Advanced Network Defense (CAST 614)



Similar documents
EC-Council CAST CENTER FOR ADVANCED SECURITY TRAINING. CAST 614 Advanced Network Defense. Make The Difference CAST. EC-Council

Kevin Cardwell. Toolkits: All-in-One Approach to Security

Certified Ethical Hacker (CEH) Ethical Hacking & Counter Measures Course 9962; 5 Days, Instructor-Led

Implementing Cisco IOS Network Security

Application Security Testing

Professional Penetration Testing Techniques and Vulnerability Assessment ...

Track 2: Introductory Track PREREQUISITE: BASIC COMPUTER EXPERIENCE

NETWORK SECURITY (W/LAB) Course Syllabus

Hackers are here. Where are you?

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

Networking: EC Council Network Security Administrator NSA

INFORMATION SECURITY TRAINING CATALOG (2015)

Course Title: Penetration Testing: Security Analysis

Ethical Hacking and Information Security. Foundation of Information Security. Detailed Module. Duration. Lecture with Hands On Session: 90 Hours

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.

Where every interaction matters.

Certified Ethical Hacker Exam Version Comparison. Version Comparison

MS-55096: Securing Data on Microsoft SQL Server 2012

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

EC Council Certified Ethical Hacker V8

Network Security Administrator

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design

[CEH]: Ethical Hacking and Countermeasures

EC-Council Certified Security Analyst (ECSA)

IINS Implementing Cisco Network Security 3.0 (IINS)

Developing Network Security Strategies

The Security Organization p. 1 Anecdote p. 2. Introduction

KEVIN CARDWELL. Q/SA (Qualified Security Analyst) Penetration Tester. & Optional Q/PTL (Qualified Penetration Licence) Workshop

EC-Council Certified Security Analyst / License Penetration Tester (ECSA/LPT) v4.0 Bootcamp

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

CYBERTRON NETWORK SOLUTIONS

CompTIA Security+ (Exam SY0-410)

CRYPTUS DIPLOMA IN IT SECURITY

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

Information Technology Career Cluster Introduction to Cybersecurity Course Number:

ETHICAL HACKING APPLICATIO WIRELESS110 00NETWORK APPLICATION MOBILE MOBILE0001

If you know the enemy and know yourself, you need not fear the result of a hundred battles.

Hackers are here. Where are you?

External Supplier Control Requirements

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM

FORBIDDEN - Ethical Hacking Workshop Duration

FIREWALLS & CBAC. philip.heimer@hh.se

Detailed Description about course module wise:

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

IBM. Vulnerability scanning and best practices

Presented by Evan Sylvester, CISSP

RMAR Technologies Pvt. Ltd.

Guidelines for Website Security and Security Counter Measures for e-e Governance Project

EC-Council CAST CENTER FOR ADVANCED SECURITY TRAINING. CAST 619 Advanced SQLi Attacks and Countermeasures. Make The Difference CAST.

Using Nessus In Web Application Vulnerability Assessments

EC-Council. Certified Ethical Hacker. Program Brochure

Principles of Information Assurance Syllabus

Building A Secure Microsoft Exchange Continuity Appliance

Securing Cisco Network Devices (SND)

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD CCNA SECURITY. VERSION 1.0

Information Security Services

Securing Data on Microsoft SQL Server 2012

Loophole+ with Ethical Hacking and Penetration Testing

Microsoft Windows Server 2008: MS-6435 Designing Network and Applications Infrastructure MCITP 6435

900 Walt Whitman Road, Suite 304 Melville, NY Office:

Host Hardening. OS Vulnerability test. CERT Report on systems vulnerabilities. (March 21, 2011)

Protecting Your Organisation from Targeted Cyber Intrusion

Asheville-Buncombe Technical Community College Department of Networking Technology. Course Outline

Analyze. Secure. Defend. Do you hold ECSA credential?

Firewalls. Chapter 3


Linux Network Security

Mobile Application Hacking for Android and iphone. 4-Day Hands-On Course. Syllabus

Information Security solutions that protect your business

CAST Center for Advanced Security Training

Reducing Application Vulnerabilities by Security Engineering

CMPT 471 Networking II

How To Classify A Dnet Attack

Securing end devices

CEH Version8 Course Outline

CORE Security and the Payment Card Industry Data Security Standard (PCI DSS)

Architecture Overview

Cyber Exploits: Improving Defenses Against Penetration Attempts

Information Systems Security Certificate Program

BUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports

InfoSec Academy Pen Testing & Hacking Track

Description: Course Details:

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 6 Network Security

EC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led

ArcGIS Server Security Threats & Best Practices David Cordes Michael Young

Check Point and Security Best Practices. December 2013 Presented by David Rawle

Securely Moving Your Business Into the Cloud

CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention. Spring 2013

EC-Council Ethical Hacking and Countermeasures

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD SEGURIDAD EN REDES. NIVEL I. VERSION 2.0

Learning Course Curriculum

NEW YORK INSTITUTE OF TECHNOLOGY School of Engineering and Technology Department of Computer Science Old Westbury Campus

Malicious Network Traffic Analysis

Course Syllabus. Fundamentals of Windows Server 2008 Network and Applications Infrastructure. Key Data. Audience. Prerequisites. At Course Completion

IT Security Risks & Trends

Course Outline: Designing a Windows Server 2008 Network Infrastructure

WHITE PAPER. FortiWeb and the OWASP Top 10 Mitigating the most dangerous application security threats

MOC 6435A Designing a Windows Server 2008 Network Infrastructure

ITEC441- IS Security. Chapter 15 Performing a Penetration Test

Transcription:

Course Outline Advanced Network Defense (CAST 614) Duration: 24 hours Introduction With this course you can be among the few who transcend the old idea of the hacker having all the fun, take pride being the defender, form an offensive mindset to skillfully orchestrate robust and solid defenses and reinvent popular belief by beating the hacker at his own game. You will be evaluating advanced hacks and methods of defense fortification bringing you closer to establishing perfect security by reviewing best practices and methodologies you can apply to secure environments, provide segmentation and isolation to reduce the effectiveness of the Advanced Persistent Threat. The course will cover fundamental areas of fortifying your defenses; you will discover methods of developing a secure baseline and how to harden your enterprise architectures from the most advanced attacks. Once a strategy for a fortified perimeter is defined the course moves on to defending against the sophisticated malware that is on the rise today and the importance of live memory analysis and real time monitoring. Trainer Biography Kevin Cardwell Kevin Cardwell spent 22 years in the U.S. Navy, during this time he tested and evaluated Surveillance and Weapon system software, some of this work was on projects like the Multi-Sensor Torpedo Alertment Processor (MSTRAP), Tactical Decision Support System (TDSS), Computer Aided Dead Reckoning Tracer (CADRT), Advanced Radar Periscope Discrimination and Detection (ARPDD), and the Remote Mine Hunting System (RMHS). He has worked as both software and systems engineer on a variety of Department of Defense projects and early on was chosen as a member of the project to bring Internet access to ships at sea. Following this highly successful project he was selected to head the team that built a Network Operations Center (NOC) that provided services to the commands ashore and ships at sea in the Norwegian Sea and Atlantic Ocean. He served as the Leading Chief of Information Security at the NOC for six years prior to retiring from the U.S. Navy. During this time he was the leader of a 5 person Red Team that had a 100% success rate at compromising systems and networks. He currently works as a free-lance consultant and provides consulting services for companies throughout the world, and as an advisor to numerous government entities within the US and UK. He is an Instructor, Technical Editor and Author for Computer Forensics, and Hacking courses. He is technical editor of the Learning Tree Course Ethical Hacking and Countermeasures and Computer Forensics. He is author of the Controlling Network Access course. He has presented at the Blackhat USA Conferences. He is a contributing author to the Computer Hacking Forensics Investigator V3 Study Guide and The Best Damn Cybercrime and Digital Forensics Book Period. He is a Certified Ethical Hacker (CEH), Certified Security analyst (E CSA), Qualified Penetration Tester (QPT), Certified in Handheld Forensics, Computer Hacking Forensic Investigator (CHFI) and Live Computer Forensics Expert (LCFE), and holds a BS in Computer Science from National University in California and a MS in Software Engineering from the Southern Methodist University (SMU) in Texas. His current research projects are in Computer Forensic evidence collection on "live" systems, Professional Security Testing

