Training Bouchure
-
Upload
sandra4211 -
Category
Documents
-
view
1.267 -
download
2
description
Transcript of Training Bouchure
INDEX
SPECTRUM PROPRIETARY TRAINING PROGRAM..................................3Customised Training on Network Security for Administrators...............................................................3Customised Training for Penetration Testing.........................................................................................3
CUSTOMISED TRAINING IN NETWORK SECURITY....................................3Hardening the Infrastructure (HTI)........................................................................................................3Network Defence and Countermeasures (NDC).....................................................................................3
SECURITY CERTIFIED NETWORK ARCHITECT.........................................3Advanced Security Implementation (ASI)...............................................................................................3Enterprise Security Solutions (ESS)........................................................................................................3
CUSTOMISED TRAINING ON SECURITY AWARENESS................................3CUSTOMISED TRAINING FOR SECURITY ANALYST...................................3
Module-1: Network Security and Firewalls............................................................................................3Module-2: Operating System Security....................................................................................................3Module-3: Security Auditing, Attacks and Threat Analysis....................................................................3
CUSTOMISED TRAINING ON INTEGRATED SECURITY by SPECTRUM...............................................................................................3
SPECTRUM Proprietary Training Program
Most business enterprises may not afford the luxury of separate network and security administrators for their networks. More often the network administrators will also be looking after the enterprise network security. The question therefore is: are the network administrators qualified and competent to look after the security of their networks? It is for you to find an answer.
Customised Training on Network Security for Administrators
Basic Networking and TCP/IP Refresher Basics of Networking Basics of TCP/IP Routing Concepts
Information Security Management System Security Essentials Information Security Standards Risks Analysis Security Organizations Developing Information Security Policies Security Mechanisms Physical Security
Internet Vulnerability Hacking Exploits Internet Vulnerabilities Types of Attacks Target Identification Risk Assessment Techniques Gaining Control over System Recording Keystroke Hiding Evidence of Attacks
Designing and Configuring Firewalls
Basics of Firewall Designing Firewall Firewall Policy Configuring Firewall Implementing IP Tables
Designing and Configuring IDS
Basics of IDS
IDS Design
Goals of IDS
IDS Signatures IDS Limitations Configuring IDS
Configuring Secure VPN
VPN Concepts VPN Implementation
Securing Windows
Introduction to Operating Systems Features of Windows Technologies of Windows Authentication Security NTFS Permission Implementing Encryption File systems Enlightening Vulnerability Penetrating Windows Active Directory – Windows Windows – PKI components
Securing UNIX and Linux
Achieving UNIX security Protecting data and systems with
cryptography Establishing secure account usage Monitoring and disabling accounts Logging in across the network Controlling root access Auditing superuser activity Role-based access control (RBAC) Directory structure and partitioning for
2
security Backup and integrity testing The Network File System Hardening UNIX systems Risks from unwanted program execution Issues with scripts TCP/IP and its security loopholes Securing internal network services Safely connecting to external networks Securing FTP, e-mail and Web access
Course Objective: The urgent need to enhance the System / Network administrators knowledge base that of Information Security officer. This authoritative, state-of-the-art course is designed to meet the needs of both IT and Business Managers and will provide an outstanding opportunity to assess the true degree of your exposure to your organizations information, and will explain the steps required to secure your organization’s information and networks.
Target Audience: At the end of 2 weeks intense training will enable him to execute the task of designing and implementing Secure Network and create and implement organization’s security policies.
Duration: 96 Hrs
Course Certificate: A Certificate of Achievement will be awarded to the participants by Spectrum.
3
Customised Training for Penetration Testing
Whenever we think of Hackers, ethics is what comes to our mind because by hacker we mean stealing information, gaining illegal access or disruptive behaviour using a computer.
As the world is already aware that the attacks by hackers or crackers have crossed all barriers and it is not limited to only high-profile organizations. So the importance of securing the systems is a need of the day. There is an extensive growth in attacks on the network (especially those connected to internet). At the same time there are other attacks such as Virus, Worms and Backdoors, The worst part is that there are so many automated tools available which makes it so much easier to identify and exploit a system, so there is a need for us to make our system and network attack proof to the greatest possible extent for this we need to learn the hackers prospective so as to countermeasure the attack as most of the network intrusion occurs from exploitation of known Vulnerabilities or configuration errors were countermeasures were available.
