Understand the common threats to information systems in order to to establish a defence in depth plan for the different types of adapted to the different types of current threats.
Day 1 morning
❏ Section 1 – Introduction to cyber security in France
Introduction to threats to organisations in recent years
organisations in recent years
❏ Vision of the leaders towards cybersecurity
❏ Presentation of the different bodies of state linked to the French cybersecurity
Day 1 afternoon
❏ Focus on ANSSI (Agence Nationale de la Sécurité des Systèmes d’Information) : PSSIE,
ANSSI approvals, visas, RGS,
Instruction 901, Ebios RM
❏ Cybersecurity on the French and European level
❏ Practical Work 1 / Write a concise presentation of what the RGS is in its
what the RGS is in its content and
operation
Day 2 morning
❏ Section 2 – Audit of the cybersecurity of information systems
❏ Sequencing an information security audit project and producing a report
❏ Maturity study of defensive processes
❏ PT 2 / Case study – Identification of existing security measures and their maturity.
Day 2 afternoon
❏ Audit and identify deviations from the ANSSI hygiene guide
ANSSI’s hygiene guide
❏ Practical Work 3 / Case study – Alignment of security measures (maturity, reasons for deviation) with respect to the
ANSSI hygiene guide (see Practical Work2)
Jour 3 matin
❏ Presentation of the strategic points of the report
to management/hierarchy
❏ Practical Work 4 / Case study – Making a presentation for the audit report to the CODIR (see Practical Work2)
Jour 3 après-midi
❏ Section 3 – Advanced study of the different layers of a defence in depth
❏ Overview of the different layers
❏ Layer 1: The data: encryption, DLP, ACL,
Classification and tagging
❏ Layer 2: Applications: SLA’s, scanning and
vulnerability identification, update management
updates
Jour 4 matin
❏ Layer 3: Hosts: HIDS/HIPS, Antivirus,
firewall, update management, encryption,
software restriction
❏ Layer 4: The network: update management, NAC, logical/physical segmentation, firewall,
NIDS/NIPS
❏ Layer 5: The Perimeter: Firewall, Anti-DDoS,
Remote access, Web filtering, honeypot
❏ Layer 6: The Cloud: SLA’s,
Jour 4 après-midi
❏ Layer 7: Physical security: access control, building security (video, alarm, server room security)
❏ Practical Work 5 / Case study – Proposal of a suitable defence strategy (see Practical Work2).
Jour 5
❏ Section 4 – A defence aligned with the attacks
❏ Review of the segmentation of the phases of an
attacker
❏ Presentation of the different APT groups
❏ Advanced study of the stages of an APT attack through ATT&CK
❏ Going further (AI, Threat Intelligence)
Practical Work 6 / Study of APT 41 through ATT&CK
General system and network knowledge
System administrator, information security consultant