Network Defense Specialist. Course Title: Network Defense Specialist: Securing and Troubleshooting Network Operating Systems

Similar documents
CH ENSA EC-Council Network Security Administrator Detailed Course Outline

EC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led

Network Security Administrator

Networking: EC Council Network Security Administrator NSA

Course Title: Penetration Testing: Security Analysis

Specialized Programme on Internetworking Design and LAN WAN Administration

Course Title: Penetration Testing: Communication Media Testing, 1st Edition

"Charting the Course...

Course Title: Penetration Testing: Network & Perimeter Testing

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

Implementing Cisco IOS Network Security

Today s Topics. Protect - Detect - Respond A Security-First Strategy. HCCA Compliance Institute April 27, Concepts.

How To Learn Cisco Cisco Ios And Cisco Vlan

CISCO IOS NETWORK SECURITY (IINS)

Recommended IP Telephony Architecture

IINS Implementing Cisco Network Security 3.0 (IINS)

Hosts HARDENING WINDOWS NETWORKS TRAINING

Course Title Penetration Testing: Procedures & Methodologies

Implementing Secured Converged Wide Area Networks (ISCW) Version 1.0

NETWORK SECURITY (W/LAB) Course Syllabus

Implementing and Administering Security in a Microsoft Windows Server 2003 Network

How To Pass A Credit Course At Florida State College At Jacksonville

information security and its Describe what drives the need for information security.

Associate in Science Degree in Computer Network Systems Engineering

Interconnecting Cisco Network Devices 1 Course, Class Outline

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Executive Summary and Purpose

Securing Cisco Network Devices (SND)

: Interconnecting Cisco Networking Devices Part 1 v2.0 (ICND1)

8 steps to protect your Cisco router

Course Title: Penetration Testing: Network Threat Testing, 1st Edition

The Trivial Cisco IP Phones Compromise

Host Hardening. OS Vulnerability test. CERT Report on systems vulnerabilities. (March 21, 2011)

Network Security and Firewall 1

Overview. Firewall Security. Perimeter Security Devices. Routers

Cisco Certified Network Associate (CCNA) 120 Hours / 12 Months / Self-Paced WIA Fee: $

MCSA Security + Certification Program

INFORMATION SECURITY TRAINING CATALOG (2015)

ACADEMIC PROGRAM REVIEW PC AGE 145 TALMADGE ROAD EDISON, NJ REVIEW DATE. Report Amended October 2011

CNS-200-1I Basic Administration for Citrix NetScaler 9.0

The Cisco IOS Firewall feature set is supported on the following platforms: Cisco 2600 series Cisco 3600 series

RuggedCom Solutions for

- Basic Router Security -

Advanced Administration for Citrix NetScaler 9.0 Platinum Edition

INTERCONNECTING CISCO NETWORK DEVICES PART 1 V2.0 (ICND 1)

Considerations In Developing Firewall Selection Criteria. Adeptech Systems, Inc.

Network Security: A Practical Approach. Jan L. Harrington

NEW YORK INSTITUTE OF TECHNOLOGY School of Engineering and Technology Department of Computer Science Old Westbury Campus

PT Activity: Configure Cisco Routers for Syslog, NTP, and SSH Operations

IDS 4.0 Roadshow. Module 1- IDS Technology Overview. 2003, Cisco Systems, Inc. All rights reserved. IDS Roadshow

Cisco Certified Security Professional (CCSP)

Implementing Cisco IOS Network Security v2.0 (IINS)

Data Collection and Analysis: Get End-to-End Security with Cisco Connected Analytics for Network Deployment

Firewalls. Securing Networks. Chapter 3 Part 1 of 4 CA M S Mehta, FCA

Ethical Hacking and Information Security. Foundation of Information Security. Detailed Module. Duration. Lecture with Hands On Session: 90 Hours

Course Description and Outline. IT Essential II: Network Operating Systems V2.0

Locking down a Hitachi ID Suite server

Windows Operating Systems. Basic Security

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.

