Course Title: Penetration Testing: Security Analysis

Size: px
Start display at page:

Download "Course Title: Penetration Testing: Security Analysis"

Transcription

1 Course Title: Penetration Testing: Security Analysis Page 1 of 9

2 Course Description: The Security Analyst Series from EC-Council Press is comprised of five books covering a broad base of topics in advanced penetration testing and information security analysis. The content of this program is designed to expose the reader to groundbreaking methodologies in conducting thorough information security analysis as well as advanced penetration testing techniques. Armed with the knowledge from the Security Analyst series, along with proper experience, readers will be able to perform the intensive assessments required to effectively identify and mitigate risks to the security of the organization's infrastructure. A recent Symantec State of Enterprise Security 2010 report states that ¾ of businesses have experienced a hacking attempt in the past year. The dearth of quality security analysts to thwart any security threats in a timely fashion is one of the major challenges facing organizations today. Organizations need to hire experts in the field of computer security infrastructure or have to train in house security administrators to fight IT security dangers if they are to stand any chance against hackers. EC-Council Certified Security Analyst (ECSA) complements the Certified Ethical Hacker (CEH) certification by exploring the analytical phase of ethical hacking. While CEH exposes the learner to hacking tools and technologies, ECSA takes it a step further by exploring how to analyze the outcome from these tools and technologies. Who Should Attend? Certificate Info Penetration Testing: Security Analysis This course will significantly benefit network server administrators, firewall administrators, security testers, system administrators, and risk assessment professionals. Course Duration: 2 days (9:00 5:00) CPE/ECE Qualification 16 ECE Credits awarded for attendance (1 for each classroom hour) Suggested Retail: $799 USD Page 2 of 9

3 Page 3 of 9

4 Required Courseware: Visit and click on Training Workshops for ordering details. What s included? Physical Courseware 1 year Access To EC-Council Student LMS for Practical Labs (if applicable), testing, and Certificate Course + Supplement Cost: See the Training Workshops section at for current pricing information. Related Certificates: Penetration Testing: Communication Media Testing Penetration Testing: Network Threat Testing Penetration Testing: Procedures & Methodologies Penetration Testing: Network & Perimeter Testing Page 4 of 9

5 Course Briefing: 1. The Need for Security Analysis This module gives us a picture about the information security of the world and the ever increasing security threats looming over us; it is concerned with the theft, fraud/forgery, unauthorized access, interception, or modification of the data. This module deals with the need for security analysis, various security concerns, what data should be protected, challenges to security, preventive steps to be taken, threat agents and risks, information security awareness, and security policies that are crucial for an organization and provision in law of various countries to deal with the information security related issues. 2. TCP/IP Packet Analysis TCP/IP provides a broad range of communication protocols for the various applications on the network; so knowledge of this technology and its security features is crucial in security analysis of a network. This module deals with TCP/IP model, comparison of OSI and TCP/IP models, processes involved in TCP operation, windowing of TCP/IP packets, TCP and UDP operation sequencing numbers, security issues and features of Internet protocol v6 (IPv6), Denial-of-Service (DoS) attacks, TCP and UDP port numbers, ICMP and ICMP control messages. 3. Advanced Sniffing Techniques This module familiarizes with various advanced sniffing techniques using the tool Wireshark. This module deals with the network protocol analyzer Wireshark, its features, IP display filters and commands such as Tshark, Tcpdump, Capinfos, Idl2wrs, Editcap, Mergecap, and Text2pcap, use of Wireshark for network troubleshooting and various scanning techniques, Wireshark DNP3 Dissector Infinite Loop Vulnerability, Timestamps, Packet Reassembling, and Checksums. 4. Vulnerability Analysis with Nessus Nessus is a client-server-based, open-source vulnerability scanner that provides a free, powerful, upto-date, and easy-to-use remote security scanner for business-critical enterprise devices and applications. This module will familiarize you with Nessus and its features, phases involved in Nessus assessment process, procedure in configuring Nessus, Nessus client, process for starting Nessus scan, Plug-in selection, types of plug-ins, identifying false positives, framework to write Nessus plug-ins, installing and running the plug-in, Nessus architecture and design, Nessus user community, Tenable Security Center, simplifying a security scan, wireless scanning for WAPs, and detecting WAPs using the Nessus vulnerability scanner. 5. Designing a DMZ DMZ is a computer host or small network inserted as a neutral zone between a company s private network and the outside public network. DMZ use has become a necessary method of providing a multilayered, defense-in-depth approach to security. Page 5 of 9

