Training Bouchure


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Training Bouchure

  1. 1. INDEX SPECTRUM PROPRIETARY TRAINING PROGRAM...........................................2 Customised Training on Network Security for Administrators..............................................................2 Customised Training for Penetration Testing........................................................................................4 CUSTOMISED TRAINING IN NETWORK SECURITY................................................6 Hardening the Infrastructure (HTI)........................................................................................................6 Network Defence and Countermeasures (NDC).....................................................................................7 NETWORK ARCHITECT ..................................................................................8 Advanced Security Implementation (ASI)...............................................................................................8 Enterprise Security Solutions (ESS).......................................................................................................9 CUSTOMISED TRAINING ON SECURITY AWARENESS..........................................10 CUSTOMISED TRAINING FOR SECURITY ANALYST ............................................10 Module-1: Network Security and Firewalls.........................................................................................12 Module-2: Operating System Security..................................................................................................12 Module-3: Security Auditing, Attacks and Threat Analysis..................................................................12 CUSTOMISED TRAINING ON INTEGRATED SECURITY BY SPECTRUM.......................................................................................13
  2. 2. SPECTRUM Proprietary Training Program Most business enterprises may not afford the luxury of separate network and security administrators for their networks. More often the network administrators will also be looking after the enterprise network security. The question therefore is: are the network administrators qualified and competent to look after the security of their networks? It is for you to find an answer. Customised Training on Network Security for Administrators Basic Networking and TCP/IP Information Security Management Refresher System • Basics of Networking • Security Essentials • Basics of TCP/IP • Information Security Standards • Routing Concepts • Risks Analysis • Security Organizations • Developing Information Security Policies • Security Mechanisms • Physical Security Internet Vulnerability Hacking Designing and Configuring Firewalls Exploits • Internet Vulnerabilities • Basics of Firewall • Types of Attacks • Designing Firewall • Target Identification • Firewall Policy • Risk Assessment Techniques • Configuring Firewall • Gaining Control over System • Implementing IP Tables • Recording Keystroke • Hiding Evidence of Attacks Designing and Configuring IDS Configuring Secure VPN • Basics of IDS • VPN Concepts • IDS Design • VPN Implementation • Goals of IDS • IDS Signatures • IDS Limitations • Configuring IDS Securing Windows Securing UNIX and Linux • Introduction to Operating Systems • Achieving UNIX security • Features of Windows • Protecting data and systems with • Technologies of Windows cryptography • Authentication Security • Establishing secure account usage • NTFS Permission • Monitoring and disabling accounts • Implementing Encryption File systems • Logging in across the network • Enlightening Vulnerability • Controlling root access • Penetrating Windows • Auditing superuser activity • Active Directory – Windows • Role-based access control (RBAC) • Directory structure and partitioning for • Windows – PKI components 2
  3. 3. security • Backup and integrity testing • The Network File System • Hardening UNIX systems • Risks from unwanted program execution • Issues with scripts • TCP/IP and its security loopholes • Securing internal network services • Safely connecting to external networks • Securing FTP, e-mail and Web access Course Objective: The urgent need to enhance the System / Network administrators knowledge base that of Information Security officer. This authoritative, state-of-the-art course is designed to meet the needs of both IT and Business Managers and will provide an outstanding opportunity to assess the true degree of your exposure to your organizations information, and will explain the steps required to secure your organization’s information and networks. Target Audience: At the end of 2 weeks intense training will enable him to execute the task of designing and implementing Secure Network and create and implement organization’s security policies. Duration: 96 Hrs Course Certificate: A Certificate of Achievement will be awarded to the participants by Spectrum. 3
