Difference between revisions of "GainCloud Advanced Security Training"
From Business Apps Cloud
| Line 3: | Line 3: | ||
<div style="width: 160px; padding-left: 20px; text-align: center;"><a style="text-decoration: none;" href="https://www.gaincloud.com/share/viewshare.do?mainsharecode=MS6021021"> <img src="https://www.gaincloud.com/my/htdocs/images/folder_blue_stuffed.png" alt="Cloud based Secure Online Private Share Folder For Software" /> <br /><strong>Training Material eShare</strong></a></div> | <div style="width: 160px; padding-left: 20px; text-align: center;"><a style="text-decoration: none;" href="https://www.gaincloud.com/share/viewshare.do?mainsharecode=MS6021021"> <img src="https://www.gaincloud.com/my/htdocs/images/folder_blue_stuffed.png" alt="Cloud based Secure Online Private Share Folder For Software" /> <br /><strong>Training Material eShare</strong></a></div> | ||
<!--End Of Button Code--> | <!--End Of Button Code--> | ||
| − | <p><span style="font-size: small;"><br /><span style="text-decoration: underline;"><strong>Total Instruction Hours:</strong></span><br />21 hours of Classroom Instructions<br />30 hours of Hands-on Lab<br />9 hours of Testing (in 9 separate Tests)<br /> | + | <p><span style="font-size: small;"><br /><span style="text-decoration: underline;"><strong>Total Instruction Hours:</strong></span><br />21 hours of Classroom Instructions<br />30 hours of Hands-on Lab<br />9 hours of Testing (in 9 separate Tests)<br /><br /><strong>Net total is 60 hours of curriculum</strong></span></p> |
| − | <p> | + | <p><span style="font-size: small;"><br /></span></p> |
<p><span style="text-decoration: underline;"><strong><span style="font-size: small;">The Course Curriculum for this Advanced Security Training:</span></strong></span></p> | <p><span style="text-decoration: underline;"><strong><span style="font-size: small;">The Course Curriculum for this Advanced Security Training:</span></strong></span></p> | ||
<p> </p> | <p> </p> | ||
<p><span style="font-size: small;">== [CLASS] Introduction to networks security ==<br /></span></p> | <p><span style="font-size: small;">== [CLASS] Introduction to networks security ==<br /></span></p> | ||
| − | <p><span style="font-size: small;">(3 Hour) <br /> - Network Concepts <br /> >> IPV4, Device ID, Network cards - hard/soft<br /> >> Authentication Factors <br /> >> Authentication & Authorization<br /> >> New Authentication Systems <br /></span></p> | + | <p><span style="font-size: small;">(3 Hour) <br /> - Network Concepts <br /> >> IPV4, Device ID, Network cards - hard/soft<br /> >> Authentication Factors <br /> >> Authentication & Authorization<br /> >> New Authentication Systems</span></p> |
| − | <p> | + | <p><span style="font-size: small;"><span style="font-size: small;"> >> </span>LDAP and Directory Management<br /> >> Traditional data storage Vs. Tree structure<br /> >> Caching Vs Searching<br /> >> Profiling Vs Tabulation<br /> >> Active Directory and other common LDAP vendors<br /> >> Virtual and Meta</span></p> |
| + | <p><span style="font-size: small;"><br /></span></p> | ||
<p><span style="font-size: small;"><span style="font-size: small;">== [CLASS] Infrastructure Security ==</span><br />(3 Hour) <br /> >> Context Aware Firewalls (ASA)<br /> >> Policy Management <br /> >> Object Definition and ACL Management (ASA)<br /> >> Infrastructure & Security Protocols<br /> >> Enterprise Security Products (PDF and Notes)<br /> >> Perimeter Security<br /> >> In-Network Security<br /> >> DNS Security is Corporate #1 Priority<br /> >> Identity Management <br /></span></p> | <p><span style="font-size: small;"><span style="font-size: small;">== [CLASS] Infrastructure Security ==</span><br />(3 Hour) <br /> >> Context Aware Firewalls (ASA)<br /> >> Policy Management <br /> >> Object Definition and ACL Management (ASA)<br /> >> Infrastructure & Security Protocols<br /> >> Enterprise Security Products (PDF and Notes)<br /> >> Perimeter Security<br /> >> In-Network Security<br /> >> DNS Security is Corporate #1 Priority<br /> >> Identity Management <br /></span></p> | ||
<blockquote> | <blockquote> | ||
| Line 21: | Line 22: | ||
</ul> | </ul> | ||
</blockquote> | </blockquote> | ||
