Difference between revisions of "Cyber Security"
(Created page with " Security within the campus network has become an area that the network and system administrators need to focus more on. This workshop will focus on empowering the system admi...") |
|||
| Line 1: | Line 1: | ||
| + | =Cyber Security Workshop= | ||
Security within the campus network has become an area that the network and system administrators need to focus more on. This workshop will focus on empowering the system administrators on how to secure the services and servers within the campus and also empower the network administrators on how to secure the campus network. | Security within the campus network has become an area that the network and system administrators need to focus more on. This workshop will focus on empowering the system administrators on how to secure the services and servers within the campus and also empower the network administrators on how to secure the campus network. | ||
| Line 4: | Line 5: | ||
This training will enable the network and system administrators run secure services within the campus network. | This training will enable the network and system administrators run secure services within the campus network. | ||
| − | =Who Should Attend= | + | ==Who Should Attend?== |
This course is designed for system and network administrators who are interested in learning and implementing best practices for running a secure and stable campus network. | This course is designed for system and network administrators who are interested in learning and implementing best practices for running a secure and stable campus network. | ||
| − | = | + | ==Prerequisites== |
| − | + | I.A laptop with wireless capability | |
| − | + | II.IPv4 addressing and general network concepts | |
| − | + | III. Knowledge of UNIX and/or Linux | |
| − | + | IV. At least three years’ experience as a systems / network administrator in a medium to large campus network | |
| − | + | V. Residential | |
| − | |||
| − | |||
| − | + | ==Target Group:== | |
| − | + | Systems/Network Administrators in charge of security; | |
| + | ==Course content== | ||
| − | + | ===Security Fundamentals=== | |
| − | + | Confidentiality | |
| + | |||
| + | Integrity | ||
| + | |||
| + | Availability | ||
| + | |||
| + | 2. Attacks and Threats | ||
| + | Worms & Trojans | ||
| + | Malware and Social Engineering Attacks | ||
| + | Attacks Using Malware | ||
| + | Social Engineering Attacks | ||
| + | |||
| + | 3. Switching security: | ||
| + | Port Security | ||
| + | Understanding Switch Security Issues | ||
| + | Protecting Against VLAN Attacks | ||
| + | Protecting Against Spoofing Attacks | ||
| + | Securing Network Services | ||
| + | Secure Network Switches to Mitigate Security Attack | ||
| + | 4. Application and Network Attacks | ||
| + | Application Attacks | ||
| + | Rogue DHCP Server protection | ||
| + | Web Application Attacks | ||
| + | Client-Side Attacks | ||
| + | Buffer Overflow Attacks | ||
| + | Network Attacks | ||
| + | Denial of Service (DoS) | ||
| + | Interception | ||
| + | Poisoning | ||
| + | Attacks on Access Rights | ||
| + | 5. Network Security and Defense | ||
| + | Security Through Network Devices | ||
| + | Security Through Network Technologies | ||
| + | Network Address Translation (NAT) | ||
| + | Network Access Control (NAC) | ||
| + | Security Through Network Design Elements | ||
| + | Demilitarized Zone (DMZ) | ||
| + | Subnetting | ||
| + | Virtual LANs (VLANs) | ||
| + | Remote Access | ||
| + | Wireless Network Security | ||
| + | |||
| + | 6. Host, Application, and Data Security | ||
| + | Securing Devices. | ||
| + | Physical Security | ||
| + | Hardware Security | ||
| + | Securing the Operating System Software | ||
| + | Securing with Anti-Malware Software | ||
| + | Monitoring System Logs | ||
| + | Application Security | ||
| + | |||
| + | 7. Digital Certificates & PKI | ||
| + | Introduction to cryptography/symmetric and public key cryptography | ||
| + | digital certificates | ||
| + | digital signatures | ||
| + | P ublic Key Infrastructure | ||
| + | |||
| + | 8. Web/Software application security | ||
| + | web applications vulnerabilities | ||
| + | Cross Site Scripting | ||
| + | SQL Injection | ||
| + | Denial of Service | ||
| + | Code Execution | ||
| + | Local File include | ||
| + | General web application security recommendations | ||
| + | Guard against malicious user input | ||
| + | |||
| + | 9. Vulnerability Assessment and Mitigating Attacks | ||
| + | Assessment Techniques | ||
| + | Assessment Tools | ||
| + | Vulnerability Scanning? | ||
| + | Penetration Testing | ||
| + | Creating a Security Posture | ||
| + | Configuring Controls | ||
| + | Hardening | ||
| + | Reporting | ||
| + | |||
| + | 10. Access Control and Physical (Environmental) Security | ||
| + | Identification | ||
| + | Authorization | ||
| + | Authentication | ||
| + | Accounting | ||
| + | 11. Cyber Law | ||
| + | Legal regulations | ||
| + | Investigations and | ||
| + | Compliance | ||
Revision as of 12:50, 24 February 2014
Contents
Cyber Security Workshop
Security within the campus network has become an area that the network and system administrators need to focus more on. This workshop will focus on empowering the system administrators on how to secure the services and servers within the campus and also empower the network administrators on how to secure the campus network. Objective This training will enable the network and system administrators run secure services within the campus network.
Who Should Attend?
This course is designed for system and network administrators who are interested in learning and implementing best practices for running a secure and stable campus network.
Prerequisites
I.A laptop with wireless capability
II.IPv4 addressing and general network concepts
III. Knowledge of UNIX and/or Linux
IV. At least three years’ experience as a systems / network administrator in a medium to large campus network
V. Residential
Target Group:
Systems/Network Administrators in charge of security;
Course content
Security Fundamentals
Confidentiality
Integrity
Availability
2. Attacks and Threats Worms & Trojans Malware and Social Engineering Attacks Attacks Using Malware Social Engineering Attacks
3. Switching security: Port Security Understanding Switch Security Issues Protecting Against VLAN Attacks Protecting Against Spoofing Attacks Securing Network Services Secure Network Switches to Mitigate Security Attack 4. Application and Network Attacks Application Attacks Rogue DHCP Server protection Web Application Attacks Client-Side Attacks Buffer Overflow Attacks Network Attacks Denial of Service (DoS) Interception Poisoning Attacks on Access Rights 5. Network Security and Defense Security Through Network Devices Security Through Network Technologies Network Address Translation (NAT) Network Access Control (NAC) Security Through Network Design Elements Demilitarized Zone (DMZ) Subnetting Virtual LANs (VLANs) Remote Access Wireless Network Security
6. Host, Application, and Data Security Securing Devices. Physical Security Hardware Security Securing the Operating System Software Securing with Anti-Malware Software Monitoring System Logs Application Security
7. Digital Certificates & PKI Introduction to cryptography/symmetric and public key cryptography digital certificates digital signatures P ublic Key Infrastructure
8. Web/Software application security web applications vulnerabilities Cross Site Scripting SQL Injection Denial of Service Code Execution Local File include General web application security recommendations Guard against malicious user input
9. Vulnerability Assessment and Mitigating Attacks Assessment Techniques Assessment Tools Vulnerability Scanning? Penetration Testing Creating a Security Posture Configuring Controls Hardening Reporting
10. Access Control and Physical (Environmental) Security Identification Authorization Authentication Accounting
11. Cyber Law
Legal regulations Investigations and Compliance
