Embed Size (px)
Citation preview
CANADIAN CYBER ACADEMYOffering training courses that provide your resources with the latest learning opportunities
Course Offerings January 2019
2
TABLE OF CONTENTSOvercoming the Challenge: The Canadian Cyber Academy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1Mariner . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2Bulletproof . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4
ISACA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6ISC2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7CompTIA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8Logical Operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Collège communautaire du Nouveau-Brunswick (CCNB) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11New Brunswick Community College (NBCC) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13Canadian Institute for Cybersecurity/ University of New Brunswick: Cybersecurity Advanced Learnings . . 14Willis College . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16Oulton College . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
To learn more about the Academy and how to obtain training, contact:Dillon DonahueSkills Framework SpecialistCyberNB(506) [email protected]
3
OVERCOMING THE CHALLENGE:THE CANADIAN CYBER ACADEMYA priority of CyberNB is collaborating with industry, government and academia to increase our talent pipeline starting with K-12 and moving through post-secondary and extending beyond into continuous learning through professional development.CyberNB is facilitating training and professional development through the Cyber Academy via our partners, a virtual academy built on the training expertise of New Brunswick’s leading cybersecurity ecosystem educators and trainers with specialties in:1. Finance;2. Defence;3. Critical infrastructure and;4. Government Services.This solution is the establishment of an industry-led Canadian Cyber Academy as an integral part of New Brunswick’s growing cybersecurity cluster.The Academy will offer advanced level cybersecurity training in state-of-the-art facilities using modern instruction methodologies. Depending on the course, training may be available in-house in New Brunswick, online or at your location.
Skilled professionals are needed nowWith growing cyber risks, it’s essential that organizations train their resources with the latest information and technology to build the right skill sets. The Cyber Academy is comprised of partners who can provide both custom training offerings or existing courses to provide your resources with the latest learning opportunities.The course and training offerings are updated regularly. If you don’t see what you are looking for, contact us.
2
MARINER
Security Courses
Security+ Certification (5 Days)This course is designed to help students prepare for the CompTIA Security+ exam by covering a wide range of topics such as network security, physical security, malware, and incident response.
CSA+ (5 Days)The Cyber Security Analyst course follows the Security+ course and is an international, vendor- neutral cybersecurity certification that applies behavioral analytics to improve the overall state of IT security. CSA+ validates critical knowledge and skills that are required to prevent, detect and combat cybersecurity threats.
CASP (5 Days)The CompTIA Advanced Security Practitioner is the 3rd course in the CompTIA series that teaches security professionals the details of security topics such as cryptography, virtualization, implementing host security, application security, and security research.
Ethical Hacking and Countermeasures (5 Days)This course is designed to teach students about the different types of attacks that are common against systems and emphasizes how to protect against those attacks!
Computer Forensics and Investigations (5 Days)This course introduces students to the world of computer forensics and investigation and demonstrates how to acquire, analyze, and report on evidence when performing an internal investigation.
Network Defense and Countermeasures (5 Days)This course is focused on the details of protecting the network with discussions on packet signature analysis, firewalls, IDS, and routers.
Information System Security Officer (ISSO) (5 Days)The ISSO course is a 5-day course that exposes students to the wide range of information system security topics and helps them gain the knowledge needed to oversee the security of an organization.
CyberSec First Responder: Threat Detection and Response (5 Days)This 5-day course is designed to teach IT professionals how to monitor and detect security incidents on information systems and networks, and how to prepare a proper incident response to such incidents.
3
Networking Courses
A+ Certification (5 Days)This course is designed to help students prepare for the A+ Certification exam and give them the knowledge to support computer systems on a company network.
Network+ Certification (5 Days)This 5-day course is designed to give students the networking foundation they need to work as a network professional for a company. Students will learn about TCP/IP, routers, and switches.
Cisco ICND1 Certification (CCENT) (5 Days)This is the first Cisco course that is designed to help students prepare for the ICND1 exam and gives them the foundation to manage Cisco switches and routers on a LAN network.
Cisco ICND 2 Certification (5 Days)This is the second Cisco course with more advanced topics the students would need to know for the ICND2 exam, and to manage devices in a WAN network.
Programming Courses
Introduction to Visual Basic .NET (5 Days)This course is designed to introduce Visual Basic to an individual that has never programmed in VB before. The course covers basic topics such as creating forms applications, looping structures, conditional structures, and classes and objects.
Introduction to ASP.NET (5 Days)This course introduces students to web development with ASP. NET. Students learn to create a web application, validation, and to connect to a database.
Introduction to C# .NET (5 Days)This course is designed to introduce C# as a programming language and covers basic topics such as creating forms applications, looping structures, conditional structures, and classes and objects.
4
EC Council Certified Secure Programmer .NET (ECSP.NET)The course teaches developers how to identify security flaws and implement security countermeasures throughout the software development life cycle to improve the overall quality of products and applications.
Course ObjectivesThis course will: ▪ Familiarize you with .Net Application Security, ASP.
Net Security Architecture and help you understand the need for application security and common security threats to .Net framework.
▪ Discuss security attacks on .Net frame work and explain the secure software development life cycle.
▪ Help you to understand common threats to .Net assemblies and familiarize you with stack walking processes.
▪ Discuss the need for input validation, various input validation approaches, common input validation attacks, validation control vulnerabilities, and best practices for input validation.
▪ Familiarize you with authorization and authentication processes and common threats to authorization and authentication.
BULLETPROOF
▪ Discuss various security principles for session management tokens, common threats to session management, ASP.Net session management techniques, and various session attacks.
▪ Cover the importance of cryptography in .Net, different types of cryptographic attacks in .Net, and various .Net cryptography namespaces.
▪ Explain symmetric and asymmetric encryption, hashing concepts, digital certificates, digital and XML signatures.
▪ Describe the principles of secure error handling, different levels of exception handling, and various .Net logging tools.
▪ Examine file handling concepts, file handling security concerns, path traversal attacks on file handling, and defensive techniques against path traversal attack.
