Courses
ACG CyberAcademy offers you its expertise in digital technology and cyber security.
Career opportunities in a field where there is a shortage of talent.
SOC Analyst pathway
The SOC (Security Operations Centre) Analyst programme consists of the following modules:
Module 1: Fundamentals of cyber security
Chapter 1: Introduction to cyber security
- Basic concepts of cyber security
- Types of threats and attacks
- Roles and responsibilities of the SOC Analyst
Chapter 2: Monitoring and detection
- Real-time monitoring of logs and events
- Anomaly detection
- Correlation of events
Module 2: Threat analysis
Chapter 3: Threat Analysis
- Assessment of security incidents
- Collection of forensic data
- Malware analysis
Chapter 4: Tools and Technologies
- Use of SIEM (Security Information and Event Management) tools
- Network packet analysis with Wireshark
- Use of vulnerability analysis tools
Module 3: Incident response
Chapter 5: Security Incident Management
- Incident response planning
- Coordination of response teams
- Communication in the event of an incident
Chapter 6: Containment and eradication
- Insulation of compromised systems
- Eliminating threats
- System restoration
Module 4: Prevention and continuous improvement
Chapter 7: Threat prevention
- Updating security policies
- Configuring secure systems
- Safety awareness
Chapter 8: Continuous improvement
- Post-incident analysis
- Documentation of incidents
- Updating safety procedures and policies
Practical Exercises And Training Scenarios
- Security incident simulations
- Analysis of real cases
- Writing incident reports
Element no. 5
GRC Consultant pathway
The GRC (Governance Risk Compliance) Consultant programme consists of the following modules:
Module 1: Introduction to CRM
Chapter 1: Introduction to Governance, Risk and Compliance (GRC)
- ISO 31000: Risk management principles
- COSO: Integrated Framework for Risk Management and Internal Control
- RGPD (General Data Protection Regulation) : Data protection principles
Chapter 2: CRM reference frameworks
- Real-time monitoring of logs and events
- Anomaly detection
- Correlation of events
Module 2: Risk Management
Chapter 3: Risk identification and assessment
- Risk management methodologies
- Risk analysis and impact assessment
- Risk matrix
Chapter 4: Risk mitigation
- Risk reduction strategies
- Business Continuity Planning (BCP)
- Insurance and risk transfer
Module 3: Compliance and compliance management
Chapter 5: Regulatory compliance
- Roles of regulatory compliance
- Monitoring regulatory developments
- Consequences of non-compliance
Chapter 6: Compliance management programme
- Drawing up a compliance programme
- Compliance monitoring and reporting (creation or drafting of a report)
- Internal and external compliance audits
Module 4: Corporate governance and ethics
Chapter 7: Corporate governance
- Corporate governance models
- Board of Directors and Governance Committees
- Transparency and responsibility
Chapter 8: Ethics in business
- Codes of conduct and ethical policies
- Raising awareness of ethics
- Managing ethical breaches
Practical exercises and case studies
- Crisis management scenarios in GRC
- Case studies of success and failure in CRM
- Presentation of the results of a GRC assessment
Cybersecurity Consultant pathway
The Cybersecurity Consultant programme consists of the following modules:
Module 1
Chapter 1: Introduction to cyber security
- The challenges of information systems security: what is at stake, why are hackers interested in information systems, the new cybersecurity economy?
- Security requirements, basic concepts and vocabulary
- An overview of some of the threats
- Examples of known attacks and their modus operandi
- The different types of malware
Chapter 2: The basics of digital security
- Detection of phishing attempts
- Identification of unwanted or dangerous e-mails
- Safe Internet browsing
- Controlling personal data and browsing information
- Generation of strong passwords
- Online privacy protection
- Managing your e-reputation
- Data encryption
- Protecting your computer
- Safety precautions
Module 2
Chapter 3: Network traffic translation and filtering
- The TCP/IP protocol stack
- The different IP address translation mechanisms (NAT, PAT)
- Lifetime access control of access lists (ACL)
Chapter 4: Firewalls and security architectures
- Secure operating systems
- Vulnerability management
- System hardening
Chapter 5: VPN, IDS/IPS and Wireless Network Security
- IDS/IPS intrusion detection systems
- Virtual private networks (VPNs)
- Wireless network security
Module 3
Chapter 6: Exchange security and cryptography
- Cryptography requirements
- Symmetric and asymmetric cryptosystems
- Hash functions
- Public Key Infrastructure PKI
- Electronic certificates and validation protocols
- The digital signatureThe SSL protocol
Chapter 7: Fundamental Concepts of Application Security and OWASP
- What is application security?
