Network Security Training

Network Security Training

With the multitude of increasingly dangerous threats facing computer networks anymore, it has become essential for any significantly sized corporate or government entity to possess either one or multiple network security personnel. These computer security people have to be as cutting edged as the computer hacker criminals whom they face. Network security training is the vehicle whereby they can become proficient enough to stay a good step ahead of the villains who threaten to steal and disrupt computer networks literally everywhere.

Types of Network Security Training Available

Such network security training typically covers a range of critically necessary topics including forensics, hacking, information technology auditing, and leadership. It is usually provided via a number of different methods of delivery to meet the customers’ variety of requirements and uses.

The training is often available as a training video. These training videos may be viewed in a variety of modes. Among them are by curriculum, by course, by career path, by delivery method, or by physical location. The network security training modules come in the following areas of break down:

– Internet Storm Center
– GIAC Certification for Computer Security
– Software Security Institute
– Technology Institute
– IT Audit
– eDiscovery and Computer Forensics
– Computer Security Blogs

Description of Network Security Training Workshops

Experienced information technology professionals all know that computer network security proves to be a process that never ends and includes analysis, education, and mitigation. A two day training course covering these network security topics will focus on the basics of network security in order to teach the participant a good working knowledge about the kinds of computer and network threats, the specific areas of vulnerability, and the different types of computer and network attacks. They will furthermore learn via real time, hands on experience about the varieties of tools which are out there to engage in minimizing the user’s vulnerabilities, as well as analyzing his or her network for holes and weaknesses in the security.

Learning Objectives for Network Security Training

Following the successful completion of a good network security training program, the participant will have accomplished all of the following activities:

– Discussed the Defense-in-Depth where it pertains to protecting and assuring good network security
– Reviewed the four principal elements inherent in security
– Discussed AAA concerning network settings
– Practiced engaging in a network risk analysis
– Practiced managing and requesting personal certificates
– Practiced simple cryptographic strategies
– Connected onto a Cisco-based VPN network
– Connected onto a Windows operating system based VPN
– Practiced creating and setting up a self-assigned SSL certificate for Linux-based Web servers
– Practiced intercepting wireless transmissions which are not secure
– Described the implementation into networks of Intrusion Detection Systems
– Reviewed the debugging output for any firewall running either PAT or NAT

Exams and Certifications for Network Security Training

These Cisco® training classes will assist the prospective participant in getting ready for such professional certification as CompTIA Security+. These classes are not intended to be a cramming course for certification or a ramp up program for the test taker. In order to be better prepared for the CompTIA Security+ exam, such candidates should go visit the CompTIA.org web site to obtain complete exam outlines and objectives.

The Types of People Who Should Participate in Network Security Training

Such classes are designed to help out network security staff. Among these types who will most benefit from the training are network engineers, network administrators, help desk staff, CIO’s, information technology managers, and CTO’s, as well as any person who has the principal responsibility for handling network operations and network security.

Frequently Asked Questions Concerning Network Security Training

Q: What types of operating systems are utilized in these training sessions?
A: Windows and Linux.

Q: What portion of the training is actually taught via the command line rather than the GUI?
A: It is mostly in the GUI, although work in the command line is included.

Q: Which operating system is utilized on the computers in the classroom?
A: Windows XP Professional SP3 is typically used.

On-Site Capability of the Network Security Training

Such network security training classes may be taught on a business or government physical site. This permits greater convenience and availability for all of the necessary personnel, who may not have time to travel away from the office. Larger or smaller groups are not a problem. Travel expenses and lost time are both avoided in having the training classes brought directly to the front door of the business or government office.

This Cisco ASA teaching which can be brought to the business or government’s locations is available at any locations of the sponsoring entity’s preference. The program is capable of being individually tailored to the sponsor’s topic of choice, timing, as well as physical location. The programs come with first class training on site, offered by the top professional trainers in the business. The teaching will be relevant, comprehensible, and most of all imminently practical.

Important Elements To Be Covered By Network Security Training

Part One: The Fundamentals of Security

* The Four Elements Inherent In Security
– Availability
– Authentication
– Integrity
– Confidentiality

* Implementation of the Elements of Security
– Corporate Security Policy
– User authentication
– Physical Security
– Encryption and Access Control
– Auditing and Administration

* Vulnerable Systems and Networks, Threats, and Attacks
– Vulnerable System and Networks
– Threats
– Attacks
* Running an Effective Risk Analysis
* Calculating the Real Cost
* Kinds of Attacks
– Un-targeted vs. Targeted Attacks
– Denial-of-Service Attacks (DOS)
Application-Level Floods
Distributed Attacks
ICMP Floods
Peer-to-Peer Attacks
Nukes
LAND Attacks
SYN Floods
– Malicious Content and Malware
– Social Engineering
* Spyware and the Compromising of Personal Data
* Comprehending Defense in Depth
– Defense in the Depth Utilized by the Military
– Defense in Depth for a Network

Part Two: Understanding AAA (Authorization, Authentication, and Accounting)

* Authorization
– Access-Controls
* The Fundamentals Inherent in Authentication
* Three Factors Inherent in Authentication
* Methods for Implementing Accounting

Part Three: Cryptography

* Cryptography Fundamentals
* Key Management Fundamentals
* What is the PKI (Publci Key Infrastructure)?
* Basic Concepts for Installing the Windows Certificate Server

Part Four: Virtual Private Networks (VPNs)

* VPN Fundamentals
* VPN Implementation
– L2TP
– PPTP
– IPSec

Part Five: Wireless Network Security

* IEEE 802.11 Fundamentals
* Wireless Security Technologies
– WPA
– WEP

Part Six: Security for Internet and Email

* HTTP and Web Servers Fundamentals
* Web Application Vulnerabilities
– ActiveX
– CGI (Common Gateway Interface)
– Buffer Overflows
– Java Script
– Cookies
– SMTP Relays
– Signed Applets
* SSL/TLS
* Digital Signatures
* Securing Email
* Email Vulnerabilties
* S/MIME Encryption and PGP

Part Seven: Network Security Topologies

* Security Topologies Fundamentals
* Network Address Translation
* DMZs
* Port Address Translation
* VLANs (Virtual Local Area Networks)
* Tunneling

Part Eight: Detecting and Preventing Intrusions

* Systems for Intrusion Detection
* Passive vs. Active Detection
* Common Systems for Intrusion Detection
* Honeypots
* Monitoring and Auditing

Prerequisites

Any potential participant needs to have finished the Computer Network Fundamentals training, or at least to possess comparable levels of knowledge. This training is not meant for any end users or others who do not possess previous networking experience or base knowledge.

2 Responses to Network Security Training

Leave a Reply

Your email address will not be published.