5
EC-Council Certified Ethical Hacker (CEH) v10.0Students will learn how to scan, test, hack and secure target systems. The course covers the Five Phases of Ethical Hacking, diving into Reconnaissance, Gaining Access, Enumeration, Maintaining Access, and covering your tracks.
Course ObjectivesA Certified Ethical Hacker is a skilled professional who understands and knows how to look for weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner to assess the security posture of a target system(s). The CEH credential certifies individuals in the specific network security discipline of Ethical Hacking from a vendor- neutral perspective.
EC-Council Certified Network Defender (CND)Certified Network Defender (CND) is a vendor-neutral, hands-on, instructor-led comprehensive network security certification training program. It is a skills-based, lab intensive program based on a job-task analysis and cybersecurity education framework presented by the National Initiative of Cybersecurity Education (NICE). The course has also been mapped to global job roles and responsibilities and the Department of Defense (DoD) job roles for system/ network administrators. The course is designed and developed after extensive market research and surveys.
Course ObjectivesThe program prepares network administrators on network security technologies and operations to attain Defense-in-Depth network security preparedness. It covers the protect, detect and respond approach to network security. The course contains hands-on labs, based on major network security tools and techniques which will provide network administrators real world expertise on current network security technologies and operations. The study-kit provides you with over 10 GB of network security best practices, assessments and protection tools. The kit also contains templates for various network policies and a large number of white papers for additional learning.
EC-Council Certified Security Analyst (ECSA) v10.0The ECSA pentest program takes the tools and techniques you learned in the Certified Ethical Hacker course (CEH) and enhances your ability into full exploitation by teaching you how to apply the skills learned in the CEH by utilizing EC-Council’s published penetration testing methodology. It focuses on pentesting methodology with an emphasis on hands- on learning.
Course ObjectivesThe ECSA penetration testing course provides students with a real world hands-on penetration testing experience and is a globally accepted hacking and penetration testing class available that covers the testing of modern infrastructures, operating systems and application environments while teaching students how to document and write a penetration testing report.
EC-Council Computer Hacking Forensics Investigator (CHFI) v9.0This course will provide participants the necessary skills to identify an intruder’s footprints and to properly gather the necessary evidence to prosecute in the court of law.
Course ObjectivesComputer forensics enables the systematic and careful identification of evidence in computer related crime and abuse cases. This may range from tracing the tracks of a hacker through a client’s systems, to tracing the originator of defamatory emails, to recovering signs of fraud.
6
Certified Information Security Manager (CISM)In this course, students will establish processes to ensure that information security measures align with established business needs.
Course Objectives ▪ Information Security Governance. ▪ Information Risk Management and Compliance. ▪ Information Security Program Development and
Management.
▪ Information Security Incident Management.
Certified Information Systems Auditor (CISA)In this course, students will establish processes to ensure that information security measures align with established business needs.
Course ObjectivesUpon successful completion of this course, students will be able to: ▪ Establish and maintain a framework to provide
assurance that information security strategies are aligned with business objectives and consistent with applicable laws and regulations.
▪ Identify and manage information security risks to achieve business objectives.
▪ Create a program to implement the information security strategy.
▪ Implement an information security program. ▪ Oversee and direct information security activities to
execute the information security program. ▪ Plan, develop, and manage capabilities to detect,
respond to, and recover from information security incidents.
ISACA
7
ISC2
Certified Information System Security ProfessionalThis course will expand upon your knowledge by addressing the essential elements of the eight domains that comprise a Common Body of Knowledge (CBK)® for information systems security professionals.
Course ObjectivesIn this course, you will identify and reinforce the major security subjects from the eight domains of the (ISC)2 CISSP CBK.You will: ▪ Analyze components of the Security and Risk
Management domain. ▪ Analyze components of the Asset Security domain. ▪ Analyze components of the Security Engineering
domain. ▪ Analyze components of the Communications and
Network Security domain. ▪ Analyze components of the Identity and Access
Management domain. ▪ Analyze components of the Security Assessment and
Testing domain. ▪ Analyze components of the Security Operations
domain. ▪ Analyze components of the Software Development
Security domain.
CompTIA Security+ CertificationIn this course, students will implement, monitor, and troubleshoot infrastructure, application, information, and operational security. Students will prepare for the CompTIA Security+ certification examination (SY0 – 501).
Course ObjectivesIn this course, you will implement information security across a variety of different contexts: ▪ Identify the fundamental components of information
security. ▪ Analyze risk. ▪ Identify various threats to information security. ▪ Conduct security assessments to detect vulnerabilities. ▪ Implement security for hosts and software. ▪ Implement security for networks. ▪ Manage identity and access. ▪ Implement cryptographic solutions in the organization. ▪ Implement security at the operational level. ▪ Address security incidents. ▪ Ensure the continuity of business operations in the
event of an incident.
8
COMPTIA
CompTIA Advanced Security Practitioner (CASP)In this course, which prepares you for the CompTIA Advanced Security Practitioner exam (CAS-003), you will expand on your knowledge of information security to apply more advanced principles that will keep your organization safe from the many ways it can be threatened. You’ll apply critical thinking and judgment across a broad spectrum of security disciplines to propose and implement sustainable security solutions that map to organizational strategies; translate business needs into security requirements; support IT governance and risk management; architect security for hosts, networks, and software; respond to security incidents; and more.
Course ObjectivesIn this course, you will analyze and apply advanced security concepts, principles, and implementations that contribute to enterprise-level security.
You will: ▪ Support IT governance in the enterprise with an
emphasis on managing risk. ▪ Leverage collaboration tools and technology to support
enterprise security. ▪ Use research and analysis to secure the enterprise. ▪ Integrate advanced authentication and authorization
techniques. ▪ Implement cryptographic techniques, security controls
for hosts and mobile devices, network security, and security in the systems and software development lifecycle.
▪ Integrate hosts, storage, networks, applications, virtual environments, and cloud technologies in a secure enterprise architecture.
▪ Conduct security assessments; responding to and recovering from security incidents.
