Programa especializado: Introduction to Cyber Security

This course provides learners with a baseline understanding of common cyber security threats, vulnerabilities, and risks. An overview of how basic cyber attacks are constructed and applied to real systems is also included. Examples include simple Unix kernel hacks, Internet worms, and Trojan horses in software utilities. Network attacks such as distributed denial of service (DDOS) and botnet- attacks are also described and illustrated using real examples from the past couple of decades.

Familiar analytic models are outlined such as the confidentiality/integrity/availability (CIA) security threat framework, and examples are used to illustrate how these different types of threats can degrade real assets. The course also includes an introduction to basic cyber security risk analysis, with an overview of how threat-asset matrices can be used to prioritize risk decisions. Threats, vulnerabilities, and attacks are examined and mapped in the context of system security engineering methodologies.

This course introduces the basics of cyber defense starting with foundational models such as Bell-LaPadula and information flow frameworks. These underlying policy enforcements mechanisms help introduce basic functional protections, starting with authentication methods. Learners will be introduced to a series of different authentication solutions and protocols, including RSA SecureID and Kerberos, in the context of a canonical schema.

The basics of cryptography are also introduced with attention to conventional block ciphers as well as public key cryptography. Important cryptographic techniques such as cipher block chaining and triple-DES are explained. Modern certification authority-based cryptographic support is also discussed and shown to provide basis for secure e-commerce using Secure Sockets Layer (SSL) schemes.

This course introduces real-time cyber security techniques and methods in the context of the TCP/IP protocol suites. Explanation of some basic TCP/IP security hacks is used to introduce the need for network security solutions such as stateless and stateful firewalls. Learners will be introduced to the techniques used to design and configure firewall solutions such as packet filters and proxies to protect enterprise assets.

Perimeter solutions such as firewalls and intrusion prevention systems are shown to have significant drawbacks in common enterprise environments. The result of such weakness is shown to often exist as advanced persistent threats (APTs) from nation-state actors. Such attacks, as well as DDOS and third-party attacks, are shown to have potential solutions for modern enterprise.