Hacking Techniques I Attack & Penetration Testing Key Steps for A & P Tools whois, nslookup Tools traceroute Tools
Hacking Techniques II Advance Vulnerabilities & Exploitation
Techniques Buffer overflow – Attacks / Vulnerability What is Cross Site Scripting? Unicode Attack
Attacking Systems Linux Introduction to an Operating System Current application of Linux systems Properties of Linux Linux Flavours Which shell am I using? File Permissions and Access Overview of Linux/Unix Security General System security Security as a policy Secure Shell (SSH)
Attacking Systems Windows Microsoft Corporation‘s Windows
Operating System Common Vulnerabilities & Attacks Buffer Overflow in Messenger Service Network vulnerabilities How is it possible to crack somebody's
password? Null Session/Anonymous Users Scanner
(RedButton) Local Attacks
Attacking Systems Novell Netware
Overview of Novell Netware What is a Novell Netware? Overview of Novell Netware Security Password Guessing Enumeration and Password Guessing
Countermeasure(s) Authenticated Enumeration Detecting Intruder Lockout Netware Security Message Novell Public Key Infrastructure
Services Spoofing Attack Countermeasure(s) Backdoor Countermeasure(s)
Attacking Networks Firewall & IDS
Understanding Firewall & IDS What is a Firewall? What is IDS? IDS attack techniquesFirewall attack techniques Vulnerabilities in Firewall Limitations of a Firewall
4
Gaining ADMIN
Hacking Techniques Database Server
Overview of Database Server Types of Databases Major Issues & Vulnerabilities Sever Side Traces SQLScanner probing for SQL servers
on the Internet Using TSQL.ASP Injection Attack Examples
Malware What is Malicious Code? What is a Trojan? Packet Sniffing Techniques Password Cracking Principles and
Techniques Packet Sniffer Types of Malicious Code
Course Objective: This particular course is going to benefit the network administrator, security officers and other individuals who are concerned about the security and keen to learn the methodologies and techniques of hacking. It will also add to the skills of the individual as how to find the vulnerabilities in the system using the similar technique as that of a hacker but with a difference in intention and motive.
Target Audience: The target audiences for the course are Network professionals, who have a working experience as managing
the networks Security Professionals, seeking career as Penetration Testers People holding certifications like Security+, SCNP, CISSP, CISA etc
looking for career growth
Duration: 96 hrs
Course Certificate: A Certificate of Achievement will be awarded to the participants by Spectrum.
5
Customised Training in Network Security
The Customised Training consists of two courses, namely Hardening the Infrastructure (HTI) and Network Defence and Countermeasures (NDC).
Target Audience: This course is designed for networking professionals, network administrators and information security officers who want to implement security in their Networks and Operating systems. Students should preferably be certified network professionals with MCSE/MCSA/CNE/CompTIA/CCNA certification.
Hardening the Infrastructure (HTI)
Course Objectives: HTI is a five-day (forty hours) course. The training is a combination of teacher-led lecture, in-class discussions, and hands-on lab exercises. There are ten domains covered in the course, covering issues such as: Contingency Planning, Securing Windows, UNIX, and Linux operating Systems, Advanced TCP/IP, Security Fundamentals, Security Implementation, Router Security, and Attack Methods.
Contingency Planning Fundamental Contingency Planning Creation of the Contingency Plan Technologies of Power Backing up the Operating System
Tools and Techniques Network Scanning and Discovery Methods Virii, Trojans, and Worms Social Engineering techniques Privilege Escalation Keystroke Logging Concepts of DoS Password Weaknesses
Security on the Internet and the WWW Define the Weak points in the structure of
the Internet Web Site Attack Techniques Attack techniques of Web Users Hardening Internet Access Points
Router Security Implementation of Fundamental Cisco
Router Security Describe the Routing Process Removing Unwanted Protocols and Services Creation and Implementation of Access
Control Lists Configuring Cisco Router Logging
TCP/IP Packet Structure and Security Core Concepts of TCP/IP Identify and Describe Packet Headers Session Setup and Teardown Identify and Implement IPv6
Operating System Security Windows Infrastructure Security Examine Windows Authentication Implement Windows Security Configuration
Tools Configure Windows Resource Security Windows Auditing and Logging Windows Network Security Fundamental Linux Security Securing SAMBA Network Configuration Security Securing Linux
6
Network Defence and Countermeasures (NDC)
Course Objectives: NDC is a five-day (forty hours) course. The training is a combination of teacher-led lecture, in-class discussions, and hands-on lab exercises. The course consists of six domains, covering issues such as: Security fundamentals, IP Signature and Analysis, Firewalls, Risk Analysis, Intrusion Detection and Virtual Private Networks.
