certificate in cyber security - cput
TRANSCRIPT
`
Page 1 of 5
Certificate in Cyber Security
Offered as a partnership between
Cape Peninsula University of Technology (CPUT), French South African Institute of
Technology (F’SATI), CS Interactive Training and Boshoff Industries.
Course title Certificate in Cyber Security
Purpose of the course To respond to the training needs of security teams within industry and to build capacity in cyber and
satellite security. South Africa is experiencing immense shortages of cyber security specialists and
especially shortages in focused training opportunities for corporate staff. Cooperation between
industry and universities to establish and offer targeted training content within the cyber security
domain is not yet realized within South Africa. This is also evident within the nano-satellite industry
as applications are developed to utilize constellations. F’SATI is moving towards the design and
development of targeted software applications and it becomes essential to study and integrate
effective security tools and techniques from the start.
This training is unique as it is developed by specialists within industry and is to be offered through
cooperation between industry and academia. In this way research can be stimulated and a culture of
cyber and satellite security can be promoted to benefit industry and the local community.
The main objective of the course is to provide training to security teams within the corporate
environments and at the same time provide private persons with the opportunity to enter the
computer security market.
Target Market Security personnel working within the spheres of information and computer security as well as
prospective students that want to embark on a career within the cyber and satellite security domain.
Entrance qualification Matric certificate or equivalent qualification with a minimum of 50% for Mathematics. Experience
within the information security industry will be beneficial. Attendees must have Internet access and
suitable computing hardware and software in order to participate on the e-learning forums and
complete practical assignments.
Structure of the course The course consists of four modules. Each of the modules is presented by way of two days contact
(face-to-face) sessions followed by a 2 week e-learning period. A student has to pass all four
modules with a minimum mark of 70% in order to successfully complete the course and receive the
certificate in cyber security. The e-learning period following the module presentations provides a
way for the attendees to participate and communicate with experts via dedicated online forums and
in doing so form part of a growing cyber security community.
`
Page 2 of 5
Duration Each module consists of two days contact time as well as a two week e-learning period. The total
duration for all four modules: 8 days contact time and 8 weeks e-learning.
Dates & Times Venue for contact sessions: F’SATI, Bellville campus.
Dates for 2014 (9h00-16h00):
Module 1 (Computer Systems and Security Environment)
Contact session dates: 30 September & 1 October 2014
E-learning period: 2 October 2014 - 13 October 2014
Module 2 (Analysis, Writing & Cryptography)
Contact session dates: 14 & 15 October 2014
E-learning period: 16 October 2014 – 3 November 2014
Module 3: (Technical Security)
Contact session dates: 4 & 5 November 2014
E-learning period: 6 November 2014 – 17 November 2014
Module 4: (Security Governance)
Contact session dates: 18 & 19 November 2014
E-learning period: 20 November – 11 December 2014
Exam: 12 December 2014
Course fee per person ZAR 4,850 per module (of 4 modules).
Total for all modules ZAR 19,400.
Core Syllabus MODULE 1: COMPUTER SYSTEMS AND THE SECURITY ENVIRONMENT
Introduction to Information Security What is security? The need for security The enemy (black hat, white hat, hacktivism, organized crime) Security terminologies CIA (Pillars of information security) & authentication & non-repudiation Satellite security
Threat environment Security awareness Information warfare Social engineering Malicious code (i.e. botnets, malware, etc.) Introduction to the attack process Introduction to attack vectors
`
Page 3 of 5
Social networks (i.e. attacks via facebook, twitter, etc.) Computer Systems Essentials Introduction to operating systems Networking & communication essentials Internet & Web essentials File management & database systems Application software Software design & testing
MODULE 2: ANALYSIS, TECHNICAL WRITING & CRYPTOGRAPHY
Elementary Encryption Encryption overview Substitution ciphers Transpositions Symmetric & asymmetric encryption Stream & block ciphers Confusion & diffusion Data Encryption Standard (DES) AES Encryption Standard Public Key encryption: RSA Hash functions Practical applications of encryption (i.e. Bitcoins) Digital signatures Digital certificates
Cryptanalysis & Control Breaking encryption schemes Tools & controls Analysis & Technical Writing Information analysis & synthesis Technical report writing
MODULE 3: TECHNICAL SECURITY
Program Security Flaws & fixing faults Program errors Targeted malicious code Controls against program threats
Operating System Security Operating system flaws Memory and address protection Control access File protection User authentication Open source systems
Network & Internet Security (6 hours) Network threats Controls Firewalls Intrusion Detection Systems
`
Page 4 of 5
Intrusion Prevention Systems Email security Web security
MODULE 4: SECURITY GOVERNANCE
Laws, Rules & Regulations Local and International Rights of employees and employers Computer crime Privacy Ethical issues & case studies
Security Policies, Plans & Procedures Military & commercial policies Policies in action Security models Security plans & procedures Security evaluation
Security Design & Management Planning for security Planning for contingencies Developing the security program Security management models and practices Risk analysis & management Identifying & assessing risks Accessing & controlling risks Protection mechanisms
Quality assurance (assessment, moderation, certification) Candidates will be assessed in the following manner:
Attendance of contact sessions
Participation on dedicated e-learning forum as per guidelines
Online assessments
Online projects
Final Exam
For successful completion of the certificate an attendee needs to obtain a passing mark of at least
70% for each module.
Assessments are compiled as per University and industry requirements. Moderation will be
conducted by experts from the University (F’SATI), other academic institutions as well as industry.
Certificates will be issued by CPUT and certificates will contain logos of all partners.
Open Badges
A digital badge is an online representation of a skill earned. Open Badges allows a person to verify
their skills, interests and achievements through credible organizations. Badges are displayed on the
web, shared for employment, education or lifelong learning. Open Badges is a new online standard
to recognize and verify learning.
Badges as per industry certification will be issued after successful completion of the certificate.
`
Page 5 of 5
NQF Level NQF Level 5
Lecturers & Facilitators Prof. Elmarie Biermann (F’SATI) will be the main facilitator.
Partners 1. Cape Peninsula University of Technology (CPUT) is a leading University of Technology that
provides a wide range of qualifications within the Western Cape.
2. French South African Institute of Technology (F’SATI) offers international Master of Science and
Doctorate programmes in Electronic Engineering in collaboration with ESIEE-Paris, a graduate
school in electronic engineering in France. They focus on research and development within the
nano-satellite sphere through the development of CubeSats.
3. CS Interactive Training provides training and support to teams of business and ICT professionals
that are responsible for systems and business change management initiatives within
organisations. Their goal is to enable organisations to build core competencies that enable the
managing of change more effectively and reduce complexity within core processes and systems.
They believe in long term partnerships that will effectively transfer skills and capabilities to
staff. Our Out-of-the-Box working style allows us to identify additional training requirements
and then incorporate this into our set works.
4. Boshoff Industries are leaders in Enterprise IT Security and Assessment Services. They provide
security services such as penetration testing and vulnerability assessment to ensure corporate
entities are safe, secure and adhering to national laws, standards and policies.