Interconnecting Cisco Networking Devices, Part 1 (ICND1) v3.0

REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB

CCNA Security. Chapter Two Securing Network Devices Cisco Learning Institute.

Track 2: Introductory Track PREREQUISITE: BASIC COMPUTER EXPERIENCE

Certified Ethical Hacker Exam Version Comparison. Version Comparison

SSL-TLS VPN 3.0 Certification Report. For: Array Networks, Inc.

Note: This case study utilizes Packet Tracer. Please see the Chapter 5 Packet Tracer file located in Supplemental Materials.

Linux Network Security

EC-Council Certified Security Analyst / License Penetration Tester (ECSA/LPT) v4.0 Bootcamp

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD SEGURIDAD EN REDES. NIVEL I. VERSION 2.0

Who is Watching You? Video Conferencing Security

Course Title: Virtualization Security, 1st Edition

IBM. Vulnerability scanning and best practices

6445A - Implementing and Administering Windows Small Business Server 2008

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak Capture Link Server V1.00

Computer Network Engineering

Cisco ASA. Administrators

HP ProLiant Essentials Vulnerability and Patch Management Pack Planning Guide

Basic & Advanced Administration for Citrix NetScaler 9.2

Configuring Windows Server 2008 Network Infrastructure

Cconducted at the Cisco facility and Miercom lab. Specific areas examined

Introduction to Endpoint Security

CNS-207 Implementing Citrix NetScaler 10.5 for App and Desktop Solutions

GL254 - RED HAT ENTERPRISE LINUX SYSTEMS ADMINISTRATION III

Information Technology Career Cluster Introduction to Cybersecurity Course Number:

Chapter 9 Firewalls and Intrusion Prevention Systems

ITEC441- IS Security. Chapter 15 Performing a Penetration Test

Tim Bovles WILEY. Wiley Publishing, Inc.

SCP - Strategic Infrastructure Security

Prerequisites: Fundamentals of Networking, Knowledge of Operating Systems

ITKwebcollege.ADMIN-Basics Fundamentals of Microsoft Windows Server

FortiWeb 5.0, Web Application Firewall Course #251

Managing and Maintaining a Microsoft Windows Server 2003 Environment

Course Venue :- Lab 302, IT Dept., Govt. Polytechnic Mumbai, Bandra (E)

Fundamentals of a Windows Server Infrastructure MOC 10967

Cisco Application Networking Manager Version 2.0

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Principles of Information Assurance Syllabus

Linux Operating System Security

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak CR V4.1

Transcription:

Course Title: Network Defense Specialist: Securing and Troubleshooting Network Operating Systems Page 1 of 12

Course Description The Network Defense Series from EC-Council Press is comprised of 5 books designed to educate learners from a vendor-neutral standpoint on how to defend the networks they manage. This series covers the fundamental skills in evaluating the internal and external threats to network security and design, how to enforce the network level security policies, and how to ultimately protect an organization's information. The books in the series cover a broad range of topics from secure network fundamentals, protocols & analysis, standards and policy, hardening infrastructure, configuring IPS, IDS, firewalls, bastion host and honeypots. Learners completing this series will have a full understanding of defensive measures taken to secure their organization's information and along with the proper experience these books will prepare readers for the EC-Council Network Security Administrator (E NSA) certification. Un-patched software on network operating systems and hardware can be a common point of attack for an intruder. Vulnerability analysis will often identify the outdated software and exploitation. This book, the fourth in the series, prepares the practitioner to create and administer the effective policies and best practices in patch management, OS configuration, and analysis to identify the potential network security weaknesses. Certification Info Network Defense Specialist: Securing and Troubleshooting Network Operating Systems Who Should Attend This course will significantly benefit System Administrators, System Engineers, Firewall Administrators, Network Managers, IT Managers, IT Professionals and anyone who is interested in network security technologies. Course Duration 2 days (9:00 5:00) CPE/ECE Qualification 16 ECE Credits awarded for attendance (1 for each classroom hour) Suggested Retail: $799 USD Page 2 of 12

