersecurity and privacy principles and organisational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).

K0049: Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarised zones, encryption).

K0110: Knowledge of adversarial tactics, techniques, and procedures.

K0113: Knowledge of different types of network communication (e.g., LAN, WAN, MAN, WLAN, WWAN).

K0160: Knowledge of the common attack vectors on the network layer.

K0161: Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks).

K0162: Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored).

K0177: Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).

K0318: Knowledge of operating system command-line tools.

K0332: Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.

S0073: Skill in using virtual machines. (e.g., Microsoft Hyper-V, VMWare vSphere, Citrix XenDesktop/Server, Amazon Elastic Compute Cloud, etc.).

S0147: Skill in assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.).

S0242: Skill in interpreting vulnerability scanner results to identify vulnerabilities.

S0367: Skill to apply cybersecurity and privacy principles to organisational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).

A0119: Ability to understand the basic concepts and issues related to cyber and its organisational impact.

What is the NICE Framework?

The National Initiative for Cybersecurity Education (NICE) Cyber Security Workforce Framework developed by the National Institute of Standards and Technology (NIST) establishes a taxonomy and common lexicon that describes cyber security work and job roles.

To find out more about the NICE Framework, go to: https://niccs.us-cert.gov/workforce-development/cyber-security-workforce-framework

Courses will be held subject to sufficient registrations. UNSW Canberra reserves the right to cancel a course up to five working days prior to commencement of the course. If a course is cancelled, you will have the opportunity to transfer your registration or be issued a full refund. If registrant cancels within 10 days of course commencement, a 50% registration fee will apply. UNSW Canberra is a registered ACT provider under ESOS Act 2000-CRICOS provider Code 00098G.

UNSW Institute for Cyber Security is a unique, cutting-edge, interdisciplinary research and teaching centre, working to develop the next generation of cyber security experts and leaders.

The centre is based in Canberra at the Australian Defence Force Academy and provides professional, undergraduate and post graduate education in cyber security. Our air-gapped, state of the art cyber range offers a secure environment where we deliver a number of technical and highly specialised learning opportunities.

Our courses are designed to give the next generation of cyber security professionals the skill sets needed to thrive in the industry. We can also create bespoke professional education programs tailored to your organisation's needs.

Contact us at cyber@adfa.edu.au to discuss how.