Real-Time Cyber Threat Detection and Mitigation
This course introduces real-time cyber security techniques and methods in the context of the TCP/IP protocol suites. Explanation of some basic TCP/IP security hacks is used to introduce the need for network security solutions such as stateless and stateful firewalls. Learners will be introduced to the techniques used to design and configure firewall solutions such as packet filters and proxies to protect enterprise assets. Perimeter solutions such as firewalls and intrusion prevention systems are shown to have significant drawbacks in common enterprise environments.
Monthly Subscription Starting at AED 99 + VAT
- Level Professional
- Duration 15 hours
- Course by New York University
-
Offered by
About
This course introduces real-time cyber security techniques and methods in the context of the TCP/IP protocol suites. Explanation of some basic TCP/IP security hacks is used to introduce the need for network security solutions such as stateless and stateful firewalls. Learners will be introduced to the techniques used to design and configure firewall solutions such as packet filters and proxies to protect enterprise assets. Perimeter solutions such as firewalls and intrusion prevention systems are shown to have significant drawbacks in common enterprise environments. The result of such weakness is shown to often exist as advanced persistent threats (APTs) from nation-state actors. Such attacks, as well as DDOS and third-party attacks, are shown to have potential solutions for modern enterprise.Modules
Module 1
-
13
Videos
13
Videos
- Introduction: What You Will Learn from This Course on Cyber Security
- Assignments and Reading
- Security Through Obscurity
- TCP/IP Evolution and Security
- TCP/IP Overview
- IP Spoofing
- TCP Sequence Number Attack
- Packet Flooding
- Packet Sniffing
- SYN Packets for Access Control
- Definition of a Firewall
- Firewall: Stateful versus Stateless
- Interview: John Viega
Module 1 Assignments
-
5
Readings
-
1
Assignment
1
Assignment
- Module 1 Quiz
5
Readings
- Required: “Network Firewalls,” Steve Bellovin and Bill Cheswick
- Required: “Introduction to TCP/IP Network Attacks,” Guang Yang
- Video: “Hacking DNS,” Eli the Computer Guy
- Suggested: Introduction to Cyber Security, Edward Amoroso and Matthew Amoroso, (Ch. 17 - 18)
- Suggested: TCP/IP Illustrated Volume 1 (2nd Edition), Kevin Fall and W. Richard Stevens, (Ch. 17 – 18)
Module 2
-
12
Videos
12
Videos
- Assignments and Reading
- Packet Filtering
- Sample Packet Filtering and Reference Architecture
- Default Firewall Block
- Firewall Rules to Allow Outbound Web Browsing
- Firewall Rules to Allow Telnet and Other TCP Services
- Establishing Corporate Policy Rules
- FTP Protocol
- Firewall Rules for FTP
- Application Proxy Filtering
- Forward and Reverse Proxies
- Interview: Roger Piqueras Jover
Module 2 Assignments
-
4
Readings
-
1
Assignment
1
Assignment
- Module 2 Quiz
4
Readings
- Required: “Anomaly-based Network Intrusion Detection: Techniques, Systems, and Challenges.”
- Required: “Intrusion Detection via Static Analysis,” Wagner and Dean
- Video: “How Does Intrusion Prevention Systems Work,” 2013 - SourceFire
- Suggested: Introduction to Cyber Security, Edward Amoroso and Matthew Amoroso, (Chapters 19 - 20)
Module 3
-
11
Videos
11
Videos
- Assignments and Readings
- Firewall Architectures (Part 1)
- Firewall Architectures (Part 2)
- Management by Exception
- System Auditing
- Basics of Intrusion Detection
- Signature Versus Behavioral Detection
- IDS Versus IPS
- Design of SIEM
- Design of a SOC
- Interview: Dino Dai Zovi
Module 3 Assignments
-
4
Readings
-
1
Assignment
1
Assignment
- Module 3 Quiz
4
Readings
- Required: “An Evening with Berferd,” Bill Cheswick
- Required: “IDES Model,” Dorothy Denning
- Video: “DEFCAMP 2015 – Building a Security Operations Center,”
- Suggested: Introduction to Cyber Security, Edward Amoroso and Matthew Amoroso, (Ch. 21 - 22)
Module 4
-
12
Videos
12
Videos
- Assignments and Reading
- Practical Limitations of Perimeter
- APT Schema Through Perimeter Holes
- Third Party Security
- Target APT Attack
- Large Government Agency Attack
- Layer 3 DDOS Protection
- Layer 7 Application Level DDOS Risk
- Large Financial Website DDOS Attacks
- Network Security Industry Overview
- Interview: Ray Cheng - Pt. 1
- Interview: Ray Cheng - Pt. 2
Module 4 Assignments
-
4
Readings
-
1
Assignment
1
Assignment
- Module 4 Quiz
4
Readings
- Required: “Evolution of the Zero Trust Model for Cybersecurity,” Ed Amoroso, IEEE
- Required: “A Study of Advanced Persistent Threats,” Chen, Desmet, and Huygens
- “Implementing Zero Trust,” Ed Amoroso, 2018
- Suggested: Introduction to Cyber Security, Edward Amoroso and Matthew Amoroso, (Ch. 23 - 24)
Final Quiz: Selecting Security Migrations for Network Cyber Attacks
-
1
Readings
-
1
Assignment
1
Assignment
- Select the Best Migration Choice:
1
Readings
- Quiz Directions
Auto Summary
Enhance your cyber security skills with Coursera's "Real-Time Cyber Threat Detection and Mitigation." This professional-level IT course dives into TCP/IP security, firewall design, and intrusion prevention. Over 900 minutes, learn to counter advanced threats like APTs and DDOS attacks. Available through Starter and Professional subscriptions, it's ideal for IT professionals seeking to fortify enterprise networks.
Dr. Edward G. Amoroso