- Statistics and trends in web-related vulnerabilities and their impact
- The new security perimeter
- Presentation of OWASP
- The major risks of Web applications according to OWASP
- Injection attacks (command injection, SQL injection, LDAP injection, XXE, etc.)
- Attacks involving breaches of authentication and access control
- Poor security configurations and inadequate monitoring and logging
- Exposure of sensitive data
- Cross Site Scripting" or XSS attacks
- The use of components with known vulnerabilities
- Insecure de-serialization attacks
- Other OWASP tools: OWASP Application Security Guide, OWASP Cheat Sheets, OWASP ASVS, OWASP Dependency Check, OWASP ZAP, OWASP ModSecurity, etc.
Module 4
Chapter 8: Managing cyber security within an organisation
- Integrating security within an organisation and in projects: overview of ISO 2700X standards, information security management system (ISO 27001), code of good practice for information security management (ISO 27002), risk management (ISO 27005), information classification, human resources management, etc.
- Integrating security into projects: security throughout a project's lifecycle, risk analysis and treatment approach and SSI action plan
- Difficulties associated with taking safety into account: insufficient understanding of the issues, need for management involvement, difficulties in making choices in complete confidence, delicate trade-off between convenience and safety, blurred boundaries between professional, public and private spheres, etc.
- Jobs related to cyber security
Chapter 9: The challenges and risks associated with personal data management
- The concept of privacy
- The footprints left by your data
- Data access control
- Protection of data transfer over networks
- The legal framework
- Exploring the RGPD
Cloud Security Consultant pathway
The Cloud Security Consultant programme consists of the following modules:
Module 1: Fundamentals of information systems and cloud security
- Introducing the Cloud
- Definition
- The advantages of the Cloud
- The Cloud: a new business strategy
- A new approach to outsourcing
- Private cloud vs. public cloud
- Market overview
- Threats and risks
- Risks associated with loss of control over the information system
- Risks associated with remote intervention
- Risks associated with shared hosting
Module 2: The main threats from the cloud
- Threats to conidentialité data
- Social engineering
- Overview of attacks on the Cloud
- Key figures
- Taking security into account in the Cloud
- Principles and procedures
- Measuring risks and setting safety targets
- Choice of service provider
- The safety assurance plan
- Objectives of the document
- Description and design principles
- Safety clauses
- Presentation
- Drafting principles
- Case studies
Datacenter Security Consultant
The Datacenter Security Consultant programme consists of the following modules:
Module 1 - Introduction: Datacenter Security and Risk Management
- Specific issues and challenges relating to the security of assets and people in computer rooms
- IT operational security vs. building security: complementary approaches
- The contribution of MoR (Management of Risks) to data centre security
- Principles for assessing and dealing with safety risks in accordance with EN 50600
- Protection classes EN 50600
- Continuous improvement of a security risk management strategy
Module 2 - Preamble: Geographical location of the data centre
- Operational site requirements
- Overview of external risks
- Recommendations and decision-making parameters
Module 3 - Intrusion and malicious act prevention
- Risks associated with the presence of unsolicited personnel
- Application of EN50600 protection classes to the access authorisation strategy
- Theoretical models of physical protection
- Surveillance and general protection of the building
- Vehicle and delivery management
- Prevent, detect, delay and neutralise intrusions
- Technical access management (TAM)
- Video surveillance (VSS) in the computer room
- Standards and regulations applicable to control and surveillance techniques
- Good operating practices to limit intrusions, malicious acts and negligence
Module 4 - Firefighting
- Theoretical background: the fire tetrahedron
- Categorising the risks and damage caused by fires
- Standards and regulations applicable to fire risk management
- Application of EN50600 protection classes to fire protection strategy
- Fire safety plan
- Fire risk prevention measures: good design and operating practices
- Compartmentalisation measures: limiting the impact of potential fires
- Fire detection strategy and systems: identify and warn as early as possible
- Strategy and fixed fire extinguishing systems: protecting assets in the hall and the health of operators
- Portable fire-fighting equipment
- Impact of the fire extinguishing strategy on building structures