6 This module deals with the DMZ design fundamentals, designing DMZ using IPtables, designing wireless DMZ, designing DMZ specific to the operating systems such as Windows, Solaris, and Linux, best practices of DMZ router and switch, and six ways to stop the data leaks. 6. Snort Analysis Snort is a widely used, open-source, network-based intrusion detection system capable of performing real-time traffic analysis and packet logging on IP networks. It is used to perform protocol analysis and content matching to detect a variety of attacks and probes such as: buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and more. This module deals with Snort operation modes and its features, configuration of Snort for variables, preprocessors, output plug-ins, and rules, stream4 preprocessor and inline functionality, Snort rules which include Snort rule header and rule options, subscribing to the Snort rules and tools used for writing Snort rules. 7. Log Analysis Logs are used to keep track of the network, user activities, and services. This module deals with logs, events that need to be logged, log shipping, different techniques, and tools used for analyzing the logs such as Syslog, web server logs, wired router logs, wireless network devices logs, Windows logs, Unix logs, Linux logs, SQL server logs, Oracle logs, Solaris log files, VPN server logs, firewall logs, IDS logs, and DHCP logs, configuring NTP, use of log analysis and log alert tools. Course Outline: Chapter 1: The Need for Security Analysis Introduction to the Need for Security Analysis Security Concerns What Should Be Protected Reasons Intrusions Succeed Challenges to Security Preventative Steps Threat Agents Needs Assessment Questions How Much Security is Enough? Risk Information Security Awareness Security Policies U.S. Legislation U.K. Legislation Chapter 2: TCP/IP Packet Analysis Introduction to TCP/IP Packet Analysis TCP/IP Protocol Suite Page 6 of 9

7 TCP (Transmission Control Protocol) Internet Protocol (IP) Other Protocols Chapter 3: Advanced Sniffing Techniques Introduction to Advanced Sniffing Techniques Wireshark: Filters Protocol Dissection Steps to Solve GNU/Linux Server Network Connectivity Issues Network Troubleshooting Methodology Using Wireshark for System Administration Using Wireshark for Security Administration Wireless Sniffing with Wireshark Navigating Wireshark s Packet Details Window Scanning Remote-Access Trojans Wireshark DNP3 Dissector Infinite Loop Vulnerability Time Stamps Packet Reassembling Checksums Chapter 4: Vulnerability Analysis with Nessus Introduction to Vulnerability Analysis with Nessus Features of Nessus Nessus Assessment Process Deployment Requirements Configuring Nessus Updating Nessus Plug-Ins Using the Nessus Client Service Detection Vulnerability Fingerprinting DoS Testing False Positives Writing Nessus Plug-Ins Nessus Architecture and Design Nessus User Community Tenable Security Center Page 7 of 9

8 Managing Data Simplifying Scans Wireless Access Points (WAPs) Chapter 5: Designing a DMZ Introduction to Designing a DMZ DMZ Concepts DMZ Design Fundamentals Advanced Design Concepts DMZ Architecture Designing a DMZ Using IPtables Designing a Wireless DMZ Specific Operating System Design DMZ Router Security Best Practices DMZ Switch Security Best Practices Six Ways to Stop Data Leaks Chapter 6: Snort Analysis Introduction to Snort Analysis Modes of Operation Features of Snort Configuring Snort How Snort Works Content Matching The Stream4 Preprocessor Inline Functionality Writing Snort Rules Snort Tools Chapter 7: Log Analysis Introduction to Log Analysis Events That Must Be Logged What to Look For in Logs Automated Log Analysis Approaches Log Shipping Analyzing Syslog Analyzing Web Server Logs Analyzing Wired Router Logs Page 8 of 9

9 Analyzing Wireless Network Device Logs Analyzing Windows Logs Analyzing UNIX Logs Analyzing Linux Logs Analyzing SQL Server Logs Analyzing Oracle Logs Analyzing Solaris Log Files Analyzing VPN Server Logs Analyzing Firewall Logs Analyzing IDS Logs Analyzing DHCP Logs Network Time Protocol Log Analysis Tools Log Alert Tools Page 9 of 9

EC-Council Certified Security Analyst / License Penetration Tester (ECSA/LPT) v4.0 Bootcamp

EC-Council Certified Security Analyst / License Penetration Tester (ECSA/LPT) v4.0 Bootcamp EC-Council Certified Security Analyst / License Penetration Tester (ECSA/LPT) v4.0 Bootcamp ECSA/LPT is a security class like no other! Providing real world hands on experience, it is the only in-depth

More information

Course Title: Penetration Testing: Network Threat Testing, 1st Edition

Course Title: Penetration Testing: Network Threat Testing, 1st Edition Course Title: Penetration Testing: Network Threat Testing, 1st Edition Page 1 of 6 Course Description: The Security Analyst Series from EC-Council Press is comprised of five books covering a broad base

More information

Course Title: Penetration Testing: Network & Perimeter Testing

Course Title: Penetration Testing: Network & Perimeter Testing Course Title: Penetration Testing: Network & Perimeter Testing Page 1 of 7 Course Description: The Security Analyst Series from EC-Council Press is comprised of five books covering a broad base of topics

More information

Course Title: Penetration Testing: Communication Media Testing, 1st Edition

Course Title: Penetration Testing: Communication Media Testing, 1st Edition Course Title: Penetration Testing: Communication Media Testing, 1st Edition Page 1 of 6 Course Description: The Security Analyst Series from EC-Council Press is comprised of five books covering a broad

