Price: $1,899.00

Course Number: 6016
Length: 2 Days
Print Friendly, PDF & Email

This course teaches you how to recognize the various stages of attacks and intrusions: scanning, exploits, elevation of privilege, trojans and backdoors. Every attack is different. The source of an attack might be an automated tool, a script kiddy, or a security expert working for a foreign government, and the source strongly effects the style and timing of the attack.

Who Should Attend

Intermediate to advanced, UNIX and NT system and network administrators, incident handling team members, information security and audit professionals, IP network managers.

Objectives

  • Identify vulnerable targets on your system
  • Mitigate your security risks
  • Recognize common and unusual attack patterns
  • Create effective filters, honeypots, and firewalls
  • Know and disable your enemies
  • Recognize real detects versus false alarms, and know when to report them
  • Set up your system to avoid false detects
  • Evaluate ID systems and third-party tools
  • Learn about automated response and manualresponse in relation to real-time analysis
  • Propose and justify ID expenditures to management

Outline

What Is Security?

  • Defining Security

Applied Encryption

  • Symmetric-Key Encryption
  • Asymmetric-Key Encryption

Types of Attacks

  • Specific Attacks

General Security Principles

  • Be Suspicious of All Network Activity
  • You Must Have a Security Policy

Firewalls Roles and Types

  • The Role of a Firewall
  • Firewall Terminology
  • Firewall Configuration Defaults

Firewall Topologies and Virtual Private Networks

  • Design Principles
  • Types of Bastion Hosts
  • Common Firewall Designs
  • ICMP and Firewalls
  • Remote Access and Virtual Private Networks (VPNs)
  • Public-Key Infrastructure (PKI)

Detecting and Distracting Hackers

  • Proactive Detection
  • Distracting the Hacker
  • Punishing the Hacker
  • Creating an Attack-Response Plan

Operating System Security

  • Windows 2000 Security Components
  • Linux Security Architecture
  • Account Security in Windows 2000 and Linux
  • Removing Accounts
  • Renaming Default Accounts

File System Security

  • Windows 2000 File System Security
  • Remote File Access Control
  • Combined Local and Remote Permissions
  • Linux File System Security

Assessing and Reducing Risk

  • Reducing Risks in Windows 2000
  • Reducing Risks in Unix Systems

The Auditing Process

  • What Is an Auditor?
  • Auditing Steps and Stages
  • Discovery Tools and Methods
  • Vulnerability Scanners
  • Additional Auditing Strategies

Auditing Penetration and Control Strategies.

  • Compromising Network Elements
  • Control Phase
  • Auditing and the Control Phase

Intrusion Detection

  • Understanding Intrusion Detection
  • Intrusion-Detection Architectures
  • Creating Rules for an IDS Application
  • IDS Concerns
  • Purchasing an IDS

Auditing and Log Analysis

  • Baseline Creation
  • Analyzing Log Files
  • Filtering Information
  • Securing Log Files
  • Third-Party Logging

Recommending Solutions and Generating Reports

  • Recommending Solutions
  • Generating Reports

Request More Information

  • Please complete the following form and a Tonex Training Specialist will contact you as soon as is possible.

    * Indicates required fields

  • This field is for validation purposes and should be left unchanged.