CompTIA Cybersecurity Analyst (CySA+) CertificationThe course introduces tools and tactics to manage cybersecurity risks, identify various types of common threats, evaluate the organization’s security, collect and analyze cybersecurity intelligence, and handle incidents as they occur.
Course ObjectivesIn this course, you will assess and respond to security threats and operate a system and network security analysis platform.
You will: ▪ Assess information security risk in computing and
network environments. ▪ Analyze reconnaissance threats to computing and
network environments. ▪ Analyze attacks on computing and network
environments. ▪ Analyze post-attack techniques on computing and
network environments. ▪ Implement a vulnerability management program. ▪ Collect cybersecurity intelligence. ▪ Analyze data collected from security and event logs. ▪ Perform active analysis on assets and networks. ▪ Respond to cybersecurity incidents. ▪ Investigate cybersecurity incidents. ▪ Address security issues with the organization’s
technology architecture.
11
10
LOGICAL OPERATIONS
CyberSAFE Extended Edition 2017This course will help you to understand security compliance considerations, social engineering, malware, and various other data security-related concepts. In this course, you will explore the hazards and pitfalls and learn how to use technology safely.
Course ObjectivesIn this course, you will identify many of the common risks involved in using conventional end-user technology, as well as ways to use it safely, to protect yourself from those risks.You will: ▪ Identify the need for security. ▪ Secure devices like desktops, laptops, smartphones,
and more.
▪ Secure your use of the Internet.
CyberSec First Responder: Threat Detection and ResponseThis course is designed for information assurance professionals who perform job functions related to the development, operation, management, and enforcement of security capabilities for systems and networks.
Course ObjectivesIn this course, you will develop, operate, manage, and enforce security capabilities for systems and networks.
You will: ▪ Assess information security risk in computing and
network environments. ▪ Create an information assurance lifecycle process. ▪ Analyze threats to computing and network
environments. ▪ Design secure computing and network environments. ▪ Operate secure computing and network environments. ▪ Assess the security posture within a risk management
framework. ▪ Collect cybersecurity intelligence information. ▪ Respond to cybersecurity incidents. ▪ Investigate cybersecurity incidents. ▪ Audit secure computing and network environments.
13
The Cybersecurity Short-Term Technical Program is designed to acquire skills to deploy and manage the security of computer systems, and to assess the level of vulnerability and the consequences of poor security.
Career PossibilitiesGraduates of this program may work in information technology consulting firms and in information technology units throughout the private and public sectors, or they may be self- employed.Targeted Job (including NOC codes)1: ▪ Information systems analysts and consultants (2171)
1NationalOccupationalClassification(NOC)
Program OutcomesFollowing successful completion of this program, the student will be able to: ▪ Analyze cyber attacks. ▪ Discover how to protect against social engineering. ▪ Design methods for virtual network attack.
▪ Manage virtual endpoints and mobile devices.
CertificationUpon successful completion of the prescribed curriculum, the student will receive a certificate of advanced studies in Cybersecurity Short-Term Technical.
Prior Learning Assessment And RecognitionMore information about Prior Learning Assessment and Recognition (PLAR) for the Cybersecurity Short-Term Technical program is available upon request.
COLLÈGE COMMUNAUTAIRE DU NOUVEAU-BRUNSWICK (CCNB)
14
Additionnal Information ▪ Student enrolled in this program will have to deal with
the realities of the profession: ▪ Adopt professional behavior. ▪ Adapt to new technologies. ▪ Work in a multidisciplinary team. ▪ Work in a confidential environment.
▪ The student admitted into this program must obtain a criminal check from the local police via the Canadian Police Information (CPI) at their expense. According to his/her criminal record, the student may not be eligible for practicums.
▪ Students may have to travel to an area other than that of their campus or permanent residence to do their practicum. Travelling and other expenses relating to the practicum will be their responsibility.
▪ Students could also have to follow an irregular work schedule. Furthermore, certain work practicums may require French language skills.
▪ This program is aimed at people who are considering a job in the field of quality assurance as well as people currently working in the field of quality assurance and looking to increase their knowledge. The program combines the preparatory readings and classroom instruction, including practical and relevant exercises so that the student can apply quality assurance control methods and techniques in the workplace.
▪ The student must be able to justify, at their own expense, a clean criminal record if they wish to maintain their eligibility for the internship and certain educational activities.
Program InformationDuration – 20 weeks including a work practicum of 6 weeks.
CONDITIONS OF ADMISSIONProfile K ▪ College certificate in Information Technology sector
(Computer Programming, Network, etc.) OR ▪ Bachelor degree in Computer Science or related field.
Courses of the Program
SECS1012 – Cybersecurity Fundamentals – 45 hoursThis course will allow the student to improve their knowledge on the fundamental concepts of cybersecurity.
SECS1013 – People, Application, Data and Infrastructure Security – 90 hoursThis course will allow the student to familiarize themself with the people, application, data, infrastructure and physical security.
SECS1014 – Security Intelligence and Risk Management – 45 hoursThis course will allow the student to deepen their knowledge on security intelligence and risk management.
SECS1015 – Attack Life Cycle – 45 hoursThis course will allow the student to deepen their knowledge on the current attack life cycle.
SECS1017 – Cybersecurity Common Attacks I – 90 hoursThis course will allow the student to enhance their competency on common attacks in cybersecurity.
SECS1018 – Cybersecurity Common Attacks II – 90 hoursThis course will allow the student to discover cybersecurity common attacks and how to protect against them.
SECS1019 – Penetration Testing and Java Security Programming – 90 hoursThis course will allow the student to possess the fundamental skills and practical penetration testing knowledge to perform basic security audits. They will also learn fundamental concepts, methodologies and tools necessary to analyze network traffic and malware detection.
SECS1020 – Research and Development Project in Cybersecurity – 90 hoursThis course will allow the student to develop the skills needed to demonstrate an in-depth understanding of a thematic relevant to the cybersecurity. The student will gain an overall appreciation of the activities required for the realization of a research and development project in the cybersecurity sector.
