Network Defense and Countermeasures
Course ID
Course Description
- Performance-Based Objectives:
- Identify the basic components of a layered structure for network defense architecture, and describe access control objectives and auditing concepts.
- Identify key concepts and technologies used in the design of firewall systems, as well as methods of implementing firewalls in different scenarios.
- Implement and configure firewalls for three different operating systems and compare their functionality while also identifying the differences between the technologies.
- Describe Virtual Private Networks (VPNs) and related security issues, and take steps to implement a VPN solution built into Windows 2000.
- Describe the key concepts of Intrusion Detection Systems, including distinguishing between host-based and network-based Intrusion Detection Systems.
- Implement and configure a network-based and a host-based IDS.
- Describe core concepts of TCP/IP packet and signature analysis with the goal of intrusion detection, and examine the goals of the Common Vulnerabilities and Exposure (CVE) project.
- Identify the concepts and issues related to risk analysis, and analyze different methods of risk analysis, different standards, and different techniques to minimize risk.
- Implement a security policy for an organization by examining different methods of policy creation and implementation, and creating a policy document.
Prerequisites
Audience
Course Content
- Network Defense Fundamentals
- Network Defense
- Defensive Technologies
- Objectives of Access Control
- The Impact of Defense
- Network Auditing Concepts
- Designing Firewall Systems
- Firewall Components
- Create a Firewall Policy
- Rule Sets and Packet Filters
- Proxy Server
- The Bastion Host
- The Honeypot
- Configuring Firewalls
- Firewall Implementation Practices
- Installing and Configuring FireWall-1
- Installing and Configuring ISA Server 2000
- Monitor ISA Server
- IPChains Concepts
- Implementing Firewall Technologies
- Configuring VPNs
- VPN Fundamentals
- IP Security Protocol (IPSec)
- VPN Design and Architecture
- VPN Security
- Configuring a VPN
- Designing an IDS
- The Goals of an Intrusion Detection System
- Technologies and Techniques of Intrusion Detection
- Host-based Intrusion Detection
- Network-based Intrusion Detection
- The Analysis
- How to Use an IDS
- What an Intrusion Detection System Cannot Do
- Configuring an IDS
- Snort Foundations
- Snort Installation
- Snort as an IDS
- Configuring ISS Scanners
- Analyzing Intrusion Signatures
- Signature Analysis
- Common Vulnerabilities and Exposures (CVE)
- Signatures
- Normal Traffic Signatures
- Abnormal Traffic Signatures
- Performing a Risk Analysis
- Concepts of Risk Analysis
- Methods of Risk Analysis
- The Process of Risk Analysis
- Techniques to Minimize Risk
- Continual Risk Analysis
- Creating a Security Policy
- Concepts of Security Policies
- The Policy Design
- The Policies
- An Example Policy
- Incident Handling and Escalation Procedures
- Partner Policies
- Appendix A: Trojan Port Numbers
- Trojan Port Numbers
- Appendix B: Security-related RFCs
- Security-related Request for Comments
- Appendix C: A Case Study
- Understanding Denial of Service
- Appendix D: The Security Certified Program
- The Security Career Roadmap
For More Information
For training inquiries, call 850-308-1376
or email us at eramos@gbsi.com
Course Details
Duration - 5 days
Price - $2995.00 USD
(Discounts may apply. Call for more information.)
Acceletrain Collaborative Learning Environment (formerly know as VILT) places industry certified and expert instructors, peers, learners and multi-media components into a "borderless classroom", and interactive learning environment that can span multiple physical locations. VILT combines the benefits of the traditional brick-and-mortar classroom with innovative learning techniques and the cost savings of internet-based training.