Course Description

This course is designed to provide network administrators responsible for maintaining a wide range of network technologies with an awareness of security-related issues and the essential skills they need to implement security in a given network.
This instructor-led 5-day classroom delivery with structured hands-on activities is the first course in Level One of the Security Certified Program. After completion of this course, students wishing to complete Level One should take the Network Defense and Countermeasures course
Students learn to work with various protocols, and create security across different platforms in router-based networks. Covers several of the techniques commonly used by network attackers and countermeasures to guard against them.

Prerequisites

Experience with Windows 98, DOS, Windows NT/2000 (client and server), and Linux environments
The following CompTIA courses or equivalent experience:
A+ Core Hardware
A+ Operating Systems
Network+


Objectives

Identify the basics of network security
Define the TCP/IP layered architectures and work with advanced IP addressing protocols and commands
Describe and work with IP protocols and packets at various levels
Create router security using access control lists
Secure Windows NT and 2000 computers and test security effectiveness
Secure Linux computers and test security effectiveness
Define common Internet components and identify techniques used in web hacking
Examine and work with the common techniques used to attack networks and specific operating systems

Hardware and Software

Operating Systems

DOS 6.22 bootable floppy disk (with important utilities like fdisk, format, mscdex, etc)
Windows 98 CD
Windows NT 4.0 Server CD
Windows 2000 Server CD
Red Hat Linux 7.1
Drivers for all the operating systems.

Service Packs and upgrades

SP2 for Windows 2000
SP6a for Windows NT 4 Server
Internet Explorer 5.0 or later

Disk cloning tools and SID changing utilities

Norton Ghost
Norton Ghostwalk

Hardware

One instructor PC.
One PC per student
Three Cisco 2500 series routers
Two back-to-back V.35 serial cables
Two 10/100 switches or hubs
Cisco console kit
Three transceivers

Minimum PC Specifications

Pentium III 500 processor
128 MB of RAM
8 GB of available hard drive space
A non-integrated Network Interface Card per PC (such as a 3Com 3C905C)
A non-integrated video card (from the point of view of driver availability for all OSs)

Internet access (optional)

Course Content

Chapter 1: Foundations of Network Security

The Principles of Network Security
Network Security Terminologies
Network Security and Data Availability
Components of Network Security
Network Security Policies

Chapter 2: Advanced TCP/IP

The Concepts of TCP/IP
Concepts of TCP
The Suite and the Services
Internet Protocol Security (IPSec)
Internet Protocol version 6 (IPv6)

Chapter 3: IP Packet Structure

Network Monitor
The IP Header
The TCP Header
Connections
The UDP Header
The ICMP Message
Packet Fragmentation
Analyze an Entire Session

Chapter 4: Routing and Access Control Lists

The ARP Process
Cisco Routing Modes
The Routing Process
Routing Tables
Access Control Lists
Implementing ACLs

Chapter 5: Securing Windows Computers

Windows NT 4.0 Fundamental Security
Windows NT 4.0 Resource Security
Windows 2000 Infrastructure
Windows 2000 Authentication
Windows 2000 User and Group Security
Windows 2000 Resource Security
Windows 2000 Encrypting File System
Windows 2000 Network Security

Chapter 6: Securing Linux Computers

Linux Operating System vs. Kernel
Linux Administration and Security
Key Linux Network Files
Key Linux Network Processes
Key Linux Network Commands
Hardening Linux
Portmap and Linux
Network File System (NFS) and Linux
Network Information Service (NIS) and Linux

Chapter 7: Security on the Internet and the World Wide Web

Components of the Internet
The Weak Points of the Internet
The Techniques of Web Hacking
Methods of Attacking Users

Chapter 8: Attack Techniques

Network Reconnaissance
Mapping the Network
Sweeping the Network
Scanning the Network
Viruses, Worms, and Trojan Horses
Gaining Control over the System
Recording Keystrokes
Cracking Encrypted Passwords
Reveal Hidden Passwords
Social Engineering
Case Study: Social Engineering
Gaining Unauthorized Access
Hiding Evidence of an Attack
Performing a Denial of Service