Hosts HARDENING WINDOWS NETWORKS TRAINING



Similar documents
4. Getting started: Performing an audit

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1

SECURITY BEST PRACTICES FOR CISCO PERSONAL ASSISTANT (1.4X)

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

Implementing and Administering Security in a Microsoft Windows Server 2003 Network

ITEC441- IS Security. Chapter 15 Performing a Penetration Test

Secret Server Qualys Integration Guide

Vulnerability Assessment and Penetration Testing

If you know the enemy and know yourself, you need not fear the result of a hundred battles.

Audit Tools That Won t Break the Bank

Windows Attack - Gain Enterprise Admin Privileges in 5 Minutes

Table of Contents. Introduction. Audience. At Course Completion

2. Installing GFI LANguard Network Security Scanner

Installing GFI LANguard Network Security Scanner

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

Passing PCI Compliance How to Address the Application Security Mandates

Network Defense Specialist. Course Title: Network Defense Specialist: Securing and Troubleshooting Network Operating Systems

Where can I install GFI EventsManager on my network?

Where can I install GFI EventsManager on my network?

Locking down a Hitachi ID Suite server

Web Plus Security Features and Recommendations

Penetration Testing Report Client: Business Solutions June 15 th 2015

CYBERTRON NETWORK SOLUTIONS

Five Steps to Improve Internal Network Security. Chattanooga ISSA

GFI White Paper PCI-DSS compliance and GFI Software products

Preliminary Course Syllabus

Professional Penetration Testing Techniques and Vulnerability Assessment ...

EC-Council Certified Security Analyst (ECSA)

Unit 3 Research Project. Eddie S. Jackson. Kaplan University. IT540: Management of Information Security. Kenneth L. Flick, Ph.D.

SANS Top 20 Critical Controls for Effective Cyber Defense

The Open Cyber Challenge Platform *

IDS and Penetration Testing Lab ISA656 (Attacker)

Protecting Your Organisation from Targeted Cyber Intrusion

Black Box Penetration Testing For GPEN.KM V1.0 Month dd "#$!%&'(#)*)&'+!,!-./0!.-12!1.03!0045!.567!5895!.467!:;83!-/;0!383;!

Venue. Dates. Certified Ethical Hacker (CEH) boot camp. Inovatec College. Nairobi Kenya (exact hotel name to be confirmed

Certified Ethical Hacker Exam Version Comparison. Version Comparison

Cloud Security:Threats & Mitgations

Attack and Penetration Testing 101

Where every interaction matters.

FISMA / NIST REVISION 3 COMPLIANCE

Penetration Testing. University of Sunderland CSEM02 Harry R Erwin, PhD

PCI DSS Requirements - Security Controls and Processes

Fundamentals of a Windows Server Infrastructure MOC 10967

BUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports

Course Duration: 80Hrs. Course Fee: INR (Certification Lab Exam Cost 2 Attempts)

Host Hardening. OS Vulnerability test. CERT Report on systems vulnerabilities. (March 21, 2011)

Intel Security Certified Product Specialist Security Information Event Management (SIEM)

NETWORK AND CERTIFICATE SYSTEM SECURITY REQUIREMENTS

Company Co. Inc. LLC. LAN Domain Network Security Best Practices. An integrated approach to securing Company Co. Inc.

GFI Product Manual. Administrator Guide

Web App Security Audit Services

GFI Product Manual. Administrator Guide

Security FAQs (Frequently Asked Questions) for Xerox Remote Print Services

Table of Contents. Introduction. Audience. At Course Completion

PCI DSS Best Practices with Snare Enterprise Agents PCI DSS Best Practices with Snare Enterprise Agents

McAfee Network Security Platform Administration Course

Today s Topics. Protect - Detect - Respond A Security-First Strategy. HCCA Compliance Institute April 27, Concepts.

Securing Data on Microsoft SQL Server 2012

Network Security Foundations

Threat Modeling. Frank Piessens ) KATHOLIEKE UNIVERSITEIT LEUVEN

EC-Council CAST CENTER FOR ADVANCED SECURITY TRAINING. CAST 616 Securing Windows Infrastructure. Make The Difference CAST.

Managed Intrusion, Detection, & Prevention Services (MIDPS) Why Sorting Solutions? Why ProtectPoint?

