Network Defense and Countermeasures (Second Edition)

Course ID

64720

Course Description

Network Defense and Countermeasures (Second Edition) is designed to provide network administrators with an awareness of security-related issues and the essential skills they need to implement security in a given network. This is the second course of the Security Certified Program's level one certification track (the SCNP), and focuses primarily on defensive network technologies, such as firewalls and intrusion detection systems.
    Performance-Based Objectives
  • Identify the basic components of a layered structure for network defense architecture, and describe access control objectives and auditing concepts.
  • Identify key concepts and technologies used in the design of firewall systems, as well as methods of implementing firewalls in different scenarios.
  • Implement and configure three unique firewalls and compare their functionality while also identifying the differences between the technologies.
  • Describe Virtual Private Networks (VPNs) and related security issues, and take steps to implement a VPN solution built into Windows 2000.
  • Describe the key concepts of Intrusion Detection Systems, including distinguishing between host-based and network-based Intrusion Detection Systems.
  • Implement and configure a network-based and a host-based IDS.
  • Describe core concepts of TCP/IP packet and signature analysis with the goal of intrusion detection, and examine the goals of the Common Vulnerabilities and Exposure (CVE) project.
  • Identify the concepts and issues related to risk analysis, and analyze different methods of risk analysis, different standards, and different techniques to minimize risk.
  • Implement a security policy for an organization by examining different methods of policy creation and implementation, and creating a policy document.

Prerequisites

The Network Defense and Countermeasures (Second Edition) course is designed for the student who is a network administrator responsible for maintaining a wide range of network technologies. To ensure your success, we recommend you first take the following course or have equivalent knowledge:


Audience

The Network Defense and Countermeasures course is designed for the student who is a Network Administrator responsible for maintaining a wide range of network technologies.

Course Content

    Network Defense Fundamentals
  • Network Defense
  • Defensive Technologies
  • Objectives of Access Control
  • The Impact of Defense
  • Network Auditing Concepts

    Designing Firewall Systems
  • Firewall Components
  • Create a Firewall Policy
  • Rule Sets and Packet Filters
  • Proxy Server
  • The Bastion Host
  • The Honeypot

    Configuring Firewalls
  • Firewall Implementation Practices
  • Installing and Configuring

    FireWall-1
  • Installing and Configuring ISA

    Server 2000
  • Monitor ISA Server
  • IPChains Concepts
  • Implementing Firewall Technologies

    Configuring VPNs
  • VPN Fundamentals
  • IP Security Protocol (IPSec)
  • VPN Design and Architecture
  • VPN Security
  • Configuring a VPN

    Designing an IDS
  • The Goals of an Intrusion Detection System
  • Technologies and Techniques of Intrusion Detection
  • Host-based Intrusion Detection
  • Network-based Intrusion Detection
  • The Analysis
  • How to Use an IDS
  • What an Intrusion Detection System Cannot Do

    Configuring an IDS
  • Snort Foundations
  • Snort Installation
  • Snort as an IDS
  • Configuring ISS Scanners

    Analyzing Intrusion Signatures
  • Signature Analysis
  • Common Vulnerabilities and Exposures (CVE)
  • Signatures
  • Normal Traffic Signatures
  • Abnormal Traffic Signatures

    Performing a Risk Analysis
  • Concepts of Risk Analysis
  • Methods of Risk Analysis
  • The Process of Risk Analysis
  • Techniques to Minimize Risk
  • Continual Risk Analysis

    Creating a Security Policy
  • Concepts of Security Policies
  • The Policy Design
  • The Policies
  • An Example Policy
  • Incident Handling and Escalation Procedures
  • Partner Policies

    Appendix A: Trojan Port Numbers
  • Trojan Port Numbers

    Appendix B: Security-related RFCs
  • Security-related Request for Comments

    Appendix C: A Case Study
  • Understanding Denial of Service

    Appendix D: The Security Certified Program
  • The Security Career Roadmap

For More Information

For training inquiries, call 850-308-1376

or email us at eramos@gbsi.com

Course Details

Duration - 5 days
Price - $2995.00 USD


(Discounts may apply. Call for more information.)

Course Actions

Schedule

Acceletrain Collaborative Learning Environment (formerly know as VILT) places industry certified and expert instructors, peers, learners and multi-media components into a "borderless classroom", and interactive learning environment that can span multiple physical locations. VILT combines the benefits of the traditional brick-and-mortar classroom with innovative learning techniques and the cost savings of internet-based training.