IT Security

 

Network Security & Firewalls (Course Code: 146)

Course Schedule:

Please call 8622 8900 or email us for further information

Overview:

A Security Professional implements security policy, identifies security threats, and develops countermeasures using firewall systems and attack-recognition technologies. This individual is responsible for managing the deployment of e-business transaction and payment security solutions.

This course is designed to teach you how to secure networks from unauthorised activity. You will learn about establishing an effective security policy, identifying different types of hacker activities, understanding the hacker's mind-set, and preventing and managing hacker penetration. You will also learn about authentication procedures, encryption standards and implementations, ports and protocols that hackers manipulate, and how to engage in proactive detection and response/reporting methods.

This course prepares you for the following job responsibilities:

  • implementing e-business solutions security policies
  • identify security threats and develop countermeasures using firewall systems and attack-recognition technologies
  • managing the deployment of security solutions.

Learning Method:

This course uses a combination of instructor presentation, facilitated group discussion, practical exercises and group case study exercises.

Who will benefit from this course?

This course is for:

  • Network server administrators
  • Firewall administrators
  • Systems administrators
  • Application developers
  • IT security officers.

It is designed for those with responsibilities to implement e-business solutions security policies; identify security threats and develop countermeasures using firewall systems and attack-recognition technologies; and manage the deployment of security solutions.

Pre-requisites:

Before attending this course you must have a basic knowledge of operating systems, networks and the internet.

What can you expect to gain from this course?

After completing this course you will:

  • know how to secure networks from unauthorised activity
  • know how to establish an effective security policy
  • know about authentication procedures, encryption standards and implementation, ports and protocols that hackers manipulate
  • know how to engage in proactive detection and response / reporting methods.

Course Content:

Module 1: What Is Security?
  • Network Security Background
  • What Is Security?
  • Hacker Statistics
  • What Is the Risk?
  • The Myth of 100-Percent Security
  • Attributes of an Effective Security Matrix
  • What You Are Trying to Protect
  • Who Is the Threat?
  • Security Standards
  • Elements of Security
  • Security Concepts and Mechanisms
Module 2:Elements of Security
  • The Security Policy
  • Encryption
  • Authentication
  • Specific Authentication Techniques
  • Access Control
  • Auditing
  • Security Tradeoffs and Drawbacks
Module 3:Applied Encryption
  • Reasons to Use Encryption
  • Creating Trust Relationships
  • Rounds, Parallelisation and Strong
  • Encryption
  • Symmetric-Key Encryption
  • Symmetric Algorithms
  • Asymmetric Encryption
  • Hash Encryption
  • Applied Encryption Processes
  • Encryption Review
Module 4:Types of Attacks
  • Attack Categories
  • Brute-Force and Dictionary Attacks
  • System Bugs and Back Doors
  • Social Engineering and Non-Direct Attacks
Module 5:General Security Principles
  • Common Security Principles: Introduction
  • Be Paranoid
  • You Must Have a Security Policy
  • No System or Technique Stands Alone
  • Minimise the Damage
  • Deploy Companywide Enforcement
  • Provide Training
  • Use an Integrated Security Strategy
  • Place Equipment According to Needs
  • Identify Security Business Issues
  • Consider Physical Security
Module 6:Protocol Layers and Security
  • TCP/IP Security Introduction
  • TCP/IP and Network Security
  • The TCP/IP Suite and the OSI Reference
  • Model
  • Physical Layer
  • Network Layer
  • Transport Layer
  • Application Layer
Module 7:Securing Resources
  • TCP/IP Security Vulnerabilities
  • Implementing Security
  • Resources and Services
  • Protecting TCP/IP Services
  • Simple Mail Transfer Protocol (SMTP)
  • Testing and Evaluating
  • Implementing New Systems and Settings
  • Security Testing Software
  • Security and Repetition
Module 8:Firewalls and Virtual Private Networks
  • Access Control Overview
  • Definition and Description of a Firewall
  • The Role of a Firewall
  • Firewall Terminology
  • Firewall Configuration Defaults
  • Creating Packet Filter Rules
  • Packet Filter Advantages and
  • Disadvantages
  • Configuring Proxy Servers
  • Remote Access and Virtual Private
  • Networks (VPNs)
  • Public Key Infrastructure (PKI)
Module 9:Levels of Firewall Protection
  • Designing a Firewall
  • Types of Bastion Hosts
  • Hardware Issues
  • Common Firewall Designs
  • Putting It All Together
Module 10:Detecting and Distracting Hackers
  • Preparing for the Inevitable
  • Proactive Detection
  • Distracting the Hacker
  • Deterring the Hacker
Module 11:Incident Response
  • Planning for Response
  • Create a Response Policy
  • Decide Ahead of Time
  • Do Not Panic
  • Document Everything
  • Assess the Situation
  • Stop or Contain Activity
  • Execute the Response Plan
  • Analyse and Learn

Related Courses:

Security Auditing, Attacks, and Threat Analysis (Course Code: 148)