Training Course:Network Security 1: Policy, Administration and FirewallsSchool/Trainer:Global Knowledge Network (Singapore) Pte Ltd
Singapore, Singapore
Course Format: Classroom | E-learning | Virtual Class | Online | On-site | Blended | Self-paced
Course Description:
'' High-profile security breaches have made network access control one of the most important concerns for corporate and government network managers. It is your job to reduce the chance of security breaches. Do you know what attacks intruders use and how to counter them? As hackers become more sophisticated, so must you. This course will give you the foundation security knowledge to protect your network from attack.
Labs reinforce vital security concepts and provide real-world practice. Use tools such as Internet Security Systems’ SAFEsuiteTM and RealSecure®, Check Point FireWall-1, and Funk Software’s Steel-Belted Radius.
What You’ll Learn
Design security plans to protect your network access points and services
Use the latest screening routers and firewall hardware and software
Design firewalls using router packet filtering and stateful inspection devices
Use port scanners, Telnet, TFTP, FTP, and other hacker tools
Use an Intrusion Detection System (IDS) to identify hacker attacks
Investigate intrusions on the classroom network
Test your classroom network’s security and secure a host
Use certificates and public-key cryptography to encrypt information
Who Needs to attend
Anyone responsible for designing or implementing security policy in an enterprise network, specifically Network Engineers and Managers, Security Administrators, IS and Data Center Managers, System Administrators, Security Analysts, and individuals seeking CompTIA Security+TM certification and or the TruSecure TICSA Certified Security Associate certification.
Pre-requisite
A fundamental knowledge of TCP/IP is recommended
Course Outline
1. Attacks
How attackers think
Looking for holes
Thinking "outside the box"
Information gathering
Social engineering
Scanning and sniffing
Unauthorized access
Misadministration
User accounts and passwords
Default settings
Session hijacking
Software bugs
Buffer overflows
Bad input data
Malicious code
Viruses
Places where security never existed
Non-authenticated services
Denial of service
Resource overload
TCP SYN Floods
Distributed DOS
2. Security Assessment
Risks
Assess threats
Implement safeguards
What to protect?
Trade secrets
Customer data
Employee information
Who are the attackers?
White and black hat hackers
Script kiddies
Corporate or government spies
Hacker Motives
Money
Anger/revenge
Legal issues
Computer Fraud and Abuse Act
Due diligence and downstream liability
Global jurisdictions
3. Security Implementation Policy
Characteristics
Implementable and enforceable
Ease of use vs. security trade-offs
Architecture
Network configuration
Separation of services
Deny all vs. allow all
Services and access
Physical security
Common network services
Functions, vulnerabilities, and policies
telnet
dns
ftp
smtp
pop3
http
snmp
icmp
Vulnerability detection and audit
Intrusion detection
Incident response planning
Documenting an incident
Evidence gathering and forensics
Incident recovery
4. Firewall Architecture
Perimeter definition
Trusted vs. untrusted
Depth of defense
Single-layer protection
Double-layer protection
DMZ
Triple-layer
Belt and suspenders
5. Firewall Components
Bastion host
Host-based network security
Packet filters
IP addresses and port numbers
Protocol
Proxy servers
Application-level filtering
Stateful inspection
Dynamic filtering
Hybrid firewalls
Features and advantages
Host firewalls
Firewall products
PIX, FW-1, Gauntlet, Raptor, Sidewinder
Firewall appliances
Content filtering
6. Authentication
Reasons to authenticate
Access control
Audit and accountability
Authenticators
Something you know
Something you have
Something you are
Passwords
PINS
Tokens and keys
Smartcards
Certificates and digital IDs
Biometrics
Fingerprints
Retinal and iris scanning
Voiceprints
Body geometry
Authentication placement
Where does trust occur?
Issues
Trust and granting authorization
False positives and negatives
Randomness and entropy
Scalability
Enhancements
Two-factor authentication
One-time passwords
Single sign-on
Remote authentication
Centralized authentication methods
TACACS+
RADIUS
Kerberos
7. Intrusion Detection
Detection methods
Anomaly detection
Attack signature detection
Detection process
Network-based
Host-based
Centralization and placement
IDS Issues
False positives and negatives
IDS compromise
8. Vulnerability Assessment and Audit
Break in before the hackers do
Types of vulnerability scanners
Network-based and host-based
Database
Web server
Firewall
Issues
Network impact
Scan frequency
Updates
9. Cryptography
Features of Cryptography
Secret-key cryptography
Public-key cryptography
Message digest algorithms
Digital signatures
Certificates
Certificate authorities
Public Key Infrastructure (PKI)
Cryptographic applications
PGP, SSL, SSH, S/MIME
VPNs and IPsec
Code signing
Secure Sockets Layer (SSL)
SSL handshake
Cryptographic algorithms in SSL
...''
Please go to the school's official website for training price and schedule:
http://www.globalknowledge.com.sg
http://www.globalknowledge.com.sg/security/NetworkSecurityI.asp
Phone:65.6332 2268/2330
School Address:
331 North Bridge Road #18-03/05
Odeon Towers
Singapore 188720
Tel: 65.6332 2268/2330
Fax: 65.6338 6149
Email: enquiries@globalknowledge.com.sg
Jobs & Resumes: Singapore
Houses & Roommates: Singapore
Other training courses offered by Global Knowledge Network (Singapore) Pte Ltd:
Securing Cisco IOS Networks(SECUR)
Enterprise Voice over Data Design (EVODD)
IP Telephony Troubleshooting (IPTT)
Cisco IP Telephony (CIPT) v3.3
CVoice (Cisco Voice over IP)
Cisco Secure Virtual Networks (CSVPN)
Aironet Wireless LAN Fundamentals and Cisco Wireless Site Survey (AWFSS)
Microsoft Certified Systems Administrator (MCSA)
Microsoft Certified System Engineer (MCSE)
Microsoft Certified System Engineer (MCSE) -Win2000
Network Security 2: Integration and Implementation
Network Security 3: Applied Security
CISSP
Understanding Network Fundamental
Networking Management Design, Tools and Optimization
Internetworking Routers and Switches
Mastering TCP/IP
Converging Voice and Data Networks
Telecommunications Fundamentals I
Notice: The course description on this page was captured from the Internet as historical reference or submitted by visitors. It was archived statically and not updated from day to day.
Facts:
This website holds more than 300,000 training course records worldwide, with hundreds of new postings daily. All services in this website are free! |
|
|
