Cybersecurity Boot Camp Curriculum Overview: UT Austin, Study notes of Computer Networks

UT Austin Cybersecurity Boot Camp - Powered by Trilogy Education Services Inc. 6. Course Structure. HANDS-ON EXERCISES. CERTIFICATION. PREPARATION.

Typology: Study notes

2022/2023

Uploaded on 05/11/2023

theeconomist1
theeconomist1 🇺🇸

4.1

(30)

245 documents

1 / 13

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
UT Austin Cybersecurity Boot Camp - Powered by Trilogy Education Services Inc. 1
Big data needs big protection. That’s because 90% percent of the world’s data has been
created in just the last two years*. And as computer networks grow, so too does the quantity of
vulnerable information.
The 24-week Cybersecurity Boot Camp is a challenging, part-time program that takes
a multidisciplinary approach to attaining proficiency in IT, networking, and modern
information security.
Throughout the course, you will gain experience with a host of popular tools such as Wireshark,
Kali Linux, Metasploit, Nessus, and more. In addition, you will receive training toward
certifications such as the CompTIA Security+, CompTIA Network+, and ISC CISSP, which
can greatly enhance desirability and employability in today’s job market. You will also learn
methods, techniques, and best practices for convincingly conveying the severity of the risks
facing an organization’s security posture.
UT Austin Cybersecurity Boot Camp - Powered by Trilogy Education Services Inc.
CYBERSECURITY
BOOT CAMP
CURRICULUM OVERVIEW
“Our daily life, economic vitality, and national security depend on a stable,
safe, and resilient cyberspace.” - U.S. Department of Homeland of Homeland Security
*https://www-01.ibm.com/common/ssi/cgi-bin/ssialias?htmlfid=WRL12345USEN
McCombs School of Business
Cockrell School of Engineering
pf3
pf4
pf5
pf8
pf9
pfa
pfd

Partial preview of the text

Download Cybersecurity Boot Camp Curriculum Overview: UT Austin and more Study notes Computer Networks in PDF only on Docsity!

Big data needs big protection. That’s because 90% percent of the world’s data has been

created in just the last two years*. And as computer networks grow, so too does the quantity of

vulnerable information.

The 24-week Cybersecurity Boot Camp is a challenging, part-time program that takes

a multidisciplinary approach to attaining proficiency in IT, networking, and modern

information security.

Throughout the course, you will gain experience with a host of popular tools such as Wireshark,

Kali Linux, Metasploit, Nessus, and more. In addition, you will receive training toward

certifications such as the CompTIA Security+, CompTIA Network+, and ISC CISSP , which

can greatly enhance desirability and employability in today’s job market. You will also learn

methods, techniques, and best practices for convincingly conveying the severity of the risks

facing an organization’s security posture.

UT Austin Cybersecurity Boot Camp - Powered by Trilogy Education Services Inc.

CYBERSECURITY

BOOT CAMP

CURRICULUM OVERVIEW

“Our daily life, economic vitality, and national security depend on a stable, safe, and resilient cyberspace.” - U.S. Department of Homeland of Homeland Security

*https://www-01.ibm.com/common/ssi/cgi-bin/ssialias?htmlfid=WRL12345USEN

McCombs School of Business Cockrell School of Engineering

The Cybersecurity Boot Camp is for anyone who needs to know how to keep data

safe from prying eyes. Enrolling can help you achieve your goals if you say “yes” to

any of the following:

You are currently a technical professional, such as a web developer, network

administrator, or help desk technician, who wants to better understand how to

keep data secure.

You are a manager in a company whose revenue depends on the confidentiality,

availability, and integrity of client data.

You are a manager dedicated to managing growing cyber risks to your organization.

You are looking to move into Cybersecurity from an already technical field, such as

systems administration.

You are a tech enthusiast looking to get your foot in the door in the world of

networking and security.

Is This Program Right For You?

Building On The

Basics

Achieving your goals in Cybersecurity requires not only

deep security knowledge, but also experience with the

application of that knowledge.

Our curriculum is designed to give you both the knowledge

you need to move toward the cybersecurity industry and

ample experience applying that knowledge to real-world

problems. Throughout the program, you will learn tools

and technologies vetted by current practitioners ,

and receive training for three certifications expected of

all serious security professionals.