More information

Course Title Penetration Testing: Procedures & Methodologies

Course Title Penetration Testing: Procedures & Methodologies Course Title Penetration Testing: Procedures & Methodologies Page 1 of 9 Course Description: The Security Analyst Series from EC-Council Press is comprised of five books covering a broad base of topics

More information

EC-Council Certified Security Analyst (ECSA)

EC-Council Certified Security Analyst (ECSA) EC-Council Certified Security Analyst (ECSA) v8 Eğitim Tipi ve Süresi: 5 Days VILT 5 Day VILT EC-Council Certified Security Analyst (ECSA) v8 Learn penetration testing methodologies while preparing for

More information

Using Nessus to Detect Wireless Access Points. March 6, 2015 (Revision 4)

Using Nessus to Detect Wireless Access Points. March 6, 2015 (Revision 4) Using Nessus to Detect Wireless Access Points March 6, 2015 (Revision 4) Table of Contents Introduction... 3 Why Detect Wireless Access Points?... 3 Wireless Scanning for WAPs... 4 Detecting WAPs using

More information

Intrusion Detection Systems (IDS)

Intrusion Detection Systems (IDS) Intrusion Detection Systems (IDS) What are They and How do They Work? By Wayne T Work Security Gauntlet Consulting 56 Applewood Lane Naugatuck, CT 06770 203.217.5004 Page 1 6/12/2003 1. Introduction Intrusion

More information

Hackers are here. Where are you?

Hackers are here. Where are you? 1 2 What is EC-Council Certified Security Analyst Licensed Penetration Tester Program You are an ethical hacker. Your last name is Pwned. You dream about enumeration and you can scan networks in your sleep.

More information

NETWORK SECURITY (W/LAB) Course Syllabus

NETWORK SECURITY (W/LAB) Course Syllabus 6111 E. Skelly Drive P. O. Box 477200 Tulsa, OK 74147-7200 NETWORK SECURITY (W/LAB) Course Syllabus Course Number: NTWK-0008 OHLAP Credit: Yes OCAS Code: 8131 Course Length: 130 Hours Career Cluster: Information

More information

CS2107 Introduction to Information and System Security (Slid. (Slide set 8)

CS2107 Introduction to Information and System Security (Slid. (Slide set 8) Networks, the Internet Tool support CS2107 Introduction to Information and System Security (Slide set 8) National University of Singapore School of Computing July, 2015 CS2107 Introduction to Information

More information

Linux Network Security

Linux Network Security Linux Network Security Course ID SEC220 Course Description This extremely popular class focuses on network security, and makes an excellent companion class to the GL550: Host Security course. Protocols

More information

Network Defense Tools

Network Defense Tools Network Defense Tools Prepared by Vanjara Ravikant Thakkarbhai Engineering College, Godhra-Tuwa +91-94291-77234 www.cebirds.in, www.facebook.com/cebirds ravikantvanjara@gmail.com What is Firewall? A firewall

More information

Network Security. Tampere Seminar 23rd October 2008. Overview Switch Security Firewalls Conclusion

Network Security. Tampere Seminar 23rd October 2008. Overview Switch Security Firewalls Conclusion Network Security Tampere Seminar 23rd October 2008 1 Copyright 2008 Hirschmann 2008 Hirschmann Automation and and Control GmbH. Contents Overview Switch Security Firewalls Conclusion 2 Copyright 2008 Hirschmann

More information

Hackers are here. Where are you?

Hackers are here. Where are you? 1 2 What is EC-Council Certified Security Analyst Licensed Penetration Tester Program You are an ethical hacker. Your last name is Pwned. You dream about enumeration and you can scan networks in your sleep.

More information

ITEC441- IS Security. Chapter 15 Performing a Penetration Test

ITEC441- IS Security. Chapter 15 Performing a Penetration Test 1 ITEC441- IS Security Chapter 15 Performing a Penetration Test The PenTest A penetration test (pentest) simulates methods that intruders use to gain unauthorized access to an organization s network and

More information

Network Traffic and Security Analysis

Network Traffic and Security Analysis Network Traffic and Security Analysis 5-Day Course Syllabus December 2010 Course Description This 4.5 day course offers hands-on training in network traffic security analysis and network forensics. This

More information

Intrusion Detection System Based Network Using SNORT Signatures And WINPCAP

Intrusion Detection System Based Network Using SNORT Signatures And WINPCAP Intrusion Detection System Based Network Using SNORT Signatures And WINPCAP Aakanksha Vijay M.tech, Department of Computer Science Suresh Gyan Vihar University Jaipur, India Mrs Savita Shiwani Head Of

More information

Course Title: Disaster Recovery, 1st Edition

Course Title: Disaster Recovery, 1st Edition Course Title: Disaster Recovery, 1st Edition Page 1 of 8 Course Description: The DISASTER RECOVERY/VIRTUALIZATION SECURITY SERIES is comprised of two books that are designed to fortify disaster recovery

