 |
Headline
There's no magic formula for e-business success. It
requires vision, execution -- and an integrated, flexible technology
infrastructure. That's why more and more companies are relying on
EC-Council's accreditation of e-Business skills.
|
|
|
EC-Council Network Security Administrator
Course Outline v1
Module 1: Introduction To Network Security
- Network topology
- Network Type
- OSI Model
- Physical Layer
- Data Link Layer
- Network Layer
- Transport Layer
- Session Layer
- Presentation Layer
- Application Layer
- Network Devices
- Repeater
- Multiplexer
- Routers
- Brouter
- Hub
- Switch
- Bridge
- Modem
- Cables
- ISDN Terminal Adapter
- Network Card
- Data Transmission Modes
- Broadband And Baseband
- Segments And Backbone
- Client Server And Peer-Peer Networking
Module 2: Network Protocols
- Network Protocols: Overview
- Serial Line Internet Protocol
- Point-to Point Protocol
- Internet Protocol: Attacks and Countermeasures
- Address Resolution Protocol
- Vulnerabilities and Security Measures
- Reverse Address Resolution Protocol
- Internet Group Management Protocol
- Internet Control Message Protocol
- Attacks and Security Measures
- Transmission Control Protocol
- User Datagram Protocol
- TCP, UDP: Attacks and Countermeasures
- File Transfer Protocol
- Trivial File Transfer Protocol
- FTP, TFTP: Vulnerabilities
- TELNET
- Simple Mail Transfer Protocol
- TELNET, SMTP: Vulnerabilities
- Network News Transfer Protocol
- Network News Transfer Protocol:
Vulnerability and Countermeasures
- Simple Network Management Protocol
- Simple Network Management Protocol:
Security Issues
- Hyper Text Transfer Protocol
- Hyper Text Transfer Protocol:
Vulnerabilities
Module 3: Security Policy
- Security Policy Overview
- What is Security Policy?
- What Defines a good security policy
- Classification Systems, Security Levels
- Security Framework
- Purpose of the Policies
- Vital role of a security policy
- Goals of security policies
- Security Policy Structure
- Developing security policies
- Developing security policy guidelines
- Implementing Security Policies
- Security Operations Management
- Security Lifecycle Management
- Types of Security Policies: Issues Specific
Policies
- Securing Assets
- Points to remember while writing Security
Policy
- Defining Responses to Security Violations
- Presenting and Reviewing the Process
- Requirements of the Effective Security Policy
Module 4: Physical Security
- Physical Security
- Internet Security
- Statistics
- Types of Attackers
- Physical Security Threats
- Physical Access Controls
- Physical Security Controls
- Locks and Keys
- TEMPEST
- Mantrap
- Mantrap: Diagrammatical Representation
- Fire Safety: Fire Suppression, Gaseous
Emission Systems
- Fire Safety: Fire Detection
- Failures of Supporting Utilities: Heating
Ventilation, Air Condition
- Failures of Supporting Utilities: Power
Management and Conditioning
- Uninterruptible Power Supplies
- Skimming
- Laptop Security: Physical Security
Countermeasures
- Laptop Security: Information Security
Countermeasures
- Biometric Devices
- Printer Security
- Desktop Security
- PC Security: Boot Access
- PC Security: BIOS Security
- BIOS Security: LILO Abuse
- Premise Security
- Reception Area
- Office Security
- Dumpster Diving
- Physical Security Checklist
Module 5: Network Attacks
- Current Statistics
- Defining Terms: Threats, Attack and Exploit
- Classification of Hackers
- Classification of Attacks
- Trojan
- Virus
- Worm
- Rootkit
- Spoofing Attacks
- Spamming Attacks
- Eaves Dropping
- Phishing
- War Dialing
- Social Engineering
- Password Cracking
- Sniffing
- Types of Sniffing
- Web Page Defacement
- SQL Injection
- Wire Tapping
- War Driving, War Chalking, War Flying
- Denial of Service (DOS) Attacks
- Distributed Denial of Service Attacks (DDOS)
- Buffer Overflow Attacks
Module 6: Intrusion Detection System
- Introduction to IDS
- History of Intrusion Detection
- Some Early IDSs at a Glance
- Characteristics of IDS
- Importance of IDS
- Deployment of IDS
- Distributed IDS
- Introduction and Advantages
- Components
- Aggregate Analysis with IDS
- Types of IDS
- Network based IDS
- NIDS Architecture
- Traditional Sensor-Based
- Distributed Network Node
- Host Based IDS
- HIDS Architecture
- Centralized Host Based
- Distributed Real Time Host Based
- Host based IDS Vs Network based IDS
- IDS Detection Methods
- Types of Signatures
- Network signatures
- Host based signatures Compound Signatures
- Methods to Detect signatures
- True/False-Positive/Negative
- IDS Tool
- Snort
- BlackICE
- M-ICE
- Secure4Audit (auditGUARD)
- Emerald
- Nides
- SECUREhOST
- Prelude IDS
- The Hybrid IDS Framework
- Components
- Interaction between Prelude components
- Relaying
- Reverse Relaying
- Intrusion Prevention System
- IDS Vs IPS
- IPS Tool
- Sentivist
- StoneGate IPS
- McAfee
Module 7: Firewalls
- Firewalls: Introduction
- Security features
- Securing individual users
- Perimeter security for networks
- Multiple components
- Handling threats and security tasks
