Corporate courses in IUT

 

1. Information security for government agencies

“Information security: data protection, network visibility and control”

INFORMATION SECURITY ISSUES

  • Cyber Security Threats, Vulnerabilities and Attacks.
  • Network attacks (DoS/DDoS, man-in-the-middle attack and hack).
  • Attacks targeting the web system (SQL injection, XSS, SSRF attacks, etc.).

METHODS OF ENSURING INFORMATION SECURITY

  • Legal management in the field of information security.
  • Standard and regulatory documents in the field of information security.
  • Physical and organizational maintenance of information security.
  • Cryptographic protection of information (symmetric, public key, hash function, ERI algorithms, security protocols).

INFORMATION SECURITY HARDWARE AND SOFTWARE

  • Security tools: hardware, software and software.
  • Cryptographic means of information protection.
  • Tools for information security in the network (Inter-Network Screen, VPN, IDS/IPS, DLP, Honeypot).

MALWARE AND METHODS OF PROTECTION AGAINST THEM

  • Malicious programs and their classification.
  • Common malware (NotPetya, Bad Rabbit, WannaCry, etc.).
  • Malware detection methods and tools (reverse engineering, anti-virus software tools).

ELECTRONIC PAYMENT SYSTEMS AND THEIR SECURITY PROBLEMS

  • Electronic payment systems and common types of crimes in them.
  • Methods and recommendations for ensuring the security of electronic payments.

DIGITAL FORENSICS

  • Event recording: log files, registers.
  • Tools for recovering deleted data from various storage devices.
  • Basics of identification of edited photo and video files.
  • Location awareness.
  • Preparing against a network attack.
  • Network scanning.

SOCIAL ENGINEERING

  • The field of social engineering, its purpose.
  • Phishing, pretexting methods.
  • Collection of personal information through social networks.
  • Cyberetics.

USE OF MODERN TECHNOLOGIES IN CYBER SECURITY

  • Modern technologies: cloud computing, Internet of Things (IoT), blockchain.
  • Cryptocurrencies and related security issues.
  • Application of artificial intelligence in information security.

Contact person:

Name: Davlatov Zafar

Email: z.davlatov@inha.uz

 

2. CyberSecurity: Blue teaming

“BLUE TEAMING”

Specialist training course

 

  1. Basics of BLUE TEAMING and SOC

1.1. Fundamentals of Cyber Defense and BLUE TEAMING

1.2. SOC architecture and operational workflows

1.3. Basic concepts and terms of cyber security

  1. Network monitoring and protection

2.1. Network security technologies. Creating network security infrastructure

2.2. Cyber security incidents and their management tools and methods

2.3. Monitoring and analysis of network and system records

  1. Identification and analysis of threats

3.1. Concept of cyber threats and attack techniques

3.2. Collect and analyze threat intelligence

3.3. Advanced continuous threat (APT) simulation and detection

  1. Incident response and process management

4.1. Incident detection and response steps

4.2. Forensic analysis and evidence processing

4.3. Forming legal opinions and reports

  1. Automation of cyber security tools and processes

5.1. Using cybersecurity tools for defense

5.2. Scripting and automation of cyber defense processes

5.3. Simulation exercises with the participation of BLUE TEAM

  1. Implementation of the project and preparation for certification

 

Contact person:

Name: Davlatov Zafar

Email: z.davlatov@inha.uz

3. CyberSecurity: Red teaming

“RED TEAMING” specialists in cyber security training course

CURRICULUM

 

  1. Cyber Security Basics

1.1. Fundamentals of Cyber Security

1.2. Network Fundamentals for Red Teaming Processes

1.3. Security of operating systems (Windows, Linux)

1.4. Scripting and automating processes using Python/Bash

  1. Admission to the RED TEAMING course

2.1. Ethical and legal aspects of hacking

2.2. RED TEAM and BLUE TEAM goals and styles

2.3. Gather information about targets

2.4. Vulnerability assessment tools and techniques

  1. Pentesting. Working with exploits

3.1. System exploits

3.2. Network exploits

3.3. Working with software applications and web exploits

3.4. Post-exploit workflow and retention of rights

  1. Advanced technology and methods

4.1. Advanced Persistent Threat (APT) Strategies

4.2. Investigating social engineering and physical intrusion vulnerabilities

4.3. Testing the security of wireless networks

4.4. Assessing the security of cloud services

  1. Simulated real processes on the RED TEAMING course

 

Contact person:

Name: Davlatov Zafar

Email: z.davlatov@inha.uz

4. Artificial intelligence and Data Science
Artificial intelligence

Artificial Intelligence (AI), the ability of a digital computer or computer-controlled robot to perform tasks commonly associated with intelligent beings.

Data Science

Data science is the study of data to extract meaningful insights for business. It is a multidisciplinary approach that combines principles and practices from the fields of mathematics, statistics, artificial intelligence, and computer engineering to analyze large amounts of data.

Contact person:

Name: Davlatov Zafar

Email: z.davlatov@inha.uz