SCP - Strategic Infrastructure Security



Similar documents
Certified Ethical Hacker (CEH)

Network Security and Firewall 1

Principles of Information Assurance Syllabus

Port Scanning and Vulnerability Assessment. ECE4893 Internetwork Security Georgia Institute of Technology

Ethical Hacking Course Layout

Computer Forensics Training - Digital Forensics and Electronic Discovery (Mile2)

AN OVERVIEW OF VULNERABILITY SCANNERS

Description: Objective: Attending students will learn:

Build Your Own Security Lab

CYBERTRON NETWORK SOLUTIONS

1 hours, 30 minutes, 38 seconds Heavy scan. All scanned network resources. Copyright 2001, FTP access obtained

Linux Operating System Security

Security Considerations White Paper for Cisco Smart Storage 1

CSSIA CompTIA Security+ Domain. Network Security. Network Security. Network Security. Network Security. Network Security

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 8 Desktop and Server OS Vulnerabilities

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Network Security. 1 Pass the course => Pass Written exam week 11 Pass Labs

IDS 4.0 Roadshow. Module 1- IDS Technology Overview. 2003, Cisco Systems, Inc. All rights reserved. IDS Roadshow

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak DryView 8150 Imager Release 1.0.

Five Steps to Improve Internal Network Security. Chattanooga ISSA

MCTS Guide to Microsoft Windows 7. Chapter 7 Windows 7 Security Features

CISCO IOS NETWORK SECURITY (IINS)

Vulnerability Assessment and Penetration Testing

Certified Ethical Hacker Exam Version Comparison. Version Comparison

Network Security Fundamentals

E-Commerce Security. The Client-Side Vulnerabilities. Securing the Data Transaction LECTURE 7 (SECURITY)

APNIC elearning: Network Security Fundamentals. 20 March :30 pm Brisbane Time (GMT+10)

COURCE TITLE DURATION LPI-202 Advanced Linux Professional Institute 40 H.

ITEC441- IS Security. Chapter 15 Performing a Penetration Test

Tim Bovles WILEY. Wiley Publishing, Inc.

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

Securing your Virtual Datacenter. Part 1: Preventing, Mitigating Privilege Escalation

Högskolan i Halmstad Sektionen för Informationsvetenskap, Data- Och Elektroteknik (IDÉ) Ola Lundh. Name (in block letters) :

Penetration Testing Report Client: Business Solutions June 15 th 2015

CRYPTUS DIPLOMA IN IT SECURITY

GL550 - Enterprise Linux Security Administration


CSE331: Introduction to Networks and Security. Lecture 17 Fall 2006

ENTERPRISE LINUX SECURITY ADMINISTRATION

ANNEXURE-1 TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/1896. Network Security Software Nessus- Technical Details

ENTERPRISE LINUX SECURITY ADMINISTRATION

Scan Report Executive Summary. Part 2. Component Compliance Summary IP Address :

TELE 301 Network Management. Lecture 16: Remote Terminal Services

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD CCNA SECURITY. VERSION 1.0

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM

CS 348: Computer Networks. - Security; 30 th - 31 st Oct Instructor: Sridhar Iyer IIT Bombay

Security + Certification (ITSY 1076) Syllabus

Windows Remote Access

GL-550: Red Hat Linux Security Administration. Course Outline. Course Length: 5 days

VMware: Advanced Security

Host Hardening. OS Vulnerability test. CERT Report on systems vulnerabilities. (March 21, 2011)

Small Systems Solutions is the. Premier Red Hat and Professional. VMware Certified Partner and Reseller. in Saudi Arabia, as well a competent

Asheville-Buncombe Technical Community College Department of Networking Technology. Course Outline

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Implementing Secured Converged Wide Area Networks (ISCW) Version 1.0

Client logo placeholder XXX REPORT. Page 1 of 37

HP Education Services

How To Secure An Rsa Authentication Agent

Reverse Shells Enable Attackers To Operate From Your Network. Richard Hammer August 2006

Securing Cisco Network Devices (SND)

CS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module

Ethical Hacking and Information Security. Foundation of Information Security. Detailed Module. Duration. Lecture with Hands On Session: 90 Hours

Five Steps to Improve Internal Network Security. Chattanooga Information security Professionals

A43. Modern Hacking Techniques and IP Security. By Shawn Mullen. Las Vegas, NV IBM TRAINING. IBM Corporation 2006

FRONT RUNNER DIPLOMA PROGRAM INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months

Codes of Connection for Devices Connected to Newcastle University ICT Network

PTSv2 in pills: The Best First for Beginners who want to become Penetration Testers. Self-paced, online, flexible access