- Protection against hacking
- Centralization and Documentation
- Multi-layer firewall protection
- Packet filtering
- Stateful Packet Filtering
- Firewall packages
- Screening router
- Dual homed host
- Types of firewall configurations
- Screened host
- Screened Host
- Two router with one firewall
- DMZ screened subnet
- Multi firewall DMZ
- Two firewalls, One DMZ
- Two firewalls, Two DMZ
- Specialty firewalls and Reverse firewalls
Module8: Packet Filtering and Proxy Servers
- Network Address Translation
- Application layer gateway
- Application proxies
- Virtual Private Network
- Intrusion Detection System
- Packet filtering
- Devices
- Approaches
- Stateless packet filtering
- Configuration
- Filtering IP header criteria
- TCP flags in a packet header
- TCP/UDP Port Numbers
- ICMP message type
- Fragmentation flags
- ACK flags
- Suspicious Inbound Packets
- Stateful packet filtering
- Filtering based on packet contents
- Overview of Proxy Servers
- Proxy server v/s packet filtering
- Goals of Proxy Servers
- Proxy server based firewalls
- Firewalls: Authentication process
- Firewalls implementing the authentication
process
- Types of authentication process
Module 9: Bastion Host and Honeypots
- Bastion Host
- Kinds
- Need
- Basic Principles
- Requirements
- Selecting the OS
- Positioning the Bastion host
- History of Honeypots
- Introduction
- Advantages and Disadvantages
- How to select a honeypot
- Production honeypot
- Research Honeypot
- Classification by Interaction
- Low Interaction Honeypots
- Medium Interaction Honeypots
- High Interaction Honeypots
- Homemade Honeypots
- Port-Monitoring Honeypots
- Jailed Environment
- Mantrap
- Honeypots
- The Deception toolkit
- Jackpot
- Honeynet
- Working
- The Honeynet project
- Where to place Honeynet
- Legal issues related
Module 10: Hardening Routers
- Routers: Introduction
- Router: Diagram
- Routers: metrics
- Multiple routing
- Types of routes
- Routed Vs Routing Protocols
- Routing algorithms
- Internet work Operating Systems (IOS)
- IOS: FEATURES
- Configuring Routers
- External configuration sources
- Internal configuration sources
- Router Initiation
- Loading the configuration files
- Configuring from the TFTP Server
- The Setup Configuration Mode
- CLI configuration mode
- Routers: Modes of Operations
- Basic Router Commands
- IP Routing
- Configuring IP and IP routing
- Configuring RIP
- IP Source Routing
- Troubleshooting a router
- Troubleshooting tools
- Troubleshooting with network management
tools
- Troubleshooting IP Connectivity in Routers
- Troubleshooting PPP
- Troubleshooting Frame Relay
- Troubleshooting X.25
- Troubleshooting ISDN
- Hardening a Router
- Configuring a banner
- Passwords and secrets
- Encrypting passwords
- Creating end user accounts
- Setting session time-out periods
- Cisco Discovery Protocol
- Finger
- Disabling the auxiliary and closing extra
interfaces
- BOOTp service
- TCP and UDP small servers
- Disabling Proxy ARP
- Disabling SNMP
- Disabling NTP
- Logging system error messages
- Filtering Network Traffic: ACL
- ACL Types
- Creating ACL
- Implementing ACL
- Monitoring ACL
- Securing Routers: ACL
- Securing Routers: CAR
- Securing Routers: SSH
- Authentication methods
- Configuring SSH
- Components of router security
- Router security: testing tools
Module 11: Hardening Operating Systems Security
- Windows Security
- Windows Registry
- Configuring Windows Services
- Process
- Resource Access
- Objects And Permissions
- Discretionary Access Control List (DACL)
- Rights Vs Permissions
- NTFS File System Permissions
- Encryption File System (EFS)
- Windows Network Security
- Active Directory
- Kerberos Authentication And Domain Security
- Group Policy
- Share Security
- Trust Relationships Between Domains
- IP Security
- Problems With IP Security
- Linux
- OS Security Measures
- Linux
- Linux Update Agent
- Configuring Unix Services
- User Management
- Linux
- etc/password fields
- etc/shadow fields
- PAM
- PAM Modules
- Network Information Services
- etc/group
- etc/gshadow
- Group Management Utilities
- Network File System
- Linux
- Permission Management Tools
- System Logger Utility
- Windows Network Security
- Computer Management
- File System Management
- Security Configuration And Analysis Tool
Module 12: Patch Management
- Introduction
- Red Hat Up2date Patch Management Utility
Installation Steps
- Red Hat Up2date Patch Management: Command Line
Interface
- Types of Patches defined by Microsoft
- Microsoft Patch Management Process
- Identification
- Assessment
- Obtainment
- Testing
- Deployment
- Confirmation
- Patch Management Tool: Qchain
- Windows Update Services
- Patch Management Tool: Microsoft Baseline
Security Analyzer
- MBSA: Scanning Updates in GUI Mode
- MBSA: Scanning Updates in Command-line version
- Other Patch Management Tools:
- BES Patch Management
- Shavlik HFNetChkPro 5
- PatchLink Update
- SecureCentral™ PatchQuest
Module 13: Application Security
- Importance Of Application Security
- Why Is Web Security So Difficult?
