Certified Security Leadership Officer

Transcription

1 Cyber Security Training & Consulting Certified Security COURSE OVERVIEW 5 Days 40 CPE Credits $3,000 The Certified Security course is designed to give management an essential understanding of current security issues, best practices, and technology. Because a C)SLO understands security, he or she is prepared to manage the security component of a business and its information technology security projects. A C)SLO can be seen as the bridge between those who understand security and those who don t. These skills can be put to use the day the a C)SLO returns to work. Essentials topics covered in this management track include: Network Fundamentals and Applications, Hardware Architecture, Information Assurance Foundations, Computer Security Policies, Contingency and Continuity Planning, Business Impact Analysis, Incident Handling, Architectural Approaches to Defense in Depth, Cyber Attacks, Vulnerability Assessment and Management, Security Policies, Web Security, Offensive and Defensive Information Warfare, culminating with Management Practicum. UPON COMPLETION C)SLO TRACK Professional Roles: Information Systems Professional Security Consultant Chief Information IT Professional Prerequisites: C)ISSO: Information Systems Security Or equivalent experience C)SLO Exam: 2 Hours 100 Questions $300 USD Purchase on mile2.com Accreditations: NSA CNSSI-4014: Information Assurance Training Standard for Information Systems Security s Students will: Have knowledge to understand current security issues Have knowledge to manage security component of projects Be ready to sit for the C)SLO exam. COURSE CONTENT Module 1: Wireless Networks Module 2: Access Control Module 3: Computer Forensics and Legalities Module 4: Cryptography Applications Module 5: Cryptography Algorithms and Concepts Module 6: Key Management Module 7: Cryptosystems Module 8: Digital Acquisition Module 9: DNS Module 10: Disaster Recovery and Business Continuity Planning Module 11: Endpoint Security Module 12: Honeypots, Honeynets, Honeytokens, Tarpits, oh my Module 13: IP Terms and Concepts Module 14: Logging Module 15: Malicious Software Module 16: Managing Security Policy Module 17: Methods of Attack Module 18: Mitnick-Shimomura Module 19: Physical Security Module 20: Risk Management & Security Module 21: Security and Organizational Structure Module 22: Security Awareness Module 23: Steganography Module 24: The Intelligent Network - Unified Threat Management (UTM) Module 25: Network Infrastructure Module 26: Vulnerability Assessment Outside View Module 27: Vulnerability Management inside view Module 28: Vulnerability Management- User View Module 29: Web Communications Module 30: Wireless Advantages and Bluetooth

2 Page No. 2 EXAM INFORMATION The Certified Security exam is taken online through Mile2 s Assessment and Certification System ( MACS ), which is accessible on your mile2.com account. The exam will take 2 hours and consist of 100 multiple choice questions. The cost is $300 USD and must be purchased from Mile2.com. ACCREDITORS NATIONAL INITIATIVE FOR CYBER SECURITY CAREERS AND STUDIES NSA S COMMITTEE ON NATIONAL SECURITY SYSTEMS NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY

3 Page No. 3 DETAILED MODULE DESCRIPTION Module 1 Wireless Networks Overview Airborne Viruses Types of Wireless Standards Comparison Wireless Network Topologies SSID (Service Set Identity) Wireless Technologies Service Set ID Securing and Protecting Wireless Best Practices Typical Wired/Wireless Network 802.1X: EAP Types EAP Advantages/Disadvantages EAP/TLS Deployment New Age Protection New Age Protection Wireless Security Technologies MAC Filtering Wired Equivalent Privacy Wireless Technologies WEP XOR - Basics How WPA improves on WEP How WPA improves on WEP TKIP i - WPA2 WPA and WPA2 Mode Types WPA-PSK Encryption LEAP Wireless Security Weaknesses Weak IV Packets WEP Weaknesses The WPA MIC Vulnerability LEAP Weaknesses Wireless Threats NetStumbler Tool: Kismet Analysis Tool: OmniPeek Personal Omni Peek Console Tool: Aircrack-ng Suite Tool: Airodump-ng Tool: Aireplay DOS: Deauth/disassociate attack Tool: Aircrack Aircrack for Windows Attacking WEP Attacking WPA cowpatty Exploiting Cisco LEAP asleap WiFiZoo Wesside-ng Review Module 2 - Access Control Role of Access Control Layers of Access Control Access Control Mechanism Examples Access Control Characteristics Preventive Control Types Control Combinations Models for Access Discretionary Access Control Model Enforcing a DAC Policy Mandatory Access Control Model MAC Enforcement Mechanism Labels Where Are They Used? MAC Versus DAC Role-Based Access Control (RBAC) Acquiring Rights and Permissions Rule-Based Access Control Access Control Matrix Access Control Administration Access Control Mechanisms in Use Today Strong Authentication Memory Cards Smart Card Administrating Access Control Accountability and Access Control Trusted Path Access Criteria Fraud Controls Thin Clients Administrative Controls Controlling Access to Sensitive Data Other Ways of Controlling Access Technical Access Controls Physical Access Controls Accountability IDS Network IDS Sensors Types of IDSs Behavior-Based IDS IDS Response Mechanisms Trapping an Intruder Access Control Methods Remote Centralized Administration RADIUS Characteristics RADIUS TACACS+ Characteristics Diameter Characteristics Decentralized Access Control Administration

4 Biometrics Technology Biometrics Enrolment Process Downfalls to Biometric Use Biometrics Error Types Crossover Error Rate (CER) Biometric System Types Passwords Password Shoulds Password Attacks Countermeasures for Password Cracking Cognitive Passwords One-Time Password Authentication Synchronous Token Asynchronous Token Device Cryptographic Keys Passphrase Authentication Definitions More Definitions Single Sign-on Technology Different Technologies Scripts as a Single Sign-on Technology Directory Services as a Single Sign-on Technology Kerberos as a Single Sign-on Technology Kerberos Components Working Together More Components of Kerberos Kerberos Authentication Steps Tickets Why Go Through All of this Trouble? Issues Pertaining to Kerberos SESAME as a Single Sign-on Technology SESAME Steps for Authentication Module 3 - Computer Forensics and Legalities Lesson Objectives The Legal System State Law & Criminal Incidents Federal of laws US Title 18: Fraud Criminal Codes Case study: Criminal Incidents Case Study: Criminal Incidents Case study: Criminal Incidents Criminal Incidents International Legal Treaties and Orgs Civil Incidents Criminal Incidents Criminal Incidents Module 4 - Cryptography Applications Digital Certificates What Do You Do with a Certificate? Components of PKI Repository and CRLs PGP Digital Signatures - PGP IPSEC IPSec Network Layer Protection IPSec Key Management IPSec Handshaking Process IPSec Is a Suite of Protocols IPSec Modes of Operation IPSec PKI Public Key Infrastructure Why Do We Need a PKI? PKI and Its Components Let s Walk Through an Example Public Key Infrastructure Asymmetric Encryption Public Key Cryptography Advantages Symmetric versus Asymmetric SSL/TLS PPP VPN Site-to-Site VPN Others From Around the World Identity Theft and Social Media Module 5 - Cryptography Algorithms and Concepts Symmetric Cipher AES Crack Times Crypto and Password Recovery Concepts Crypto Attacks Caesar Cipher Example Polyalphabetic Substitution Ways of Breaking Cryptosystems Brute Force Attacks on Cryptosystems Encryption Cryptographic Definitions SSH Attack Vectors More Attacks (Cryptanalysis) Type of Symmetric Cipher Stream Cipher Characteristics of Strong Algorithms Block Cipher Modes CBC Implementation Block Cipher Modes CFB and OFB DES Symmetric Ciphers We Will Dive Into Symmetric Algorithm Examples Symmetric Algorithms DES Evolution of DES Different Modes of Block Ciphers ECB Other Symmetric Algorithms Symmetric Encryption Page No. 4