Penetration Testing with Kali Linux

How To Secure Your Data Center From Hackers

Implementing Security Update Management

Networking: EC Council Network Security Administrator NSA

IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:

PCI Compliance - A Realistic Approach. Harshul Joshi, CISM, CISA, CISSP Director, Information Technology CBIZ MHM hjoshi@cbiz.com

by New Media Solutions 37 Walnut Street Wellesley, MA p f Avitage IT Infrastructure Security Document

Hackers are here. Where are you?

MCTS Guide to Microsoft Windows 7. Chapter 7 Windows 7 Security Features

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 8 Desktop and Server OS Vulnerabilities

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak CR V4.1

NETWORK PENETRATION TESTING

Patch management with GFI LANguard and Microsoft WSUS

Penetration Testing - a way for improving our cyber security

Medical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak DryView 8150 Imager Release 1.0.

Log Analysis: Overall Issues p. 1 Introduction p. 2 IT Budgets and Results: Leveraging OSS Solutions at Little Cost p. 2 Reporting Security

Payment Card Industry Data Security Standard Payment Card Industry Data Security Standard (PCI / DSS)

Jay Ferron. Blog.mir.net. CEHi, CWSP, CISM, CISSP, CVEi. MCITP, MCT, MVP, NSA IAM.

ManageEngine Desktop Central Training

MS-55096: Securing Data on Microsoft SQL Server 2012

Internal Penetration Test

Alert Notification of Critical Results (ANCR) Public Domain Deployment Instructions

How To Perform An External Security Vulnerability Assessment Of An External Computer System

Microsoft Solutions for Security and Compliance. Windows Server 2003 Security Guide

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

HP A-IMC Firewall Manager

Concierge SIEM Reporting Overview

Windows Assessment. Vulnerability Assessment Course

Security Awareness For Server Administrators. State of Illinois Central Management Services Security and Compliance Solutions

A POLYCOM WHITEPAPER Polycom. Recommended Best Security Practices for Unified Communications

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014

Certified Ethical Hacker (CEH)

CompTIA Security+ (Exam SY0-410)

Five Steps to Improve Internal Network Security. Chattanooga Information security Professionals

Transcription:

BROADVIEW NETWORKS Hosts HARDENING WINDOWS NETWORKS TRAINING COURSE OVERVIEW A hands-on security course that teaches students how to harden, monitor and protect Microsoft Windows based networks. A hardening course based on more than 12 years of security assessment and penetration testing experience. This course goes beyond theory and best practices and delivers proven, field-tested solutions for hardening, monitoring and protecting Microsoft Windows based networks. Students will learn in a hands-on environment that resembles a real world network consisting of Windows 2003/2008 Servers, Windows XP and Windows 7, Exchange, SQL Server, ISA Server, IIS Server and more. Students will learn effective countermeasures to defend against modern attack tools and techniques. Upon completion of the course, students will be able to develop hardened, chaos tolerant networks that are resistant to present and future threats. Students will install and configure a host and network intrusion detection system utilizing Syslog, Snort and Windows Events. Students can export the configuration files for easy deployment in their own networks. A final lab scenario consisting of two phases: Phase One Tests the Student s ability to implement a host and network intrusion detection system on a virtual Windows network. Students must identify intrusion attempts by running a set of automated attacks. Phase Two Tests the Student s ability to harden a virtual Windows network using the various techniques learned during the class. A set of automated attacks will attempt to break into the network, indicating success or failure of successful hardening.

COURSE DETAILS Students will harden a network consisting of: - Microsoft Exchange - Outlook Web Access - Microsoft ISA Server - Microsoft IIS - Microsoft Windows XP/ Windows 7 - Microsoft Windows Server 2003/2008 - Microsoft SQL Server - Microsoft Software Update Services - Firewall Review of Common Exploitation Techniques - Password Attacks - SQL Server Attack - Token Stealing Attack - Process Injection Attack - Remote Exploits - Client Side Exploits - Root Kits - Pivoting Information Gathering and Prevention - Null Session Enumeration - SID/Name Translation - NetBIOS Enumeration - SNMP - LDAP - DNS Active Directory Group Policies - Time Synchronization - Local Security Settings - Top 8 Local Security Settings necessary to secure a Windows network - Exploiting Windows systems before and after Local Security Settings hardening

