Weekend and Evening short Courses

Periods

Weekend
Evening

Fee

All courses are $50 each

October Weekend Classes (Day)

Time: 9am - 1pm

5th: Securing Operating Systems

The operating system is where many attacks are targeted, which makes OS-level security just as important to your organization as network security. In this course, instructor Lisa Bock details what’s actually involved in securing an operating system. Lisa reviews user authentication, the structure of Active Directory, and how to assign permissions and create audit policies. In addition, she covers various cryptographic techniques, as well as how to protect servers and email.

Learning Outcomes

In this one-day course You will learn the details of what’s actually involved in securing an operating system. You will review user authentication, the structure of Active Directory, and how to assign permissions and create audit policies. In addition, you will cover various cryptographic techniques, as well as how to protect servers and email.

 

Course Outline

Topic 1: Understanding User Authentication

Topic 2: System permissions

Topic 3: Understanding and implementing Audit policies

Topic 4: Protecting your server

Topic 5: Email protection

Topic 6: Understanding encryption

 

Target Audience

·         I.T practitioners

·         Top managers

·         Anyone interested in I.T security at organizational level.

Application/ Relevance of this course

·         This training will help you and your company understand how to protect operating systems so as to secure your organization.

6th: Cyber fraud and data breaches

·     Introduction to data protecting and information security

·     Risk of social media in the workplace

·     Managing risks of Bring Your Own Device Programs

·     Corporate espionage

Responding to data breaches

·     Introduction to legal elements (civil and criminal actions) of fraud

·     Constitution and common legal protections in the work place

·     Discovery

·     Evidence and how to present it in court

·     Testifying in courts of law

13th: Investigating on internet

This course will give you skills on how to locate evidence online using search engines, commercial databases and social networking sites. You will learn how to optimize online searches including advanced search functions and alternative search engines

·     Internet tools and legal issues

·     Maximizing the search

·     Investigating the social network environment

·     Handling evidence from online sources

Emerging trends in internet investigations

19th: Fraud risk assessment

This course will discuss numerous considerations that must be incorporated in the assessment process, how to apply the risk assessment framework and how to use the results of the assessment to boost success of the fraud risk management program.

·     Considerations for developing an effective fraud risk assessment

·     Preparing the organization for fraud risk assessment

·     Fraud risk assessment frameworks

Reporting the results of the fraud risk assessment.

20th: Introduction to Digital forensics

The increasing use and sophistication of hardware and operating systems allows computers systems to store more information about how people use their digital devices. This course will enable participants acquire knowledge and skills on how to seize, preserve and analyze digital evidence.

·    Locating and acquiring digital evidence

·    Imaging and processing digital data

26th: Computer Networks Fundamentals

In the world of computers, you have heard if the internet, network, routers, data, and many other terms that are commonly used, but deep down, you do not really understand, then this one-day eye opening course is for you. This course will introduce you to networking basics and you will be a professional at the end of the Training.

Course Outline

1.      Network Fundamentals

a)      Computer Network

b)      Types of Network

c)      Major Network Topologies

2.      Network Components

a)      Network Interface Card (NIC)

b)      Repeater

c)      Hub

d)      Switches

e)      Router

f)       Bridges

g)      Gateways

3.      TCP/IP Networking Basics

a)     Standard Network Models: OSI Model

b)     Standard Network Models: TCP/IP Model

c)      Comparing OSI and TCP/IP

4.      TCP/IP Protocol Stack

a)     Domain Name System (DNS)

b)     DNS Packet Format

c)     Transmission Control Protocol (TCP)

i.    TCP Header Format

ii.   TCP Services

iii.   TCP Operation

iv.   Three-way handshake

d)     User Datagram Protocol (UDP)

i.    UDP Operation

e)     IP Header

i.   IP Header: Protocol Field

ii.   What is Internet Protocol v6 (IPv6)?

iii.  IPv6 Header

f)       Internet Control Message Protocol (ICMP)

i.   Format of an ICMP Message

g)     Address Resolution Protocol (ARP)

i.  Ethernet

ii.  ARP Packet Format

iii.  Fiber Distributed Data Interface (FDDI)

iv.  Token Ring

5.      IP Addressing

a)      Classful IP Addressing

b)      Address Classes

c)      Reserved IP Address

d)      Subnet Masking

i.  Subnetting

ii.  Supernetting

e)      IPv6 Addressing

i.  Difference between IPv4 and IPv6

ii.  IPv4 compatible IPv6 Address

 

27th: Fraud risk assessment tool

This course will provide participants with skills to design a risk assessment process based on identified vulnerabilities of an organization.

·      Employee assessment

·      Management assessment

·      Physical controls assessment

Corruption and conflict of interest assessment

October Evening Classes

Time: 6pm - 8pm

1st: Understanding the mindset of a fraudster

This course will provide valuable insights /skills that will strengthen the organisations anti- fraud strategies and investigations successful

·      Understanding behaviours and motivations to commit fraud

·      The fraud triangle

·      Individual traits and fraudulent behavior

·      Using behavioural knowledge in your examination

·      Fraud prevention strategies

2nd and 3rd: Cyber fraud and data breaches

·     Introduction to data protecting and information security

·     Risk of social media in the workplace

·     Managing risks of Bring Your Own Device Programs

·     Corporate espionage

Responding to data breaches

·     Introduction to legal elements (civil and criminal actions) of fraud

·     Constitution and common legal protections in the work place

·     Discovery

·     Evidence and how to present it in court

·     Testifying in courts of law

9th and 10th: Investigating on internet

This course will give you skills on how to locate evidence online using search engines, commercial databases and social networking sites. You will learn how to optimize online searches including advanced search functions and alternative search engines

·     Internet tools and legal issues

·     Maximizing the search

·     Investigating the social network environment

·     Handling evidence from online sources

Emerging trends in internet investigations

14th and 15th: Fraud risk assessment

This course will discuss numerous considerations that must be incorporated in the assessment process, how to apply the risk assessment framework and how to use the results of the assessment to boost success of the fraud risk management program.

·     Considerations for developing an effective fraud risk assessment

·     Preparing the organization for fraud risk assessment

·     Fraud risk assessment frameworks

Reporting the results of the fraud risk assessment.

16th and 17th: Fraud risk assessment tool

This course will provide participants with skills to design a risk assessment process based on identified vulnerabilities of an organization.

·      Employee assessment

·      Management assessment

·      Physical controls assessment

Corruption and conflict of interest assessment

21st and 22nd: Computer Networks Fundamentals

In the world of computers, you have heard if the internet, network, routers, data, and many other terms that are commonly used, but deep down, you do not really understand, then this one-day eye opening course is for you. This course will introduce you to networking basics and you will be a professional at the end of the Training.

