Training course - Enterprise network security

Teaching objectives

At the end of the course, participants will be able to :

• Understand network threats and their security implications.
• Implement effective prevention and detection measures.
• Develop and apply security policies tailored to your organization.
• Respond to incidents and ensure continuous monitoring.

Introduction to network security

This first part lays the foundations for understanding network threats and their security implications.

Topics covered

• Introduction
• Internal pentest tools
• Using Wireshark

Network threats and vulnerabilities

This section is the heart of the course. Participants will learn how to identify, understand and exploit the various threats and vulnerabilities associated with corporate networks.

Topics covered

• Malware (Ransomware, viruses, worms...), antivirus and EDR
• Denial of service
• Man In The Middle (ARP Spoofing, DHCP Spoofing, DNSspoofing)
• Vulnerable components (lack of updates), update tracking plan
• Poor security configurations
• Social engineering (Phishing, Vishing...)
• Wifi attacks and best practices
• Lack of segmentation, firewall...
• Device threats (BYOD, visitors...)
• IDS/IPS detection and implementation (Snort, Suricata)
• Active Directory attacks (mapping, tools, exploitation)
• Use of Wireshark
• VPN
• Password management (MDA, manager)
• Attacks on authentication protocols: NTLM relay, pass-the-hash, Kerberoasting
• VLAN security
• Lack of logging and alerts
• Vulnerable network protocols (LLMNR, NetBIOS, SMBv1...)

Setting up a network security policy

The aim of this section is to teach participants how to develop and apply security policies tailored to their organization, focusing on best practices and effective prevention and detection measures.

Topics covered

• Identifying needs and risks
• Defining security rules
• Implement protective measures
• Establishing incident monitoring and response
• Train and sensitize users
• Document and audit regularly
• Manage third parties and governance

Pedagogical approach

The training is based on a very practical approach, with :

• live demonstrations
• guided exercises
• hands-on labs
• realistic operating scenarios

Participants will work on a deliberately vulnerable application, reproducing situations encountered during real security audits.

Requirements

This course can be run either face-to-face or remotely, depending on participants' needs and constraints. Practical exercises require the use of a virtual machine or a secure laboratory environment, which will be provided to participants.

Target audience

This course is primarily aimed at developers, system administrators, security managers/IT directors and cybersecurity consultants.

Prerequisites

Basic knowledge of web development is recommended for this course.

How to access

You can register for the course online or after an interview by videoconference.

Access time

Access to training generally takes 2 to 4 weeks, depending on participants' availability and the organization of the session.

Accessibility

As the training is mainly distance learning, it is accessible to people with reduced mobility. In the case of face-to-face training, it will take place on premises accessible to people with reduced mobility.

Supervision

Training is provided by a cybersecurity expert with almost 10 years' experience in offensive cybersecurity.

Educational follow-up

Course materials in PDF format will be provided to learners. In addition, online cybersecurity training platforms will be used.

Follow-up

Daily online registration will be carried out to track participants' attendance.

Results tracking

At the end of the course, learners will take a multiple-choice test to validate their learning.