Cybersecurity: Methods of Protection (Blue Team Activity)
4.2 (3 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
30 students enrolled

Cybersecurity: Methods of Protection (Blue Team Activity)

Learn how to harden every host in the network and how to find a spy in your network.
4.2 (3 ratings)
Course Ratings are calculated from individual students’ ratings and a variety of other signals, like age of rating and reliability, to ensure that they reflect course quality fairly and accurately.
30 students enrolled
Created by Packt Publishing
Last updated 11/2018
English [Auto-generated]
Current price: $11.99 Original price: $124.99 Discount: 90% off
4 days left at this price!
30-Day Money-Back Guarantee
This course includes
  • 3 hours on-demand video
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
Training 5 or more people?

Get your team access to Udemy's top 3,000+ courses anytime, anywhere.

Try Udemy for Business
What you'll learn
  • Tune your firewalls in the most practical way
  • Make use of IDS/IPS and learn how they help you keep hackers away or catch them

  • Get a hacker's IP and what you can do with it

  • Honeypot is important, and how to use it
  • Detect why antivirus software is not enough and how to defend your endpoint machines totally
  • Make your web application a hard nut to crack
  • Secure your databases
  • How not to give your browser away to a hacker
  • Protect your network from ransomware
  • Take preventive measures when you find malicious file in your mail or in your machine
  • Avoid phishing
  • Become a whale: preventing a spear-fishing
  • Scan your assets for quickly finding a threat
  • Overcome a social engineer
  • Learn what to do if you are under a cyber attack
  • This 90% practical course with detailed explanations and how-to explanations demonstrating every technique is a comprehensive guide that teaches you how to secure and defend your network from attacks.

Cyber threats and attacks are becoming more common, sophisticated, and damaging. The Alliance is faced with an evolving complex threat environment. State and non-state actors can use cyber attacks in the context of military operations.

In the first part of the course, you'll learn about different kinds of cyberattack and how they can be executed. In the second part, you'll prevent or mitigate these attacks and protect your digital assets.

First of all you'll find out how to harden your network in all directions. We'll talk about firewalls and how to fine-tune them correctly. You'll manage IDS and IPS and understand what they can tell us. You'll also learn how to track hackers in the cyberspace, harden every host in the network, and find network spies.

Next, we cover how to harden your websites and web applications: what steps you should take to avoid SQL injection, XSS scripts, session hijacking, and more.

We'll show you how to protect yourself and your employees against hackers and their psychological manipulations, and phishing and spear-phishing.

About the Author

Sergii Nesterenko is an Information Security Consultant and Penetration Tester with 20 years' experience in information security and 6 years' in the cybersecurity field. He consults international business companies, military staff, NGOs, politicians, Members of Parliament, law enforcement, and other VIPs on security issues. His wide knowledge of information technologies and human psychology lets him elaborate effective technologies to prevent and overcome the most cunning cyberattacks. He is known for his publications and lectures on cybersecurity, anti-fraud, and counter- cyber-espionage issues.

Who this course is for:
  • This course is targeted on security engineers, system administrators, SQ testers, ISO, Information Security Consultants --and everybody who must or want to take care on cybersecurity of their assets. After the completion of this course you will be totally able defend your digital assets.
Course content
Expand all 29 lectures 03:09:43
+ Securing Your Network
11 lectures 01:19:48

This video will give you an overview about the course.

Preview 06:08

Learn how firewalls can protect you and how to tune them up for this purpose.

   •  Understand the true mission of firewalls

   •  Discover how firewalls really function and manage traffic data

   •  Understand firewall rules and how to create them

Understanding Firewalls and Tuning Them Up

IDS/IPS are extremely powerful tools to monitor and detect the signs of many types of cyberattacks. In this video, learn how exactly they help to protect your network or host and why they should be used along with firewalls

   •  Understand how IPS/IDS analyze traffic to discover an attack

   •  Explore the difference between IDS and IPS and which one is better to use

   •  Get started with SNORT - an open source IPS capable of real-time traffic analysis

How to Work with IDS/IPS

Wi-Fi networks are one the favorite targets of cybercriminals, and in this video you will know why. We’ll discuss all threatening consequences of a WLAN hacking and three easy steps to create a bulletproof protection for your network.

