3. Education Services
Seminar on Ethical Hacking and Cyber Crime
Why attending this seminar
Throughout the world increasing numbers of governments gally obtain government-sensitive information from a data-
and public authorities are relying on IT infrastructures to base server or a file share.
perform a wide range of duties. Almost everything is inter-
It can take a second to steal a national secret; and it will cost
connected nowadays, and people in all positions are accus-
a high price. Ethical hacking brings the message home: if
tomed at shuttling information where it is needed.
cyber crime is so easy, and the tools to do it are at anybody’s
News reports on the alarming growth of information tech- fingertips, then it pays to give more attention to the preven-
nology-related crimes have reached the general public. tion of this new, often widely underestimated form of crime.
Some incidents have been widely publicised, resulting in an
Information is no longer concentrated in highly protected
overall impression of insecurity. This adds to the basic notion
repositories: it is everywhere. Risks must be clearly under-
that IT infrastructures are not 100% reliable, with systems
stood and evaluated – even at a technical level; routine
that crash, hosts that are unreachable, data that are corrupt-
penetration tests (also called “ethical hacking”) will improve
ed or lost.
the understanding of the concept of «risk»: it means finding
The truth is that data are not safe – whether the users sit in the way to illegally access your data before the crooks out
their office, in a false feeling of security, or in a hotel room, there find it on their own.
airport lounge or the office of a foreign partner. Specific
In five interesting and captivating days this course gives
security requirements apply everywhere, both in the appar-
attendees a solid understanding of the principles and prac-
ently friendly office space and in the open world. A deliber-
tice of ethical hacking. They will learn why and when to
ate criminal action can target information wherever it sits.
request a penetration test, what to look for, how to interact
Most present-day computer users do not have the least idea with the specialist who will perform the test, how to inter-
of how easy it is to intercept a plain e-mail containing confi- pret the results to build a better security for their informa-
dential information, to attack an application server, to ille- tion assets.
www.infoguard.ch / crypto Seminar on Ethical Hacking and Cyber Crime | Page 1
4. Seminar on Ethical Hacking and Cyber Crime
Crypto AG and its sister company InfoGuard AG Seminar dates
have jointly developed a 5 day education pro- The seminar dates can be found on the enclosed book-
gramme for the needs of governmental information ing form or on our website: www.infoguard.ch/crypto/
security professionals.
Seminar language
Who should attend English
Delegates from government and defence entities who
are responsible for initiating, implementing and main- Seminar location
taining information security in their organisation. InfoGuard AG education centre, Zug/Switzerland.
The seminar is open to everyone. On request it can be Seminar Certificate
conducted as a private seminar on a date mutually Each participant becomes an InfoGuard Certified Cyber
agreeable. Please ask for further information. Crime Prevention Expert, and is awarded a formal
certificate.
Page 2 | Seminar on Ethical Hacking and Cyber Crime www.infoguard.ch / crypto
5. Participants will receive introduction on all relevant topics
with regard to a holistic approach to Ethical Hacking.
Attacks from the Internet to public services Attacks against data confidentiality
It is easier to attack what one can see, and knows best. One day is spent in seeing how easy it is to tap existing
This usually means web applications, mail servers or DNS connections, be it SSL connections to a webmail server
servers. In the first part of the course delegates will learn from the office, or a remote Windows share to the server
at first to identify targets (information gathering, scan back at the Ministry. A mobile user must never rely on
techniques etc), and then to seek for weaknesses and third party security: the WiFi network at the hotel may
vulnerabilities (mail filter tests, DNS spoofing, manual be protected by a password, but a hacker might inter-
and automated web checks etc). cept it and capture important data that the user is ex-
changing with headquarters. Nothing is secure by
Attacks against the internal network with insider default: a determined hacker can attack the LAN of an
help organisation with the malicious support of an insider.
Joining together technical ingenuity and workers’ good
faith, offers the largest success opportunities at the Introduction to best defence security practice
lowest costs. One day is thus dedicated to examine The closing module of the seminar will address informa-
attacks, some of which are heard of from the press: tion and communications technology and its common
phishing, backdoors, inside-out attacks, social engineer- weaknesses, leading the discussion to the security con-
ing, firewall rule evasion etc. trols you can implement today to strengthen your pro-
tection. Practical and proven best defence measures are
the heart of this lesson.
www.infoguard.ch / crypto Seminar on Ethical Hacking and Cyber Crime | Page 3
6. Seminar Agenda
Arrival
DAYS 1/2 Attacks from the Internet to public services
DAY 3 Attacks against the internal network with
insider help
DAY 4 Attacks against data confidentiality
DAY 5 Introduction to best defence security
practice
Departure
Page 4 | Seminar on Ethical Hacking and Cyber Crime www.infoguard.ch / crypto
7. Days 1 and 2 • Phishing Days 5
Attacks from the Internet to • Installing and exploiting backdoors Introduction to best defence
public services • Inside-out attacks security practice
• Attack targets, aggressors and • Firewall rule evasion • Network security
methods • Secure VPN
• Information gathering Days 4 • Secure mobile computing
• IP address and port scan Attacks against data confiden- • Wireless LAN security
• Searching for vulnerabilities tiality • Secure E-Mail
• Performing tests and attacks • Tapping information in a • Secure personal devices (note-
• Manual and automated checks networked environment book, workstation)
• Reporting • Man-in-the-middle attacks: tap- • Secure telephony and facsimile
ping SSL connections from an communication
Days 3 Internet Café • Key management
Attacks against the internal • Attacking wireless networks in
network with insider help semi-public environments (e.g.