5 Symmetric Encryption Symmetric Downfalls Symmetric Algorithms SSL/TLS ECC Quantum Cryptography Asymmetric Algorithm Examples Asymmetric Algorithms We Will Dive Into Asymmetric Algorithm RSA U.S. Government Standard Asymmetric Encryption Module 6 - Key Management Using the Algorithm Types Together Hybrid Encryption Strength of a Cryptosystem Symmetric Key Management Issue Now What? Key Management IPSec Key Management Key Issues Within IPSec OPSEC OPSEC Types of Ciphers Used Today Type of Symmetric Cipher Block Cipher S-Boxes Used in Block Ciphers Type of Symmetric Cipher Stream Cipher Encryption Process Symmetric Characteristics Strength of a Stream Cipher Let s Dive in Deeper Block Cipher Modes CFB and OFB Implementation Attack Vectors More Attacks (Cryptanalysis) ROT - 13 ROT - 13 MD5 Collision Creates Rogue Certificate Authority SSL/TLS SSL Connection Setup SSL Hybrid Encryption SSH XOR Module 7- Cryptosystems Introduction Encryption Cryptographic Definitions Encryption Algorithm Implementation Hashing Common Hash Algorithms Birthday Attack Page No. 5 Example of a Birthday Attack Generic Hash Demo Instructor Demonstration Security Issues in Hashing Hash Collisions MD5 Collision Creates Rogue Certificate Authority Digital Signatures Asymmetric Encryption Public Key Cryptography Advantages Asymmetric Algorithm Disadvantages Asymmetric Algorithm Examples Symmetric Encryption Symmetric Encryption Symmetric Downfalls Symmetric Algorithms Crack Times Module 8 - Digital Acquisition Digital Acquisition Copy Original Digital Acquisition - Duplication Digital Acquisition Procedures DC3 Operations DCFL Terabytes, Time, & Totals Digital Forensic Analysis Tools Forensic Toolkit (FTK) EnCase I-Look Investigator ProDiscover DFT Module 9 - DNS Domain Name Registration Network Service DNS Countermeasure: DNS Zone Transfers Cache Poisoning What is DNS spoofing? Tools: DNS Spoofing Active Sniffing Methods ARP Cache Poisoning ARP Normal Operation ARP Cache Poisoning ARP Cache Poisoning (Linux) Countermeasures Cybersquatting Domain Hijacking Host Names Hierarchy Host Table Nslookup DNS Databases Using Nslookup Dig for Unix / Linux Protecting Domain Names

6 (Mis)Uses of Host Tables Security Module 10 - Disaster Recovery and Business Continuity Planning Business Continuity Objectives Pieces of the BCP Where Do We Start? Why Is BCP a Hard Sell to Management? Plan Development Delegated to a Committee BCP Risk Analysis How to Identify the Most Critical Company Functions Interdependencies Identifying Functions Resources How Long Can the Company Be Without These Resources? Preventative Measures What Items Need to Be Considered? Proper Planning Executive Succession Planning Identify Vulnerabilities and Threats Categories Loss Criteria Disk Shadowing Backing Up Over Telecommunication Serial Lines HSM SAN Co-Location Facility Backups Hot Site Facility Backups Warm Site Facility Backups Cold Site Compatibility Issues with Offsite Facility Which Do We Use? Choosing Offsite Services Subscription Costs Choosing Site Location Other Offsite Approaches Results from the BIA Now What? Priorities Plan Objectives Defining Roles Environment Operational Planning Preventive Measures Emergency Response Recovery Return to Normal Operations Reviewing Insurance When Is the Danger Over? Now What? Testing and Drills Types of Tests to Choose From What Is Success? BCP Plans Commonly and Quickly Become Out of Date Phases of Plan Who Is Ready? Review Module 11 - Endpoint Security 3rd Party Applications Anti-Virus Limitations Browser Defense SSL/TLS SSL Connection Setup SSL Hybrid Encryption SSH IPSec - Network Layer Protection IPSec IPSec Public Key Infrastructure Quantum Cryptography Endpoint Whitelist Firewalls, IDS and IPS Firewall First line of defense IDS Second line of defense IPS Last line of defense? Firewalls Firewall Types: (1) Packet Filtering Firewall Types: (2) Proxy Firewalls Firewall Types Circuit-Level Proxy Firewall Type of Circuit-Level Proxy SOCKS Firewall Types Application-Layer Proxy Firewall Types: (3) Stateful Firewall Types: (4) Dynamic Packet-Filtering Firewall Types: (5) Kernel Proxies Firewall Placement Firewall Architecture Types Screened Host Risks of Portable Devices Module 12 - Honeypots, Honeynets, Honeytokens, Tarpits, oh my Page No. 6 Benefits and Drawbacks Honeypots Defined Legal Issues Trying to Trap the Bad Guy Companies Can Be Found Liable Technologies Incident Handling and the Legal System 481 Chain of Custody and Digital Evidence Collection Objectives Evidence Collection & Incident Assessment

