Home    |    Instructor-led Training    |    Online Training     
         
 
Courses
ADA
Adobe
Agile
AJAX
Android
Apache
AutoCAD
Big Data
BlockChain
Business Analysis
Business Intelligence
Business Objects
Business Skills
C/C++/Go programming
Cisco
Citrix
Cloud Computing
COBOL
Cognos
ColdFusion
COM/COM+
CompTIA
CORBA
CRM
Crystal Reports
Data Science
Datawarehousing
DB2
Desktop Application Software
DevOps
DNS
Embedded Systems
Google Web Toolkit (GWT)
IPhone
ITIL
Java
JBoss
LDAP
Leadership Development
Lotus
Machine learning/AI
Macintosh
Mainframe programming
Mobile
MultiMedia and design
.NET
NetApp
Networking
New Manager Development
Object oriented analysis and design
OpenVMS
Oracle
Oracle VM
Perl
PHP
PostgreSQL
PowerBuilder
Professional Soft Skills Workshops
Project Management
Python
Rational
Ruby
Sales Performance
SAP
SAS
Security
SharePoint
SOA
Software quality and tools
SQL Server
Sybase
Symantec
Telecommunications
Teradata
Tivoli
Tomcat
Unix/Linux/Solaris/AIX/
HP-UX
Unisys Mainframe
Visual Basic
Visual Foxpro
VMware
Web Development
WebLogic
WebSphere
Websphere MQ (MQSeries)
Windows programming
XML
XML Web Services
Other
Network Defense And Countermeasures
This course is provided by Wintrac. Wintrac provides one stop shopping for all your IT training needs. Wintrac’s course catalog of over two thousand courses includes courses on Security Training

Overview

Network Defense and Countermeasures is the second course in the first level of the Security Certified Program. This course focuses on students' understanding of the architecture for network defense.

Prerequisites

To ensure your success, we recommend you first take the following Element K course or have equivalent knowledge:
  • Network Security Fundamentals
Target Student:

We designed the Network Defense and Countermeasures course for the student who is a Network Administrator responsible for maintaining a wide range of network technologies.

Performance-Based Objectives

  • Identify the basic components of a layered structure for network defense architecture, and describe access control objectives and auditing concepts.
  • Identify key concepts and technologies used in the design of firewall systems, as well as methods of implementing firewalls in different scenarios.
  • Implement and configure firewalls for three different operating systems and compare their functionality while also identifying the differences between the technologies.
  • Describe Virtual Private Networks (VPNs) and related security issues, and take steps to implement a VPN solution built into Windows 2000.
  • Describe the key concepts of Intrusion Detection Systems, including distinguishing between host-based and network-based Intrusion Detection Systems.
  • Implement and configure a network-based and a host-based IDS.
  • Describe core concepts of TCP/IP packet and signature analysis with the goal of intrusion detection, and examine the goals of the Common Vulnerabilities and Exposure (CVE) project.
  • Identify the concepts and issues related to risk analysis, and analyze different methods of risk analysis, different standards, and different techniques to minimize risk.
  • Implement a security policy for an organization by examining different methods of policy creation and implementation, and creating a policy document.
Delivery Method

Instructor-led, group-paced, classroom-delivery learning model with structured minds-on and hands-on activities.

Benefits

Students will work with layered network defense structures and implement firewalls on various platforms. Students will also gain a working knowledge of Virtual Private Networks and Intrusion Detection Systems, perform packet and signature analyses, identify different methods of risk analysis, and create a security policy.

What's Next

This is the final course of Level One: Defense of the Security Certification Program. Level Two: Trust begins with PKI and Biometric Concepts and Planning.

