Course Number: 6005
Length: 4 Days
What is a TONEX Boot Camp?
TONEX Boot Camps are intensive, weeklong learning experiences that cover the essential elements of your chose subject. Boot camps are ideal for busy professionals who want to stay current in their fields but have limited time to be away from the office.
All boot camp includes:
- Experienced instructors including senior technology leaders, project managers, technical authors, engineers, educators, consultants, course developers, and CTOs.
- Real life examples and practices.
- Small class size.
- Personalized instructor mentoring.
- Pre-training discussions
- Ongoing post-training support via e-mail, phone and WebEx.
What will you learn at the TONEXIT Security Training Boot Camp?
Many organizations are now faced with the challenge of information exchange for its employees, suppliers, partners and customers. The Internet, World Wide Web, along with private networks has allowed this information to exchange more quickly than ever, but information exchange has not come without risk. With more reports of attacks against networks, IT managers are faced with the responsibility of protecting their data.
Tonex Security Bootcamp covers Computer, Software & Network Security allows IT professionals, system and network administrators, incident handling team members, information assurance and audit professionals, the opportunity to gain knowledge and experience in various fields of computer and network security, intrusion detection, virtual private networks and security management.
This 4-day security bootcamp, will teach you the language and underlying theory of computer, information and network security. The attendees will build on their knowledge and professional experience with computer and information security as they acquire the specific skills required to implement basic and advanced security services on any type of computer network and IT system.
Who Should Attend
Security ProfessionalsSecurity OfficersAuditorsSite AdministratorsAnyone new to information security and wants to fill the gaps in their understanding of technical information securityand anyone else who is concerned about the integrity of the network infrastructure and anyone new to network, computer and information security
Objectives
TONEX Security Training Boot Camp covers:
- Network Penetration Testing
- Ethical Hacking
- Hacker Techniques, Exploits & Incident Handling
- Computer Forensics, Investigation, and Response
- Wireless Security Essentials
- Overview of Cryptography and Cryptanalysis
- Wireless Ethical Hacking, Penetration Testing, and Defenses
- Risk Assessment and Auditing
- Auditing Networks, Perimeters & Systems
- Host and Network Based Intrusion Detection
- Honeypots, Firewalls and Perimeter Protection
- Security Policy
- Password Management
- Security Incident Handling
- Information Warfare
- Web Security
- Network Fundamentals and TCP/IP Concepts
- Cisco Router Filters
- Primary Threats for Perimeter Protection
- PGP, Steganography
- Anti-Viral Tools
- Windows (2000, XP, 2003, Vista) Security Administration and Auditing
- Unix Security Fundamentals
- Linux Security Administration and Auditing
Outline
Day 1 and 2: Network Security and FirewallsNetwork Security and Firewalls teaches you how to secure your network from unauthorized activity. This course teaches you about security principles, such as establishing an effective security policy, and about the different types of hacker activities that you are most likely to encounter.
What Is Security?
- Network Security Background
- What Is Security?
- Hacker Statistics
- What Is the Risk?
- The Myth of 100-Percent Security
- Attributes of an Effective Security Matrix
- What You Are Trying to Protect
- Who Is the Threat?
- Security Standards
- Elements of Security
- Security Concepts and Mechanisms
- Detecting and Analyzing Intrusions
- Vulnerability Assessment: Protecting Your Organization
- Exposing Network Weaknesses
- Ethical Hacking and Countermeasures: Hands-On
- Preventing Network and System Breaches
Elements of Security
- The Security Policy
- Encryption
- Authentication
- Specific Authentication Techniques
- Access Control
- Auditing
- Security Tradeoffs and Drawbacks
Applied Encryption
- Cryptography and Cryptanalysis
- Encryption Review
- Reasons to Use Encryption
- Creating Trust Relationships
- Rounds, Parallelization and Strong
- Encryption
- Symmetric-Key Encryption
- Symmetric Algorithms
- Asymmetric Encryption
- Hash Encryption
- Applied Encryption Processes
- Public-key cryptography
Types of Attacks
- Attack Categories
- Brute-Force and Dictionary Attacks
- System Bugs and Back Doors
- Social Engineering and Non-Direct
- Attacks
General Security Principles
- Common Security Principles: Introduction
- Be Paranoid
- You Must Have a Security Policy
- No System or Technique Stands Alone
- Minimize the Damage
- Deploy Companywide Enforcement
- Provide Training
- Use an Integrated Security Strategy
- Place Equipment According to Needs
- Identify Security Business Issues
- Consider Physical Security
- Protocol Layers and Security
- TCP/IP Security Introduction
- TCP/IP and Network Security
- The TCP/IP Suite and the OSI Reference
- Model
- Physical Layer
- Network Layer
- Transport Layer
- Application Layer
Securing Resources
- TCP/IP Security Vulnerabilities
- Implementing Security
- Resources and Services
- Protecting TCP/IP Services
- Simple Mail Transfer Protocol (SMTP)
- Testing and Evaluating
- Implementing New Systems and Settings
- Security Testing Software
- Security and Repetition
Firewalls and Virtual Private Networks
- Access Control Overview
- Definition and Description of a Firewall
- The Role of a Firewall
- Firewall Terminology
- Firewall Configuration Defaults
- Creating Packet Filter Rules
- Packet Filter Advantages and
- Disadvantages
- Configuring Proxy Servers
- Remote Access and Virtual Private Networks (VPNs)
- Public Key Infrastructure (PKI)
Levels of Firewall Protection
- Designing a Firewall
- Types of Bastion Hosts
- Hardware Issues
- Common Firewall Designs
- Putting It All Together
Detecting and Distracting Hackers
- Preparing for the Inevitable
- Proactive Detection
- Distracting the Hacker
- Deterring the Hacker
Incident Response
- Planning for Response
- Create a Response Policy
- Decide Ahead of Time
- Do Not Panic
- Document Everything
- Assess the Situation
- Stop or Contain Activity
- Execute the Response Plan
- Analyze and Learn
Day 3: Operating System Security
Operating System Security is a course designed to teach students the latest security industry recommendations and how to properly protect Windows 2000 and Linux servers in a variety of settings. Students will learn how to protect Windows 2000 and Linux systems from attacks, reconfigure the operating system to fully protect it, and scan hosts for known security problems. By the end of the course, students will have a solid understanding of the security architectures used by Windows 2000 and Linux.