Module 5 - Prevention And Reduction Of The Impact Of The Risk Of Electrical Accidents
- Reminder of power distribution in computer rooms: topology and protection measures
- Earthing and bonding: principles, objectives and complementarity
- Earthing and bonding: installation techniques
- Training employees who have to handle high-voltage power
- Power supply emergency stop devices
- Standards and regulations applicable to the protection of persons against electrical risks
Module 6 - Combating Environmental Risks
- Qualification of environmental risks
- Application of EN50600 protection classes to the environmental risk protection strategy
- Electromagnetic risk management
- Notions of particle and molecular pollution risk management (for a more in-depth look at this subject, we offer the dedicated course "MQA - Maîtrise de la Qualité de l'Air en salle informatique")
- Geological risk management
Module 7 - Room signalling and emergency lighting
- Emergency signalling in computer rooms: best practice for implementation
- Normal, replacement and emergency lighting
- Implementation of lighting in the different areas of the Datacenter
- Standards and regulations applicable to signage
Module 8 - Structural Capacity Management
- Floor load management: floor and sub-floor specifications
- Good design practice and reinforcement methods
- Weight distribution in bays, good operating practices
- Management of ceiling hanging capacity
- Adapting the computer room and data centre to earthquake risk
- Standards and regulations applicable to design
System and network security - The basics
The Systems and Network Security Consultant programme consists of the following modules:
Module 1 - The environment
- The scope (networks, operating systems, applications)
- The players (hackers, security managers, auditors, vendors and publishers)
- Technology watch
- Official bodies
Module 2 - Attack techniques
- Attack scenarios
- Attacks on network protocols
- Vulnerabilities in Web, VoIP, chat ...
- Vandal coding: viruses, worms and Trojan horses
Module 3 - Network Security; Firewall, WAF, Proxy, NAC
- Station access to corporate and organisational networks, 802.1X, NAC
- The different types of firewall
- Filtering rules
- The rules of address translation (NAT)
- Setting up a demilitarised zone (DMZ)
- Detection and monitoring with iDS
- Integrating a firewall into the corporate network and organisation
- Log file management and analysis
Module 4 - Operating System Security
- Hardening Windows
- The hardening of Unix/Linux
- Hardening for nomads: IOS / Android
Module 5 - Application Security With Example Architectures
- Web servers and clients
- Electronic messaging
- VoIP IPbx and telephones
Module 6 - Exchange Security, Cryptography
- Symmetrical algorithms
- Asymmetric algorithms
- Hashing algorithms
- Authentication methods (pap, chap, Kerberos)
- HMAC and the electronic signature
- Certificates and PKI
- SSL IPSEC S/MIME protocols
- Site-to-site and nomad VPNs
Introduction to IT security
10-day cycle - 70h
Module 1: Introduction to IT security (1-day course - 7 hours)
- Threats and risks
- What is IT security?
- How can negligence create a disaster?
- Everyone's responsibilities.
- IS architecture and potential vulnerabilities.
- Company networks (local, remote, Internet).
- - Wireless networks and mobility. High-risk applications: Web, messaging, etc.
- The database and file system. Threats and risks.
- The sociology of pirates. Underground networks. Motivations.
- Workstation safety
- Confidentiality, signature and integrity. Encryption constraints.
- The different cryptographic elements. Windows, Linux or MAC OS: which is the most secure?
- Management of sensitive data. Laptop issues.
- The different threats to the client workstation? Understanding malicious code.
- How do you manage security breaches?
- USB ports. The role of the client firewall.
- The authentication process
- Access controls: authentication and authorisation.
- The importance of authentication.
- The traditional password. - Certificate and token authentication.
- Remote connection via the Internet.
- What is a VPN?
- Why use strong authentication?
Module 2: The fundamentals of IS security (3 days - 21h)
- Risk management and safety objectives
- The definition of risk and its characteristics: potential, impact, seriousness.
- The different types of risk: accident, error, malicious intent.
- DIC classification: Availability, Integrity and Confidentiality of information.
- Risk management countermeasures: prevention, protection, risk transfer, outsourcing.
- The definition of risk and its characteristics: potential, impact, seriousness.
- The different types of risk: accident, error, malicious intent.
- DIC classification: Availability, Integrity and Confidentiality of information.
- Risk management countermeasures: prevention, protection, risk transfer, outsourcing.