Required Courseware: Visit www.cengage.com/community/eccouncil and click on Training Workshops for ordering details. What s included? Physical Courseware 1 year Access To EC-Council Student LMS for Practical Labs (if applicable), testing, and Certificate Course + Supplement Cost: See the Training Workshops section at www.cengage.com/community/eccouncil for current pricing information. Related Certificates: Network Defense Specialist: Fundamentals & Protocols Network Defense Specialist: Security Policy & Threats Network Defense Specialist: Perimeter Defense Mechanisms Network Defense Specialist: Security & Vulnerability Assessment Page 3 of 12

Course Briefing 1. Securing Modems Chapter Brief: A modem is a device that allows two computers to communicate via a standard phone line. It converts digital data into analog signals and convert the analog signals back into digital data and vice-versa. This chapter describes the features, types, and security of modems. It explains the attacks against the modem such as Spoofing, Call Forwarding, War Dialing, and Packet Sniffing. The chapter lists the reasons for modem connection failure. This chapter also describes how to troubleshoot when the modem is not responding, modem damaged, and system crashes. 2. Hardening Routers Chapter Brief: Router is a network device functioning at layer 3; the network layer of the OSI model. It receives packets from a linked network and transmits them to the next connected network. This chapter describes the Types of Routes, Routing Algorithms, Internet Work Operating Systems (IOSs), routing metrics, principles and operation modes. It discusses the router configuration, external and internal configuration sources. It explains about loading the configuration files and explains the steps to configure a router from TFTP Server. This chapter also describes the router configuration modes, Bootstrap Service (BOOTP Service). It explains the concepts such as hardening a router, Cisco Discovery Protocol, logging and Access Control List (ACL). 3. Hardening Operating Systems Chapter Brief: This chapter describes the BIOS Security, Windows Registry, configuring windows services, managing the resources, Need-to-Know Controls, malicious logic protection, Discretionary Access Control List (DACL), NTFS file system permissions and modes of operation. This chapter also describes the Automated Information System (AIS), Windows Infrastructure features, Kerberos Authentication and Domain Security, IPSecurity, Windows 2003 authentication, and lists the Windows 2003 security configuration tools. 4. Patch Management Chapter Brief: Patch management is the process of controlling the deployment and maintenance of interim software releases into the production environments. It helps you to maintain the operational efficiency and effectiveness, overcome security vulnerabilities, and maintain the stability of your production environment. This chapter will familiarize you with updating and applying patches to your devices and network equipment. This chapter describes the Change Management rules, types of patches defined by Microsoft, the patch testing process, patch monitoring and management. This chapter also describes installation steps of Red Hat Up2date Patch Management Utility, process of patch management, and explains the various methods of Microsoft Patch Management process such as Identification, Assessment and Testing. This chapter also discusses the Microsoft Software Update Services and Windows Server Update Services (WSUS). Page 4 of 12

5. Log Analysis Chapter Brief: Log analysis is the process of detecting attacks on a specific system, network, or applications. Log analysis uses logs of firewall, web server, system, IDS events, or Windows event. It allows users to notify the actual changes to the database. This chapter discusses the log analysis, audit events, and log types, log files, Access_log, Agent_log, Error_log, refer_log, and TCPDump Logs. This chapter also describes the concept of Web Server log analysis, Syslog statistics and analysis, monitoring and security events, and lists the log analysis and parsing tools. 6. Application Security Chapter Brief: Application security encompasses measures taken throughout the application's life-cycle to prevent exceptions in the security policy of an application or the underlying system through flaws in the design, development, deployment, upgrade, or maintenance of the application. This chapter discusses the threats to applications and the importance of application security, application dependant guidance. It discusses about cookies, session tokens, authentication tokens, System Life Cycle Management, and Telecommunications system. It explains security related to embedded applications, IPSec, and SSL. It explains the best practices for secure coding. This chapter also discusses the steps to Threat Modeling approach and provides a list of secure coding tools. Page 5 of 12

