Course Outline

Section 1: Threats, Risks, and Vulnerabilities

Learn what you should be concerned about and what should be highest priority. In security, it’s a balance between the value of what you’re trying to protect and the cost of protecting it. You’ll learn how security is as much risk mitigation and strategic planning as it is the deployment of security technology.

1. Organizational threats
   1. Natural (ie flood, fire, and storms)
2. Man-made
   1. Hackers, crackers, and malicious users
3. What's at risk?
   1. Confidentiality
   2. Integrity
   3. Availability
4. Network and system vulnerabilities
   1. Insecure applications
   2. Down-level software
   3. Buffer overflows
   4. DoS
   5. Poorly protected systems
      

Section 2: Authentication, Authorization, and Accountability

Administering a Triple A solution is a critical part of your security plan. You must understand why authentication, authorization and accountability are vital.

1. Building Strong Authentication
   1. Something you know
   2. Something you have
   3. Something you are
2. Authorization and its Failures
   1. Default settings
   2. Weak passwords
   3. Hijacking
   4. ARP and DNS poisoning
3. Authorization and Authentication Systems
   1. Kerberos
   2. TACACS
   3. RADIUS
4. Accountability
   1. What to log
   2. Where to log
   3. How long to keep logs
   4. Importance of log review
      

Section 3: Security Assessments

Assessments can be a paper-based analysis of your systems and the cost/benefit of protecting those systems or they can be penetration tests utilizing ethical hacking tools and techniques. There is a time and a place for both types. Learn how to properly plan, execute and report on Security Assessments.

1. Who Poses the Largest Threat?
   1. Insiders
   2. Outsiders
2. What to Protect
   1. High Value Data (HVD)
3. Assessment Types
   1. Policy review
   2. Vulnerability scans
   3. Ethical hacking
4. Legal issues
   1. Who should approve the assessment?
   2. Due diligence
   3. Federal law
   4. Who to contact in case of attack
5. Other issues
   1. Timing
   2. Network impact
   3. Frequency
      

Section 4: Security Policy

Your security policy is the foundation upon which all security solutions are built. Security policies have a tendency to focus on possibilities instead of the realities of an existing environment. Understand how to develop your policy, and how to make it work.

1. Policies, procedures, guidelines
2. Policy design
   1. Deny all/allow all
   2. Employee controls
   3. Separation of duties, dual controls, job rotation
3. Policy lifecycle
4. Common services to consider
5. Security controls
   1. Firewalls
   2. IDS systems
6. Incident response planning
   1. Procedures
   2. Process
   3. Response
      

Section 5: Firewalls

Firewall administration is a critical element of security. It’s currently the number one tool companies use to protect themselves from unauthorized access. There are many types of firewall applications and configurations, as well as multiple-solution strategies. Get real-world experience deploying and administering firewalls in different network topologies.

1. Description and types
   1. Packet filters
   2. Proxy servers
   3. Stateful inspection
2. Deployment strategies
   1. Bastion host
   2. DMZ
   3. Multilayer
   4. Content filtering
3. Firewall products
   1. Dragon, PIX, etc.
      

Section 6: Intrusion Detection

Did someone enter your network? Where did they come from? What did they get to? These are some of the questions an IDS capability answers. Get experience setting up, configuring and managing IDS systems.

1. Description and types
   1. Signature-based systems
   2. Anomaly-based systems
2. IDS deployment options
   1. Host-based IDS
   2. Network-based IDS
3. IDS operation
4. IDS rule sets
   

Section 7: Cryptography

Using any standard protocol analyzer, messages sent cleartext can easily be picked off and the entire contents viewed. Cryptography enables electronic messages to be encrypted in transport, making it impossible to view contents without breaking the encryption algorithm. 128Bit has become the standard. Get hands-on experience working with PGP, and learn how to deploy VPNs, SSL, and IPSec.

1. Why Cryptography
2. Symmetric Encryption
3. Asymmetric Encryption
4. Digital Signatures
5. Hashing
6. PKI
7. Cryptographic Solutions
   1. PGP
   2. SSL
   3. IPSec
   4. VPNs
      

Section 8: Current Concerns, Exploits, & Controls

With exploits increasing exponentially and new technologies such as VoIP and Wireless rolling out faster every year, it’s crucial to have the most current information available. That’s what this continually-updated final section is all about.

1. Current concerns and exploits
   1. Spyware
   2. Viruses
   3. Worms
2. Wireless hacks and attacks
   1. Assessing vulnerabilities
   2. Wireless network defense
      
3. Internet hacks
4. VoIP
   1. Controls
5. Patch management
   
   

HANDS-ON LABS

You must bring your laptop to participate in the labs.

Lab 1: Hacker tools and techniques - Students will practice hacker methodology to find and identify potential targets. Use scanning tools such as NMap & Superscan and identify vulnerable ports and protocols. Learn NetCat grab banners and enumerate hosts.

Lab 2: AAA - Students explore password cracking to learn how attackers easily exploit weak passwords. Instructor will demo advanced biometric authentication devices used for network security.

Lab 3: Security assessment - Students will use the latest vulnerability assessment tools to learn how to scan their networks and pinpoint potential weaknesses.

Lab 4: Security policy - This lab introduces design of security policy. Students will identify what services, protocols, and applications to use to build their policy.

Lab 5: Firewalls - Explore open-source firewalls and learn how you can successfully deploy a firewall to secure your network.

Lab 6: IDS - Students will identify the proper placement of IDS devices and install, configure, and test Snort IDS on Linux or Windows computers.

Lab 7: Cryptography - Students install PGP, learn to lock files, encrypt email, and digitally sign messages.