Network Defence Network Defence / Defensive Technologies Objectives of Access Control/Impact of
Defence Network Auditing Concepts
Designing Firewall Systems Firewall component/Firewall Policy Rule Set & Packet Filters/Proxy Server The Bastion Pot/Honey pot
Configuring Firewalls Firewall Implementation Practice Installing and configuring firewall Installing and Configuring ISA Server Monitor ISA server/ IP chains Concepts Implementing Firewall Technologies
Configuring VPN VPN Fundamental IP Security Protocol/VPN Design & Architect VPN Security/Configuring VPN
Designing IDS The Goal of Intrusion Detection Systems Technologies/Techniques of IDS Host-based IDS/Network Based IDS The Analysis/How to use an IDS What an IDS cannot do
Configuring an IDS Snort Foundation/Snort Installation Snort as an IDS Configuring ISS Scanners
Analyzing Intrusion Signatures Signature Analysis Common Vulnerabilities & Exposures Signatures/Normal Traffic Signatures Abnormal traffic Signatures
Performance A Risk Analysis Concept of Risk Analysis Methods/Process of Risk Analysis Techniques to Minimize Risk Continual Risk Analysis
Creating A Security policy Concepts of security Policies The Policy Design/The Policies An Example Policy Incident Handling & Escalation Procedures
Duration: 80 Hrs
Timings: Full Time: 9:00am to 5:00pm
Course Certificate: A Certificate of Achievement will be awarded to the participants by Spectrum.
Network Architect
7
The NA Program consists of two courses, namely (ASI) Advanced Security Implementation and (ESS) Enterprise Security Solutions. At the end of each course students will be administered one on-line exam SCO-501 and SCO-502 respectively. Students attending the course must be preferably SCNP qualified.
Target Audience: This course is designed for network security professionals, network security administrators and information security officers who want to implement security solutions in their Networks and Operating systems using PKI and Biometrics. Students should preferably be certified network professionals with MCSE/CNE/CompTIA/CCNA certification.
Advanced Security Implementation (ASI)
Course Objectives: ASI is a forty-hour course. The training is a combination of teacher-led lecture, in-class discussions, and hands-on lab exercises. There are eight domains covered in the course, covering issues such as: Cryptography and Data Security, Digital Signatures/Certificates, Biometrics, Law and Legislation, Computer Forensics, and Strong Authentication.
Introduction to Trusted Networks Cryptography and Data Security
Computer Forensics Law and Legislation
Biometrics Strong Authentication
Digital Certificates Digital Signatures
8
Enterprise Security Solutions (ESS)
Course Objective: This training is a combination of teacher-led lecture, in-class discussions, and hands-on lab exercises. There are nine domains covered in the course, covering issues such as: Microsoft and Linux Trusted Networks, Local Resource Security, Building Trusted Solutions, Wireless Security and Secure E-Mail Implementation.
Trusted Network Implementation Plan and Design a Trusted Network
Microsoft Trusted Networks Linux Trusted Networks
Managing Certificates Local Resource Security
Wireless Security Securing Email
Building Trusted Solutions
Duration: 80 Hrs
Course Certificate: A Certificate of Achievement will be awarded to the participants by Spectrum.
9
Customised Training on Security Awareness
The Customised Training on Security Awareness is designed for the everyday user of computers and networks, which bring security knowledge in easy to understand language without all the techno-speak. This training is intended for all computer users, from the home to educational institutes and Fortune 500 companies.
