Entry Point

Overview

Breaking into a cyber-security career can be difficult. Get your foot in the door with a broad understanding of cyber-security topics. In this course, you will get an introduction to some of the other Cyber Fire courses with extra help to move you from a regular computer user to an entry level cyber-security professional.

Learn about the basic layout inside files and how to know a file you download is an exact copy of the file you intended to download and not a corrupted or malicious look-alike. Look into information that flows across networks and how to capture it for analysis. Dig deeper into operating systems by looking at processes, memory and configuration. Understand what information you should gather when you see something that doesn’t look right and how to report than information.

What to Expect

This course will focus on introducing topics with brief lectures followed by hands-on exercises to further explore those topics. During the exercises, instructors and teaching assistants will be available to answer questions and provide guidance. Classes general start at 8:00 AM and wrap up at 5:00 PM. Please consult the schedule for this event for exact times. Breaks mid-morning, lunch and mid-afternoon give you a chance to clear your mind or continue working on exercises at your discretion.

Day 1:

  • Forensics 101
  • Order of Volatility
  • Introduction to Memory and Memory Analysis
  • Disk Image Collection
  • File Signature Analysis
  • Networking Overview

Day 2:

  • Network Packet Capture
  • Network Routing
  • Network Protocols
  • Network Scanning
  • File Carving
  • Incident Reporting

Who should attend?

  • Entry Level Network Operation Center Analysts
  • Entry Level Security Operations Center Analysts
  • Managers wanting to gain a basic understanding of security concepts
  • Windows Users interested in security

Is this course right for me?

If you looked at the other Cyber Fire course descriptions and are concerned that they are too advanced, you are in the right spot.

If you have basic skills in network protocols, network packet capture, viewing files in hex editors and/or calculating file hashes, you may want to consider one of the more advanced courses.

What should I bring?

  • Windows laptop with wireless networking enabled
  • Windows account credentials with administrator rights to install software and monitor networks
  • At least 1 GB of hard drive space for exercises and additional software

Laptop Configuration

In order to have a great learning experience at Cyber Fire Entry Point, you will need to be prepared with a laptop that runs Windows or has a Windows virtual machine. You can get a Windows VM for free at https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/. If you need software to run a virtual machine, you can get VirtualBox for free at https://www.virtualbox.org/wiki/Downloads.

You must have access to an admin account on your Windows system because Entry Point exercises and the contest require the installation of software. If you cannot get admin rights to your Windows system, ask your organization’s administrator to install the software before you come. You can download the bundle of software (~300 MB) from entrypoint-bundle.zip. (For password-protected files in that download, the password is “EntryPoint”.)

You may also need up to 20GB free disk space for collecting evidence. A thumb drive or external drive is perfect for this requirement.

Laptop and software setup sessions usually happen the afternoon or evening before the first day of class. Please check the schedule for details and come early if you would like help making sure everything is ready to go for class.