Academic education

Incident response

Incident response is (normally) an organized approach to addressing and managing the aftermath of a security breach or cyberattack. The goal is to handle the situation in a way that limits damage and reduces recovery time and costs.

This course provides the required skills to achieve this goal:

  • Overview of Operating Systems organization;
  • Windows forensics;
  • Memory forensics;
  • Malware reversal.

This course is taught at the Royal Military Academy (code IN014) and at the Université Libre de Bruxelles (ULB, code INFO-Y119).

Downloads

Management of security

  • threat intelligence
  • cyber risk management
  • architectural approach for designing secure systems
  • building blocks for designing secure systems
  • case study

This course is taught at the Royal Military Academy (code IN012) and at the Université Libre de Bruxelles (ULB, code INFO-Y113).

Downloads

Information security

This course first recalls a number of concepts in the area of distributed systems. Then, in the second part of the course the concepts of information security are applied to distributed information systems.

  • application layer protocols (HTTP, SMTP, POP, DNS)
  • search engines
  • overlay topologies
  • client-server architectures
  • structured and unstructured peer-to-peer networks (P2P)
  • middlewares
  • remote procedure calls (RPC) and remote method invocation (RMI)
  • web services (SOAP, WSDL)
  • rich internet applications (AJAX, JSON)
  • high performance computing (HPC) clusters
  • high availability (HA) clusters and grid computing
  • security of the individual computer,
  • types of threat sources,
  • public sources of information for hackers,
  • social engineering,
  • remotely attacking over a network,
  • vulnerabilities in a computer network (layers 1-4),
  • vulnerabilities at the level of the application layer,
  • buffer overruns in software,
  • access control, authentication and authorization,
  • secure programming,
  • network security (layers 1-7),
  • network encryption, IPSEC and SSL
  • intrusion detection systems (IDS) and honeypots
  • risk management.

This course is taught at the Royal Military Academy (code IN006).

Introduction to networks and security

This course is an introduction to networks and their security:

  • OSI model;
  • Ethernet;
  • IP;
  • Routing;
  • TCP and UDP;
  • Network security;
  • Application security.

This course is taught at the Royal Military Academy (code TN722).

Downloads

Mailinglist

Operating Systems

This course introduces a number of concepts in the area of operating systems and shows how these are used in different types of computer systems.

The following topics are covered:

  • basic computer architecture and low-level programming;
  • multi-tasking;
  • input/output and file management;
  • concurrency and synchronization;
  • memory management and scheduling.

This course is taught at the Royal Military Academy (code IN005).

Downloads

Command and information systems

This course introduces a number of concepts in the area of distributed systems and then shows how these concepts are applied in command & control systems.

  • application layer protocols (HTTP, SMTP, POP, DNS)
  • search engines
  • overlay topologies
  • client-server architectures
  • structured and unstructured peer-to-peer networks (P2P)
  • middlewares
  • remote procedure calls (RPC) and remote method invocation (RMI)
  • web services (SOAP, WSDL)
  • rich internet applications (AJAX, JSON)
  • high performance computing (HPC) clusters
  • message passing interface (MPI) middleware for HPC
  • high availability (HA) clusters
  • grid computing
  • information hierarchy used in command & control systems (C2IS)
  • geographic information systems (GIS)
  • models for representing geographic information (raster, vector, topology)
  • network centric warfare (NCW)
  • multilateral interoperability protocol (MIP) and the C2 Information Exchange Data Model (C2IEDM)
  • wireless sensor networks (WSN)
  • simulating a WSN using Contiki and Cooja
  • expert systems with examples in Clips

This course is taught at the Royal Military Academy (code IN013).

Downloads

Information systems

This course covers a large number of languages, protocols and techniques required for the development of information systems.

After general reminders and a brief introduction to information systems, the course is divided into four main modules. First, the different languages, protocols and techniques necessary for the development of static web pages are presented. The second module then consists of a quick but relatively complete learning of relational databases, their definition, standardization and use. The basic techniques for developing dynamic web applications are then considered. Finally, some advanced techniques are presented.

This course is taught at the Royal Military Academy (code IN003).

Training

Cyber Awareness Training (CAT)

This 2 days training is a typical cyber-risk awareness course. It is intended for nearly any staff member, from higher management to entry-level staff.

The goal of this course is turn participants into active contributors to the information security of their organization. To this aim a number of typical threats will be demonstrated on the cyber range to show the necessity for security controls and procedures. The participants will always be involved as much as possible in the exercises.

Incident Response Training (IRT)

This 5 days training is intended for staff members working in IT functions, such as members of IT support teams or software developers. These people will be directly confronted to ICT problems and therefore need to have the necessary skills to be able to quickly identify a problem as a cyber-incident and react appropriately while correctly preparing for a forensic analysis, even though the investigation itself may be performed by another dedicated team or by an external contractor.

During this training the participants will learn the basics of cyber security forensics so they can contribute to a more in-depth analysis of the incident, for instance assess damage, define indicators of compromise, propose structural measures to prevent similar events of occurring in the future, etc.