Course Title: Penetration Testing: Security Analysis

Transcription

1 Course Title: Penetration Testing: Security Analysis Page 1 of 9

2 Course Description: The Security Analyst Series from EC-Council Press is comprised of five books covering a broad base of topics in advanced penetration testing and information security analysis. The content of this program is designed to expose the reader to groundbreaking methodologies in conducting thorough information security analysis as well as advanced penetration testing techniques. Armed with the knowledge from the Security Analyst series, along with proper experience, readers will be able to perform the intensive assessments required to effectively identify and mitigate risks to the security of the organization's infrastructure. A recent Symantec State of Enterprise Security 2010 report states that ¾ of businesses have experienced a hacking attempt in the past year. The dearth of quality security analysts to thwart any security threats in a timely fashion is one of the major challenges facing organizations today. Organizations need to hire experts in the field of computer security infrastructure or have to train in house security administrators to fight IT security dangers if they are to stand any chance against hackers. EC-Council Certified Security Analyst (ECSA) complements the Certified Ethical Hacker (CEH) certification by exploring the analytical phase of ethical hacking. While CEH exposes the learner to hacking tools and technologies, ECSA takes it a step further by exploring how to analyze the outcome from these tools and technologies. Who Should Attend? Certificate Info Penetration Testing: Security Analysis This course will significantly benefit network server administrators, firewall administrators, security testers, system administrators, and risk assessment professionals. Course Duration: 2 days (9:00 5:00) CPE/ECE Qualification 16 ECE Credits awarded for attendance (1 for each classroom hour) Suggested Retail: $799 USD Page 2 of 9

3 Page 3 of 9

4 Required Courseware: Visit and click on Training Workshops for ordering details. What s included? Physical Courseware 1 year Access To EC-Council Student LMS for Practical Labs (if applicable), testing, and Certificate Course + Supplement Cost: See the Training Workshops section at for current pricing information. Related Certificates: Penetration Testing: Communication Media Testing Penetration Testing: Network Threat Testing Penetration Testing: Procedures & Methodologies Penetration Testing: Network & Perimeter Testing Page 4 of 9

5 Course Briefing: 1. The Need for Security Analysis This module gives us a picture about the information security of the world and the ever increasing security threats looming over us; it is concerned with the theft, fraud/forgery, unauthorized access, interception, or modification of the data. This module deals with the need for security analysis, various security concerns, what data should be protected, challenges to security, preventive steps to be taken, threat agents and risks, information security awareness, and security policies that are crucial for an organization and provision in law of various countries to deal with the information security related issues. 2. TCP/IP Packet Analysis TCP/IP provides a broad range of communication protocols for the various applications on the network; so knowledge of this technology and its security features is crucial in security analysis of a network. This module deals with TCP/IP model, comparison of OSI and TCP/IP models, processes involved in TCP operation, windowing of TCP/IP packets, TCP and UDP operation sequencing numbers, security issues and features of Internet protocol v6 (IPv6), Denial-of-Service (DoS) attacks, TCP and UDP port numbers, ICMP and ICMP control messages. 3. Advanced Sniffing Techniques This module familiarizes with various advanced sniffing techniques using the tool Wireshark. This module deals with the network protocol analyzer Wireshark, its features, IP display filters and commands such as Tshark, Tcpdump, Capinfos, Idl2wrs, Editcap, Mergecap, and Text2pcap, use of Wireshark for network troubleshooting and various scanning techniques, Wireshark DNP3 Dissector Infinite Loop Vulnerability, Timestamps, Packet Reassembling, and Checksums. 4. Vulnerability Analysis with Nessus Nessus is a client-server-based, open-source vulnerability scanner that provides a free, powerful, upto-date, and easy-to-use remote security scanner for business-critical enterprise devices and applications. This module will familiarize you with Nessus and its features, phases involved in Nessus assessment process, procedure in configuring Nessus, Nessus client, process for starting Nessus scan, Plug-in selection, types of plug-ins, identifying false positives, framework to write Nessus plug-ins, installing and running the plug-in, Nessus architecture and design, Nessus user community, Tenable Security Center, simplifying a security scan, wireless scanning for WAPs, and detecting WAPs using the Nessus vulnerability scanner. 5. Designing a DMZ DMZ is a computer host or small network inserted as a neutral zone between a company s private network and the outside public network. DMZ use has become a necessary method of providing a multilayered, defense-in-depth approach to security. Page 5 of 9

