Cybersecurity Level 2 – Practical Training Course

Duration: 48 Hours

Schedule: 4 hours per day × 2 days per week × 6 weeks

Target Audience:

• Undergraduate students (Computer Science, IT, Cybersecurity)
• Prerequisite: Completion of Cybersecurity Level 1 or equivalent knowledge in fundamentals

(threat types, basic networking, operating systems, and security tools)

Course Objectives:

By the end of this course, students will:

• Detect and analyze cyber threats using real-world tools
• Apply security policies, harden systems, and monitor network activity
• Simulate attacks and defensive countermeasures in sandbox environments
• Understand intermediate topics like incident response, malware analysis, and SIEM
• Prepare for industry-recognized certifications (CompTIA CySA+, CEH, etc.)

Course Modules

 Security Operations & Threat Landscape

Theory:

• Overview of Security Operations Centers (SOC)
• Cyber Kill Chain & MITRE ATT&CK framework
• Threat actors, TTPs (Tactics, Techniques, Procedures)
• Key tools used in Blue Team vs Red Team operations

Practical:

• Lab: Setup Virtual Lab with VirtualBox or VMware
• Lab: Install Kali Linux and Security Onion
• Lab: Use WHOIS, lookup, and OSINT tools
• Activity: Map attacker techniques to MITRE ATT&CK

System and Network Hardening

Theory:

• Defense in Depth
• Windows and Linux hardening techniques
• Patch management, password policies, and secure configurations

Practical:

• Lab: Harden a Windows VM (disable SMBv1, remove unused services, apply group policies)
• Lab: Harden a Linux VM (disable root SSH, iptables/UFW, auditing)
• Lab: Run vulnerability scans using OpenVAS or Nessus (demo version)
• Group Activity: Secure a misconfigured VM based on checklist

 Network Traffic Analysis & Intrusion Detection

Theory:

• TCP/IP review for security
• Deep packet inspection concepts
• IDS/IPS (Snort, Suricata)
• PCAP file analysis

Practical:

• Lab: Analyze PCAP files with Wireshark
• Lab: Install and configure Snort in IDS mode
• Lab: Detect malicious traffic (e.g., port scanning, DoS)
• Challenge: Capture and analyze a simulated attack

 Malware, Phishing, and Endpoint Security

Theory:

• Malware categories (ransomware, Trojans, keyloggers)
• Phishing attacks and social engineering
• Endpoint Detection and Response (EDR) concepts

Practical:

• Lab: Analyze malware behavior in a sandbox (using Any.Run or local isolated VM)
• Lab: Simulate phishing email using SET (Social Engineering Toolkit)
• Lab: Use Sysinternals tools (Process Explorer, Autoruns)
• Lab: Use ClamAV or Windows Defender for malware scanning

 Incident Response and SIEM

Theory:

• Incident Response lifecycle (NIST)
• Log management and correlation
• SIEM concepts (Splunk, ELK Stack)

Practical:

• Lab: Create an incident response plan
• Lab: Ingest and analyze logs using Splunk (or ELK demo)
• Lab: Detect brute-force and malware activity in log data
• Group Activity: Simulate a security breach and write IR report

 Capstone Project and Assessment

Capstone Project:
Students work in groups to investigate a simulated security breach and must:

• Analyze logs and traffic
• Identify indicators of compromise (IoCs)
• Prepare and present an incident report
• Recommend mitigation strategies

Assessment:

• Final Quiz (25%)
• Capstone Evaluation (50%)
• Lab Participation (25%)

 Certificate of Completion

Participants who pass the final assessment and complete all labs will receive from (JELECOM):

“Cybersecurity Level 2 – Intermediate Hands-On Defense Certificate”

 

if you would like to get our course content please register . . .