Difference between revisions of "GainCloud Advanced Security Training"

Latest revision as of 17:52, 18 October 2016

Classroom Training Document and Materials eShare:

Training Material eShare

Total Instruction Hours:
21 hours of Classroom Instructions
30 hours of Hands-on Lab
9 hours of Testing (in 9 separate Tests)

Net total is 60 hours of curriculum

The Course Curriculum for this Advanced Security Training:

[CLASS] Introduction to networks security

(3 Hour)
     - Network Concepts
        >> IPV4, Device ID, Network cards - hard/soft
        >> Authentication Factors
        >> Authentication & Authorization
        >> New Authentication Systems

        >> LDAP and Directory Management
            >> Traditional data storage Vs. Tree structure
            >> Caching Vs Searching
            >> Profiling Vs Tabulation
            >> Active Directory and other common LDAP vendors
            >> Virtual and Meta

[CLASS] Infrastructure Security

• IAM - Unified identity management - self reg, identity lifecycle, provisioning, sync
• OAM - centralized access management - Authn and Authz - for Web, service-based, mobile,..
• OID - Centralized data storage & encryption - encrypt data-in-storage & data-in-transit - DLP
• Admin - Delegated admin, admin-overview, Rule based admin oversight, Re-Certification
• Audit - Yearly, Quaterly and monthly compliance checks, internal audit and external audits
• Compliance - Support for SSAE16, SOC1, SOC2, PCI and SOX

[CLASS] Security Management </h2>
(3 Hour)
</span></p> <p>        >> Intrusion Prevention
        >>  VPN
        >> Wireless Security                
        >> Vulnerability Analysis
        >> Security Policies
            >> Corporate Security Policies
            >> Hackers Hat - breaking corporate security code
            >> Endpoint Assessments
            >> Enabling Intrusion Prevention System (IPS)
           
        >> Best Practices - Cyber-Security
            >> Traditional Hacking Techniques
            >> Monitor telemetry data
            >> Event Coorelation for alarms
            >> Risk Analysis and Mitigation
           
        >> Review malware signatures
            >> Viruses & Worms
            >> Network Trace gathering and analysis
           
        >> Review common hacking techniques and kits
            >> Backdoor
            >> Botnets
            >> DoS and DDoS
            >> Tunnel Attacks
            </p> <p><h2> [CLASS] Leading Companies and Leading Products </h2>
(3 Hour) </p> <p>        >> How-to-use, why-to-use, where-to-apply
        >> Top 3 Products - in-depth</p> <p>
</p> <p><h2> [CLASS] Network analysis and deep-dives </h2>
</p> <p>(3 Hour) Identification:
        >> Identify Compromised System
        >> Isolate Zombie
        >> Stopping malware
        </p> <p><h2> [CLASS] Intrusion signatures & footprints </h2>
(3 Hour) -
        >> Signature Analysis
        >> P32/PDOM screenshots
        >> RootKits
</p> <p> </p> <p><h2> [LAB] Prevention - Perimeter Security </h2>
</p> <p>(3 Hour)
        >> Introduction
        >> PKI - Create cert, sign them, install them, trust them and external providers</p> <p>
       
<h2> [CLASS] Firewalls & Rulesets </h2>
(3 Hour)
        - ACE, ACL, ACI
        - LDAP and Directory Infrastructure
</p> <p>
</p> <p><h2> [LAB] Adaptive Security </h2>       
 </p> <p>(3 Hour)
     >> Introduction to Software based security:
        > Clamscan, Bayes Algo, Other softwares
        > IPtables
        > Software firewal of Linux
        > Hardening Kernel and Linux services
        1: - QQ
       
(3 Hour)  Hardware based security
        > IPS
        > Firewall
        > Shun Hosts
        1: - QQ
         
<h2> [CLASS] Offensive Network Design </h2>
(3 Hour)
    - Review existing network
        >> Interview Customer - questions to ask - checklist
        >> Checklist for Table Of Obervation - recording
        >> Security checklist for implementation
        >> Master Checklist for design analysis
    - Review current architecture
        >> First create your proposed topology and artifacts
        >> Peer review of topo
        >> Oversight review & Risk Assessment
        >> DR and BCP requirements
        >> Customer Approval & Signoff
    1: - QQ</p> <p>
</p> <p> <h2> [LAB] Appliance Setup </h2>               
 </p> <p>(9 Hour) 
      1: - Prereq's - Before you begin
      2: - Juniper entry point appliance - SS5
      2: - Cisco entry point appliance - ASA 5505
      2: - Netgear entry point appliance - FVS 318
      2: - IPSec VPN end-to-end setup and configuration
      1: - QQ
     
 <h2> [LAB] Active Monitoing Setup </h2> </p> <p> (3 Hour)
        - Introduction to Netflow Vs. SNMP
    - Monitoring Web Servers
    - Monitoring DNS Servers
    - Monitoring IMAP Servers (Dovecot)
    - Monitoring Email Gateway (Postfix)
    - Monitoring from external service providers - pingdom
    1: - QQ

<h2> [LAB] Active Response Management </h2></p> <p> (4 Hour)
    - Firewall based Block Rules
        > Single IP
        > Entire Subnet
    - Reporting Abusive Originating IPs
    - Blacklist and Backscatterers
    - Load Balancing Services
    - Failover Services
    1: - QQ




</p>