- Application Threats And Countermeasures
- Securing Web Applications
- Embedded Application Security
- TCP/IP security Technology
- IPSec And SSL Security
- IPSec And SSL Security In Embedded Systems
- Network Security For Embedded Applications
- Embedded Network Security Hardware
Instructions
- Writing Secure Coding Practice
- Securing Coding
- Common Errors
- Buffer Overflow
- Format String Vulnerabilities
- Authentication
- Authorization
- Cryptography
- Best Practice For Secure Coding
- Secure Coding Tools
- Remote Administration Security
Module 14: Web Security
- Network Devices
- Network Design
- Physical Location and Unauthorized Devices
- Network Addresses
- Tracking the Connectivity: Tracert/Traceroute
- Testing the Traffic Filtering Devices
- Altering the Network Addresses
- Client Authorization
- Client Authentication
- User’s Approach
- Authentication Techniques
- Restrictive Access
- Browsing Analysis
- Client-Side Data
- Secure Client Transmissions
- Portable Application
- Malicious Code Detection
- Browser Security Settings
- Common Gateway Interface (CGI)
- CGI Script:
- Mechanisms and Variables
- Third part CGI Scripts
- Server Side Includes
- Dynamic Code
- Securing Application Code
- Web Application Input Data Validation
- Buffer Overflow Testing
- Overview of Server-Side Data
Module 15: E-Mail Security
- Basics of E-Mail
- Types of E-Mail
- Components Of An Email
- Headers
- Working of an E-Mail header
- Examining an E-Mail header
- Reading E-Mail headers
- Reading E-Mails for different clients
- Field names and values
- Address list
- Recipients and Senders
- Response targets and threading
- E-Mail Servers
- E-Mail encryption and authentication
- E-mail protocols
- S/MIME and PGP
- SMTP
- POP, IMAP
- HTTP
- Client and server architecture
- E-Mail Security Risks
- Malware
- E-Mail spoofing
- E-Mail viruses
- Gateway virus scanners
- Outlook Viruses
- E-mail Attachment Security
- E-mail security risks
- E-Mail Spamming
- Protecting against spam
- Spam filters
- E-Mail Bombing, Chain letters
- How to defend against E-Mail security risks
- TOOLS
- GfiMailEssentials
- SpamAware
Module 16: Encryption
- Firewalls Implementing Encryption
- Lack of Encryption
- Cost of encryption
- Preserving data integrity
- Maintaining confidentiality
- Authenticity of N/W clients
- Digital certificates
- Viewing a digital certificates
- Public and Private Keys
- A Public Key Generated by PGP
- Choosing the size of keys
- Generating Keys
- Using a Key Server that is on a User’s Network
- Using an Online Key Server
- Analyzing popular encryption schemes
- Symmetric Vs Asymmetric Encryption
- Symmetric key encryption
- Asymmetric key encryption
- PGP
- X.509
- SSL
- IP Sec ENCRYPTION
- Understanding
- Modes
- Protocols
- Components of IP sec
- Choosing Best IPSec Mode for Organizations
- Enabling IPSec
- Limitations
Module 17: Virtual Private Networks
- Virtual Private Networks
- Classifications Of VPN
- Tunneling
- Types Of Tunneling
- VPN Tunneling Protocols
- PPTP
- Introduction
- Control Connections
- Security And Disadvantages
- Characteristics Of L2TP
- L2TP Compulsory Tunnel
- L2TP Voluntary Tunnel
- VPN Security
- Connection To VPN
- SSH And PPP
- Concentrator
- Other Methods
- Step1: Setting Up VPN
- Step2: Implement DHCP Services
- Step3: Create An Enterprise Certificate
Authority
- Step 4: Install IAS
- Step 5: Configure IAS
- Step 6: Create A Remote Access Policy
- Step 7: Configure The VPN Server
- Step 8: Associate The VPN Server With The DHCP
Server
- Step 9: Configure Remote Clients
- Step 10: Test The Client Connection
- VPN Policies
- VPN Registrations And Passwords
- Risk Associated With VPN
- Pre Implementation Review – Auditing
- Implementation Review – Auditing
- Post Implementation Review And Reporting
Module 18: WLAN
- Introduction To Wireless Networks
- Wireless Network Types
- What is WLAN?
