|
|
1-800-THE-TREE (1-800-843-8733)
|
|
|
 |
|
System and Network Security: A Comprehensive Introduction
Course: 468
Type: Course Workshop
Duration: 4 Days
You Will Learn How To
- Analyze your exposure to security threats and protect your organization's systems and data
- Reduce your susceptibility to an attack by deploying firewalls and data encryption
- Assess alternative user and host authentication mechanisms
- Manage risks emanating from inside the organization and from the Internet
- Protect network users from hostile applications and viruses
- Identify the security risks that need to be addressed within your organization
Course Benefits In today's Internet-dependent business environment, organizations must link their systems across enterprise-wide and virtual private networks, as well as connect mobile users. Each connection increases exposure to customers, competitors and hackers, magnifying vulnerability to attack. In this course, you learn how to analyze risks to your networks and the steps needed to select and deploy the appropriate countermeasures to reduce your exposure to network threats.Who Should Attend Those who require the fundamental skills to develop and implement security schemes designed to protect their organization's information from threats.Course Workshop Exercises and workshops provide you with experience analyzing system and network security. Activities include:
- Cracking passwords
- Scanning systems with Microsoft Baseline Security Analyzer (MBSA)
- Restricting computer access with biometrics
- Preventing unwanted network access with a personal firewall
- Encrypting and signing important data
- Discovering security best practices
Course 468 Content
- Hackers inside and out
- Eavesdropping
- Spoofing
- Sniffing
- Trojan horses
- Viruses
- Wiretaps
- Defining your information assurance objectives
- Assessing your exposure
- Choosing your algorithm: DES, AES, RC4 and others
- Assessing key length and key distribution
- Generating keys
- Encrypting with RSA
- Working with PGP and GnuPG
- Evaluating Web of Trust and PKI
- Hashing with MD5 and SHA
- Protecting data in transit
- Building the digital signature
- Creating a good quality password policy to prevent password guessing and cracking
- Protecting against social engineering attacks
- Encrypting passwords vs. replay attacks
- Challenge-response to prevent man-in-the-middle attacks
- Preventing password replay using one-time and tokenized passwords
- Employing biometrics as part of two-factor authentication
- Shortcomings of IP addresses
- Address-spoofing issues and countermeasures
- Solutions for wireless networks
- Searching for operating system holes
- Discovering file permission issues
- Limiting access via physical security
- Encryption with application-specific tools
- Recovering encrypted data
- Locking down user accounts
- Securing administrator's permissions
- Protecting against viruses
- Restricting access to critical services
- Preventing buffer overflows
- Securing DNS
- Limiting the impact of common attacks
- Analyzing shortcomings of stateless packet filters
- Contrasting stateful packet filters with application proxies
- Preventing intrusions with filters
- Evaluating firewall features
- Selecting an architecture and a personal firewall
- Sniffing the network
- Mitigating threats from connected hosts
- Partitioning the network to prevent data leakage
- Identifying wireless LAN vulnerabilities
- Ensuring confidentiality with encryption
- Securing data-link layer with PPTP and L2TP
- Middleware information assurance with SSL and TLS
- Deploying SSH (the Secure Shell)
- Authenticating remote locations
- Tunneling traffic between sites
- Exchanging keys
- Developing a security plan
- Responding to incidents
- Enumerating the six critical steps
|
Related Courses
(ISC)2 is a registered certification mark of (ISC)2, Inc.
|
|
|
|
|
|
|
Print Friendly
E-mail a Colleague
Course FAQ
Course PDF
Home