Security Principles
- Overview of Security Principles
- Definition of Security
- Evaluation Criteria
- Security Levels
- Security Mechanisms
- Security Management
- Windows 2000 Security
- Windows 2000 Security Architecture
- Linux Security
- Pluggable Authentication Modules (PAMs)
- Account Security
- Securing Accounts: An Overview
- Passwords
- Verifying System State
- Password Aging in Linux
File System Security
- File System Security Overview
- Windows 2000 File System Security
- Remote File Access Control
- Linux File System Security
Assessing Risk
- Risk Assessment Basics
- Security Threats
- Windows 2000 Security Risks
- General UNIX Security Vulnerabilities
- Keyloggers
- System Port Scanning
- UNIX Security Risks
- NIS Security Concerns
- NFS Security Concerns
Reducing Risk
- Reducing Risk through Simplification
- Patches and Fixes
- Windows 2000 Registry Security
- Disabling and Removing Unnecessary
- Services in Windows 2000
- Reducing Risk in Linux Systems
Day 4-5: Security Auditing, Attacks, Threat Analysis and Wireless Security
Security Auditing, Attacks, and Threat Analysis teaches you how to conduct a security audit. It teaches you how to perform the different phases of an audit, including discovery and penetration. You will also learn how to prevent hackers from controlling your network, and how to generate effective audit reports that can help organizations better their security and become up to date with industry security standards. Finally, you will learn about how to recommend industry-standard security solutions for your enterprise. As you examine different threats and learn more about how network hosts participate on a network, you will determine how to assess and manage the risk posed to each system. This course introduces various tools to help you in the auditing process; you will use some of these tools in the labs. You will also study international standards, along with time-tested methods for auditing a network efficiently. After completing this course, you will have in-depth training and experience in analyzing the hacker process and associated methodologies. You will be able to counteract attacks using specific, practical tools, including enterprise-grade security-scanning and intrusion-detection programs. You will also learn how to analyze your findings and make recommendations for establishing the best security possible in a given scenario.
Security Auditing
- Introduction to Auditing
- What Is an Auditor?
- What Does an Auditor Do?
- Auditor Roles and Perspectives
- Conducting a Risk Assessment
- Risk Assessment Stages
- Discovery Methods
- Discovery
- Security Scans
- Enterprise-grade Auditing Applications
- Social Engineering
- What Information Can You Obtain?
Auditing Server Penetration and Attack Techniques
- Network Penetration
- Attack Signatures and Auditing
- Compromising Services
- Common Targets
- Routers
- Databases
- Web and FTP Servers
- E-mail Servers
- Naming Services
- Auditing for System Bugs
- Auditing Trap Doors and Root Kits
- Auditing Denial-Of-Service Attacks
- Combining Attack Strategies
- Denial of Service and the TCP/IP Stack
Security Auditing and the Control Phase
- Network Control
- Control Phase Goals
- UNIX Password File Locations
- Control Methods
- Auditing and the Control Phase
Intrusion Detection
- What Is Intrusion Detection?
- IDS Applications and Auditing
- Intrusion Detection Architecture
- IDS Rules
- IDS Actions
- False Positives
- Intrusion-Detection Software
- Purchasing an IDS
- Auditing with an IDS
Auditing and Log Analysis
- Log Analysis
- Baseline Creation
- Firewall and Router Logs
- Operating System Logs
- Filtering Logs
- Suspicious Activity
- Additional Logs
- Log Storage
- Auditing and Performance Degradation
Audit Results
- Auditing Recommendations
- Creating the Audit Report
- Improving Compliance
- Improving Router Security
- Enabling Proactive Detection
- Host Auditing Solutions
- Replacing and Updating Services
- Secure Shell (SSH)
- SSH and DNS
Wireless Security
- 802.11 Security Basics
- Attacks and Risks
- Rudimentary security measures
- Station Security
- Gateway Security
- Intermediate Security Measures
- Advanced Security Measures
- Hardware & Software Solutions
- Prevention & Countermeasures
- Implementation and Management
HANDS-ON Labs and Workshops and Exercises
(Requires LINUX and Windows 2000)
Extensive exercises and workshops provide the boot camp attendees with practical experience analyzing system and network security.