   •  Discover how malicious hackers can utilize your hacked Wi-Fi network

   •  Learn to change passwords and security key

   •  Set right encryption and kill WPS

Securing Your Wi-Fi Network

Everyone leaves traces in the cyberspace. In this video, you’ll learn how to fight back if you have an attacker’s IP.

   •  Collect evidence and identify the attackers network

   •  Get help from the network owner and ISP

   •  Report the incident to the law enforcement

Ferreting out a Hacker by IP

Man-in-the middle attack is very common and dangerous because the attacker can covertly intercept and manipulate all the data you transfer. In this video, you’ll understand how to discover and fight back such attack.

   •  Learn Ettercap - a powerful tool for imitating a MITM attack

   •  Run the attack with Ettercap

   •  Discover the attack with Wireshark

Analyzing Traffic Wireshark

ARP Poisoning is the most widespread type of MITM attack. In this video, you’ll find out how to constantly monitor your network and discover this attack in seconds starting from the moment it begins.

   •  Understand and demonstrate ARP Poisoning attack

   •  Install Xarp - the tool for monitoring your network

   •  Conduct ARP Poisoning and discover it with Xarp

The Fastest Way to Detect ARP Poisoning Attack

Discover how to not only detect a cybercriminal activity in your network but also how to counterspy him with legal tools.

   •  Detect a spy in your network

   •  Monitor and analyze the spy activity

   •  Detect and cut the suspicious connections

Analyzing Your Traffic to Catch a Spy with Wireshark

Malware is the main weapon of destruction in cybercriminals hands, so you need to know it well. In this video, you’ll learn different types of malware targeted at you and various ways to detect and neutralize them.

   •  Check for a suspicious file properties

   •  Upload and check the file with Virus Total service

   •  Conduct deep analysis of the suspicious file with an online sandbox

Looking for Spies with a Python Script

Ransomware is widespread devastating malware able to rob all your files, block access to your data and computer. Many people fell prey of it every day. In this video, we’ll learn how it can be delivered to your machine and how you can prevent it.

   •  Understand what ransomware is and how it functions

   •  Find out how you can be attacked with ransomware

   •  Learn three main ways to protect from ransomware

How to Outfox Ransomware

In this video, you’ll know what to do if your assets went under cyberattack. Such situation is extremely stressful, so you must prepare. Here, we’ll create an action plan to fight back.

   •  Understand what is the first thing to do after detecting the attack

   •  Create risk assessment and prepare action plan

   •  Evaluate the situation and urgent steps to take

Advanced-level Techniques: What to Do If Hackers Already in Your Network
+ Securing Your Website
9 lectures 01:01:35

Password is a magic key to taking control over a website. In this video, you’ll see the detailed explanation and demo on how attackers can extract the password for your website by brute force attack.

   •  Understand basics of brute force attack

   •  Run the brute forcing attack with OWASP ZAP scanner

   •  Analyze the results to extract the password

Preview 10:47

For security reasons, password must be long and complicated. But such passwords are too hard to remember and use. Is there a way to solve this problem? In this video, you’ll get the answer and know how to create a secure password in seconds.

   •  Understand the difference between a secure and unsecure password

   •  Create strong and easy-to-remember password

   •  Install LastPass Password Messenger and tune up its features correctly

How to Create a Bulletproof Password in a Second

Find out ways to test your website for vulnerability to SQL injection.

   •  Understand SQL injection attack

   •  Set up Burp Suite as attacking machine and DWVA as a victim machine

   •  Scan the victim machine to find SQL-injection vulnerability

Testing a Website for SQL Injection with Burp Suite

XSS is another most widespread and dangerous type of malicious injection. In this video, you’ll find out how to test your website for XSS vulnerability.

   •  Understand XSS attack

   •  Set up Burp Suite as attacking machine and DWVA as a victim machine

   •  Scan the victim machine to spot XSS vulnerability

Testing a Website for XSS Vulnerability

Provide a powerful protection from SQL and XSS attacks.

   •  Learn blacklisting and whitelisting methods

   •  Compare blacklisting and whitelisting methods

   •  Apply whitelisting correctly

Building Fortifications – Input Validation and Whitelisting

SSL/TLS protocol provides confidentiality of data in transfer. But very often it’s not tune up properly. In this video, you’ll know how to check the reliability of your SSL/TLS connection.