More information

Training Course ECSA/LPT

Training Course ECSA/LPT Brochure More information from http://www.researchandmarkets.com/reports/2226534/ Training Course ECSA/LPT Description: The EC-Council ECSA/LPT EC-Council Certified Security Analyst/ Licensed Penetration

More information

Troubleshooting TCP/IP Networks with Wireshark Duration: 5 Days

Troubleshooting TCP/IP Networks with Wireshark Duration: 5 Days Troubleshooting TCP/IP Networks with Wireshark Duration: 5 Days Description In this hands-on course, you will receive in-depth training on Wireshark and TCP/IP communications analysis. You will learn to

More information

Networking: EC Council Network Security Administrator NSA

Networking: EC Council Network Security Administrator NSA coursemonster.com/uk Networking: EC Council Network Security Administrator NSA View training dates» Overview The EC-Council's NSA certification looks at network security from a defensive view. The NSA

More information

CompTIA Network+ (Exam N10-005)

CompTIA Network+ (Exam N10-005) CompTIA Network+ (Exam N10-005) Length: Location: Language(s): Audience(s): Level: Vendor: Type: Delivery Method: 5 Days 182, Broadway, Newmarket, Auckland English, Entry Level IT Professionals Intermediate

More information

CYBER ATTACKS EXPLAINED: PACKET CRAFTING

CYBER ATTACKS EXPLAINED: PACKET CRAFTING CYBER ATTACKS EXPLAINED: PACKET CRAFTING Protect your FOSS-based IT infrastructure from packet crafting by learning more about it. In the previous articles in this series, we explored common infrastructure

More information

Port Scanning and Vulnerability Assessment. ECE4893 Internetwork Security Georgia Institute of Technology

Port Scanning and Vulnerability Assessment. ECE4893 Internetwork Security Georgia Institute of Technology Port Scanning and Vulnerability Assessment ECE4893 Internetwork Security Georgia Institute of Technology Agenda Reconnaissance Scanning Network Mapping OS detection Vulnerability assessment Reconnaissance

More information

Troubleshooting TCP/IP Networks with Wireshark

Troubleshooting TCP/IP Networks with Wireshark Troubleshooting TCP/IP Networks with Wireshark Course WIRE-1 5 Days Instructor-led, Hands-on Introduction In this hands-on course, you will receive in-depth training on Wireshark and TCP/IP communications

More information

SANS Top 20 Critical Controls for Effective Cyber Defense

SANS Top 20 Critical Controls for Effective Cyber Defense WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a

More information

Course Title: Virtualization Security, 1st Edition

Course Title: Virtualization Security, 1st Edition Course Title: Virtualization Security, 1st Edition Page 1 of 7 Virtualization Security Copyright by EC-Council Press Course Description: The DISASTER RECOVERY/VIRTUALIZATION SECURITY SERIES is comprised

More information

Analyze. Secure. Defend. Do you hold ECSA credential?

Analyze. Secure. Defend. Do you hold ECSA credential? 1 Analyze. Secure. Defend. Do you hold ECSA credential? TM E C S A EC-Council Certified Security Analyst 1 EC-Council Cyber Security Professional Path Threat Agent Application of Methodology So You Can

More information

Chapter 9 Firewalls and Intrusion Prevention Systems

Chapter 9 Firewalls and Intrusion Prevention Systems Chapter 9 Firewalls and Intrusion Prevention Systems connectivity is essential However it creates a threat Effective means of protecting LANs Inserted between the premises network and the to establish

More information

Network Security Administrator

Network Security Administrator Network Security Administrator Course ID ECC600 Course Description This course looks at the network security in defensive view. The ENSA program is designed to provide fundamental skills needed to analyze

More information

[CEH]: Ethical Hacking and Countermeasures

[CEH]: Ethical Hacking and Countermeasures [CEH]: Ethical Hacking and Countermeasures Length Audience(s) Delivery Method : 5 days : This course will significantly benefit security officers, auditors, security professionals, site administrators,

More information

Course Outline: 6435- Designing a Windows Server 2008 Network Infrastructure

Course Outline: 6435- Designing a Windows Server 2008 Network Infrastructure Course Outline: 6435- Designing a Network Infrastructure Learning Method: Instructor-led Classroom Learning Duration: 5.00 Day(s)/ 40 hrs Overview: This five-day course will provide students with an understanding

More information

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus National Cyber League Certified Ethical Hacker (CEH) TM Syllabus Note to Faculty This NCL Syllabus is intended as a supplement to courses that are based on the EC- Council Certified Ethical Hacker TM (CEHv8)

More information

Introduction to Network Systems Lesson Objectives

Introduction to Network Systems Lesson Objectives Unit 1: NETWORKING FUNDAMENTALS Networking Concepts Identify what every network needs. Explain what networks are and how they work. Differentiate between Peer-to-Peer and Client/Server architecture. Explain