12
15
Program OverviewSecurity violations, data breaches, and privacy failures are an ever-growing threat to businesses and individuals. Through classroom theory and hands-on projects in our advanced diploma program, you’ll learn how to identify, analyze, and mitigate threats to internal IT systems and/ or networks. You’ll explore the systems, tools, and concepts used to minimize the risk to an organization’s cyberspace, and the standards and procedures to protect the confidentiality, integrity, and availability of information and information systems. As one of the world’s fastest growing technology fields, the demand for cybersecurity professionals has never been greater.
DurationThis program can be completed within one academic year.
Admission RequirementsProfile FPost-secondary diploma in Information Technology, Network Administration or Programming; or University degree in Computer Science or Information Systems; or equivalent work experience in computer network administration and applications.
Specific ConsiderationsThis program is a Learning Integrated Virtually Everywhere (L.I.V.E) program that requires the use of a notebook computer as part of the learning experience. Your notebook computer should meet minimum technical specifications to ensure the software for your program operates effectively. Check specifications listed on the LIVE program computer specifications. Students may be required by host agencies or employers to provide a current criminal records check and/or a reliability or secret clearance from a service recognized by the host agency or employer before they may start their work placement.
NOC Codes0213 – Computer and information systems managers2171 – Information systems analysts and consultants2281 – Computer network technicians
NEW BRUNSWICK COMMUNITY COLLEGE (NBCC)
16
Cybersecurity Management 101Provides learners with principles of data and technology that frame and define cybersecurity. Learners will gain insight into the importance of cybersecurity and the integral role of cybersecurity professionals. This course will provide a dynamic learning experience where users will explore foundational cybersecurity principles, risk management, attacks, detection, response and recovery of incidents.
Day 1: Cybersecurity Risks: Threats, Vulnerabilities and Attacks Day 2: Risk ManagementDay 3: Intrusion Prevention and Intrusion Detection Day 4: Incident Response and Business ContinuityDay 5: (Optional Test for Certification): Recovering from an Intrusion
Fundamentals of Information AssuranceGives an introduction to information assurance, describes the vulnerabilities of IT in infrastructures, as well as security threats faced by enterprise today. Based on the basic principles and strategies of information assurance, the course will also examine risk management, the development of security policies, guidelines, awareness programs, employment practice and policies, legal and ethical issues, as well as auditing IT security. Covers broad topics including contemporary issues in computer security, sources of computer security threats and appropriate reactions, encryption and decryption techniques: database security issues and solutions, network and distributed system security models, administering security. In all listed topics, the legal and ethical security issues with respect to information assurance is also given.
Network SecurityThis course examines advanced topics in network security, including: security risks and threats, security mechanisms across OSI model layers. Students will study the analysis of systems for vulnerabilities, the implementation of security procedures and the monitoring of systems for security breaches. Wireless network security will also be introduced.
Software SecuritySits at the intersection of computer security and software engineering. This course is designed to give students practical experience with building a software system and securing it. It covers tools, guidelines, rules, principles, and other resources for addressing security issues in every phase of the software development life cycle (SDLC). Students will engage in a significant group-programming project to develop a novel piece of software. Emphasis will be placed on the correctness and robustness of software, and on security as part of the software engineering process.
Fundamental of Information AssuranceThis course gives an introduction into information assurance, describes the vulnerabilities of IT infrastructures, as well as security threats faced by enterprises today. Based on the basic principles and strategies of information assurance, the course will also examine risk management, the development of security policies, guidelines, awareness programs, employment practice and policies, legal and ethical issues, as well as auditing IT security. It covers broad topics including contemporary issues in computer security, sources of computer security threats and appropriate reactions, encryption and decryption techniques; secure encryption systems; program security algorithms, trusted operating systems; database security issues and solutions, network and distributed system security models, administering security. In all listed topics the legal and ethical security issues with respect to information assurance is also given.
Foundations of PrivacyThis course covers diverse topics on privacy preservation including basic cryptographic techniques for privacy, homomorphic encryption techniques for privacy, database privacy, big data privacy, privacy in cloud, privacy in crowdsourced platforms, privacy in vehicular ad hoc networks, social networks, and location privacy. Privacy law and regulation will be also discussed. The emphasis of this course is given on both theoretical aspects and practical applications of privacy enhancing techniques.
CANADIAN INSTITUTE FOR CYBERSECURITY/ UNIVERSITY OF NEW BRUNSWICK: CYBERSECURITY ADVANCED LEARNINGS
14
15
Digital ForensicsThis course introduces digital forensics notions and methods. Students will gain a basic understanding and legal awareness of computer security and forensics, techniques used in the evidentiary process, various methodologies intrinsic to computer forensics with emphasis on computer incident response, and IT systems protection.
PrerequisitesCybersecurity Capstone Project 3 – This capstone project course provides students with an opportunity to apply the knowledge and skills acquired from the cybersecurity program coursework to a project involving a real-world industrial application. During the project, students engage in the entire process of solving a real-world cybersecurity project, from defining a realistic cybersecurity problem to applying suitable methodology for the design, development, and evaluation of an appropriate solution to the problem. Students will write a final report on their project, structured as a typical research paper.
Network SecurityThis course will provide both theoretical and practical information related to the teaching of students learning English as an additional language. Cryptanalysis and Database SecurityA practical survey of the principles and practice of information security. Topics include conventional encryption, asymmetric and symmetric cryptology, digital signatures, key exchange, authentication, viruses, worms, electronic mail security, network management security, the common criteria, and threat risk management. Software SecurityThis course sits at the intersection of computer security and software engineering. It is designed to give students practical experience with building a software system and securing it. It covers tools, guidelines, rules, principles, and other resources for addressing security issues in every phase of the software development life cycle (SDLC). Students will engage in a significant group-programming project to develop a novel piece of software. Emphasis will be placed on the correctness and robustness of software, and on security as part of the software engineering process.
