Network Security Training: Understanding the Fundamentals of Network Security

Description

Course Objectives

Upon completion of soundtraining.net's network security training workshop, you'll...

• Review the four elements of security
• Discuss Defense-in-Depth as it applies to network security
• Practice performing a risk analysis for your network
• Discuss AAA in a network setting
• Practice basic cryptographic techniques
• Practice requesting and managing personal certificates
• Connect to a Windows-based VPN
• Connect to a Cisco-based VPN
• Practice intercepting non-secure wireless transmissions
• Practice generating and installing an self-signed SSL certificate on a Linux-based Web server
• Review debugging output on a firewall running NAT and PAT
• Describe Intrusion Detection Systems and their implementation in networks

Certifications and Exams

This IT training workshop can help prepare the student for professional certification including CompTIA Security+.  It is not designed as a test-taker's boot camp or a certification "cram" course.  Exam candidates are encouraged to visit CompTIA.org for complete exam objectives and outlines.

Who should attend?

This workshop is intended for network security personnel including network administrators, network engineers, help desk staff, IT managers, CIOs, CTOs, and anyone responsible for network security and operations.

Frequently Asked Questions

Q:  What operating systems do you use in your workshop?
A:  We use Windows and Linux.

Q:  How much of this class is taught in the command line as opposed to the GUI?
A:  It's mainly in the GUI, but there is work in the command line.

Q:  What operating system is loaded on the classroom computers?
A:  We use Windows 7 Professional.

Bring this Workshop Onsite to Your Location.  Small or large groups; Save on travel expense and time away from the office by bringing the training right to your door. Find out more.

Course Outline

Module One: An Overview of Network and System Security

In this module, you'll learn about the types of vulnerabilities and threats to network security, plus the attacks that take advantage of such vulnerabilities.  You'll learn how to design an effective security policy for your organization.  We'll help you understand the critical security process that you should use in implementing secure systems.  You'll gain an understanding of the legal aspects of security and the legal dangers of non-security.  We'll explain AAA (Authentication, Authorization, and Accounting) and its importance in network security.  The module concludes with a thorough understanding of Defense-in-Depth and how you can use it to secure your network.

• An introduction to vulnerabilities, threats, and attacks
• Understanding the security process
• The legal aspects of security and non-security
• An introduction to AAA (Authentication, Authorization, and Accounting)
• Understanding Defense-in-Depth
• Designing your organizational security policies and procedures

Module Two:  AAA (Authentication, Authorization, and Accounting)

AAA is a combination of technology that allow you to ensure you know who is gaining access to your systems and networks, control what they're allowed to see and do, and have a record of what they did.  AAA is fundamental to network security and in this module you'll learn the most common means of authenticating users.  We'll show you how to understand Windows, Linux, and Cisco privilege levels.  You'll also learn two methods for logging activity by users.

• Authentication methods including usernames, passwords
• Kerberos
• Challenge Handshake Authentication Protocol
• Security tokens
• Digital certificates
• Biometrics
• Future authentication factors
• Privilege levels
• Logging options including Event Viewer and syslog

Module Three:  Vulnerabilities, Threats, and Attacks

In this module, you'll gain an understanding of how and why vulnerabilities exist, the threats created by the vulnerabilities, and the types of attacks that take advantage of the vulnerabilities.  You'll learn about man-in-the-middle attacks, denial-of-service attacks, replays, spoofing, TCP session hijacking, and other threats and attacks.

• Types of attacks including reconnaissance, access, and denial-of-service
• Social engineering
• Software exploitation

Module Four: Understanding Cryptography

Module four is all about encryption.  You'll learn about single-key cryptography and the benefits of using  a Public Key Infrastructure (PKI).  We'll show you how to get and install certificates from third-parties, plus you'll learn how to set up and operate your own certificate server.

• Basics of cryptography
• Single key cryptography
• Public Key Infrastructure (PKI)
• Key management
• Acquiring third-party certificates
• Installing a certificate server

Module Five:  Email Security

Email is now the primary communication method of business.  Unfortunately, email is notoriously non-secure.  It is, however, possible to secure email and in this module, you'll learn about the vulnerabilities of email and how to use it securely.

• Understanding email vulnerabilities
• Securing email
• PGP and S/MIME encryption

Module Six: Securing Remote Access

Remote users are quickly becoming the norm, whether it's a traveling user or a telecommuter.  Remote access, although very convenient, presents serious security concerns in terms in terms of opening your networks and systems to external threats.  In this module, you'll learn about the threats created by remote users and options for minimizing them.  You'll also learn about options for creating and managing Virtual Private Networks (VPNs).

• Remote access vulnerabilities
• Understanding options for Virtual Private Networks (VPNs)

Module Seven:  Wireless Security

Wireless networking is incredibly convenient, but fraught with peril for the naïve user.  In this module, you'll learn about the dangers of wireless networking and key strategies and technologies for securing wireless networks.

• Understanding IEEE 802.11 and its extensions
• Wireless encryption technologies including WEP, WPA, and WPA2
• Other Wi-Fi security procedures

Module Eight: Web Security

It seems like nearly every day we hear of another vulnerability related to the World Wide Web.  In this module, you'll learn about basic best practices for using various Web services, whether at a server level or in Web browsers.

• Understanding SSL and TLS
• Understanding the risks of Web applications such as JavaScript and ActiveX
• The importance of securing SMTP relays
• Web server security
• Browser security

Module Nine: Intrusion Detection

In spite of our best efforts, sometimes the bad guys gain entrance to our systems or networks.  When that happens, it's critically important to be aware of the intrusion as soon as possible.  In this module, we'll introduce you to intrusion detection systems, including the various types of IDS available and examples of how to use them.

• Intrusion detection systems
• Host-based IDS
• Protocol-based IDS
• Application-protocol based IDS
• Passive vs. active detection
• Snort
• Honeypots

Prerequisites

This is a professional-level network security and computer security class. Prospective students should have a basic understanding of computer and networking concepts and technologies. Please contact us for help in deciding if this is the right network security training for you.

	This seminar is currently available only for onsite presentation. Onsite training can make sense for groups of four or more. It may be offered publicly in the future, so please check back frequently or call 206.988.5858 for the latest schedule updates. Please click here for more information about soundtraining.net's onsite training programs.

Schedule and Registration

• Doors open (both days): 8:30 a.m.
• Registration (day one): 8:30 a.m. to 9:00 a.m.
• Morning session (both days): 9:00 a.m. to 11:45 a.m.
• Lunch (on your own, both days): 11:45 a.m. to 12:45 p.m.
• Afternoon session (both days): 12:45 p.m. to 4:00 p.m.

Registration Fee

$995.00 early bird rate, otherwise $1,195.00

1 or more: $895.00 early bird rate, otherwise $1,095.00 per person

(Early bird rate applies when you register and pay at least 30 days prior to the workshop.)

Onsite Training

Bring us onsite to your location!  Private team training can be a great solution for groups of three or more.

All of soundtraining.net's workshops and seminars are available for presentation onsite at your location or online in our WebEx online training center.  You choose the time, the topic, and the location and we'll be there with top-notch training, delivered by the best trainers in the industry.  Practical, understandable, and relevant is what makes the soundtraining.net difference! Call 206.988.5858 or click the link for more information about bringing training right to your door or to your computer.

Recommended Reading for This Course

Hacking Exposed 5th Edition

Group Policy, Profiles, and Intellimirror

Windows Server 2003 Security Cookbook

Linux Security Cookbook

Bug-Free Computing: Stop Viruses, Squash Worms, and Smash Trojan Horses