Cybersecurity Bootcamp


The strategic initiative of KSA’s Vision 2030 has the Cybersecurity area as one of the leading topics. This will require a workforce to support the information technology infrastructure in the K.S.A. Currently, there is a lack of local professionals in this field. Furthermore, there is a great interest among citizens to learn about it and get involved in Cybersecurity in all levels.

Program Overview
This comprehensive and practical three (3) weeks bootcamp introduces its participants to the notions of common and important problems of today’s digital and computing world towards in terms of security. As such, it describes basic cybersecurity principles of today. It describes and analyzes among others, e-mail frauds, surfing security, ransomware, adware, etc., and gives hands-on experience on cybersecurity issues, such as password protection techniques, network attacks avoidance and countermeasures, access control, firewalls, and modern cryptography applications and notions.
The bootcamp presents all the up-to-date internet-based threats and security measures using practical demonstrations and examples. Participants will be given the opportunity to apply all the material of the course using a lab environment and get a hands-on experience in various cybersecurity topics.

Program Objectives
At the end of the workshop, participants will have a better understanding of the modern cybersecurity threats, the measures of avoiding several “dangerous” habits and uses of today’s home & business IT infrastructure, create strong, easy-to-remember passwords and avoid being victims of fraud(s) or attacks on the internet. Finally, the participants will get some real hands-on experience through real examples on internet and modern working environment cyber threats.

Target Audience
This workshop is an excellent opportunity for fresh high-school graduates who want to have some basic knowledge on cybersecurity. For example, they will learn how to effectively manage their passwords, and what to avoid and/or be careful on today’s computers and safe internet usage.
The target group are young people working with IT infrastructure and modern computers, with some theoretical background or basic IT knowledge and/or experience, without necessarily a strong IT background. People with any kind of involvement with modern computers are welcome. Also advanced users will find out some solid techniques and practices very useful.

Weekly Program Outline
The workshop is delivered though lectures, class discussions, individual and group case studies, practical usage of software and network tools, and assessment. The topics to be covered include the following:

Week 1: Introduction to Cybersecurity
  • Short History
  • Basic Terminology
    • Case studies (Stuxnet)
  • Cybersecurity Cube
    • C.I.A. - Data States - Safeguards
  • Malicious code (viruses, worms, trojan horses)
  • Ransomware - Adware - Spam
  • Social Engineering (The case of Kevin Mitnick)
  • Practical examples and demonstrations
  • Phishing
  • Avoidance Techniques
  • Antivirus importance
    • Free vs Paid Antivirus survey
  • Firewall (Turn it on/off?)
  • Anti-spyware (Do I need one?)
  • What is a VPN
Week 2: Network Security
  • Projecting Networks
  • Security in Network Design
  • Firewalls
  • Packet Filtering
    • Stateful - Deep Packet Inspection
  • Intrusion Detection Systems
  • Network Intrusion Detection
    • Signature based
    • Anomaly Based
  • Data Interception
  • Practical usage of Wireshark
  • Password basics
    • Length - Complexity - Memorizing techniques
    • Practical usage - John the Ripper
  • Redundancy
    • RAID - Five nines - Disaster Recovery - Business Continuity
Week 3: Internet Attacks & Basic Cryptography
  • XSS, SQLi, CSRF
  • Practical demonstration of keyloggers
  • Cryptography
    • Basic Assumptions - Kirchhoff’s principle
    • Friends & Enemies (Bob - Alice - Trudy)
    • Taxonomy (Symmetric, Asymmetric, Hash Functions)
    • Practical Cryptanalysis: Substitution Cipher
    • Hash Functions applications
    • Public key applications
  • What is https?
  • Secure internet surfing

Note: Examples and Exercises will use virtualized environments that will not endanger individual property and will not cause any harm.

Prerequisites

  • Be able to communicate in reading/writing of business English
  • Be familiar with today’s basic ICT infrastructure (browse the internet, send e-mails, create/open/work on a document, etc.)
  • Programming skills are not essential

Participants are strongly encouraged to bring their own laptop during classes. If they cannot do that, classes will be conducted in a computer lab.

Learning goals
At the completion of this bootcamp, participants will gain the ability to avoid several “classical” computer interaction mistakes, learn how to effectively use antivirus, antispyware software and firewalls and secure web sites (https). They will also learn how to create effective memorable passwords. The goals include:

  • Learn about the modern computer security notions
  • Learn the basic cybersecurity terminology
  • Learn about social engineering techniques
  • Learn about Scam and how to distinguish it
  • Learn about viruses and other online threats
  • Learn about mail fraud
  • Learn what “Phishing” is and how to avoid it
  • Learn about HTTPS Internet Security
  • Learn about SSL and when it is absolutely necessary
  • Learn how to create and maintain strong, usable, easy to remember passwords
  • Learn about the above through practical examples

Security Aid Toolbox
Participants will take home a Security Aid Box. The Aid box is a collection of several check lists, forms, graphs, printed material, etc., along with several software tools. This Aid box will be used extensively during the bootcamp to give participants enough practice during the practical sessions.

Summary
This workshop is an excellent opportunity for everyday IT users to get a detailed and concrete knowledge of good practices regarding cybersecurity, avoiding everyday traps on the internet, and understand some basic notions about various attacks like viruses and worms and basic countermeasures, network attacks, cryptography, and password management.

Instructor(s) Dr. George Violettas

  • Dr. George Violettas, Ph.D. in Internet of Things (IoT) & Security of IoT
  • Senior students from Alfaisal University, Software Engineering program




Copyright © 2021 Alfaisal University . All Rights Reserved