SP security knowledge build up

Message: 6
Date: Tue, 24 Jul 2018 07:59:58 -0500
From: "Douglas C. Stephens" <stephend@ameslab.gov>
To: nanog@nanog.org
Subject: SP security knowledge build up
Message-ID: <6efd278f-31a0-7d0b-d755-8e14bf344cd8@ameslab.gov>
Content-Type: text/plain; charset=utf-8

Hash: SHA1

To add to Suresh's list, Iowa State University (iastate.edu) offers a
graduate major program and an undergraduate minor program in cyber
security (a.k.a. Information Assurance). They also run an annual
cyber defense competition (ISEAGE).

> Not a MOOC. But several schools now have graduate programs in
> security. Off the top of my head, Georgia Tech, UAB, GMU ..
> They might offer some shorter courses as well, for working
> professionals. Take a look.
Message: 7
Date: Tue, 24 Jul 2018 12:43:12 -0400
From: Rich Kulawiec <rsk@gsp.org>
To: nanog@nanog.org
Subject: Re: SP security knowledge build up
Message-ID: <20180724164312.GA6933@gsp.org>
Content-Type: text/plain; charset=us-ascii

> I am planning to build up a security team of fresh engineers whom are
> "network oriented", any advice on the knowledge resources we can start
> with?

1. Start with one or more engineers who aren't "fresh". This is more
expensive, potentially much more expensive, but it's much more likely
to result in success than trying to feed a crash course in security
into the brains of people who've never done any of this before. Even if
those experienced people do is stop you from making well-known mistakes,
then the investment will be more than worth it.

2. I see that several academic programs were mentioned downthread;
one that I'd add to the list is UMBC, which is excellent.


Message: 10
Date: Tue, 24 Jul 2018 17:31:01 +0000
From: "Lotia, Pratik M" <Pratik.Lotia@charter.com>
To: "nanog@nanog.org" <nanog@nanog.org>
Subject: RE: SP security knowledge build up
Content-Type: text/plain; charset="iso-8859-1"

> I am planning to build up a security team of fresh engineers whom are
> "network oriented", any advice on the knowledge resources we can start
> with?

To add to the academic programs -

CU Boulder has an excellent telecom program for network security and
network engineering; one of their courses focuses solely on SP networks
(full disclosure: I am a CU Boulder alumnus).

With Gratitude,

Pratik Lotia | Security Engineer III
Charter Communications

Thank you guys for all your academic recommendation, unfortunately we are
not US residents, so can you recommend the references/books/curriculum used
in the mentioned programs?



Please start with the nanog videos Chris referenced and the book that I told you about.

Before security knowledge, there’s a lot of hard CS and pure math involved if you want to teach it as a discipline – but that should be available most anywhere. And of course practical courses on network and system administration.

Depends on whether you want to train junior analysts and build their knowledge in a more hands on manner in on the job training, or proceed with a graduate course that’ll take years and give them a deeper dive into this.

For on the job training the videos and the Limoncelli book will do very well indeed for a start.


First, please learn how to properly quote/cite email messages in a mailing
list discussion thread.

Second, you've been given plenty of pointers already. If you lack the
initiative to follow up on those, read the curricula, take note of the
textbooks used in particular classes, etc., then you probably lack the
intiative to be successful in this endeavor.


As for MOOC course content - I don't know these guys from Adam's off
ox, and while I know IIIT (note, not IIT) Bangalore, this is a course
offered by them in collaboration with an outfit called FISST (oh
dear.. the name).

The course name looks like it is meant to train skript kiddeez but the
content looks much more reasonable.

Of course, given the extremely short course length, it is possibly
like the usual mile wide inch deep CISSP training that'll help you
learn a lot of buzzwords if nothing else.




Cyber Security Foundation Module:

Introduction & Overview of Cyber Security
Common Security threats and prevention/mitigation plans
Cryptography – fundamentals with theory of encryption keys (LMS)
Networking Security – fundamentals with N/w layers and various protocols (LMS)

Introduction to IT Act and Cyber Laws:

Cyber Laws – Overview of Cyber Civil Wrong
Cyber Laws – overview of Cyber Offences
Case studies where brand and financial loss has been reported

Introduction to Dark web and Deep Web:

Dark web & Deep Web
Anatomy of Financial Cyber Crime Organization

Network Security & Best practices for secured n/w administration

Wireless Security

Vulnerabilities in various layers of Information Systems:

Overview of Multitasking and Multiprocessing

Assess And Mitigate Security Vulnerabilities
Understanding Security Capabilities of Information System
Memory Protection
Memory & Address protection
Protection Mechanisms

Brief Introduction to Cyber Risk and Cyber Insurance Best Practices:

Cyber Risk & Information Risk Management

Risk Management Concepts
Component of Risk Management – example
Risk Management Process
Common Cyber Threats
Framework for Cyber and IS Risk Management

Cyber Insurance – an Introduction

What is cyber insurance
How to assess and bargain a good policy
How to implement documentation for claims
Best practices for ‘zero’ risk policies

Introduction to Physical Security & importance to protect IT Assets:

Physical Security Introduction
Perimeter / Boundary Security
Building Security
Inside Building with back-end command & Control System
Overview of IoT devices Security & Concerns

Introduction to Blockchain, Cryptocurrencies, and Bitcoins

Introduction to Blockchain concept

Cyber Security Design and Maintaining Resilience

Cyber Security Designing And Maintaining Resilience
Designing a Resilient Enterprise
Maintaining Enterprise Resilience
Perimeter Protection with Firewall
Incident Response Plan
Cyber Risk Management process
Inventory Authorized and Unauthorized devices and Software

Recommended Best practices for Cyber Security:

Cyber Hygiene
Data Security
Wireless networking
Invoke the Incident Response Plan
Preparedness Plan Audit
Test your incident response plan
Vendor Incident response

20 Critical Security Components – Part 1

Critical Control 1: Inventory of Authorized and Unauthorized Devices
Critical Control 2: Inventory of Authorized and Unauthorized Software
Critical Control 3: Secure Configurations for Hardware and Software on
Laptops, Workstations, and Servers
Critical Control 4: Continuous Vulnerability Assessment and Remediation
Critical Control 5: Controlled Use of Administrative Privileges
Critical Control 6: Maintenance, Monitoring, and Analysis of Audit Logs
Critical Control 7: Email and Web Browser Protections
Critical Control 8: Malware Defenses
Critical Control 9: Limitation and Control of Network Ports,
Protocols, and Services

20 Critical Security Components – Part 2

Critical Control 10: Data Recovery Capability
Critical Control 11: Secure Configurations for Network Devices such as
Firewalls, Routers, and Switches
Critical Control 12: Boundary Defense
Critical Control 13: Data Protection
Critical Control 14: Controlled Access Based On Need to Know
Critical Control 15: Wireless Device Control
Critical Control 16: Account Monitoring and Control
Critical Control 17: Security Skills Assessment and Appropriate
Training to Fill Gaps
Critical Control 18: Application Software Security
Critical Control 19: Incident Response and Management
Critical Control 20: Penetration Tests and Red Team Exercises

2 Day On Campus Boot Camp at IIIT B

Lab Session – General Threats
Lab Session – Cryptography
Boot Camp 1
Boot Camp 2