18
Cybersecurity Analyst Diploma Program – Recognized by DND/CAF (66 Weeks)The Cybersecurity Analyst Program (CSA) prepares students for a career in many areas of Cybersecurity. These careers include: Cybersecurity Operator, Cybersecurity Analyst, Penetration Tester, Security Administrator, and other related Analyst, Tester and Specialist roles. Students will become skilled in the configuration of security devices, computers, routers, switches, operating systems, email, databases, applications, script development and secure coding practices. Additionally, students will be able to analyze, identify and document security vulnerabilities – and provide strategies for mitigating those vulnerabilities.All instructional material in this program is based upon industry standard certification requirements from well-known experts in the field such as: CompTIA, Cisco, Microsoft, The Linux Professional Institute and industry experts Sophos, Fortinet, Checkpoint and Sonicwall.In this program students will learn to:1. Securely deploy computers, operating systems,
networking hardware and applications.2. Securely deploy Windows servers, domains, roles and
services.3. Securely deploy Linux based servers and services.4. Securely deploy crucial services such as DHCP, DNS,
Access Policy and Authentication.5. Securely deploy crucial Microsoft business
infrastructure such as Exchange and SQL Server.6. Test for and identify system wide vulnerabilities and
provide documented evidence and suggestions for mitigating those vulnerabilities.
7. Deploy network security devices and apply industry best practices to strengthen security and mitigate vulnerabilities.
8. Think like a Hacker – and know a Hacker’s tools and methods of exploitation so countermeasures can be taken to secure against them.
The following sections provide details of the individual courses that comprise the CSA Program.
Computing Hardware and Host Based SecurityThis course will cover the hardware and software foundations utilized within a host based computing environment. Topics covered will include assembly, installation, configuration, upgrading and troubleshooting of PC based hosts. Students will develop “hands on” experience within a scenario based lab environment in order to identify software and hardware host based vulnerability issues and will execute industry best practice remediation procedures.This course is based upon material which covers CompTIA A+ Certification exam requirements. Network Architecture Design and OperationsThis course will provide students with foundational knowledge and skills required to configure, manage, and troubleshoot today’s wired and wireless network devices. This course will also provide students with an understanding of emerging technologies such as unified communications, mobile, cloud, and virtualization technologies. Within a lab environment students will design and implement a secure and trusted network infrastructure and will gain a solid understanding of network operations and management.This course is based upon material which covers CompTIA Net+ Certification exam requirements.
Windows Network Administration and Security I – Core Infrastructure –This course will provide students with the knowledge and skills to implement and secure a core Windows Server infrastructure including the configuration of networking services, virtualization, Active Directory, DNS, group policies, encryption and security. Students will also learn to administer and manage server accounts, network services, group policies and network security. Students will learn to apply best practices for vulnerability analysis and server hardening. Students will develop and implement several mitigation strategies including, administrative controls, server hardening, policy enforcement and privilege restriction.This course is based upon material which covers Microsoft Server Installation and Configuration Certification exam requirements.
WILLIS COLLEGE
16
Windows Network Administration and Security II – Active Directory ServicesThis course will provide students with the knowledge and skills necessary to administer and maintain a Windows Server 2012 infrastructure. These skills include things such as configuring and troubleshooting name resolution, user and group management with Active Directory Domain Services (AD DS) and Group Policy, implementing Remote Access solutions such as DirectAccess, VPNs and Web Application Proxy, implementing Network Policies and Network Access Protection, Data Security, deployment and maintenance of server images, as well as update management and monitoring of Windows Server 2012 environments.This course is based upon material which covers Microsoft Server Administration Certification exam requirements.
Windows Network Administration and Security III – Advanced ServicesThis course will provide students with the knowledge and skills to configure advanced services necessary to deploy, manage, and maintain a Windows Server 2012 infrastructure, such as advanced networking services, Active Directory Domain Services (AD DS), Active Directory Rights Management Services (AD RMS), Active Directory Federation Services (ADFS), Network Load Balancing, failover clustering, business continuity, and disaster-recovery services. This course also covers access and information provisioning, and protection technologies such as Dynamic Access Control (DAC), and Web Application Proxy integration with AD FS and Workplace Join.This course is based upon material which covers Microsoft Server Advanced Features Certification exam requirements.
Windows Application Security I – DatabasesThis course will provide students with the knowledge and skills to maintain and secure a Microsoft SQL Server database. The course focuses on teaching individuals how to use SQL Server product features and tools related to maintaining a database.This course is based upon material which covers Microsoft SQL Server Certification exam requirements.
18
Windows Application Security II – Messaging ServicesThis course will provide students with the knowledge and skills to plan, deploy, manage, secure, and support Microsoft® Exchange Server. This course will teach you how to configure Exchange Server and supply you with the information you will need to monitor, maintain, and troubleshoot Exchange Server. This course will also provide guidelines, best practices, and considerations that will help you optimize performance, minimize errors and security threats in Exchange Server.This course is based upon material which covers Microsoft Exchange Server Certification exam requirements.
Linux Systems Administration and SecurityStudents will acquire the fundamental knowledge and hands on experience with Linux systems architecture, package management, system services, file systems, administrative tasks, security, data, and accessibility. This course will provide students with advance level knowledge and “hands on” training with Linux device management, E-mail, network services, kernel compilation and Linux security. Within a Linux network lab environment, students will develop the required knowledge, skills and abilities to patch, secure and harden Linux infrastructure. Students will also be introduced to the various industry standard distributions of Secure Edition (SE) Linux.This course is based upon material which covers LPIC-1 Exam 1 Certification exam requirements.
Network Security Technology I – Routing & SwitchingIn this course the student learns network design and troubleshooting, routed and routing protocols, router configurations, LAN switching theory, virtual LANs, router and switch security, WAN theory and design and WAN technology.This course is based upon material which covers the Cisco CCNA certification.
Network Security and Unified Threat Management IIn this course students will gain the knowledge and understanding of commercial network security and Unified Threat Management (UTM) Solutions. Students will install and configure a live security environment implementing firewall policies, VPNs, virus detection, web filtering, application control, user authentication. Advanced level design threat management lab scenarios will include threat malware mitigation, firewall policies, SSL, IPsec and VPN tunneling.This course is based upon material which covers an industry partner certification exam requirements.