   •  Understand the functioning of SSL/TLS

   •  Test your website for SSL/TLS vulnerabilities with online scanner

   •  Analyze the results of the scanning

Testing Your SSL/TLS Connection

Cybercriminals can infect your website with malicious script for providing various types of malicious activity, and you even won’t be aware of that. To avoid this threat, you need to constantly check your website. In this video, you’ll learn how to do that.

   •  Understand how a malicious script can destroy your business

   •  Check your website for a malware script presence

   •  Analyze the results of the scan

Scanning Your Website for Malicious Scripts

Session hijacking can give an attacker the access to your accounts even without stealing a password! That’s why you need to take special care about preventing such attacks on your website. In this video, you’ll learn how to do that quickly and effectively.

   •  Understand session hijacking attack and the most popular ways to conduct it.

   •  Secure the cookies function

   •  Implement the methods of protection against section hijacking

Protecting from a Session Hijacking Attack

Find out how to combine all learned techniques into the powerful strategy to protect your website. You’ll also explore the most important models of cybersecurity: CIA triad and Defense-in-Depth and how to apply them.

   •  Get acquainted with CIA triad model

   •  Use CIA triad model to build your defense system

   •  Understand Defense-in-Depth principle and apply it to your website protection

The Big Strategy – Three Shortcuts to Secure a Web Application
+ Defending from Social Engineering Attacks
9 lectures 48:20

Understand what is social engineering attack surface, how attackers manipulate humans’ emotions and how to protect against such manipulations

   •  Explore the four favorite targets of social engineers

   •  Understand the thumb rule to fight back a social engineering attack

   •  Lastly, you will see a demonstration of temperature, humidity, and pressure sensors.

The Rule of Thumb to Fight Back Social Engineering Attacks

Understand why phishing has become the most popular trend of social engineering attacks, how to spot a phishing web link and what you can to avoid falling as a phisher’s prey.

   •  Look how the attackers imitates real websites

   •  Find out if a website is phishing

   •  Protect yourself from this kind of phishing attack

Discovering a Phishing Link

There many ways to differ a phishing email from a true one. In this video, you’ll see the easiest and fastest ways to do that.

   •  Discover a fake email using the easiest way that is hovering

   •  Go deeper on how to check an email by the header

   •  Understand the traces of truth or lie: what exactly to look for in an email header

Unmasking a Phishing Email

Learn about whaling as a special kind of spear-phishing attacks, who are the main targets of this type of social engineering, and what algorithm the perpetrators use to hunt for their prey.

   •  Understand how and where cybercriminals gather information about targets

   •  Learn how they create baits to deliver malware

   •  Explore how to protect from this kind of phishing

Anti-Whaling: How to Prevent Yourself from Spear-phishing

Password Stealers is skyrocketing in efforts to penetrate users’ computers. In this video, you’ll know what Passwords Stealers are, how cybercriminals use them in phishing attacks, and how this malware can harm you.

   •  Explore how a password stealer can be delivered to a victim

   •  Under why sometimes the user is unaware that she is attacked with a password Stealer

   •  Build a bulletproof protection from Password Stealers

How to Prevent Password Stealers

Banking credentials are the first target for cybercriminals. In this video, you’ll learn about the most vulnerable points perpetrators aimed at and how to protect them.

   •  Learn about attackers’ tools to steal money

   •  Learn how to protect the credentials

   •  Use Comodo Secure Shopping tool to neutralize all cybercriminals' efforts

How to Protect Your Banking Secrets

Your email is a real tidbit for an attacker. In this video, you’ll understand why is it so and what exactly cybercriminals will be able to do if they hack it. And, of course, what can you do to protect yourself.

   •  Learn how an attacker can hack email

   •  Understand how attackers sell data, hijack accounts, spreads spam and other troubles

   •  Explore the uncommon way to protect your email with ProtonMail

Securing Your Email with ProtonMail

A key logger is able to record every keystroke your make and send the records to attackers. In this video you’ll see how exactly the key loggers works and the way to deceive them.

   •  Look at examples of key loggers activity

   •  Understand how a key logger functions

   •  Neutralize a key logger activity with Key Scrambler

How to Outfox Keyloggers

Combine all techniques we learned in one powerful strategy based on defense-in-depth principles.

   •  Understand clearly why using various techniques separately can’t protect you

   •  Apply defense-in-depth principles to fight social engineering attack

   •  Build the whole strategy to protect from social engineering attacks

The Final Game: Building the Anti-Social-Engineering Strategy