| − | <p><span style="font-size: small;" | + | <p><span style="font-size: small;"> <br />== <span style="font-size: small;">[CLASS] Security Management ==</span><br /><span style="font-size: small;">(3 Hour) </span><br /></span></p> |
<p><span style="font-size: small;"><span style="font-size: small;"> - Intrusion Prevention<br /> - All are based on behaviour analysis<br /> - Detection<br /> <br /> - VPN - <br /> >> IPSec Vs SSL<br /> >> RADIUS<br /> >> Site-to-Site VPNs<br /> <br /> - Wireless Security <br /> >> WEP Vs WPA Vs WPA2<br /></span> <span style="font-size: small;"> <br /> - Vulnerability Analysis<br /> >> Using existing tools<br /> >> Without using any software tools</span></span></p> | <p><span style="font-size: small;"><span style="font-size: small;"> - Intrusion Prevention<br /> - All are based on behaviour analysis<br /> - Detection<br /> <br /> - VPN - <br /> >> IPSec Vs SSL<br /> >> RADIUS<br /> >> Site-to-Site VPNs<br /> <br /> - Wireless Security <br /> >> WEP Vs WPA Vs WPA2<br /></span> <span style="font-size: small;"> <br /> - Vulnerability Analysis<br /> >> Using existing tools<br /> >> Without using any software tools</span></span></p> | ||
| − | <p><span style="font-size: small;"><span style="font-size: small;"> </span><br /> - Security Policies<br /> >> Corporate Security Policies<br /> >> Hackers Hat - breaking corporate security code<br /> >> Endpoint Assessments<br /> >> Enabling Intrusion Prevention System (IPS)<br /> <br /> - Best Practices - Cyber-Security<br /> >> Traditional Hacking Techniques<br /> >> Monitor telemetry data<br /> >> Event Coorelation for alarms<br /> >> Risk Analysis and Mitigation<br /> <br /> - Review malware signatures<br /> >> Viruses & Worms<br /> >> Network Trace gathering and analysis<br /> <br /> - Review common hacking techniques and kits<br /> >> Backdoor<br /> >> Botnets<br /> >> DoS and DDoS<br /> >> Tunnel Attacks<br /> < | + | <p><span style="font-size: small;"><span style="font-size: small;"> </span><br /> - Security Policies<br /> >> Corporate Security Policies<br /> >> Hackers Hat - breaking corporate security code<br /> >> Endpoint Assessments<br /> >> Enabling Intrusion Prevention System (IPS)<br /> <br /> - Best Practices - Cyber-Security<br /> >> Traditional Hacking Techniques<br /> >> Monitor telemetry data<br /> >> Event Coorelation for alarms<br /> >> Risk Analysis and Mitigation<br /> <br /> - Review malware signatures<br /> >> Viruses & Worms<br /> >> Network Trace gathering and analysis<br /> <br /> - Review common hacking techniques and kits<br /> >> Backdoor<br /> >> Botnets<br /> >> DoS and DDoS<br /> >> Tunnel Attacks<br /> </span></p> |
| + | <p><span style="font-size: small;">== <span style="font-size: small;"><span style="font-size: small;"> </span>[CLASS] Leading Companies and Leading Products ==</span><br /><span style="font-size: small;">(3 Hour)</span> - How-to-use, why-to-use, where-to-apply<br /> - Top 3 Products - in-depth<br /> <br /> 1: - QQ</span></p> | ||
| + | <p><span style="font-size: small;"><br /></span></p> | ||
| + | <p>== <span style="font-size: small;">[CLASS] Network analysis and deep-dives ==<br /></span></p> | ||
| + | <p><span style="font-size: small;"><span style="font-size: small;">(3 Hour) </span>Identification:<br /> - Identify Compromised System<br /> - Isolate Zombie<br /> - Stopping malware<br /> </span></p> | ||
| + | <p><span style="font-size: small;"><span style="font-size: small;">== [CLASS] Intrusion signatures & footprints ==</span><br /><span style="font-size: small;">(3 Hour) </span>-<br /> - Signature Analysis<br /> - P32/PDOM screenshots<br /> - RootKits<br /> <br /> 1: - QQ</span></p> | ||
| + | <p><span style="font-size: small;"><br /></span></p> | ||
| + | <p><span style="font-size: small;">== <span style="font-size: small;">[LAB] Prevention - Perimeter Security ==<br /></span></span></p> | ||
| + | <p><span style="font-size: small;"><span style="font-size: small;">(3 Hour) </span><br /> - Introduction<br /> - PKI - Create cert, sign them, install them, trust them and external providers</span></p> | ||
| + | <p><span style="font-size: small;"><br /> <br />== <span style="font-size: small;">[CLASS] Firewalls & Rulesets ==</span><br /><span style="font-size: small;">(3 Hour) </span><br /> - ACE, ACL, ACI<br /> - LDAP and Directory Infrastructure<br /> <br /> 1: - QQ</span></p> | ||
| + | <p><span style="font-size: small;"><br /></span></p> | ||
