GainCloud Advanced Security Training
Classroom Training Document and Materials eShare:
Total Instruction Hours:
21 hours of Classroom Instructions
30 hours of Hands-on Lab
9 hours of Testing (in 9 separate Tests)
Net total is 60 hours of curriculum
The Course Curriculum for this Advanced Security Training:
[CLASS] Introduction to networks security
(3 Hour)
- Network Concepts
>> IPV4, Device ID, Network cards - hard/soft
>> Authentication Factors
>> Authentication & Authorization
>> New Authentication Systems
>> LDAP and Directory Management
>> Traditional data storage Vs. Tree structure
>> Caching Vs Searching
>> Profiling Vs Tabulation
>> Active Directory and other common LDAP vendors
>> Virtual and Meta
[CLASS] Infrastructure Security
(3 Hour)
>> Context Aware Firewalls (ASA)
>> Policy Management
>> Object Definition and ACL Management (ASA)
>> Infrastructure & Security Protocols
>> Enterprise Security Products (PDF and Notes)
>> Perimeter Security
>> In-Network Security
>> DNS Security is Corporate #1 Priority
>> Identity Management
- IAM - Unified identity management - self reg, identity lifecycle, provisioning, sync
- OAM - centralized access management - Authn and Authz - for Web, service-based, mobile,..
- OID - Centralized data storage & encryption - encrypt data-in-storage & data-in-transit - DLP
- Admin - Delegated admin, admin-overview, Rule based admin oversight, Re-Certification
- Audit - Yearly, Quaterly and monthly compliance checks, internal audit and external audits
- Compliance - Support for SSAE16, SOC1, SOC2, PCI and SOX
[CLASS] Security Management </h2>
(3 Hour)
</span></p>
<p> >> Intrusion Prevention
>> VPN
>> Wireless Security
>> Vulnerability Analysis
>> Security Policies
>> Corporate Security Policies
>> Hackers Hat - breaking corporate security code
>> Endpoint Assessments
>> Enabling Intrusion Prevention System (IPS)
>> Best Practices - Cyber-Security
>> Traditional Hacking Techniques
>> Monitor telemetry data
>> Event Coorelation for alarms
>> Risk Analysis and Mitigation
>> Review malware signatures
>> Viruses & Worms
>> Network Trace gathering and analysis
>> Review common hacking techniques and kits
>> Backdoor
>> Botnets
>> DoS and DDoS
>> Tunnel Attacks
</p>
<p><h2> [CLASS] Leading Companies and Leading Products </h2>
(3 Hour) </p>
<p> >> How-to-use, why-to-use, where-to-apply
>> Top 3 Products - in-depth</p>
<p>
</p>
<p><h2> [CLASS] Network analysis and deep-dives </h2>
</p>
<p>(3 Hour) Identification:
>> Identify Compromised System
>> Isolate Zombie
>> Stopping malware
</p>
<p><h2> [CLASS] Intrusion signatures & footprints </h2>
(3 Hour) -
>> Signature Analysis
>> P32/PDOM screenshots
>> RootKits
</p>
<p> </p>
<p><h2> [LAB] Prevention - Perimeter Security </h2>
</p>
<p>(3 Hour)
>> Introduction
>> PKI - Create cert, sign them, install them, trust them and external providers</p>
<p>
<h2> [CLASS] Firewalls & Rulesets </h2>
(3 Hour)
- ACE, ACL, ACI
- LDAP and Directory Infrastructure
</p>
<p>
</p>
<p><h2> [LAB] Adaptive Security </h2>
</p>
<p>(3 Hour)
>> Introduction to Software based security:
> Clamscan, Bayes Algo, Other softwares
> IPtables
> Software firewal of Linux
> Hardening Kernel and Linux services
1: - QQ
(3 Hour) Hardware based security
> IPS
> Firewall
> Shun Hosts
1: - QQ
<h2> [CLASS] Offensive Network Design </h2>
(3 Hour)
- Review existing network
>> Interview Customer - questions to ask - checklist
>> Checklist for Table Of Obervation - recording
>> Security checklist for implementation
>> Master Checklist for design analysis
- Review current architecture
>> First create your proposed topology and artifacts
>> Peer review of topo
>> Oversight review & Risk Assessment
>> DR and BCP requirements
>> Customer Approval & Signoff
1: - QQ</p>
<p>
</p>
<p> <h2> [LAB] Appliance Setup </h2>
</p>
<p>(9 Hour)
1: - Prereq's - Before you begin
2: - Juniper entry point appliance - SS5
2: - Cisco entry point appliance - ASA 5505
2: - Netgear entry point appliance - FVS 318
2: - IPSec VPN end-to-end setup and configuration
1: - QQ
<h2> [LAB] Active Monitoing Setup </h2> </p>
<p> (3 Hour)
- Introduction to Netflow Vs. SNMP
- Monitoring Web Servers
- Monitoring DNS Servers
- Monitoring IMAP Servers (Dovecot)
- Monitoring Email Gateway (Postfix)
- Monitoring from external service providers - pingdom
1: - QQ
<h2> [LAB] Active Response Management </h2></p>
<p> (4 Hour)
- Firewall based Block Rules
> Single IP
> Entire Subnet
- Reporting Abusive Originating IPs
- Blacklist and Backscatterers
- Load Balancing Services
- Failover Services
1: - QQ
</p>