Difference between revisions of "GainCloud Advanced Security Training"
| Line 3: | Line 3: | ||
<div style="width: 160px; padding-left: 20px; text-align: center;"><a style="text-decoration: none;" href="https://www.gaincloud.com/share/viewshare.do?mainsharecode=MS6021021"> <img src="https://www.gaincloud.com/my/htdocs/images/folder_blue_stuffed.png" alt="Cloud based Secure Online Private Share Folder For Software" /> <br /><strong>Training Material eShare</strong></a></div> | <div style="width: 160px; padding-left: 20px; text-align: center;"><a style="text-decoration: none;" href="https://www.gaincloud.com/share/viewshare.do?mainsharecode=MS6021021"> <img src="https://www.gaincloud.com/my/htdocs/images/folder_blue_stuffed.png" alt="Cloud based Secure Online Private Share Folder For Software" /> <br /><strong>Training Material eShare</strong></a></div> | ||
<!--End Of Button Code--> | <!--End Of Button Code--> | ||
| − | <p><span style="font-size: small;"><br /><span style="text-decoration: underline;"><strong>Total Instruction Hours:</strong></span><br />21 hours of Classroom Instructions<br />30 hours of Hands-on Lab<br />9 hours of Testing (in 9 separate Tests)<br /> | + | <p><span style="font-size: small;"><br /><span style="text-decoration: underline;"><strong>Total Instruction Hours:</strong></span><br />21 hours of Classroom Instructions<br />30 hours of Hands-on Lab<br />9 hours of Testing (in 9 separate Tests)<br />------------------------------------------------------------<br />Net total is 60 hours of curriculum<br />-------------------------------------------------------------</span></p> |
<p> </p> | <p> </p> | ||
<p><span style="text-decoration: underline;"><strong><span style="font-size: small;">The Course Curriculum for this Advanced Security Training:</span></strong></span></p> | <p><span style="text-decoration: underline;"><strong><span style="font-size: small;">The Course Curriculum for this Advanced Security Training:</span></strong></span></p> | ||
<p> </p> | <p> </p> | ||
| − | <p><span style="font-size: small;"> | + | <p><span style="font-size: small;">== [CLASS] Introduction to networks security ==<br /></span></p> |
| + | <p><span style="font-size: small;">(3 Hour) <br /> - Network Concepts <br /> >> IPV4, Device ID, Network cards - hard/soft<br /> >> Authentication Factors <br /> >> Authentication & Authorization<br /> >> New Authentication Systems <br /></span></p> | ||
| + | <p> </p> | ||
| + | <p><span style="font-size: small;"><span style="font-size: small;">== [CLASS] Infrastructure Security ==</span><br />(3 Hour) <br /> >> Context Aware Firewalls (ASA)<br /> >> Policy Management <br /> >> Object Definition and ACL Management (ASA)<br /> >> Infrastructure & Security Protocols<br /> >> Enterprise Security Products (PDF and Notes)<br /> >> Perimeter Security<br /> >> In-Network Security<br /> >> DNS Security is Corporate #1 Priority<br /> >> Identity Management <br /></span></p> | ||
<blockquote> | <blockquote> | ||
<ul> | <ul> | ||
Revision as of 16:54, 5 April 2015
Classroom Training Document and Materials eShare:
Total Instruction Hours:
21 hours of Classroom Instructions
30 hours of Hands-on Lab
9 hours of Testing (in 9 separate Tests)
Net total is 60 hours of curriculum
-
The Course Curriculum for this Advanced Security Training:
Contents
[CLASS] Introduction to networks security
(3 Hour)
- Network Concepts
>> IPV4, Device ID, Network cards - hard/soft
>> Authentication Factors
>> Authentication & Authorization
>> New Authentication Systems
[CLASS] Infrastructure Security
(3 Hour)
>> Context Aware Firewalls (ASA)
>> Policy Management
>> Object Definition and ACL Management (ASA)
>> Infrastructure & Security Protocols
>> Enterprise Security Products (PDF and Notes)
>> Perimeter Security
>> In-Network Security
>> DNS Security is Corporate #1 Priority
>> Identity Management
- IAM - Unified identity management - self reg, identity lifecycle, provisioning, sync
- OAM - centralized access management - Authn and Authz - for Web, service-based, mobile,..
