Cyber Security Master Annual Program

• Ambitious Beginners in Cyber Security
• Specialists in IT
• Cyber Security Specialists

Program Design

The Cyber Security Master Annual Program is a continuous learning program that provides participants with insights regarding a variety of important cyber security skills. The program consists of 12 workshops, delivered by experts of our partner CQURE Academy. Each live workshop is demo-intensive and accompanied by pre-and post-workshop home assignments to solidify the learning experience.

Each workshop focuses on a different area of cyber security. All workshops will be delivered in-person online and take place on the last Wednesday of every month, with the exception of December, when it will take place two weeks earlier (13th Dec) to avoid conflicts with any Christmas-related arrangements our students may have. A Discord Server will also be provided for the students to receive continuous assistance and support from CQURE’s Experts during the program.

Workshops are delivered in CET / CEST time zone. Each workshop will be complemented by pre-work assignment (some reading material that will help the students prepare for the workshop) and an additional home assignment (e.g., self-study exercises, additional reading materials, labs etc.) and a test.

All of the live workshops will be recorded and are accessible for students at any time – in case any of the participants needs to attend some other duties / holidays or simply want to recap. In January 2024, the Final Exam will be performed in the form of a proctored examination – in order to register for this exam, students must have bought access to the whole program. Please note that the final exam is not included in the package pricing. If students want to take this exam there is an extra fee of Euro 250.

Modules & Schedule

• Securing Windows Platform: W11 & WS22 (SWP)
  
• Hardening Active Directory Infrastructure (HADI)
  
• Collecting and Analyzing Digital Evidence (CADE)
  
• Implementing Secure Azure Active Directory (ISAAD)
  
• PEN Testing Web Application (PENTWA)
  
• Implementing Privileged Access Workstations (IPAW)
  
• Understanding Malware Analysis (UMA)
  
• Mastering Authentication in .NET (MANET)
  
• Configuring Application Whitelisting (CAW)
  
• Empowering the PowerShell (ETPS)
  
• Mastering Monitoring Operations and Threat Intelligence (MMOTI)
  
• Securing SQL Server (SSQLS)
  

1. Securing Windows Platform: Windows 11 & Windows Server 2022
Date: January 25th
Teacher: Mike Jankowski-Lorek

Students will learn to identify and disable unnecessary services, implement secure service accounts, rights, permissions, and privileges.

• New features in Windows 11 and Windows Server 2022 affecting security
• Implementing rights, permissions, and privileges
• Defining and disabling unnecessary services
• Implementing secure service accounts
• Code signing

2. Hardening Active Directory Infrastructure
Date: February 22nd
Teacher: Michael Grafnetter

Students will understand modern identity attack techniques including the pass-the-hash, pass-the-ticket, kerberoasting, and others. Further, they will learn what can be done to mitigate the threat from such attacks and how to do it.

• Modern Identity Attack Techniques
• Preventing Credential Theft and Misuse
• Recommended AD Configuration Options
• OS-Level Credential Protection Features
  LSA Protected Process
  Credential Guard
  RDP Restricted Admin Mode
  
• Detecting Backdoors in Active Directory

3. Collecting and Analyzing Digital Evidence
Date: March 29th
Teacher: Paula Januszkiewicz

Students will understand the general idea and best practices of evidence gathering. They will be able to perform memory dumps, analyze them and recognize indicators of compromise. Students will also learn how to dump and analyze forensic data from disks, and how to properly extract as well as interpret evidence.

• Evidence Gathering
• Memory: Dumping and Analysis
• Memory: Indicators of compromise
• Disk: dumping & analysis
• Disk: extracting and interpreting evidence

4. Implementing Secure Azure Active Directory
Date: April 26th
Teacher: Michael Grafnetter

Students will become familiar with the most important Azure Active Directory settings. After completing the module, they will be able to implement AAD identity protection, AAD privileged identity management, and AAD password protection.

• Azure AD security settings
• AAD Identity Protection
• AAD Privileged Identity Management (PIM)
• AAD Password Protection

5. PEN Testing Web Applications
Date: May 31st
Teacher: Artur Kalinowski

Students will become familiar with key aspects of web application PEN testing. They will learn what vulnerabilities are often found in web applications and how they may be exploited. This knowledge is important for offensive as well as defensive purposes and it’s something all web application developers should know.

• Cross Site Scripting
• Injections
• Insecure File Handling
• Testing API

6. Implementing Privileged Access Workstations
Date: June 28th
Teacher: Sami Laiho

A Privileged Access Workstation (PAW) is a dedicated computing environment for sensitive tasks that is protected from Internet attacks and other threat vectors. A PAW separates these sensitive tasks and accounts from non-administrative computer use, such as email and web browsing. This module enables students to understand and to learn how to implement and manage on-premise as well as cloud-service privileged access workstations.

• Privileged Access Workstations - how and why?
• Different hardware and VM solutions for implementing PAWs
• Difference between normal and privileged access
• Implementing and managing on-prem PAWs
• Implementing and managing cloud-service PAWs

7. Understanding Malware Analysis
Date: July 26th
Teacher: Paula Januszkiewicz

Students will learn about tools and methodologies for performing malware analysis. They will be able to perform basic analysis and will have the foundation for further diving into this subject.

• Malicious non-exe files
• Introduction to Static Malware Analysis
• Behavioral Malware Analysis

8. Mastering Authentication in .NET
Date: August 30th
Teacher: Przemek Tomasik

Students will be able to implement various types of authentications in .NET.

• Implementing OAUTH 2
• Implementing OpenID Connect
• Implementing SAML

9. Configuring Application Whitelisting
Date: September 27th
Teacher: Sami Laiho

In many organizations, information is the most valuable asset, and ensuring that only approved users have access to that information is imperative. AppLocker advances the app control features and functionality of software restriction policies. AppLocker contains new capabilities and extensions that allow you to create rules to allow or deny apps from running based on unique identities of files and to specify which users or groups can run those apps. In this module students will learn how to implement, manage, and troubleshoot Applocker.

• Whitelisting in General
• Implementing AppLocker
• Managing AppLocker
• Troubleshooting AppLocker

10. Empowering the PowerShell
Date: October 25th
Teacher: Michael Grafnetter

Students will be able to utilize specific PowerShell tools related to security, such as DSInternals. They will learn advanced PowerShell features which will allow them to audit Active Directory for vulnerabilities.

• PowerShell security and specific hack tools (like DSInternals)
• Advanced PowerShell course
• Auditing Active Directory using PowerShell

11. Mastering Monitoring Operations and Threat Intelligence
Date: November 29th
Teacher: Piotr Pawlik

Students will become familiar with Microsoft Endpoint Detection and Response (EDR) and Security Information and Event Management (SIEM) solutions.

• Microsoft 365 Security from a SOC analysts’ perspective
• Microsoft 365 Defender for Endpoint – EDR story
• Detection and Response with Sentinel – Let’s attack Contoso network

12. Securing SQL Server
Date: December 13th
Teacher: Damian Widera

Students will understand SQL Server security baseline and will be able to effectively manage logins and passwords for MS SQL servers.

• SQL Server Security Baseline Concepts
• SQL Server Instance Security
• Managing Logins & Passwords