Course Title: Penetration Testing: Security Analysis



Similar documents
EC-Council Certified Security Analyst / License Penetration Tester (ECSA/LPT) v4.0 Bootcamp

Course Title: Penetration Testing: Network Threat Testing, 1st Edition

Course Title: Penetration Testing: Network & Perimeter Testing

Course Title: Penetration Testing: Communication Media Testing, 1st Edition

EC-Council Certified Security Analyst (ECSA)

Course Title Penetration Testing: Procedures & Methodologies

Intrusion Detection Systems (IDS)

Using Nessus to Detect Wireless Access Points. March 6, 2015 (Revision 4)

Linux Network Security

Network Security. Tampere Seminar 23rd October Overview Switch Security Firewalls Conclusion

Hackers are here. Where are you?

CS2107 Introduction to Information and System Security (Slid. (Slide set 8)

Network Defense Tools

Intrusion Detection System Based Network Using SNORT Signatures And WINPCAP

NETWORK SECURITY (W/LAB) Course Syllabus

Networking: EC Council Network Security Administrator NSA

ITEC441- IS Security. Chapter 15 Performing a Penetration Test

CH ENSA EC-Council Network Security Administrator Detailed Course Outline

Port Scanning and Vulnerability Assessment. ECE4893 Internetwork Security Georgia Institute of Technology

Certified Ethical Hacker (CEH)

Hackers are here. Where are you?

Chapter 9 Firewalls and Intrusion Prevention Systems

Certified Ethical Hacker (CEH) Ethical Hacking & Counter Measures Course 9962; 5 Days, Instructor-Led

Training Course ECSA/LPT

Information Security. Training

Network Defense Specialist. Course Title: Network Defense Specialist: Securing and Troubleshooting Network Operating Systems

[CEH]: Ethical Hacking and Countermeasures

BUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports

Troubleshooting TCP/IP Networks with Wireshark

Network Security Administrator

Norton Personal Firewall for Macintosh

CYBER ATTACKS EXPLAINED: PACKET CRAFTING

EC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led

FIREWALLS & CBAC. philip.heimer@hh.se

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design

Blended Security Assessments

EC-Council Certified Security Analyst (ECSA)

How To Set Up An Ip Firewall On Linux With Iptables (For Ubuntu) And Iptable (For Windows)

Security Testing in Critical Systems

Network Security and Firewall 1

Intrusion Detection Systems and Supporting Tools. Ian Welch NWEN 405 Week 12

Description: Objective: Attending students will learn:

Network Security Management

SANS Top 20 Critical Controls for Effective Cyber Defense

Overview. Firewall Security. Perimeter Security Devices. Routers

P Principles of Network Forensics P Terms & Log-based Tracing P Application Layer Log Analysis P Lower Layer Log Analysis

Network Forensics: Log Analysis

Analyze. Secure. Defend. Do you hold ECSA credential?

IntruPro TM IPS. Inline Intrusion Prevention. White Paper

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities

NETASQ & PCI DSS. Is NETASQ compatible with PCI DSS? NG Firewall version 9

CRYPTUS DIPLOMA IN IT SECURITY

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

Network/Internet Forensic and Intrusion Log Analysis

Internet Firewall CSIS Internet Firewall. Spring 2012 CSIS net13 1. Firewalls. Stateless Packet Filtering

nmap, nessus, and snort Vulnerability Analysis & Intrusion Detection

CompTIA Network+ (Exam N10-005)

Securing Cisco Network Devices (SND)

Course Title: Virtualization Security, 1st Edition

8. Firewall Design & Implementation

10 Configuring Packet Filtering and Routing Rules

Course Title: Disaster Recovery, 1st Edition

Firewalls. Ola Flygt Växjö University, Sweden Firewall Design Principles

Information Technology Career Cluster Introduction to Cybersecurity Course Number:

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.

CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention. Spring 2013

May 11, (Revision 10)

Threat Center. Real-time multi-level threat detection, analysis, and automated remediation

Firewall Firewall August, 2003

Name. Description. Rationale

Open Source Security Tools for Information Technology Professionals

PROFESSIONAL SECURITY SYSTEMS

Introduction Open Source Security Tools for Information Technology Professionals

Vulnerability Assessment Using Nessus

Professional Penetration Testing Techniques and Vulnerability Assessment ...