| + | <p><span style="font-size: small;">== <span style="font-size: small;">[LAB] Adaptive Security ==</span> <br /><span style="font-size: small;"> </span></span></p> | ||
| + | <p><span style="font-size: small;"><span style="font-size: small;">(3 Hour) </span><br /> >> Introduction to Software based security:<br /> > Clamscan, Bayes Algo, Other softwares<br /> > IPtables<br /> > Software firewal of Linux<br /> > Hardening Kernel and Linux services<br /> 1: - QQ<br /> <br /><span style="font-size: small;">(3 Hour) </span>Hardware based security<br /> > IPS<br /> > Firewall<br /> > Shun Hosts<br /> 1: - QQ<br /> <br /><span style="font-size: small;">== [CLASS] <span style="font-size: small;">Offensive Network Design</span></span> ==<br /><span style="font-size: small;">(3 Hour) </span><br /> - Review existing network<br /> >> Interview Customer - questions to ask - checklist<br /> >> Checklist for Table Of Obervation - recording<br /> >> Security checklist for implementation<br /> >> Master Checklist for design analysis<br /> - Review current architecture<br /> >> First create your proposed topology and artifacts<br /> >> Peer review of topo<br /> >> Oversight review & Risk Assessment<br /> >> DR and BCP requirements<br /> >> Customer Approval & Signoff<br /> 1: - QQ</span></p> | ||
| + | <p><span style="font-size: small;"><br /></span></p> | ||
| + | <p><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"> </span>== [LAB] Appliance Setup ==</span> <br /><span style="font-size: small;"><span style="font-size: small;"> </span></span></span></p> | ||
| + | <p><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;">(9 Hour) </span></span><br /> 1: - Prereq's - Before you begin<br /> 2: - Juniper entry point appliance - SS5<br /> 2: - Cisco entry point appliance - ASA 5505<br /> 2: - Netgear entry point appliance - FVS 318<br /> 2: - IPSec VPN end-to-end setup and configuration<br /> 1: - QQ<br /> <br /><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"> </span></span>== [LAB] Active Monitoing Setup == </span></span></span></span></span></p> | ||
| + | <p><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"> </span>(3 Hour) </span></span></span><br /> - Introduction to Netflow Vs. SNMP<br /> - Monitoring Web Servers<br /> - Monitoring DNS Servers<br /> - Monitoring IMAP Servers (Dovecot)<br /> - Monitoring Email Gateway (Postfix)<br /> - Monitoring from external service providers - pingdom<br /> 1: - QQ<br /><br /><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;">== <span style="font-size: small;">[LAB] Active Response Management ==</span></span></span></span></span></span></p> | ||
| + | <p><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"><span style="font-size: small;"> </span>(4 Hour) </span></span></span></span><br /> - Firewall based Block Rules<br /> > Single IP<br /> > Entire Subnet<br /> - Reporting Abusive Originating IPs<br /> - Blacklist and Backscatterers<br /> - Load Balancing Services<br /> - Failover Services<br /> 1: - QQ<br /><br /><br /><br /><br /></span></p> | ||
Revision as of 16:58, 5 April 2015
Classroom Training Document and Materials eShare:
Total Instruction Hours:
21 hours of Classroom Instructions
30 hours of Hands-on Lab
9 hours of Testing (in 9 separate Tests)
Net total is 60 hours of curriculum
The Course Curriculum for this Advanced Security Training:
[CLASS] Introduction to networks security
(3 Hour)
- Network Concepts
>> IPV4, Device ID, Network cards - hard/soft
>> Authentication Factors
>> Authentication & Authorization
>> New Authentication Systems
>> LDAP and Directory Management
>> Traditional data storage Vs. Tree structure
>> Caching Vs Searching
>> Profiling Vs Tabulation
>> Active Directory and other common LDAP vendors
>> Virtual and Meta
[CLASS] Infrastructure Security
(3 Hour)
>> Context Aware Firewalls (ASA)
>> Policy Management
>> Object Definition and ACL Management (ASA)
>> Infrastructure & Security Protocols
>> Enterprise Security Products (PDF and Notes)
>> Perimeter Security
>> In-Network Security
>> DNS Security is Corporate #1 Priority
>> Identity Management
- IAM - Unified identity management - self reg, identity lifecycle, provisioning, sync
- OAM - centralized access management - Authn and Authz - for Web, service-based, mobile,..