Course Outline

1.      Network Fundamentals

a)      Computer Network

b)      Types of Network

c)      Major Network Topologies

2.      Network Components

a)      Network Interface Card (NIC)

b)      Repeater

c)      Hub

d)      Switches

e)      Router

f)       Bridges

g)      Gateways

3.      TCP/IP Networking Basics

a)     Standard Network Models: OSI Model

b)     Standard Network Models: TCP/IP Model

c)      Comparing OSI and TCP/IP

4.      TCP/IP Protocol Stack

a)     Domain Name System (DNS)

b)     DNS Packet Format

c)     Transmission Control Protocol (TCP)

i.    TCP Header Format

ii.   TCP Services

iii.   TCP Operation

iv.   Three-way handshake

d)     User Datagram Protocol (UDP)

i.    UDP Operation

e)     IP Header

i.   IP Header: Protocol Field

ii.   What is Internet Protocol v6 (IPv6)?

iii.  IPv6 Header

f)       Internet Control Message Protocol (ICMP)

i.   Format of an ICMP Message

g)     Address Resolution Protocol (ARP)

i.  Ethernet

ii.  ARP Packet Format

iii.  Fiber Distributed Data Interface (FDDI)

iv.  Token Ring

5.      IP Addressing

a)      Classful IP Addressing

b)      Address Classes

c)      Reserved IP Address

d)      Subnet Masking

i.  Subnetting

ii.  Supernetting

e)      IPv6 Addressing

i.  Difference between IPv4 and IPv6

ii.  IPv4 compatible IPv6 Address

 

23rd and 24th: Introduction to Digital forensics

The increasing use and sophistication of hardware and operating systems allows computers systems to store more information about how people use their digital devices. This course will enable participants acquire knowledge and skills on how to seize, preserve and analyze digital evidence.

·    Locating and acquiring digital evidence

·    Imaging and processing digital data

28th and 29th: Networks Security Threats and Attacks
You have heard a number of times about I.T security threats, hacks, phishing and data breaches, and you may be one of the people that feel safe and imagine that it cannot happen to them. This one-day course is aimed at practically showing you how malicious attackers get into your computers and phones to steal critical information. Course Outline 1.      Essential terminologies

a)      Threats

b)      Vulnerabilities

c)      Attacks

2.      Network security Vulnerabilities

a)     Types of Network Security Vulnerabilities

b)     Technological Vulnerabilities

c)      Configuration Vulnerabilities

d)     Security policy Vulnerabilities

e)     Types of Network Security Attacks

3.      Network Reconnaissance Attacks

a)     Reconnaissance Attacks

·   Ping Sweep

·   DNS Footprinting

·   Network Range Discovery

·   Network Topology Identification

·   Network Information Extraction using Nmap

·   Port Scanning

·   Social Engineering Attacks

4.    Network Access Attacks

a)   Password attacks

b)   Password attack techniques

·   Dictionary Attack

·   Brute Forcing Attacks

·   Hybrid Attack

·   Birthday Attack

·   Rainbow Table Attack

c)    Man-in-the-Middle Attacks

d)    DNS Poisoning

e)    ARP Poisoning

5.   Denial of Service (DoS) Attack 6.   Malware attacks
30th and 31st: Developing anti-fraud controls and using automated continuous Monitoring tools
  • Types of automated tests
  • Data analytics that can be used to help identify potential fraud.

November weekend Classes (Day)

Time: 9am - 1pm

2nd: Computer Networks Fundamentals

In the world of computers, you have heard if the internet, network, routers, data, and many other terms that are commonly used, but deep down, you do not really understand, then this one-day eye opening course is for you. This course will introduce you to networking basics and you will be a professional at the end of the Training.

Course Outline

1.    Network Fundamentals

a)   Computer Network

b)   Types of Network

c)   Major Network Topologies

2.   Network Components

a)   Network Interface Card (NIC)

b)   Repeater

c)   Hub

d)   Switches

e)   Router

f)    Bridges

g)   Gateways

3.    TCP/IP Networking Basics

a)  Standard Network Models: OSI Model

b)  Standard Network Models: TCP/IP Model

c)   Comparing OSI and TCP/IP

4.    TCP/IP Protocol Stack

a)  Domain Name System (DNS)

b)  DNS Packet Format

c)   Transmission Control Protocol (TCP)

i.   TCP Header Format

ii.  TCP Services

iii. TCP Operation

iv.  Three-way handshake

d)   User Datagram Protocol (UDP)

i.   UDP Operation

e)   IP Header

 i.  IP Header: Protocol Field

ii.  What is Internet Protocol v6 (IPv6)?

iii.  IPv6 Header

f)    Internet Control Message Protocol (ICMP)

 i.   Format of an ICMP Message

g)    Address Resolution Protocol (ARP)

i.    Ethernet

ii.   ARP Packet Format

iii.  Fiber Distributed Data Interface (FDDI)

iv.  Token Ring

5.   IP Addressing

a)   Classful IP Addressing

b)   Address Classes

c)   Reserved IP Address

d)   Subnet Masking

i.    Subnetting

ii.   Supernetting

e)   IPv6 Addressing

i.   Difference between IPv4 and IPv6

ii.  IPv4 compatible IPv6 Address

3rd: Developing anti-fraud controls and using automated continuous Monitoring tools
  • Types of automated tests
  • Data analytics that can be used to help identify potential fraud.
9th: Network security controls

As more and more organizations world wide face catastrophic data breaches, hacks and malware infections, its imperative that network administrators and users in general learn about how to set up effective security controls to reduce the impact of a security breach to daily system operations.

Course Outline

1.      Fundamentals of network security

a)       Network Security Controls

b)      Network Security Protocols

c)       Network Security Perimeter Appliances

2.      Network security Controls

a)     Access Control

b)     Types of Access Control

c)      Network access control

3.      User Identification, Verification, Permission and Accountability

a)       Password Authentication

b)      Two-factor Authentication

c)       Biometrics

d)      Smart Card Authentication

e)      Single Sign-on (SSO)

4.      Types of Authorization systems

a)       Centralized Authorization

b)      Implicit Authorization

c)       Decentralized Authorization

d)      Explicit Authorization

5.      Principles of authorization

a)       Least privilege

b)      Separation of duties

6.      Network Security devices

a)       Firewalls

b)      DMZ

c)       Virtual Private Network (VPN)

d)      Proxy Server

7.      Intrusion Detection System (IDS)

8.      Intrusion Prevention System (IPS)

9.      IDS/IPS Solutions

10th: Writing a fraud investigation report

Communicating findings is an important part of fraud examination, and the best way is to provide an investigation report. Written reports provide not only a record of the investigation results but also shows credibility for your work.

·   Assessing the audience and planning a report

·   Report formats, components, use of visual aids

·   Legal considerations in report writing

Improving writing skills

16th: Data backup and recovery

In the normal course of business, we are bound to face very many challenges, and in a digital world, the worst that can happen is a loss of data, which may be as a result of encryption by a ransomware, accidental deletion or hard drive corruption. This course aims at giving you the knowledge to backup and recover your data incase any of the above happens.