NEW YORK INSTITUTE OF TECHNOLOGY School of Engineering and Technology Department of Computer Science Old Westbury Campus

CSE331: Introduction to Networks and Security. Lecture 17 Fall 2006

Introduction of Intrusion Detection Systems

PROTECTING INFORMATION SYSTEMS WITH FIREWALLS: REVISED GUIDELINES ON FIREWALL TECHNOLOGIES AND POLICIES

IDS and Penetration Testing Lab ISA 674

Intrusion Detection Categories (note supplied by Steve Tonkovich of CAPTUS NETWORKS)

CS 356 Lecture 17 and 18 Intrusion Detection. Spring 2013

Nessus and Antivirus. January 31, 2014 (Revision 4)

Firewalls (IPTABLES)

Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks

Web Application Security. Radovan Gibala Senior Field Systems Engineer F5 Networks

Lumeta IPsonar. Active Network Discovery, Mapping and Leak Detection for Large Distributed, Highly Complex & Sensitive Enterprise Networks

Passive Logging. Intrusion Detection System (IDS): Software that automates this process

INFORMATION SECURITY TRAINING CATALOG (2015)

Open Source Security Tool Overview

Some Tools for Computer Security Incident Response Team (CSIRT)

Internet Firewall CSIS Packet Filtering. Internet Firewall. Examples. Spring 2011 CSIS net15 1. Routers can implement packet filtering

Firewalls, Tunnels, and Network Intrusion Detection

IDS / IPS. James E. Thiel S.W.A.T.

Track 2 Workshop PacNOG 7 American Samoa. Firewalling and NAT

Security Event Management. February 7, 2007 (Revision 5)

Transcription:

Course Title: Penetration Testing: Security Analysis Page 1 of 9

Course Description: The Security Analyst Series from EC-Council Press is comprised of five books covering a broad base of topics in advanced penetration testing and information security analysis. The content of this program is designed to expose the reader to groundbreaking methodologies in conducting thorough information security analysis as well as advanced penetration testing techniques. Armed with the knowledge from the Security Analyst series, along with proper experience, readers will be able to perform the intensive assessments required to effectively identify and mitigate risks to the security of the organization's infrastructure. A recent Symantec State of Enterprise Security 2010 report states that ¾ of businesses have experienced a hacking attempt in the past year. The dearth of quality security analysts to thwart any security threats in a timely fashion is one of the major challenges facing organizations today. Organizations need to hire experts in the field of computer security infrastructure or have to train in house security administrators to fight IT security dangers if they are to stand any chance against hackers. EC-Council Certified Security Analyst (ECSA) complements the Certified Ethical Hacker (CEH) certification by exploring the analytical phase of ethical hacking. While CEH exposes the learner to hacking tools and technologies, ECSA takes it a step further by exploring how to analyze the outcome from these tools and technologies. Who Should Attend? Certificate Info Penetration Testing: Security Analysis This course will significantly benefit network server administrators, firewall administrators, security testers, system administrators, and risk assessment professionals. Course Duration: 2 days (9:00 5:00) CPE/ECE Qualification 16 ECE Credits awarded for attendance (1 for each classroom hour) Suggested Retail: $799 USD Page 2 of 9

Page 3 of 9

Required Courseware: Visit www.cengage.com/community/eccouncil and click on Training Workshops for ordering details. What s included? Physical Courseware 1 year Access To EC-Council Student LMS for Practical Labs (if applicable), testing, and Certificate Course + Supplement Cost: See the Training Workshops section at www.cengage.com/community/eccouncil for current pricing information. Related Certificates: Penetration Testing: Communication Media Testing Penetration Testing: Network Threat Testing Penetration Testing: Procedures & Methodologies Penetration Testing: Network & Perimeter Testing Page 4 of 9

Course Briefing: 1. The Need for Security Analysis This module gives us a picture about the information security of the world and the ever increasing security threats looming over us; it is concerned with the theft, fraud/forgery, unauthorized access, interception, or modification of the data. This module deals with the need for security analysis, various security concerns, what data should be protected, challenges to security, preventive steps to be taken, threat agents and risks, information security awareness, and security policies that are crucial for an organization and provision in law of various countries to deal with the information security related issues. 2. TCP/IP Packet Analysis TCP/IP provides a broad range of communication protocols for the various applications on the network; so knowledge of this technology and its security features is crucial in security analysis of a network. This module deals with TCP/IP model, comparison of OSI and TCP/IP models, processes involved in TCP operation, windowing of TCP/IP packets, TCP and UDP operation sequencing numbers, security issues and features of Internet protocol v6 (IPv6), Denial-of-Service (DoS) attacks, TCP and UDP port numbers, ICMP and ICMP control messages. 3. Advanced Sniffing Techniques This module familiarizes with various advanced sniffing techniques using the tool Wireshark. This module deals with the network protocol analyzer Wireshark, its features, IP display filters and commands such as Tshark, Tcpdump, Capinfos, Idl2wrs, Editcap, Mergecap, and Text2pcap, use of Wireshark for network troubleshooting and various scanning techniques, Wireshark DNP3 Dissector Infinite Loop Vulnerability, Timestamps, Packet Reassembling, and Checksums. 4. Vulnerability Analysis with Nessus Nessus is a client-server-based, open-source vulnerability scanner that provides a free, powerful, upto-date, and easy-to-use remote security scanner for business-critical enterprise devices and applications. This module will familiarize you with Nessus and its features, phases involved in Nessus assessment process, procedure in configuring Nessus, Nessus client, process for starting Nessus scan, Plug-in selection, types of plug-ins, identifying false positives, framework to write Nessus plug-ins, installing and running the plug-in, Nessus architecture and design, Nessus user community, Tenable Security Center, simplifying a security scan, wireless scanning for WAPs, and detecting WAPs using the Nessus vulnerability scanner. 5. Designing a DMZ DMZ is a computer host or small network inserted as a neutral zone between a company s private network and the outside public network. DMZ use has become a necessary method of providing a multilayered, defense-in-depth approach to security. Page 5 of 9