7 Identifying an Incident Steps to handling an Incident Digital Incident Assessment Incident Response Checklist Responding to An Incident Suggested Guidelines for Securing Digital Evidence Secure Digital Evidence Common Incident Handling Mistakes Securing Digital Evidence Procedure Chain of Custody Potential Digital Evidence Search and Seizure Incident/Equipment Location Available Response Resources Securing Digital Evidence Digital Evidence Presentation The Best Evidence Rule Duplication and Recordings, Evidence Law Module 13 - IP Terms and Concepts OSI Application Layer Devices Work at Different Layers Network Devices Gateway Data Encapsulation Protocols ICMP Dial-Up Protocol SLIP Dial-Up Protocol PPP WAN Technologies Are Circuit or Packet Switched Packets Frame Protocols ICMP Port and Protocol Relationship Example Packet Sniffers Tool: Wireshark Tool: OmniPeek Sniffer Detection using Cain & Abel Network Protocol Network Protocol Protocols UDP versus TCP Port and Protocol Relationship An Older Model TCP/IP Suite Traceroute Operation Traceroute (cont.) Other Traceroute Tools IP Method: Ping Module 14 - Logging syslog Events Module 15 - Malicious Software Page No. 7 Malware Types of Malware Distributing Malware Malware Capabilities Auto Starting Malware Countermeasure: Monitoring Auto-start Methods Malicious Browser Content Malware Defense Techniques Spy Sweeper Enterprise CM Tool: Port Monitoring Software CM Tools: File Protection Software CM Tool: Windows File Protection CM Tool: Windows Software Restriction Policies Company Surveillance Software CM Tool: Hardware-based Malware Detectors Countermeasure: User Education Propagation Techniques Trojan Horse Characteristics Trojan Horses Executable Wrappers Benign EXE s Historically Wrapped with Trojans The Infectious CD-Rom Technique Trojan: Backdoor.Zombam.B Trojan: JPEG GDI+ All in One Remote Exploit Advanced Trojans: Avoiding Detection BPMTK Virus Types Types of Malware Cont... Types of Viruses Worm Characteristics Module 16 - Managing Security Policy Approach to Security Management Policy Types Policies with Different Goals Industry Best Practice Standards Components that Support the Security Policy Senior Management s Role in Security Security Roles Information Classification Information Classification Criteria Declassifying Information Types of Classification Levels Information Classification Issue Specific Policy Policy Assessment Policy Benefits Policy Development Tools