  4. 4. Customised Training for Penetration Testing Whenever we think of Hackers, ethics is what comes to our mind because by hacker we mean stealing information, gaining illegal access or disruptive behaviour using a computer. As the world is already aware that the attacks by hackers or crackers have crossed all barriers and it is not limited to only high-profile organizations. So the importance of securing the systems is a need of the day. There is an extensive growth in attacks on the network (especially those connected to internet). At the same time there are other attacks such as Virus, Worms and Backdoors, The worst part is that there are so many automated tools available which makes it so much easier to identify and exploit a system, so there is a need for us to make our system and network attack proof to the greatest possible extent for this we need to learn the hackers prospective so as to countermeasure the attack as most of the network intrusion occurs from exploitation of known Vulnerabilities or configuration errors were countermeasures were available. Hacking Techniques I Hacking Techniques II • Attack & Penetration Testing • Advance Vulnerabilities & Exploitation • Key Steps for A & P Techniques • Tools whois, nslookup • Buffer overflow – Attacks / Vulnerability • Tools traceroute • What is Cross Site Scripting? • Tools • Unicode Attack • Attacking Systems Linux • Attacking Systems Windows • Introduction to an Operating System • Microsoft Corporation‘s Windows • Current application of Linux systems Operating System • Properties of Linux • Common Vulnerabilities & Attacks • Linux Flavours • Buffer Overflow in Messenger Service • Which shell am I using? • Network vulnerabilities • File Permissions and Access • How is it possible to crack somebody's • Overview of Linux/Unix Security password? • General System security • Null Session/Anonymous Users Scanner • Security as a policy (RedButton) • Secure Shell (SSH) • Local Attacks • Attacking Systems Novell • Attacking Networks Firewall & Netware IDS • Overview of Novell Netware • Understanding Firewall & IDS • What is a Novell Netware? • What is a Firewall? • Overview of Novell Netware Security • What is IDS? • Password Guessing • IDS attack techniques • Enumeration and Password Guessing Firewall attack techniques Countermeasure(s) • Vulnerabilities in Firewall • Authenticated Enumeration • Limitations of a Firewall • Detecting Intruder Lockout • Netware Security Message • Novell Public Key Infrastructure 4
  5. 5. Services • Spoofing Attack Countermeasure(s) • Backdoor Countermeasure(s) Gaining ADMIN • Hacking Techniques Database • Malware Server • What is Malicious Code? • Overview of Database Server • What is a Trojan? • Types of Databases • Packet Sniffing Techniques • Major Issues & Vulnerabilities • Password Cracking Principles and • Sever Side Traces Techniques • SQLScanner probing for SQL servers • Packet Sniffer on the Internet • Types of Malicious Code • Using TSQL.ASP • Injection Attack Examples Course Objective: This particular course is going to benefit the network administrator, security officers and other individuals who are concerned about the security and keen to learn the methodologies and techniques of hacking. It will also add to the skills of the individual as how to find the vulnerabilities in the system using the similar technique as that of a hacker but with a difference in intention and motive. Target Audience: The target audiences for the course are  Network professionals, who have a working experience as managing the networks  Security Professionals, seeking career as Penetration Testers  People holding certifications like Security+, SCNP, CISSP, CISA etc looking for career growth Duration: 96 hrs Course Certificate: A Certificate of Achievement will be awarded to the participants by Spectrum. 5
