Overview:
A 5-day course in which delegates learn the fundamental issues of Information Security. Using many practical labs, this course covers such topics as using TCP/IP for computer communications, types of attack, applied cryptography, firewalls and intrusion detection systems, World Wide Web and operating system security. This course is aimed at individuals who want to move into the Internet Security arena or simply want to gain a broader working knowledge of the topic.
** Approved by the Institute for Security and Open Methodologies (ISECOM)
Length: 5 Days
Who should take this class?
Managers who need working knowledge of all areas of security
- I.T staff wanting to become security specialists
- Network, server and firewall administrators and developers who need to understand security issues.
Prerequisites:
Delegates should have an awareness of the concepts of Internet security
What you will learn:
- Hands on Skills and knowledge to deal with current industry security standards
- How to secure networks from unauthorised access
- Confidence and knowledge to park take in security discussions and decisions
Course Outline: |
Module 1 : Introduction to security
- 1.1 What is security
- 1.2 White hats v black hats
- 1.3 Threats to resources
- 1.4 A simple security model
- 1.5 Industry security standards
- 1.6 Security policies
- 1.7 Authentication
- 1.8 Encryption
- 1.9 Access control
- 1.10 Audit and administer
Module 2 : TCP/IP for Security
- 2.1 TCP/IP Architecture
- 2.2 LANs and WANs
- 2.3 IP and ICMP services
- 2.4 ARP and routing
- 2.5 Transport services
Module 3 : Applied Cryptography
- Encryption and trust relationships
- Symmetric encryption
- Asymmetric encryption
- Message digests
- Digital certificates
- Certificate authorities
- IPSec and VPNs
Module 4 : Types of Attack
- Spoofing
- Man-in-the-middle
- Denial of service
- Insider attacks
- Bug-based attacks
- Key logging
- Brute force attacks
- Trojans, viruses and worms
- Root kits
|
Module 5 : Firewall Roles and Types
- Packet filters
- Stateful inspection
- Circuit level gateways
- Application proxies
- Demilitarised zones
- Network address translation
Module
Module 6: Firewall Design Topology and Management
- Design principles
- Common topologies
- ICMP and firewalls
- Firewall management
- Perimeter routers
Module 7 : World Wide Web Security
- Web technologies
- Browser privacy
- Cookies
- Mobile code threats
- Web server security
- Web traffic security
Module 8 : Intrusion Detection Systems
- IDS methodologies
- IDS concerns
Module 9 : Operating System Security
- Key OS vulnerabilities
- Windows security components
- Linux security components
Module 10 : The Auditing Process
- Introduction
- Risk analysis
- Ethical hacking
- Auditing and log analysis
- Windows & Linux logging
- Making recommendations and producing reports
|
.
|
