Information Security

SCNP Network Defense and Counter Measures

This course is designed to provide Windows 2000/NT and UNIX network administrators an awareness of security related issues and the essential skills they need to implement security. It is focused on understanding the architecture for network defense.

Lesson 1: Network Defense Fundamentals
Describe Network Defense
Identify Defensive Technologies
Describe the Objectives of Access Control
Identify the Impact of Defense
Define the Concepts of Network Auditing

Lesson 2: Designing Firewall Systems
Examine Firewall Components
Create a Firewall Policy
Rule Sets and Packet Filters
Proxy Server
The Bastion Host
The Honeypot

Lesson 3: Configuring Firewalls
Firewall Implementation Practices
Installing and Configuring Firewall-1
Monitor Firewall-1
Installing and Configuring ISA Server 2000
Monitor ISA Server
IPChains Concepts
Implementing Firewall Technologies

Lesson 4: Configuring VPNs
VPN Fundamentals
IP Security Protocol (IPSec)
VPN Design and Architecture
VPN Security
Configuring a VPN
Lesson 5: Designing an IDS
The Goals of an Intrusion Detection System
Technologies and Techniques of Intrusion Detection
Host-based Intrusion Detection
Network-based Intrusion Detection
The Analysis
How to Use an IDS
What an Intrusion Detection System Cannot Do

Lesson 6: Configuring an IDS
Snort Foundations
Installing Snort
Snort as an IDS
IDScenter
Configuring ISS Scanners

Lesson 7: Analyzing Intrusion Signatures
Describe the Concepts of Signature Analysis
Common Vulnerabilities and Exposures (CVE)
Signatures
Normal Traffic Signatures
Abnormal Traffic Signatures

Lesson 8: Performing a Risk Analysis
Concepts of Risk Analysis
Methods of Risk Analysis
The Process of Risk Analysis
Techniques to Minimize Risk
Continual Risk Analysis
Lesson 9: Creating a Security Policy
Concepts of Security Policies
The Policy Design
The Policies
An Example Policy
Incident Handling and Escalation Procedures
Partner Policies

SCNP Hardening the Infrastructure

This course is designed to provide the foundation skills that a security professional requires. These skills include: Router Security, Operating System Security, Advanced Knowledge of the TCP suite, and Network Security Basics.

Lesson 1: Advanced TCP/IP
TCP/IP Concepts
Subnet Masks (VLSM)
IP Datagrams
ICMP Messages
TCP Headers
UDP Headers
Packet Fragmentation
IPv6

Lesson 2: IPSec
IPSec Concepts
Encryption, Authentication and IPSec
IPSec Implementation
IPSec Transport Mode
IPSec Tunnel Mode
Identify AH & ESP captures in NetMon
IPv6 Security Features, and use of IPSec

Lesson 3: Hardening Linux Computers
Linux Administration
Open Source Issues/Concerns
Linux Security Basics
Bastille
Hardening Linux
Linux User Authentication
Hardening NFS
Hardening NIS
Logging
Tripwire

Lesson 4: Hardening Windows Computers
Windows 2000 Infrastructure Security
Windows 2000 Authentication
Windows 2000 User and Group Security
Windows 2000 Resource Security
Windows 2000 Auditing and Logging
Windows 2000 EFS
Windows 2000 Network Security
Windows XP User and Resource Security
Windows Client Firewalls
Lesson 5: Hardening Routers and using Access Control Lists
Describe the ARP and Routing Processes
Routing Protocol Security
Routing Tables
Fundamental Router Hardening
Access and Authentication Control
Auditing/Logging
Access Control List Creation
Access Control List Implementation

Lesson 6: Contingency Planning
Contingency Planning Requirements
Backup systems (Tape/RAID/Clusters)
Backup Media Storage and Security
Electrical Systems and Controls
Generators
Backup and Recovery Policy
Plan Testing and Implementation

Lesson 7: Security on the Internet and the WWW
Components of the Internet
The Weak Points of the Internet
DNS
The Techniques of Web Hacking
Securing IIS
Securing Apache
Securing Internet Explorer
Securing Outlook (Outlook Express)
Viruses, Worms, and Trojan Horses
Email Attacks
Methods of Attacking Users
DOS/DDOS

Lesson 8: Executing Attack Techniques
Network Reconnaissance
Mapping the Network
Sweeping the Network
Scanning the Network
Trojan Horse Use
Gaining Control over the System
Record Keystrokes
Gain and Crack Encrypted Passwords
Reveal Hidden Passwords
Social Engineering
Gain Unauthorized Access
Hide Evidence of an Attack
Breakdown of Mitnick Attack
Perform a Denial of Service
Compromise a Network

CompTIA Security+

This course is designed to provide Windows NT/2000 and Unix network administrators with an awareness of security related issues and the essential skills they need to implement security.

Lesson 1: Identify Security Threats
Identify Social Engineering Attacks
Classify Software Attacks
Identify Network Attacks

Lesson 2: Harden Internal Systems and Services
Harden Base Operating Systems
Harden Directory Services
Harden DHCP Servers
Harden Network File and Print Servers

Lesson 3: Harden Internetwork Devices and Services
Harden Internetwork Connection Devices
Harden DNS and BIND Servers
Harden Web Servers
Harden FTP Servers
Harden Network News Transport Protocol (NNTP) Servers
Harden Email Servers
Harden Conferencing and Messaging Server

Lesson 4: Secure Network Communications
Secure Network Traffic Using IP Security (IPSec)
Secure Wireless Traffic
Secure Client Internet Access
Secure the Remote Access Channels

Lesson 5: Manage Public Key Infrastructure (PKI)
Install a Certificate Authority (CA) Hierarchy
Harden a Certificate Authority
Back Up Certificate Authorities
Restore a Certificate Authority

Lesson 6: Manage Certificates
Enroll Certificates for Entities
Secure Network Traffic Using Certificates
Renew Certificates
Revoke Certificates
Back Up Certificates and Private Keys
Restore Certificates and Private Keys

Lesson 7: Enforce Organizational Security Policy
Enforce Corporate Security Policy Compliance
Enforce Legal Compliance
Enforce Physical Security Compliance
Educate Users

Lesson 8: Monitor the Security Infrastructure
Scan for Vulnerabilities
Monitor for Intruders
Set Up a Honeypot
Respond to Security Incidents