This course is provided by Wintrac. Wintrac provides one stop shopping for all your IT
training needs. Wintrac’s course catalog of over two thousand courses includes courses on Security Training
Overview
Enterprise Security Solutions is designed to provide network administrators and security architects with an awareness of security-related issues and the essential skills they need to implement security in a given network. It is the second course offered in the second level of the Security Certified Program. This course is preceded by Advanced Security Implementation (ASI).
Prerequisites
To ensure your success, we recommend you first take the following courses or have equivalent knowledge:
- Hardening the Infrastructure
- Network Defense and Countermeasures
- Advanced Security Implementation
Hardware/Software Requirements
You will need:
- Operating Systems:
- Windows 2000 Server
- Red Hat Linux 8.0
- Service Packs, Upgrades, Drivers:
- Drivers for NICs, Video
- Service Pack 2 for Windows 2000
- Hardware:
- Two computers per instructor
- One computer per student
- One 10/100 switch or hub
- Computers: PIII 800 (P4 recommended), 256 MB of RAM, at least 15 GB HDD,
1 NIC per PC (well-known brands preferred for promiscuous mode support), video
card (well known brands preferred from the point of view of driver availability
for all OSs), audio card with a microphone and speakers, and USB ports
- BiolinkUSA U-Match USB biometric mouse, one per student (found
at www.biolinkusa.com)
- U-Match drivers and authentication software (obtained with mouse)
- Panasonic BM-ET100US Authenticam Iris Scanner, one per classroom
(found at www.panasonic.com/cctv/products/bmet100us.asp)
- Panasonic BM-ET100US drivers and authentication software (obtained
with iris scanner)
- Linksys Wireless G WNIC WPC 54G, one per class
- Proxim Orinoco WNIC 8470-WD.
- Linksys Wireless G AP WAP 54G, one per class
- Cryptoflex for Windows Smart Cards, one per student (found at
www.cryptoflex.com)
- Reflex USB Smart Card reader, one per student (found at www.cryptoflex.com)
- Software:
- Acrobat Reader (found at www.adobe.com)
- Unzipping tool (found at www.winrar.com)
- VeriSign CPS v2.1 (found for viewing at www.verisign.com)
- Perl 5.8.1 (stable.tar.gz)
- Openssl-0.9.7c.tar.gz
- Net-SSLeay.pm-1.23.tar.gz
- Webmin1.110.tar.gz
- BerkeleyDB4.1
- openLDAP20030709
- CATool 1.2.6 and corresponding catoolpriv.cf evaluation license file (found
by filling out the request form at www.open.com.au/catool—include in the comments
that you are requesting download for the SCP)
- Reflex USB Smart Card reader driver (found at www.cryptoflex.com)
- Ntfsflp.exe (found at www.sysinternals.com)
- Odyc222.msi (found at www.funk.com)
- Netstumblerinstaller_0_330.exe (found at www.stumbler.net)
- Apwnxdemo.exe (found at www.wildpackets.com)
- Workgroupmail (found at www.workgroupmail.com)
- PGP 7.0.3 (found at www.pgpi.com)
- Smart Card Cleanup Utilities: MDAC 2.7, Personalization_Tool.zip, and
Transport Key (found at www.cryptoflex.com/Support/Personalization_tool.zip)
Performance-Based Objectives
- Identify, describe the transition towards, and implement trusted
networks.
- Implement a stand-alone Microsoft CA and a Microsoft Enterprise
Root CA.
- Implement a Linux CA.
- Manage digital certificates.
- Configure local file encryption.
- Protect local files using biometrics.
- Configure and secure wireless networks.
- Secure email using PGP and S/MIME.
- Build trusted networks.
Delivery Method
Instructor-led, group-paced, classroom-delivery learning model with structured hands-on activities.
Course duration
5 Days
Course outline
Lesson 1: Trusted Network Implementation
- Topic 1A: Defended Networks of Today
- Topic 1B: Trusted Network Services
- Topic 1C: Cryptography Primer
- Topic 1D: The Role of Strong Authentication
- Topic 1E: PKI Roles and Fundamentals
Lesson 2: Planning a Trusted Network
- Topic 2A: Required Components
- Topic 2B: Certificate Paths
- Topic 2C: Planning Documents
- Topic 2D: Certificate Practices Framework
Lesson 3: Microsoft Trusted Networks
- Topic 3A: Certificate Authority Requirements
- Topic 3B: Major Functions of a CA Hierarchy
- Topic 3C: Certificate Standard and Format
- Topic 3D: Implement Microsoft Certificate Authorities
- Topic 3E: Implement a Microsoft Enterprise Root CA
Lesson 4: Linux Certificate Authorities
- Topic 4A: Introduction to Linux Certificate Authorities
- Topic 4B: Certificate Authorities for Linux
- Topic 4C: Prepare to Install a CA
- Topic 4D: OpenLDAP
- Topic 4E: Use CATool
Lesson 5: Managing Certificates
- Topic 5A: Certificate Lifecycle and Certificate Management
- Topic 5B: Create Certificates
- Topic 5C: Process Certificate Requests
- Topic 5D: Assign a Certificate
- Topic 5E: Certificates on Smart Cards
Lesson 6: Local Resource Security
- Topic 6A: Windows 2000 EFS Fundamentals
- Topic 6B: Configure EFS
- Topic 6C: Control EFS Use
- Topic 6D: Store Encrypted Files on a Floppy Disk with
EFS
- Topic 6E: Secure Data with Biometrics
Lesson 7: Wireless Network Security
- Topic 7A: Wireless Networking Fundamentals
- Topic 7B: Wireless LAN (WLAN) Fundamentals
- Topic 7C: Wireless Security Solutions
- Topic 7D: Wireless Auditing
- Topic 7E: Wireless Trusted Networks
Lesson 8: Secure Email
- Topic 8A: Secure Email Fundamentals
- Topic 8B: Secure Email with PGP
- Topic 8C: S/MIME Background
Lesson 9: Building Trusted Networks
- Topic 9A: Building Windows Domains—Enterprise of Trust
- Topic 9B: Configuring the Enterprise CA
- Topic 9C: Setting Up the Linux CA
- Topic 9D: Certificate Authority Trust—Cross Trust
- Topic 9E: Secure Email
- Topic 9F: Certificate Revocation
|