CS 640 Introduction to Computer Networks. Network security (continued) Key Distribution a first step. Lecture24

Directory and File Transfer Services. Chapter 7

CMSC 421, Operating Systems. Fall Security. URL: Dr. Kalpakis

Eleventh Hour Security+

Web Application Vulnerability Testing with Nessus

Penetration Testing with Kali Linux

A Comparative Study of Security Features in FreeBSD and OpenBSD

1 Scope of Assessment

Web Application Threats and Vulnerabilities Web Server Hacking and Web Application Vulnerability

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)

GL254 - RED HAT ENTERPRISE LINUX SYSTEMS ADMINISTRATION III

Cornerstones of Security

ABC LTD EXTERNAL WEBSITE AND INFRASTRUCTURE IT HEALTH CHECK (ITHC) / PENETRATION TEST

Security Threat Kill Chain What log data would you need to identify an APT and perform forensic analysis?

NETASQ SSO Agent Installation and deployment

information security and its Describe what drives the need for information security.

JK0 015 CompTIA E2C Security+ (2008 Edition) Exam

Fundamentals of Network Security - Theory and Practice-

CSE331: Introduction to Networks and Security. Lecture 32 Fall 2004

TEXAS AGRILIFE SERVER MANAGEMENT PROGRAM

Andreas Dittrich, Philipp Reinecke Testing of Network and System Security. example.

LINUX SECURITY COOKBOOK. DanieIJ. Barren, Richard E Silverman, and Robert G. Byrnes

Network Security Administrator

Chapter 17. Transport-Level Security

INTRUSION DETECTION SYSTEMS and Network Security

Information Technology Career Cluster Introduction to Cybersecurity Course Number:

Guidelines for Website Security and Security Counter Measures for e-e Governance Project

Cyber Hygiene for Physical Security

Nixu SNS Security White Paper May 2007 Version 1.2

Transcription:

SCP - Strategic Infrastructure Security Lesson 1 - Cryptogaphy and Data Security Cryptogaphy and Data Security History of Cryptography The number lock analogy Cryptography Terminology Caesar and Character Substitution Linguistic Patterns: frequency Polyalphabetic Ciphers Vigenère chart, to be used with a keyword Other Ciphers Others Rotor Machines Lessons learned from cracking Enigma Introduction to CrypTool Demo - Installing Cryptool Demo - Classical Encryption Analysis Topic 1B: Math and Algorithms Relatively Prime Mod Math Mod Math Examples Logic Operations Topic 1C: Private Key Exchange Keys Symmetric Keys DES in CBC mode Feistel structure Symmetric Algorithms Digital Encryption Standard (DES) DES Modes of Operation Demo - DES ECB and CBC Analysis Triple DES Advanced Encryption Standard: Rijndael Key Management Topic 1D: Public Key Exchange Asymmetric key cryptography The basic process of asymmetric key cryptography Public key cryptography requirements What is computationally infeasible? Asymmetric vs. Symmetric - Comparison Diffie-Hellman Diffie-Hellman Example RSA RSA Example RSA Example, encrypt Demo - Create Your RSA Key Pair Demo - Creating RSA Keys Demo - Encrypting and Decrypting with RSA Demo - Cracking an RSA Encrypted Message Public Key Management Topic 1E: Message Authentication Lesson 1 Review 1h 39m

Lesson 2 - Hardening LINUX Hardening LINUX Demo - Navigating in Linux Demo - Exploring YaST Topic 2B - Investigate Process Management in Linux Demo - Viewing System Information Demo - Modifying Process Behavior System Startup / Shutdown Security Demo - Password Protection of Linux Startup Topic 2B - Investigate Process Management in Linux (Cont.) Demo - Stopping Unneeded Services Demo - Modifying Process Runlevels Topic 2B - Investigate Process Management in Linux (Cont..) Demo - Mounting a Device Topic 2B - Investigate Process Management in Linux (Cont ) Demo - Installing Webmin via RPM Demo - Installing John the Ripper from Source Code Topic 2C Manage Linux User and Filesystem Security Demo - Creating and Modifying Users and Groups Topic 2C Manage Linux User and Filesystem Security (Cont.) Demo - Changing User Contexts With SU Topic 2C Manage Linux User and Filesystem Security (Cont..) Shadow Password File Managing Passwords Demo - Viewing the Password Files Demo - Managing Passwords Topic 2C Manage Linux User and Filesystem Security (Cont...) Demo - Viewing File Details File and Directory Permissions Five characters in the permission fields Binary, Octal Numbers, and Permissions Topic 2C Manage Linux User and Filesystem Security (Cont...) Demo - Creating Object Ownership Demo - Assigning Permissions Demo - Verifying Permissions umask Settings Demo - Configuring umask Settings Topic 2C Manage Linux User and Filesystem Security (Cont..) Demo - Using PAM with vsftp Topic 2C - Manage Linux User and Filesystem Security (Cont...) Demo - Logging Recent Login Activity Topic 2D - Manage Linux Security Demo - Configuring Network Interfaces Topic 2D - Manage Linux Security (Cont.) Demo - Managing Telnet with Xinetd Topic 2D - Manage Linux Security (Cont..) Demo - Controlling Access with TCP Wrappers Topic 2D - Manage Linux Security (Cont...) Demo - Configuring an SSH Server Demo - Configuring an SSH Client Topic 2D - Manage Linux Security (Cont...) Demo - Using SCP to Securely Transfer Files Demo - Preventing root SSH logins by Modifying the sshd_config file Securing Network Services Demo - Sharing Data with NFS Topic 2D - Manage Linux Security (Cont...) 3h 34m

