Network Security

Network Security and Firewalls module are designed to teach participants how to secure networks from unauthorized activity, establish an effective security policy, identify different types of hacker activities, understand the hacker's mindset and in-act preventive measure. Participants will also learn about authentication procedures, encryption standards and implementations, ports and protocols that hackers manipulate, and how to engage in proactive detection and response/ reporting methods.

What is Security?

Hacker Statistics, Attributes of an Effective Security Matrix , Threats & Security Standards , Elements of Security , the Security Concepts and Mechanisms

Elements of Security

Encryption & its use, Authentication & Techniques, Access Control, Auditing, Security Tradeoffs and Drawbacks

Applied Encryption

Reasons to Use Encryption, Creating Trust Relationships, Rounds, Parallelization and Strong Encryption, Symmetric-Key Encryption, Symmetric Algorithms, Asymmetric Encryption, Hash Encryption, Applied Encryption Processes, Public Key Infrastructure (PKI) Encryption Review DES, 3DES, AES, Blowfish

Securing Resources

TCP/IP Security Vulnerabilities, Implementing Security, Resources and Services, Protecting TCP/IP Services, Simple Mail Transfer Protocol (SMTP), Testing and Evaluating Implementing a New System, Security Testing Software, Security and Repetition

Firewalls and Virtual Private Networks

Access Control Overview, Definition and Description of a Firewall, The Role of a Firewall Firewall Terminology, Firewall Configuration Defaults, Creating Packet Filter Rules, Packet Filter Advantages and Disadvantages, Configuring Proxy Servers, Remote Access and Virtual Private Networks (VPNs), Public Key Infrastructure (PKI)

Network Attacks

Categories, Brute-Force and Dictionary Attacks, System Bugs and Back Doors, Social Engineering and Non-direct, Attacks

General Security Principles

Security Awareness, Need of Security Policy, Policy Solution based as required Damage Control Enforcement, Importance of Training & CT, Integrated Security Strategy, Need based deployment, Need to identify security-based issues, Physical Security

Protocol Layers and Security

TCP/IP and Network Security , The TCP/IP Suite and the OSI Reference Model , Physical, Network, Transport and Application Layers

Levels of Firewall Protection

Basic Firewall Concepts, Firewall Strategies and Goals, Building a Firewall, Types of Bastion Hosts, Hardware Issues, Common Firewall Designs

Detecting and Distracting Hackers

Hackers–To Stay, Proactive Detection, Distracting and Deterring the Hacker

Incident Response

Setting up an Incident Response Team, Functions of an Incident Response Team, Planning for Response, Create a Response Policy, Documentation, Response Action

Operating System Security module is designed to teach participants the latest security industry recommendations and how to properly protect Windows and Linux servers in a variety of settings. Participants will learn how to protect OS from attacks, harden the operating system to fully protect it, and scan hosts for known security problems. By the end of the module, participants will have a solid understanding of the security architectures used by Windows 2000 and Linux/ Unix.

Security Principles

Overview, Definition of Security, Evaluation Criteria, Security Levels, Mechanisms, and Management, Windows 2000 Security, Linux Security, Pluggable Authentication Modules, Windows 2003 Server Security

Assessing Risk

Risk Assessment Basics, Security Threats, Windows 2000 Security Risks, General UNIX Security Vulnerabilities, System Port Scanning, UNIX Security Risks, NIS Security Concerns, NFS Security Concerns

Account Security

Overview of Securing Accounts, Passwords, Verifying System State, Password Aging in Linux

File System Security

Overview, Windows 2000 File System Security, Remote File Access Control, Combined Local and Remote Permissions, Linux File System Security

Reducing Risk

Risk Reduction Overview, Patches and Fixes, Windows 2000 Registry Security , Disabling and Removing Unnecessary Services in Windows 2000 and UNIX

Internet Security Resources (Appendix)

General, UNIX and Windows NT, Resources

Security Auditing, Attacks, and Threat Analysis is a module that teaches participants how to perform different phases of a security audit, including discovery and penetration, and how to prevent unauthorized users from controlling organization networks. The module discusses how to use Windows 2000 and Linux to identify security issues and suggest industry-standard solutions. Participants will also learn how to generate effective audit reports that can help organizations improve their security and become current with industry security standards.

Security Auditing

Introduction to Auditing, Auditor Roles, and Perspectives, Conducting a Risk Assessment Risk, and Assessment Stages

Discovery Methods

Discovery, Security Scans, Enterprise-grade Auditing Applications, and Scan Levels Social Engineering

Security Auditing and the Control Phase

Network Control, Control Phases, UNIX Password File Locations, Auditing, and the Control Phase

Intrusion Detection

Intrusion-Detection Systems, IDS Rules, False Positives, Intrusion-Detection Software Intruder Alert, Purchasing an IDS, and Auditing with an IDS

Auditing and Log Analysis

Log Analysis, Firewall and Router Logs , Operating System Logs, Filtering Logs Suspicious Activity, Log Storage, Auditing and Performance, and Degradation. 

Auditing Server Penetration and Attack Techniques

Network Penetration , Attack Signatures and Auditing , Common Targets, Routers, Databases, Web and FTP Servers, E-mail Servers, Naming Services, Compromising Services, Auditing for System Bugs, Auditing Trap Doors and Root Kits, Auditing Denial-Of-Service Attacks, Buffer Overflow, Combining Attack Strategies, and Denial of Service and the TCP/IP Stack

Audit Results

Auditing Recommendations , Creating the Assessment Report , Improving Compliance Security Auditing and Security Standards , Improving Router Security, Enabling Proactive Detection, Host Auditing Solutions, Replacing and Updating Services, and SSH and DNS