More information

Norton Personal Firewall for Macintosh

Norton Personal Firewall for Macintosh Norton Personal Firewall for Macintosh Evaluation Guide Firewall Protection for Client Computers Corporate firewalls, while providing an excellent level of security, are not always enough protection for

More information

Hack and Defend. Course ID SEC200. Course Description

Hack and Defend. Course ID SEC200. Course Description Hack and Defend Course ID SEC200 Course Description This 5-day course reveals the tools and techniques used in common by hackers to attack, and by system administrators to hack-proof their networks. Hundreds

More information

Blended Security Assessments

Blended Security Assessments Blended Security Assessments Combining Active, Passive and Host Assessment Techniques October 12, 2009 (Revision 9) Renaud Deraison Director of Research Ron Gula Chief Technology Officer Table of Contents

More information

Information Technology Career Cluster Introduction to Cybersecurity Course Number: 11.48100

Information Technology Career Cluster Introduction to Cybersecurity Course Number: 11.48100 Information Technology Career Cluster Introduction to Cybersecurity Course Number: 11.48100 Course Description: Introduction to Cybersecurity is designed to provide students the basic concepts and terminology

More information

Network Security and Firewall 1

Network Security and Firewall 1 Department/program: Networking Course Code: CPT 224 Contact Hours: 96 Subject/Course WEB Access & Network Security: Theoretical: 2 Hours/week Year Two Semester: Two Prerequisite: NET304 Practical: 4 Hours/week

More information

Security Testing in Critical Systems

Security Testing in Critical Systems Security Testing in Critical Systems An Ethical Hacker s View Peter Wood Chief Executive Officer First Base Technologies Who is Peter Wood? Worked in computers & electronics since 1969 Founded First Base

More information

Description: Objective: Attending students will learn:

Description: Objective: Attending students will learn: Course: Introduction to Cyber Security Duration: 5 Day Hands-On Lab & Lecture Course Price: $ 3,495.00 Description: In 2014 the world has continued to watch as breach after breach results in millions of

More information

Overview. Firewall Security. Perimeter Security Devices. Routers

Overview. Firewall Security. Perimeter Security Devices. Routers Overview Firewall Security Chapter 8 Perimeter Security Devices H/W vs. S/W Packet Filtering vs. Stateful Inspection Firewall Topologies Firewall Rulebases Lecturer: Pei-yih Ting 1 2 Perimeter Security

More information

FIREWALLS & CBAC. philip.heimer@hh.se

FIREWALLS & CBAC. philip.heimer@hh.se FIREWALLS & CBAC philip.heimer@hh.se Implementing a Firewall Personal software firewall a software that is installed on a single PC to protect only that PC All-in-one firewall can be a single device that

More information

Troubleshooting TCP/IP Networks with Wireshark

Troubleshooting TCP/IP Networks with Wireshark Troubleshooting TCP/IP Networks with Wireshark Eğitim Tipi ve Süresi: 5 Days VILT Troubleshooting TCP/IP Networks with Wireshark Learn to use Wireshark to troubleshoot TCP/IP networks while preparing for

More information

Vulnerability Assessment Using Nessus

Vulnerability Assessment Using Nessus Vulnerability Assessment Using Nessus Paul Asadoorian, GCIA, GCIH Network Security Engineer Brown University Paul_Asadoorian@brown.edu Overview Introduction to Nessus Nessus Architecture Nessus in Action

More information

BUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports

BUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports BUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports Building a Security Operation Center Agenda: Auditing Your Network Environment Selecting Effective Security

More information

Description: Course Details:

Description: Course Details: Course: Malicious Network Traffic Analysis Duration: 5 Day Hands-On Lab & Lecture Course Price: $ 3,495.00 Description: There are a tremendous amount of network based attacks to be aware of on the internet

More information

Certified Ethical Hacker (CEH) Ethical Hacking & Counter Measures Course 9962; 5 Days, Instructor-Led

Certified Ethical Hacker (CEH) Ethical Hacking & Counter Measures Course 9962; 5 Days, Instructor-Led Certified Ethical Hacker (CEH) Ethical Hacking & Counter Measures Course 9962; 5 Days, Instructor-Led Course Description This class will immerse the student into an interactive environment where they will

More information

Threat Center. Real-time multi-level threat detection, analysis, and automated remediation

Threat Center. Real-time multi-level threat detection, analysis, and automated remediation Threat Center Real-time multi-level threat detection, analysis, and automated remediation Description Advanced targeted and persistent threats can easily evade standard security, software vulnerabilities

More information

CH ENSA EC-Council Network Security Administrator Detailed Course Outline

CH ENSA EC-Council Network Security Administrator Detailed Course Outline CH ENSA EC-Council Network Security Administrator Detailed Course Outline Summary Duration Vendor Audience 5 Days hands-on training EC-Council Security Professionals Level Technology Category Advance Ethical

More information

Certified Ethical Hacker (CEH)

Certified Ethical Hacker (CEH) Certified Ethical Hacker (CEH) Course Number: CEH Length: 5 Day(s) Certification Exam This course will help you prepare for the following exams: Exam 312 50: Certified Ethical Hacker Course Overview The

