Network Security 3: Applied Security

Global Knowledge Network (Singapore) Pte Ltd
Singapore, Singapore

Course Format: Classroom | E-learning | Virtual Class | Online | On-site | Blended | Self-paced

Course Description:

'' Facing complex security issues? This intense 4-day course builds upon your foundation-level security knowledge to take you to the next level in implementing advanced security concepts and policies to protect your information networks against hackers and internal and external threats.
Lecture is utilized to reinforce security background and knowledge, but this course focuses on the practical application of security techniques. In fact, more than 80% of the time you’ll be in hands-on labs, working collaboratively with peers and industry-leading instructors/consultants on advanced security scenarios.

Learn to implement security audits, build high security architectures, use and tune intrusion detection applications, perform advanced penetration testing, secure UNIX and Windows hosts, enforce security policies, and detect and respond to vulnerabilities and attacks.
For those studying the Common Body of Knowledge, this course will also cover the high-level security CISSP domain information via logical cross-domain lectures organized around real-world implementation, while allowing you to actually experience these advanced security concepts in an intensive, hands-on lab environment.

What You’ll Learn
Define and create a security zone
Configure and use RADIUS server software
Install and run ACID/SNORT Intrusion Detection software on Linux systems
Use NESSUS vulnerability tools to pinpoint potential network weaknesses
Implement Cisco PIX firewall policies
Install and configure various security tools to perform vulnerability scanning and file system monitoring
Implement host security, including operating system hardening
Identify application data-flow profiling and create a secure custom application
Use the basic components of cryptography, including hybrid cryptography
Implement secure architectures using zone-based security models
Identify exposures and implement steps on a Linux server to reduce DNS risk
Characterize Application Data flow for e-mail, DNS, and Internet services on a web server
Encrypt and decrypt e-mail messages
Implement ACL to control traffic flow
Implement dynamic filtering techniques on a Cisco PIX firewall
Identify placement and tuning of IDS devices and port spanning (mirroring)
Install, configure, and test Snort IDS on Red Hat Linux or Windows 2000
Create a VPN IPSec tunnel between Cisco PIX firewalls using DES
Additional Benefits

As a security professional, you know that success means staying ahead of the hackers in knowledge and in toolset. As an added benefit you’ll take home an extensive CD-ROM filled with:

Host and network intrusion detection tools for Windows and Linux
Vulnerability testing tools
Hacking tools
White papers on hack attacks, networking, and security
Security policy outlines
Linux management tools
Ethical hacking and penetration tools
Forensics toolkit
Who Needs to Attend
Network security engineers, managers, and administrators responsible for complex network security policy, design, and implementation as well as candidates for CISSP certification.

Course Outline
1. Physical Security
This section explores the concepts of premises security and the role it plays in an overall architecture, outlines two goals of personnel security, and defines physical security control methods.

Premises security
Location, location, location
Defining a perimeter
Personnel security
New-hire guidelines
Protecting personnel from exposure
Protecting the company from exposure to personnel
Control mechanisms
Guard force
Fences and walls
Lighting
Natural disaster and fire protection
Automatic perimeter control
2. Logical Security
Understand the role that authentication and authorization play in logical security, the differences between simple and strong authentication processes, the principle of least privilege, accounting and auditing processes, and how to use packet filtering and stateful inspection techniques to control traffic flow.

Authentication
Username/password
Token based authentication, including PKI
Biometrics
Simple versus strong authentication
Single sign-on
Shared and anonymous accounts
Authorization
Role-based access
Principle of least privilege
Network Layer control mechanisms
Application Layer control mechanisms
Accounting
What to log
Where to log
How long to keep logs
Importance of log review
How to influence what is logged
3. Zone Security
Explore the concept of physical security zones and be able to relate them to logical objects, identify corporate assets and the role they play in zones, understand how many traditional networking subsystems can affect the successful zone deployment, and identify logical and intelligent locations to deploy intrusion detection systems.

Concept of zoned security
Benefits
Drawbacks
IP address schemes
Importance of physical separation between zones
Mitigating risks
Asset placement
Architectural considerations
Extranet architecture
VPN architecture
Backup facilities
Mass data storage architecture
Intrusion detection
Types
Placement
Issues
4. Host Security
Discover the considerations and differences between OS security, individual service security, object security, and host security. Understand the role of file permissions and data labeling, the benefits of file system integrity monitoring and when to use it, determine the process and need for self-auditing, and recognize the benefits of port scanning and vulnerability testing.

Operating system security
Hardening the OS
Patch application
Production systems and testing
Service offerings
Determining what services to offer
Starting and stopping services
Boot scripts
Data access subsystem
File permissions
Date labeling
File system integrity monitoring
Baseline information
Looking for changes
Updating files
Periodic health checks
Port scans
Vulnerability assessments
Penetration tests
5. Applications Security
Understand applications data flow and interactions within a zone and host subsystems, relate user roles and responsibilities to the principle of "least privileged," comprehend the importance of a well-defined code development process, and recognize the benefits of a code quality assurance program and third party code review.

Characterizing application data flow
Required inputs
Required outputs
Sensitivity of inputs and outputs
User roles and responsibilities
Application interaction with host subsystems
Code development process
Code management
Code review
Proactive security education for programmers
Code development quality control process
Benefits of quality assurance program
Third party review
6. Cryptography
Explore the components of symmetric and asymmetric cryptography and key processes, understand typical applications, appreciate hybrid cryptography, and recognize the need to protect information during transit and in storage.

Background and history
Basic tenets
Mathematics
Forward and reverse
Types
Symmetric
Asymmetric
Common applications
Application Layer
Interprocessing Layer
Host Layer
IP Layer
Physical Layer
Hybrid cryptography
Asymmetric to deliver symmetric
Digital signatures and data integrity
Data protection
Information in transit
Information in storage
7. Administrative Security
Understand security policies and initiatives, procedures and run books, the life cycle of policies and procedures, change control management, disaster recovery and business continuity planning, the need for a comprehensive comm ...''

Phone:65.6332 2268/2330

School Address:

331 North Bridge Road #18-03/05
Odeon Towers
Singapore 188720
Tel: 65.6332 2268/2330
Fax: 65.6338 6149
Email: enquiries@globalknowledge.com.sg

Jobs & Resumes: Singapore
Houses & Roommates: Singapore

IP Telephony Troubleshooting (IPTT)
Cisco IP Telephony (CIPT) v3.3
CVoice (Cisco Voice over IP)
Cisco Secure Virtual Networks (CSVPN)
Aironet Wireless LAN Fundamentals and Cisco Wireless Site Survey (AWFSS)
Microsoft Certified Systems Administrator (MCSA)
Microsoft Certified System Engineer (MCSE)
Microsoft Certified System Engineer (MCSE) -Win2000
Network Security 1: Policy, Administration and Firewalls
Network Security 2: Integration and Implementation
CISSP
Understanding Network Fundamental
Networking Management Design, Tools and Optimization
Internetworking Routers and Switches
Mastering TCP/IP
Converging Voice and Data Networks
Telecommunications Fundamentals I
Telecommunications Fundamentals II
HP Tru64 Unix v5 Utilities and Commands

Notice: The course description on this page was captured from the Internet as historical reference or submitted by visitors. It was archived statically and not updated from day to day.
 

Facts: This website holds more than 300,000 training course records worldwide, with hundreds of new postings daily. All services in this website are free!