4526 Security courses delivered Online

BGP training course description A detailed study of BGP, from the basics of how it works through to advanced issues such as route reflectors, policy, filtering, route selection and routing registries. The course culminates with a study of an industrial strength BGP template illustrating important issues such as bogon filtering. Practical hands on with routers follow the major sessions to reinforce the theory. A multiple choice exam, leading to the LAIT III certification, is available after the course. The exam consists of 60 questions and lasts 2 hours. What will you learn Connect enterprises to the Internet, and ISPs to each other. Describe how BGP works. List, describe and configure the main BGP attributes. Implement and troubleshoot BGP. Work with route aggregation and calculate CIDR prefixes in seconds. Influence traffic paths with BGP. BGP training course details Who will benefit: Anyone who will be working with BGP. Prerequisites: TCP/IP Foundation for engineers Definitive IP routing for engineers. Duration 5 days BGP training course contents Basic BGP IGPs, EGPs, What's BGP? BGP RIB, in/out process, tables peers, adding routes. Hands on Simple configuration and troubleshooting. The Internet and peering ASs, AS numbers, Internet structure, ISP types, ISP network design, IXs, peering vs. transit, public/ private peering, bi/multi-lateral peering. Hands on AS information gathering. How BGP works Incremental updates, Path vector protocols, BGP protocol stack, the BGP header, message types, NLRI, withdrawn routes, route refresh, route dampening. Hands on More troubleshooting, packet analysis. MBGP and IPv6 Multiprotocol routing, AFI, SAFI, MBGP and multicasts, IPv6, MPLS VPNs. Hands on IPv6 BGPv4 aggregation CIDR, benefits, techniques, shortcuts, configuring BGP aggregation, leaking routes. Hands on Reducing routing table size. BGP path selection BGP attributes, attribute types, route selection order, Local preference, AS prepend, MEDs. Hands on Influencing traffic with BGP. BGP routing policies What is policy? Examples, route filtering, AS filtering, REs, applying preference selectively, peer groups. Hands on Sophisticated policies. RIPE and routing registries RIRs, Allocations, assignments, PI vs. PA. Objects, RPSL, routing registry, Hands on The RIPE database. Automating BGP configuration Automation tools, whois, IRRToolSet, Bogon lists, tracking bogon lists, HTTP, Peering, routing registries, DNS. Communities What is a community? Community names, communities for: peer types and geography. RFC 1998, default communities. Hands on Setting local preference on other routers. Route servers What are route servers? LINX route servers, route server policy control, What are route collectors, Looking glasses. Hands on Setting up and working with a route server. Peer relationships IBGP, EBGP, next hop self, advertising routes into/out of BGP, synchronisation. Hands on IBGP, troubleshooting a large BGP network. Route reflectors and confederations Full mesh IBGP, Route reflectors, RR configuration and design, confederations, migration issues. Hands on RR configuration. BGP architectures Stub vs. transit AS, when to use BGP, multihoming strategies and issues, default routes. Multihop EBGP, load balancing. Hands on Multihoming. BGP security RFC 7454, security steps, BGP TTL security, filters, RPKI, ROAs, rsync, rrdp, validators. A secure BGP template. Hands on RPKI prefix validation.

Discover the vital techniques to fortify your Ubuntu Linux server against potential security threats and hackers with this comprehensive masterclass. Explore a step-by-step journey through essential security measures and configurations to safeguard your server. From password management and user privileges to SSH setup, firewall installation, and time synchronization, this course equips you with the skills needed to bolster your server's defenses. Gain insights into fail2ban installation, DDOS attack prevention, and system time synchronization. By mastering these techniques, you'll be prepared to maintain a robust and secure Ubuntu Linux server environment. Learning Outcomes: Understand the importance of securing an Ubuntu Linux server against hackers. Learn to choose a server host, access the server, and manage users. Implement SSH security measures including key-based logins and port change. Set up firewall protection with UFW to mitigate potential attacks. Configure time synchronization and system time accuracy using ntp. Explore the significance of fail2ban and its role in blocking IP addresses. Discover preventive measures against DDOS attacks through UFW. Gain practical insights into server maintenance and troubleshooting. Why buy this Securing an Ubuntu Linux Server against Hackers Masterclass?  