Détails
- 21 Sections
- 63 Lessons
- 5 Days
Expand all sectionsCollapse all sections
- Overview of ICS2
- 1.1Processes & Roles
- 1.2Industries
- Purdue Model6
- 2.1Levels 0 and 1 : Controllers and Field Devices
- 2.2Levels 0 and 1 : Programming Controllers
- 2.3Levels 2 and 3 : HMIs, Historians, Alarm Servers
- 2.4Levels 2 and 3 : Specialized Applications and main Servers
- 2.5Levels 2 and 3 : Control Rooms and Plants
- 2.6Levels 2 and 3 : SCADA
- IT & ICS Differences1
- 3.1ICS Life Cycle Challenges
- Secure Network Architectures for ICS1
- 4.1Design example
- ICS Attack Surface4
- 5.1Threat Actors and Reasons for Attack
- 5.2Attack Surface and Inputs
- 5.3Vulnerabilities
- 5.4Threat/Attack Models
- Level 0 and 15
- 6.1Attacks Schemes
- 6.2Control Things Platform
- 6.3Technologies
- 6.4Fieldbus Protocol Families
- 6.5Defenses
- Ethernet and TCP/IP5
- 7.1Ethernet Concepts
- 7.2TCP/IP Concepts
- 7.3ICS Protocols over TCP/IP
- 7.4Wireshark and ICS Protocols
- 7.5Attacks on Networks
- Enforcement Zone Devices3
- 8.1Firewalls and NextGen Firewalls
- 8.2Data Diodes and Unidirectional Gateways
- 8.3NIDS/NIPS and Netflow
- Understanding Basic Cryptography2
- 9.1Crypto Keys
- 9.2Encryption, Hashing, and Signatures
- Level 2 and 34
- 10.1Historians and Database
- 10.2HMI and UI Attacks
- 10.3Web-based Attacks
- 10.4Password Defenses
- Wireless Technologies3
- 11.1Satellite and Cellular
- 11.2Mesh Networks and Microwave
- 11.3Bluetooth and Wi-Fi
- Wireless Attacks and Defenses2
- 12.1Risks of Wireless
- 12.2Sniffing, DoS, Masquerading, Rogue AP
- Patching ICS Systems2
- 13.1Patch Decision Tree
- 13.2Vendors, CERTS, and Security Bulletins
- Defending IT Systems4
- 14.1Microsoft : Windows Services
- 14.2Microsoft : Windows Security Poolicies and GPOs
- 14.3Linux : Differences with Windows
- 14.4Linux Daemons, SystemV, and SystemD
- Endpoint Protection and SIEMS3
- 15.1Application Runtime and Execution Control
- 15.2Configuration Integrity and Containers
- 15.3Logs in Windows and Linux
- Event Logging and Analysis2
- 16.1Windows Event Logs and Audit Policies
- 16.2Syslog and Logrotate
- Internet connectivity2
- 17.1Honeypots
- 17.2Attacks on the perimeter
- ICS Cybersecurity Programs3
- 18.1Starting the Process
- 18.2Frameworks: ISA/IEC 62443, ISO/IEC 27001, NIST CSF
- 18.3Using the NIST CSF
- ICS Cybersecurity Policy3
- 19.1Policies, Standards, Guidance, and Procedures
- 19.2Culture and Enforcement
- 19.3Examples
- Measuring Cybersecurity Risk2
- 20.1Quantitative vs Qualitative
- 20.2Traditional Models
- Incident Response4
- 21.1Digital forensics
- 21.2Key focus
- 21.3Key sources
- 21.4Analyze digital evidence
