Security Essentials Training

Print Friendly, PDF & Email
Introduction

"Prevention is Ideal but Detection is a Must". Security Essentials Training Course Hands-on

Security Essentials Training is focused on teaching you the essential information security skills and techniques you need to protect and secure your organization's critical information assets and business systems. Our Security Essentials Training course will show you how to prevent your organization's security problems from being headline news in the Wall Street Journal!

With the rise in advanced persistent threats, it is almost inevitable that organizations will be targeted. Whether the attacker is successful in penetrating an organization's network depends on the effectiveness of the organization's defense. Defending against attacks is an ongoing challenge, with new threats emerging all of the time, including the next generation of threats.

Organizations need to understand what really works in cybersecurity. What has worked, and will always work, is taking a risk-based approach to cyber defense. Before your organization spends a dollar of its IT budget or allocates any resources or time to anything in the name of cybersecurity, three questions must be answered:

• What is the risk?
• Is it the highest priority risk?
• What is the most cost-effective way to reduce the risk?

Security is all about making sure you focus on the right areas of defense. In Security Essentials Training you will learn the language and underlying theory of computer and information security. You will gain the essential and effective security knowledge you will need if you are given the responsibility for securing systems and/or organizations. This Security Essentials Training course meets both of the key promises ENO makes to our students: (1) You will learn up-to-the-minute skills you can put into practice immediately upon returning to work; and (2) You will be taught by the best security instructors in the industry.

Duration: 5 days

Security Essentials Training Related Courses

Customize It

• We can adapt this Security Essentials Training course to your group’s background and work requirements at little to no added cost.
• If you are familiar with some aspects of this Security Essentials Training course, we can omit or shorten their discussion.
• We can adjust the emphasis placed on the various topics or build the Security Essentials Training course around the mix of technologies of interest to you (including technologies other than those included in this outline).
• If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the Security Essentials Training course in manner understandable to lay audiences.

Audience / Target Group

Anyone who works in security, is interested in security, or has to understand security should take this Security Essentials Training course, including:

• Security professionals who want to fill the gaps in their understanding of technical information security
• Managers who want to understand information security beyond simple terminology and concepts
• Operations personnel who do not have security as their primary job function but need an understanding of security to be effective
• IT engineers and supervisors who need to know how to build a defensible network against attacks
• Administrators responsible for building and maintaining systems that are being targeted by attackers
• Forensic analysts, penetration testers, and auditors who need a solid foundation of security principles so they can be as effective as possible at their jobs
• Anyone new to information security with some background in information systems and networking.

Prerequisites

The knowledge and skills that a learner must have before attending this Security Essentials Training course are:

• Common Security and Network terminology
• TCP/IP addressing, routing, and internetworking concepts
• Security Essentials Training covers all of the core areas of security and assumes a basic understanding of technology, networks, and security. For those who are brand new to the field with no background knowledge, Intro to Information Security would be the recommended starting point. While Intro to Information Security is not a prerequisite, it will provide the introductory knowledge that will help maximize the experience with Security Essentials Training Course.

Security Essentials Training - Objectives:

After completing this Security Essentials Training course, attendees will be able to:

• Apply what you learned directly to your job when you go back to work
• Design and build a network architecture using VLANs, NAC, and 802.1x based on advanced persistent threat indicators of compromise
• Run Windows command line tools to analyze the system looking for high-risk items
• Run Linux command line tools (ps, ls, netstat, etc.) and basic scripting to automate the running of programs to perform continuous monitoring of various tools
• Install VMWare and create virtual machines to create a virtual lab to test and evaluate tools/security of systems
• Create an effective policy that can be enforced within an organization and design a checklist to validate security and create metrics to tie into training and awareness
• Identify visible weaknesses of a system using various tools and, once vulnerabilities are discovered, cover ways to configure the system to be more secure
• Build a network visibility map that can be used for hardening of a network - validating the attack surface and covering ways to reduce that surface by hardening and patching
• Sniff open protocols like telnet and ftp and determine the content, passwords, and vulnerabilities using WireShark.