  6. 6. Customised Training in Network Security The Customised Training consists of two courses, namely Hardening the Infrastructure (HTI) and Network Defence and Countermeasures (NDC). Target Audience: This course is designed for networking professionals, network administrators and information security officers who want to implement security in their Networks and Operating systems. Students should preferably be certified network professionals with MCSE/MCSA/CNE/CompTIA/CCNA certification. Hardening the Infrastructure (HTI) Course Objectives: HTI is a five-day (forty hours) course. The training is a combination of teacher-led lecture, in-class discussions, and hands-on lab exercises. There are ten domains covered in the course, covering issues such as: Contingency Planning, Securing Windows, UNIX, and Linux operating Systems, Advanced TCP/IP, Security Fundamentals, Security Implementation, Router Security, and Attack Methods. Contingency Planning Tools and Techniques • Fundamental Contingency Planning • Network Scanning and Discovery Methods • Creation of the Contingency Plan • Virii, Trojans, and Worms • Technologies of Power • Social Engineering techniques • Backing up the Operating System • Privilege Escalation • Keystroke Logging • Concepts of DoS • Password Weaknesses Security on the Internet and the WWW Router Security • Define the Weak points in the structure of • Implementation of Fundamental Cisco Router the Internet Security • Web Site Attack Techniques • Describe the Routing Process • Attack techniques of Web Users • Removing Unwanted Protocols and Services • Hardening Internet Access Points • Creation and Implementation of Access Control Lists • Configuring Cisco Router Logging TCP/IP Packet Structure and Security Operating System Security • Core Concepts of TCP/IP • Windows Infrastructure Security • Identify and Describe Packet Headers • Examine Windows Authentication • Session Setup and Teardown • Implement Windows Security Configuration • Identify and Implement IPv6 Tools • Configure Windows Resource Security • Windows Auditing and Logging • Windows Network Security • Fundamental Linux Security • Securing SAMBA • Network Configuration Security • Securing Linux 6
  7. 7. Network Defence and Countermeasures (NDC) Course Objectives: NDC is a five-day (forty hours) course. The training is a combination of teacher-led lecture, in-class discussions, and hands-on lab exercises. The course consists of six domains, covering issues such as: Security fundamentals, IP Signature and Analysis, Firewalls, Risk Analysis, Intrusion Detection and Virtual Private Networks. Network Defence Designing Firewall Systems • Network Defence / Defensive Technologies • • Firewall component/Firewall Policy Rule Set & Packet Filters/Proxy Server • Objectives of Access Control/Impact of • The Bastion Pot/Honey pot Defence • Network Auditing Concepts Configuring Firewalls Configuring VPN • Firewall Implementation Practice • VPN Fundamental • Installing and configuring firewall • IP Security Protocol/VPN Design & Architect • Installing and Configuring ISA Server • VPN Security/Configuring VPN • Monitor ISA server/ IP chains Concepts • Implementing Firewall Technologies Designing IDS Configuring an IDS • The Goal of Intrusion Detection Systems • Snort Foundation/Snort Installation • Technologies/Techniques of IDS • Snort as an IDS • Host-based IDS/Network Based IDS • Configuring ISS Scanners • The Analysis/How to use an IDS • What an IDS cannot do Analyzing Intrusion Signatures Performance A Risk Analysis • Signature Analysis • Concept of Risk Analysis • Common Vulnerabilities & Exposures • Methods/Process of Risk Analysis • Signatures/Normal Traffic Signatures • Techniques to Minimize Risk • Abnormal traffic Signatures • Continual Risk Analysis Creating A Security policy • Concepts of security Policies • The Policy Design/The Policies • An Example Policy • Incident Handling & Escalation Procedures Duration: 80 Hrs Timings: Full Time: 9:00am to 5:00pm Course Certificate: A Certificate of Achievement will be awarded to the participants by Spectrum. 7
  8. 8. Network Architect The NA Program consists of two courses, namely (ASI) Advanced Security Implementation and (ESS) Enterprise Security Solutions. At the end of each course students will be administered one on-line exam SCO-501 and SCO-502 respectively. Students attending the course must be preferably SCNP qualified. Target Audience: This course is designed for network security professionals, network security administrators and information security officers who want to implement security solutions in their Networks and Operating systems using PKI and Biometrics. Students should preferably be certified network professionals with MCSE/ CNE/CompTIA/CCNA certification. Advanced Security Implementation (ASI) Course Objectives: ASI is a forty-hour course. The training is a combination of teacher-led lecture, in-class discussions, and hands-on lab exercises. There are eight domains covered in the course, covering issues such as: Cryptography and Data Security, Digital Signatures/Certificates, Biometrics, Law and Legislation, Computer Forensics, and Strong Authentication. • Introduction to Trusted Networks • Cryptography and Data Security • Computer Forensics • Law and Legislation • Biometrics • Strong Authentication • Digital Certificates • Digital Signatures 8