Course Outline

  1. Introduction to Data Backup
    Backup Strategy/Plan
    · Identifying Critical Business Data
    · Selecting Backup Media
  2. RAID (Redundant Array Of Independent Disks) Technology
    Advantages/Disadvantages of RAID systems
    · RAID Storage Architecture
    · RAID Level 0: Disk Striping
    · RAID Level 1: Disk Mirroring
    · RAID Level 3: Disk Striping with Parity
    · RAID Level 5: Block Interleaved Distributed Parity
    · RAID Level 10: Blocks Striped and Mirrored
    · RAID Level 50: Mirroring and Striping across Multiple RAID Levels
    · Selecting Appropriate RAID Levels
    · Hardware and Software RAIDs
    · RAID Usage Best Practices
  3. Storage Area Network (SAN)
    Advantages of SAN
    · SAN Backup Best Practices
    · SAN Data Storage and Backup Management Tools
  4. Network Attached Storage (NAS)
    Types of NAS Implementation
  • Integrated NAS System
  • Gateway NAS System
  1. Selecting Appropriate Backup Method
    Hot Backup (Online)
    · Cold Backup (Offline)
    · Warm Backup (Nearline)
  2. Choosing the Right Location for Backup
    Onsite Data Backup
    · Offsite Data Backup
    · Cloud Data Backup
  3. Backup Types
    Full/Normal Data Backup
    · Differential Data Backup
    · Incremental Data Backup
    · Backup Types Advantages and Disadvantages
    · Choosing Right Backup Solution
    · Data Backup Software: AOMEI Backupper
  • Data Backup Tools for Windows
  • Data Backup Tools for MAC OS X
  1. Conducting Recovery Drill Test
  2. Data Recovery
  3. Windows Data Recovery Tool
    Recover My Files
    · EASEUS Data Recovery Wizard
    · PC INSPECTOR File Recovery
    · Data Recovery Tools for MAC OS X
  4. RAID Data Recovery Services
  5. SAN Data Recovery Software
  6. NAS Data Recovery Services
17th: Interviewing skills

This course will provide you with skills on how to be more effective in asking questions, while evaluating both verbal and non-verbal responses to uncover the truth during interviewing of suspects.

·   Preparing for the interview

·   The interviewing process

·   Types of interviews/questions

Legal elements of interviewing

23rd: VPN Configuration and Management

In 2018, the parliament of Uganda passed a law that enabled the collection of Social Media tax. In a show of defiance, many Ugandans decided to adopt the use of Virtual Private Networks (VPN’s). Almost a year later, over 95% of Ugandans still don’t understand how VPN networks actually operate. This course aims to bridge that knowledge gap.

Course Outline

1.  Understanding Virtual Private Network (VPN)

2.  How VPN works?

3.  Why to Establish VPN?

4.  VPN Components

· VPN Client
· Tunnel Terminating Device
· Network Access Server (NAS)
· VPN Protocol

5.  VPN Concentrators

· Functions of VPN Concentrator

6.  Types of VPN

· Client-to-site (Remote-access) VPNs
· Site-to-Site VPNs
· Establishing Connections with VPN

7.  VPN Categories

· Hardware VPNs

o   Hardware VPN Products

·     Software VPNs

o Software VPN Products

8.  Selecting Appropriate VPN

9.  VPN Core Functions

· Encapsulation
· Encryption
· Authentication

10.  VPN Technologies

11.  VPN Topologies

· Hub-and-Spoke VPN Topology
· Point-to-Point VPN Topology
· Full Mesh VPN Topology
· Star Topology

12.  Common VPN Flaws

· VPN Fingerprinting
· Insecure Storage of Authentication Credentials by VPN Clients
· Username Enumeration Vulnerabilities
· Offline Password Cracking
· Man- in- the Middle Attacks
· Lack of Account Lockout
· Poor Default Configurations
· Poor Guidance and Documentation

13.  VPN Security

· Firewalls
· VPN Encryption and Security Protocols

o   Symmetric Encryption

o   Asymmetric Encryption

·     Authentication for VPN Access

o   VPN Security: IPsec Server

o   AAA Server

·     Connection to VPN: SSH and PPP

·     Connection to VPN: Concentrator

·     VPN Security – Radius

14.  Quality of Service and Performance in VPNs

· Improving VPN Speed
· Quality of Service (QOS) in VPNs

 

24th: Contract and procurement fraud

With the increasing mandatory contracting and outsourcing of goods and services by government ministries, directorates and agencies, and other organizations, procurement process has been marred by the highest incidences of reported frauds (bribery & corruption). This course will provide the best skills and practices for preventing, detecting and investigating contract and procurement fraud.

·   The procurement process
·  Legal elements of procurement fraud
·   Detection and prevention
·  Investigating procurement frauds

 

·   Common procurement fraud schemes

30th: Cyber Security for Cloud Computing Training

As more and more organizations embrace cloud computing, a demand to keep your organization’s files, applications, and accounts safe has come up.

In this course, we outline the major cloud security risks, some of which have resulted in service disruptions and show how to plan for and minimize risk when it comes to your own cloud deployments.

Learning Outcomes

In this one-day course You will learn new concepts such as software as a service (SaaS) and infrastructure as a service, and the differences between public and private clouds. Then after, you will review the cloud security best practices.

Course Outline

Topic 1: Cloud security fundamentals

Topic 2: Setting up your Cloud security

Topic 3: Cloud security architecture

 

Target Audience

·         I.T practitioners

·         Top managers

·         Anyone interested in cloud security at organizational level.

Application/ Relevance of this course

·         This training will help you and your company to secure your files as you use cloud computing.

November Evening Classes

Time: 6pm - 8pm

4th and 5th: Network security controls

As more and more organizations world wide face catastrophic data breaches, hacks and malware infections, its imperative that network administrators and users in general learn about how to set up effective security controls to reduce the impact of a security breach to daily system operations.

Course Outline

1.      Fundamentals of network security

a)       Network Security Controls

b)      Network Security Protocols

c)       Network Security Perimeter Appliances

2.      Network security Controls

a)     Access Control

b)     Types of Access Control

c)      Network access control

3.      User Identification, Verification, Permission and Accountability

a)       Password Authentication

b)      Two-factor Authentication

c)       Biometrics

d)      Smart Card Authentication

e)      Single Sign-on (SSO)

4.      Types of Authorization systems

a)       Centralized Authorization

b)      Implicit Authorization

c)       Decentralized Authorization

d)      Explicit Authorization

5.      Principles of authorization

a)       Least privilege

b)      Separation of duties

6.      Network Security devices

a)       Firewalls

b)      DMZ

c)       Virtual Private Network (VPN)

d)      Proxy Server

7.      Intrusion Detection System (IDS)

8.      Intrusion Prevention System (IPS)

9.      IDS/IPS Solutions

6th and 7th: Data backup and recovery

In the normal course of business, we are bound to face very many challenges, and in a digital world, the worst that can happen is a loss of data, which may be as a result of encryption by a ransomware, accidental deletion or hard drive corruption. This course aims at giving you the knowledge to backup and recover your data incase any of the above happens.

Course Outline

  1. Introduction to Data Backup
    · Backup Strategy/Plan
    · Identifying Critical Business Data
    · Selecting Backup Media
  2. RAID (Redundant Array Of Independent Disks) Technology
    · Advantages/Disadvantages of RAID systems
    · RAID Storage Architecture
    · RAID Level 0: Disk Striping
    · RAID Level 1: Disk Mirroring
    · RAID Level 3: Disk Striping with Parity
    · RAID Level 5: Block Interleaved Distributed Parity
    · RAID Level 10: Blocks Striped and Mirrored
    · RAID Level 50: Mirroring and Striping across Multiple RAID Levels
    · Selecting Appropriate RAID Levels
    · Hardware and Software RAIDs
    · RAID Usage Best Practices
  3. Storage Area Network (SAN)
    · Advantages of SAN
    · SAN Backup Best Practices
    · SAN Data Storage and Backup Management Tools
  4. Network Attached Storage (NAS)
    · Types of NAS Implementation
    o   Integrated NAS System
    o   Gateway NAS System
  5. Selecting Appropriate Backup Method

· Hot Backup (Online)
· Cold Backup (Offline)
· Warm Backup (Nearline)

6.   Choosing the Right Location for Backup

· Onsite Data Backup
· Offsite Data Backup
· Cloud Data Backup

7.      Backup Types

· Full/Normal Data Backup
· Differential Data Backup
· Incremental Data Backup
· Backup Types Advantages and Disadvantages
· Choosing Right Backup Solution
· Data Backup Software: AOMEI Backupper

o   Data Backup Tools for Windows

o   Data Backup Tools for MAC OS X

8.      Conducting Recovery Drill Test

9.      Data Recovery

10.  Windows Data Recovery Tool

· Recover My Files
· EASEUS Data Recovery Wizard
· PC INSPECTOR File Recovery
· Data Recovery Tools for MAC OS X

11.  RAID Data Recovery Services

12.  SAN Data Recovery Software

13.  NAS Data Recovery Services

11th and 12th: Writing a fraud investigation report

Communicating findings is an important part of fraud examination, and the best way is to provide an investigation report. Written reports provide not only a record of the investigation results but also shows credibility for your work.

