- This event has passed.
Physical Security Specialist – Full Comprehensive Edition
September 10, 2017 - September 15, 2017
Physical security is an oft-overlooked component of data and system security in the technology world. While frequently forgotten, it is no less critical than timely patches, appropriate password policies, and proper user permissions. You can have the most hardened servers and network, but that doesn’t make the slightest difference if someone can gain direct access to a keyboard or, worse yet, march your hardware right out the door.
The CORE Group is a firm with divisions that focus on penetration testing, physical defense, personal protection details, and law enforcement training. Those who attend this course will leave with a full awareness of how to best protect buildings and grounds from unauthorized access, as well as how to compromise most existing physical security in order to gain access themselves. Our subject matter experts will immerse you in all the necessary components of a well-layered physical defense system and then teach you how to conduct a thorough site analysis of a facility.
This training is ideal for any individual who is tasked with making physical security decisions for existing or new facilities.
During days One and Two of this course, attendees will not only learn how to distinguish good locks and access control from poor ones, but will also become well-versed in picking and bypassing many of the most common locks in order to assess their own company’s security posture or to augment their career as a penetration tester.
On days Three and Four, students will learn to evaluate physical barriers, defensive lighting, doors, external & internal physical intrusion detection systems, camera placement, access controls, and standard operating procedures. They will also be exposed to best practice standards and robust variety of adversarial methodologies used to compromise weak targets such as social engineering and the exploitation of weak employee culture. Numerous in-depth case studies and practical hands-on demonstrations will be utilized to solidify the acquisition of knowledge.
The training concludes on days Five and Six with an intense specialization focus: electronic access control systems and badge readers. Students will be immersed in the world of 125KHz (low frequency) credentials, vehicle transponders, 13.56MHz (high frequency) credentials, and smart cards. Whether an enterprise is using HID Prox cards, NXP Hitag chips, Mifare credentials, or even iCLASS technology, students who have taken this course will be well-versed in the functionality, weaknesses, and attack vectors of such systems. From how to perform practical card cloning attacks in the field to advanced format downgrade attacks, students are prepared for real-world red team scenarios and learn how to exploit access control technology with the latest attack hardware. There are also modules detailing the backend of such systems, which opens the door to Man in the Middle and Denial of Service attacks.
By the end of this course, students will be very prepared to make educated and fiscally-responsible security decisions not only for their respective organizations but also for themselves. Participants will be able to approach any target, site-unseen, and then either conduct a walk through assessment highlighting attack vectors, or proceed directly with an attack… gaining physical access to critical areas and infrastructure. Additionally, these newly-minted professionals in our training will also be able to provide sound documentation while making recommendations to management or to their insurance providers…saving money for their companies.