Building Secure Networks

A two days course

Language: English

WHAT YOU WILL LEARN:
Find out how to think about Security risks at your site
How to build a Security Strategy in a TCP/IP network (with or without connections to the Internet)
Analyze your exposure to the variety of attacks .
Understand the role of firewalls, encryption, decryption and other tools to safeguard your INTRANET
Build a foundation for the security strategy to protect your assets

OUTLINES

Introduction to Security
  • Describe computer security.
  • Distinguish between the different types of security.
  • Identify the common security threats.
  • Understand and implement physical security.
Guidelines and Policies
  • Plan your security needs.
  • Identify the assets you want to protect.
  • Identify the threats to your organization.
  • Create a simple security policy and make a risk assessment.
Local Security
  • Authentication:
    • Security in NT, UNIX, LINUX
    • Implement a secure user and group scheme.
    • Implement a secure password policy.
    • Implement secure file and directory structures.
  • Understand encryption techniques.
    • Private and Public keys
  • Pretty Good Privacy
  • Secure Socket Layer
  • Use System logging facilities.
  • Learn about backup tools to implement a local fallback strategy.
Protecting the dial-in connection
  • Dial Back
  • PPP
  • Authentication solutions based on :
    • Questions and answers: RADIUS, LDAP server, TACACS
    • Using a certificate authority: RSA Security
    • Security Cards
  • Using packet filters to preventing unwanted access from external networks
KERNEL SECURITY
  • How to arm your kernel?
  • Implement kernel security options.
  • Compile, configure and install a kernel with security options enabled.
Network Security
  • Review the security implications of local area network traffic.
  • Understand the way UNIX and Linux can be protected through inetd and tcpwrappers.
  • Understand the security risks when running Telnet, ftp, DNS, mail, Apache (WWW) and NFS services.
  • Understand the common denial of service attacks: IP masquerading, IP spoofing, port scanning, Stealth Scanning, SOCKS, Ping of Death, Syn Attacks, Protocol analyzers
  • Understand the basic principles of firewall technology.
Security Tools
  • Choose the security tools appropriate for your organization.
  • Become aware of the, growing, amount of Open Software Security tools available : CERT,COAST,SATAN,ISS
  • Understand the SAINT and Tripwire administrative tools.
IP and Security
  • VPN: Virtual Private Networks
  • PPTP: Point-to-point tunneling
  • IPSec: IP layer security

[HOME] [dates] [reserve] [seminars]
FDDI Institute
De Regenboog 11 - 2800 Mechelen - Belgium - Europe
Tel 32 15 24 50 58 - Fax 32 15 25 10 50