- OID - Centralized data storage & encryption - encrypt data-in-storage & data-in-transit - DLP
- Admin - Delegated admin, admin-overview, Rule based admin oversight, Re-Certification
- Audit - Yearly, Quaterly and monthly compliance checks, internal audit and external audits
- Compliance - Support for SSAE16, SOC1, SOC2, PCI and SOX
[CLASS] Security Management </h2>
(3 Hour)
</span></p>
<p> - Intrusion Prevention
- All are based on behaviour analysis
- Detection
- VPN -
>> IPSec Vs SSL
>> RADIUS
>> Site-to-Site VPNs
- Wireless Security
>> WEP Vs WPA Vs WPA2
- Vulnerability Analysis
>> Using existing tools
>> Without using any software tools</p>
<p>
- Security Policies
>> Corporate Security Policies
>> Hackers Hat - breaking corporate security code
>> Endpoint Assessments
>> Enabling Intrusion Prevention System (IPS)
- Best Practices - Cyber-Security
>> Traditional Hacking Techniques
>> Monitor telemetry data
>> Event Coorelation for alarms
>> Risk Analysis and Mitigation
- Review malware signatures
>> Viruses & Worms
>> Network Trace gathering and analysis
- Review common hacking techniques and kits
>> Backdoor
>> Botnets
>> DoS and DDoS
>> Tunnel Attacks
</p>
<p><h2> [CLASS] Leading Companies and Leading Products </h2>
(3 Hour) - How-to-use, why-to-use, where-to-apply
- Top 3 Products - in-depth
1: - QQ</p>
<p>
</p>
<p><h2> [CLASS] Network analysis and deep-dives </h2>
</p>
<p>(3 Hour) Identification:
- Identify Compromised System
- Isolate Zombie
- Stopping malware
</p>
<p><h2> [CLASS] Intrusion signatures & footprints </h2>
(3 Hour) -
- Signature Analysis
- P32/PDOM screenshots
- RootKits
1: - QQ</p>
<p>
</p>
<p><h2> [LAB] Prevention - Perimeter Security </h2>
</p>
<p>(3 Hour)
- Introduction
- PKI - Create cert, sign them, install them, trust them and external providers</p>
<p>
<h2> [CLASS] Firewalls & Rulesets </h2>
(3 Hour)
- ACE, ACL, ACI
- LDAP and Directory Infrastructure
1: - QQ</p>
<p>
</p>
<p><h2> [LAB] Adaptive Security </h2>
</p>
<p>(3 Hour)
>> Introduction to Software based security:
> Clamscan, Bayes Algo, Other softwares
> IPtables
> Software firewal of Linux
> Hardening Kernel and Linux services
1: - QQ
(3 Hour) Hardware based security
> IPS
> Firewall
> Shun Hosts
1: - QQ
<h2> [CLASS] Offensive Network Design </h2>
(3 Hour)
- Review existing network
>> Interview Customer - questions to ask - checklist
>> Checklist for Table Of Obervation - recording
>> Security checklist for implementation
>> Master Checklist for design analysis
- Review current architecture
>> First create your proposed topology and artifacts
>> Peer review of topo
>> Oversight review & Risk Assessment
>> DR and BCP requirements
>> Customer Approval & Signoff
1: - QQ</p>
<p>
</p>
<p> <h2> [LAB] Appliance Setup </h2>
</p>
<p>(9 Hour)
1: - Prereq's - Before you begin
2: - Juniper entry point appliance - SS5
2: - Cisco entry point appliance - ASA 5505
2: - Netgear entry point appliance - FVS 318
2: - IPSec VPN end-to-end setup and configuration
1: - QQ
<h2> [LAB] Active Monitoing Setup </h2> </p>
<p> (3 Hour)
- Introduction to Netflow Vs. SNMP
- Monitoring Web Servers
- Monitoring DNS Servers
- Monitoring IMAP Servers (Dovecot)
- Monitoring Email Gateway (Postfix)
- Monitoring from external service providers - pingdom
1: - QQ
<h2> [LAB] Active Response Management </h2></p>
<p> (4 Hour)
- Firewall based Block Rules
> Single IP
> Entire Subnet
- Reporting Abusive Originating IPs
- Blacklist and Backscatterers
- Load Balancing Services
- Failover Services
1: - QQ
</p>
