Certify Workshop Cybersecurity for Industrial Environments and Critical Infrastructures

Speak without obligation to Vester Industrial Training Center

To contact you must accept the privacy policy

Comments about Certify Workshop Cybersecurity for Industrial Environments and Critical Infrastructures - At the institution - Madrid - Spain

  • Course description
    Certify Workshop Cybersecurity for Industrial Environments and Critical Infrastructures.

    Cybersecurity training and consulting aimed to all levels of the organization: awareness, analysis, implementation, evaluation and actions monitoring.

    Learn the basics notions, attacks types, anti-intrusion systems application and IT security control and diode firewalls.

    Duration: 3 days (24 hours / 8 hours a day)
    Schedule: 9:00h – 17:00h
    Dates:

    16-18 October - Cybersecurity - Madrid
    23-25 October - Cybersecurity - Manchester

    General Description:  

    Three-day workshop designed with the aim of learning the general concepts of Cybersecurity at Industrial Environments and Critical Infrastructures, as well as its most important aspects and the basic protection against attacks.
    The workshop includes a theoretical part, followed by a practical part. At the end of the training, the student will be provided with free software with all the test tools used during the three days training.

    At the end of the course, the student will have the theoretical and practical knowledge to:

    • Evaluate threats and audit their monitoring and control systems. 
    • Obtain a list of critical points and their direct relationship with the applied countermeasures.
    • Protect the most critical points of your installation and know what to do with the least critical ones. 
    • Install and / or configure protection equipment with physical access.


    General Objective:

    • Anti-intrusion systems application, computer security control and equipment firewall. 
    • Provide a general overview of the most important concepts associated with ​​industrial cybersecurity. 
    • Analyze the main vulnerabilities and threats that may be experienced at industrial environments. 
    • Know the different types of hacker attacks that can be carried out on an OT network or a critical infrastructure. 
    • Describe the main countermeasures that can be included to fortify industrial networks and protocols. 
    • Provide recommendations and practical advice to strengthen the company’s industrial systems and networks.
    • Introduce the main standards and/or the current and future laws regarding the implementation of said countermeasures.


    Aimed at:

    This workshop is designed to train technicians and engineers involved in the protection of critical industrial systems and the security measures implementation for PLC / SCADA / MES environments. 
    It is mainly aimed at technical personnel involved in the design of architectures, installation, configuration, maintenance and supervision projects commissioning and / or remote control systems automation. 

    Workshop Characteristics:

    • Mode: In person with supervised practices as complement to the theory. 
    • Methodology: Keynote lectures and practical workshops.
    • Participants: A minimum amount of 5 and a maximum amount of 20. 


    Workshop Observations:

    Any topic or sub-topic of the workshop can be expanded and detailed in a second session tailored specially for the client. So the basic workshop can be supplemented with successive trainings if need it.

    At the end the participant will get an USB PEN with a FREE distribution Linux with all the test tools used in the course.
     

    Material Included:

    • One computer per student during the workshop.
    • Welcome stationery material (notebooks, pens, USB with additional information). 
    • Training manual.  
    • Certificate of successful completion.
    • Meals: Coffee break and lunch (Coffee, tea and refreshments available during the training). 


    Workshop Schedule:

    Day 1           

    09:00 – 11:00

    Introduction to computer security:
    - What is hacking?
    - Information security properties: confidentiality, integrity / non-repudiation and availability

    11:00 - 11:15

    Coffee-break

    11:15 – 13:30

    - Authentication and authorization
    - Risk, Threat, Vulnerability (+ CVSS), Exploit and Zero Day
    - Main differences between IT Security and Cybersecurity in Industrial Environments

    * Practice

    13:30 - 14:30                

    Lunch

    14:30 – 16:00

    Attacks and Malware:

    Types of attacks:
    - According to the actions of the attacker: assets and liabilities
    - According to the location of the attacker: internal and external

    * Practice 

    16:00 - 16:15              

    Break

    16:15 – 17:00

    Attack stages I:
    - Recognition
    - Information gathering

    Attack stages II:
    - Scanning
    - Exploitation


    Day 2

    09:00 – 11:00

    Attack stages III:
    - Maintain Access
    - Cover the tracks

    * Practice 

    11:00 - 11:15

    Coffee-break

    11:15 – 13:30

    Safety Audits I:

    - Types: White Box, Gray Box and Black Box
    - Limitations: time, scope, allowed tests and knowledge
    - Reporting
    - Auditing from the Internet
    - Auditing from the internal network


    13:30 - 14:30                

    Lunch

    14:30 – 16:00

    Safety Audits II:
    - Work on equipment
    - Interviews  with the organization members 

    * Practice

    16:00 - 16:15              

    Break

    16:15 – 17:00

    Industrial networks safety I:
    - Security in wired networks:
    - Wired networks basic concepts
    - Sniffers: TCPDump, WireShark
    - Physical security: Port Security

    Industrial networks safety II:
    - DHCP Security: DHCP Snooping
    - RSTP Security: BPDU Guard, Root Guard
    - MiTM: IP Source Guard
    - VPNs

    Day 3

    09:00 – 11:00

    Security in WiFi networks:
    Wireless networks basics concepts:
    - Open networks
    - WEP Networks
    - WPA / WPA2 networks
    - Rouge Aps

    * Practice 

    11:00 - 11:15

    Coffee-break  

    11:15 – 13:30 

    Countermeasures and protection I:
    - Defense and protection technologies.
    - Perimeter defense architecture

    13:30 - 14:30                

    Lunch

    14:30 – 16:00

    Countermeasures and protection II:
    - Management and protection Decalogue.
    Physical security
    Firewalls, IDS, IPS and SIEMs

    16:00 - 16:15              

    Break

    16:15 – 17:00

    Cryptography I:
    - Symmetric: DES, AES, RC4
    - Asymmetric: RSA, GPG, IKE, SSL

    Cryptography II:
    - Hashes: MD5, SH
    - Password cracking: brute force, hash tables and rainbow tables

    * Practice


    Requirements for course completion:

    There is no specific requirements, ideal participant’s profile for our courses: Technical staff that participates in the design of architectures, Installation, configuration, maintenance and commissioning of automation projects for electrical substations and telecontrol systems.

    Specifically for the OPC UA * course: * theory and practice and the OPC course UA: theory, practice and application development, it is convenient to have previous experience about OPC technology acquired through daily use.

    In regards of aspects that stand out:

    - In all workshops different gifts are provided to participants
    - In Spain, Tripartite Foundation recognizes our workshops

    - Courses:
    OPC Technology and  Advanced Architecture Development
    OPC UA: Theory and Practice are certified by Matrikon

    - In all our workshops we provide a completion certificate
    - All workshops include practices with real hardware and simulation of issues that might occur in industrial plants today

Other programs related to information quality and security

This site uses cookies.
If you continue navigating, the use of cookies is deemed to be accepted.
See more  |