Course Outline

Module 1: Introduction to Network Security

  • Network topology; Network Types and the OSI Model

Module 2: Network Protocols

  • Network Protocols: SLIP; PPP; ARP; RARP; IGMP; ICMP; SNMP, HTTP
  • IP: Attacks and Countermeasures
  • TCP, UDP: Attacks and Countermeasures
  • FTP, TFTP, TELNET, SMTP: Vulnerabilities

Module 3: Security Policy

  • What is Security Policy?
  • What Defines a good security policy
  • Security Policy Structure
  • Developing and Implementing security policies
  • Requirements of Effective Security Policy

Module 4: Physical Security

  • Physical Security Threats
  • Locks and Keys
  • TEMPEST
  • Fire Safety: Fire Suppression, Gaseous Emission Systems
  • Laptop Security: Physical Security Countermeasures
  • Biometric Devices
  • PC Security: Boot Access

Module 5: Network Attacks

  • Current Statistics
  • Defining Terms: Threats, Attack and Exploit
  • Classification of Hackers and Attacks
  • Spoofing; Spamming; Eaves Dropping; Phishing; War Dialing; Password Cracking
  • Web Page Defacement; SQL Injection; Wire Tapping; Buffer Overflow
  • War Driving; War Chalking; War Flying
  • Denial of Service (DOS) Attacks and Distributed DOS

Module 6: Intrusion Detection System

  • Characteristics of IDS
  • Host based IDS Vs Network based IDS
  • IDS Detection Methods; Types of Signatures
  • Intrusion Prevention System
  • IDS Vs IPS
  • IPS Tool

Module 7: Firewalls

  • Handling threats and security tasks
  • Protection against hacking
  • Centralization and Documentation
  • Multi-layer firewall protection
  • Packet filtering and Stateful Packet Filtering
  • Multi firewall DMZ
  • Specialty firewalls and Reverse firewalls

Module8: Packet Filtering and Proxy Servers

  • Network Address Translation
  • Application layer gateway and Proxying
  • Virtual Private Network and the Authentication process

Module 9: Bastion Host and Honeypots

  • Bastion Host
  • Honeypots and Honeynet

Module 10: Hardening Routers

  • Internet work Operating Systems (IOS)
  • Troubleshooting a router
  • Hardening a Router
  • Components of router security
  • Router security: testing tools

Module 11: Hardening Operating Systems Security

  • Windows Security
  • Objects And Permissions
  • NTFS File System Permissions
  • Active Directory
  • Kerberos Authentication And Security
  • IP Security
  • Linux

Module 12: Patch Management

  • Red Hat Up2date Patch Management Utility Installation Steps
  • Microsoft Patch Management Process and Windows Update Services
  • Patch Management Tools: Qchain
  • Patch Management Tool: Microsoft Baseline Security Analyzer
  • Other Patch Management Tools

Module 13: Application Security

  • Securing Web Applications
  • IPSec And SSL Security
  • Writing Secure Code; Best Practices
  • Remote Administration Security

Module 14: Web Security

  • Network Devices and Design
  • Altering the Network Addresses
  • Client Authorization and Secure Client Transmissions
  • Portable Applications
  • Malicious Code Detection
  • Browser Security Settings
  • Common Gateway Interface (CGI)
  • Web Application Input Data Validation and Buffer Overflows

Module 15: E-Mail Security

  • Components Of An Email
  • E-mail protocols
  • E-Mail Security Risks
  • How to defend against E-Mail security risks

Module 16: Encryption

  • Firewalls Implementing Encryption
  • Maintaining confidentiality
  • Digital certificates
  • Public and Private Keys (including PGP)
  • Choosing the size of keys
  • Analyzing popular encryption schemes including IPSEC

Module 17: Virtual Private Networks

  • VPN Tunneling Protocols
  • PPTP and L2TP
  • VPN Security

Module 18: WLAN

  • Wireless Network Types
  • Antenna
  • WLAN Standards
  • BlueTooth And Ultra Wideband
  • WEP Description Tool (Air Snort and WEPCrack)
  • WLAN Security;WPA; TKIP; WTLS
  • EAP Methods
  • Advanced Encryption Standards (AES); DES; RSA Encryption
  • RADIUS; Multifactor Authentication
  • Mobile Security Through Certificates
  • Certificate Management Through PKI

Module 19: Creating Fault Tolerance

  • Network Security: Fault Tolerance
  • Why Create Fault Tolerance
  • Planning For Fault Tolerance
  • Reasons For System Failure
  • Preventive Measures

Module 20: Incident Response

  • What Is an Incident
  • Step by Step Procedure
  • Managing Incidents
  • What Is an Incident Response
  • Six Step Approach for Incident Handling (PICERF Methodology)
  • Incident Response Team

Module 21: Disaster Recovery and Planning

  • What is a Disaster Recovery
  • Disaster Recovery Planning
  • Business Continuity Planning Process
  • Disaster Prevention

Module 22: Network Vulnerability Assessment

  • Vulnerability Assessment
  • Goals of vulnerability assessment
  • Network vulnerability Assessment methodology:
  • Selecting vulnerability assessment tools

Requirements

There are no specific requirements needed to attend this course.

  35 Hours
 

Related Courses

CRISC - Certified in Risk and Information Systems Control

  21 Hours

Related Categories