Demo - Verifying Export Permissions Topic 2D - Manage Linux Security (Cont...) Demo - Configuring the Samba Server Topic 2E - Create Scripts for Linux Demo - I/O Redirection Shell scripts Simple script examples Demo - Writing Simple Shell Scripts Topic 2F - Harden Linux Demo - Installing and Exploring Bastille Topic 2E - Create Scripts for Linux (Cont.) Lesson 2 Review Lesson 3 - Hardening Windows Hardening Windows Topic 3A Examine the concepts of Windows 2003 infrastructure security Demo - Configuring a Custom MMC and GPO Demo - Editing a GPO Topic 3B Examine the fundamentals of authentication in Windows 2003 Demo - Configuring NTLMv2 Authentication Topic 3C Implement Windows 2003 security configuration tools Demo - Securing Administrator Account Access Demo - Testing Administrative Access Group Policies Demo - Verifying Password Requirements Security Templates Demo - Analyzing Default Password Settings of Security Templates Demo - Creating a Custom Security Template Topic 3C - Implement Windows 2003 security configuration tools (Cont.) Demo - Investigating the Security Configuration and Analysis Snap-In Demo - Implementing the Template Demo - Analyzing the Current Security Settings of the Local System Topic 3D Secure Windows 2003 resources Demo - Setting Registry Permissions Demo - Exporting Registry Information Demo - Blocking Registry Access Topic 3D Secure Windows 2003 resources (Cont.) Demo - Installing Security Configuration Wizard Demo - Using the Security Configuration Wizard Topic 3E Configure Windows 2003 auditing and logging Demo - Enabling Auditing Demo - Logging SAM Registry Access Topic 3E Configure Windows 2003 auditing and logging (Cont.) Demo - Viewing the Registry Audit Topic 3E - Configure Windows 2003 auditing and logging (Cont..) Demo - Creating Events Demo - Viewing Event Logs Topic 3F - Examine and configure EFS on Windows 2003 Demo - Encrypting Files Topic 3G - Examine the methods of securing networ communications in a Windows 2003 network Demo - Configuring TCP/IP in the Registry Topic 3G - Examine the methods of securing network communications in a Windows 2003 network (Cont.) Demo - Configuring Port and Protocol Filtering Topic 3G - Examine the methods of securing network communications in a Windows 2003 network (Cont..) Demo - Enabling Windows Firewall Demo - Configuring Windows Firewall 2h 06m

Demo - Configure Server 2003 Lesson 3 Review Lesson 4 - Attack Technique Attack Techniques Topic 4A - Network Reconnaissance Information Learned in the Whois Lookup Topic 4B - Mapping the Network Demo - Using Windows Tracing Tools Using Graphical Tracing Tools Demo - Using VisualRoute Topic 4C: Sweeping the Network Ping Sweep Tools SuperScan 3.0 in default mode, before a scan begins Demo - Using Super Scan Topic 4D: Scanning the Network Demo - Installing Linux Tools Demo - Using Nmap Demo - Using SuperScan Identifying the Operating System and O/S Version Demo - Using Nmap to Identify an Operating System Demo - Using Nmap Front End Topic 4E - Perform Vulnerability Scanning Demo - Installing Nessus Topic 4E - Perform Vulnerability Scanning (Cont.) Demo - Configuring Nessus Scan Demo - Custom Nessus Scanning Demo - Network Scanning Topic 4F - Viruses, Worms, & Trojan Horses The Trojan Horse Famous Trojans Topic 4G - Gain Control over a Network System Demo - Windows to Windows Netcat Demo - Linux to Windows Netcat Topic 4H - Record Keystrokes Demo - Using Software Keystroke Logging Topic 4I - Crack Encrypted Passwords Topic 8J: Reveal Hidden Passwords Demo - Revealing Hidden Passwords Topic 4K: Social Engineering Topic 4L: Perform a Denial of Service Demo - Flooding with Udpflood Lesson 4 Review Lesson 5 - Security on the Internet and the WWW Security on the Internet and the WWW Major Components of the Internet Weak Points of the Internet Topic 5B - Secure DNS Servers Demo - Installing a DNS Server on Windows Server 2003 Topic 5B - Secure DNS Servers (Cont.) Demo - Creating a Primary Reverse Lookup Zone Demo - Creating a Primary Forward Lookup Zone Demo - Creating A and PTR Records in the DNS Demo - Enabling Zone Transfers Demo - Reviewing Pollution and Recursion Settings 2h 04m 1h 55m

