This mastery program is great for people that a restarting out in cybersecurity, or are a seasoned IT pro who wants to switch into cybersecurity. The “Cybersecurity Master Annual Program” is the perfect and complete learning path, it is designed as a continuous learning program that will keep the participants on top of the latest developments in this ever-changing industry. Every month, the students learn a new essential skill to become a cybersecurity Expert with the most up to date skills.
CMAP Formula
The Cybersecurity Master Annual Program, is a continuous learning program that provides the participants with insights for various cybersecurity skills. The program consists of 12 workshops, delivered by CQURE Academy Trainers. Each live workshop is demo-intensive and accompanied by pre-and post-workshop homeassignments to solidify your learning.
Each workshop touches upon a different area of cybersecurity. Workshops are live and take place on last Wednesday of each month, with the exception of December, when it will take place two weeks earlier (13th Dec) to avoid conflicting dates with any Christmas-related arrangements our students may have. A Discord Server will also be set-up for the students to receive continuous assistance and support from CQURE’s Experts during the program.
The delivery is in EU time zones (CET/CEST). Each workshop will be complemented by pre-work assignment (some reading material that will help the students prepare for the workshop) and an additional home assignment (e.g., self-study exercises, additional reading materials, labs etc.) and a test.
All of the live workshops will be recorded and accessible for students any time – in case any of the customers need to attend some other duties/holidays or simply want to recap. In January 2024, the Final Exam will be performed in a form of a proctored examination – to take on this one, a student must have bought access to the whole program.
CMAP Curriculum
Module 1: Securing Windows Platform: Windows 11 & Windows Server 2022
Date: January 25th; Instructor: Mike Jankowski-Lorek, PhD
- New features in Windows 11 and Windows Server 2022 affecting security
- Implementing rights, permissions and privileges
- Defining and disabling unnecessary services
- Implementing secure service accounts
Module 2: Hardening Active Directory Infrastructure
Date: February 22nd; Instructor: Michael Grafnetter
- Modern Identity Attack Techniques
- Preventing Credential Theft and Misuse
- Recommended AD Configuration Options
- OS-Level Credential Protection Features: LSA Protected Process, Credential Guard, and RDP Restricted Admin Mode
- Detecting Backdoors in Active Directory
Module 3: Collecting and Analyzing Digital Evidence
Date: March 29th; Instructor: Paula Januszkiewicz
- Evidence Gathering
- Memory: Dumping and Analysis
- Memory: Indicators of compromise
- Disk: dumping & analysis
- Disk: extracting and interpreting evidence
Module 4: Implementing Secure Azure Active Directory
Date: April 26th Instructor: Michael Grafnetter
- Azure AD security settings
- AAD Identity Protection
- AAD Privileged Identity Management (PIM)
- AAD Password Protection
Module 5: Pentesting Web Applications
Date: May 31st Instructor: Artur Kalinowski
- Cross Site Scripting
- Injections
- Insecure File Handling
- Testing API
Module 6: Implementing Privileged Access Workstations
Date: June 28th Instructor: Sami Laiho
- Privileged Access Workstations - how and why?
- Different hardware and VM solutions for implementing PAWs
- Difference between normal and privileged access
- Implementing and Managing On-prem PAWs
- Implementing and Managing Cloud-service PAWs
Module 7: Understanding Malware Analysis
Date: July 26th Instructor: Paula Januszkiewicz
- Malicious non-exe files
- Introduction to Static Malware Analysis
- Behavioral Malware Analysis
Module 8: Mastering Authentication in .NET
Date: August 30th Instructor: Przemek Tomasik
- Implementing OAUTH 2
- Implementing OpenID Connect
- Implementing SAML
Module 9: Configuring Application Whitelisting
Date: September 27th Instructor: Sami Laiho
- Whitelisting in General
- Implementing AppLocker
- Managing AppLocker
- Troubleshooting AppLocker
Module 10: Empowering the PowerShell
Date: October 25th Instructor: Michael Grafnetter
- PowerShell security and specific hacktools (like DSInternals)
- Advanced PowerShell course
- Auditing Active Directory using PowerShell
Module 11: Mastering Monitoring Operations and Threat Intelligence
Date: November 29th Instructor: Piotr Pawlik
- Microsoft 365 security from SOC Analyst perspective
- Microsoft 365 Defender for Endpoint – EDR story
- Detection and Response with Sentinel – Let’s attack Contoso network
Module 12: Securing SQL Server
Date: December 13th Instructor: Damian Widera
- SQL Server Security Baseline Concepts
- SQL Server Instance Security
- Managing Logins & Passwords