Home    |    Instructor-led Training    |    Online Training     
         
 
Courses
ADA
Adobe
Agile
AJAX
Android
Apache
AutoCAD
Big Data
BlockChain
Business Analysis
Business Intelligence
Business Objects
Business Skills
C/C++/Go programming
Cisco
Citrix
Cloud Computing
COBOL
Cognos
ColdFusion
COM/COM+
CompTIA
CORBA
CRM
Crystal Reports
Data Science
Datawarehousing
DB2
Desktop Application Software
DevOps
DNS
Embedded Systems
Google Web Toolkit (GWT)
IPhone
ITIL
Java
JBoss
LDAP
Leadership Development
Lotus
Machine learning/AI
Macintosh
Mainframe programming
Mobile
MultiMedia and design
.NET
NetApp
Networking
New Manager Development
Object oriented analysis and design
OpenVMS
Oracle
Oracle VM
Perl
PHP
PostgreSQL
PowerBuilder
Professional Soft Skills Workshops
Project Management
Python
Rational
Ruby
Sales Performance
SAP
SAS
Security
SharePoint
SOA
Software quality and tools
SQL Server
Sybase
Symantec
Telecommunications
Teradata
Tivoli
Tomcat
Unix/Linux/Solaris/AIX/
HP-UX
Unisys Mainframe
Visual Basic
Visual Foxpro
VMware
Web Development
WebLogic
WebSphere
Websphere MQ (MQSeries)
Windows programming
XML
XML Web Services
Other
Network Defense and Countermeasures (Second Edition)
This course is provided by Wintrac. Wintrac provides one stop shopping for all your IT training needs. Wintrac’s course catalog of over two thousand courses includes courses on Security Training
Overview

Network Defense and Countermeasures (Second Edition) is designed to provide network administrators with an awareness of security-related issues and the essential skills they need to implement security in a given network. This is the second course of the Security Certified Program's level one certification track (the SCNP), and focuses primarily on defensive network technologies, such as firewalls and intrusion detection systems.

Prerequisites

We designed the Network Defense and Countermeasures (Second Edition) course for the student who is a network administrator responsible for maintaining a wide range of network technologies. To ensure your success, we recommend you first take the following course or have equivalent knowledge:
  • Hardening The Infrastructure
Performance-Based Objectives

  • Identify the basic components of a layered structure for network defense architecture, and describe access control objectives and auditing concepts.
  • Identify key concepts and technologies used in the design of firewall systems, as well as methods of implementing firewalls in different scenarios.
  • Implement and configure three unique firewalls and compare their functionality while also identifying the differences between the technologies.
  • Describe Virtual Private Networks (VPNs) and related security issues, and take steps to implement a VPN solution built into Windows 2000.
  • Describe the key concepts of Intrusion Detection Systems, including distinguishing between host-based and network-based Intrusion Detection Systems.
  • Implement and configure a network-based and a host-based IDS.
  • Describe core concepts of TCP/IP packet and signature analysis with the goal of intrusion detection, and examine the goals of the Common Vulnerabilities and Exposure (CVE) project.
  • Identify the concepts and issues related to risk analysis, and analyze different methods of risk analysis, different standards, and different techniques to minimize risk.
  • Implement a security policy for an organization by examining different methods of policy creation and implementation, and creating a policy document.
Delivery Method

Instructor-led, group-paced, classroom-delivery learning model with structured minds-on and hands-on activities.

