Course Description
Network Defense and Countermeasures is an instructor-led 5-day
classroom delivery with structured and hands-on
activities.
It is the second course in the first level
(SCNP) of the Security Certified
Program, focusing on the student's understanding of the architecture for network defense.
The course is designed for the student who is a
network administrator responsible for maintaining a wide range of networking technologies.
Students will work with layered network defense structures and implement firewalls on various platforms. Students will also gain a working knowledge of Virtual Private Networks and Intrusion Detection Systems, perform packet and signature analyses, identify different methods of risk analysis, and create a security policy.
This is the final Level One
(SCNP) course of
the Security Certification Program. Passing the associated
exams for the Level One courses results in the Security Certified
Network Professional (SCNP) certification.
Prepares the student for the
SC0-402
HTI exam
Level Two consists of two
courses: Advanced
Security Implementation, and Enterprise
Security Solutions. Passing the associated exams for the
Level Two courses results in the Security Certified Network
Architect (SCNA) certification.
Prerequisites
Hardening
the Infrastructure (the first course in the Security Certified Program).
Objectives
- Identify the basic components of a layered structure for network defense architecture, and describe access control objectives and auditing concepts.
- Identify key concepts and technologies used in the design of firewall systems, as well as methods of implementing firewalls in different scenarios.
- Implement and configure firewalls for three different operating systems and compare their functionality while also identifying the differences between the technologies.
- Describe Virtual Private Networks (VPNs) and related security issues, and take steps to implement a VPN solution built into Windows 2000.
- Describe the key concepts of Intrusion Detection Systems, including distinguishing between host-based and network-based Intrusion Detection Systems.
- Implement and configure a network-based and a host-based IDS.
- Describe core concepts of TCP/IP packet and signature analysis with the goal of intrusion detection, and examine the goals of the Common Vulnerabilities and Exposure (CVE) project.
- Identify the concepts and issues related to risk analysis, and analyze different methods of risk analysis, different standards, and different techniques to minimize risk.
- Implement a security policy for an organization by examining different methods of policy creation and implementation, and creating a policy document.
Course Content
Chapter 1: Network Defense Fundamentals
- Network Defense
- Defensive Technologies
- Objectives of Access Control
- The Impact of Defense
- Network Auditing Concepts
Chapter 2: Designing Firewall Systems
- Firewall Components
- Create a Firewall Policy
- Rule Sets and Packet Filters
- Proxy Server
- The Bastion Host
- The Honeypot
Chapter 3: Configuring Firewalls
- Firewall Implementation Practices
- Installing and Configuring FireWall-1
- Installing and Configuring ISA Server 2000
- Monitor ISA Server
- IPChains Concepts
- Implementing Firewall Technologies
Chapter 4: Configuring VPNs
- VPN Fundamentals
- IP Security Protocol (IPSec)
- VPN Design and Architecture
- VPN Security
- Configuring a VPN
Chapter 5: Designing an IDS
- The Goals of an Intrusion Detection System
- Technologies and Techniques of Intrusion Detection
- Host-based Intrusion Detection
- Network-based Intrusion Detection
- The Analysis
- How to Use an IDS
- What an Intrusion Detection System Cannot Do
Chapter 6: Configuring an IDS
- Snort Foundations
- Snort Installation
- Snort as an IDS
- Configuring ISS Scanners
Chapter 7: Analyzing Intrusion Signatures
- Signature Analysis
- Common Vulnerabilities and Exposures (CVE)
- Signatures
- Normal Traffic Signatures
- Abnormal Traffic Signatures
Chapter 8: Performing a Risk Analysis
- Concepts of Risk Analysis
- Methods of Risk Analysis
- The Process of Risk Analysis
- Techniques to Minimize Risk
- Continual Risk Analysis
Chapter 9: Creating a Security Policy
- Concepts of Security Policies
- The Policy Design
- The Policies
- An Example Policy
- Incident Handling and Escalation Procedures
- Partner Policies
|