This module deals with the DMZ design fundamentals, designing DMZ using IPtables, designing wireless DMZ, designing DMZ specific to the operating systems such as Windows, Solaris, and Linux, best practices of DMZ router and switch, and six ways to stop the data leaks. 6. Snort Analysis Snort is a widely used, open-source, network-based intrusion detection system capable of performing real-time traffic analysis and packet logging on IP networks. It is used to perform protocol analysis and content matching to detect a variety of attacks and probes such as: buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and more. This module deals with Snort operation modes and its features, configuration of Snort for variables, preprocessors, output plug-ins, and rules, stream4 preprocessor and inline functionality, Snort rules which include Snort rule header and rule options, subscribing to the Snort rules and tools used for writing Snort rules. 7. Log Analysis Logs are used to keep track of the network, user activities, and services. This module deals with logs, events that need to be logged, log shipping, different techniques, and tools used for analyzing the logs such as Syslog, web server logs, wired router logs, wireless network devices logs, Windows logs, Unix logs, Linux logs, SQL server logs, Oracle logs, Solaris log files, VPN server logs, firewall logs, IDS logs, and DHCP logs, configuring NTP, use of log analysis and log alert tools. Course Outline: Chapter 1: The Need for Security Analysis Introduction to the Need for Security Analysis Security Concerns What Should Be Protected Reasons Intrusions Succeed Challenges to Security Preventative Steps Threat Agents Needs Assessment Questions How Much Security is Enough? Risk Information Security Awareness Security Policies U.S. Legislation U.K. Legislation Chapter 2: TCP/IP Packet Analysis Introduction to TCP/IP Packet Analysis TCP/IP Protocol Suite Page 6 of 9

TCP (Transmission Control Protocol) Internet Protocol (IP) Other Protocols Chapter 3: Advanced Sniffing Techniques Introduction to Advanced Sniffing Techniques Wireshark: Filters Protocol Dissection Steps to Solve GNU/Linux Server Network Connectivity Issues Network Troubleshooting Methodology Using Wireshark for System Administration Using Wireshark for Security Administration Wireless Sniffing with Wireshark Navigating Wireshark s Packet Details Window Scanning Remote-Access Trojans Wireshark DNP3 Dissector Infinite Loop Vulnerability Time Stamps Packet Reassembling Checksums Chapter 4: Vulnerability Analysis with Nessus Introduction to Vulnerability Analysis with Nessus Features of Nessus Nessus Assessment Process Deployment Requirements Configuring Nessus Updating Nessus Plug-Ins Using the Nessus Client Service Detection Vulnerability Fingerprinting DoS Testing False Positives Writing Nessus Plug-Ins Nessus Architecture and Design Nessus User Community Tenable Security Center Page 7 of 9

Managing Data Simplifying Scans Wireless Access Points (WAPs) Chapter 5: Designing a DMZ Introduction to Designing a DMZ DMZ Concepts DMZ Design Fundamentals Advanced Design Concepts DMZ Architecture Designing a DMZ Using IPtables Designing a Wireless DMZ Specific Operating System Design DMZ Router Security Best Practices DMZ Switch Security Best Practices Six Ways to Stop Data Leaks Chapter 6: Snort Analysis Introduction to Snort Analysis Modes of Operation Features of Snort Configuring Snort How Snort Works Content Matching The Stream4 Preprocessor Inline Functionality Writing Snort Rules Snort Tools Chapter 7: Log Analysis Introduction to Log Analysis Events That Must Be Logged What to Look For in Logs Automated Log Analysis Approaches Log Shipping Analyzing Syslog Analyzing Web Server Logs Analyzing Wired Router Logs Page 8 of 9

Analyzing Wireless Network Device Logs Analyzing Windows Logs Analyzing UNIX Logs Analyzing Linux Logs Analyzing SQL Server Logs Analyzing Oracle Logs Analyzing Solaris Log Files Analyzing VPN Server Logs Analyzing Firewall Logs Analyzing IDS Logs Analyzing DHCP Logs Network Time Protocol Log Analysis Tools Log Alert Tools Page 9 of 9

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information