Demo - Filtering the Interface to Accept Only DNS Traffic Topic 5B - Secure DNS Servers (Cont..) Best Practices for DNS Hardening Topic 5C - Identify attack points on the Internet, and Secure Web Servers IIS Security Demo - Installing IIS 6.0 Demo - Implementing a Website Demo - Starting and Stopping the Web Server Topic 5C - Identify attack points on the Internet, and Secure Web Servers (Cont.) Demo - Investigating IIS Security Demo - Controlling Performance Settings Topic 5C - Identify attack points on the Internet, and Secure Web Servers (Cont..) Demo - Install the MBSA and Scan a system for vulnerabilities Demo - Applying a Patch to Mitigate and IIS 6.0 Vulnerability Topic 5C - Identify attack points on the Internet, and Secure Web Servers (Cont...) Demo - Installing Apache 2.x on SuSe Linux 10.0 Demo - Basic Configuration of the Apache Web server Demo - Securing your Apache Web Server - Disabling Modules Apache Best Practices Topic 5D - Secure Internet Users Demo - Installing Internet Explorer 7.0 Demo - Viewing the General Settings for Your Browser Demo - Viewing the Advanced Settings Default Security Settings Demo - Examine Security Levels for Zones Demo - Adding Sites to a Zone Other Features Email Security Demo - Basic Security Settings to Take Care of With Your Email Client Lesson 5 Review Lesson 6 - Risk Analysis Risk Analysis Topic 6A - Concepts of Risk Analysis Predicting Risk Quantifying Risk Minimize or Mitigate Risk Costs Versus Protection What is at Risk? What is a Threat? Vulnerability Analysis Likelihood of Occurrence Common Threats Topic 6B - Methods of Risk Analysis Qualitative Risk Analysis Facilitated Risk Analysis Process (FRAP) Vulnerability Levels Impact Levels Replacement Models Topic 6C: The Process of Risk Analysis Stage One: Inventory Stage Two: Threat Assessment Stage Three: Evaluation of Control Stage Four: Management Stage Five: Monitoring An Alternative Method 46m

General Techniques to Minimize Risk General Techniques Specific Minimization Techniques Topic 6E - Continual Risk Analysis Continuous Risk Assessment Process Security Technology Management Vulnerability Management Exploitation Management Systems Availability Lesson 6 Review Lesson 7 - Security Policy Security Policy Topic 7A - Concepts of Security Policies Policy Benefits How to Start A Question of Trust Policy Committee Are Policies Political? Topic 7B - The Policy Design Policy Standards 10 Sections Topic 7C - Policy Contents The Acceptable Use Policy The User Account Policy The Remote Access Policy The Information Protection Policy The Network Connection Policy The Strategic Partner Policy The Privileged Access Policy The Password Policy The Internet Access Policy The Internet Policy Miscellaneous Policies Topic 7D - An Example Policy Samples Topic 7E - Incident Handling and Escalation Procedures Sample Escalation Procedures for Security Incidents Incident Handling Topic 7F - Partner Policies Sample Partner Connection Policy Lesson 7 Review Lesson 8 - Analyzing Packet Signatures Analyzing Packet Signatures Topic 8A - Describe the Concepts of Signature Analysis Common Vulnerabilities and Exposures (CVE) CVE Classification Signatures Come Common Exploits Some Common Reconnaissance Scans Some Common DoS Attacks Topic 8D - Normal Traffic Signatures Ping Signatures Demo - Ping Signatures Web Signatures 50m 37m

FTP Signatures Telnet Signature Topic 8E - Abnormal Traffic Signatures Ping Sweep Port Scan Backdoor Signatures Demo - Trojan Scans Nmap Scans Demo - Nmap scans Lesson 8 Review Course Closure Total Duration: 13:hrs 20 min

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information