Course Outline Chapter 1: Securing Modems Introduction to Securing Modems Introduction to Modems o Types of Modems o Modem Security Modem Security : Password Modems Modem Security : Callback Modems Modem Security : Encrypting Modems Modem Security : Caller-ID and ANI Schemes Modem Security Should be a Priority for Telephony Managers SecureLogix Provides Solutions for Modem Security Make Modem Security Simple With Robust Management Tool Modem Attacks and Risks Modem Failure Symptoms: Modem Firmware Failure Reasons for Modem Connection Failure Modem Not Responding Modem Damaged System Crashes Troubleshooting Modems Chapter 2: Hardening Routers Introduction to Hardening Routers Introduction to Routers o Router Basics Internet Work Operating Systems (IOS) Cisco Internetwork Operating System (IOS) Routing Principles Configuring Routers o Configuring Routers: IP Source Routing External Configuration Sources Internal Configuration Sources Router Initiation Loading the Configuration Files Steps to Configure a Router From TFTP Server Setup Configuration Mode Page 6 of 12

CLI Configuration Mode Finger Tool Disabling the Auxiliary Services and Closing Extra Interfaces Bootstrap Service (BOOTP Service) TCP and UDP Small Servers Disabling Proxy ARP Disabling Simple Network Management Protocol (SNMP) Disabling Network Time Protocol (NTP) Hardening Routers Display Notifications on Banners Passwords and Secrets Console Password Setup Setting a Virtual Terminal Password Auxiliary Passwords Creating End User Accounts Setting Session Timeout Periods Cisco Discovery Protocol Configuring CDP Router# show cdp Logging Concept Timestamping Cisco Logging Options Console Logging How to Change the Console Logging Level o Disabling Console Logging o Buffered Logging o Terminal Logging Filtering Network Traffic Access Control Lists (ACLs) o Creating a Standard ACL: Step 1 o Creating a Standard ACL: Step 2 o Creating a Standard ACL: Step 3 o Creating a Standard ACL: Step 4 o Creating a Standard ACL: Step 5 Logging System Error Messages Enabling System Error Message Logging Committed Access Rate (CAR) Page 7 of 12

Secure Shell (SSH) Routing Protocols: Routing Information Protocol Routing Protocols: Interior Gateway Routing Protocol Routing Protocols: Enhanced Interior Gateway Routing Protocol (EIGRP) Troubleshooting Routers Troubleshooting Tools Troubleshooting with Network Management Tools Troubleshooting IP Connectivity in Routers Troubleshooting PPP and Frame Relay Troubleshooting X.25 Troubleshooting ISDN Components of Router Security Router Security: Testing Tools Chapter 3: Hardening Operating Systems Introduction to Hardening Operating Systems Configuring Windows Managing Resources o Managing Resources: Malicious Logic Protection o Managing Resources: Assurance o Managing Resources: Discretionary Access Control List (DACL) o Managing Resources: Objects and Permissions o Managing Resources: Rights vs. Permission o Managing Resources: NTFS File System Permissions o Managing Resources: Encryption File System (EFS) o Managing Resources: Modes of Operation o Managing Resources: Automated Information System (AIS) o Managing Resources: Windows Infrastructure Features Kerberos Authentication and Domain Security o Kerberos Authentication and Domain Security: Trust Relationships between Domains IPsec Windows 2003 Authentication o Windows 2003 Security Configuration Tools o Windows 2003 Resource Security o Windows 2003 Auditing and Logging o Windows 2003 EFS o Windows 2003 EFS (cont d) Page 8 of 12

User and File System Security Administration Security: Data Security & Network Security Windows Certification Authorities Securing Linux User Management o Account Security o Securing Linux (ACLs): File System and Navigation o Securing Linux (ACLs): File and Directory Permissions o Securing Linux (ACLs): File and Directory Permissions (cont d) o Securing Linux (ACLs): Pluggable Authentication Module (PAM) o Securing Linux (ACLs): Configuring PAM o Securing Linux (ACLs): PAM Configuration Files o Securing Linux (ACLs): PAM Framework o Securing Linux (ACLs): Security with PAM o Securing Linux (ACLs): Network Information Services (NIS) Group Management Utilities Upgrading to Windows Vista UNIX Security Checklist Macintosh Security Using Kerberos Authentication Rendezvous Security Restricting User Capabilities Command Line Administration Tools Chapter 4: Patch Management Introduction to Patch Management Patching Patch Tuesday Patch Testing Database Patch Management Process Update Management Microsoft Update Management Offerings Patch Management and Monitoring Identifying and Installing Patches on Red Hat Networks Microsoft Patch Management Process o Microsoft Patch Management Process: Identification o Microsoft Patch Management Process: Assessment Page 9 of 12

