課程大綱: Network Security Administrator培訓
Module 1: Introduction to Network Security
Network topology; Network Types and the OSI Model
Module 2: Network Protocols
Network Protocols: SLIP; PPP; ARP; RARP; IGMP; ICMP; SNMP, HTTP
IP: Attacks and Countermeasures
TCP, UDP: Attacks and Countermeasures
FTP, TFTP, TELNET, SMTP: Vulnerabilities
Module 3: Security Policy
What is Security Policy?
What Defines a good security policy
Security Policy Structure
Developing and Implementing security policies
Requirements of Effective Security Policy
Module 4: Physical Security
Physical Security Threats
Locks and Keys
TEMPEST
Fire Safety: Fire Suppression, Gaseous Emission Systems
Laptop Security: Physical Security Countermeasures
Biometric Devices
PC Security: Boot Access
Module 5: Network Attacks
Current Statistics
Defining Terms: Threats, Attack and Exploit
Classification of Hackers and Attacks
Spoofing; Spamming; Eaves Dropping; Phishing; War Dialing; Password Cracking
Web Page Defacement; SQL Injection; Wire Tapping; Buffer Overflow
War Driving; War Chalking; War Flying
Denial of Service (DOS) Attacks and Distributed DOS
Module 6: Intrusion Detection System
Characteristics of IDS
Host based IDS Vs Network based IDS
IDS Detection Methods; Types of Signatures
Intrusion Prevention System
IDS Vs IPS
IPS Tool
Module 7: Firewalls
Handling threats and security tasks
Protection against hacking
Centralization and Documentation
Multi-layer firewall protection
Packet filtering and Stateful Packet Filtering
Multi firewall DMZ
Specialty firewalls and Reverse firewalls
Module8: Packet Filtering and Proxy Servers
Network Address Translation
Application layer gateway and Proxying
Virtual Private Network and the Authentication process
Module 9: Bastion Host and Honeypots
Bastion Host
Honeypots and Honeynet
Module 10: Hardening Routers
Internet work Operating Systems (IOS)
Troubleshooting a router
Hardening a Router
Components of router security
Router security: testing tools
Module 11: Hardening Operating Systems Security
Windows Security
Objects And Permissions
NTFS File System Permissions
Active Directory
Kerberos Authentication And Security
IP Security
Linux
Module 12: Patch Management
Red Hat Up2date Patch Management Utility Installation Steps
Microsoft Patch Management Process and Windows Update Services
Patch Management Tools: Qchain
Patch Management Tool: Microsoft Baseline Security Analyzer
Other Patch Management Tools
Module 13: Application Security
Securing Web Applications
IPSec And SSL Security
Writing Secure Code; Best Practices
Remote Administration Security
Module 14: Web Security
Network Devices and Design
Altering the Network Addresses
Client Authorization and Secure Client Transmissions
Portable Applications
Malicious Code Detection
Browser Security Settings
Common Gateway Interface (CGI)
Web Application Input Data Validation and Buffer Overflows
Module 15: E-Mail Security
Components Of An Email
E-mail protocols
E-Mail Security Risks
How to defend against E-Mail security risks
Module 16: Encryption
Firewalls Implementing Encryption
Maintaining confidentiality
Digital certificates
Public and Private Keys (including PGP)
Choosing the size of keys
Analyzing popular encryption schemes including IPSEC
Module 17: Virtual Private Networks
VPN Tunneling Protocols
PPTP and L2TP
VPN Security
Module 18: WLAN
Wireless Network Types
Antenna
WLAN Standards
BlueTooth And Ultra Wideband
WEP Description Tool (Air Snort and WEPCrack)
WLAN Security;WPA; TKIP; WTLS
EAP Methods
Advanced Encryption Standards (AES); DES; RSA Encryption
RADIUS; Multifactor Authentication
Mobile Security Through Certificates
Certificate Management Through PKI
Module 19: Creating Fault Tolerance
Network Security: Fault Tolerance
Why Create Fault Tolerance
Planning For Fault Tolerance
Reasons For System Failure
Preventive Measures
Module 20: Incident Response
What Is an Incident
Step by Step Procedure
Managing Incidents
What Is an Incident Response
Six Step Approach for Incident Handling (PICERF Methodology)
Incident Response Team
Module 21: Disaster Recovery and Planning
What is a Disaster Recovery
Disaster Recovery Planning
Business Continuity Planning Process
Disaster Prevention
Module 22: Network Vulnerability Assessment
Vulnerability Assessment
Goals of vulnerability assessment
Network vulnerability Assessment methodology:
Selecting vulnerability assessment tools
加入高級會員獲得助教答疑