- The CISO's job
- What are the role and responsibilities of the IS Security Manager?
- Towards a safety organisation, the role of the Assets Owners.
- How to implement optimal management of the means and resources allocated.
- The Risk Manager in the company, his role in relation to the IS Security Manager.
- Standards and regulations
- SOX, COSO and COBIT regulations. What for? For whom?
- Towards Information System Governance. Links with ITIL and CMMI.
- The ISO 27001 standard in an information security management system approach.
- Links with ISO 15408: common criteria, ITSEC, TCSEC.
- The benefits of ISO 27001 certification for organisations.
- Analysis of IT risks
- How to set up a risk identification and classification process.
- Operational, physical and logical risks.
- How can you build up your own knowledge base of threats and vulnerabilities?
- Methods and standards: EBIOS (Expression of Requirements and Identification of Security Objectives)/FEROS, MEHARI.
- The risk analysis approach within the framework of ISO 27001, the PDCA (Plan, Do, Check, Act) approach.
- What are the contributions of the ISO 27005 standard and changes to French methods?
- From risk assessment to risk management: best practice.
- The safety audit process
- A continuous and comprehensive process.
- Audit categories, from organisational audits to penetration tests.
- 19011 best practice applied to safety.
- How do you create an internal audit programme? How do you qualify your auditors?
- Comparative contributions, recursive approach, human implications.
- Safety awareness: who? Who? What? How?
- Definitions of Morality/Deontology/Ethics.
- The safety charter, its legal existence, content and validation.
- The emergency plan and the cost of safety
- Risk coverage and continuity strategy.
- The importance of contingency, continuity, recovery and crisis management plans, PCA/PRA, PSI, RTO/RPO.
- Developing a continuity plan and integrating it into a quality approach.
- How to define safety budgets.
- The definition of Return On Security Investment (ROSI).
- What are the cost evaluation techniques, the different calculation methods and the Total Cost of Ownership (TCO)?
- The Anglo-Saxon concept of the "Payback Period".
- Security solutions and architectures
- Selection process for appropriate security solutions for each action.
- Definition of a target architecture.
- ISO 15408 as a selection criterion.
- Content control as a necessity.
- How do you deploy a PKI project? Pitfalls to avoid.
- Authentication techniques, SSO projects, identity federation.
- The security approach in IS projects, the ideal PDCA cycle.
- Safety supervision
- How to set up a risk management approach: facts, certainties...
- What are the key indicators and dashboards? Moving towards an ISO and PDCA approach.
- Outsourcing: what are the benefits and what are the limits?
- Legal aspects
- Reminder, definition of the Automatic Data Processing System (ADPS).
- Types of infringement, the European context, the LCEN law.
- What are the legal risks for the company, its managers and the CISO?
- Good practice
- Protection of personal data, penalties for non-compliance.
- The use of biometrics in France.
- Cybersurveillance of employees: limits and legal constraints.
- Employee rights and employer sanctions
Module 3: Security in cyberspace ( 3 days - 21h )
- Cyberspace and information security
- Principles of security: defence in depth, security policy.
- Fundamental concepts: risk, asset, threat, etc.
- Risk management methods (ISO 27005, EBIOS, MEHARI). Overview of ISO 2700x standards.
- The evolution of cybercrime. Identifying threat agents.
- New threats (APT, spear phishing, watering holes, exploit kits, etc.).
- Software security flaws.
- The course of a cyber attack (NIST).
- 0day vulnerabilities, 0day exploits and exploitation kits.
- Firewalls, virtualisation and cloud computing
- Principles of security: defence in depth, security policy.
- Fundamental concepts: risk, asset, threat, etc.
- Risk management methods (ISO 27005, EBIOS, MEHARI). Overview of ISO 2700x standards.
- The evolution of cybercrime. Identifying threat agents.
- New threats (APT, spear phishing, watering holes, exploit kits, etc.).
- Software security flaws.
- The course of a cyber attack (NIST).
- 0day vulnerabilities, 0day exploits and exploitation kits.
- Client workstation security
- Threats to client workstations.
- The role of the personal firewall and its limitations.
- Anti-virus/anti-spyware software.
- Security patches on client workstations.
- Secure removable devices.
- Cisco NAC, Microsoft NAP client compliance check.
- Browser and plug-in vulnerabilities.
