Programma

CORSO DI FORMAZIONE – Cybersecurity sul 5G

Il corso è rivolto ai dipendenti di Pubbliche Amministrazioni e di Aziende, pubbliche e private, che vorranno investire nella formazione di tecnici e manager sui fondamentali temi della sicurezza delle infrastrutture 5G e delle relative applicazioni. 

Formato previsto: a catalogo un insieme di moduli da 1/2/3 giorni, divisi in:

  • moduli di “background” o pre-requisiti
  • main track
  • moduli complementari

(un giorno sono 7h di lezione: esempio: 9-13 + 14.30-17.30)

Ai corsi possono essere affiancate le “certificazioni”. Per prendere le certificazioni bisogna superare dei test e dimostrare determinati requisiti (anni di esperienza, skill specifiche già possedute).

MODULI

Background modules track (B1-B6)

B1 – Cryptography and network security basics (3 gg)

B1.1: Cryptography basics (1 g) B1.2: Practical network security and cryptography (2 gg)
B1.1 Confidentiality, Integrity and Availability requirement. Elementary cryptography. Data Integrity, hash functions. Asymmetric cryptography, PKI.   B1.2 Network cyberattacks, PKI tools, Network Security Protocols and Applications,  Network Perimeter Security
B2 – System security and penetration testing basics (3 gg)

Ethical hacking / security attacks / vulnerability assessment
B3 – Introduction to cellular networks (1 g)  Basic principles of Cellular Networks. Mobility Management. Authentication and Security. Cellulare networks generations: 2G/3G/4G
B4 – 5G Networks: Architecture and protocols (2 gg)  5G use cases and standardization. Architecture. RAN. Core Network. Slicing and Edge Computing.
B5 – IP networking basics / IPv6 / Software Defined Networks / NFV (1 g)  IPv4 and IPv6 Networking. The evolution of networking: SDN, NFV.
B6 – Virtualization and cloud architectures
(1 g)
 
Virtualization basics. Virtual Machines, Containers. Cloud architectures. Openstack. Kubernetes.

Main Track (M1 – M7)

M1 – 5G security overall vision (2 gg)    Security architecture and protocols, Authentication and user management, 5G location and domain-specific security.
M2 – 5G vulnerabilities laboratory (2 gg)    4G/5G Air Interface privacy, availability and integrity vulnerabilities and attacks
M3 – 5G Infrastructure Security (3 gg)    5G System-wide Security, NFV security, Cloud and MEC security,  Mobile Virtual Network Operators Security
M4 – 5G Device and User Security (1 gg)    5G User security Hacking 5G UE, USIM App IoT Security  
M5 – Governance, risk management, compliance (GRC) (3 gg)    Security standards Security management, security governance  
M6 – 5G products and vendors (Laboratories) (4 gg)   5G Core equipment 5G RAN equipment Open Source Solutions

 
M7 – 5G Offensive Security (1-2 gg)  Attack Surface, Vettori e scenari di attacco Threat Modelling Penetration Testing & Adversary Emulation  

Complementary modules track (C1-C4)

C1 – Sicurezza nelle reti WLAN (1 g)    802.1x User authentication. Protocols: EAP, Radius, AAA. Wi-Fi authentication mechanisms.
C2 – Hardware security (1 g)


Introduction and background notions, Hardware Trust Issues, Hardware Vulnerability Issues, Countermeasures, Hardware security primitives
C3 – Security “communication” / Crisis management (1 g) 
C4 – ISO 27001 Lead Auditor Certification (5 gg)