·   Assessing the audience and planning a report

·   Report formats, components, use of visual aids

·   Legal considerations in report writing

Improving writing skills

13th and 14th: Interviewing skills

This course will provide you with skills on how to be more effective in asking questions, while evaluating both verbal and non-verbal responses to uncover the truth during interviewing of suspects.

·   Preparing for the interview

·   The interviewing process

·   Types of interviews/questions

Legal elements of interviewing

18th and 19th: VPN Configuration and Management

In 2018, the parliament of Uganda passed a law that enabled the collection of Social Media tax. In a show of defiance, many Ugandans decided to adopt the use of Virtual Private Networks (VPN’s). Almost a year later, over 95% of Ugandans still don’t understand how VPN networks actually operate. This course aims to bridge that knowledge gap.

Course Outline

1.  Understanding Virtual Private Network (VPN)

2.  How VPN works?

3.  Why to Establish VPN?

4.  VPN Components

· VPN Client
· Tunnel Terminating Device
· Network Access Server (NAS)
· VPN Protocol

5.  VPN Concentrators

· Functions of VPN Concentrator

6.  Types of VPN

· Client-to-site (Remote-access) VPNs
· Site-to-Site VPNs
· Establishing Connections with VPN

7.  VPN Categories

· Hardware VPNs

o   Hardware VPN Products

·     Software VPNs

o Software VPN Products

8.  Selecting Appropriate VPN

9.  VPN Core Functions

· Encapsulation
· Encryption
· Authentication

10.  VPN Technologies

11.  VPN Topologies

· Hub-and-Spoke VPN Topology
· Point-to-Point VPN Topology
· Full Mesh VPN Topology
· Star Topology

12.  Common VPN Flaws

· VPN Fingerprinting
· Insecure Storage of Authentication Credentials by VPN Clients
· Username Enumeration Vulnerabilities
· Offline Password Cracking
· Man- in- the Middle Attacks
· Lack of Account Lockout
· Poor Default Configurations
· Poor Guidance and Documentation

13.  VPN Security

· Firewalls
· VPN Encryption and Security Protocols

o   Symmetric Encryption

o   Asymmetric Encryption

·     Authentication for VPN Access

o   VPN Security: IPsec Server

o   AAA Server

·     Connection to VPN: SSH and PPP

·     Connection to VPN: Concentrator

·     VPN Security – Radius

14.  Quality of Service and Performance in VPNs

· Improving VPN Speed
· Quality of Service (QOS) in VPNs

 

20th and 21st: Cyber Security for Cloud Computing Training

As more and more organizations embrace cloud computing, a demand to keep your organization’s files, applications, and accounts safe has come up.

In this course, we outline the major cloud security risks, some of which have resulted in service disruptions and show how to plan for and minimize risk when it comes to your own cloud deployments.

Learning Outcomes

In this one-day course You will learn new concepts such as software as a service (SaaS) and infrastructure as a service, and the differences between public and private clouds. Then after, you will review the cloud security best practices.

Course Outline

Topic 1: Cloud security fundamentals

Topic 2: Setting up your Cloud security

Topic 3: Cloud security architecture

 

Target Audience

·         I.T practitioners

·         Top managers

·         Anyone interested in cloud security at organizational level.

Application/ Relevance of this course

·         This training will help you and your company to secure your files as you use cloud computing.

25th and 26th: Contract and procurement fraud

With the increasing mandatory contracting and outsourcing of goods and services by government ministries, directorates and agencies, and other organizations, procurement process has been marred by the highest incidences of reported frauds (bribery & corruption). This course will provide the best skills and practices for preventing, detecting and investigating contract and procurement fraud.

·   The procurement process
·  Legal elements of procurement fraud
·   Detection and prevention
·  Investigating procurement frauds

 

·   Common procurement fraud schemes

27th and 28th: Developing a fraud risk management program

This course will provide skills on how to set up program objectives, define the risk appetite, steps involved and program components

December Weekend Classes

Time: 9am - 1pm

1st: Developing a fraud risk management program

This course will provide skills on how to set up program objectives, define the risk appetite, steps involved and program components

7th: Mobile Device Security

In a world where smartphones store gigabytes of personally identifiable information, human negligence remains the single biggest threat to the security of your personal and corporate information. Not taking the cybersecurity precautions covered in this course when you use a smartphone has become riskier than ever. Most at risk are Board members and top management executives whose mobile devices receive and store mission critical and confidential information.

All it takes is one wrong tap on your mobile device for you to become a victim of identity theft or fraud. This course covers everything you need to know about mobile security to protect you from cyber criminals and on-line crime.

Learning Outcomes

This one-day course is aimed at exploring the two dominant mobile operating systems, Android and iOS. You will see ways to protect devices through analysis and testing, review the basics of mobile OS models, the tools you need for testing, and the techniques for detecting and preventing the majority of security flaws.

Course Outline

Topic 1: Introduction to Mobile Cyber Security

Topic 2: Mobile technology threats and vulnerabilities

Topic 3: Android OS vulnerabilities and threats deep dive

Topic 4: iOS vulnerabilities and threats in detail

Topic 5: Mobile Security Best practices

Target Audience

·         I.T practitioners

·         Top managers

·         Anyone interested in securing mobile phones

Application/ Relevance of this course

·         This training will help you and your company to understand the threats posed by the mobile phones we use and how to mitigate these threats.

8th: Understanding the mindset of a fraudster

This course will provide valuable insights /skills that will strengthen the organisations anti- fraud strategies and investigations successful

·      Understanding behaviours and motivations to commit fraud

·      The fraud triangle

·      Individual traits and fraudulent behavior

·      Using behavioural knowledge in your examination

·      Fraud prevention strategies

14th: Securing Operating Systems

The operating system is where many attacks are targeted, which makes OS-level security just as important to your organization as network security. In this course, instructor Lisa Bock details what’s actually involved in securing an operating system. Lisa reviews user authentication, the structure of Active Directory, and how to assign permissions and create audit policies. In addition, she covers various cryptographic techniques, as well as how to protect servers and email.

Learning Outcomes

In this one-day course You will learn the details of what’s actually involved in securing an operating system. You will review user authentication, the structure of Active Directory, and how to assign permissions and create audit policies. In addition, you will cover various cryptographic techniques, as well as how to protect servers and email.