  9. 9. Enterprise Security Solutions (ESS) Course Objective: This training is a combination of teacher-led lecture, in-class discussions, and hands-on lab exercises. There are nine domains covered in the course, covering issues such as: Microsoft and Linux Trusted Networks, Local Resource Security, Building Trusted Solutions, Wireless Security and Secure E-Mail Implementation. • Trusted Network Implementation • Plan and Design a Trusted Network • Microsoft Trusted Networks • Linux Trusted Networks • Managing Certificates • Local Resource Security • Wireless Security • Securing Email • Building Trusted Solutions Duration: 80 Hrs Course Certificate: A Certificate of Achievement will be awarded to the participants by Spectrum. 9
  10. 10. Customised Training on Security Awareness The Customised Training on Security Awareness is designed for the everyday user of computers and networks, which bring security knowledge in easy to understand language without all the techno-speak. This training is intended for all computer users, from the home to educational institutes and Fortune 500 companies. Program Overview The One-Day / Nine hours Security Awareness Program Overview: Ser Lesson Explanation No 1 Security Awareness Introduction Why care about security? 2 Network and TCP/IP Basics How computers talk to each other 3 Computer and Network Security What is computer security Fundamentals anyway 4 Network Access How to get to your stuff 5 Data Confidentiality and How to deal with Secret Stuff Information Management 6 Viruses, Trojans, and Worms Malicious Codes and Scripts 7 Backups And, why you need to have them 8 Resource Usage Staying safe on the Internet 9 Internet and eMail Security How to guard against hackers and malicious content 10 Software Piracy It's on my computer, can I keep it Information Security Management for Senior Management In addition to the Security Awareness Program for end Users, Senior Management will be undergoing the following topics relating to Management of Information Security over a period of 6 hours, a total of 15 hours or a two-day program. Performing Risk Analysis Continual Risk Analysis • Concepts • Security Technology Management • Methods • Vulnerability Management • Process • Exploitation Management • Risk Mitigation • Systems Availability Creating a Security Policy Incident Handling and Escalation • Concepts Procedures • Security Incidents • Policy Design • Handling Procedure • Sample security policies • Incident Specific Procedure Customised Training for Security Analyst 10
  11. 11. The Customised Training for Security Analyst recognizes the achievements of those who have already attained a level of proficiency in networking administration and now wants to validate and prove their competencies in security. It provides focused and streamlined validation of further proficiency in areas pertaining to systems security. Target Audience: Individuals who have already attained a level of proficiency in networking administration and now want to validate and prove their competencies in network security. Job Responsibilities: Once a certificate is achieved in this area, he or she can implement security policy, identify security threats, and develop countermeasures using firewall systems and attack-recognition technologies. This specialist will also have competency in managing the deployment of e-business transaction and payment security solutions. Prerequisites: In order to qualify for this certificate, individuals must have attained at least one of the following levels of certification and must submit proof of these certifications. To make sure that your certifications are current, please visit the vendor's Web site. • Microsoft Certified Systems Engineer (MCSE) 4 • Microsoft Certified Systems Engineer (MCSE) • Certified Novell Engineer (CNE) 4 • Certified Novell Engineer CNE) 5 • Cisco Certified Network Professional (CCNP) • Cisco Certified Inter-network Expert (CCIE) • Linux Professional Institute (LPI) Level 2 • SAIR Level 2 LCE Training/Experience: Candidates must hold one of the certifications listed above in order to achieve this certification. 11