Program OverviewThe One-Day / Nine hours Security Awareness Program Overview:
Ser No
Lesson Explanation
1 Security Awareness Introduction Why care about security?
2 Network and TCP/IP Basics How computers talk to each other
3 Computer and Network Security Fundamentals
What is computer security anyway
4 Network Access How to get to your stuff
5 Data Confidentiality and Information Management
How to deal with Secret Stuff
6 Viruses, Trojans, and Worms Malicious Codes and Scripts
7 Backups And, why you need to have them
8 Resource Usage Staying safe on the Internet
9 Internet and eMail Security How to guard against hackers and malicious content
10 Software Piracy It's on my computer, can I keep it
Information Security Management for Senior Management
In addition to the Security Awareness Program for end Users, Senior Management will be undergoing the following topics relating to Management of Information Security over a period of 6 hours, a total of 15 hours or a two-day program.
Performing Risk Analysis Concepts Methods Process Risk Mitigation
Continual Risk Analysis Security Technology Management Vulnerability Management Exploitation Management Systems Availability
Creating a Security Policy Concepts Policy Design Sample security policies
Incident Handling and Escalation Procedures Security Incidents Handling Procedure Incident Specific Procedure
Customised Training for Security Analyst
10
The Customised Training for Security Analyst recognizes the achievements of those who have already attained a level of proficiency in networking administration and now wants to validate and prove their competencies in security. It provides focused and streamlined validation of further proficiency in areas pertaining to systems security.
Target Audience: Individuals who have already attained a level of proficiency in networking administration and now want to validate and prove their competencies in network security.
Job Responsibilities: Once a certificate is achieved in this area, he or she can implement security policy, identify security threats, and develop countermeasures using firewall systems and attack-recognition technologies. This specialist will also have competency in managing the deployment of e-business transaction and payment security solutions.
Prerequisites: In order to qualify for this certificate, individuals must have attained at least one of the following levels of certification and must submit proof of these certifications. To make sure that your certifications are current, please visit the vendor's Web site.
Microsoft Certified Systems Engineer (MCSE) 4 Microsoft Certified Systems Engineer (MCSE) Certified Novell Engineer (CNE) 4 Certified Novell Engineer CNE) 5 Cisco Certified Network Professional (CCNP) Cisco Certified Inter-network Expert (CCIE) Linux Professional Institute (LPI) Level 2 SAIR Level 2 LCE
Training/Experience: Candidates must hold one of the certifications listed above in order to achieve this certification.
11
Customised Training for Security Professionals exam consists of:
Module-1: Network Security and Firewalls
What is Security? Elements of Security Applied Encryption Types of Attacks General Security Principles Protocol Layers and Security Securing Resources Firewalls Levels of Firewall Protection Detecting and Distracting Hackers Incident Response
Module-2: Operating System Security
Security Principles Accounts Security File System Security Assessing Risks Reducing Risk
Module-3: Security Auditing, Attacks and Threat Analysis
Security Auditing Discovery Methods Auditing Server Penetration and Attack Techniques Security Auditing and the Control Phase Intrusion Detection Auditing and Log Analysis Audit Results
Target Audience: This course is designed for networking professionals and network administrators who want to implement security in Networks & Operating systems. This course is recommended for information security auditors.
Duration: 40 Hrs
Course Certificate: A Certificate of Achievement will be awarded to the participants by Spectrum.
12
CUSTOMISED TRAINING ON INTEGRATED SECURITY by SPECTRUM
If you think that the answer to securing your networks is a decent firewall and trustworthy anti-virus software, you are making a fatal mistake. Like a gun, those tools are only as effective as the hands that use them. And when it comes to securing an enterprise’s information assets, you cannot afford to put that responsibility in the hands of just anyone. You need someone you can trust, someone with the proven skills and a broad understanding of ALL the dangers that can cause catastrophic damage to your company. Just ask the millions of companies crippled by Nimda, Code Red and other viruses. Of the companies who have lost billions in revenues and assets because of hackers, or because of a breakdown of security policy, ask them what they should have done to avoid the disaster. They will all provide the same answer: “Hire a qualified, certified Security Professional”.
The Ten Domains of SECURITY
Access Control Systems & Methodology: This domain requires that the candidate understand the concepts, systems and methodologies involved in granting and restricting access to resources.
Applications & Systems Development: This domain requires that the candidate understand the security controls found in systems and application software, such as the affects of malicious code on distributed application environments and the security controls involved in data warehousing.
Business Continuity & Disaster Recovery Planning: It involves the preparation, planning and updating of specific actions to protect mission critical services and data.