 

Course Outline

Topic 1: Understanding User Authentication

Topic 2: System permissions

Topic 3: Understanding and implementing Audit policies

Topic 4: Protecting your server

Topic 5: Email protection

Topic 6: Understanding encryption

 

Target Audience

·         I.T practitioners

·         Top managers

·         Anyone interested in I.T security at organizational level.

Application/ Relevance of this course

·         This training will help you and your company understand how to protect operating systems so as to secure your organization.

15th: Cyber fraud and data breaches

·     Introduction to data protecting and information security

·     Risk of social media in the workplace

·     Managing risks of Bring Your Own Device Programs

·     Corporate espionage

Responding to data breaches

·     Introduction to legal elements (civil and criminal actions) of fraud

·     Constitution and common legal protections in the work place

·     Discovery

·     Evidence and how to present it in court

·     Testifying in courts of law

22nd: Investigating on internet

This course will give you skills on how to locate evidence online using search engines, commercial databases and social networking sites. You will learn how to optimize online searches including advanced search functions and alternative search engines

·     Internet tools and legal issues

·     Maximizing the search

·     Investigating the social network environment

·     Handling evidence from online sources

Emerging trends in internet investigations

December Evening Classes

Time: 6pm - 8pm

2nd and 3rd: Mobile Device Security

In a world where smartphones store gigabytes of personally identifiable information, human negligence remains the single biggest threat to the security of your personal and corporate information. Not taking the cybersecurity precautions covered in this course when you use a smartphone has become riskier than ever. Most at risk are Board members and top management executives whose mobile devices receive and store mission critical and confidential information.

All it takes is one wrong tap on your mobile device for you to become a victim of identity theft or fraud. This course covers everything you need to know about mobile security to protect you from cyber criminals and on-line crime.

Learning Outcomes

This one-day course is aimed at exploring the two dominant mobile operating systems, Android and iOS. You will see ways to protect devices through analysis and testing, review the basics of mobile OS models, the tools you need for testing, and the techniques for detecting and preventing the majority of security flaws.

Course Outline

Topic 1: Introduction to Mobile Cyber Security

Topic 2: Mobile technology threats and vulnerabilities

Topic 3: Android OS vulnerabilities and threats deep dive

Topic 4: iOS vulnerabilities and threats in detail

Topic 5: Mobile Security Best practices

Target Audience

·         I.T practitioners

·         Top managers

·         Anyone interested in securing mobile phones

Application/ Relevance of this course

·         This training will help you and your company to understand the threats posed by the mobile phones we use and how to mitigate these threats.

4th and 5th: Securing Operating Systems

The operating system is where many attacks are targeted, which makes OS-level security just as important to your organization as network security. In this course, instructor Lisa Bock details what’s actually involved in securing an operating system. Lisa reviews user authentication, the structure of Active Directory, and how to assign permissions and create audit policies. In addition, she covers various cryptographic techniques, as well as how to protect servers and email.

Learning Outcomes

In this one-day course You will learn the details of what’s actually involved in securing an operating system. You will review user authentication, the structure of Active Directory, and how to assign permissions and create audit policies. In addition, you will cover various cryptographic techniques, as well as how to protect servers and email.

 

Course Outline

Topic 1: Understanding User Authentication

Topic 2: System permissions

Topic 3: Understanding and implementing Audit policies

Topic 4: Protecting your server

Topic 5: Email protection

Topic 6: Understanding encryption

 

Target Audience

·         I.T practitioners

·         Top managers

·         Anyone interested in I.T security at organizational level.

Application/ Relevance of this course

·         This training will help you and your company understand how to protect operating systems so as to secure your organization.

9th and 10th: Understanding the mindset of a fraudster

This course will provide valuable insights /skills that will strengthen the organisations anti- fraud strategies and investigations successful

·      Understanding behaviours and motivations to commit fraud

·      The fraud triangle

·      Individual traits and fraudulent behavior

·      Using behavioural knowledge in your examination

·      Fraud prevention strategies

11th and 12th: Cyber fraud and data breaches

·     Introduction to data protecting and information security

·     Risk of social media in the workplace

·     Managing risks of Bring Your Own Device Programs

·     Corporate espionage

Responding to data breaches

·     Introduction to legal elements (civil and criminal actions) of fraud

·     Constitution and common legal protections in the work place

·     Discovery

·     Evidence and how to present it in court

·     Testifying in courts of law

18th and 19th: Investigating on internet

This course will give you skills on how to locate evidence online using search engines, commercial databases and social networking sites. You will learn how to optimize online searches including advanced search functions and alternative search engines

·     Internet tools and legal issues

·     Maximizing the search

·     Investigating the social network environment

·     Handling evidence from online sources

Emerging trends in internet investigations

January Weekend Classes (Day)

Time: 9am - 1pm

11th August: Fraud risk assessment

This course will discuss numerous considerations that must be incorporated in the assessment process, how to apply the risk assessment framework and how to use the results of the assessment to boost success of the fraud risk management program.

·     Considerations for developing an effective fraud risk assessment

·     Preparing the organization for fraud risk assessment

·     Fraud risk assessment frameworks

Reporting the results of the fraud risk assessment.

12th August: Introduction to Digital forensics

The increasing use and sophistication of hardware and operating systems allows computers systems to store more information about how people use their digital devices. This course will enable participants acquire knowledge and skills on how to seize, preserve and analyze digital evidence.

·    Locating and acquiring digital evidence

·    Imaging and processing digital data

18th August: Network Fundamentals

In the world of computers, you have heard if the internet, network, routers, data, and many other terms that are commonly used, but deep down, you do not really understand, then this one-day eye opening course is for you. This course will introduce you to networking basics and you will be a professional at the end of the Training.

Course Outline

1.      Network Fundamentals

a)      Computer Network

b)      Types of Network

c)      Major Network Topologies

2.      Network Components

a)      Network Interface Card (NIC)

b)      Repeater

c)      Hub

d)      Switches

e)      Router

f)       Bridges

g)      Gateways

3.      TCP/IP Networking Basics

a)     Standard Network Models: OSI Model

b)     Standard Network Models: TCP/IP Model

c)      Comparing OSI and TCP/IP

4.      TCP/IP Protocol Stack

a)     Domain Name System (DNS)

b)     DNS Packet Format

c)     Transmission Control Protocol (TCP)

i.    TCP Header Format

ii.   TCP Services

iii.   TCP Operation

iv.   Three-way handshake

d)     User Datagram Protocol (UDP)

i.    UDP Operation

e)     IP Header

i.   IP Header: Protocol Field

ii.   What is Internet Protocol v6 (IPv6)?

iii.  IPv6 Header

f)       Internet Control Message Protocol (ICMP)

i.   Format of an ICMP Message

g)     Address Resolution Protocol (ARP)

i.  Ethernet

ii.  ARP Packet Format

iii.  Fiber Distributed Data Interface (FDDI)

iv.  Token Ring

5.      IP Addressing

a)      Classful IP Addressing

b)      Address Classes

c)      Reserved IP Address

d)      Subnet Masking

i.  Subnetting

ii.  Supernetting

e)      IPv6 Addressing

i.  Difference between IPv4 and IPv6

ii.  IPv4 compatible IPv6 Address

19th August: Fraud risk assessment tool

This course will provide participants with skills to design a risk assessment process based on identified vulnerabilities of an organization.

