(WINDOWS SERVER 2003)
Duration: 5days
Target Student: This course is targeted toward an Information Technology (IT) professional who has networking and administrative skills in Windows-based TCP/IP networks and familiarity with other operating systems, such as NetWare, Macintosh, UNIX/Linux, and OS/2, who wants to: further a career in IT by acquiring a foundational knowledge of security topics; prepare for the CompTIA Security+ Certification examination; or use Security+ as the foundation for advanced security certifications or career roles Course Outline: Lesson 1: Secutity Fundamentals A Security Building Blocks
Security Goals – The CIA Triad
Security Factors – The Four A’s
Access Control Methods
Privilege Management
B Authentication Methods
Authentication Factors
User Name/Password Authentication
Challenge Handshake Authentication Protocol (CHAP)
Kerberos
Tokens
Biometrics
Multi-Factor Authentication
Mutual Authentication
C Cryptography Fundamentals
Encryption
Encryption Algorithms
Keys
Hashing Encryption
Hashing Encryption Algorithms
Symmetric Encryption
Asymmetric Encryption
Cipher Types
Symmetric Encryption Algorithms
Asymmetric Encryption Algorithms
Digital Signatures
D Security Policy Fundamentals
Security Policies
Security Policy Components
Security Policy Issues
Common Security Policy Types
Security Document Categories
Documentation Handling Measures
Lesson 2: Security Threats A Social Engineering
Social Engineering Attacks
Hackers, Crackers, and Attackers
Attacker Types
B Software-Based Threats
Software Attacks
Port Scanning Attacks
Eavesdropping Attacks
IP Spoofing Attacks
Hijacking Attacks
Replay Attacks
Man-in-the-Middle Attacks
Denial of Service (DoS) Attacks
Distributed Denial of Service (DDoS) Attacks
Types of DoS Attacks
Malicious Code Attacks
Types of Malicious Code
Default Security Attacks
Software Exploitation Attacks
Types of Software Exploitation Attacks
Misuse of Privilege Attacks
Password Attacks
Types of Password Attacks
Backdoor Attacks
C Hardware-Based Threats
Hardware Attacks
Lesson 3: Hardening Internal Systems and Services A Harden Operating Systems
System Vulnerabilities
System Vulnerability Categories
Hardening
Security Baselines
System Updates
Windows Security Policies
Windows Auditing
Services, NLMs, and Daemons
Service, NLM, and Daemon Vulnerabilities
Security Templates
B Harden Directory Services
Directory Services
Common Directory Services
Lightweight Directory Access Protocol (LDAP)
Directory Service Vulnerabilities
C Harden DHCP Servers
Dynamic Host Configuration Protocol (DHCP)
DHCP Vulnerabilities
D Harden File and Print Servers
File and Print Server Vulnerabilities
The Server Message Block (SMB) Protocol
SMB Signing
Lesson 4: Hardening Internetwork Devices and Services A Harden Internetwork Connection Devices
Internetwork Devices
Unnecessary Network Protocols
Firmware Updates
Internetwork Device Vulnerabilities
Demilitarized Zones (DMZs)
Intranets
Extranets
Virtual LANs (VLANs)
Network Address Translation (NAT)
Network Media
Network Media Vulnerabilities
B Harden DNS and BIND Servers
DNS
DNS and BIND Vulnerabilities
C HardenWeb Servers
HTTP
Web Server Authentication
Web Server Authentication Methods
Web Server Vulnerabilities
D Harden File Transfer Protocol (FTP) Servers
FTP
FTP Vulnerabilities
Secure Shell (SSH)
Secure FTP (SFTP)
E Harden Network News Transfer Protocol (NNTP) Servers
NNTP
NNTP Vulnerabilities
F Harden Email Servers
Simple Mail Transfer Protocol (SMTP)
Email Vulnerabilities
Pretty Good Privacy (PGP)
Secure Multipurpose Internet Mail Extensions (S/MIME)
G Harden Conferencing and Messaging Servers
Conferencing and Messaging Vulnerabilities
Lesson 5: Security Network Communication A Protect Network Traffic with IP Security (IPSec)
IPSec
IPSec Algorithms
IPSec Transport Protocols
Internet Key Exchange (IKE)
Security Associations (SAs)
IPSec Policies
Default IPSec Policies
IPSec Policy Rules
B SecureWireless Traffic
Wireless Protocol Standards
Wireless Protocol Implementations
Wireless Security Protocols
Wireless Vulnerabilities
C Harden aWeb Browser
Browser Vulnerabilities
Internet Explorer Security Settings
D Secure the Remote Access Channel
Remote Access Methods
Telecommunications Vulnerabilities
Tunneling
Virtual Private Networks (VPNs)
VPN Protocols
VPN Security Protocols
Remote Access Vulnerabilities
Lesson 6: Managing Public Key Infrastructure (PKI)
A Install a Certificate Authority (CA) Hierarchy
Digital Certificates
Certificate Authentication
Public Key Infrastructure (PKI)
PKI Components
CA Hierarchies (Trust Models)
The Root CA
Public and Private Roots
Subordinate CAs
Centralized and Decentralized CA Hierarchies
B Harden a Certificate Authority
Certificate Policies
Multiple and Dual Key Pairs
The Certificate Life Cycle
CA Vulnerabilities
C Back Up a CA
D Restore a CA
Lesson 7: Managing Certificates A Enroll Certificates
The Certificate Enrollment Process
B Secure Network Traffic by Using Certificates
Secure Sockets Layer (SSL)
HTTPS
Transport Layer Security (TLS)
C Renew Certificates
D Revoke Certificates
Certificate Revocation
The Certificate Revocation List (CRL
E Back Up Certificates and Private Keys
Private Key Protection Methods
F Restore Certificates and Private Keys
Private Key Restoration Methods
Private Key Replacement
Lesson 8: Enforcing Organisational Security Policies A Enforce Corporate Security Policy Compliance
Risk Identification
B Enforce Legal Compliance
Legal Requirements
Forensic Requirements
Human Resources (HR) Policies
C Enforce Physical Security Compliance
Physical Security Measures
Storage Media Vulnerabilities
Business Continuity Plans (BCPs)
Disaster Recovery Plans (DRPs)
Service Level Agreements (SLAs)
Alternate Sites
Secure Recovery
Backup Storage Locations
D Educate Users
The Employee Education Process
User Security Responsibilities
Lesson 9: Monitoring the security Infrastructure A Scan for Vulnerabilities
The Hacking Process
Ethical Hacking
Security Utilities
Types of Vulnerability Scans
Port Ranges
B Monitor for Intruders
Intrusion Detection Systems (IDSs)
Host, Network, and Application-based IDS
Passive and Active IDS
Signature and Anomaly IDS Analysis
C Set Up a Honeypot
Honeypots
Types of Honeypots
D Respond to Security Incidents
Incident Response Policies
|
Πιστοποιήσεις 