- The basics of cryptography
- The main constraints on use and legislation in France and around the world.
- Cryptographic techniques.
- Public and symmetric key algorithms.
- Hash functions. - Public key architectures.
- NSA and GCHQ cryptanalysis programmes.
- The user authentication process
- Biometric authentication and the legal aspects.
- Challenge/response authentication.
- Techniques for stealing passwords, brute force, entropy of secrets.
- Strong authentication.
- Smart card and X509 client certificate authentication.
- 3A" architecture: SSO concept, Kerberos.
- IAM platforms.
- Identity federation via social network APIs.
- Identity federation for the enterprise and the Cloud.
- Trade security
- SSL Crypto API and developments from SSL v2 to TLS v1.3.
- Attacks on SSL/TLS protocols and HTTPS flows.
- Hardware key containment, FIPS-140-2 certification.
- Easily assess the security of an HTTPS server.
- The IPsec standard, AH and ESP modes, IKE and key management.
- Overcoming the problems between IPSec and NAT.
- SSL VPNs. What's the advantage over IPSec?
- Use of SSH and OpenSSH for secure remote administration.
- On-the-fly decryption of data flows: legal aspects.
- The security of wireless networks and mobile devices
- Specific WiFi attacks. How can Rogue APs be detected?
- Terminal security mechanisms.
- WEP vulnerabilities. Weaknesses in the RC4 algorithm.
- Description of risks.
- The IEEE 802.11i security standard. WLAN architecture.
- Authentication of users and terminals.
- WiFi authentication in the enterprise.
- Audit tools, free software, aircrack-ng, Netstumbler, WifiScanner...
- Threats and attacks on mobility.
- iOS, Android, Windows mobile: strengths and weaknesses.
- Viruses and malicious code on mobile phones.
- MDM and EMM solutions for fleet management.
- Software security
- Web and mobile applications: what are the differences in terms of security?
- The main risks according to OWASP.
- Focus on XSS, CSRF, SQL injection and session hijacking attacks.
- The main secure development methods.
- Security clauses in development contracts.
- The application firewall or WAF.
- How do you assess an application's level of security?
- The concepts of Security by Design and Privacy by Design - Security by design.
- The Security by Design approach to security assurance.
- The 7 fundamental principles of Privacy by Design.
- Privacy taken into account throughout the process.
- Safety supervision
- Safety dashboards.
- Security audits and penetration tests.
- The legal aspects of penetration testing.
- IDS probes, VDS scanner, WASS.
- How do you respond effectively to attacks?
- Record the evidence.
- Implement a SIEM solution.
- ANSSI labels (PASSI, PDIS & PRIS) for outsourcing.
- How do you react in the event of an intruder?
- Judicial expertise: the role of a judicial expert (in criminal or civil cases).
- Private legal expertise
Module 4: Cybersecurity, testing environments ( 3 days - 21h )
- Web attacks
- OWASP: organisation, chapters, Top10, manuals, tools.
- Discover the infrastructure and associated technologies, strengths and weaknesses.
- Client side: clickjacking, CSRF, cookie theft, XSS, components (Flash, Java). New vectors.
- Server side: authentication, session theft, injections (SQL, LDAP, files, commands).
- Inclusion of local and remote files, attacks and cryptographic vectors.
- Evasion and bypassing protection: example of WAF bypass techniques.
- Burp Suite, ZAP, Sqlmap, BeEF tools.
- Case studies: Presentation and familiarisation with environments and tools. Implementation of various Web attacks under real conditions on the server and client sides.
- Detecting intrusions
- Operating principles and detection methods.
- Market players, overview of the systems and applications involved.
- Network (Nmap) and application (Web applications) scanners.
- IDS (Intrusion Detection System).
- The advantages and limitations of these technologies.
- How should they be positioned in the enterprise architecture?
- Market overview, detailed study of SNORT.
- Case study: Presentation and familiarisation with the environments and tools. Installation, configuration and implementation of SNORT, writing attack signatures.
- Information gathering
- The heterogeneity of sources. What is a safety event?
- Security Event Information Management (SIEM). Events collected from the IS.
- Equipment system logs (firewalls, routers, servers, databases, etc.).
- Passive collection in listening mode and active collection.
- Case study: Log analysis approach. Geolocating an address. Correlating logs from different sources, viewing, sorting and searching for rules.