Computer and network security is one of the most talked-about subjects there is. Even computer neophytes know that there are bad guys out there who want to crack computer systems and networks. Veteran I.T. pros understand that computer and network security is a never-ending process of education, analysis, and mitigation. In this two-day network security workshop, you'll learn the fundamentals of network security to provide a basic understanding of the types of threats, vulnerabilities, and attacks. You'll also learn, through practical hands-on exercises, some of the tools available to help minimize your vulnerabilties and analyze your network for security holes.
Bring this Workshop Onsite to Your Location. Small or large groups; Save on travel expense and time away from the office by bringing the training right to your door. Find out more.
Course Objectives
Upon completion of soundtraining.net's network security training workshop, you'll...
Review the four elements of security
Discuss Defense-in-Depth as it applies to network security
Practice performing a risk analysis for your network
Discuss AAA in a network setting
Practice basic cryptographic techniques
Practice requesting and managing personal certificates
Connect to a Windows-based VPN
Connect to a Cisco-based VPN
Practice intercepting non-secure wireless transmissions
Practice generating and installing an self-signed SSL certificate on a Linux-based Web server
Review debugging output on a firewall running NAT and PAT
Describe Intrusion Detection Systems and their implementation in networks
Certifications and Exams
This IT training workshop can help prepare the student for professional certification including CompTIA Security+. It is not designed as a test-taker's boot camp or a certification "cram" course. Exam candidates are encouraged to visit CompTIA.org for complete exam objectives and outlines.
Who should attend?
This workshop is intended for network security personnel including network administrators, network engineers, help desk staff, IT managers, CIOs, CTOs, and anyone responsible for network security and operations.
Frequently Asked Questions
Q: What operating systems do you use in your workshop?
A: We use Windows and Linux.
Q: How much of this class is taught in the command line as opposed to the GUI?
A: It's mainly in the GUI, but there is work in the command line.
Q: What operating system is loaded on the classroom computers?
A: We use Windows 7 Professional.
Bring this Workshop Onsite to Your Location. Small or large groups; Save on travel expense and time away from the office by bringing the training right to your door. Find out more.
Course Outline
Module One: An Overview of Network and System Security
In this module, you'll learn about the types of vulnerabilities and threats to network security, plus the attacks that take advantage of such vulnerabilities. You'll learn how to design an effective security policy for your organization. We'll help you understand the critical security process that you should use in implementing secure systems. You'll gain an understanding of the legal aspects of security and the legal dangers of non-security. We'll explain AAA (Authentication, Authorization, and Accounting) and its importance in network security. The module concludes with a thorough understanding of Defense-in-Depth and how you can use it to secure your network.
An introduction to vulnerabilities, threats, and attacks
Understanding the security process
The legal aspects of security and non-security
An introduction to AAA (Authentication, Authorization, and Accounting)
Understanding Defense-in-Depth
Designing your organizational security policies and procedures
Module Two: AAA (Authentication, Authorization, and Accounting)
AAA is a combination of technology that allow you to ensure you know who is gaining access to your systems and networks, control what they're allowed to see and do, and have a record of what they did. AAA is fundamental to network security and in this module you'll learn the most common means of authenticating users. We'll show you how to understand Windows, Linux, and Cisco privilege levels. You'll also learn two methods for logging activity by users.
Authentication methods including usernames, passwords
Kerberos
Challenge Handshake Authentication Protocol
Security tokens
Digital certificates
Biometrics
Future authentication factors
Privilege levels
Logging options including Event Viewer and syslog
Module Three: Vulnerabilities, Threats, and Attacks
In this module, you'll gain an understanding of how and why vulnerabilities exist, the threats created by the vulnerabilities, and the types of attacks that take advantage of the vulnerabilities. You'll learn about man-in-the-middle attacks, denial-of-service attacks, replays, spoofing, TCP session hijacking, and other threats and attacks.