·      Employee assessment

·      Management assessment

·      Physical controls assessment

Corruption and conflict of interest assessment

25th August: Network Security threats

You have heard a number of times about I.T security threats, hacks, phishing and data breaches, and you may be one of the people that feel safe and imagine that it cannot happen to them. This one-day course is aimed at practically showing you how malicious attackers get into your computers and phones to steal critical information.

Course Outline

1.      Essential terminologies

a)      Threats

b)      Vulnerabilities

c)      Attacks

2.      Network security Vulnerabilities

a)     Types of Network Security Vulnerabilities

b)     Technological Vulnerabilities

c)      Configuration Vulnerabilities

d)     Security policy Vulnerabilities

e)     Types of Network Security Attacks

3.      Network Reconnaissance Attacks

a)     Reconnaissance Attacks

·   Ping Sweep

·   DNS Footprinting

·   Network Range Discovery

·   Network Topology Identification

·   Network Information Extraction using Nmap

·   Port Scanning

·   Social Engineering Attacks

4.    Network Access Attacks

a)   Password attacks

b)   Password attack techniques

·   Dictionary Attack

·   Brute Forcing Attacks

·   Hybrid Attack

·   Birthday Attack

·   Rainbow Table Attack

c)    Man-in-the-Middle Attacks

d)    DNS Poisoning

e)    ARP Poisoning

5.   Denial of Service (DoS) Attack

6.   Malware attacks

26th August: Anti-fraud controls and using automated continuous Monitoring tools
  • Types of automated tests
  • Data analytics that can be used to help identify potential fraud.
1st August: Network Security Control

As more and more organizations world wide face catastrophic data breaches, hacks and malware infections, its imperative that network administrators and users in general learn about how to set up effective security controls to reduce the impact of a security breach to daily system operations.

Course Outline

1.    Fundamentals of network security

a)       Network Security Controls

b)      Network Security Protocols

c)       Network Security Perimeter Appliances

2.   Network security Controls

a)     Access Control

b)     Types of Access Control

c)      Network access control

3.   User Identification, Verification, Permission and Accountability

a)       Password Authentication

b)      Two-factor Authentication

c)       Biometrics

d)      Smart Card Authentication

e)      Single Sign-on (SSO)

4.   Types of Authorization systems

a)       Centralized Authorization

b)      Implicit Authorization

c)       Decentralized Authorization

d)      Explicit Authorization

5.   Principles of authorization

a)       Least privilege

b)      Separation of duties

6.   Network Security devices

a)       Firewalls

b)      DMZ

c)       Virtual Private Network (VPN)

d)      Proxy Server

7.      Intrusion Detection System (IDS)

8.      Intrusion Prevention System (IPS)

9.      IDS/IPS Solutions

January Evening Classes

Time: 6pm - 8pm

6th and 7th August: Fraud risk assessment

This course will discuss numerous considerations that must be incorporated in the assessment process, how to apply the risk assessment framework and how to use the results of the assessment to boost success of the fraud risk management program.

·     Considerations for developing an effective fraud risk assessment

·     Preparing the organization for fraud risk assessment

·     Fraud risk assessment frameworks

Reporting the results of the fraud risk assessment.

8th and 9th August: Fraud risk assessment tool

This course will provide participants with skills to design a risk assessment process based on identified vulnerabilities of an organization.

·      Employee assessment

·      Management assessment

·      Physical controls assessment

Corruption and conflict of interest assessment

13th and 14th August: Computer Networks Fundamentals

In the world of computers, you have heard if the internet, network, routers, data, and many other terms that are commonly used, but deep down, you do not really understand, then this one-day eye opening course is for you. This course will introduce you to networking basics and you will be a professional at the end of the Training.

Course Outline

1.    Network Fundamentals

a)   Computer Network

b)   Types of Network

c)   Major Network Topologies

2.   Network Components

a)   Network Interface Card (NIC)

b)   Repeater

c)   Hub

d)   Switches

e)   Router

f)    Bridges

g)   Gateways

3.    TCP/IP Networking Basics

a)  Standard Network Models: OSI Model

b)  Standard Network Models: TCP/IP Model

c)   Comparing OSI and TCP/IP

4.    TCP/IP Protocol Stack

a)  Domain Name System (DNS)

b)  DNS Packet Format

c)   Transmission Control Protocol (TCP)

i.   TCP Header Format

ii.  TCP Services

iii. TCP Operation

iv.  Three-way handshake

d)   User Datagram Protocol (UDP)

i.   UDP Operation

e)   IP Header

 i.  IP Header: Protocol Field

ii.  What is Internet Protocol v6 (IPv6)?

iii.  IPv6 Header

f)    Internet Control Message Protocol (ICMP)

 i.   Format of an ICMP Message

g)    Address Resolution Protocol (ARP)

i.    Ethernet

ii.   ARP Packet Format

iii.  Fiber Distributed Data Interface (FDDI)

iv.  Token Ring

5.   IP Addressing

a)   Classful IP Addressing

b)   Address Classes

c)   Reserved IP Address

d)   Subnet Masking

i.    Subnetting

ii.   Supernetting

e)   IPv6 Addressing

i.   Difference between IPv4 and IPv6

ii.  IPv4 compatible IPv6 Address

15th and 16th August: Introduction to Digital forensics

The increasing use and sophistication of hardware and operating systems allows computers systems to store more information about how people use their digital devices. This course will enable participants acquire knowledge and skills on how to seize, preserve and analyze digital evidence.

·    Locating and acquiring digital evidence

·    Imaging and processing digital data

20th and 21st August: Network Security threats

You have heard a number of times about I.T security threats, hacks, phishing and data breaches, and you may be one of the people that feel safe and imagine that it cannot happen to them. This one-day course is aimed at practically showing you how malicious attackers get into your computers and phones to steal critical information.

Course Outline

1.      Essential terminologies

a)      Threats

b)      Vulnerabilities

c)      Attacks

2.      Network security Vulnerabilities

a)     Types of Network Security Vulnerabilities

b)     Technological Vulnerabilities

c)      Configuration Vulnerabilities

d)     Security policy Vulnerabilities

e)     Types of Network Security Attacks

3.      Network Reconnaissance Attacks

a)     Reconnaissance Attacks

·   Ping Sweep

·   DNS Footprinting

·   Network Range Discovery

·   Network Topology Identification

·   Network Information Extraction using Nmap

·   Port Scanning

·   Social Engineering Attacks

4.    Network Access Attacks

a)   Password attacks

b)   Password attack techniques

·   Dictionary Attack

·   Brute Forcing Attacks

·   Hybrid Attack

·   Birthday Attack

·   Rainbow Table Attack

c)    Man-in-the-Middle Attacks

d)    DNS Poisoning

e)    ARP Poisoning

5.   Denial of Service (DoS) Attack

6.   Malware attacks

 

21st and 22nd August: Anti-fraud controls and using automated continuous Monitoring tools
  • Types of automated tests
  • Data analytics that can be used to help identify potential fraud.
27th and 28th August: Network Security Control

As more and more organizations world wide face catastrophic data breaches, hacks and malware infections, its imperative that network administrators and users in general learn about how to set up effective security controls to reduce the impact of a security breach to daily system operations.

