Training course - The fundamentals of cybersecurity

Objectives

• Understand the fundamental concepts of cybersecurity, the types of threats and the challenges of IT security.
• Identify common vulnerabilities and understand the attack techniques used by cybercriminals.
• Learn best practices for securing information systems and protecting data against threats.

Introduction to web cybersecurity

• Introduction to cybersecurity and its legal aspects
• Regulations: RGPD NIS2 HDS
• Governance and cybersecurity
• Corporate cybersecurity strategies
• ISMS and FMECA risk management
• Ethical hacking

Vulnerabilities and common attacks

Identify common vulnerabilities and understand the attack techniques used by cybercriminals:

• Pentester tools
• The notion of vulnerability
• The Web
• The OWASP Top 10
• Web pentest tools
• Cross-Site Scripting (XSS) vulnerabilities
• Upload vulnerabilities
• SQL injections
• System command injections
• Malware
• Example of a major vulnerability: EternalBlue (demonstration)
• Authentication and session security
• ManInTheMiddle attacks
• Active Directory misconfiguration and best practices
• Social engineering (phishing, vishing, smishing)
• WIFI security
• Cloud security
• Denial of service

Good security practices

Learn best practices for securing information systems and protecting data against threats:

• Kernel protections
• Linux Hardening
• Lack of detection and implementation of IDS-IPS
• VPN
• Lack of segmentation
• Peripheral threats
• Backup and traceability
• Data and physical security
• Forensics
• Identifying needs and risks
• SOC and SIEM
• Preventive approach and crisis management
• CERTs
• Security policy

FAQ

What will I leave with at the end of the course?

You'll be provided with the complete course material in PDF format, as well as additional resources to continue your learning.

How practical is the training?

Yes, the course is hands-on, with numerous exercises and pentesting sessions in secure environments.