IT Systems Attack and Defence (ADL 394)

This e-Learning course is a mandatory  e-learning module of the residential IT Systems Attacks and Defence course. The aim of this course to provide knowledge about tools and methods used by attackers to gain access to IT systems and discusses potential countermeasures and ways of detection and this way establish a common basis of knowledge for the students attending  the residential part of the course, where the students who earned the certificate for this module can continue their studies with practical scenarios and examples.

The residential part of the course is based on hands-on exercises. Practical tasks focus mainly on the offensive side of IT security, the participants can try out for themselves how various real-world attacks can be conducted. In addition, participants can take part in a Capture the Flag competition, where points are awarded for successfully completing the hands-on tasks, with bonus points awarded for the fastest students.

This course is open to all individuals from Sponsoring Nations, Contributing Participants and NATO; and it can be accessed through the NATO e-Learning Joint Advanced Distributed Learning Portal. Once registered, users may access the course by navigating to the ‘CENTRES OF EXCELLENCE (COE’s)’ -> ‘Cooperative Cyber Defence Centre of Excellence’ -> ‘ADL 394 IT Systems Attack and Defence‘ course listing.

Learning Objectives

The course introduces students to the way penetration testers and hackers think. Practical work is used to further develop this kind of thinking and also to figure out ways how to defend against these kinds of attacks. The course does not go in-depth into specific vulnerabilities, rather it serves as a broad introduction into IT systems attacks and points the students towards material where to learn further.

The following topics will be covered during the course:

  • Networks and threat models
  • Attacks and attackers
  • Reconnaissance
  • Scanning and Enumeration
  • Local network attacks
  • Internet Infrastructure attacks
  • Attacks against Windows domain and workstations
  • Attacks against web applications

Target Audience

  • The course has been designed for network and system administrators and security specialists. In general, the expected audience should consist of people who have a good background in information technology, whether gained from studies at university or by practical experience, or both. We do not expect these individuals to have knowledge or good practical know-how about security problems of computer networks and applications. Professional security practitioners or penetration testers with years of experience are not the target audience for this course.

Prerequisites

  • Ideally, the students would have at least junior administrator level experience with Windows and Linux based systems. They should understand the main networking protocols (e.g. ARP, IP, ICMP, TCP, UDP, DNS, HTTP, SNMP, SMTP), have some experience with web technologies (like HTML, PHP, JavaScript) and knowledge about relational database management systems (MySQL).
  • Programming skills are helpful.
  • English language skill comparable to STANAG 6001, 3.2.3.2. is required.

Module certificate:

It is necessary when applying for the residential part of the course and you can download it once you successfully finish the final test of the module. When you register for the residential part of the course please email it to: [email protected]