• Preparing an attack: planning for hotel)
obtaining insider help • Sniffing in a switch-based environ-
• Social engineering and informa- ment
tion gathering
• Performing the attack
www.infoguard.ch / crypto Seminar on Ethical Hacking and Cyber Crime | Page 5
8. Seminar environment
Tutors
The skill transfer is of high quality, both in terms of sub-
ject matter and tuition. In addition to their technical or
scientific background, the tutors have many years of
practical experience in their specialist fields with regard
to information security and other ICT related areas. Their
extensive social and cultural skills guarantee a congenial
learning environment.
Seminar methodology
The seminar is a combination of presentations and work-
shop sessions including exercises and live demonstra-
tions.
Daily schedule
Monday to Friday
Morning 09.00 – 12.00 h
Lunch 12.00 – 13.30 h
Afternoon 13.30 – 16.30 h
Accommodation
Hotel booking can be arranged on request.
Page 6 | Seminar on Ethical Hacking and Cyber Crime www.infoguard.ch / crypto
9. Terms and conditions
Registration • No charge will be made if another • It may become necessary for us to
Please complete the registration person participates in the seminar make alterations to the content,
form enclosed or online on our web- on behalf of the absent partici- speakers, timing, venue or date of
site www.infoguard.ch/crypto and pant. the event compared to the adver-
fax to +41 41 749 19 10 or mail to tised programme.
info@infoguard.ch. Your registration Substitutions/Name Changes
will be confirmed in writing. If you are unable to attend you may Terms of Payment
nominate, in writing, another partic- • Payments are due within 10 days
Cancellation ipant to take your place at any time of the invoice date and not later
• All cancellations must be submit- prior to the start of the seminar. Two than the start of the seminar.
ted in writing. ore more participants may not • In the event of a registration at
• Up to two weeks before the start «share» a place at a seminar. Please short notice, i.e. within one week,
of the seminar, 25% of the regis- make separate bookings for each the person participating in the
tration fee will be charged for participant. seminar may be required to submit
administration. proof of payment or to pay cash
• Up to one week before the start of Alterations prior to the seminar start.
the seminar, 50% of the registra- • InfoGuard AG reserves the right to
tion fee will be charged. cancel the seminar due to an insuf- Place of Jurisdiction
• In the week before the start of the ficient number of registrations. In The place of jurisdiction is Zug,
seminar, the full registration fee such cases, any registration fees Switzerland
will be charged. already paid will be fully refunded.
www.infoguard.ch / crypto Seminar on Ethical Hacking and Cyber Crime | Page 7
10. Enjoy your stay in Switzerland
Your stay in Switzerland will be care- InfoGuard AG –
fully prepared. Learning will be Education in information security
made much easier thanks to a pleas- «Made in Switzerland».
ant atmosphere and interesting, InfoGuard AG is the preferred edu-
exciting leisure time. During this five cation provider for information secu-
day seminar we will organize a cul- rity. Its courses are geared to the
tural outing. needs of governmental and military
organizations as well as public ad-
The small but lively town of Zug ministrations.
(22’000 inhabitants) benefits from
being close to the Swiss business Crypto AG –
metropolis of Zurich, and its interna- To Remain Sovereign.
tional airport, and Lucerne, which We have developed, manufactured
are both near at hand. It is situated and implemented custom security
right by Lake Zug, and surrounded solutions for over 55 years. You too
by typical Swiss hills and mountains. can rely on the expertise and capa-
Basel The region is an excellent starting bilities of Crypto AG – just like our
Zurich
Zug point for excursions to the country’s customers in over 130 countries.
Lucerne
Berne
most interesting tourist attractions.
Geneva
Lugano
Page 8 | Seminar on Ethical Hacking and Cyber Crime www.infoguard.ch / crypto
11. Designed and given InfoGuard AG Introduced by your Crypto AG
by the sister company Feldstrasse 1 trusted security partner: P.O. Box 460
of Crypto AG: CH-6300 Zug CH-6301 Zug/Switzerland
Switzerland Phone +41 41 749 77 22
Phone +41 41 749 19 00 Fax +41 41 741 22 72
Fax +41 41 749 19 10 crypto@crypto.ch
info@infoguard.ch www.crypto.ch
www.infoguard.ch/crypto