Overview:
A 5-day course in which delegates learn the fundamental issues of Information Security. Using many practical labs, this course covers such topics as using TCP/IP for computer communications, types of attack, applied cryptography, firewalls and intrusion detection systems, World Wide Web and operating system security. This course is aimed at individuals who want to move into the Internet Security arena or simply want to gain a broader working knowledge of the topic.
** Approved by the Institute for Security and Open Methodologies (ISECOM)
Length: 5 days
Who should take this class?
Managers who need working knowledge of all areas of security
- I.T staff wanting to become security specialists
- Network, server and firewall administrators and developers who need to understand security issues.
Prerequisites:
Delegates should have an awareness of the concepts of Internet security
What you will learn:
Hands on Skills and knowledge to deal with current industry security standards
How to secure networks from unauthorised access
Confidence and knowledge to park take in security discussions and decisions
| Course Outline:
Module 1: Introduction to security
1.1 What is security
1.2 White hats v black hats
1.3 Threats to resources
1.4 A simple security model
1.5 Industry security standards
1.6 Security policies
1.7 Authentication
1.8 Encryption
1.9 Access control
1.10 Audit and administer
Module 2: TCP/IP for Security
2.1 TCP/IP Architecture
2.2 LANs and WANs
2.3 IP and ICMP services
2.4 ARP and routing
2.5 Transport services
Module 3: Applied Cryptography
- Encryption and trust relationships
- Symmetric encryption
- Asymmetric encryption
- Message digests
- Digital certificates
- Certificate authorities
- IPSec and VPNs
Module 4: Types of Attack
- Spoofing
- Man-in-the-middle
- Denial of service
- Insider attacks
- Bug-based attacks
- Key logging
- Brute force attacks
- Trojans, viruses and worms
- Root kits
|
Module 5: Firewall Roles and Types
- Packet filters
- Stateful inspection
- Circuit level gateways
- Application proxies
- Demilitarised zones
- Network address translation
Module 6: Firewall Design Topology and Management
- Design principles
- Common topologies
- ICMP and firewalls
- Firewall management
- Perimeter routers
Module 6: Firewall Design Topology and Management
Web technologies
Browser privacy
Cookies
Mobile code threats
Web server security
Web traffic security
Module 8: Intrusion Detection Systems
IDS methodologies
IDS concerns
Module 9: Operating System Security
Key OS vulnerabilities
Windows security components
Linux security components
Module 10: The Auditing Process
Introduction
Risk analysis
Ethical hacking
Auditing and log analysis
Windows & Linux logging
Making recommendations and producing reports
|
|