6 This module deals with the DMZ design fundamentals, designing DMZ using IPtables, designing wireless DMZ, designing DMZ specific to the operating systems such as Windows, Solaris, and Linux, best practices of DMZ router and switch, and six ways to stop the data leaks. 6. Snort Analysis Snort is a widely used, open-source, network-based intrusion detection system capable of performing real-time traffic analysis and packet logging on IP networks. It is used to perform protocol analysis and content matching to detect a variety of attacks and probes such as: buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and more. This module deals with Snort operation modes and its features, configuration of Snort for variables, preprocessors, output plug-ins, and rules, stream4 preprocessor and inline functionality, Snort rules which include Snort rule header and rule options, subscribing to the Snort rules and tools used for writing Snort rules. 7. Log Analysis Logs are used to keep track of the network, user activities, and services. This module deals with logs, events that need to be logged, log shipping, different techniques, and tools used for analyzing the logs such as Syslog, web server logs, wired router logs, wireless network devices logs, Windows logs, Unix logs, Linux logs, SQL server logs, Oracle logs, Solaris log files, VPN server logs, firewall logs, IDS logs, and DHCP logs, configuring NTP, use of log analysis and log alert tools. Course Outline: Chapter 1: The Need for Security Analysis Introduction to the Need for Security Analysis Security Concerns What Should Be Protected Reasons Intrusions Succeed Challenges to Security Preventative Steps Threat Agents Needs Assessment Questions How Much Security is Enough? Risk Information Security Awareness Security Policies U.S. Legislation U.K. Legislation Chapter 2: TCP/IP Packet Analysis Introduction to TCP/IP Packet Analysis TCP/IP Protocol Suite Page 6 of 9

7 TCP (Transmission Control Protocol) Internet Protocol (IP) Other Protocols Chapter 3: Advanced Sniffing Techniques Introduction to Advanced Sniffing Techniques Wireshark: Filters Protocol Dissection Steps to Solve GNU/Linux Server Network Connectivity Issues Network Troubleshooting Methodology Using Wireshark for System Administration Using Wireshark for Security Administration Wireless Sniffing with Wireshark Navigating Wireshark s Packet Details Window Scanning Remote-Access Trojans Wireshark DNP3 Dissector Infinite Loop Vulnerability Time Stamps Packet Reassembling Checksums Chapter 4: Vulnerability Analysis with Nessus Introduction to Vulnerability Analysis with Nessus Features of Nessus Nessus Assessment Process Deployment Requirements Configuring Nessus Updating Nessus Plug-Ins Using the Nessus Client Service Detection Vulnerability Fingerprinting DoS Testing False Positives Writing Nessus Plug-Ins Nessus Architecture and Design Nessus User Community Tenable Security Center Page 7 of 9

8 Managing Data Simplifying Scans Wireless Access Points (WAPs) Chapter 5: Designing a DMZ Introduction to Designing a DMZ DMZ Concepts DMZ Design Fundamentals Advanced Design Concepts DMZ Architecture Designing a DMZ Using IPtables Designing a Wireless DMZ Specific Operating System Design DMZ Router Security Best Practices DMZ Switch Security Best Practices Six Ways to Stop Data Leaks Chapter 6: Snort Analysis Introduction to Snort Analysis Modes of Operation Features of Snort Configuring Snort How Snort Works Content Matching The Stream4 Preprocessor Inline Functionality Writing Snort Rules Snort Tools Chapter 7: Log Analysis Introduction to Log Analysis Events That Must Be Logged What to Look For in Logs Automated Log Analysis Approaches Log Shipping Analyzing Syslog Analyzing Web Server Logs Analyzing Wired Router Logs Page 8 of 9

9 Analyzing Wireless Network Device Logs Analyzing Windows Logs Analyzing UNIX Logs Analyzing Linux Logs Analyzing SQL Server Logs Analyzing Oracle Logs Analyzing Solaris Log Files Analyzing VPN Server Logs Analyzing Firewall Logs Analyzing IDS Logs Analyzing DHCP Logs Network Time Protocol Log Analysis Tools Log Alert Tools Page 9 of 9