Network Security and Unified Threat Management IIIn this course students will gain the knowledge and understanding of commercial network security and Unified Threat Management (UTM) Solutions. Students will install and configure a live security environment implementing firewall policies, VPNs, virus detection, web filtering, application control, user authentication. Advanced level design threat management lab scenarios will include threat malware mitigation, firewall policies, SSL, IPsec and VPN tunneling.This course is based upon material which covers another industry partner certification exam requirements.
Cybersecurity Operations and Threat AnalysisAs attackers have learned to evade traditional signature – based solutions such as firewalls, an analytics-based approach within the IT security industry is increasingly important for most organizations. The behavioral analytics skills covered in this course will provide students with security skills to identify and combat malware, advanced persistent threats (APTs) across a broad attack surface. Trained within an operational style lab environment students will develop the required skills perform, network reconnaissance, threat identification, threat mitigation, vulnerabilities analysis, security incidents investigation, security issues monitoring and cybersecurity threat analysis.This course is based upon material which covers CompTIA CySA+ Certification exam requirements.
19
Hands-On Ethical Hacking and Network DefenseThis course will provide students with knowledge and hands on skills in Ethical Hacking, Red Team / Blue Team and Cyber Defense Counter Measures. With exposure to various live lab attack scenarios, students will gain a solid understanding of Hacker attack vectors, techniques, methodologies and tools. Working within Blue Teams / Red Teams, students will participate in complex threat scenarios with a focus on Foot Printing and Reconnaissance, Social Engineering, Network Scanning, Enumeration and Cryptography.Through secure live lab simulations you will “Hack to Learn” in order to better understand and defend against the “Hacker Mindset”. Real world attack simulations include: System Hacking, Denial of Service and Session Hijacking, Web Application & Server Attacks, SQL injections, Wireless & Mobile Hacking, Evasion of IDS & Firewalls & Honeypots and offensive security tactics. Upon completion of this course you will possess the necessary knowledge and skills within the domain of Hacking and Penetration Testing.This course is based upon material which covers industry standard certification exam requirements.
Cybersecurity Leadership SkillsThis module will provide students with a framework that will assist them in the development of the required blend of technical knowledge and soft skills needed to be competitive upon entering the labour market. Students will be introduced to helpful tools, online resources and methodologies that will be useful throughout their IT Career.
22
OULTON COLLEGE
The Systems Management & Cybersecurity Program prepares you for a rewarding career using the latest technologies, managing network systems and their security. Through a series of real-life projects and hands-on activities, our Systems Management & Cybersecurity Program gives you the essential skills you need to succeed in this booming field.
Career Possibilities ▪ Network Administrator ▪ Systems Manager ▪ Quality Assurance Specialist ▪ System Analyst ▪ Cybersecurity Specialist
Program OutcomesFollowing successful completion of this program, the student will be able to: ▪ Network Infrastructure ▪ Networking Essentials ▪ Hacker Techniques ▪ Active Directory ▪ Hardware Fundamentals ▪ Windows Server 2008 ▪ Linux, Cisco Router ▪ Microsoft Technologies ▪ Cloud computing ▪ Office 365 configuration
CertificationUpon successful completion of the prescribed curriculum, the student will receive Oulton’s College Systems Management & Cybersecurity Diploma Program.
Additional Information:You will receive individual attention from qualified instructors, allowing you to tap into their industry insight. You’ll be certified to work with Windows Server 2012, Linux, and Cisco Routers. You’ll also be trained in hacker techniques, exploits, and incident handling/security.You can quickly dive into this in-demand field after only 10 months. Our graduates often get hired by the company where they did their practicum placement.Our Systems Management & Cybersecurity Diploma program provides hands-on practical experience and training in: ▪ Hardware: how to recognize, clean, handle, install,
diagnose and understand the different functions of various hardware components.
▪ Operating Systems: preparing computers for various operating systems deployment and ensuring optimal performance and security.
▪ Networks: understanding Internet, Intranet and extranet, VPN, Security, Firewalls, LANs, WANs and wireless networking.
▪ Network Hardware. ▪ Active Directory Domain Services. ▪ Windows Server 2012-2016, Linux and Cisco Routers. ▪ Security and Defense from Hacking. ▪ Cybersecurity – common attacks and how to prevent
them, how to deal with cybersecurity threats, and how to keep your systems secure.
▪ Cloud computing. ▪ Office 365 administration and configuration.
A Practicum placement is included and gives you 4-weeks of real experience in your area of study. You’ll be able to apply the skills learned in class and put valuable experience on your resume.If you love computers and keeping up to date with the latest technologies, if you have a good attention to detail, an analytical mind and enjoy challenges, then our Systems Management & Cybersecurity Program may be just the program for you.
Duration of Program:Program term is from September – July, plus a 4-week practicum
20
21
Admissions Requirements ▪ Grade 12 Diploma, Adult Diploma or GED. ▪ Meeting with an Admissions Advisor. ▪ Acceptance by the Admissions Committee. ▪ Completion of the Pre-Enrollment Package.
Unless they have completed a minimum of three years of study at a school where English is the language of instruction, international students whose first language is not English must submit proof of English language proficiency: ▪ CAEL – 70 ▪ IELTS – 7.0 ▪ TOEFL – 550 paper based, 270 computer based ▪ MELAB – 90
Course Descriptions:
BUS 150 – Introduction to Business for Systems Management – TBDThis course focuses on basic workplace skills. The students will be exploring the general concepts of communication, management and the role IT / technology plays within an organization. The student will learn to apply practical skills such as soft skills and will have a greater understanding of team dynamics through practical project and role play.
SMC 100 – Introduction to Hardware – 94.5 hoursThis course introduces students to the functions of the hardware involved with modern PC, laptop and mobile devices found in a small or home office. Students will learn Installation, Configuration, and Upgrading of standard hardware, Diagnosing and Troubleshooting problematic components, and how to perform Preventive Maintenance. Students will be introduced to the considerations of the physical aspects of cybersecurity. ▪ This module, in combination with Introduction to
Software (SMC 101) and self-directed study, is designed to help prepare students who wish to, challenge for CompTIA’s A+ certification exams (220-901 and 220-902).
