`

Page 1 of 5

Certificate in Cyber Security

Offered as a partnership between

Cape Peninsula University of Technology (CPUT), French South African Institute of

Technology (F’SATI), CS Interactive Training and Boshoff Industries.

Course title Certificate in Cyber Security

Purpose of the course To respond to the training needs of security teams within industry and to build capacity in cyber and

satellite security. South Africa is experiencing immense shortages of cyber security specialists and

especially shortages in focused training opportunities for corporate staff. Cooperation between

industry and universities to establish and offer targeted training content within the cyber security

domain is not yet realized within South Africa. This is also evident within the nano-satellite industry

as applications are developed to utilize constellations. F’SATI is moving towards the design and

development of targeted software applications and it becomes essential to study and integrate

effective security tools and techniques from the start.

This training is unique as it is developed by specialists within industry and is to be offered through

cooperation between industry and academia. In this way research can be stimulated and a culture of

cyber and satellite security can be promoted to benefit industry and the local community.

The main objective of the course is to provide training to security teams within the corporate

environments and at the same time provide private persons with the opportunity to enter the

computer security market.

Target Market Security personnel working within the spheres of information and computer security as well as

prospective students that want to embark on a career within the cyber and satellite security domain.

Entrance qualification Matric certificate or equivalent qualification with a minimum of 50% for Mathematics. Experience

within the information security industry will be beneficial. Attendees must have Internet access and

suitable computing hardware and software in order to participate on the e-learning forums and

complete practical assignments.

Structure of the course The course consists of four modules. Each of the modules is presented by way of two days contact

(face-to-face) sessions followed by a 2 week e-learning period. A student has to pass all four

modules with a minimum mark of 70% in order to successfully complete the course and receive the

certificate in cyber security. The e-learning period following the module presentations provides a

way for the attendees to participate and communicate with experts via dedicated online forums and

in doing so form part of a growing cyber security community.

`

Page 2 of 5

Duration Each module consists of two days contact time as well as a two week e-learning period. The total

duration for all four modules: 8 days contact time and 8 weeks e-learning.

Dates & Times Venue for contact sessions: F’SATI, Bellville campus.

Dates for 2014 (9h00-16h00):

Module 1 (Computer Systems and Security Environment)

Contact session dates: 30 September & 1 October 2014

E-learning period: 2 October 2014 - 13 October 2014

Module 2 (Analysis, Writing & Cryptography)

Contact session dates: 14 & 15 October 2014

E-learning period: 16 October 2014 – 3 November 2014

Module 3: (Technical Security)

Contact session dates: 4 & 5 November 2014

E-learning period: 6 November 2014 – 17 November 2014

Module 4: (Security Governance)

Contact session dates: 18 & 19 November 2014

E-learning period: 20 November – 11 December 2014

Exam: 12 December 2014

Course fee per person ZAR 4,850 per module (of 4 modules).

Total for all modules ZAR 19,400.

Core Syllabus MODULE 1: COMPUTER SYSTEMS AND THE SECURITY ENVIRONMENT

Introduction to Information Security What is security? The need for security The enemy (black hat, white hat, hacktivism, organized crime) Security terminologies CIA (Pillars of information security) & authentication & non-repudiation Satellite security

Threat environment Security awareness Information warfare Social engineering Malicious code (i.e. botnets, malware, etc.) Introduction to the attack process Introduction to attack vectors

`

Page 3 of 5

Social networks (i.e. attacks via facebook, twitter, etc.) Computer Systems Essentials Introduction to operating systems Networking & communication essentials Internet & Web essentials File management & database systems Application software Software design & testing

MODULE 2: ANALYSIS, TECHNICAL WRITING & CRYPTOGRAPHY

Elementary Encryption Encryption overview Substitution ciphers Transpositions Symmetric & asymmetric encryption Stream & block ciphers Confusion & diffusion Data Encryption Standard (DES) AES Encryption Standard Public Key encryption: RSA Hash functions Practical applications of encryption (i.e. Bitcoins) Digital signatures Digital certificates

Cryptanalysis & Control Breaking encryption schemes Tools & controls Analysis & Technical Writing Information analysis & synthesis Technical report writing

MODULE 3: TECHNICAL SECURITY

Program Security Flaws & fixing faults Program errors Targeted malicious code Controls against program threats

Operating System Security Operating system flaws Memory and address protection Control access File protection User authentication Open source systems

Network & Internet Security (6 hours) Network threats Controls Firewalls Intrusion Detection Systems

`

Page 4 of 5

Intrusion Prevention Systems Email security Web security

MODULE 4: SECURITY GOVERNANCE

Laws, Rules & Regulations Local and International Rights of employees and employers Computer crime Privacy Ethical issues & case studies

Security Policies, Plans & Procedures Military & commercial policies Policies in action Security models Security plans & procedures Security evaluation

Security Design & Management Planning for security Planning for contingencies Developing the security program Security management models and practices Risk analysis & management Identifying & assessing risks Accessing & controlling risks Protection mechanisms

Quality assurance (assessment, moderation, certification) Candidates will be assessed in the following manner:

Attendance of contact sessions

Participation on dedicated e-learning forum as per guidelines

Online assessments

Online projects

Final Exam

For successful completion of the certificate an attendee needs to obtain a passing mark of at least

70% for each module.

Assessments are compiled as per University and industry requirements. Moderation will be

conducted by experts from the University (F’SATI), other academic institutions as well as industry.

Certificates will be issued by CPUT and certificates will contain logos of all partners.

Open Badges

A digital badge is an online representation of a skill earned. Open Badges allows a person to verify

their skills, interests and achievements through credible organizations. Badges are displayed on the

web, shared for employment, education or lifelong learning. Open Badges is a new online standard

to recognize and verify learning.

Badges as per industry certification will be issued after successful completion of the certificate.

`

Page 5 of 5

NQF Level NQF Level 5

Lecturers & Facilitators Prof. Elmarie Biermann (F’SATI) will be the main facilitator.

Partners 1. Cape Peninsula University of Technology (CPUT) is a leading University of Technology that

provides a wide range of qualifications within the Western Cape.

2. French South African Institute of Technology (F’SATI) offers international Master of Science and

Doctorate programmes in Electronic Engineering in collaboration with ESIEE-Paris, a graduate

school in electronic engineering in France. They focus on research and development within the

nano-satellite sphere through the development of CubeSats.

3. CS Interactive Training provides training and support to teams of business and ICT professionals

that are responsible for systems and business change management initiatives within

organisations. Their goal is to enable organisations to build core competencies that enable the

managing of change more effectively and reduce complexity within core processes and systems.

They believe in long term partnerships that will effectively transfer skills and capabilities to

staff. Our Out-of-the-Box working style allows us to identify additional training requirements

and then incorporate this into our set works.

4. Boshoff Industries are leaders in Enterprise IT Security and Assessment Services. They provide

security services such as penetration testing and vulnerability assessment to ensure corporate

entities are safe, secure and adhering to national laws, standards and policies.