Types of attacks including reconnaissance, access, and denial-of-service
Social engineering
Software exploitation
Module Four: Understanding Cryptography
Module four is all about encryption. You'll learn about single-key cryptography and the benefits of using a Public Key Infrastructure (PKI). We'll show you how to get and install certificates from third-parties, plus you'll learn how to set up and operate your own certificate server.
Basics of cryptography
Single key cryptography
Public Key Infrastructure (PKI)
Key management
Acquiring third-party certificates
Installing a certificate server
Module Five: Email Security
Email is now the primary communication method of business. Unfortunately, email is notoriously non-secure. It is, however, possible to secure email and in this module, you'll learn about the vulnerabilities of email and how to use it securely.
Understanding email vulnerabilities
Securing email
PGP and S/MIME encryption
Module Six: Securing Remote Access
Remote users are quickly becoming the norm, whether it's a traveling user or a telecommuter. Remote access, although very convenient, presents serious security concerns in terms in terms of opening your networks and systems to external threats. In this module, you'll learn about the threats created by remote users and options for minimizing them. You'll also learn about options for creating and managing Virtual Private Networks (VPNs).
Remote access vulnerabilities
Understanding options for Virtual Private Networks (VPNs)
Module Seven: Wireless Security
Wireless networking is incredibly convenient, but fraught with peril for the naïve user. In this module, you'll learn about the dangers of wireless networking and key strategies and technologies for securing wireless networks.
Understanding IEEE 802.11 and its extensions
Wireless encryption technologies including WEP, WPA, and WPA2
Other Wi-Fi security procedures
Module Eight: Web Security
It seems like nearly every day we hear of another vulnerability related to the World Wide Web. In this module, you'll learn about basic best practices for using various Web services, whether at a server level or in Web browsers.
Understanding SSL and TLS
Understanding the risks of Web applications such as JavaScript and ActiveX
The importance of securing SMTP relays
Web server security
Browser security
Module Nine: Intrusion Detection
In spite of our best efforts, sometimes the bad guys gain entrance to our systems or networks. When that happens, it's critically important to be aware of the intrusion as soon as possible. In this module, we'll introduce you to intrusion detection systems, including the various types of IDS available and examples of how to use them.
Intrusion detection systems
Host-based IDS
Protocol-based IDS
Application-protocol based IDS
Passive vs. active detection
Snort
Honeypots
Prerequisites
This is a professional-level network security and computer security class. Prospective students should have a basic understanding of computer and networking concepts and technologies. Please contact us for help in deciding if this is the right network security training for you.
This seminar is currently available only for onsite presentation. Onsite training can make sense for groups of four or more. It may be offered publicly in the future, so please check back frequently or call 206.988.5858 for the latest schedule updates. Please click here for more information about soundtraining.net's onsite training programs.
Schedule and Registration
Two consecutive days
Doors open (both days): 8:30 a.m.
Registration (day one): 8:30 a.m. to 9:00 a.m.
Morning session (both days): 9:00 a.m. to 11:45 a.m.
Lunch (on your own, both days): 11:45 a.m. to 12:45 p.m.
Afternoon session (both days): 12:45 p.m. to 4:00 p.m.
There will be a fifteen minute break in the morning and afternoon sessions each day.
Registration Fee
$995.00 early bird rate, otherwise $1,195.00
1 or more: $895.00 early bird rate, otherwise $1,095.00 per person
(Early bird rate applies when you register and pay at least 30 days prior to the workshop.)
Onsite Training
Bring us onsite to your location! Private team training can be a great solution for groups of three or more.
All of soundtraining.net's workshops and seminars are available for presentation onsite at your location or online in our WebEx online training center. You choose the time, the topic, and the location and we'll be there with top-notch training, delivered by the best trainers in the industry. Practical, understandable, and relevant is what makes the soundtraining.net difference! Call 206.988.5858 or click the link for more information about bringing training right to your door or to your computer.