Course Outline

1.    Fundamentals of network security

a)       Network Security Controls

b)      Network Security Protocols

c)       Network Security Perimeter Appliances

2.   Network security Controls

a)     Access Control

b)     Types of Access Control

c)      Network access control

3.   User Identification, Verification, Permission and Accountability

a)       Password Authentication

b)      Two-factor Authentication

c)       Biometrics

d)      Smart Card Authentication

e)      Single Sign-on (SSO)

4.   Types of Authorization systems

a)       Centralized Authorization

b)      Implicit Authorization

c)       Decentralized Authorization

d)      Explicit Authorization

5.   Principles of authorization

a)       Least privilege

b)      Separation of duties

6.   Network Security devices

a)       Firewalls

b)      DMZ

c)       Virtual Private Network (VPN)

d)      Proxy Server

7.      Intrusion Detection System (IDS)

8.      Intrusion Prevention System (IPS)

9.      IDS/IPS Solutions

 

February Weekend Classes (Day)

Time: 9am - 1pm

1st: Writing a fraud investigation report

Communicating findings is an important part of fraud examination, and the best way is to provide an investigation report. Written reports provide not only a record of the investigation results but also shows credibility for your work.

·   Assessing the audience and planning a report

·   Report formats, components, use of visual aids

·   Legal considerations in report writing

Improving writing skills

2nd: Data backup and recovery

In the normal course of business, we are bound to face very many challenges, and in a digital world, the worst that can happen is a loss of data, which may be as a result of encryption by a ransomware, accidental deletion or hard drive corruption. This course aims at giving you the knowledge to backup and recover your data incase any of the above happens.

Course Outline

  1. Introduction to Data Backup
    · Backup Strategy/Plan
    · Identifying Critical Business Data
    · Selecting Backup Media
  2. RAID (Redundant Array Of Independent Disks) Technology
    · Advantages/Disadvantages of RAID systems
    · RAID Storage Architecture
    · RAID Level 0: Disk Striping
    · RAID Level 1: Disk Mirroring
    · RAID Level 3: Disk Striping with Parity
    · RAID Level 5: Block Interleaved Distributed Parity
    · RAID Level 10: Blocks Striped and Mirrored
    · RAID Level 50: Mirroring and Striping across Multiple RAID Levels
    · Selecting Appropriate RAID Levels
    · Hardware and Software RAIDs
    · RAID Usage Best Practices
  3. Storage Area Network (SAN)
    · Advantages of SAN
    · SAN Backup Best Practices
    · SAN Data Storage and Backup Management Tools
  4. Network Attached Storage (NAS)
    · Types of NAS Implementation
    o   Integrated NAS System
    o   Gateway NAS System
  5. Selecting Appropriate Backup Method

· Hot Backup (Online)
· Cold Backup (Offline)
· Warm Backup (Nearline)

6.   Choosing the Right Location for Backup

· Onsite Data Backup
· Offsite Data Backup
· Cloud Data Backup

7.      Backup Types

· Full/Normal Data Backup
· Differential Data Backup
· Incremental Data Backup
· Backup Types Advantages and Disadvantages
· Choosing Right Backup Solution
· Data Backup Software: AOMEI Backupper

o   Data Backup Tools for Windows

o   Data Backup Tools for MAC OS X

8.      Conducting Recovery Drill Test

9.      Data Recovery

10.  Windows Data Recovery Tool

· Recover My Files
· EASEUS Data Recovery Wizard
· PC INSPECTOR File Recovery
· Data Recovery Tools for MAC OS X

11.  RAID Data Recovery Services

12.  SAN Data Recovery Software

13.  NAS Data Recovery Services

8th: Interviewing skills

This course will provide you with skills on how to be more effective in asking questions, while evaluating both verbal and non-verbal responses to uncover the truth during interviewing of suspects.

·   Preparing for the interview

·   The interviewing process

·   Types of interviews/questions

Legal elements of interviewing

9th: VPN Configuration and Management

In 2018, the parliament of Uganda passed a law that enabled the collection of Social Media tax. In a show of defiance, many Ugandans decided to adopt the use of Virtual Private Networks (VPN’s). Almost a year later, over 95% of Ugandans still don’t understand how VPN networks actually operate. This course aims to bridge that knowledge gap.

Course Outline

1.  Understanding Virtual Private Network (VPN)

2.  How VPN works?

3.  Why to Establish VPN?

4.  VPN Components

· VPN Client
· Tunnel Terminating Device
· Network Access Server (NAS)
· VPN Protocol

5.  VPN Concentrators

· Functions of VPN Concentrator

6.  Types of VPN

· Client-to-site (Remote-access) VPNs
· Site-to-Site VPNs
· Establishing Connections with VPN

7.  VPN Categories

· Hardware VPNs

o   Hardware VPN Products

·     Software VPNs

o Software VPN Products

8.  Selecting Appropriate VPN

9.  VPN Core Functions

· Encapsulation
· Encryption
· Authentication

10.  VPN Technologies

11.  VPN Topologies

· Hub-and-Spoke VPN Topology
· Point-to-Point VPN Topology
· Full Mesh VPN Topology
· Star Topology

12.  Common VPN Flaws

· VPN Fingerprinting
· Insecure Storage of Authentication Credentials by VPN Clients
· Username Enumeration Vulnerabilities
· Offline Password Cracking
· Man- in- the Middle Attacks
· Lack of Account Lockout
· Poor Default Configurations
· Poor Guidance and Documentation

13.  VPN Security

· Firewalls
· VPN Encryption and Security Protocols

o   Symmetric Encryption

o   Asymmetric Encryption

·     Authentication for VPN Access

o   VPN Security: IPsec Server

o   AAA Server

·     Connection to VPN: SSH and PPP

·     Connection to VPN: Concentrator

·     VPN Security – Radius

14.  Quality of Service and Performance in VPNs

· Improving VPN Speed
· Quality of Service (QOS) in VPNs

 

15th: Contract and procurement fraud

With the increasing mandatory contracting and outsourcing of goods and services by government ministries, directorates and agencies, and other organizations, procurement process has been marred by the highest incidences of reported frauds (bribery & corruption). This course will provide the best skills and practices for preventing, detecting and investigating contract and procurement fraud.

·   The procurement process

·   Common procurement fraud schemes

·   Detection and prevention

Investigating procurement frauds

Legal elements of procurement fraud

16th: Cyber Security for Cloud Computing Training

As more and more organizations embrace cloud computing, a demand to keep your organization’s files, applications, and accounts safe has come up.

In this course, we outline the major cloud security risks, some of which have resulted in service disruptions and show how to plan for and minimize risk when it comes to your own cloud deployments.

Learning Outcomes

In this one-day course You will learn new concepts such as software as a service (SaaS) and infrastructure as a service, and the differences between public and private clouds. Then after, you will review the cloud security best practices.

Course Outline

Topic 1: Cloud security fundamentals

Topic 2: Setting up your Cloud security

Topic 3: Cloud security architecture

Target Audience

·         I.T practitioners

·         Top managers

·         Anyone interested in cloud security at organizational level.

Application/ Relevance of this course

·         This training will help you and your company to secure your files as you use cloud computing.

Duration and Fees

Duration: 1 day (Weekend class)

Pricing: $50

22nd: Developing a fraud risk management program

This course will provide skills on how to set up program objectives, define the risk appetite, steps involved and program components

23rdth: Mobile Device Security

In a world where smartphones store gigabytes of personally identifiable information, human negligence remains the single biggest threat to the security of your personal and corporate information. Not taking the cybersecurity precautions covered in this course when you use a smartphone has become riskier than ever. Most at risk are Board members and top management executives whose mobile devices receive and store mission critical and confidential information.

