Network Security Essentials - Course Description

 

Did you know there was a stealthy hacker in your network on the weekend? Are you aware of the malicious activities one of your "trusted" users is engaging in right now? Are you detecting and protecting as it happens, or just cleaning up the mess and plugging the holes after they teach you their latest lesson?

 

Is your domain security policy a little like a locked filing cabinet - enough to keep honest people out, but no match for someone with less than honourable intent?

 

Or maybe your biggest problem is the simple, but increasingly expensive employee time-wasting on non-business web-browsing, email and instant messaging? Do you know it's happening? Do you know how much it is costing, and how some of it might even be illegal?

 

This intensive, hands-on course is designed to give a graphic understanding of the tools and techniques of attack, and a clear guide to detecting and defending against them. From insider password sniffing and cracking to brute-force attacks and exploits, it lets you see the activity first-hand, and shows how to catch and block it.     

While most concentrate on building rock-hard perimeter defences, this course concentrates on what goes on inside, in that soft-and-squishy, nebulous, "trusted" interior. Topics range from simple content monitoring and filtering to instrusion detection to advanced surveillance and defence, and include:

 

  • Gateway monitoring and content filtering
  • Detailed analysis of user internet activity
  • Network surveillance for stealth sniffing and ARP poisoning
  • Instant host and network intrusion detection deployment, and how to tune it
  • Malicious activity: database logging, aggregation and analysis
  • Vulnerability Scanning - the right tools, and how to use them well
  • Automating patch monitoring and management

What You Will Learn

  • Policies and procedures for (and the legal implications of) Surveillance and Defence
  • How to address weaknesses in organisational attitude and ethic
  • Flaws in your operating systems, network devices, and protocols
  • How to conduct accurate vulnerability assessments, and how to deal with the results
  • How to implement host and network intrusion detection that works
  • How to customise and scale IDS, and aggregate and analyse results
  • How to automate system updates (and why you might not need them!)
  • How to diagnose and detect hidden tools such as rootkits, trojans and worms
  • How to lock down key systems harder than ever before

Who Should Attend

  • New security staff looking for the ultimate "jump-start"
  • Network/Security administrators who want the latest in
  • Surveillance and Defence techniques
  • Network/Security engineers, configurators and support staff.
  • IT and MIS managers
  • Management and executive staff promoting corporate security initiatives
  • User liaison/support staff responsible for helping the security message permeate the organisation
  • Software developers and consultants who need to broaden their skill sets in these increasingly security-conscious times
  • IT staff looking to add critical security knowledge to their added-value skill set

Bonus CD

Everyone who completes this course will receive a bonus CD-ROM packed with advanced Surveillance and Defence tools, comprehensive reference information, and links to vital internet information resources. It also contains attack and analysis tools for your own internal stress-testing, validation and auditing.