SCNP - Network Defense & Countermeasures (NDC)

  

HOME

 

CONSULTING

Networking & Security
HIPAA Compliance 

COURSE DELIVERY

Public
Private
Cruise
Study Resources
 

GENERAL

Registration
Directions
San Francisco
Instructors
Contact
  

COURSES

 

CISCO 

CCNA

ICND

CCNP

BSCI
BCMSN
BCRAN
CIT
Program Info

CCSP

SECUR
CSPFA
CSVPN
CSIDS
CSI
Program Info
 

ASCENDANT

SCNP

HTI
NDC
Program Info

SCNA

ASI
ESS
Program Info

ISC2 

CISSP

 

EC-COUNCIL

CEH

Ethical Hacking

CHFI

Computer Forensics

 

HIPAA ACADEMY

CHA
CHP
CHSS
FAQs
Course Description

Network Defense and Countermeasures is an instructor-led 5-day classroom delivery with structured and hands-on activities.  

It is the second course in the first level (SCNP) of the Security Certified Program, focusing on the student's understanding of the architecture for network defense.  

The course is designed for the student who is a network administrator responsible for maintaining a wide range of networking technologies.

Students will work with layered network defense structures and implement firewalls on various platforms. Students will also gain a working knowledge of Virtual Private Networks and Intrusion Detection Systems, perform packet and signature analyses, identify different methods of risk analysis, and create a security policy.

This is the final Level One (SCNP) course of the Security Certification Program.  Passing the associated exams for the Level One courses results in the Security Certified Network Professional (SCNP) certification.  

Prepares the student for the SC0-402 HTI exam

Level Two consists of two courses: Advanced Security Implementation, and Enterprise Security Solutions.  Passing the associated exams for the Level Two courses results in the Security Certified Network Architect (SCNA) certification.

 
Prerequisites

Hardening the Infrastructure (the first course in the Security Certified Program).

 
Objectives

  • Identify the basic components of a layered structure for network defense architecture, and describe access control objectives and auditing concepts. 
  • Identify key concepts and technologies used in the design of firewall systems, as well as methods of implementing firewalls in different scenarios.
  • Implement and configure firewalls for three different operating systems and compare their functionality while also identifying the differences between the technologies. 
  • Describe Virtual Private Networks (VPNs) and related security issues, and take steps to implement a VPN solution built into Windows 2000. 
  • Describe the key concepts of Intrusion Detection Systems, including distinguishing between host-based and network-based Intrusion Detection Systems. 
  • Implement and configure a network-based and a host-based IDS. 
  • Describe core concepts of TCP/IP packet and signature analysis with the goal of intrusion detection, and examine the goals of the Common Vulnerabilities and Exposure (CVE) project. 
  • Identify the concepts and issues related to risk analysis, and analyze different methods of risk analysis, different standards, and different techniques to minimize risk. 
  • Implement a security policy for an organization by examining different methods of policy creation and implementation, and creating a policy document.  

Course Content
 

Chapter 1: Network Defense Fundamentals 

  • Network Defense 
  • Defensive Technologies 
  • Objectives of Access Control 
  • The Impact of Defense 
  • Network Auditing Concepts

Chapter 2: Designing Firewall Systems 

  • Firewall Components 
  • Create a Firewall Policy 
  • Rule Sets and Packet Filters 
  • Proxy Server 
  • The Bastion Host 
  • The Honeypot

Chapter 3: Configuring Firewalls 

  • Firewall Implementation Practices 
  • Installing and Configuring FireWall-1 
  • Installing and Configuring ISA Server 2000 
  • Monitor ISA Server 
  • IPChains Concepts 
  • Implementing Firewall Technologies

Chapter 4: Configuring VPNs 

  • VPN Fundamentals 
  • IP Security Protocol (IPSec) 
  • VPN Design and Architecture 
  • VPN Security 
  • Configuring a VPN

Chapter 5: Designing an IDS 

  • The Goals of an Intrusion Detection System 
  • Technologies and Techniques of Intrusion Detection 
  • Host-based Intrusion Detection 
  • Network-based Intrusion Detection 
  • The Analysis 
  • How to Use an IDS 
  • What an Intrusion Detection System Cannot Do

Chapter 6: Configuring an IDS 

  • Snort Foundations 
  • Snort Installation 
  • Snort as an IDS 
  • Configuring ISS Scanners

Chapter 7: Analyzing Intrusion Signatures 

  • Signature Analysis 
  • Common Vulnerabilities and Exposures (CVE) 
  • Signatures 
  • Normal Traffic Signatures 
  • Abnormal Traffic Signatures

Chapter 8: Performing a Risk Analysis 

  • Concepts of Risk Analysis 
  • Methods of Risk Analysis 
  • The Process of Risk Analysis 
  • Techniques to Minimize Risk 
  • Continual Risk Analysis

Chapter 9: Creating a Security Policy 

  • Concepts of Security Policies 
  • The Policy Design 
  • The Policies 
  • An Example Policy 
  • Incident Handling and Escalation Procedures 
  • Partner Policies