Training on IT Security

The third edition of IT Security courses in Extremadura will start soon. These courses are delivered for free by FEVAL every year and I was the teacher in the first and second edition. However, I don’t know yet if I’m going to be the teacher in this third edition. I would like to. This edition will be in Badajoz and students will learn security on networks and systems, hacking and also forensics. I think it’s a good chance for learning IT Security if you are interested in infosec because these courses are full of tests and laboratories where students attack and protect systems as in the real world.

The first course, which starts soon, is about basic security on networks and systems, where students take security awareness and configure security appliances such as firewalls and SIEM. For instance, we deployed a virtual firewall and configured OSSIM last year. We also talked about recommendations for protecting networks and systems such as server hardening and best practices for network appliances. In addition, we were talking about the importance of Business Continuity and Disaster Recovery Plans.

Training on IT Security

Students who want to learn more about IT security can take the advanced security course on networks and systems. Last year, this second course was ready for students who wanted to get a deep knowledge about IT Security because we were talking about advanced techniques such as Multipath TCP, HTTP2, Web Application Firewall, XSS, SQLi, etc. In fact, we configured a WAF and we attacked servers to see how this kind of appliance is able to block advanced attacks.

Once the basic security course and the advanced security course on networks and systems are over, the ethical hacking fundamental course starts. This course is for students who want to learn how to attack networks and systems. Therefore, the first two courses are for people how want to know how to protect networks and systems and this one is for learning about vulnerabilities, network scanning, buffer overflows, OSINT, denial of services, etc.

If you really love hacking and you want to learn more about how to hack networks and systems, you have to go to the advanced ethical hacking course. This course was full of advanced laboratories last year. For instance, we created a backdoor for Android systems and we even made a malicious WhatsApp Messenger. In addition, we deployed WebGoat in Kali Linux to test Web Application Vulnerabilities.

The last course in this third edition will be about Digital Forensics . Students learnt how to get evidences and how to analyse them last year. In addition, we played CTFs (Capture The Flag) where students had to find flags in a series of challenges. As a result, they used many tools such FTK Imager, fcrackzip or exiftool. L ast but not least, we also analysed and learnt how a Fileless Malware works.

Regards my friends. I hope this will be interesting for you. Keep studying.