More information

Malicious Network Traffic Analysis

Malicious Network Traffic Analysis Malicious Network Traffic Analysis Uncover system intrusions by identifying malicious network activity. There are a tremendous amount of network based attacks to be aware of on the internet today and the

More information

Microsoft Technologies

Microsoft Technologies NETWORK ENGINEERING TRACK Microsoft Technologies QUARTER 1 DESKTOP APPLICATIONS - ESSENTIALS Module 1 - Office Applications This subject enables users to acquire the necessary knowledge and skills to use

More information

8. Firewall Design & Implementation

8. Firewall Design & Implementation DMZ Networks The most common firewall environment implementation is known as a DMZ, or DeMilitarized Zone network. A DMZ network is created out of a network connecting two firewalls; i.e., when two or

More information

Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks

Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks Dale Peterson Director, Network Security Practice Digital Bond, Inc. 1580 Sawgrass Corporate Parkway, Suite 130 Sunrise, FL 33323

More information

Computer Network Engineering

Computer Network Engineering 226 Computer Network Engineering Computer Network Engineering Degrees, Certificates and Awards Associate in Science: Computer Network Engineering Certificate of Achievement: Computer Network Engineering

More information

CompTIA Network+ N Official Cert Guide Mapping Guide to CompTIA Network+ Simulator Labs

CompTIA Network+ N Official Cert Guide Mapping Guide to CompTIA Network+ Simulator Labs CompTIA Network+ N10 005 Official Cert Guide Mapping Guide to CompTIA Network+ Simulator Labs Domain 1.0: Network Concepts 1.1 Compare the layers of the OSI and TCP/IP Models TCP/IP Model Layer Matching

More information

Intrusion Detection Systems and Supporting Tools. Ian Welch NWEN 405 Week 12

Intrusion Detection Systems and Supporting Tools. Ian Welch NWEN 405 Week 12 Intrusion Detection Systems and Supporting Tools Ian Welch NWEN 405 Week 12 IDS CONCEPTS Firewalls. Intrusion detection systems. Anderson publishes paper outlining security problems 1972 DNS created 1984

More information

Network Forensics: Log Analysis

Network Forensics: Log Analysis Network Forensics: Analysis Richard Baskerville Agenda P Terms & -based Tracing P Application Layer Analysis P Lower Layer Analysis Georgia State University 1 2 Two Important Terms PPromiscuous Mode

More information

Understanding Cisco Cybersecurity Fundamentals ( )

Understanding Cisco Cybersecurity Fundamentals ( ) Understanding Cisco Cybersecurity Fundamentals (210-250) Exam Description: The Understanding Cisco Cybersecurity Fundamentals (SECFND) exam (210-250) is a 90-minute, 60 70 question assessment that is associated

More information

Lumeta IPsonar. Active Network Discovery, Mapping and Leak Detection for Large Distributed, Highly Complex & Sensitive Enterprise Networks

Lumeta IPsonar. Active Network Discovery, Mapping and Leak Detection for Large Distributed, Highly Complex & Sensitive Enterprise Networks IPsonar provides visibility into every IP asset, host, node, and connection on the network, performing an active probe and mapping everything that's on the network, resulting in a comprehensive view of

More information

EC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led

EC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led EC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led Certification: ENSA Exam 312-38 Course Description This course looks at the network security in defensive view.

More information

Network/Internet Forensic and Intrusion Log Analysis

Network/Internet Forensic and Intrusion Log Analysis Course Introduction Enterprises all over the globe are compromised remotely by malicious hackers each day. Credit card numbers, proprietary information, account usernames and passwords, and a wealth of

More information

Network Security Management

Network Security Management Network Security Management TWNIC 2003 Objective Have an overview concept on network security management. Learn how to use NIDS and firewall technologies to secure our networks. 1 Outline Network Security

More information

Network Technologies

Network Technologies Network Technologies Career Cluster Information Technology Course Code 10101 Prerequisite(s) Introduction To Information Technology Careers (Recommended), Computer Applications (Recommended), Computer

More information

TestOut Network Pro English 4.0.x

TestOut Network Pro English 4.0.x x TestOut Network Pro English 4.0.x Videos: 141 (18:44:06) Demonstrations: 81 (10:47:01) Simulations: 92 Fact Sheets: 142 Exams: 101 CONTENTS: 0.0 INTRODUCTION 0.1 Using the Simulator 0.1.1 Using the Simulator

More information

PND at a glance: The World s Premier Online Practical Network Defense course. Self-paced, online, flexible access

PND at a glance: The World s Premier Online Practical Network Defense course. Self-paced, online, flexible access The World s Premier Online Practical Network Defense course PND at a glance: Self-paced, online, flexible access 1500+ interactive slides (PDF, HTML5 and Flash) 7+ hours of video material 10 virtual labs

