Would you like to get more information or apply?
Click on the button below and we’ll get back to you as soon as possible.
A person who has received instruction considered sufficient by the college and meets any of the following conditions may be admitted to a program of studies leading to an Attestation of College Studies:
CDI College’s Cybersecurity Specialist – LEA.DV program aims to train qualified professionals capable of assuming, at the entry point of the labor market, all the tasks inherent in the cybersecurity of an organization's computer networks.
The cybersecurity specialist is a company's backbone against threats from the Internet. A specialist in encryption, firewalls and other antiviruses, he constantly monitors regulations, threats and the evolution of existing means of protection. He watches over sensitive data and maintains organizational information systems by carrying out vulnerability audits and intrusion tests in order to: detect potential vulnerabilities, identify entry points and determine solutions or security equipment protection to be put in place. He therefore plays a preventive role, but also embodies that of an emergency firefighter during a cyberattack. Even if there is no way to be fully protected, the cybersecurity specialist’s goal is to limit the risks.
The Cybersecurity Specialist – LEA.DV program first explores the design, installation, maintenance and management of networks and then, the implementation and operation of IT services that represent the backbone of any training in the field. It aims to reflect the current reality where data and systems can be deployed internally, at a host and / or in the "Cloud". In addition, since managers must now tackle the management of risks that have a major impact on the effective operation of the company, its reputation, its competitive strength and its future, this program also tackles the tools and network monitoring techniques used for cybersecurity risks and vulnerabilities. Graduates can work in small, medium and large companies, government agencies (federal, provincial and municipal), professional offices and schools.
To graduate, students must obtain the required pass mark in each course.
This program leads to an ACS (Attestation of College Studies) recognized by the Ministry of Higher Education (Permit 749747).
This program is offered in English or in French.
"The best part about learning from Practitioner Instructors is that they have worked in the job that you’re going into so they know the “ins and outs” and the little tricks of the trade, so to speak. They know what they’re talking about and have firsthand experience."
Background. Job function of the cybersecurity specialist. Exercise of the profession according to different work environments. Role of the cybersecurity specialist and those of related professions. Environmental requirements. Cybersecurity (trends, utility, risks, issues and challenges). Professional ethics at work. Main hardware and software components of a computer. File management. Personalization of a workstation. Creation of documents using common corporate communication and management tools (Microsoft Word ™, Microsoft Excel ™, Microsoft Powerpoint ™). Use of the Internet for communication and research. Work methods and ergonomics.
Understanding the operations of a microcomputer. Identification and description of the different components of a computer. Software and hardware issues. Analysis, configuration, update and troubleshooting of Windows PCs. Industrial Standard A+ for IT Support Technicians.
Software and hardware issues. Analysis, configuration, update and troubleshooting of Windows PCs. Advanced troubleshooting. Preventive maintenance and security. Industrial Standard A+ for IT Support Technicians.
Understanding of types of networks, standards and protocols. Identification and description of network hardware, cabling and topologies. Planning and implementation of local and wide area networks. The OSI Reference Model and its constituent layers. The TCP / IP architecture. Network upgrade, maintenance and debugging. Wireless networks. Understanding of computer security. Network virtualization. Cloud computing.
Windows installation and configuration. Administration and management of users and the system. Networking and interconnection with other systems. System optimization and problem-solving.
Optimal installation of Windows Server on a workstation. Presentation of Hyper-V virtualization. Virtual machine creation. Introduction to PowerShell language. Installation and configuration of the servers. Configuring Roles and Features (DHCP, DNS, File Server). Active Directory Installation and Administration. Creating and managing group policies. Server monitoring. Hard disk management.
Windows server in core mode (command line). Configuration tool called 'sconfig'. Role of an Active Directory in an enterprise. Advanced DNS (DNSSEC), DHCP, and IPAM services. Types of files managed by Windows. ISCSI and NFS storage. BranchCache configuration and deployment for file access. Resources for Dynamic Access Control. Deployment and management of an AD infrastructure. Approval relationships between domains. Role Sites and AD Services. AD replication. AD CS Certificate Services. AD RMS Rights Management. AD FS Federation Services.
Introduction to PowerShell scripting language. Windows administration tasks with PowerShell. Cmdlets under PowerShell. Windows registry databases (HKCU and HKLM). Certificate management. Administration of a Windows client computer. Collection of information on systems. File search. Gathering information through WMI classes. Management of software, installations, executions, and updates. Management of devices and remote stations. Cmdlets for remote communication of the .NET Framework. Remote management and administration. Scripts. Introduction to Windows PowerShell ISE.