User Account and Password Management - Windows Password Hashing - User Rights - Least Privileged - Securing Local Administrator accounts - Securing Domain Administrator accounts Authentication Mechanisms - Securing passwords at rest (LM, NTLM, LSA) - Securing passwords in motion (LM, NTLM, NTLMv2, Kerberos) Auditing - Default Windows auditing configuration - Configure auditing to capture security events Event Logs - Default Windows event log configuration - Log retention, rotation and archiving - Event Log Analysis Identifying security related events Vulnerability Scanning Tools and Procedures - Nessus Vulnerability Scanner - GFI LANGuard - Microsoft Baseline Security Analyzer - Free and Open Source tools Log Monitoring and Alerting - Converting Windows events to syslog events - Configure syslog to detect and alert on security events - Monitoring firewall events Host Intrusion Detection - Implement a host intrusion detection system using windows events and syslog

Network Intrusion Detection - Implement a network intrusion detection system using firewall events and syslog - Install Snort intrusion detection software - Configure Snort as a network sensor and forward events to syslog Securing Services and Service Accounts - Locate Service Accounts on a Network - Reduce or eliminate Domain Administrator privilege for service accounts - Process injection attack to elevate privileges Host Firewall Configuration - Configure Microsoft firewall via GPO - Strategies to defend against network Worms Network Traffic Analysis - Using Wireshark to detect malicious activity Proxy Server - Configure proxy settings via GPO - Analyze network attacks before and after proxy deployment File System Security - Share security vs. NTFS security - Distributed File System - Encrypted File System Patch Management Solutions - Deploying patches in a hardened Network - Patching with windows firewall enabled - Patching vs. Hardening Software Restriction Policy - How a software restriction policy can defeat many malicious attacks - Implement and test a simple but effective software restriction policy

Software Deployment through Group Policy - Deploying software in a hardened network - Deploying software with Windows firewall enabled Final Lab - Deploy host and network intrusion detection in a virtual windows network (Snort, syslog, Windows events) - Run automated attacks and identify the source, destination and type of attack - Harden a virtual Windows network - Run automated attacks to test windows hardening

2014 COURSE DATE AND LOCATION: September 21-25 2015 Broadview Networks 1 1530 Taylor Avenue Winnipeg, Manitoba COURSE COST: $2,975.00 + applicable taxes (includes refreshments and lunches each day, course materials and course tool-kit) 10% discount applied for two or more attending from the same company. CANCELLATION POLICY: If you must cancel, please provide written notification via email to training@digitalboundary.net. Cancellations must be received at least 15 business days in advance of the course start date in order to avoid a 50% cancellation fee. If cancellation notice is received less than 5 business days in advance of the course start date, the cancellation fee will be 100%. No refund will be made for non-attendance on the course. Please Note: Business day means every day of the week except Saturday, Sunday and Statutory Holidays.

IF WE CANCEL YOUR COURSE Occasionally it may be necessary for Digital Boundary Group to cancel your course (i.e. if registrations do not reach a required level). In this event, we will give you at least 5 business days notice of the cancellation and will offer an alternative date. If the alternatives given are not convenient, you may cancel your registration at no charge. Terms and Conditions: 1. Payment of the course registration fee, plus applicable taxes, is required to be received, at the address listed on the registration form, 15 business days in advance of the scheduled start of the course in order to complete the registration process. 2. Course fees must be paid by cheque made payable to Digital Boundary Group. 3. Confirmation of registration will only be made on receipt of full payment of the course fees and applicable taxes. 4. CANCELLATION POLICY: Please refer to above The International Information Systems Security Certification Consortium, Inc. accepts Digital Boundary Group s Security Training Program as credit toward meeting the Continuing Professional Education requirements to maintain the Certified Information Systems Security Professional (CISSP) designation (CISSP Constituents will earn 32 CPE credits)

Hardening Windows Networks Training Registration Course Information Course Location: Broadview Networks Course Dates: April 29 May 2 1 1530 Taylor Avenue Winnipeg MB R3N 1Y1 Course Price: $2,975.00 + applicable taxes Registration Name: Position: Name of Organization: Address of Organization: Telephone: Cell Phone: Fax: E-mail: Industry: Fax completed registration to: (204) 984-9899 OR (519) 652-8660 Or mail completed registration and payment to: Broadview Networks OR Digital Boundary Group 1-1530 Taylor Avenue 4226 Raney Crescent Winnipeg, Manitoba London, Ontario R3N 1Y1 N6L 1C3 For more information please call: 1-800-747-3557 ext. 248

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information