Cryptography: This domain addresses the concepts, means and methods of encrypting data to ensure authenticity, integrity, and confidentiality.
Law, Investigation & Ethics: This domain addresses computer crime laws, methods for gathering evidence, and related ethical issues.
Operations Security (Computer): This domain identifies the controls over hardware, media and the operators of these resources, and issues related to auditing and monitoring.
Physical Security: This domain involves the threats, vulnerabilities and countermeasures utilized to physically protect enterprises’ resources.
Security Architecture & Models: This domain involves the design, concepts, standards, and implementation security measures that ensure the availability, integrity and confidentiality of operating systems, applications and equipment.
Security Management Practices: Involves the identification of a company’s information assets, and the development, documentation and implementation of security policies.
Telecommunications & Network Security: This domain involves designing and planning voice and data infrastructure and communications with a security strategy that includes preventative, detective and corrective measures
13
Schedule Domains Covered
Day 1 Security Management PracticesAccess Control System and Methodology
Day 2 Security Architecture and ModelsBusiness Continuity/Disaster Recovery Planning
Day 3 CryptographyPhysical Security
Day 4 Telecommunications and Network SecurityLaw, Investigation and Ethics
Day 5 Application and Systems DevelopmentComputer Operations Security
Day 6 Review of the CISSPGroup/Individual Study Time
14
Customised Training in Network Security +
Objective & Audience: Basic Level course for teaching concepts of Computer Security. It uses the technologies commonly in use today. This course is designed for students with a basic knowledge of Computer Networks and to enhance the security skills of computer professionals.
Duration: Ten Working Days (8 Hour Training Sessions)
Network and Communication Security
Section 1: Basics of Network Security
Topic 1: What is Information Security?Topic 2: Learning about the Goals of SecurityTopic 3: What are Assets?Topic 4: Learning about Value of AssetsTopic 5: What is Risk?Topic 6: Learning about Risk Management
Topic 7: What is Threat
Topic 8: Learning about Sources of Threat
Topic 9: What are Vulnerabilities?Topic 10: Learning about Various Kinds of Vulnerabilities
Section 2: Types of Attacks
Topic 1: DoS / DDoSTopic 2: SpoofingTopic 3: Source RoutingTopic 4: Man-in-the-MiddleTopic 5: Back DoorTopic 6: Password Guessing
Sub Topic 6.1: Brute ForceSub Topic 6.2: Dictionary
Topic 7: Replay AttackTopic 8: Encryption BreakingTopic 9: TCP/IP HijackingTopic 10: Software ExploitationTopic 11: BirthdayTopic 12: Social EngineeringTopic 13: Malware
Sub Topic 13.1: VirusSub Topic 13.2: Trojan HorsesSub Topic 13.3: Worms
15
Sub Topic 13.4: Logic Bombs
Section 3: Areas of Intrusion
Topic 1: Network InfrastructureTopic 2: Internet ApplicationsTopic 3: Communications Protocols
Section 4: Protection of Information
Topic 1: Building a DefenceTopic 2: Securing the Network InfrastructureTopic 3: User AuthenticationTopic 4: Enabling Auditing
Section 5: Remote Access Technologies
Topic 1: 802.1xTopic 2: Virtual Private Network (VPN)Topic 3: Remote Authentication Dial-In User Service (RADIUS)Topic 4: Terminal Access Controller Access Control System (TACACS)Topic 5: Layer Two Tunnelling Protocol / Point to Point Tunnelling Protocol (L2TP/PPTP)Topic 6: Secure Shell (SSH)Topic 7: Internet Protocol Security (IPSEC)Topic 8: Vulnerabilities
Section 6: Wireless Communication