8 Posture and Culture Module 17 - Methods of Attack Security Enumeration Overview DNS Enumeration Backtrack DNS Enumeration SNMP Enumeration Tools SNMP Enumeration Countermeasures Active Directory Enumeration AD Enumeration countermeasures Hacking Tool: RootKit Windows RootKit Countermeasures Advanced Trojans: Avoiding Detection Benign EXE s Historically Wrapped with Trojans Google and Query Operators Google (cont.) SPUD: Google API Utility Tool Goolag Denial of Service Denial of Service Threat Methodologies (STRIDE) DDoS Issues DDoS Buffer Overflow Definition Overflow Illustration Buffer OverFlows Phishing Spear Phishing Links Logic Bomb Duronio Case Attacks Man-in-the Middle Replay Attack SPAM and Flooding Module 18 - Mitnick-Shimomura IP Address Spoofing TCP DoS Module 19 - Physical Security Physical Security Physical Security Checklist Physical Security Checklist Items of Interest Physical Controls Physical Access Tool Kit: Picks Tool Kit: Snap Gun Tool Kit: Electric Pick Bump Keying Lock Picking Countermeasures Controlling Access Facility Attributes Electrical Power Problems with Steady Power Current Power Interference Power Preventive Measures Fire Prevention Automatic Detector Mechanisms Fire Detection Fire Types Suppression Methods Fire Suppression Fire Extinguishers Page No. 8 Module 20 - Risk Management & Security Frameworks Overview IT Governance Best Practices IT Risk Management Types of Risks Risk Management Information Security Risk Evaluation Information Security Risk Evaluation Improving Security Posture Risk Evaluation Activities Risk Assessment Information Gathering Information Gathering Data Classification Threats and Vulnerabilities Analytical Methods Evaluate Controls Evaluate Controls Risk Ratings Important Risk Assessment Practices Review Security Incentives & Motivations Security Incentives & Attack Motivations Risk Management II What is Your Weakest Link? What Is the Value of an Asset? Examples of Some Vulnerabilities that Are Not Always Obvious Categorizing Risks Some Examples of Types of Losses Different Approaches to Analyzing Risks Who Uses What Analysis Type? Qualitative Analysis Steps Quantitative Analysis Can a Purely Quantitative Analysis Be Accomplished? Comparing Cost and Benefit Cost of a Countermeasure

9 Frameworks & Compliance ISO ISO 27002: Control Components Review Security Module 21 - Security and Organizational Structure Capacity Analysis Employee Discipline and Termination Employee Performance Employee Retention Filling Positions Conflicts of Interest Module 22 - Security Awareness Security Awareness Program 4 steps 3 Common Training Models Security Awareness Goals Role of metrics Steps to develop a metrics program Module 23 - Steganography Crypto and Password Recovery Background Steganalysis Steganography Methods Injection Substitution File Generation Module 24 - The Intelligent Network - Unified Threat Management (UTM) UTM product criteria Firewalls, IDS and IPS Firewall First line of defense IDS Second line of defense IPS Last line of defense? Firewalls Firewall Types: (1) Packet Filtering Firewall Types: (2) Proxy Firewalls Firewall Types Circuit-Level Proxy Firewall DDoS Issues HIPS HIPS Unified Threat Management Unified Threat Management Virtualization - Type 1 Type 1 Examples Virtualization Type 2 Type 2 Examples Module 25 - Network Infrastructure Wikto Web Assessment Tool Network Topologies Physical Layer Network Topologies Mesh Summary of Topologies Wireless Technologies War Driving TCP Model TCP/IP Suite OSI Model OSI Application Layer OSI Presentation Layer OSI Session Layer OSI - Transport Layer OSI Network Layer OSI Data Link OSI Physical Layer Wide Area Network Technologies Voice Over IP VLAN Network Segmentation Module 26 - Vulnerability Assessment Outside View Page No. 9 Basic Hacker Process Potential Threats, Vulnerabilities, & Risks What is a Penetration Test Types of Penetration Testing Vulnerability Assessment vs Pentest Hacking-life-cycle - a Methodology Methodology for Penetration Testing / Ethical Hacking Hacker vs. Penetration Tester Not Just Tools Exploitation Tools vs. Vulnerability Scanners Vulnerability Scanners Nessus Nessus Report SAINT SAINT Sample Report Tool: Retina Qualys Guard Tool: LANguard Number of Exploitable Vulnerabilities from NVD Detected Scan Process Best Practices Inside, outside and user view Manager s Role in Remediation Risks of non-remediation Pentesting in Vulnerability Management Scanning Techniques Threat Concerns Threat Vectors War Dialing