- Access Points
- Wireless Cards
- Antenna
- WLAN Standards
- Advantages And Disadvantages Of WLAN
- BlueTooth And Ultra Wideband
- WLAN Security
- Service Set Identifier
- Wired Equivalent Privacy
- WEP Description Tool
- WPA
- TKIP
- CCMP
- WTLS
- EAP Methods
- Advanced Encryption Standards (AES)
- Data Encryption Standards (DES)
- RSA Encryption
- Additional Wireless Security
- WLAN Security Policy Development Issues
- Goals And Characteristics
- Risk Due To Wireless Networks
- Auditing WLAN Security Policy
- Secure Wireless Public Network Access
- WLANs In Public Space
- DHCP Services
- Baselining
- Authentication Mechanism
- Kerberos
- Components
- Exchanges Of Kerberos Client
- RADIUS
- LDAP
- Multifactor Authentication
- Mobile Security Through Certificates
- Certificate Management Through PKI
- Security Vulnerabilities With Public Access
Wireless Networks
Module 19: Creating Fault Tolerance
- Network Security: Fault Tolerance
- Why Create Fault Tolerance
- Planning For Fault Tolerance
- Reasons For System Failure
- Crime
- User Error
- Environmental
- Routine Events
- Preventive Measures
- Backups
- Tape Backup – Pros And Cons
- Practical tips
- UPS And Power Generators
- Access Rights
- Perimeter Security
- Physical Security
- Offsite Storage
- RAID
- RAID Level 0
- RAID Level 1
- RAID Level 5
- Clustered Servers
- Simple Server Redundancy
- Archiving
- Deployment Testing
- Auditing
- Circuit Redundancy
Module 20: Incident Response
- What Is an Incident
- Category of Incident
- Types of Incident
- Who should I report an Incident
- Step by Step Procedure
- Managing Incidents
- What Is an Incident Response
- Incident Response Architecture
- Six Step Approach for Incident Handling (PICERF
Methodology)
- Preparation
- Identification
- Containment
- Eradication
- Recovery
- Follow-up
- Incident Response Team
- Basic Requirements
- Ways of Communication
- Staffing Issues
- Stages
- Obstacles in Building a Successful Incident
Response Team
- Computer Security Incident Response Team
- Services
- Reactive Services
- Proactive Services
- Security Quality Management Services
Module 21: Disaster Recovery and Planning
- Overview of Disaster and its types
- What is a Disaster Recovery
- Principles of Disaster Recovery
- Types of Disaster Recovery Systems
- Synchronous Systems
- Asynchronous Systems
- Backup Site
- Recovery of Small and Large Computer Systems
- Emergency Management
- Disaster Recovery Planning
- Process of Disaster Recovery Plan
- Organizing
- Training
- Implementing
- Process
- Disaster Recovery Testing
- Testing Process
- Testing Steps
- Testing Scenarios
- Disaster Recovery Planning Team
- Training the Disaster Recovery Planning
Team
- Business Process Inventory
- Business Continuity Planning Process
- Business Impact Analysis
- Risk Assessment
- Other Policies, standards and process
- Monitoring
- Business Continuity Management
- Six myths about Business Continuity Management
and Disaster Recovery
- Disaster Prevention
Module 22: Network Vulnerability Assessment
- Statistics of Network Vulnerabilities in 2005
- Vulnerability Assessment
- Vulnerability classes
- Goals of vulnerability assessment
- Features of a good vulnerability assessment
- Choice of Personnel for Network Vulnerability
Assessment
- Network vulnerability Assessment methodology:
- Phase 1- Acquisition
- Phase 2 - Identification
- Phase 3 - Analyzing
- Phase 4 - Evaluation
- Phase 5 - Generation
- How to assess vulnerability assessment tools
- Selecting vulnerability assessment tools
- Tools:
- SAINT
- Nessus
- BindView
- Nmap
- Ethereal
- Retina
- Sandcat Scanner
- Vforce
- NVA-Team Checklist
- Tool: ScanIT Online
|
|
|
|
Consultant