Topic 1: Wireless TechnologyTopic 2: Wireless Standards (802.11 and 802.11x)Topic 3: Wireless Transport Layer Security (WTLS)Topic 4: Wired Equivalent Privacy (WEP)Topic 5: Wireless Application Protocol (WAP)Topic 6: Vulnerabilities
Sub Topic 6.1: Site Surveys
Cryptography and Certificates
Section 1: Basics of Cryptography
Topic 1: What is Cryptography?Topic 2: Learning About Symmetric and Asymmetric Keys Topic 3: What is Hashing? Topic 4: Various Cryptographic Algorithms
Sub Topic 4.1: Hash Function
16
Sub Topic 4.2: Encryption
Section 2: Using Cryptography
Topic 1: Providing Confidentiality and IntegrityTopic 2: Providing Identification and AuthenticationTopic 3: Providing Non RepudiationTopic 4: Digital SignaturesTopic 5: Access Control
Section 3: Public Key Infrastructure
Topic 1: What is Public Key Infrastructure (PKI)?Topic 2: PKI Standard X.509Topic 2: Learning About the Components of PKITopic 3: What are Certificates and CAS?Topic 4: Revocation
Section 4: CA Trust Models
Topic 1: What are Trust Models? Topic 2: Mesh ArchitectureTopic 3: Hierarchical ArchitectureTopic 4: Bridge CA Architecture
Section 5: Certificate Life Cycle and Key Management
Topic 1: What is Certificate Life Cycle?Topic 2: Key ManagementTopic 3: Centralized vs. DecentralizedTopic 4: Storage
Sub Topic 4.1: Hardware Vs SoftwareSub Topic 4.2: Private Key Protection
Topic 5: EscrowTopic 6: ExpirationTopic 7: Revocation
Sub Topic 7.1: Status Checking
Topic 8: Suspension
Sub Topic 7.2: Status Checking
Topic 9: DestructionTopic 10: Key Usage
17
Sub Topic 10.1: Multiple Key Pairs (Single and Dual)
Topic 11: Recovery
Sub Topic 11.1: M-of-N Control
Topic 12: Renewal
Infrastructure Security
Section 1: Infrastructure Security
Topic 1: What is Infrastructure Security? Topic 2: Securing EquipmentTopic 3: Securing Equipment Configuration
Section 2: Securing Network Cabling
Topic 1: Coaxial CableTopic 2: UTP / STPTopic 3: Fibre Optic Cable
Section 3: Securing Connectivity Devices
Topic 1: HubsTopic 2: Switches and BridgesTopic 3: Routers Topic 4: FirewallsTopic 5: RASTopic 6: Telecommunications Devices-EPABXTopic 7: ModemsTopic 8: Wireless
Section 4: Securing Topologies
Topic 1: What are Security Zones?Sub Topic 1.1: DMZSub Topic 1.2: IntranetSub Topic 1.3: Extranet
Topic 2: Purpose of Perimeter NetworkTopic 2: Implementing Network Address Translation (NAT)Topic 3: Using Virtual Local Area Network (VLAN)Topic 4: Tunnelling
18
Section 5: Securing and Monitoring Network Resources
Topic 1: WorkstationsTopic 2: Mobile DevicesTopic 3: ServersTopic 4: Virtual Private Network (VPN)Topic 5: Intrusion Detection System (IDS)Topic 6: Network Monitoring / Diagnostics
Operational Security
Section 1: Physical Security
Topic 1: Access Control
Sub Topic 1.1: Physical BarrierSub Topic 1.2: Biometrics
Topic 2: Social EngineeringTopic 3: Environment
Sub Topic 3.1: Wireless CellsSub Topic 3.2: LocationSub Topic 3.3: ShieldingSub Topic 3.4: Fire Suppression
Section 2: Privilege Management
Topic 1: User, Group, and Role ManagementTopic 2: Single Sign-onTopic 3: Centralized and Decentralized ManagementTopic 4: Auditing
Sub Topic 4.1: PrivilegeSub Topic 4.2: UsageSub Topic 4.3: Escalation
Section 3: Removable Media
Topic 1: Magnetic TapeTopic 2: Writable CD-ROM’sTopic 3: Hard DisksTopic 4: Floppy DisksTopic 5: FlashcardsTopic 6: Smart Cards
Section 4: Business Continuity and Disaster Recovery
19
Topic 1: Business Continuity Topic 2: BIA and Critical ProcessesTopic 3: High Availability / Fault ToleranceTopic 4: Backups
Sub Topic 4.1: Off Site Storage
Topic 5: Secure Recovery
Sub Topic 5.1: Alternate Sites
Application Security
