Link to SkillBridge's Facebook page Link to SkillBridge's Twitter page Link to SkillBridge's LinkedIn page

Key Roles include

 

System administrators

System administrators design and implement computer systems that run a given operating system in a secure manner. They are also responsible for the continued secure operation. When security measures fail, they assist in containment and other parts of incident response. They need to know how to securely configure and run the operating system (OS). They also need to understand how the OS protects the applications running on it. They should know the options for intrusion prevention, detection, and at least the basics of intrusion response. Knowing how attackers find and exploit vulnerabilities is an asset.

Network administrators

Network administrators design and implement computer networks that provide communication between computers on the same or different networks. They are also responsible for firewalls and other network infrastructure required for properly enforcing security policies. They should know the options for network-based intrusion prevention and detection. When security measures fail, they assist in containment and other parts of incident response. They need to know how to configure network infrastructure devices for security and how to isolate parts of a network. Knowing how attackers find and exploit vulnerabilities is an asset.

Penetration testers

Penetration testers (also known as ethical hackers or a red team) test existing systems, looking for vulnerabilities. The goal is to find problems before the attackers do. They need to know how software fails and how attackers think.

Auditors

Auditors (for PCI or other security requirements or regulations) compare systems and networks to standards, rules, and/or regulations that apply to security. They need to understand the requirements for the audited systems and be able to understand where the systems meet or exceed the requirements and where they are deficient. This knowledge needs to be more than a superficial checkbox-security level.

Managers of cloud systems

Managers of cloud systems are similar to system and network administrators, but they are responsible for virtual system servers instead of physical systems. They need to know the virtual system operational security issues in addition to the physical system issues.

Incident handlers and responders

Incident handlers and responders deal with reports of possible security breaches and determine if the breach is real. For actual security problems, they are then involved in analyzing intrusions, containment, cleanup, and possibly identifying the root cause of the problem.

Forensics experts

Forensics experts deal with tracking security breaches back to the root cause. They might also be responsible for reverse engineering malware. To do their jobs, they need to know all of system and network administration topics, as well as be well-versed in computer architecture and secure software engineering and testing. They also need to know how attackers think and find vulnerabilities.

 

 

 

 

 

Secure Systems
Operations

Courses

 

Threat Models and attackers

This class introduces security for all people in the SDLC. It starts with a short discussion of the meaning of security in software systems and security in the SDLC and then covers threat models, what they contain, the business effects of an exploit, and a high-level discussion of risk analysis. It also covers how attackers find and exploit vulnerabilities and classes of vulnerabilities. The class also provides examples of what attackers can do when they exploit various vulnerabilities All examples are real vulnerabilities that have occurred or are based on real vulnerabilities. Students in this class will develop a threat model and explore vulnerability classes including performing a few simple exploits to see how easy they are.

Secure system administration on Gnu/Linux

This class is intended for students who want to learn how to configure Gnu/Linux systems to be secure, test the security of systems, and/or and manage the system more securely.

Secure system administration on Microsoft Windows

These OS-specific classes go over the details that sysadmins need to know to manage systems securely. Topics covered include user privileges, file access control, controlling active services, understanding the memory protection between processes, network communication and bandwidth limits, and intrusion detection systems.

Secure network administration

This class goes over the how security applies to all of the layers in the ISO model of networking. It also covers filtering traffic, isolating network segments, and the basics of network-based attacks and how to mitigate the threats.

Introduction to security testing

This class introduces students to techniques for security testing of software systems. They learn about techniques such as static and dynamic analysis, fuzz testing, and black-and white-box testing. They learn some of the major vulnerability classes and the basics of how to test for them. Students test real and simulated systems to reinforce the concepts.

Penetration testing (ethical hacking)

This class takes up where the introduction stops. This class covers all of the major vulnerability classes and testing techniques and tools for finding them. Students learn how attackers approach a target and what they can easily learn about it. Students test real and simulated systems to find and exploit vulnerabilities. They work with tools such as intercepting proxies, and Metasploit.

Cryptography and security

This class covers the fundamental cryptographic concepts and protocols, including digital signatures and public key infrastructure (PKI). It emphasizes that simply using cryptography does not make a system secure, and that students should never develop their own cryptographic algorithms and protocols. Beyond covering the basics, this class also discusses various problems and how existing cryptographic solutions can be applied to improve security and mitigate threats. Students work with cryptographic systems and use them to solve problems.