SMC 101 – Introduction to Software – 98 hoursThis module introduces students to the world of computer operating systems and the software that they run. Focus will be aimed at preparing students to support Windows 7/8/10 client systems, as well as OSX and Linux desktop clients in a home or office environment. The primary goal of this module is to ensure students can preparing computers for operating system deployments, using the built-in administrative utilities to optimize performance and security from the operating system and the ability to recognize problems and recover from them effectively. Students will become skilled at performing troubleshooting using command line and graphical utilities ▪ This module, in combination with the Introduction to
Software module (SMC 101) and self-directed study, is designed to help prepare students who wish to, challenge for CompTIA’s A+ certification exams (220-901 and 220-902).
SMC 102 – Introduction to Networks – 105 hoursThis module provides students with in-depth coverage of fundamental network concepts that are used for the remainder of the program. Students will cover network devices, protocols and applications, and be able to describe how they relate to industry models such as the ISO and TCP models. Students will be able to design, diagram and accurately configure IPv4 and IPv6 addressing within a local area network, and be able to explain the purpose and function of the host and network ID, the subnet mask and how to work with DHCP to automate configuration. Students will be exposed to the functions of common protocols such as DHCP and DNS, and be required to identify the port(s) that the protocols operate on. Students will work with and be able to use troubleshooting tools such as PING, TRACERT, IPCONFIG AND NETSTAT to diagnose and resolve common issues. Students will work directly with a variety of hardware and be able to describe their purpose and their functions (and limitations) including switches, hubs and routers, as well as a variety of network media types including cabling and wireless hardware. ▪ This module, in combination with self-study and guided
focus will help prepare students who choose to do so to write their CompTIA Network+ certification exam.
22
SMC 103 – Cloud Technologies – 24.5 hoursStudents will learn the fundamental technologies of cloud environments, including cloud computing concepts. Students will learn about cloud providers, focusing on Amazon Web Services, Google, and Azure services. Students will each be given ownership of a working DNS domain for their purposes, using it to provide access to Web and Email services that they will provision and configure from scratch using the Amazon Web Services infrastructure. Students will focus on building and maintaining an infrastructure that would be provided to a developer.
SMC 105 – Windows Client – 70 hoursThis course is designed to build on the concepts introduced in Introduction to Software (SMC 101) and provide a deep dive into Windows Client Configuration. Students will cover the clean install and upgrade process from prior versions of Windows, perform installation and management of software and devices, discuss Windows specific security methods including patching methods, firewall configuration, file-level access controls, and perform disaster recovery preparation and techniques.
SMC 106 – Introduction to Cybersecurity – 98 hoursThe Cybersecurity Essentials course develops foundational understanding of cybersecurity and how it relates to information and network security. The course introduces students to characteristics of cyber-crime, security principles, technologies, and procedures to defend networks. Through interactive, multimedia content, lab activities, and multi-industry case studies, students build technical and professional skills to pursue careers in cybersecurity.
SMC 201 – Windows Server – 42 hoursThis course prepares students to install and configure Windows Server 2012 and 2016 in an enterprise network environment. Students will become familiar with configuring Windows Server 2016 to host network services and administering a Windows server/client infrastructure.This module is designed to help prepare students for the challenge of the Microsoft Technology Associate (MTA) exam for Windows Server Administration Fundamentals (98-365).Students will demonstrate understanding of various topics through completion of in-class lab work, hands-on projects and computer-based testing. Content will be delivered using a combination of computer-based training, in-class lectures, self-guided reading and study.
SMC 202 – Office 365 Administration – 94.5 hoursThis course will introduce students to the common and advanced-level management and administrative tasks for organization using Office 365. Students will gain the skills to become an Office 365 generalist who can work with the entire stack and not just specific products. Students will be able to implement secure enterprise-level services into an organization, no matter the size of the business. Students will challenge the MTA 98-369 (Cloud Fundamentals) exam during this course.
SMC 203 – Cybersecurity – 63 hoursThis course will build on the security concepts that have been introduced through the program. We will recap the fundamentals of networking protocols and networking device types, network security devices and cloud services, security principles, access control models, security management concepts and techniques, fundamentals of cryptography and PKI and the essentials of Virtual Private Networks (VPNs) before moving into more advanced topics of OS analysis, endpoint security and monitoring. Students will be introduced to attack types and security evasion techniques as pre-requisite for the upcoming Penetration Testing with Kali Course (SMC 206). The concepts covered in this course are a foundation being laid for the more advanced course Cisco: CyberOps (SMC 204). In this course students will also challenge the MTA 98-367 (Security Fundamentals) exam.
25
SMC 204 – Cisco: CyberOps – 63 hoursThis course is designed to further the concepts covered in previous courses, and introduce advanced topics such as threat, intrusion, data and event analysis; introductory forensic concepts and practices; and incident response teams, categories and procedures. This course requires a strong understanding of the materials covered in the Cybersecurity (SMC 203) course and should help prepare students to challenge the Cisco 210-255 (SECOPS) Exam.
SMC 205 – Linux Fundamentals – 108 hoursThis course is designed to build on the fundamental concepts covered in previous modules and expose students to the commands and utilities used in future modules so that they are familiar with the usage and syntax of command line utilities used in the Cybersecurity (SMC 203), Cisco: CyberOps (SMC 206) and Penetration Testing with Kali Linux (SMC 206) courses. We will review the basic system architecture, installation, and management; Understand commands, devices, and file systems; Utilize shells, scripting, and data management techniques; Navigate user interfaces, desktops, and essential system services.
SMS 206 – Penetration Testing with Kali – 64 hoursThis cybersecurity course takes the concepts learned in the rest of the program and provides the students with the opportunity to explore network vulnerabilities through penetration tests using Kali.