  12. 12. Customised Training for Security Professionals exam consists of: Module-1: Network Security and Firewalls • What is Security? • Elements of Security • Applied Encryption • Types of Attacks • General Security Principles • Protocol Layers and Security • Securing Resources • Firewalls • Levels of Firewall Protection • Detecting and Distracting Hackers • Incident Response Module-2: Operating System Security • Security Principles • Accounts Security • File System Security • Assessing Risks • Reducing Risk Module-3: Security Auditing, Attacks and Threat Analysis • Security Auditing • Discovery Methods • Auditing Server Penetration and Attack Techniques • Security Auditing and the Control Phase • Intrusion Detection • Auditing and Log Analysis • Audit Results Target Audience: This course is designed for networking professionals and network administrators who want to implement security in Networks & Operating systems. This course is recommended for information security auditors. Duration: 40 Hrs Course Certificate: A Certificate of Achievement will be awarded to the participants by Spectrum. 12
  13. 13. CUSTOMISED TRAINING ON INTEGRATED SECURITY by SPECTRUM If you think that the answer to securing your networks is a decent firewall and trustworthy anti-virus software, you are making a fatal mistake. Like a gun, those tools are only as effective as the hands that use them. And when it comes to securing an enterprise’s information assets, you cannot afford to put that responsibility in the hands of just anyone. You need someone you can trust, someone with the proven skills and a broad understanding of ALL the dangers that can cause catastrophic damage to your company. Just ask the millions of companies crippled by Nimda, Code Red and other viruses. Of the companies who have lost billions in revenues and assets because of hackers, or because of a breakdown of security policy, ask them what they should have done to avoid the disaster. They will all provide the same answer: “Hire a qualified, certified Security Professional”. The Ten Domains of SECURITY • Access Control Systems & Methodology: This domain requires that the candidate understand the concepts, systems and methodologies involved in granting and restricting access to resources. • Applications & Systems Development: This domain requires that the candidate understand the security controls found in systems and application software, such as the affects of malicious code on distributed application environments and the security controls involved in data warehousing. • Business Continuity & Disaster Recovery Planning: It involves the preparation, planning and updating of specific actions to protect mission critical services and data. • Cryptography: This domain addresses the concepts, means and methods of encrypting data to ensure authenticity, integrity, and confidentiality. • Law, Investigation & Ethics: This domain addresses computer crime laws, methods for gathering evidence, and related ethical issues. • Operations Security (Computer): This domain identifies the controls over hardware, media and the operators of these resources, and issues related to auditing and monitoring. • Physical Security: This domain involves the threats, vulnerabilities and countermeasures utilized to physically protect enterprises’ resources. • Security Architecture & Models: This domain involves the design, concepts, standards, and implementation security measures that ensure the availability, integrity and confidentiality of operating systems, applications and equipment. • Security Management Practices: Involves the identification of a company’s information assets, and the development, documentation and implementation of security policies. • Telecommunications & Network Security: This domain involves designing and planning voice and data infrastructure and communications with a security strategy that includes preventative, detective and corrective measures 13
  14. 14. Schedule Domains Covered Security Management Practices Day 1 Access Control System and Methodology Security Architecture and Models Day 2 Business Continuity/Disaster Recovery Planning Cryptography Day 3 Physical Security Telecommunications and Network Security Day 4 Law, Investigation and Ethics Application and Systems Development Day 5 Computer Operations Security Review of the CISSP Day 6 Group/Individual Study Time 14