More information

COURSE OUTLINE: OD10967A Fundamentals of a Windows Server Infrastructure

COURSE OUTLINE: OD10967A Fundamentals of a Windows Server Infrastructure Course Name OD10967A Fundamentals of a Windows Server Infrastructure Course Duration 2 Days Course Structure Online Course Overview Learn the fundamental knowledge and skills that you need to build a Windows

More information

10 Configuring Packet Filtering and Routing Rules

10 Configuring Packet Filtering and Routing Rules Blind Folio 10:1 10 Configuring Packet Filtering and Routing Rules CERTIFICATION OBJECTIVES 10.01 Understanding Packet Filtering and Routing 10.02 Creating and Managing Packet Filtering 10.03 Configuring

More information

Networking with Windows Server

Networking with Windows Server Networking with Windows Server Course 10970-5 Days - Instructor-led, Hands-on Introduction This 5-day Microsoft Official Course. You will learn the skills you need to help reduce networking complexity

More information

Security Event Management. February 7, 2007 (Revision 5)

Security Event Management. February 7, 2007 (Revision 5) Security Event Management February 7, 2007 (Revision 5) Table of Contents TABLE OF CONTENTS... 2 INTRODUCTION... 3 CRITICAL EVENT DETECTION... 3 LOG ANALYSIS, REPORTING AND STORAGE... 7 LOWER TOTAL COST

More information

EC-Council Certified Security Analyst (ECSA)

EC-Council Certified Security Analyst (ECSA) Page 1 Certified Security Analyst (ECSA) Page 2 Introduction Certified Security Analyst (ECSA) complements the Certified Ethical Hacker (CEH) certification by exploring the analytical phase of ethical

More information

Security Mgt. Tools and Subsystems

Security Mgt. Tools and Subsystems Security Mgt. Tools and Subsystems some attack and defense security tools at work Reconaissance Passive Active Penetration Classes of tools (network-bound) Passive Reconaissance Passively listen and analyze

More information

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities Learning Objectives Name the common categories of vulnerabilities Discuss common system

More information

Computer Security and Penetration Testing

Computer Security and Penetration Testing Computer Security and Penetration Testing Objectives Comprehend the functioning of scanners Trace the development of scanners Identify various types of scanning Identify different scanners 2 Scanning Tools

More information

May 11, 2011. (Revision 10)

May 11, 2011. (Revision 10) Blended Security Assessments Combining Active, Passive and Host Assessment Techniques May 11, 2011 (Revision 10) Renaud Deraison Director of Research Ron Gula Chief Technology Officer Copyright 2011. Tenable

More information

[MS20741]: Networking with Windows Server 2016

[MS20741]: Networking with Windows Server 2016 [MS20741]: Networking with Windows Server 2016 Length : 5 Days Audience(s) : IT Professionals Level : 200 Technology : Windows Server Delivery Method : Instructor-led (Classroom) Course Overview This 5-day

More information

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design Learning Objectives Identify common misconceptions about firewalls Explain why a firewall

More information

Which of the following network tools would provide the information on what an attacker is doing to compromise a system? a. Proxy server b.

Which of the following network tools would provide the information on what an attacker is doing to compromise a system? a. Proxy server b. An administrator is trying to secure a network from threats originating outside the network. Which of the following devices provides protection for the DMZ from attacks launched from the Internet? a. Antivirus

More information

IntruPro TM IPS. Inline Intrusion Prevention. White Paper

IntruPro TM IPS. Inline Intrusion Prevention. White Paper IntruPro TM IPS Inline Intrusion Prevention White Paper White Paper Inline Intrusion Prevention Introduction Enterprises are increasingly looking at tools that detect network security breaches and alert

More information

Fundamentals of a Windows Server Infrastructure MOC 10967

Fundamentals of a Windows Server Infrastructure MOC 10967 Fundamentals of a Windows Server Infrastructure MOC 10967 Course Outline Module 1: Installing and Configuring Windows Server 2012 This module explains how the Windows Server 2012 editions, installation

More information

Information Security. Training

Information Security. Training Information Security Training Importance of Information Security Training There is only one way to keep your product plans safe and that is by having a trained, aware and a conscientious workforce. - Kevin

More information

Introduction of Intrusion Detection Systems

Introduction of Intrusion Detection Systems Introduction of Intrusion Detection Systems Why IDS? Inspects all inbound and outbound network activity and identifies a network or system attack from someone attempting to compromise a system. Detection:

More information

CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention. Spring 2013

CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention. Spring 2013 CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access

More information

Security principles Firewalls and NAT

Security principles Firewalls and NAT Security principles Firewalls and NAT These materials are licensed under the Creative Commons Attribution-Noncommercial 3.0 Unported license (http://creativecommons.org/licenses/by-nc/3.0/) Host vs Network

More information

P Principles of Network Forensics P Terms & Log-based Tracing P Application Layer Log Analysis P Lower Layer Log Analysis

P Principles of Network Forensics P Terms & Log-based Tracing P Application Layer Log Analysis P Lower Layer Log Analysis Agenda Richard Baskerville P Principles of P Terms & -based Tracing P Application Layer Analysis P Lower Layer Analysis Georgia State University 1 2 Principles Kim, et al (2004) A fuzzy expert system for

More information

information security and its Describe what drives the need for information security.

information security and its Describe what drives the need for information security. Computer Information Systems (Forensics Classes) Objectives for Course Challenges CIS 200 Intro to Info Security: Includes managerial and Describe information security and its critical role in business.