Network or System Security

Administrator

Systems Security Analyst

Real World Application, Real

Graduates of the Cybersecurity Boot Camp will learn critical skills relevant to the

following careers:

Cyber Network Defender Information Assurance Specialist

Cybersecurity Analyst Penetration Tester

Vulnerability Assessment Analyst Digital Forensics Examiner

Incident Response Analyst

IT Auditor

Secure Coding Specialist

Cybersecurity Operations Specialist

Course Structure

CERTIFICATION HANDS-ON EXERCISES

PREPARATION

DISCUSSION

The program will consist of both insightful lectures and individual and group exercise s,

meant to reinforce the tools and ideas introduced in class. Every few weeks, you will focus your

studies on a particular in-demand certification , ultimately preparing you to take and pass the

corresponding exam. Better yet, you’ll learn how to apply these technologies in the real world.

Throughout the course, you will apply the skills you’ve learned in labs and in other practical scenarios. By the completion of the program, these assignments will give you a vast array of first-hand cybersecurity and networking experience.

Gain valuable experience and training relevant to top certifications in the cybersecurity industry including: The Network+, Security+, and CISSP Certifications.

Industry professionals lead lectures

and class discussions on the

background, history, and applications

of a new technology or concept.

We’re Here To Help

As you move up the learning curve, you’re likely to have questions around many of the concepts

covered in class. We’re here to help—through office hours and a dedicated, 24/7 #Slack channel

where you can request assistance from instructors, support staff, and your fellow students. In addition

to learning the key skills for cybersecurity and networking, you will have access to career support that

will help you prepare for technical roles after graduation.

Database of Customizable Tools and Templates

_- Multiple Technical Resume Templates

  • Github Best Practices
  • Guidelines To Building A Portfolio
  • Creating an Elevator Pitch
  • Developing a Bio_

Career Content and Practice Sessions Online Career Events With Industry Professionals

High Impact Career Events

Soft Skills Training

One-on-One Career Coaching

Sample Projects

Network Analysis & Troubleshooting

A substantial part of modern cybersecurity requires monitoring and analyzing the data flowing over networks. Familiarity with

patterns at the packet level is essential for both basic troubleshooting and more intensive tasks. In this activity, you will monitor the

packets being transmitted over a network to gain insight into problems such as dropped packets and explore other patterns apparent

only at the packet-level.

Data Driven Security Analysis: Identifying Suspicious Login/Request Patterns

The modern IT landscape is defined by the sheer amount of data it’s responsible for. There is far more data than can be examined

directly, but it all must be protected. Data analysis can help security specialists identify suspicious trends in data, thereby

identifying potential incidents and informing future intrusion detection efforts. In this activity, you’ll search for patterns in large

quantities of log data, ultimately identifying and characterizing intrusions evident from the data, and developing protocols

for detection of such intrusions in the future.

Skills Needed

  • (^) Wireshark
  • (^) Packet and protocol analysis
  • (^) Familiarity with TCP/IP, HTTP, and

other protocols

  • (^) Tapping into networks

Skills Needed

  • (^) Network monitoring
  • (^) Packet analysis
  • (^) Threat intelligence
  • (^) Database management
  • (^) Machine learning

Skills Needed

  • (^) HTTP
  • (^) JavaScript
  • (^) SQL
  • (^) XSS
    • (^) XSRF
    • (^) Familiarity with

cookie-based

authentication

Objectives

  • (^) Use Wireshark to analyze packets and identify transmission patterns

associated with poor network performance

  • (^) Articulate the relationships between different network protocols such as

TCP/IP and HTTP

  • (^) Identify suspicious patterns of network activity to hone in on malicious

users

Objectives

  • (^) Use common data analysis tools to analyze large amounts of log data for

telltale patterns of cyberattacks

  • (^) Deploy powerful machine learning techniques to profile previously

unknown, suspicious patterns of activity, so they can be prevented and

identified later

  • (^) Configure logging and monitoring systems and periodically collect and

analyze data they capture

Objectives

  • (^) Explore common web application exploits —such as SQL injection

XSS and XSS—from an offensive perspective, to better understand how

hostile parties analyze and assault their targets

  • (^) Use Burp Suite to automate web-app vulnerability scanning
  • (^) Explore the various available attack vectors and insertion points

relevant to web applications

  • (^) Distill the technical results of a penetration test into policy

recommendations bound for management

Attacking a Web Application

The modern web is one of the most popular places for people to spend their time and store their data. Because of this popularity,

websites are common avenues of attack. In this activity, you will explore, attack, and profile a vulnerable website with tools like Burp

Suite. Then, you will summarize the site’s vulnerabilities with policy recommendations for managers and leadership.

