Description

Securing the information systems environment is one of the important tasks of the organization IT. This course focuses on the design, analysis, and implementation of enterprise-level security for enterprise and service-providers networks. This course will expose the student to secure networks, cloud and systems concepts, endpoint, and applications security.

This course is the third part of Cyber Security Architect course, in which we talk about Windows and Linux security.

Prerequisites

Network and cyber security protocols [SEC-002]

Duration

30 Hours + exercises

Content 

1. OS security – Linux principles and configuration [10 Hours + exercises]

• Risks and attacks
  • Physical Attacks and Defences
  • User Access Controls
  • Memory Attacks and Overflows
  • Boot-Time risks
  • Rootkits and Malicious Software
  • User access threats and defences
  • Kernel Tuning for Security
  • Denial of Service Attacks (DoS/DDoS)
  • Script Vulnerability Attacks
  • Buffer Overflow Attacks
• Servers and workstations security
  • Threats to servers and workstations
  • Server Resources control – rlimit_a, rlimit_cpu and more
  • Administrators, users, passwords, password strengths, enforcement and protection – /etc/passwd and /etc/passwd
  • Root protection, SU and SUDO
  • Server’s updates and verification
  • BIOS and Boot Loader security
• Services security
  • Linux services and which ones to turn on/off
  • TCP Wrappers and xinetd
  • Portmap protection (NFSv2/3)
  • NFS, NIS, Kerberos and secret-key cryptography for Linux servers
  • Apache HTTP, FTP and Sendmail security
• Communications security
  • Personal firewalls and system-config-securitylevel
  • Working with OpenSSH and Gnu Privacy Guard
• Hardening Linux environments
• Class exercise: Designing a secured Linux environment.
• Home exercise: Implementing secured Linux environment.

2. OSs security – Windows servers security principles and configuration [10 Hours + exercises]

• Security policy settings for Microsoft servers and clients – accounts and logons, DCOM, devices, domain controllers and members, LDAP, network access and security, system cryptography, user-account control
• Auditing policy implementation – accounts, directory services, users, processes, and system events
• Server hardening
  • Securing Server Features
  • Public Key Infrastructures
  • Securing Domain Services
  • Configuring security features
  • DNS Hardening
  • Implementing secure web server
• Firewall configuration
• Fileserver security
• Monitoring and auditing MS servers
• Class exercise: Designing a secured Windows Server environment.
• Home exercise: Implementing secured Windows Server environment.

3. Cloud computing technology [10 Hours + exercises]

• Motivation and evolution
• Definitions – Resource, Service and Service Agents, Horizontal and Vertical Scaling, Virtualization, Cloud and Cloud services
• Local vs. cloud services
• Cloud characteristics – On-demand usage, Ubiquitous Access, Multi-tenancy, Elasticity, Resilient computing
• Pro’s, Con’s and risks
  • Services structure
  • IaaS, PaaS and SaaS
• Deployment methods – Private, Public and Hybrid cloud
• Technology and protocols
  • Virtualization and virtual servers
  • Virtual networks, storage, and computing implementation
  • Cloud balancing and cloud bursting.
  • Local and Geographical Clusters
  • Cloud security – risks and breaches and how to secure them.
  • Protocols – REST, WSDL and SOAP
  • Service Grids
  • QoS considerations and applications requirements
• Cloud security