Network Security and Firewalls Course

Network Security and Firewalls is a two-day course designed to teach participants how to secure networks from unauthorized activity. Participants learn about establishing an effective security policy, different types of hacker activities, the hacker's mind-set, and preventing and managing hacker penetration. Participants will also
learn about authentication procedures, encryption standards and implementations, ports and protocols that hackers manipulate, and how to engage in proactive detection and response/reporting methods.

This course is designed for Network server administrators, firewall administrators, system administrators, application developers, and IT security officers.

Upon completion of this course, the participant will be able to:
> Identify the different types of security and risks
> Identify the function of firewalls and how to secure them
> Create an Incident Report

What is Security?
Network Security Background
What is Security
Hacker Statistics
What is the Risk
The Myth of 100-Percent Security
Attributes of an Effective Security Matrix
What You are Trying to Protect
Who is the Threat
Security Standards
Elements of Security
Security Concepts and Mechanisms

Elements of Security
The Security Policy
Encryption
Authentication
Specific Authentication Techniues
Access Control
Auditing
Security Tradeoffs and Drawbacks

Applied Encryption
Reasons to Use Encryption
Creating Trust Relationships
Rounds, Parallelization and Strong Encryption
Symmetric-Key Encryption
Symmetric Algorithms
Asymmetric Encryption
Hash Encryption
Applied Encryption Processes
Encryption Review

Types of Attacks
Attacks - Categories
Brute-Force and Dictionary Attacks
System Bugs and Back Doors
Social Engineering and Non-direct Attacks

General Security Principles
Common Security Principles: Introduction
Be Paranoid
You must have a security policy
No System/Techniques Stand Alone
Minimize damage
Deploy Company-wide Enforcement
Provide training
Use an Integrated Security Strategy
Place Equipment According to Needs
Identify Security Business Issues
Consider Physical Security

Protocol Layers and Security
TCP/IP and Network Security
The TCP/IP Suite and the OSI Reference Model
Physical, Network, Transport and Application Layers

Securing Resources
TCP/IP Security Vulnerabilities
Implementing Security
Resources and Services
Protecting TCP/IP Services
Simple Mail Transfer protocol (SMTP)
Testing and Evaluating
Implementing a New System
Security Testing Software
Security and Repetition

Firewalls and Virtual Private Networks
Access Control Overview
Definition and Description of a firewall
The role of the firewall
Firewall Terminology
Firewall Configuration Defaults
Creating Packet Filter Rules
Packet Filter Advantages and Disadvantages
Configuring Proxy Servers
Remote Access and Virtual Private Networks (VPNs)
Public Key Infrastructure (PKI)

Levels of Firewall Protection
Designing a Firewall
Types of Bastion Hosts
Hardware Issues
Common Firewall Designs
Putting It All Together

Detecting and Distracting Hackers
Preparing for the Inevitable
Proactive Detection
Distracting the Hacker
Deterring the Hacker

Incident Response
Planning for a response
Create a Response policy
Decide Ahead of Time
Do not panic
Document Everything
Assess the situation
Stop or Contain Activity
Execute the Response Plan
Analyze and Learn

Participants must have knowledge of networks.