Network Security Administrator

Transcription

1 Network Security Administrator Course ID ECC600 Course Description This course looks at the network security in defensive view. The ENSA program is designed to provide fundamental skills needed to analyze the internal and external security threats against a network, and to develop security policies that will protect an organization s information. Students will learn how to evaluate network and Internet security issues and design, and how to implement successful security policies and firewall strategies. In addition, they will learn how to expose system and network vulnerabilities and defend against them. Prerequisites There are no prerequisites for this course Audience System administrators, Network administrators and anyone who is interested in network security technologies. Duration Five Days

2 Course Content Fundamentals of Computer Network Key elements of network Nodes Logical Elements of Network Media Access Methods Automated Information Systems (AIS) Critical information characteristics Operations Security (OPSEC) Object reuse(computer security) Transmission Modes Network Topologies Network Protocols Application Layer Protocols Presentation Layer Protocol Session Layer Protocol Transport Layer Protocols Network Layer Protocols Data link Layer Protocol Hardening Physical Security Need for physical security Security Statistics Physical Security Breach Incidents Factors Affecting Physical Security Physical Security Threats Premises Security Electronic Physical Security Challenges in Ensuring Physical Security Mantrap Network Security Security awareness Functions of Network security administrator Communication Security (COMSEC) program or functional managers security office Transmission Security Legal Elements

3 Countermeasures: cover and deception Reporting security violations Security Standards Organizations Internet Corporation for Assigned Names and Numbers (ICANN) International Organization for Standardization (ISO) Consultative Committee For Telephone and Telegraphy (CCITT) International Telecommunication Union (ITU) American National Standards Institute(ANSI) Institute Of Electronics and Electrical Engineers(IEEE) Electronic Industries Association National Center for Standards and Certification Information (NIST) World Wide Web Consortium (W3C) Web Application Security Consortium (WASC) Security Standards Introduction to Internet Standards Standards Creation Committee Internet Standards Cabling Standards Specification Standards Security Policy Security Policy overview Concept of Security Policy Security Awareness Programs Vital role of a security policy Privacy and Confidentiality Security Levels Agency Specific AIS and Telecommunications Policies National Policy and Guidance Incident Handling and Escalation Procedures Security operations and life cycle management Compliance with Law and Policy Transborder encryption issues Points To Remember While Writing Security Policy Issue-specific Security Policy (ISSP) IEEE Standards Introduction to IEEE standards

4 IEEE LAN Protocol Specification Wireless Networking Standards Network Security Threats Vulnerability, Threats, and Attacks Common Vulnerabilities and Exposures Smurfing Hiding Evidence of an Attack Problems Detecting Network Attacks Network Scanning Tools Intrusion Detection System (IDS) and Intrusion Prevention Systems (IPS) Intrusion Detection Concepts Deployment of IDS Types of Signatures True/False-Positive/Negative Intrusion Prevention System IDS vs. IPS Intrusion Detection Checklist Firewalls Security features Firewall Operations Establishing Rules and Restrictions for your Firewall Firewall Configuration Strategies Scalability Firewall Architecture Handling threats and security tasks Protection against hacking Multi-layer firewall protection Firewall deployment strategies Specialty firewalls and Reverse firewalls Advantages and Disadvantages Firewall Log Analysis Comparison of Various Firewall Products Packet Filtering and Proxy Servers Application layer gateway Proxy servers

5 Bastion Host and Honeypots Securing Modems Modem Features Modem Security Modem Attacks and Risks Modem Failure Symptoms Troubleshooting Modems Troubleshooting Network A Troubleshooting Methodology Troubleshooting Network Devices Troubleshooting Wireless Devices TCP/IP Troubleshooting Utilities Hardening Routers Routing Metrics Multiple Routing Routing Algorithms Internet work Operating Systems (IOS) IP Routing Configuring IP and IP routing Configuration of Routers Finger Tool Disabling the auxiliary and closing extra interfaces BOOTp service TCP and UDP small servers Hardening a Router Filtering Network Traffic Access Control List Log System Error Messages Securing Routers Router Commands Routing Table Maintenance Protocol (RTMP) Components of router security Hardening Operating Systems BIOS security Windows Registry Resource Access Discretionary Access Control List (DACL)

6 Encryption File System Windows Network Security Kerberos Authentication And Domain Security Windows Certificate Authorities Desktop Management Network Information Services Patch Management The Patch Concept Patch testing Patch Monitoring and Management Consolidating Patches on Red hat Network Red Hat Up2date Patch Management Reporting Patch Management Windows Update Services Log Analysis Limitations of log files Monitoring for Intrusion and Security Event Log Analysis Log Security Application Security Application Threats and Counter Measures Web Applications System Life Cycle Management Telecommunications Systems Securing Communications Transmission security countermeasures Embedded Application Security (EMBASSY) Secure Coding Threat modeling Web Security Common Threats on Web 2.1. Identity theft Identifying Unauthorized Devices Restrictive Access Network Addresses Tracking the Connectivity

7 Testing the Traffic Filtering Devices Client Authorization Input Data Validation Browser Security Plug-ins Security Web Based Versus POP3 Installing WorkgroupMail Configuring Outlook Express Secure Security Risks Tools for Security Authentication: Encryption, Cryptography and Digital Signatures VeriSign Authentication Encryption Systems Cryptography Digital Signatures Key Management Protocols Virtual Private Networks and Remote Networking Tunneling VPN Security Wireless Network Security Wireless Technologies Wireless Communications Service Set IDentifier (SSID) Detecting Wireless Network Wireless Threats WLAN Management Wireless Auditing DHCP Services Trouble Shooting Wireless Network Creating Fault Tolerance Network Security Reasons for Network Failure

8 Reasons For System Failure Preventive Measures Incident Response Six Step Approach for Incident Handling (PICERF Methodology) Incident Response Team Disaster Recovery and Planning Backup Site Emergency Management Disaster Recovery Planning Security Planning Disaster Recovery Planning Team Business Process Inventory Risk Analysis Business Continuity Planning Process Emergency destruction procedures Disaster Prevention Network Vulnerability Assessment Vulnerability Assessment Personnel for Network Vulnerability Assessment Network vulnerability Assessment methodology