All it takes is one wrong tap on your mobile device for you to become a victim of identity theft or fraud. This course covers everything you need to know about mobile security to protect you from cyber criminals and on-line crime.

Learning Outcomes

This one-day course is aimed at exploring the two dominant mobile operating systems, Android and iOS. You will see ways to protect devices through analysis and testing, review the basics of mobile OS models, the tools you need for testing, and the techniques for detecting and preventing the majority of security flaws.

Course Outline

Topic 1: Introduction to Mobile Cyber Security

Topic 2: Mobile technology threats and vulnerabilities

Topic 3: Android OS vulnerabilities and threats deep dive

Topic 4: iOS vulnerabilities and threats in detail

Topic 5: Mobile Security Best practices

Target Audience

·         I.T practitioners

·         Top managers

·         Anyone interested in securing mobile phones

Application/ Relevance of this course

·         This training will help you and your company to understand the threats posed by the mobile phones we use and how to mitigate these threats.

29th: Understanding the mindset of a fraudster

This course will provide valuable insights /skills that will strengthen the organisations anti- fraud strategies and investigations successful

·      Understanding behaviours and motivations to commit fraud

·      The fraud triangle

·      Individual traits and fraudulent behavior

·      Using behavioural knowledge in your examination

·      Fraud prevention strategies

February Evening Classes

Time: 6pm - 8pm

3rd and 4th: Writing a fraud investigation report

Communicating findings is an important part of fraud examination, and the best way is to provide an investigation report. Written reports provide not only a record of the investigation results but also shows credibility for your work.

·   Assessing the audience and planning a report

·   Report formats, components, use of visual aids

·   Legal considerations in report writing

Improving writing skills

5th and 6th: Interviewing skills

This course will provide you with skills on how to be more effective in asking questions, while evaluating both verbal and non-verbal responses to uncover the truth during interviewing of suspects.

·   Preparing for the interview

·   The interviewing process

·   Types of interviews/questions

Legal elements of interviewing

10th and 11th: VPN Configuration and Management

In 2018, the parliament of Uganda passed a law that enabled the collection of Social Media tax. In a show of defiance, many Ugandans decided to adopt the use of Virtual Private Networks (VPN’s). Almost a year later, over 95% of Ugandans still don’t understand how VPN networks actually operate. This course aims to bridge that knowledge gap.

Course Outline

1.  Understanding Virtual Private Network (VPN)

2.  How VPN works?

3.  Why to Establish VPN?

4.  VPN Components

· VPN Client
· Tunnel Terminating Device
· Network Access Server (NAS)
· VPN Protocol

5.  VPN Concentrators

· Functions of VPN Concentrator

6.  Types of VPN

· Client-to-site (Remote-access) VPNs
· Site-to-Site VPNs
· Establishing Connections with VPN

7.  VPN Categories

· Hardware VPNs

o   Hardware VPN Products

·     Software VPNs

o Software VPN Products

8.  Selecting Appropriate VPN

9.  VPN Core Functions

· Encapsulation
· Encryption
· Authentication

10.  VPN Technologies

11.  VPN Topologies

· Hub-and-Spoke VPN Topology
· Point-to-Point VPN Topology
· Full Mesh VPN Topology
· Star Topology

12.  Common VPN Flaws

· VPN Fingerprinting
· Insecure Storage of Authentication Credentials by VPN Clients
· Username Enumeration Vulnerabilities
· Offline Password Cracking
· Man- in- the Middle Attacks
· Lack of Account Lockout
· Poor Default Configurations
· Poor Guidance and Documentation

13.  VPN Security

· Firewalls
· VPN Encryption and Security Protocols

o   Symmetric Encryption

o   Asymmetric Encryption

·     Authentication for VPN Access

o   VPN Security: IPsec Server

o   AAA Server

·     Connection to VPN: SSH and PPP

·     Connection to VPN: Concentrator

·     VPN Security – Radius

14.  Quality of Service and Performance in VPNs

· Improving VPN Speed
· Quality of Service (QOS) in VPNs

 

12th and 13th: Cyber Security for Cloud Computing Training

As more and more organizations embrace cloud computing, a demand to keep your organization’s files, applications, and accounts safe has come up.

In this course, we outline the major cloud security risks, some of which have resulted in service disruptions and show how to plan for and minimize risk when it comes to your own cloud deployments.

Learning Outcomes

In this one-day course You will learn new concepts such as software as a service (SaaS) and infrastructure as a service, and the differences between public and private clouds. Then after, you will review the cloud security best practices.

Course Outline

Topic 1: Cloud security fundamentals

Topic 2: Setting up your Cloud security

Topic 3: Cloud security architecture

Target Audience

·         I.T practitioners

·         Top managers

·         Anyone interested in cloud security at organizational level.

Application/ Relevance of this course

·         This training will help you and your company to secure your files as you use cloud computing.

Duration and Fees

Duration: 1 day (Weekend class)

Pricing: $50

17th and 18th: Contract and procurement fraud

With the increasing mandatory contracting and outsourcing of goods and services by government ministries, directorates and agencies, and other organizations, procurement process has been marred by the highest incidences of reported frauds (bribery & corruption). This course will provide the best skills and practices for preventing, detecting and investigating contract and procurement fraud.

·   The procurement process

·   Common procurement fraud schemes

·   Detection and prevention

Investigating procurement frauds

Legal elements of procurement fraud

19th and 20th: Developing a fraud risk management program

This course will provide skills on how to set up program objectives, define the risk appetite, steps involved and program components

24th and 25th: Mobile Device Security

In a world where smartphones store gigabytes of personally identifiable information, human negligence remains the single biggest threat to the security of your personal and corporate information. Not taking the cybersecurity precautions covered in this course when you use a smartphone has become riskier than ever. Most at risk are Board members and top management executives whose mobile devices receive and store mission critical and confidential information.

All it takes is one wrong tap on your mobile device for you to become a victim of identity theft or fraud. This course covers everything you need to know about mobile security to protect you from cyber criminals and on-line crime.

Learning Outcomes

This one-day course is aimed at exploring the two dominant mobile operating systems, Android and iOS. You will see ways to protect devices through analysis and testing, review the basics of mobile OS models, the tools you need for testing, and the techniques for detecting and preventing the majority of security flaws.

Course Outline

Topic 1: Introduction to Mobile Cyber Security

Topic 2: Mobile technology threats and vulnerabilities

Topic 3: Android OS vulnerabilities and threats deep dive

Topic 4: iOS vulnerabilities and threats in detail

Topic 5: Mobile Security Best practices

Target Audience

·         I.T practitioners

·         Top managers

·         Anyone interested in securing mobile phones

Application/ Relevance of this course

·         This training will help you and your company to understand the threats posed by the mobile phones we use and how to mitigate these threats.

26th and 27th: Understanding the mindset of a fraudster

This course will provide valuable insights /skills that will strengthen the organisations anti- fraud strategies and investigations successful

·      Understanding behaviours and motivations to commit fraud

·      The fraud triangle

·      Individual traits and fraudulent behavior

·      Using behavioural knowledge in your examination

·      Fraud prevention strategies

Subscribe to Our Newsletters

Scroll to Top