Course 9004: Security Training Boot Camp

Tonex Security Essential Bootcamp covers  Computer, Software & Network Security allows IT professionals, system and network administrators, incident handling team members, information assurance and audit professionals, the opportunity to gain knowledge and experience in various fields of computer and network security, intrusion detection, virtual private networks and security management.

 TONEX Security Essential Training Boot Camp at a glance:

• Network Penetration Testing
• Ethical Hacking 
• Hacker Techniques, Exploits & Incident Handling
• Computer Forensics, Investigation, and Response
• Wireless Security Essentials
• Overview of Cryptography and Cryptanalysis
• Wireless Ethical Hacking, Penetration Testing, and Defenses
• Risk Assessment and Auditing
• Auditing Networks, Perimeters & Systems
• Host and Network Based Intrusion Detection
• Honeypots, Firewalls and Perimeter Protection
• Security Policy
• Password Management
• Security Incident Handling
• Information Warfare
• Web Security
• Network Fundamentals and TCP/IP Concepts
• Cisco Router Filters
• Primary Threats for Perimeter Protection
• PGP, Steganography
• Anti-Viral Tools
• Windows (2000, XP, 2003, Vista) Security Administration and Auditing
• Unix Security Fundamentals
• Linux Security Administration and Auditing
  

• Security Planning, Assessment, and Implementation
• Security Architecture and Models
• Availability, Integrity, and Confidentiality
• Security Management
• Cryptography Algorithms
• Cryptographic Attack and Defense Mechanisms
• Risk Management
• IT Security Auditing, Attacks, and Threat Analysis
• Operations Security
• Business Continuity Planning
• Intrusion Detection, Attacks and Countermeasures
• System Security
• Physical Security
• Access Control Systems
• Applications and Systems Security
• Firewalls
• Network and Web Security
• Security in SNMPv3 and IPv6
• Telecommunications Security
• Wireless Security
• Public Key Infrastructure
• Enterprise PKI
• Virtual Private Networks (VPN) Fundamentals
• Security Administration
• Law, Investigation and Ethics
• Security Policies, Standards, and Guidelines
• Computer crime laws and regulations

Network Security and Firewalls teaches you how to secure your network from unauthorized activity. This course teaches you about security principles, such as establishing an effective security policy, and about the different types of hacker activities that you are most likely to encounter.

What Is Security?

Elements of Security

• The Security Policy
• Encryption
• Authentication
• Specific Authentication Techniques
• Access Control
• Auditing
• Security Tradeoffs and Drawbacks

Applied Encryption

• Cryptography and Cryptanalysis
• Encryption Review
• Reasons to Use Encryption
• Creating Trust Relationships
• Rounds, Parallelization and Strong
• Encryption
• Symmetric-Key Encryption
• Symmetric Algorithms
• Asymmetric Encryption
• Hash Encryption
• Applied Encryption Processes
• Public-key cryptography

Types of Attacks

• Attack Categories
• Brute-Force and Dictionary Attacks
• System Bugs and Back Doors
• Social Engineering and Non-Direct
• Attacks

General Security Principles

• Common Security Principles: Introduction
• Be Paranoid
• You Must Have a Security Policy
• No System or Technique Stands Alone
• Minimize the Damage
• Deploy Companywide Enforcement
• Provide Training
• Use an Integrated Security Strategy
• Place Equipment According to Needs
• Identify Security Business Issues
• Consider Physical Security
• Protocol Layers and Security
• TCP/IP Security Introduction
• TCP/IP and Network Security
• The TCP/IP Suite and the OSI Reference
• Model
• Physical Layer
• Network Layer
• Transport Layer
• Application Layer

Securing Resources

• TCP/IP Security Vulnerabilities
• Implementing Security
• Resources and Services
• Protecting TCP/IP Services
• Simple Mail Transfer Protocol (SMTP)
• Testing and Evaluating
• Implementing New Systems and Settings
• Security Testing Software
• Security and Repetition

Firewalls and Virtual Private Networks

• Access Control Overview
• Definition and Description of a Firewall
• The Role of a Firewall
• Firewall Terminology
• Firewall Configuration Defaults
• Creating Packet Filter Rules
• Packet Filter Advantages and
• Disadvantages
• Configuring Proxy Servers
• Remote Access and Virtual Private Networks (VPNs)
• Public Key Infrastructure (PKI)

Levels of Firewall Protection

• Designing a Firewall
• Types of Bastion Hosts
• Hardware Issues
• Common Firewall Designs
• Putting It All Together

Detecting and Distracting Hackers

• Preparing for the Inevitable
• Proactive Detection
• Distracting the Hacker
• Deterring the Hacker

Incident Response

• Planning for Response
• Create a Response Policy
• Decide Ahead of Time
• Do Not Panic
• Document Everything
• Assess the Situation
• Stop or Contain Activity
• Execute the Response Plan
• Analyze and Learn

Day 3: Operating System Security

Operating System Security is a course designed to teach students the latest security industry recommendations and how to properly protect Windows 2000 and Linux servers in a variety of settings. Students will learn how to protect Windows 2000 and Linux systems from attacks, reconfigure the operating system to fully protect it, and scan hosts for known security problems. By the end of the course, students will have a solid understanding of the security architectures used by Windows 2000 and Linux.