- OID - Centralized data storage & encryption - encrypt data-in-storage & data-in-transit - DLP
- Admin - Delegated admin, admin-overview, Rule based admin oversight, Re-Certification
- Audit - Yearly, Quaterly and monthly compliance checks, internal audit and external audits
- Compliance - Support for SSAE16, SOC1, SOC2, PCI and SOX
- LDAP and Directory Management
>> Traditional data storage Vs. Tree structure
>> Caching Vs Searching
>> Profiling Vs Tabulation
>> Active Directory and other common LDAP vendors
>> Virtual and Meta
=
(3 Hour) [CLASS] Security Management
- Intrusion Prevention
- All are based on behaviour analysis
- Detection
- VPN -
>> IPSec Vs SSL
>> RADIUS
>> Site-to-Site VPNs
- Wireless Security
>> WEP Vs WPA Vs WPA2
- Vulnerability Analysis
>> Using existing tools
>> Without using any software tools
- Security Policies
>> Corporate Security Policies
>> Hackers Hat - breaking corporate security code
>> Endpoint Assessments
>> Enabling Intrusion Prevention System (IPS)
- Best Practices - Cyber-Security
>> Traditional Hacking Techniques
>> Monitor telemetry data
>> Event Coorelation for alarms
>> Risk Analysis and Mitigation
- Review malware signatures
>> Viruses & Worms
>> Network Trace gathering and analysis
- Review common hacking techniques and kits
>> Backdoor
>> Botnets
>> DoS and DDoS
>> Tunnel Attacks
(3 Hour) [CLASS] Leading Companies and Leading Products - how-to-use, why-to-use, where-to-apply
- Top 3 Products - in-depth
1: - QQ
(3 Hour) Identification:
> 3-[CLASS] Network analysis and deep-dives
- Identify Compromised System
- Isolate Zombie
- Stopping malware
(3 Hour) -[CLASS] Intrusion signatures & footprints
- Signature Analysis
- P32/PDOM screenshots
- RootKits
1: - QQ
(3 Hour) [LAB] Prevention - Perimeter Security
- Introduction
- PKI - Create cert, sign them, install them, trust them and external providers
(3 Hour) [CLASS] Firewalls & Rulesets
- ACE, ACL, ACI
- LDAP and Directory Infrastructure
1: - QQ
(3 Hour) [LAB] Adaptive Security
>> Introduction to Software based security:
> Clamscan, Bayes Algo, Other softwares
> IPtables
> Software firewal of Linux
> Hardening Kernel and Linux services
1: - QQ
(3 Hour) Hardware based security
> IPS
> Firewall
> Shun Hosts
1: - QQ
(3 Hour) [CLASS] Offensive Network Design: Network
- Review existing network
>> Interview Customer - questions to ask - checklist
>> Checklist for Table Of Obervation - recording
>> Security checklist for implementation
>> Master Checklist for design analysis
- Review current architecture
>> First create your proposed topology and artifacts
>> Peer review of topo
>> Oversight review & Risk Assessment
>> DR and BCP requirements
>> Customer Approval & Signoff
1: - QQ
(9 Hour) [LAB] Appliance Setup
1: - Prereq's - Before you begin
2: - Juniper entry point appliance - SS5
2: - Cisco entry point appliance - ASA 5505
2: - Netgear entry point appliance - FVS 318
2: - IPSec VPN end-to-end setup and configuration
1: - QQ
(3 Hour) [LAB] Active Monitoing Setup
- Introduction to Netflow Vs. SNMP
- Monitoring Web Servers
- Monitoring DNS Servers
- Monitoring IMAP Servers (Dovecot)
- Monitoring Email Gateway (Postfix)
- Monitoring from external service providers - pingdom
1: - QQ
(4 Hour) [LAB] Active Response Management
- Firewall based Block Rules
> Single IP
> Entire Subnet
- Reporting Abusive Originating IPs
- Blacklist and Backscatterers
- Load Balancing Services
- Failover Services
1: - QQ
==