More information

Intrusion Detection in AlienVault

Intrusion Detection in AlienVault Complete. Simple. Affordable Copyright 2014 AlienVault. All rights reserved. AlienVault, AlienVault Unified Security Management, AlienVault USM, AlienVault Open Threat Exchange, AlienVault OTX, Open Threat

More information

Open Source Security Tool Overview

Open Source Security Tool Overview Open Source Security Tool Overview Presented by Kitch Spicer & Douglas Couch Security Engineers for ITaP 1 Introduction Vulnerability Testing Network Security Passive Network Detection Firewalls Anti-virus/Anti-malware

More information

CRYPTUS DIPLOMA IN IT SECURITY

CRYPTUS DIPLOMA IN IT SECURITY CRYPTUS DIPLOMA IN IT SECURITY 6 MONTHS OF TRAINING ON ETHICAL HACKING & INFORMATION SECURITY COURSE NAME: CRYPTUS 6 MONTHS DIPLOMA IN IT SECURITY Course Description This is the Ethical hacking & Information

More information

PROFESSIONAL SECURITY SYSTEMS

PROFESSIONAL SECURITY SYSTEMS PROFESSIONAL SECURITY SYSTEMS Security policy, active protection against network attacks and management of IDP Introduction Intrusion Detection and Prevention (IDP ) is a new generation of network security

More information

NETASQ & PCI DSS. Is NETASQ compatible with PCI DSS? NG Firewall version 9

NETASQ & PCI DSS. Is NETASQ compatible with PCI DSS? NG Firewall version 9 NETASQ & PCI DSS Is NETASQ compatible with PCI DSS? We have often been asked this question. Unfortunately, even the best firewall is but an element in the process of PCI DSS certification. This document

More information

SOUTHERN POLYTECHNIC STATE UNIVERSITY. Snort and Wireshark. IT-6873 Lab Manual Exercises. Lucas Varner and Trevor Lewis Fall 2013

SOUTHERN POLYTECHNIC STATE UNIVERSITY. Snort and Wireshark. IT-6873 Lab Manual Exercises. Lucas Varner and Trevor Lewis Fall 2013 SOUTHERN POLYTECHNIC STATE UNIVERSITY Snort and Wireshark IT-6873 Lab Manual Exercises Lucas Varner and Trevor Lewis Fall 2013 This document contains instruction manuals for using the tools Wireshark and

More information

An Analysis of Packet Fragmentation Attacks vs. Snort Intrusion Detection System

An Analysis of Packet Fragmentation Attacks vs. Snort Intrusion Detection System An Analysis of Packet Fragmentation Attacks vs. Snort Intrusion Detection System Tian Fu and Te-Shun Chou Department of Technology Systems, East Carolina University Greenville, NC, U.S.A. Abstract. When

More information

Firewalls (IPTABLES)

Firewalls (IPTABLES) Firewalls (IPTABLES) Objectives Understand the technical essentials of firewalls. Realize the limitations and capabilities of firewalls. To be familiar with iptables firewall. Introduction: In the context

More information

IDS and Penetration Testing Lab ISA 674

IDS and Penetration Testing Lab ISA 674 IDS and Penetration Testing Lab ISA 674 Ethics Statement Network Security Student Certification and Agreement I,, hereby certify that I read the following: University Policy Number 1301: Responsible Use

More information

SIP Intrusion Detection and Prevention: Recommendations and Prototype

SIP Intrusion Detection and Prevention: Recommendations and Prototype SIP Intrusion Detection and Prevention: Recommendations and Prototype Saverio Niccolini NEC Europe Ltd., Network Laboratories saverio.niccolini@netlab.nec.de Security Threats VoIP protocols (like SIP)

More information

PROTECTING INFORMATION SYSTEMS WITH FIREWALLS: REVISED GUIDELINES ON FIREWALL TECHNOLOGIES AND POLICIES

PROTECTING INFORMATION SYSTEMS WITH FIREWALLS: REVISED GUIDELINES ON FIREWALL TECHNOLOGIES AND POLICIES PROTECTING INFORMATION SYSTEMS WITH FIREWALLS: REVISED GUIDELINES ON FIREWALL TECHNOLOGIES AND POLICIES Shirley Radack, Editor Computer Security Division Information Technology Laboratory National Institute

More information

Name. Description. Rationale

Name. Description. Rationale Complliiance Componentt Description DEEFFI INITION Network-Based Intrusion Detection Systems (NIDS) Network-Based Intrusion Detection Systems (NIDS) detect attacks by capturing and analyzing network traffic.

More information