  15. 15. Customised Training in Network Security + Objective & Audience: Basic Level course for teaching concepts of Computer Security. It uses the technologies commonly in use today. This course is designed for students with a basic knowledge of Computer Networks and to enhance the security skills of computer professionals. Duration: Ten Working Days (8 Hour Training Sessions) Network and Communication Security Section 1: Basics of Network Security Topic 1: What is Information Security? Topic 2: Learning about the Goals of Security Topic 3: What are Assets? Topic 4: Learning about Value of Assets Topic 5: What is Risk? Topic 6: Learning about Risk Management Topic 7: What is Threat Topic 8: Learning about Sources of Threat Topic 9: What are Vulnerabilities? Topic 10: Learning about Various Kinds of Vulnerabilities Section 2: Types of Attacks Topic 1: DoS / DDoS Topic 2: Spoofing Topic 3: Source Routing Topic 4: Man-in-the-Middle Topic 5: Back Door Topic 6: Password Guessing Sub Topic 6.1: Brute Force Sub Topic 6.2: Dictionary Topic 7: Replay Attack Topic 8: Encryption Breaking Topic 9: TCP/IP Hijacking Topic 10: Software Exploitation Topic 11: Birthday Topic 12: Social Engineering Topic 13: Malware Sub Topic 13.1: Virus Sub Topic 13.2: Trojan Horses 15
  16. 16. Sub Topic 13.3: Worms Sub Topic 13.4: Logic Bombs Section 3: Areas of Intrusion Topic 1: Network Infrastructure Topic 2: Internet Applications Topic 3: Communications Protocols Section 4: Protection of Information Topic 1: Building a Defence Topic 2: Securing the Network Infrastructure Topic 3: User Authentication Topic 4: Enabling Auditing Section 5: Remote Access Technologies Topic 1: 802.1x Topic 2: Virtual Private Network (VPN) Topic 3: Remote Authentication Dial-In User Service (RADIUS) Topic 4: Terminal Access Controller Access Control System (TACACS) Topic 5: Layer Two Tunnelling Protocol / Point to Point Tunnelling Protocol (L2TP/PPTP) Topic 6: Secure Shell (SSH) Topic 7: Internet Protocol Security (IPSEC) Topic 8: Vulnerabilities Section 6: Wireless Communication Topic 1: Wireless Technology Topic 2: Wireless Standards (802.11 and 802.11x) Topic 3: Wireless Transport Layer Security (WTLS) Topic 4: Wired Equivalent Privacy (WEP) Topic 5: Wireless Application Protocol (WAP) Topic 6: Vulnerabilities Sub Topic 6.1: Site Surveys Cryptography and Certificates Section 1: Basics of Cryptography Topic 1: What is Cryptography? Topic 2: Learning About Symmetric and Asymmetric Keys Topic 3: What is Hashing? Topic 4: Various Cryptographic Algorithms 16
  17. 17. Sub Topic 4.1: Hash Function Sub Topic 4.2: Encryption Section 2: Using Cryptography Topic 1: Providing Confidentiality and Integrity Topic 2: Providing Identification and Authentication Topic 3: Providing Non Repudiation Topic 4: Digital Signatures Topic 5: Access Control Section 3: Public Key Infrastructure Topic 1: What is Public Key Infrastructure (PKI)? Topic 2: PKI Standard X.509 Topic 2: Learning About the Components of PKI Topic 3: What are Certificates and CAS? Topic 4: Revocation Section 4: CA Trust Models Topic 1: What are Trust Models? Topic 2: Mesh Architecture Topic 3: Hierarchical Architecture Topic 4: Bridge CA Architecture Section 5: Certificate Life Cycle and Key Management Topic 1: What is Certificate Life Cycle? Topic 2: Key Management Topic 3: Centralized vs. Decentralized Topic 4: Storage Sub Topic 4.1: Hardware Vs Software Sub Topic 4.2: Private Key Protection Topic 5: Escrow Topic 6: Expiration Topic 7: Revocation Sub Topic 7.1: Status Checking Topic 8: Suspension Sub Topic 7.2: Status Checking Topic 9: Destruction Topic 10: Key Usage 17
  18. 18. Sub Topic 10.1: Multiple Key Pairs (Single and Dual) Topic 11: Recovery Sub Topic 11.1: M-of-N Control Topic 12: Renewal Infrastructure Security Section 1: Infrastructure Security Topic 1: What is Infrastructure Security? Topic 2: Securing Equipment Topic 3: Securing Equipment Configuration Section 2: Securing Network Cabling Topic 1: Coaxial Cable Topic 2: UTP / STP Topic 3: Fibre Optic Cable Section 3: Securing Connectivity Devices Topic 1: Hubs Topic 2: Switches and Bridges Topic 3: Routers Topic 4: Firewalls Topic 5: RAS Topic 6: Telecommunications Devices-EPABX Topic 7: Modems Topic 8: Wireless Section 4: Securing Topologies Topic 1: What are Security Zones? Sub Topic 1.1: DMZ Sub Topic 1.2: Intranet Sub Topic 1.3: Extranet Topic 2: Purpose of Perimeter Network Topic 2: Implementing Network Address Translation (NAT) Topic 3: Using Virtual Local Area Network (VLAN) Topic 4: Tunnelling 18