Course duration

5 Days

Course outline

Lesson 1: Network Defense Fundamentals
  • Topic 1A: Network Defense
  • Topic 1B: Defensive Technologies
  • Topic 1C: Objectives of Access Control
  • Topic 1D: The Impact of Defense
  • Topic 1E: Network Auditing Concepts
Lesson 2: Designing Firewall Systems
  • Topic 2A: Firewall Components
  • Topic 2B: Create a Firewall Policy
  • Topic 2C: Rule Sets and Packet Filters
  • Topic 2D: Proxy Server
  • Topic 2E: The Bastion Host
  • Topic 2F: The Honeypot
Lesson 3: Configuring Firewalls
  • Topic 3A: Firewall Implementation Practices
  • Topic 3B: Installing and Configuring FireWall-1
  • Topic 3C: Installing and Configuring ISA Server 2000
  • Topic 3D: Monitor ISA Server
  • Topic 3E: IPChains Concepts
  • Topic 3F: Implementing Firewall Technologies
Lesson 4: Configuring VPNs
  • Topic 4A: VPN Fundamentals
  • Topic 4B: IP Security Protocol (IPSec)
  • Topic 4C: VPN Design and Architecture
  • Topic 4D: VPN Security
  • Topic 4E: Configuring a VPN
Lesson 5: Designing an IDS
  • Topic 5A: The Goals of an Intrusion Detection System
  • Topic 5B: Technologies and Techniques of Intrusion Detection
  • Topic 5C: Host-based Intrusion Detection
  • Topic 5D: Network-based Intrusion Detection
  • Topic 5E: The Analysis
  • Topic 5F: How to Use an IDS
  • Topic 5G: What an Intrusion Detection System Cannot Do
Lesson 6: Configuring an IDS
  • Topic 6A: Snort Foundations
  • Topic 6B: Snort Installation
  • Topic 6C: Snort as an IDS
  • Topic 6D: Configuring ISS Scanners
Lesson 7: Analyzing Intrusion Signatures
  • Topic 7A: Signature Analysis
  • Topic 7B: Common Vulnerabilities and Exposures (CVE)
  • Topic 7C: Signatures
  • Topic 7D: Normal Traffic Signatures
  • Topic 7E: Abnormal Traffic Signatures
Lesson 8: Performing a Risk Analysis
  • Topic 8A: Concepts of Risk Analysis
  • Topic 8B: Methods of Risk Analysis
  • Topic 8C: The Process of Risk Analysis
  • Topic 8D: Techniques to Minimize Risk
  • Topic 8E: Continual Risk Analysis
Lesson 9: Creating a Security Policy
  • Topic 9A: Concepts of Security Policies
  • Topic 9B: The Policy Design
  • Topic 9C: The Policies
  • Topic 9D: An Example Policy
  • Topic 9E: Incident Handling and Escalation Procedures
  • Topic 9F: Partner Policies
Appendix A: Trojan Port Numbers
  • Trojan Port Numbers
Appendix B: Security-related RFCs
  • Security-related Request for Comments
Appendix C: A Case Study
  • Understanding Denial of Service
Appendix D: The Security Certified Program
  • The Security Career Roadmap
Hardware/Software Requirements

You will need:

  • Operating Systems
    • Bootable DOS 6.22 floppy disk (with important utilities like FDISK.exe, FORMAT.exe, MSCDEX.exe, etc.). You can use the complete DOS 6.22 on three disks if you wish, but it is not necessary.
    • (Optional) Windows 98 CD.
    • Windows NT 4.0 Server CD.
    • Windows 2000 Server CD.
    • Red Hat Linux 7.1 on two CDs. Download the ISO files and create CDs from these images (when burning CDs, choose the Burn As Image option). This will ensure that they are bootable.
    • Drivers for all the operating systems. You should always keep these handy. In addition to having them on a CD-ROM, it is generally advisable to keep these around on a properly labeled set of floppy disks as well, as a last line of defense.
  • Service Packs and other software
    • SP2 for Windows 2000.
    • SP6a for Windows NT 4 Server.
    • Internet Explorer 4.0 or later. Use version 5.0 for NT 4.0.
    • ISA Server 2000 Standard Edition (trial version).
    • Windows 2000 Resource Kit.
    • Check Point FireWall-1 Enterprise Edition 4.1 for 172.17.10.1.
    • A decompression utility for Windows, such as WinZip.
  • Disk cloning tools and SID changing utilities
    • Norton's Ghost is recommended for cloning.
    • Norton's Ghostwalk is recommended for SID changing.
  • Hardware
    • Two instructor machines.
    • One student machine per student.
    • Three Cisco routers (2500 Series preferred; IOS v.11.2 or greater).
    • Two serial cables (Part #SC–9595 was used with the 2500 Series).
    • Two 10/100 switches or hubs.
    • Cisco console cable.
    • Two crossover cables.
    • One null modem cable per every two machines.
    • Three transceivers (CentreCOM 210TS were used with the 2500 Series).
  • (Optional) Internet access
  • Machine
    • Pentium III 500 processor (700 recommended).
    • At least 128 MB of RAM (256 MB recommended).
    • A minimum of 8 GB of available hard drive space.
    • Two non-integrated Network Interface Cards per PC (Intel or 3Com preferred for promiscuous mode support).
    • A video card (Nvidia TNT2 recommended—from the point of view of driver availability for all OSes).

Please contact your training representative for more details on having this course delivered onsite or online

Training Outlines - the one stop shopping center for IT training.
© Training Outlines All rights reserved