System and Network Security Introduction

In this network security training course, you gain the knowledge and skills to analyze and assess network risks, select and deploy appropriate countermeasures, evaluate methods for strong authentication, search for possible vulnerabilities in operating systems, and reduce your organization’s exposure to dangers in enterprise-wide and virtual private networks.

You Will Learn How To

  • Analyze your exposure to security threats
  • Protect your organization’s systems and data
  • Deploy firewalls and data encryption to minimize threats
  • Assess alternative user and host authentication mechanisms
  • Manage risks originating from inside the organization and the Internet

Recommended Experience

  • Basic knowledge of Microsoft Windows operating system
  • Fundamental knowledge of networking concepts

Course Duration

This is a 4-day class.

Exam Information

  • This course covers multiple domains on the (ISC)2 CISSP certification exam
  • This course provides 23 ‘A-level’ CPE credits toward maintaining your CISSP certification

Course Outline

Building a Secure Organization

Real threats that impact cybersecurity

  • Hackers inside and out
  • Eavesdropping
  • Spoofing
  • Sniffing
  • Trojan horses
  • Viruses
  • Wiretaps

A cybersecurity policy: the foundation of your protection

  • Defining your information assurance objectives
  • Assessing your exposure

A Cryptography Primer

Securing data with symmetric encryption

  • Choosing your algorithm: DES, AES, Rc4 and others
  • Assessing key length and key distribution

Solving key distribution issues with asymmetric encryption

  • Generating keys
  • Encrypting with RSA
  • PGP and GnuPG
  • Evaluating Web of Trust and PKI

Ensuring integrity with hashes

  • Hashing with Md5 and SHA
  • Protecting data in transit
  • Building the digital signature

Verifying User and Host Identity

Assessing traditional static password schemes

  • Creating a good quality password policy to prevent password guessing and cracking
  • Protecting against social engineering attacks
  • Encrypting passwords to mitigate the impact of password sniffing

Evaluating strong authentication methods

  • Preventing password replay using one-time and tokenized passwords
  • Employing biometrics as part of multi-factor authentication

Authenticating hosts

  • Distrusting IP addresses
  • Address-spoofing issues and countermeasures
  • Solutions for wireless networks

Preventing System Intrusions

Discovering system vulnerabilities

  • Searching for operating system vulnerabilities
  • Discovering file permission issues
  • Limiting access via physical security

Encrypting files for confidentiality

  • Encryption with application-specific tools
  • Recovering encrypted data

Hardening the operating system

  • Locking down user accounts
  • Securing administrator’s permissions
  • Protecting against viruses

Guarding Against Network Intrusions

Scanning for vulnerabilities

  • Searching for rogue servers
  • Profiling systems and services

Reducing Denial of Service (DoS) attacks

  • Securing DNS
  • Limiting the impact of common attacks

Deploying firewalls to control network traffic

  • Preventing intrusions with filters
  • Implementing cyber security policy
  • Deploying personal firewalls

Protecting web services and applications

  • Validating user input
  • Controlling information leakage

Ensuring Network Confidentiality

Threats from the LAN

  • Sniffing the network
  • Mitigating threats from connected hosts
  • Partitioning the network to prevent data leakage
  • Identifying wireless LAN vulnerabilities

Confidentiality on external connections

  • Ensuring confidentiality with encryption
  • Securing communication with IPSec

Please contact us for more information.


For your cybersecurity training and consulting, go with the pros at SeattlePro.