Course duration

5 Days

Course outline

Lesson 1: Network Defense Fundamentals
  • Topic 1A: Network Defense
  • Topic 1B: Defensive Technologies
  • Topic 1C: Objectives of Access Control
  • Topic 1D: The Impact of Defense
  • Topic 1E: Network Auditing Concepts
Lesson 2: Designing Firewall Systems
  • Topic 2A: Firewall Components
  • Topic 2B: Creating a Firewall Policy
  • Topic 2C: Rule Sets and Packet Filters
  • Topic 2D: Proxy Servers
  • Topic 2E: The Bastion Host
  • Topic 2F: The Honeypot
Lesson 3: Configuring Firewalls
  • Topic 3A: Firewall Implementation Practices
  • Topic 3B: Installing and Configuring Check Point FireWall-1 NG
  • Topic 3C: Configuring Microsoft ISA Server
  • Topic 3D: IPTables Concepts
  • Topic 3E: Implementing Firewall Technologies
Lesson 4: Configuring VPNs
  • Topic 4A: VPN Fundamentals
  • Topic 4B: Tunneling Protocols
  • Topic 4C: VPN Design and Architecture
  • Topic 4D: VPN Security
  • Topic 4E: Configuring a VPN
  • Topic 4F: VPN Implementation
Lesson 5: Designing an IDS
  • Topic 5A: The Goals of an Intrusion Detection System
  • Topic 5B: Technologies and Techniques of Intrusion Detection
  • Topic 5C: Host-based Intrusion Detection
  • Topic 5D: Network-based Intrusion Detection
  • Topic 5E: The Analysis
  • Topic 5F: How to Use an IDS
  • Topic 5G: What an IDS Cannot Do
Lesson 6: Configuring an IDS
  • Topic 6A: Snort Foundations
  • Topic 6B: Snort Installation
  • Topic 6C: Snort as an IDS
  • Topic 6D: Configuring ISS Scanners
Lesson 7: Analyzing Intrusion Signatures
  • Topic 7A: Signature Analysis
  • Topic 7B: Common Vulnerabilities and Exposures (CVE)
  • Topic 7C: Signatures
  • Topic 7D: Normal Traffic Signatures
  • Topic 7E: Abnormal Traffic Signatures
Lesson 8: Performing a Risk Analysis
  • Topic 8A: Concepts of Risk Analysis
  • Topic 8B: Methods of Risk Analysis
  • Topic 8C: The Process of Risk Analysis
  • Topic 8D: Techniques to Minimize Risk
  • Topic 8E: Continuous Risk Assessment
Lesson 9: Creating a Security Policy
  • Topic 9A: Concepts of Security Policies
  • Topic 9B: Policy Design
  • Topic 9C: Policy Contents
  • Topic 9D: An Example Policy
  • Topic 9E: Incident Handling and Escalation Procedures
  • Topic 9F: Partner Policies
Appendix A: Trojan Port Numbers
  • Trojan Port Numbers
Appendix B: Security-related RFCs
  • Security-related Request for Comments
Appendix C: A Case Study
  • Understanding Denial of Service
Appendix D: Network Defense and Countermeasures Exam Objectives
  • Exam Objectives
Hardware/Software Requirements

  • For class preparation and use, the following software:
    • A bootable DOS floppy disk with common utilities such as FDISK, FORMAT, MSCDEX, DELPART, and so forth, is sufficient for class purposes.
    • The Windows 2000 Server operating system. The cost of an evaluation copy is $7.95, and you can obtain the software from the Microsoft Training Kits, TechNet, or http://microsoft.order-2.com/win2kast.
    • The Red Hat 8.0 Linux operating system. It does not matter if you use the Personal or Professional Edition. The cost of this software is free, if you download it from www.redhat.com (or any of the various mirror sites listed there). It is recommended that you also download the installation guide. If you decide to download the OS from the Internet, download the ISO files and create CD-ROMs from the images. Choosing the Burn As Image option ensures that the CD-ROMs will be bootable.
    • Hardware drivers for each OS and peripheral, especially NIC and video drivers. You should always keep these handy. In addition to having them on a CD-ROM, it is generally advisable to have a set of properly labeled floppy disks.
    • Service Pack 2 for Windows 2000 Server. This Service Pack is free, and can be downloaded from http://download.microsoft.com/download/win2000platform/SP/SP2/NT5/EN-US/W2KSP2.exe (save the file to disk).
    • The Internet Explorer 6 upgrade. This upgrade is free, and can be downloaded from www.microsoft.com/windows/ie/default.asp (you might need to be connected to the Internet to do the actual upgrade).
    • The sysprep utility, from the Windows 2000 Resource Kit.
    • Disk-cloning tools. Norton Ghost is recommended.
    • SID-changing utilities. Norton Ghostwalk is recommended.
    • For use in class, you will also need to acquire the tools and utilities described in the following tables. Tables are arranged by function, such as network scanning, firewalls, and so forth. Links are provided to enable you to download files from the Web, via an HTML version of these setup instructions on the course CD-ROM. Create a Tools share (or a CD-ROM) for use in class. Download and organize the tools in an appropriate folder structure, such as in folders named Linux Tools, Windows Tools, and Miscellaneous. The Miscellaneous folder can include utilities like MS Office file viewers, file unzippers, Adobe Acrobat Reader, and so forth. The capture and signature files required for some of the tasks in the course, as well as all the RFCs, are included with each course manual.
Please contact your training representative for more details on having this course delivered onsite or online

Training Outlines - the one stop shopping center for IT training.
© Training Outlines All rights reserved