Sample Projects continued...

Penetration Testing

Ultimately, the best indication of a system’s security is how well it holds up against an actual attack. Penetration testing is the

cybersecurity professional’s opportunity to don the proverbial Black Hat, and probe pre-made systems for vulnerabilities using tools

like Metasploit. You will conclude your exploration of these systems with recommendations for mitigating any vulnerabilities that

may have been uncovered during the pen test.

Digital Forensics

Users often delete data from devices that they would prefer others not to see—but, sometimes, organizations find themselves in need

of the very information that was deleted. Deleted data is often recoverable using the techniques of modern digital forensics , which

you will practice in this activity to recover hidden, encrypted, and deleted files from a provided disk drive image.

Cracking and Securing Password-Protected Data

Most of the web’s user-provided data is secured by little more than a password. Since users often reuse passwords between accounts

and/or use easily-guessed passwords, the onus is on the cybersecurity professional to enforce best practices around password creation,

storage, and database management. In this activity, you’ll use John the Ripper to gain experience with password cracking strategies ,

and write a report suggesting technical, governance, and UX policies effective for minimizing vulnerability to such attacks.

Skills Needed

  • (^) John the Ripper (JTR)
  • (^) Hashing algorithms
  • (^) Password storage best practices
  • (^) Dictionary attacks
  • (^) Brute-force attacks

Skills Needed

  • (^) Python
  • (^) Digital forensics
  • (^) Electronic discovery
  • (^) Data recovery
  • (^) Encryption and decryption

Skills Needed

  • (^) Metasploit
  • (^) Ability to perform active and passive

reconnaissance

  • (^) Ability to perform Open Source

Intelligence gathering

  • (^) Kali Linux
  • (^) Vulnerability scanners
  • (^) Network intrusion

Objectives

  • (^) Use John the Ripper to guess a user’s password via both dictionary and

brute-force attacks

  • (^) Articulate the relative strengths and weaknesses of different password

cracking techniques

  • (^) Articulate policy recommendations for managers to reduce the surface

area of password-based attacks

Objectives

  • (^) Use Metasploit to probe an application for vulnerabilities and then attack

the application via a series of pertinent, Metasploit-provided exploits

  • (^) Develop familiarity with the main phases of a penetration test,

including Reconnaissance; Scanning; Access Acquisition; Access

Maintenance; and Clearing Tracks/Erasing Evidence

  • (^) Translate the technical results of the penetration test into a document

with actionable policy resources for management

Objectives

  • (^) Use Python and digital forensics tools to recover deleted files from

a hard drive

  • (^) Discover hidden and otherwise private information on a hard drive using

various modern data-discovery techniques

  • (^) Gain access to encrypted files and folders using popular decryption

modules and techniques

Course Curriculum By Module

Module Description What You’ll Learn

Learning Module:

Cyber Career Immersion

Students spend two weeks experiencing a day in the life of specialized cybersecurity professional.

» Digital Forensics » Security Operations » Cyber Threat Intelligence » Intrusion Detection

Learning Module:

Security+ Preparation

Students review cybersecurity topics to gain mastery of the Security+ Certification body of knowledge.

» Threats, Attacks and Vulnerabilities » Technologies and Tools » Architecture and Design » Identity and Access Management » Risk Management » Cryptography and PKI

Learning Module:

Emerging Technology

Students spend the week learning the technologies disrupting the IT and cybersecurity market. This week keeps students focused on the leading edge.

» Cloud » BlockChain » Cryptocurrency » Docker

Learning Module:

Cyber Leadership

The final two weeks of the course, students focus on high level security and business topics. Students see the world from the view of the C-suite.

» Business Continuity » Certification and Accreditation » Project Management » IT service Management