Cybercrime Computing & Networking Foundation

Our digitised society has transformed cybercrime and cyber-enabled fraud into a major revenue stream for organised crime groups (OCG). Action Fraud reports that 80% of reported frauds are cyber-enabled; they could have taken place offline, but their scale, reach and impact have been expanded using online services and digital technology.

Ransomware and the cost of cybercrime is already up a percent of global GDP, over £500 billion a year. The global cybercrime epidemic shows every sign of continuing to rampage through every global economy. This National Cyber Security Center (NCSC) assured course will give you a good understanding of a number of important topics needed as a Cybercrime Specialist, including:

• How a computer works and what its fundamental components are
• How do computers communicate via networks and what protocols are used
• What is binary and why do we use hex and not decimal
• Fundamentals of encryption, cloud and virtualisation
• An introduction to digital forensics and why the integrity of data is paramount no matter what your role
• An understanding of the Computer Misuse Act and Data Protection and why they are important
• Cybercrime threats and cybercrime offences

The follow-on course in the cybercrime pathway is the Cybercrime Investigators course.

This National Cyber Security Center (NCSC) accredited five-day course will give delegates a good understanding of a number of important topics needed as a Cybercrime Specialist, including:

• How a computer works and what its fundamental components are
• How do computers communicate via networks and what protocols are used
• What is binary and why do we use hex and not decimal
• Fundamentals of encryption, cloud and virtualisation
• An introduction to digital forensics and why the integrity of data is paramount no matter what your role
• An understanding of the Computer Misuse Act and Data Protection and why they are important
• Cybercrime threats and cybercrime offences

The course includes a real-time ransomware simulation exercise.

None.

Module 1 – Computing Concepts & Operating Systems

• To explain computer system components
• Describe the differences between magnetic hard drives and solid state drives
• To explain the different characteristics of operating systems
• What file systems are used and what data is contained
• What is a RAID (Redundant Array of Independent Disks)
• What is serverless computing?

Exercise - How to create user accounts

Module 2 – Networking Protocols & Network Security

• To explain how networks function?
• How data travels the network?
• Logical address (IP4 and IP6)
• What security protocols can be applied on the network and what they are?
• What are the different types of Firewalls and Gateways and how they work?

Exercise - Use CLI for diagnostic purposes

Module 3 – Network Architectures & Topologies

• Applications and Application-layer Protocols
• What is Dynamic Host Configuration Protocol (DHCP) and how it functions?
• Attacks against the DHCP and mitigations
• What is information assurance architecture?
• Network traffic analysis

Exercise - Performing network traffic analysis

Exercise - Create and alter packets with hping3 and eavesdropping with Wireshark

Module 4 – Cloud & Virtualisation

• What is virtualisation?
• What is a container?
• What is cloud computing and what technologies are used?
• How security is applied within cloud computing
• Breaches impacted by the cloud
• Evidential opportunities in the cloud

Exercise - Setting up your own virtual machine

Module 5 – Principles of Digital Evidence

• Digital evidence principles and forensic frameworks
• Data vs Information
• Understanding file systems
• IoT device challenges
• Digital forensic images
• Windows & Linux log file analysis
• Write blocking and best practice
• Mobile device images
• Digital evidence

Exercise - Windows Log Analysis

Exercise - Linux Log Analysis

Module 6 – Digital Footprints

• Explain what information and data may be passively or actively transmitted or submitted
• Review data we place in our digital world can easily be harvested
• Email header analysis
• Understand how to take care to protect our data as best as we can
• Discuss social networks, know how to lockdown accounts
• Practice good passphrase management
• Password cracking

Exercise - Windows Defender Firewall

Exercise - Linux Firewalls

Exercise - Windows Defender

Exercise - Email headers

Module 7 – Digital Currency Concepts

• How bitcoin and virtual currencies work
• How the block chain works
• What is Proof of work?
• Identifying other cryptocurrencies

Exercise - Bitcoin Technologies

Exercise - Bitcoin in crime

Exercise - Auditing a bitcoin transaction

Module 8 – Cyber Attacks & Cyber Offences

• Cyber dependant and enabled crime
• Cyber exploits and vulnerability scanning
• Malware
• Denial of Service
• Combating threats
• Advanced threat analysis

Exercise - Nmap and Zenmap

Exercise - Vulnerability Scanning with Nikto

Exercise - Advanced Network Scanning with SPARTA

Exercise - Denial-of-Service using LOIC

Exercise - Advanced Persistent Threat Analysis

Exercise - Honeypots

Module 9 – Encryption

• To explain the uses of encryption technologies
• Describe conventional encryption principles
• To explain cipher classification
• Asymmetric and Symmetric encryption
• PKI and Certificate Authorities
• Digital Signatures
• Hashing scenarios
• Ubiquitous encryption

Exercise - Hashing Scenario

Exercise - Digital Certificates

Module 10 – Introduction to Neurodiversity

• What is neurodiversity?
• Common neurodivergent thinking styles
• Benefits of neurodivergent thinking styles
• Challenges of neurodivergent thinking styles
• Neurodiversity and Cybercrime

National Cyber Security Center (NCSC) Assured Training Exam, taken post course.

• Online proctored exam taken post-course
• Duration - 70 minutes
• Questions 50, multiple choice (4 multiple choice answers only 1 of which is correct)
• Pass mark 50%
• Digital badge - Certified Cybercrime Specialist