Recognition of security threats and their consequences. Identification of the origin of the security threats and main areas of vulnerability. Detection and neutralization of security threats to systems and networks. Implementation of procedures, practices, utilities, and security devices. Presentation of recovery methods after a system failure.
Description of the TCP / IP and OSI models. Introduction to IOS (Internetwork Operating System). Modes of access to equipment. Configuration modes, Using the CLI (Command line interface: basic commands). Physical layer and data link (Ethernet, ARP, copper and optical media). Protocols. Routers. Introducing a corporate email system. Installation and configuration of the Microsoft Exchange Server ™ server. Integration of Active Directory and use of DNS with Exchange. Preparation of the directory used for the installation of Exchange. Consoles on Exchange Server. License management. Mailbox services. Database administration via the EAC (Exchange Administration Center) and via the Management shell. Outlook Anywhere and Outlook Web App. Exchange ActiveSync. Operation of transport services. Transport Edge role. Administration of user and resource mailboxes. Management of distribution groups. Management of address lists and offline address books. Securing and maintaining the email infrastructure.
General architecture of a virtualization system. Basic concepts of Hyper-V. Hyper-V virtualization architecture. Storage, network architecture and sizing of servers. Configuration, installation and administration of a virtualization platform. System Center Virtual Machine Manager. Migration of virtual machines with SCVMM. Backup and restore of Hyper-V virtual machines.
SharePoint technologies (history, deployment models, related products, and news). Deployment planning, necessary components, and prerequisites. Server farm topology and migration from an earlier version. SharePoint installation. Security accounts. Command line tools. Central Administration Console. Service applications. Process of creating a Web application and their permissions. Site collections and solution deployment. Creating a web application using a script. Monitoring tools and optimization settings. Resources for troubleshooting.
Overview of cybersecurity prevention and response activities. Safety and risk analysis and management. Types of analysis. Risk analysis. Predictive analytics. Behavioral analysis. Forensic analysis. Security of assets. Security technologies. Communication and network security. Validation and security testing. Detection of anomalies. Attempted intrusion. Data exfiltration. Report production.
Cybersecurity challenges. Infrastructure security. Device security. Local network security. Perimeter security. Security of teleworking mode. Identification of vulnerable components. Identification of the risks involved. Proposed corrective measures to mitigate the risks. Assessment of the effectiveness of corrective measures. Fundamentals of cryptology. Identity and access management. Identity management. Authentication. Authorisation. Federation. Governance. High privilege accounts. Challenges. Development of policies, procedures or contingency plans. Software life cycle. Optimization of the efficiency, performance and quality of software and information systems.
Recognition, scanning and exploitation of security vulnerabilities in a context of prevention. Obtaining and maintaining access. Coverage of traces. Hacking tools and techniques used in cyber-attacks. Planning of penetration tests. Personal workplaces. Traditional servers. Mobile devices. Cloud computing. Telework. Development of policies, procedures or contingency plans. Limiting the effects of a breach in computer security. Optimization of the efficiency, performance and quality of software and information systems. Production of reports.
Types of attack. Phishing. Ransomware. Malware. Psychological hacking. Trojan horse. Sequence of cyber attack. Cyber attack detection. False alarm. Alert requiring immediate attention. Finding information about an attack target. Use of pirate administrator kits (rootkits). Use of backdoors. Types of cyber defense of an IT infrastructure. Network architecture. Management of privileges and access. Active defense techniques. Cryptography. Impact on the confidentiality, integrity and availability of information. Management of cybersecurity alerts and incidents. Cyber resilience (Response plan). Identify the incident. Analyze the incident. Containment of compromised systems. Reduce the risk of data leakage or pivoting to other platforms. Eliminate the cause of the incident. Simulation of a cyberattack.
Planning of an information security audit mandate. Conduct of an audit mandate. Internal audit standards and reference framework. Tools for recovering files and stored data. Audit techniques. Collection of information. Validation of the data collected. Use of management tools and security controls (SIEM, RCMP, etc.). Self-assessment of controls. Continuous audit and monitoring. Standards, laws and regulations applicable to information security. Audit report (clear, comprehensive and timely produced). Follow-up of the audit report. Follow-up of recommendations on strategies. Follow up on policy and procedure recommendations. Follow-up of recommendations relating to security and service delivery.
Putting into practice and integrating the personal and professional skills necessary for the exercise of the profession. Application of knowledge and strategies learned in the classroom in a business context. Integration into the professional environment. Adaptation to the reality of the different business sectors. Collaboration with the work team. Participation in meetings. Project management. Procurement decision making. Familiarization with operating tools. Adaptation to a corporate culture. Implementation of professional conduct in accordance with the ethics of the profession.
Click on the button below and we’ll get back to you as soon as possible.