SMS 300 – Practicum – 4 weeksAt the conclusion of the coursework, qualifying students will have the opportunity to undertake a 4-week practicum placement with a business in the community. You’ll be able to apply the skills learned in class and put valuable experience on your resume.
26
The Web & Mobile Development Program will give you advanced programming skills along with Web and database design, and application development to enhance your marketability in today’s labour force. You will learn the most in-demand technical skills in creating and building websites, while giving you a strong background in developing apps for mobile devices.
Career Possibilities: ▪ Computer Programmer ▪ Website Developer ▪ Applications Developer ▪ Database Creation
Program Outcomes:Following successful completion of this program, the student will be proficient in: ▪ Microsoft.NET ▪ HTML5 ▪ CSS3 ▪ JavaScript ▪ PHP ▪ C# ▪ MySQL ▪ Microsoft SQL Server ▪ Advanced Computer Programming ▪ Java Core Programming ▪ Android App Development ▪ Web Design and Programming ▪ Database Design and Implementation ▪ Professional Development
Certification:Upon successful completion of the prescribed curriculum, the student will receive Oulton’s College Web & Mobile Development Diploma.
Admissions Requirements ▪ Grade 12 Diploma, Adult Diploma or GED. ▪ Meeting with an Admissions Advisor. ▪ Acceptance by the Admissions Committee. ▪ Completion of the Pre-Enrollment Package. ▪ Unless they have completed a minimum of three years
of study at a school where English is the language of instruction, international students whose first language is not English must submit proof of English language proficiency:
▪ CAEL – 70 ▪ IELTS – 7.0 ▪ TOEFL – 550 paper based, 270 computer based ▪ MELAB – 90
Additional Information:You can earn your diploma in less than one year and join this booming and exciting field quickly. Our graduates often get hired by the company where they did their practicum placement.Our Web & Mobile Development Diploma Program provides hands-on practical experience and training in: ▪ Web Design: using HTML5, CSS3, JavaScript and
jQuery. ▪ Building Web Applications: using PHP and MySQL. ▪ Database Design: techniques to build a good server
database and how to query, implement and maintain a database using SQL (Structured Query Language).
▪ Developing Enterprise Web Solutions: using the Microsoft Visual Studio® .NET environment and the Microsoft .NET platform to create an ASP.NET Web application that delivers dynamic content to a website.
▪ Programming using Java: building fundamental object-oriented programming skills.
▪ Android App Development: leveraging Java skills to build Android Apps.
An on-the-job placement is included and gives you 4-weeks of real experience in your area of study. You’ll be able to apply the skills learned in class and put valuable experience on your resume.If you love computers and keeping up to date with the latest technologies or if you have an eye for Web design, then our Web & Mobile Development Program may be just the program for you.
24
25
Duration of Program:September – July.
Course Descriptions:
Web Design using HTML5, CSS3, JavaScript and jQueryThe goal of this course is to provide an introduction to Internet technologies, HTML and programming. Students will learn about HTML5 and how to incorporate its features in web pages and applications. They will learn the basics tags to format and align text, create lists, use images, hyperlinks, tables and HTML forms as well as advanced topics like layouts, offline support, geolocation, audio and video, graphics, communication APIs, storage, and new JavaScript web-workers. Students will also learn how to use Cascading Style Sheets (CSS) techniques to layout and design web sites.
Data Modeling and Relational Database DesignThe goal of this course is to introduce the environment and functionality of a Database Management System. The students will learn how to develop effective database designs using Entity Relationship Diagrams and normalization techniques. They will be given a specification for a database modeled on a real-world system.
Querying and Programming Microsoft SQL Server 2016The goal of this course is to provide students with the technical skills required to write basic Transact-SQL queries for Microsoft SQL Server™ 2016.
26
Building Web Applications using PHP and MySQLThis course provides an introduction to the PHP Web scripting language. Students will have basic understanding of the web technology and be able to architect, write, debug, and run complete web applications using PHP and MySQL.
Object Oriented Programming Using JavaThis module is designed to help the student develop the building blocks needed to develop professional Java Applications.Students will learn how to install and configure the JDK and how to install and use the Java documentation (API).Students will then take up the subject of class design in a systematic fashion using a simple subset of the UML notation. Key Object-Oriented concepts will then be covered including interfaces, polymorphism, and Inheritance/super classes.The Inheritance concepts will be further investigated as students gain an understanding of Exception handling and basic file input/output. The Java Collection classes, including Linked – Lists, Maps, and Hash tables will be reviewed as more complex and functional alternatives to simple arrays. Finally, students will access and use databases in their Java applications. Building Android Applications using JavaOnce the foundational Android knowledge is gained, students will enhance their applications to include the use of Layouts and controls, incorporate audio and video in an application, and take advantage of the various sensors Android devices are equipped with. Students will also learn how to save and load data from local file storage on the device, implement context menus and use the action bar, and add dialogs that give the user information or the opportunity to supply data to the application.The students will also add in their knowledge of Databases to add data persistence to their applications through the use of the built-in Android SQLite database engine.The end of the module will have the students putting their newly acquired skills to use in the form of a personal or group project composed of building a fully functioning Android application that could optionally be put up on the Google Play store.
Building Web Applications with ASP.NET Core MVC using Microsoft Visual Studio 2017This course will teach the fundamentals of the C# Programming for building ASP.NET Core Web Applications. Throughout the class students will learn about core MVC concepts such as Model classes, Views and Controllers. Students will also see how routes are used and how they can be customized, writing custom razor helpers and templates, and learn how to validate data using data annotations. Along with core MVC concepts students will also learn how to query databases using Entity Framework as well as writing LINQ queries. Finally, students will learn how client-side technologies such as jQuery, AJAX and AngularJS can be used to interact with RESTful services created using ASP.NET Core Web API.
Introduction to Business for Web DevelopersThis course focuses on basic workplace skills. The students will be exploring the general concepts of management and the role IT / technology plays within small and large organizations. The student will learn to apply practical skills, including soft skills, and will have a greater understanding of team dynamics through practical project and case analysis.
29
30
CYBERNB.CA