and Advanced Rootkit technologies. He developed the Strategy and Training Development Plan for the first Government CERT in the country of Oman, he servers as a professional training consultant to the Oman Information Technology Authority, and is currently developing the team to man the first Commercial Security Operations Center in the country of Oman. Target Audience: Firewall administrators, system architects, system administrators, windows admin or those responsible for or interested in: Identifying security weaknesses in computer systems or networks Exposing weaknesses for system's owners to fix breaches before being targets of compromise Applying hacking and pen testing constructively to defend against various possible attacks Analysing best practices in developing secure system and network configurations Establishing a secure baseline in deploying machines in a protected state Appreciating popular attack methods applied by hackers in order to fortify their systems From practically any organization that handles important data would find this course beneficial, examples are: Government agencies Universities Hospitality Retail Banking and Financial institutions Brokerage and Trading firms Insurance Scientific institutions & research agencies Telecommunication Computer design firms Consulting firms Science and Engineering firms Those involved with online related businesses & transactions Card related businesses Pre-requisites Students completing this course will gain in-depth knowledge in the following areas: Staging a strong defense against popular security threats Fortifying your organization with a good foundation of risk protection methods Applying latest references and guidance on best practices in the field of cyber security Securing your enterprise architecture from a medium threat level and building towards more sophisticated threats Topics Covered: Module 1: Firewalls Firewalls Firewall Types: Stateless Packet Filters Improving Device Remote-Access Security Locking Down the Console Port Protecting Terminal Lines Establishing Encrypted Communications Configuring HTTPS Configuring SSH LAB: Securing the Perimeter

Module 2: Advanced Filtering Advanced Filtering Techniques Ingress Filtering Egress Filtering Source Address Verification (SAV) urpf Additional Filtering Considerations Time-Based ACLs Reflexive ACLs Reflexive ACL vs. Static ACL Context-Based Access Control (CBAC) Essential Steps to Harden Routers LAB: Advanced Filtering Module 3: Firewall Configuration Firewall Types: Stateful Packet Filters Application Proxies Application Proxies vs. Stateful Packet filters Web Application Firewalls Web Application Firewall Types Web Application Firewall Products Firewall Architecture Screened Subnet Firewall The Classic Firewall Architecture Belt and Braces Firewall Separate Services Subnet Fortress Mentality De-parameterization Perimeter Configuration Lab: Selecting a Firewall Architecture Module 4: Hardening: Establishing a Secure Baseline Windows NT/2000/2003 and XP Windows 2000/2003/XP Windows 2003 Windows Vista Server 2003 Architecture Broken Kernel Modes of the OS UNIX/Linux Secure Server Guidelines Hardening Systems Security Compliance Manager Device Security Essential Steps to Harden Switches

LAB: Hardening Windows Server 2008 Security (Part I) Server 2008 Components Enterprise Protection AD RMS AD RMS Components EFS EFS Enhancements in Server 2008 EFS Best Practices LAB: Server 2008 Lab Windows Server 2008 Security (Part II) IPsec Rules Firewall Scripting netsh Isolating a Server Group Policy Object Server Isolation Steps Domain Isolation Domain Isolation Issues Best Practices Trusted Platform Module Wave Systems TPM Architecture Crypto API Example Embassy Server Software Embassy Client Software Self-Encrypting Drives LAB: TPM Module 5: Intrusion Detection and Prevention Why Intrusion Detection? Fortress Mentality Intrusion Detection 101 What is Intrusion Detection? False positives! Topology concerns Recommended in most circles Realistic Intrusion Prevention Types of IPS Host-Based Intrusion Prevention Systems Host-Based Intrusion Prevention Systems LAB: Intrusion Detection Module 6: Protecting Web Applications Top 10 www.owasp.org

Injection Flaws Cross Site Scripting Broken Authentication Insecure Cryptographic Storage Reverse Engineering Web Apps Tools Hackbar Tamper Data The Two Main Attacks for Web XSS SQL Injection xp_cmdshell There is More More Tools SQL Inject Me XSS ME Choose The Right Database Practice, Practice, Practice Tutorials Mutillidae Web Application Firewalls Components of Web Application Firewall LAB: Protecting Web Apps Module 7: Memory Analysis Data Types Revisited Volatile System date and time Current network connections and Open ports Processes that opened ports Cached NetBIOS Names Users Currently Logged On Internal routing Running Processes Pslist Trivia Pslist t Tasklist Tlist Running Services Open Files Process Memory Dumps LAB: Memory Analysis Module 8: Endpoint protection Introduction to NAC NAC Defined NAC General Architecture

NAC General Architecture Illustrated NAC Concepts Inline NAC Out-of-Band Identifying NAC Requirements Implementing User-Based Identity Access Control Network Access Protection (NAP) NAP Components NAP Enforcement NAP Best Practices 802.1x EAP Explained LAB 1: Network Access Protection with DHCP LAB 2: Network Access Protection with IPsec LAB 3: Endpoint Protection Module 9: Securing Wireless Wireless Tools Wireless Vulnerabilities Summary MAC Filtering Hiding Access Points Hijacking Jamming Identifying Targets Wardriving Sniffing on Wireless Attacking Encrypted Networks Wep Data The other case Reality WPA Tools WPA LEAP Asleap Comparison LAB: Securing Wireless

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information