Security Essentials Training - Course Syllabus:

1. Networking Concepts

Setting Up a Lab with Virtual Machines
Use
Implementation
Security
Network Fundamentals
Network types (LANs, WANs)
Network topologies
LAN protocols
WAN protocols
Network devices
IP Concepts
Packets and addresses
IP service ports
IP protocols
TCP
UDP
ICMP
DNS
IP Behavior
TCP dump
Recognizing and understanding
UDP
ICMP
UDP behavior
Virtual Machines
Use
Implementation
Security

2. Defense In-Depth

Information Assurance Foundations
Defense in-depth
Confidentiality, integrity, and availability
Risk model
Authentication vs. authorization
Vulnerabilities
Defense in-depth
Computer Security Policies
Elements when well written
How policies serve as insurance
Roles and responsibilities
Contingency and Continuity Planning
Business continuity planning (BCP)
Disaster recovery planning (DRP)
Business impact analysis
Access Control
Data classification
Authentication, authorization, accountability (AAA)
MAC and DAC
Password Management
Password cracking for Windows and Unix
Alternate forms of authentication (tokens, biometrics)
Single sign-on and RADIUS
Incident Response (IR)
Preparation, identification, and containment
Eradication, recovery, and lessons learned
Investigation techniques and computer crime
Legal issues associated with IR
Offensive and Defensive Information Warfare (IW)
Types of IW
APT
Asymmetric warfare
Offensive goals
Attack Strategies and Methods
How the adversary breaks into systems
Mitnick attack
Attack methods

3. Internet Security Technologies

Vulnerability Scanning and Remediation
Approaches and methods of remediation
Building a network visibility map
Host identification
Port scanning
Vulnerability scanning
Penetration testing
Web Security
Web communication
Web security protocols
Active content
Cracking web applications
Web application defenses
Firewalls and Perimeters
Types of firewalls
Pros and cons of firewalls
Firewall placement
Packet filtering, stateful, and proxies
Honeypots
Forensics
Honeypots
Honeynets
Honey tokens
Host-based Protection
Intrusion detection
Intrusion prevention
Tripwire
Pros and cons
Network-based Intrusion Detection and Prevention
Pros and cons
Deployment strategies
Snort
Development and advances

4. Secure Communications

Cryptography
Need for cryptography
Types of encryption
Symmetric
Asymmetric
Hash
Ciphers
Digital substitution
Algorithms
Real-world cryptosystems
Crypto attacks
VPNs
Types of remote access
PKI
Digital certificates
Key escrow
Steganography
Types
Applications
Detection
Critical Security Controls
Overview of the controls
Implementing the controls
Auditing the Controls
Specific controls and metrics
Risk Assessment and Auditing
Risk assessment methodology
Risk approaches
Calculating risk
SLE
ALE

5. Windows Security

Security Infrastructure
Windows family of operating systems
Workgroups and local accounts
What is Active Directory?
Domain users and groups
Kerberos, NTLMv2, smart cards
Forests and trusts
What is group policy?
Service Packs, Patches, and Backups
Service packs
E-mail security bulletins
Patch installation
Automatic updates
Windows server update services
Windows backup
System restore
Device driver rollback
Permissions and User Rights
NTFS permissions
File and print sharing service
Shared folders
BitLocker drive encryption
Security Policies and Templates
Group policy objects
Password policy
Lockout policy
Anonymous access
Software restriction policies
Securing Network Services
Firewalls and packet filtering
IPSec and VPNs
Wireless networking
Security configuration wizard
Remote desktop protocol (RDP)
Auditing and Automation
Microsoft baseline security analyzer
SECEDIT.EXE
Windows event logs
NTFS and registry auditing
IIS logging
Creating system baselines
Scripting tools
Scheduling jobs

6. Unix/Linux Security

Linux Landscape
Different variants of and uses for Linux
Ways processes are started
Network interface information
Process information
Directory hierarchy
Partitions and OS installation
Permissions and User Accounts
Setting permissions
SUID and SGID
Controlling access
Root vs. user accounts
Setting password controls
Pluggable authentication module (PAM)
Linux OS Security
Dangerous services
Helpful services
Running and stopping programs
Configuration changes and restarting services
File system permissions, ownership, and systems
Mounting drives
Maintenance, Monitoring, and Auditing Linux
Common causes of compromise
Patching
Backing up data
Syslog
Analyzing log files
Other logging
Linux Security Tools
File integrity verifications
Chkrootkit
CIS hardening guides
Bastille linux
Sniffers
Snort

Request More Information

Time Frame: 0-3 Months4-12 Months

No Comments Yet.

Leave a comment

0