o Microsoft Patch Management Process: Obtainment o Microsoft Patch Management Process: Testing o Microsoft Patch Management Process: Deployment o Microsoft Patch Management Process: Confirmation Windows Patch Management: SUS, WSUS, SMS, and SCCM Implementing Windows Update Services Microsoft Software Update Services (SUS) Features: SUS Client-side, Server-side Components WSUS vs. SMS 2003 Automating Microsoft Windows Patch Management with WSUS Role of SMS in Patch Management Process Microsoft System Center Configuration Manager 2007 (SCCM) Update Levels in Windows Security TechCenter Microsoft Security Identifying Missing Patches on Windows Desktop Systems Working With Patch Management Tools o Working with Patch Management Tools: Selecting a Tool o Working with Patch Management Tools Microsoft Baseline Security Analyzer (MBSA) o Working with Patch Management Tools: MBSA: Scanning Updates in GUI Mode o Working with Patch Management Tools MBSA: Scanning Updates in Command-line Version o Working with Patch Management Tools: Qchain o Working with Patch Management Tools: BigFix Enterprise Suite (BFS) o Working with Patch Management Tools Shavlik NetChk Protect o Working with Patch Management Tools: PatchLink Update o Working with Patch Management Tools: ManageEngine Security Manager Plus o Working with Patch Management Tools: Altiris Patch Management Solution o Working with Patch Management Tools: GFI LANguard Chapter 5: Log Analysis Introduction to Log Analysis o Audit Event o Audit Policy o Log Characteristics o Overview of Logging Overview of Logging: NTsyslog Page 10 of 12

Overview of Logging: Application Logging Overview of Logging: Firewall Logging Reviewing Firewall Logs with the grep Command Overview of Logging: Linux Process Tracking Overview of Logging: Windows Logging Overview of Logging: Organizing Firewall Logs Web Server Logs o Web Server Logs: Apache Logs o Web Server Logs: IIS Logs o Web Server Logs: IIS Logger Limitations of Log File Analysis Syslog Monitoring and Security Events Importance of Time Synchronization Passive Detection Methods EventCombMT Scripting Log Analysis and Auditing Tools Userlock WSTOOL ASDIC Tenshi Log Parsing Tools Log File Rotation Tools Newsyslog System Log Rotation Service (SLRS) Securing Logs Chapter 6: Application Security Introduction to Application Security Difficulties in Web Security Application Threats and Countermeasures Application Dependant Guidance Securing Web Applications o Securing Web Applications: Managing users o Securing Web Applications: Cookies Working of Cookies Page 11 of 12

Persistent vs. Non-Persistent Cookie o Session Tokens o Authentication Tokens o Encrypting Private Data Embedded Application Security IPsec and SSL Security IPsec and SSL in Embedded Systems Network Security Solution for Embedded Applications Embedded Network Security Hardware Instructions Embedded Network Security Hardware Instructions Writing Secure Coding Practice Writing Secure Coding Practice Secure Coding Common Errors Common Error: Buffer Overflow Common Error: Format String Vulnerabilities Common Error: Authentication Common Error: Authorization Common Error: Cryptography Best Practices for Secure Coding Remote Administration Security Implementation Threat Modeling for Web Applications o Threat Modeling for Web Applications: Step1:Identify Security Objective o Threat Modeling for Web Applications: Step 2: Create an Application Overview o Threat Modeling for Web Applications: Step 3: Decompose Your Application o Threat Modeling for Web Applications: Step 4: Identify Threats o Threat Modeling for Web Applications: Step 5: Identify Vulnerabilities Page 12 of 12

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information