À propos de ce cours : This course provides learners with a baseline understanding of common cyber security threats, vulnerabilities, and risks. An overview of how basic cyber attacks are constructed and applied to real systems is also included. Examples include simple Unix kernel hacks, Internet worms, and Trojan horses in software utilities. Network attacks such as distributed denial of service (DDOS) and botnet- attacks are also described and illustrated using real examples from the past couple of decades. Familiar analytic models are outlined such as the confidentiality/integrity/availability (CIA) security threat framework, and examples are used to illustrate how these different types of threats can degrade real assets. The course also includes an introduction to basic cyber security risk analysis, with an overview of how threat-asset matrices can be used to prioritize risk decisions. Threats, vulnerabilities, and attacks are examined and mapped in the context of system security engineering methodologies.
Enseigné par : Dr. Edward G. Amoroso, Research Professor, NYU and CEO, TAG Cyber LLC
Computer Science
| Informations de base | Cours 1 de 4 dans Introduction to Cyber Security Specialization |
| Niveau | Débutant |
| Langue | English |
| Comment réussir | Réussissez tous les devoirs notés pour terminer le cours. |
| Notes des utilisateurs |
- Vidéo: Assignments and Reading
- Vidéo: Hacking an Old-Fashioned Soda Machine
- Vidéo: Simple Worm Program
- Vidéo: Trojan Horse Login Program
- Vidéo: Malicious Compiler Program
- Vidéo: Typical Unix Kernel Attack
- Vidéo: Explaining Interview Series
- Vidéo: Welcome Lou Manousos (Part 1)
- Vidéo: Welcome Lou Manousos (Part 2)
- Reading: Required: Smashing the Stack for Fun and Profit,” Aleph One
- Reading: Required: “Reflections on Trusting Trust,” Ken Thompson
- Reading: Video: DEF CON 23
- Reading: Video: Kevin Mitnick | Talks at Google
- Reading: Suggested: Introduction to Cyber Security (Ch. 1-2)
- Reading: Suggested: TCP/IP Illustrated Volume 1 (2nd Ed.), (Ch. 1-2)
- Vidéo: Purpose of Cyber Security
- Vidéo: Adversary Types
- Vidéo: Vulnerability Types
- Vidéo: Threat Types
- Vidéo: Matching Quiz
- Practice Quiz: Matching Quiz
- Vidéo: Matching Quiz Solution
- Vidéo: Confidentiality Threat
- Vidéo: Integrity Threat
- Vidéo: Availability Threat
- Vidéo: Fraud Threat
- Practice Quiz: Further Consideration - Fraud
- Vidéo: Testing for Vultnerabilities
- Vidéo: Attacks
- Vidéo: Brute Force vs. Hueristic Attacks
- Vidéo: Crytanalysis
- Vidéo: Cryptanalyzing Caesar Cipher
- Vidéo: Welcome Jose Dominguez
- Reading: Required: “Why Cryptosystems Fail,” Ross Anderson
- Reading: Required: “There Be Dragons,” Steve Bellovin
- Reading: Video: DMARC Whiteboard Session
- Reading: Video: Defcon 18
- Reading: Suggested: Introduction to Cyber Security, (Ch. 3 - 4)
- Reading: Suggested: TCP/IP Illustrated Volume 1 (2nd Ed.), (Ch. 3 – 4)
- Vidéo: SQL/ Slammer Worm of 2003
- Vidéo: Nachi Worm of 2003
- Vidéo: Botnet Design
- Vidéo: Botnet Arithmetic
- Vidéo: Welcome Elad Yoran
- Vidéo: Assets and Infrastructure
- Vidéo: Calculating Risk
- Vidéo: Making Security and Cost Decisions Based on Risk
- Vidéo: Threat Trees and Completeness of Analysis
- Practice Quiz: Further Consideration - Threat Trees
- Reading: Required: “Hackers Remotely Kill a Jeep on the Highway with Me in It,” Andy Greenberg, Wired Magazine
- Reading: Required: “A Hacker’s Evolution: Austin’s HD Moore Grew Up with Cybersecurity Industry,” 512 Tech
- Reading: Suggested: Introduction to Cyber Security (Ch. 5 - 6)
- Reading: Suggested: TCP/IP Illustrated Volume 1 (2nd Edition), (Ch. 5 - 6)
- Reading: Video: “Top Hacker Shows Us How It’s Done,” Pablos Holman, TEDx Midwest
- Reading: Video: “All Your Devices Can be Hacked,” Avi Rubin, TED Talk
- Vidéo: Mapping Assets to Threats
- Vidéo: Estimating Risk for Threat-Asset Pairs
- Vidéo: Example Case Study Matrix (Part 1)
- Vidéo: Example Case Study Matrix (Part 2)
- Vidéo: Example Case Study Matrix (Part 3)
- Vidéo: Mapping Assets, Threats, Vulnerabilities, and Attacks
- Vidéo: Welcome Nasir Memon
- Reading: Required: “A Man-in-the-Middle Attack on UMTS,” Meyer and Wetzel
- Reading: Required: “Are Computer Hacker Break-Ins Ethical?” Eugene Spafford
- Reading: Video: “What’s Wrong With Your Password,” Lorrie Faith Cranor, TED Talk
- Reading: Video: “Fighting Viruses, Defending the Net,” Mikko Hypponen, TED Talk
- Reading: Suggested: Introduction to Cyber Security, (Ch. 7 - 8)
- Reading: Suggested: TCP/IP Illustrated Volume 1 (2nd Ed.), (Ch. 7 – 8)
- Reading: Project Description
- Reading: Additional Self-Learning Opportunities
Each course is like an interactive textbook, featuring pre-recorded videos, quizzes and projects.
Connect with thousands of other learners and debate ideas, discuss course material, and get help mastering concepts.
Earn official recognition for your work, and share your success with friends, colleagues, and employers.
| Acheter le cours | |
|---|---|
| Accéder au contenu du cours | Disponible |
| Accéder au contenu noté | Disponible |
| Recevoir une Note Finale | Disponible |
| Obtenir un Certificat de Cours partageable | Disponible |
Overall, I really enjoyed this course. Ed is a fantastic teacher. My only complaint (and why I did not give it 5 stars) is with the final exam. The instructions states that the answers are subjective, however I had to take the test over and over until I got the correct choices they were looking for. As an example, who knows if software sells person working from home has confiidentiality risk of high, medium, or low? I think it is pretty subjective, and I would have had to get more information about their work environment to really make that call. It was an excersize in frustration.
Excellent course to study! This really helped me understand more about internet security.
A really good introductory course.
It covers both the basic "tech" aspects of cybersecurity (worms, trojans, botnets, etc.) and frameworks (CIA models) to map threats-assets then risks.
It sets a fundamental stress on the approach to cybersecurity. Not only on the most advertised aspects, but on the way the industry -CISOs- work -or should work :-)
The instructor does know a ton, and transmits his knowledge quite easily.
DD
This is amazing course. Instructor and the course content is just perfect.
A student will learn many new technologies like Man in the Middle attack , RISKS and THREATS , CIA i.e. pillars of security , Password protection and much more.
Thank you instructor for helping us to know so many things . I am surely gonna go through all the courses .
I also wish to be the course Mentor. As an individual i have learned how to manage presentation and also how to teach others.