  19. 19. Section 5: Securing and Monitoring Network Resources Topic 1: Workstations Topic 2: Mobile Devices Topic 3: Servers Topic 4: Virtual Private Network (VPN) Topic 5: Intrusion Detection System (IDS) Topic 6: Network Monitoring / Diagnostics Operational Security Section 1: Physical Security Topic 1: Access Control Sub Topic 1.1: Physical Barrier Sub Topic 1.2: Biometrics Topic 2: Social Engineering Topic 3: Environment Sub Topic 3.1: Wireless Cells Sub Topic 3.2: Location Sub Topic 3.3: Shielding Sub Topic 3.4: Fire Suppression Section 2: Privilege Management Topic 1: User, Group, and Role Management Topic 2: Single Sign-on Topic 3: Centralized and Decentralized Management Topic 4: Auditing Sub Topic 4.1: Privilege Sub Topic 4.2: Usage Sub Topic 4.3: Escalation Section 3: Removable Media Topic 1: Magnetic Tape Topic 2: Writable CD-ROM’s Topic 3: Hard Disks Topic 4: Floppy Disks Topic 5: Flashcards Topic 6: Smart Cards Section 4: Business Continuity and Disaster Recovery 19
  20. 20. Topic 1: Business Continuity Topic 2: BIA and Critical Processes Topic 3: High Availability / Fault Tolerance Topic 4: Backups Sub Topic 4.1: Off Site Storage Topic 5: Secure Recovery Sub Topic 5.1: Alternate Sites Application Security Section 1: E-mail Security Topic 1: E- mail Vulnerabilities Sub Topic 1.1: Spam Sub Topic 1.2: Hoaxes Topic 2: Secure Multipurpose Internet Mail Extensions (S/MIME) Topic 3: Pretty Good Privacy (PGP) Section 2: Web Security Topic 1: Secure Socket Layer / Transport Layer Security (SSL/TLS) Topic 2: Hypertext transport Protocol / Hypertext Transport Protocol over SSL (HTTP/S) Topic 3: Buffer Overflows Topic 4: Active X Topic 5: Cookies Topic 6: Common Gateway Interface (CGI) Topic 7: Signed Applets Topic 8: JavaScript Topic 9: Simple Mail Transfer Protocol (SMTP) Topic 10: Instant Messaging Topic 11: Lightweight Directory Access Protocol (LDAP) Section 3: File Transfer Topic 1: Secure File Transport Protocol (S/FTP) Topic 2: Blind FTP Topic 3: Packet Sniffing Topic 4: File Sharing Topic 5: 8.3 Naming Conventions 20
  21. 21. User Security Section 1: Authentication Topic 1: Username and Password Authentication Topic 2: Kerberos Authentication Topic 3: Remote Authentication with CHAP Topic 4: Tokens based Authentication Topic 5: Biometrics based Authentication Topic 6: Certificates based Authentication Topic 7: Multi-factor Authentication Topic 8: Mutual Authentication Topic 9: Combining Authentication Methods Section 2: Access Control Models Topic 1: Discretionary Access Control (DAC) Topic 2: Mandatory Access Control (MAC) Topic 3: Role Based Access Control (RBAC) Security Baselines Section 1: Network Device and Operating System Hardening Topic 1: OS/NOS (Operating System /Network Operating System) Hardening. Topic 2: File System Topic 3: Network hardening Topic 4: Updates Sub Topic 4.1: Hot fixes Sub Topic 4.2: Service Packs Sub Topic 4.3: Patches Topic 5: Configuration Sub Topic 5.1: Enabling and Disabling Services and Protocols Topic 6: Access Control Lists Section 2: Application Hardening Topic 1: Web Servers Topic 2: E-Mail Servers 21
  22. 22. Topic 3: File and Print Servers Topic 4: Domain Name Service (DNS) Servers Topic 5: File Transport Protocol (FTP) Servers Topic 6: Network News Transport Protocol (NNTP) Servers Topic 7: Dynamic Host Configuration Protocol (DHCP) Servers Topic 8: Data Repositories Sub Topic 8.1: Directory Services Sub Topic 8.2: Databases Organizational Security Section 1: Security Policy Topic 1: Privacy Topic 2: Service Level Agreement Topic 3: Human Resources Policy Sub Topic 3.1: Termination Sub Topic 3.2: Hiring Sub Topic 3.3: Code of Ethics Topic 4: Due Care Topic 5: Separation of Duties Topic 6: Need to Know Topic 7: Password Management Policy Topic 8: Disposal / Destruction Policy Topic 9: Incident Response Policy Section 2: Risk Assessment Topic 1: Calculating Risk Topic 2: Asset Identification Topic 3: Threat Assessment Topic 4: Impact Assessment Topic 5: Vulnerability Assessment Section 3: User Awareness of Security Topic 1: Communication Topic 2: User Awareness Topic 3: Training Topic 4: Education Topic 5: Online Resources Section 4: Documentation Concepts Topic 1: Standards and Guidelines Topic 2: Systems Architecture Documentation 22
  23. 23. Topic 3: Change Documentation Topic 4: Logs Topic 5: Inventories Topic 6: Classification Sub Topic 6.1: Notification Topic 7: Retention / Storage Topic 8: Destruction Incident Response and Forensics Section 1: Intrusion Detection Systems Topic 1: Network-Based IDS Sub Topic 1.1: Active Detection Sub Topic 1.2: Passive Detection Topic 2: Host-Based IDS Sub Topic 2.1: Active Detection Sub Topic 2.2: Passive Detection Topic 3: Honey Pots Section 2: Incident Response Topic 1: Preparation Topic 2: Identification Topic 3: Containment Topic 4: Eradication Topic 5: Recovery Topic 6: Follow up Section 3: Forensics Topic 1: Chain of Custody Topic 2: Preservation of Evidence Topic 3: Collection of Evidence 23