Section 1: E-mail Security
Topic 1: E- mail Vulnerabilities
Sub Topic 1.1: SpamSub Topic 1.2: Hoaxes
Topic 2: Secure Multipurpose Internet Mail Extensions (S/MIME)Topic 3: Pretty Good Privacy (PGP)
Section 2: Web Security
Topic 1: Secure Socket Layer / Transport Layer Security (SSL/TLS)Topic 2: Hypertext transport Protocol / Hypertext Transport Protocol over SSL (HTTP/S)Topic 3: Buffer OverflowsTopic 4: Active XTopic 5: CookiesTopic 6: Common Gateway Interface (CGI)Topic 7: Signed AppletsTopic 8: JavaScriptTopic 9: Simple Mail Transfer Protocol (SMTP)Topic 10: Instant MessagingTopic 11: Lightweight Directory Access Protocol (LDAP)
Section 3: File Transfer
Topic 1: Secure File Transport Protocol (S/FTP) Topic 2: Blind FTPTopic 3: Packet SniffingTopic 4: File SharingTopic 5: 8.3 Naming Conventions
20
User Security
Section 1: Authentication
Topic 1: Username and Password AuthenticationTopic 2: Kerberos AuthenticationTopic 3: Remote Authentication with CHAPTopic 4: Tokens based AuthenticationTopic 5: Biometrics based AuthenticationTopic 6: Certificates based AuthenticationTopic 7: Multi-factor AuthenticationTopic 8: Mutual AuthenticationTopic 9: Combining Authentication Methods
Section 2: Access Control Models
Topic 1: Discretionary Access Control (DAC)
Topic 2: Mandatory Access Control (MAC)
Topic 3: Role Based Access Control (RBAC)
Security Baselines
Section 1: Network Device and Operating System Hardening
Topic 1: OS/NOS (Operating System /Network Operating System) Hardening.Topic 2: File System Topic 3: Network hardeningTopic 4: Updates
Sub Topic 4.1: Hot fixes Sub Topic 4.2: Service PacksSub Topic 4.3: Patches
Topic 5: Configuration
Sub Topic 5.1: Enabling and Disabling Services and Protocols
Topic 6: Access Control Lists
Section 2: Application Hardening
Topic 1: Web ServersTopic 2: E-Mail Servers
21
Topic 3: File and Print ServersTopic 4: Domain Name Service (DNS) ServersTopic 5: File Transport Protocol (FTP) Servers Topic 6: Network News Transport Protocol (NNTP) ServersTopic 7: Dynamic Host Configuration Protocol (DHCP) ServersTopic 8: Data Repositories
Sub Topic 8.1: Directory ServicesSub Topic 8.2: Databases
Organizational Security
Section 1: Security Policy
Topic 1: PrivacyTopic 2: Service Level AgreementTopic 3: Human Resources Policy
Sub Topic 3.1: TerminationSub Topic 3.2: HiringSub Topic 3.3: Code of Ethics
Topic 4: Due CareTopic 5: Separation of DutiesTopic 6: Need to KnowTopic 7: Password Management PolicyTopic 8: Disposal / Destruction PolicyTopic 9: Incident Response Policy
Section 2: Risk Assessment
Topic 1: Calculating RiskTopic 2: Asset IdentificationTopic 3: Threat AssessmentTopic 4: Impact AssessmentTopic 5: Vulnerability Assessment
Section 3: User Awareness of Security
Topic 1: CommunicationTopic 2: User AwarenessTopic 3: TrainingTopic 4: EducationTopic 5: Online Resources
Section 4: Documentation Concepts
Topic 1: Standards and GuidelinesTopic 2: Systems Architecture Documentation
22
Topic 3: Change DocumentationTopic 4: LogsTopic 5: InventoriesTopic 6: Classification
Sub Topic 6.1: Notification
Topic 7: Retention / StorageTopic 8: Destruction
Incident Response and Forensics
Section 1: Intrusion Detection Systems
Topic 1: Network-Based IDS
Sub Topic 1.1: Active Detection Sub Topic 1.2: Passive Detection
Topic 2: Host-Based IDS
Sub Topic 2.1: Active Detection Sub Topic 2.2: Passive Detection
Topic 3: Honey Pots
Section 2: Incident Response
Topic 1: PreparationTopic 2: IdentificationTopic 3: ContainmentTopic 4: EradicationTopic 5: RecoveryTopic 6: Follow up
Section 3: Forensics
Topic 1: Chain of CustodyTopic 2: Preservation of Evidence Topic 3: Collection of Evidence
23