Course Outline

Module 1: Introduction to Network Security

  • Network topology; Network Types and the OSI Model

Module 2: Network Protocols

  • Network Protocols: SLIP; PPP; ARP; RARP; IGMP; ICMP; SNMP, HTTP
  • IP: Attacks and Countermeasures
  • TCP, UDP: Attacks and Countermeasures
  • FTP, TFTP, TELNET, SMTP: Vulnerabilities

Module 3: Security Policy

  • What is Security Policy?
  • What Defines a good security policy
  • Security Policy Structure
  • Developing and Implementing security policies
  • Requirements of Effective Security Policy

Module 4: Physical Security

  • Physical Security Threats
  • Locks and Keys
  • TEMPEST
  • Fire Safety: Fire Suppression, Gaseous Emission Systems
  • Laptop Security: Physical Security Countermeasures
  • Biometric Devices
  • PC Security: Boot Access

Module 5: Network Attacks

  • Current Statistics
  • Defining Terms: Threats, Attack and Exploit
  • Classification of Hackers and Attacks
  • Spoofing; Spamming; Eaves Dropping; Phishing; War Dialing; Password Cracking
  • Web Page Defacement; SQL Injection; Wire Tapping; Buffer Overflow
  • War Driving; War Chalking; War Flying
  • Denial of Service (DOS) Attacks and Distributed DOS

Module 6: Intrusion Detection System

  • Characteristics of IDS
  • Host based IDS Vs Network based IDS
  • IDS Detection Methods; Types of Signatures
  • Intrusion Prevention System
  • IDS Vs IPS
  • IPS Tool

Module 7: Firewalls

  • Handling threats and security tasks
  • Protection against hacking
  • Centralization and Documentation
  • Multi-layer firewall protection
  • Packet filtering and Stateful Packet Filtering
  • Multi firewall DMZ
  • Specialty firewalls and Reverse firewalls

Module8: Packet Filtering and Proxy Servers

  • Network Address Translation
  • Application layer gateway and Proxying
  • Virtual Private Network and the Authentication process

Module 9: Bastion Host and Honeypots

  • Bastion Host
  • Honeypots and Honeynet

Module 10: Hardening Routers

  • Internet work Operating Systems (IOS)
  • Troubleshooting a router
  • Hardening a Router
  • Components of router security
  • Router security: testing tools

Module 11: Hardening Operating Systems Security

  • Windows Security
  • Objects And Permissions
  • NTFS File System Permissions
  • Active Directory
  • Kerberos Authentication And Security
  • IP Security
  • Linux

Module 12: Patch Management

  • Red Hat Up2date Patch Management Utility Installation Steps
  • Microsoft Patch Management Process and Windows Update Services
  • Patch Management Tools: Qchain
  • Patch Management Tool: Microsoft Baseline Security Analyzer
  • Other Patch Management Tools

Module 13: Application Security

  • Securing Web Applications
  • IPSec And SSL Security
  • Writing Secure Code; Best Practices
  • Remote Administration Security

Module 14: Web Security

  • Network Devices and Design
  • Altering the Network Addresses
  • Client Authorization and Secure Client Transmissions
  • Portable Applications
  • Malicious Code Detection
  • Browser Security Settings
  • Common Gateway Interface (CGI)
  • Web Application Input Data Validation and Buffer Overflows

Module 15: E-Mail Security

  • Components Of An Email
  • E-mail protocols
  • E-Mail Security Risks
  • How to defend against E-Mail security risks

Module 16: Encryption

  • Firewalls Implementing Encryption
  • Maintaining confidentiality
  • Digital certificates
  • Public and Private Keys (including PGP)
  • Choosing the size of keys
  • Analyzing popular encryption schemes including IPSEC

Module 17: Virtual Private Networks

  • VPN Tunneling Protocols
  • PPTP and L2TP
  • VPN Security

Module 18: WLAN

  • Wireless Network Types
  • Antenna
  • WLAN Standards
  • BlueTooth And Ultra Wideband
  • WEP Description Tool (Air Snort and WEPCrack)
  • WLAN Security;WPA; TKIP; WTLS
  • EAP Methods
  • Advanced Encryption Standards (AES); DES; RSA Encryption
  • RADIUS; Multifactor Authentication
  • Mobile Security Through Certificates
  • Certificate Management Through PKI

Module 19: Creating Fault Tolerance

  • Network Security: Fault Tolerance
  • Why Create Fault Tolerance
  • Planning For Fault Tolerance
  • Reasons For System Failure
  • Preventive Measures

Module 20: Incident Response

  • What Is an Incident
  • Step by Step Procedure
  • Managing Incidents
  • What Is an Incident Response
  • Six Step Approach for Incident Handling (PICERF Methodology)
  • Incident Response Team

Module 21: Disaster Recovery and Planning

  • What is a Disaster Recovery
  • Disaster Recovery Planning
  • Business Continuity Planning Process
  • Disaster Prevention

Module 22: Network Vulnerability Assessment

  • Vulnerability Assessment
  • Goals of vulnerability assessment
  • Network vulnerability Assessment methodology:
  • Selecting vulnerability assessment tools

Requirements

There are no specific requirements needed to attend this course.

  35 Hours
 

Related Courses

CRISC - Certified in Risk and Information Systems Control

  21 Hours

Standard Java Security

  14 Hours

Java and Web Application Security

  21 Hours

Advanced Java Security

  21 Hours

Advanced Java, JEE and Web Application Security

  28 Hours

Related Categories