Network Security
NETWORK SECURITY PROFESSIONAL COURSE (5-day)
Target Personnel: Network Server Administrators, System Administrators, Application Developers and IT Security Officers.
Prerequisites: Computer System Foundation, Server Administration and Networking/ Network Administration knowledge.
Network Security and Firewalls module are designed to teach participants how to secure networks from unauthorized activity, establish an effective security policy, identify different types of hacker activities, understand the hacker's mindset and in-act preventive measure. Participants will also learn about authentication procedures, encryption standards and implementations, ports and protocols that hackers manipulate, and how to engage in proactive detection and response/ reporting methods.
What is Security?
Hacker Statistics, Attributes of an Effective Security Matrix , Threats & Security Standards , Elements of Security , the Security Concepts and Mechanisms
Elements of Security
Encryption & its use, Authentication & Techniques, Access Control, Auditing, Security Tradeoffs and Drawbacks
Applied Encryption
Reasons to Use Encryption, Creating Trust Relationships, Rounds, Parallelization and Strong Encryption, Symmetric-Key Encryption, Symmetric Algorithms, Asymmetric Encryption, Hash Encryption, Applied Encryption Processes, Public Key Infrastructure (PKI) Encryption Review DES, 3DES, AES, Blowfish
Securing Resources
TCP/IP Security Vulnerabilities, Implementing Security, Resources and Services, Protecting TCP/IP Services, Simple Mail Transfer Protocol (SMTP), Testing and Evaluating Implementing a New System, Security Testing Software, Security and Repetition
Firewalls and Virtual Private Networks
Access Control Overview, Definition and Description of a Firewall, The Role of a Firewall Firewall Terminology, Firewall Configuration Defaults, Creating Packet Filter Rules, Packet Filter Advantages and Disadvantages, Configuring Proxy Servers, Remote Access and Virtual Private Networks (VPNs), Public Key Infrastructure (PKI)
Network Attacks
Categories, Brute-Force and Dictionary Attacks, System Bugs and Back Doors, Social Engineering and Non-direct, Attacks
General Security Principles
Security Awareness, Need of Security Policy, Policy Solution based as required Damage Control Enforcement, Importance of Training & CT, Integrated Security Strategy, Need based deployment, Need to identify security-based issues, Physical Security
Protocol Layers and Security
TCP/IP and Network Security , The TCP/IP Suite and the OSI Reference Model , Physical, Network, Transport and Application Layers
Levels of Firewall Protection
Basic Firewall Concepts, Firewall Strategies and Goals, Building a Firewall, Types of Bastion Hosts, Hardware Issues, Common Firewall Designs
Detecting and Distracting Hackers
Hackers–To Stay, Proactive Detection, Distracting and Deterring the Hacker
Incident Response
Setting up an Incident Response Team, Functions of an Incident Response Team, Planning for Response, Create a Response Policy, Documentation, Response Action
Operating System Security module is designed to teach participants the latest security industry recommendations and how to properly protect Windows and Linux servers in a variety of settings. Participants will learn how to protect OS from attacks, harden the operating system to fully protect it, and scan hosts for known security problems. By the end of the module, participants will have a solid understanding of the security architectures used by Windows 2000 and Linux/ Unix.
Security Principles
Overview, Definition of Security, Evaluation Criteria, Security Levels, Mechanisms, and Management, Windows 2000 Security, Linux Security, Pluggable Authentication Modules, Windows 2003 Server Security
Assessing Risk
Risk Assessment Basics, Security Threats, Windows 2000 Security Risks, General UNIX Security Vulnerabilities, System Port Scanning, UNIX Security Risks, NIS Security Concerns, NFS Security Concerns
Account Security
Overview of Securing Accounts, Passwords, Verifying System State, Password Aging in Linux
File System Security
Overview, Windows 2000 File System Security, Remote File Access Control, Combined Local and Remote Permissions, Linux File System Security
Reducing Risk
Risk Reduction Overview, Patches and Fixes, Windows 2000 Registry Security , Disabling and Removing Unnecessary Services in Windows 2000 and UNIX
Internet Security Resources (Appendix)
General, UNIX and Windows NT, Resources
Security Auditing, Attacks, and Threat Analysis is a module that teaches participants how to perform different phases of a security audit, including discovery and penetration, and how to prevent unauthorized users from controlling organization networks. The module discusses how to use Windows 2000 and Linux to identify security issues and suggest industry-standard solutions. Participants will also learn how to generate effective audit reports that can help organizations improve their security and become current with industry security standards.
Security Auditing
Introduction to Auditing, Auditor Roles, and Perspectives, Conducting a Risk Assessment Risk, and Assessment Stages
Discovery Methods
Discovery, Security Scans, Enterprise-grade Auditing Applications, and Scan Levels Social Engineering
Security Auditing and the Control Phase
Network Control, Control Phases, UNIX Password File Locations, Auditing, and the Control Phase
Intrusion Detection
Intrusion-Detection Systems, IDS Rules, False Positives, Intrusion-Detection Software Intruder Alert, Purchasing an IDS, and Auditing with an IDS
Auditing and Log Analysis
Log Analysis, Firewall and Router Logs , Operating System Logs, Filtering Logs Suspicious Activity, Log Storage, Auditing and Performance, and Degradation.
Auditing Server Penetration and Attack Techniques
Network Penetration , Attack Signatures and Auditing , Common Targets, Routers, Databases, Web and FTP Servers, E-mail Servers, Naming Services, Compromising Services, Auditing for System Bugs, Auditing Trap Doors and Root Kits, Auditing Denial-Of-Service Attacks, Buffer Overflow, Combining Attack Strategies, and Denial of Service and the TCP/IP Stack
Audit Results
Auditing Recommendations , Creating the Assessment Report , Improving Compliance Security Auditing and Security Standards , Improving Router Security, Enabling Proactive Detection, Host Auditing Solutions, Replacing and Updating Services, and SSH and DNS
