Network Security

NETWORK SECURITY PROFESSIONAL COURSE (5-day)

Target Personnel: Network Server Administrators, System Administrators, Application Developers and IT Security Officers.

Prerequisites: Computer System Foundation, Server Administration and Networking/ Network Administration knowledge.

Day One & Two – Module 1 : Network Security & Firewalls

Network Security and Firewalls module are designed to teach participants how to secure networks from unauthorized activity, establish an effective security policy, identify different types of hacker activities, understand the hacker's mindset and in-act preventive measure. Participants will also learn about authentication procedures, encryption standards and implementations, ports and protocols that hackers manipulate, and how to engage in proactive detection and response/ reporting methods.

What is Security?

Hacker Statistics, Attributes of an Effective Security Matrix , Threats & Security Standards , Elements of Security , the Security Concepts and Mechanisms

Elements of Security

Encryption & its use, Authentication & Techniques, Access Control, Auditing, Security Tradeoffs and Drawbacks

Applied Encryption

Reasons to Use Encryption, Creating Trust Relationships, Rounds, Parallelization and Strong Encryption, Symmetric-Key Encryption, Symmetric Algorithms, Asymmetric Encryption, Hash Encryption, Applied Encryption Processes, Public Key Infrastructure (PKI) Encryption Review DES, 3DES, AES, Blowfish

Securing Resources

TCP/IP Security Vulnerabilities, Implementing Security, Resources and Services, Protecting TCP/IP Services, Simple Mail Transfer Protocol (SMTP), Testing and Evaluating Implementing a New System, Security Testing Software, Security and Repetition

Firewalls and Virtual Private Networks

Access Control Overview, Definition and Description of a Firewall, The Role of a Firewall Firewall Terminology, Firewall Configuration Defaults, Creating Packet Filter Rules, Packet Filter Advantages and Disadvantages, Configuring Proxy Servers, Remote Access and Virtual Private Networks (VPNs), Public Key Infrastructure (PKI)

Network Attacks

Categories, Brute-Force and Dictionary Attacks, System Bugs and Back Doors, Social Engineering and Non-direct, Attacks

General Security Principles

Security Awareness, Need of Security Policy, Policy Solution based as required Damage Control Enforcement, Importance of Training & CT, Integrated Security Strategy, Need based deployment, Need to identify security-based issues, Physical Security

Protocol Layers and Security

TCP/IP and Network Security , The TCP/IP Suite and the OSI Reference Model , Physical, Network, Transport and Application Layers

Levels of Firewall Protection

Basic Firewall Concepts, Firewall Strategies and Goals, Building a Firewall, Types of Bastion Hosts, Hardware Issues, Common Firewall Designs

Detecting and Distracting Hackers

Hackers–To Stay, Proactive Detection, Distracting and Deterring the Hacker

Incident Response

Setting up an Incident Response Team, Functions of an Incident Response Team, Planning for Response, Create a Response Policy, Documentation, Response Action

Day Three – Module 2 : Operating System Security

Operating System Security module is designed to teach participants the latest security industry recommendations and how to properly protect Windows and Linux servers in a variety of settings. Participants will learn how to protect OS from attacks, harden the operating system to fully protect it, and scan hosts for known security problems. By the end of the module, participants will have a solid understanding of the security architectures used by Windows 2000 and Linux/ Unix.

Security Principles

Overview, Definition of Security, Evaluation Criteria, Security Levels, Mechanisms, and Management, Windows 2000 Security, Linux Security, Pluggable Authentication Modules, Windows 2003 Server Security

Assessing Risk

Risk Assessment Basics, Security Threats, Windows 2000 Security Risks, General UNIX Security Vulnerabilities, System Port Scanning, UNIX Security Risks, NIS Security Concerns, NFS Security Concerns

Account Security

Overview of Securing Accounts, Passwords, Verifying System State, Password Aging in Linux

File System Security

Overview, Windows 2000 File System Security, Remote File Access Control, Combined Local and Remote Permissions, Linux File System Security

Reducing Risk

Risk Reduction Overview, Patches and Fixes, Windows 2000 Registry Security , Disabling and Removing Unnecessary Services in Windows 2000 and UNIX

Internet Security Resources (Appendix)

General, UNIX and Windows NT, Resources

Day Four & Five – Module 3 : Security Auditing, Attacks & Threat Analysis

Security Auditing, Attacks, and Threat Analysis is a module that teaches participants how to perform different phases of a security audit, including discovery and penetration, and how to prevent unauthorized users from controlling organization networks. The module discusses how to use Windows 2000 and Linux to identify security issues and suggest industry-standard solutions. Participants will also learn how to generate effective audit reports that can help organizations improve their security and become current with industry security standards.

