Trainer
Abdelkader Shaaban, Austrian Institute of Technology
Session Details
- Session Title:
Cybersecurity in the Energy Domain: Theories and Strategies for Network Protection - Session Description:
The session will include an overview and discussion of common network protocols, such as TCP/IP, along with topics on internet and web security. Additionally, the session will provide an introduction to the energy domain and highlight the most common cybersecurity vulnerabilities within this sector. - Key Learning Objectives:
Understanding the fundamental concepts of network security.
Acquire knowledge about common vulnerabilities and threats in specific network systems and their associated protocols, including not only TCP/IP but also those used in industrial communication networks.
Gain knowledge in the most relevant security protocols, such as SSL/TLS and IPSec, and understand their critical role in protecting systems and communication networks.
Gain a basic understanding of security in the energy domain and identify the most common security vulnerabilities in this sector.
Lab Details
- Lab Title:
Practical Activities on Network Cyberattacks and Protection Strategies - Lab Description:
The practical activities lab will cover a variety of exercises designed to demonstrate how cyberattacks can compromise network data and highlight the importance of implementing robust cybersecurity measures to minimize cyber risks. These activities will include code injection, packet injection, DoS attacks, ARP spoofing, packet sniffing, and more, alongside prevention and detection methods to mitigate network-related cyber risks. The lab will be conducted within the GNS3 network simulation environment to simulate all planned practical activities in a secure, closed virtual environment. - Key Learning Objectives:
An understanding of how various cyberattacks can compromise network security and emphasize the importance of implementing effective protection mechanisms to secure networks.
Provide insights into designing and implementing detection and prevention mechanisms to protect network assets and associated data. - Tools/Software Required:
The practical lab will be conducted within a virtual environment using the GNS3 network simulator. Participants will be required to set up separate virtual machines to simulate a network, highlighting the roles of attacker and victim machines within the GNS3 network.
- Trainer/in: Abdelkader Shaaban
Trainer
Rodrigo Adão da Fonseca, Faculdade de Ciências e Tecnologia da Universidade Nova de Lisboa
Session Details
- Session Title:
Access Control and Authentication: Foundations and SOC Design for Incident Management - Session Description:
This session will explore the theoretical foundations of Access Control and Authentication, focusing on essential principles and practices to safeguard systems from unauthorized access. In the second part, we will delve into the components of a Security Operations Center (SOC) project for incident management and alarm handling, providing practical insights into designing and operating an effective SOC. - Key Learning Objectives:
Understand the theoretical foundations of Access Control and Authentication.
Learn key principles and practices to secure systems against unauthorized access.
Gain practical insights into SOC design, focusing on incident management and alarm handling.
Lab Details
- Lab Title:
SOC Design and Incident Management: Practical Exercise - Lab Description:
This lab will provide participants hands-on experience in SOC design and incident management related to access control and credentials. Participants will engage in group exercise to simulate real-world SOC scenario and test their knowledge in a quiz-style game inspired by Trivial Pursuit, focused on SOC concepts and practices. - Key Learning Objectives:
Apply theoretical knowledge to design a SOC model tailored for effective incident management.
Collaborate in groups to analyze and solve SOC-related scenarios.
Demonstrate understanding of SOC concepts through a quiz-style challenge. - Tools/Software Required:
None