Security Principles

• Overview of Security Principles
• Definition of Security
• Evaluation Criteria
• Security Levels
• Security Mechanisms
• Security Management
• Windows 2000 Security
• Windows 2000 Security Architecture
• Linux Security
• Pluggable Authentication Modules (PAMs)
• Account Security
• Securing Accounts: An Overview
• Passwords
• Verifying System State
• Password Aging in Linux

File System Security

• File System Security Overview
• Windows 2000 File System Security
• Remote File Access Control
• Linux File System Security

Assessing Risk

• Risk Assessment Basics
• Security Threats
• Windows 2000 Security Risks
• General UNIX Security Vulnerabilities
• Keyloggers
• System Port Scanning
• UNIX Security Risks
• NIS Security Concerns
• NFS Security Concerns

Reducing Risk

• Reducing Risk through Simplification
• Patches and Fixes
• Windows 2000 Registry Security
• Disabling and Removing Unnecessary
• Services in Windows 2000
• Reducing Risk in Linux Systems

Day 4-5: Security Auditing, Attacks, Threat Analysis and Wireless Security 

Security Auditing, Attacks, and Threat Analysis teaches you how to conduct a security audit. It teaches you how to perform the different phases of an audit, including discovery and penetration. You will also learn how to prevent hackers from controlling your network, and how to generate effective audit reports that can help organizations better their security and become up to date with industry security standards. Finally, you will learn about how to recommend industry-standard security solutions for your enterprise. As you examine different threats and learn more about how network hosts participate on a network, you will determine how to assess and manage the risk posed to each system. This course introduces various tools to help you in the auditing process; you will use some of these tools in the labs. You will also study international standards, along with time-tested methods for auditing a network efficiently. After completing this course, you will have in-depth training and experience in analyzing the hacker process and associated methodologies. You will be able to counteract attacks using specific, practical tools, including enterprise-grade security-scanning and intrusion-detection programs. You will also learn how to analyze your findings and make recommendations for establishing the best security possible in a given scenario.

Security Auditing

• Introduction to Auditing
• What Is an Auditor?
• What Does an Auditor Do?
• Auditor Roles and Perspectives
• Conducting a Risk Assessment
• Risk Assessment Stages
• Discovery Methods
• Discovery
• Security Scans
• Enterprise-grade Auditing Applications
• Social Engineering
• What Information Can You Obtain?

Auditing Server Penetration and Attack Techniques

• Network Penetration
• Attack Signatures and Auditing
• Compromising Services
• Common Targets
• Routers
• Databases
• Web and FTP Servers
• E-mail Servers
• Naming Services
• Auditing for System Bugs
• Auditing Trap Doors and Root Kits
• Auditing Denial-Of-Service Attacks
• Combining Attack Strategies
• Denial of Service and the TCP/IP Stack

Security Auditing and the Control Phase

• Network Control
• Control Phase Goals
• UNIX Password File Locations
• Control Methods
• Auditing and the Control Phase

Intrusion Detection

• What Is Intrusion Detection?
• IDS Applications and Auditing
• Intrusion Detection Architecture
• IDS Rules
• IDS Actions
• False Positives
• Intrusion-Detection Software
• Purchasing an IDS
• Auditing with an IDS

Auditing and Log Analysis

• Log Analysis
• Baseline Creation
• Firewall and Router Logs
• Operating System Logs
• Filtering Logs
• Suspicious Activity
• Additional Logs
• Log Storage
• Auditing and Performance Degradation

Audit Results

• Auditing Recommendations
• Creating the Audit Report
• Improving Compliance
• Improving Router Security
• Enabling Proactive Detection
• Host Auditing Solutions
• Replacing and Updating Services
• Secure Shell (SSH)
• SSH and DNS

Wireless Security

• 802.11 Security Basics
• Attacks and Risks
• Rudimentary security measures
• Station Security
• Gateway Security
• Intermediate Security Measures
• Advanced Security Measures
• Hardware & Software Solutions
• Prevention & Countermeasures
• Implementation and Management

HANDS-ON Labs and Workshops and Exercises

(Requires LINUX and Windows 2000)

Extensive exercises and workshops provide the boot camp attendees with practical experience analyzing system and network security.

• Experienced instructors including senior executives, managers, authors, educators, consultants, course developers, and CTOs.
• Real life examples and practices
• Small class size
• Personalized instructor mentoring
• Ongoing post-training support via e-mail and phone

On-Site Classes 

On-site classes can also be tailored to meet your needs. You might shorten a 20-day class into a 5-day class, or combine portions of several related courses into a single course, or have the instructor vary the emphasis of topics depending on your staff's and site's requirements. We require a minimum of five employees and above. The CISSP (Certified Information Systems Security Professionals) exam is a six-hour, monitored paper-based exam covering 10 domains of information system security knowledge, each representing a specific area of expertise.

Customize your Boot Camp
TONEX Boot camps can be tailored to meet your specific needs. At TONEX, we gain an in-depth understanding of your organization and your training requirements. We can then customize the Boot Camp to match your project and the attendees' experience and requirements.

• Courses can be delivered to your office, providing content and focus integrated with the immediate needs of your organization.
• TONEX extracts the key elements of the course topics and packages them into an efficient and cost effective Boot Camp by eliminating the overlap and introductory redundancy.
• A customized Boot Camp gives provides immersion into a subject in a comparatively short period of time. For those requiring more detailed views, we offer Advanced courses.

Don't delay -- Space is limited!
Take advantage of group discounts! Organize a group enrollment -- you save your company money and enhance the skills of everyone who attends. Register Now!