Security Auditing

Introduction to Auditing, Auditor Roles, and Perspectives, Conducting a Risk Assessment Risk, and Assessment Stages

Discovery Methods

Discovery, Security Scans, Enterprise-grade Auditing Applications, and Scan Levels Social Engineering

Security Auditing and the Control Phase

Network Control, Control Phases, UNIX Password File Locations, Auditing, and the Control Phase

Intrusion Detection

Intrusion-Detection Systems, IDS Rules, False Positives, Intrusion-Detection Software Intruder Alert, Purchasing an IDS, and Auditing with an IDS

Auditing and Log Analysis

Log Analysis, Firewall and Router Logs , Operating System Logs, Filtering Logs Suspicious Activity, Log Storage, Auditing and Performance, and Degradation. 

Auditing Server Penetration and Attack Techniques

Network Penetration , Attack Signatures and Auditing , Common Targets, Routers, Databases, Web and FTP Servers, E-mail Servers, Naming Services, Compromising Services, Auditing for System Bugs, Auditing Trap Doors and Root Kits, Auditing Denial-Of-Service Attacks, Buffer Overflow, Combining Attack Strategies, and Denial of Service and the TCP/IP Stack

Audit Results

Auditing Recommendations , Creating the Assessment Report , Improving Compliance Security Auditing and Security Standards , Improving Router Security, Enabling Proactive Detection, Host Auditing Solutions, Replacing and Updating Services, and SSH and DNS

To Know More, Send Your Enquiry Here
Events and Shows

Events and Shows

Close

MILIPOL Paris 2017

Nov, 21 2017 - Nov, 24 2017

Stratign FZE is pleased to announce its participation in upcoming Milipol PARIS 2017, the leading event dedicated to homeland security. The 20th edition will be held on 21 – 24 November 2017 at Paris-Nord Villepinte Exhibition Centre. Stratign FZE is looking forward to showcasing a wide range of products, advanced technologies and latest services at […]

MILIPOL Asia Pacific 2017

Apr, 4 2017 - Apr, 6 2017

Stratign FZE is pleased to announce its participation in upcoming Milipol ASIA PACIFIC 2017, the leading international exhibition of homeland security in Singapore. The 7th International of Homeland Security will be held from 4 April 2017 – 6th April 2017 at Marina Bay Sands, Singapore. Stratign FZE is looking forward to showcasing a wide range […]

Milipol Qatar 2016

Oct, 31 2016 - Nov, 2 2016

Stratign FZE is pleased to announce its participation in Milipol Qatar 2016, the leading international exhibition dedicated to homeland security in the Middle East. The 11th edition of the show will be held from 31 October to 02 November 2016 at the Doha Exhibition and Convention Center (DECC) of Doha, Q

ISS World South Africa

Jul, 10 2016 - Jul, 12 2016

Stratign FZE is pleased to announce its participation at ISS World 2016, the world’s largest gathering of Southern Africa Law Enforcement, Intelligence and Homeland Security Analysts as well as Telecom Operators responsible for Lawful Interception, Hi-Tech Electronic Investigations and Network Intelligence Gathering. The exhibition will be held at Sandton Convention Centre Johannesburg, South Africa from 10th to 12th July, 2016.

Milipol Paris 2015

Nov, 17 2015 - Nov, 20 2015

Milipol Paris 2015 actively supports new entrepreneurs and innovation by organising the very first edition of the Milipol Startup Challenge. Startups are currently the main players for innovation and progress. The contest will reward the startup that will present the most innovative Cyber solution in the fight against crime.

Milipol Qatar 2014

Oct, 20 2014 - Oct, 22 2014

Stratign FZE recently participated in Milipol Qatar 2014, Stall No. B 148 at Doha Exhibition Centre from 20th to 22nd October, 2014. The biennial event staged its 10th edition this year, bringing huge success for Stratign FZE.

DSA 2014 – Kaula Lumpur, Malaysia

Apr, 14 2014 - Apr, 17 2014

Stratign FZE successfully participated at the DSA 2014, the 14th Defense Service Asia Exhibition and Conference. The exhibition was held at PWTC, Kuala Lumpur in Malaysia from 14th to 17th April 2014. Some of the key features of this event included Cyber Security, Chief of Army roundtable talks and live demonstrations. In addition to this, […]

Enquire Now