ENROLL NOW
ENROLL NOW
Information Systems Security

Information Systems Security

Cyber Security - Information Systems Security
Design and implement secured IT environment

Securing the information systems environment is one of the important tasks of the organization IT. This course focuses in the design, analysis and implementation of enterprise-level security information systems. This course will expose the student to secure computing and networking concepts, security protocols and principles along with practical networking security methodologies.

The course starts with the risks and risk analysis methods, continues with protocols and security algorithms, network security and how to implement it, operating systems and security devices. The course finalize with network analysis and common tools that can be used for the purpose.

 

Course Objectives

Upon completing the course, the participants will be able to:

  • Understand the basic concept of “thinking security”
  • Describe the architecture & components of core and perimeter protection
  • Understand the use of detection and response tools and mechanisms
  • Understand how do securely deploy wired and wireless network
  • Understand how to secure the operating systems and basic applications security
  • Perform the design of a secured IT environment
  • Use common scanning and analysis tools

 

Topics

  • Thinking security
  • Risks and risk assessment
  • Security protocols – encryption and authentication
  • Core and perimeter protection
  • Detection and response
  • Anti-malware technologies
  • OSs security and protection
  • Network security – how to secure the network and it’s components
  • Wireless communication security
  • Network and computer forensics and analysis

 

Target Audience

CIOs and IT managers, information security managers, system administrators, network and system engineers

Prerequisites

Basic knowledge in Microsoft windows, Linux and networking

Duration

5 Days

Outline

Part 1 – The Basics

  • Secured networks Design
    • Security risks and controls
      • Risks, risks estimation and damage control
      • Physical, technical and administrative controls
    • Risks and Attacks
      • Applications breaches, servers, PCs and OSs, network based attacks
      • The basics: DoS, DDoS, Malwares, Viruses, Warms, Trojans and other ugly stuff
      • Smart ones: DNS based attacks, OS Vulnerabilities, scripting, DB attacks and more
    • Protection methods
      • Defence in-depth – Devices, software’s and systems that protect the IT
      • Technology environment design
    • Standards and regulations
  • Security protocols basics
    • Encryption protocols and implementation
      • The basics – encryption types and definitions, Symmetric and asymmetric algorithms
      • Block Cyphers and stream cyphers
      • Hash Functions and Message Authentication Codes – MD5 and SHA1
      • Protocols – DES, IDEA, RC5/6, 3DES and AES
      • Asymmetric Protocols – RSA
    • Authentication protocols and implementation
    • Implementing security
      • Certificates and digital signatures
      • IPSec and key-management protocols
      • SSL/TLS
      • IKE and public key infrastructure
      • RADIUS/TACACS and AAA systems
  • Security components brief
    • Firewalls types and implementation
    • Web and mail filters
    • Application, database and Web firewalls (WAF)
    • SSL devices
    • SIEM systems
    • Endpoint security
    • IDS/IPS types and implementation

 

Part 2 – Securing Network Components

  • Communications devices security
    • Typical attack on the network and network devices
    • In-band and Out-of-band connectivity
    • What we protect – management, control, and data planes
    • Access limitations and AAA mechanisms
  • Routers, switches and how to protect them
    • Routing protocols – brief
    • Cavities and attacks on LAN switches
    • Cavities and attacks on routing protocols
    • Management-plane protection – principles and configurations
    • Access limitations – ACLs, AAA mechanisms, connection limits and more
    • Access sources, uses and groups
    • Access protocols and accounting
    • SNMP, SSH, Telnet, Netflow and Syslog
  • Control plane protection
    • Routing protocols protection
    • ICMP, Fragments, attack reflectors and other attack sources and how to protect against them
    • Syslog, NTP, TFTP and other external servers protection
  • Data Plane protection
    • Routing updates and peer authentication
    • TCP and UDP attack’s protection
    • Application layer’s attack’s protection
  • Wireless LAN security brief
    • WLAN operation brief
    • Protocols – operation and implementation
      • Wired Equivalence Privacy (WEP)
      • WPA version 1 and WPA Pre-Shared KEY (WPA-PSK)
      • WPA version 2
      • 802.11i, TKIP, AES and CCMP
      • 802.1X and EAP
      • Implementing RADIUS authentication
      • WLAN security architectures

 

Part 3 – Securing Operating Systems and Applications

  • OSs security – LINUX: principles and configuration
    • Risks and attacks
      • Physical Attacks and Defenses
      • User Access Controls
      • Memory Attacks and Overflows
      • Boot-Time risks
      • Rootkits and Malicious Software
      • User access threats and defenses
      • Kernel Tuning For Security
      • Denial of Service Attacks (DoS/DDoS)
      • Script Vulnerability Attacks
      • Buffer Overflow Attacks
    • Servers and workstations security
      • Threats to servers and workstations
      • Server Resources control – rlimit_a, rlimit_cpu and more
      • Administrators, users, passwords, password strengths, enforcement and protection – /etc/passwd and /etc/passwd
      • Root protection, SU, and SUDO
      • Server updates and verification
      • BIOS and Boot Loader security
    • Services Security
      • Linux services and which ones to turn on/off
      • TCP Wrappers and xinetd
      • Portmap protection (NFSv2/3)
      • NFS, NIS, Kerberos, and secret-key cryptography for Linux servers
      • Apache HTTP, FTP, and Sendmail security
    • Communications security
      • Personal firewalls and system-config-security level
      • Working with OpenSSH and Gnu Privacy Guard
    • OSs security – Windows servers: principles and configuration (4H)
    • Security policy settings for Microsoft servers and clients – accounts and logins, DCOM, devices, domain controllers and members, LDAP, network access and security, system cryptography, user-account control
    • Auditing policy implementation – accounts, directory services, users, processes, and system events
    • Server hardening
      • Securing Server Features
      • Public Key Infrastructures
      • Securing Domain Services
      • Configuring security features
      • DNS Hardening
      • Implementing a secure web server
    • Firewall configuration
    • Fileserver security
    • Monitoring and auditing MS servers

 

Part 4 – Security Analysis and Monitoring Techniques

  • Security analysis tools
    • Wireshark operation
      • Wireshark basics
      • Wireshark tools
    • Security analysis using Wireshark
      • Security analysis using Wireshark
      • MAC and IP address spoofing
      • Attacks signatures and signature locations
      • Address and port scans, mutant scans, and more
      • ARP poisoning
      • Header and sequencing signatures
      • Attacks and exploits
      • TCP splicing and unusual traffic
      • DoS and DDoS Attacks
      • Protocol scans
      • Find maliciously malformed packets
    • Nmap and hacking tools
      • Nmap, Metasploit and other scanning tools
      • Wireless hacking tools
      • Linux tools

 

Please contact us for more information:
  • This field is for validation purposes and should be left unchanged.
Share with friends

Cybersecurity Career Guide - A Comprehensive Playbook to becoming A Cybersecurity Expert

Download our FREE PDF and Elevate Your Career in Tech Industry.
Unlock Your Future!