Unlimited access to the course for forever Digital Certificate, Transcript, student ID all included in the price Absolutely no hidden fees Directly receive CPD accredited qualifications after course completion Receive one to one assistance on every weekday from professionals Immediately receive the PDF certificate after passing Receive the original copies of your certificate and transcript on the next working day Easily learn the skills and knowledge from the comfort of your home Certification After studying the course materials of the Securing an Ubuntu Linux Server against Hackers Masterclass you will be able to take the MCQ test that will assess your knowledge. After successfully passing the test you will be able to claim the pdf certificate for £5.99. Original Hard Copy certificates need to be ordered at an additional cost of £9.60. Who is this course for? This Securing an Ubuntu Linux Server against Hackers Masterclass course is ideal for System administrators and IT professionals responsible for server security. Linux enthusiasts seeking to enhance their Ubuntu server security skills. Individuals interested in learning practical techniques to secure their servers. Anyone aiming to improve their knowledge of Linux server security. Prerequisites This Securing an Ubuntu Linux Server against Hackers Masterclass was made by professionals and it is compatible with all PC's, Mac's, tablets and smartphones. You will be able to access the course from anywhere at any time as long as you have a good enough internet connection. Career path Junior Linux Administrator - Average Earnings: £25,000 - £35,000 per year. Linux System Administrator - Average Earnings: £35,000 - £50,000 per year. Senior Linux Administrator - Average Earnings: £45,000 - £65,000 per year. IT Security Specialist - Average Earnings: £40,000 - £60,000 per year. DevOps Engineer - Average Earnings: £45,000 - £70,000 per year. Course Curriculum Secure an Ubuntu Linux Server against Hackers Module 01: Secure an Ubuntu Linux Server from Hackers Today 00:09:00 Module 02: Choosing a server host and setup 00:03:00 Module 03: Accessing the Ubuntu Linux server with putty 00:03:00 Module 04: How to download Putty for Windows 00:01:00 Module 05: Using a password manager like LastPass 00:03:00 Module 06: Changing the password with passwd 00:02:00 Module 07: Adding a new user with adduser 00:03:00 Module 08: Signing in with the added user 00:01:00 Module 09: Usermod to give the user sudo or root privileges 00:01:00 Module 10: Verify sudo access on user 00:01:00 Module 11: Key basic Linux commands cd pwd and ls 00:04:00 Module 12: Updating with apt get update 00:01:00 Module 13: Installing nano text editor 00:01:00 Module 14: Updating sshd config with nano to Permit Root Login no 00:09:00 Module 15: Changing the SSH port from 22 to another number 00:04:00 Module 16: Setting up RSA login by generating keys with puttygen 00:11:00 Module 17: Disabling password logins and ipv6 listening 00:02:00 Module 18: Locked out of server and have to start over! 00:02:00 Module 19: Back in with a fresh install! 00:02:00 Module 20: Installing fail2ban to block IPs from repeated failed logins 00:07:00 Module 21: Install UFW or Uniform Fire Wall to block some DDOS attacks 00:03:00 Module 22: Install and configure ntp to sync time 00:05:00 Module 23: Thank you very much for watching this complete Ubuntu Linux server 00:05:00 Module 24: Steem witness setup downloading blocks 00:03:00 Module 25: Steem witness setup finishing adding a new user 00:01:00 Module 26: Steem witness setup installing steem docker 00:04:00 Assignment Assignment - Securing an Ubuntu Linux Server against Hackers Masterclass 00:00:00

Duration 0.5 Days 3 CPD hours This course is intended for This course is designed for the non-technical end user of computers, mobile devices, networks, and the Internet, to enable you to use technology more securely to minimize digital risks. This course is also designed for you to prepare for the Certified CyberSAFE credential. You can obtain your Certified CyberSAFE certificate by completing the Certified CyberSAFE credential process on the CHOICE platform following the course presentation. Overview In this course, you will identify many of the common risks involved in using conventional end-user technology, as well as ways to use it safely, to protect yourself from those risks. You will: Identify the need for security Secure devices like desktops, laptops, smartphones, and more Use the Internet securely Regardless of your computer experience, this class will help you become more aware of technology ðrelated risks and what you can do to protect yourself and your organization from them. This course will help you to: ? Understand security compliance needs and requirements ? Recognize and avoid phishing and other social engineering ? Recognize and avoid viruses, ransomware, and other malware ? Help ensure data security on computers, mobile devices, networks, the Internet, and in the cloud. In this course, you will use discussions, case studies, and the experiences of your instructor and fellow students to explore the hazards and pitfalls of technology and learn how to use that technology safely and securely. Course includes access to the CyberSAFE assessment. Upon successful completion of the assessment, learners will receive the CyberSAFE credential and digital badge. Identifying the Need for Security Identify Security Compliance Requirements Recognize Social Engineering and Avoid Phishing and other Attacks Securing Devices Maintain Physical Security of Devices Use Passwords for Security Protect Your Data Identify and Mitigate Viruses, Ransomware, and other Malware Use Wireless Devices Securely Using the Internet Securely Browse the Web Safely Use Email Securely Use Social Networking Securely Use Cloud Services Securely Additional course details: Nexus Humans CertNexus CyberSAFE Extended Edition 2019 (CBS-310) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the CertNexus CyberSAFE Extended Edition 2019 (CBS-310) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Dive into the intricate world of networking with the 'CompTIA Network' course. Embrace foundational theories and immerse yourself in practical application, ensuring you're well-equipped for a modern networking environment. Covering everything from TCP/IP addressing to Cloud technologies, this course promises an exhaustive grasp over networking. Furthermore, delve deep into network security, understanding not just how to prevent breaches but also how to effectively respond. By the course's conclusion, learners will possess the confidence and knowledge to plan and execute a seamless SOHO Network. Learning Outcomes Gain an in-depth understanding of network theory and implementations. Master the intricacies of TCP/IP addressing, routing, and associated services. Acquire knowledge on WAN infrastructure, Cloud, and Virtualization technologies. Understand and implement effective network security measures, breach prevention, and incident response strategies. Develop expertise in remote networking, network management, and troubleshooting network issues. Why choose this CompTIA Network course? Unlimited access to the course for a lifetime. Opportunity to earn a certificate accredited by the CPD Quality Standards after completing this course. Structured lesson planning in line with industry standards. Immerse yourself in innovative and captivating course materials and activities. Assessments are designed to evaluate advanced cognitive abilities and skill proficiency. Flexibility to complete the CompTIA Network Course at your own pace, on your own schedule. Receive full tutor support throughout the week, from Monday to Friday, to enhance your learning experience. Who is this CompTIA Network course for? Aspiring network professionals seeking foundational knowledge. IT enthusiasts aiming to expand their networking expertise. Professionals in related IT fields aiming to diversify their skills. Businesses looking to train their IT staff in network best practices. Individuals aiming for CompTIA Network+ certification. Career path Network Administrator: £25,000 - £40,000 Network Engineer: £30,000 - £50,000 Network Analyst: £28,000 - £45,000 IT Support Specialist: £20,000 - £35,000 Network Security Specialist: £35,000 - £55,000 Systems Administrator: £25,000 - £45,000 Prerequisites This CompTIA Network does not require you to have any prior qualifications or experience. You can just enrol and start learning.This CompTIA Network was made by professionals and it is compatible with all PC's, Mac's, tablets and smartphones. You will be able to access the course from anywhere at any time as long as you have a good enough internet connection. Certification After studying the course materials, there will be a written assignment test which you can take at the end of the course. After successfully passing the test you will be able to claim the pdf certificate for £4.99 Original Hard Copy certificates need to be ordered at an additional cost of £8. Course Curriculum Network Theory OSI Layers 00:44:00 LANs and WANs 00:14:00 Network Types 00:07:00 Transmissions 00:36:00 Bounded Network Media Cables 00:41:00 Fiber Optics 00:17:00 Converters and Connectors 00:27:00 Unbounded Network Media 802.11 Standard 00:20:00 Wireless 00:11:00 Wireless Options 00:19:00 Network Implementations Topologies 00:39:00 Ethernet 00:50:00 Switches 01:48:00 VLANs 00:52:00 TCP/IP Addressing and Data Delivery Network Communication Protocols 00:37:00 IPv4 00:26:00 Special Addresses 00:13:00 CIDR 00:11:00 IPv6 00:31:00 Routing Routes 00:59:00 Routing Types 00:18:00 TCP/IP Services TCP and IP 00:40:00 FQDN and DNS 00:28:00 Transport-layer Protocols 00:05:00 UDP 00:06:00 WAN Infrastructure Wide Area Networks 00:18:00 QoS 00:39:00 Voice-over-Data Systems 00:06:00 Cloud and Virtualization Technologies Types of Server Virtualization 00:27:00 Fibre Channel 00:05:00 Cloud Concepts.prproj 00:24:00 Network Security Basics Wireless Security 00:15:00 Authentication.prproj 00:21:00 Wireless Security Threats 00:30:00 TACACS 00:10:00 Keys 00:26:00 Preventing Security Breaches Potent Points to Clear Channel Pain - Part 6 00:01:00 Vulnerabilities 00:16:00 Attacks 00:58:00 Authentication 00:25:00 Benefits of Acupressure 3 00:02:00 Education and Awareness 00:03:00 Responding to Security Incidents Response Policy 00:04:00 Remote Networking RADIUS 00:07:00 VPN Technologies 00:16:00 Tunneling Protocols.prproj 00:05:00 Network Management Acceptable Use 01:00:00 Troubleshooting Network Issues Common Problems 00:32:00 Troubleshooting 00:28:00 Network Technician Tools 00:46:00 Physical and Logical Issues 00:19:00 Open or Closed Ports 00:09:00 ARP Issues 00:13:00 Planning and Implementing a SOHO Network SOHO Network 00:15:00 Mock Exam Mock Exam - CompTIA Network 00:20:00 Final Exam Final Exam - CompTIA Network 00:20:00

Description: This Certified Incident Handling Engineer (CIHE) - Complete Video Training covers everything you need to know about becoming a Certified Incident Handling Engineer. In this course, you will learn about threats, vulnerabilities and exploits, IH preparation, request trackers for incident handling, preliminary responses, identification and initial responses, Sysinternals, containment, eradication, follow-up, recovery, virtualization security, and malware incident handling. In this in-depth training, you will learn step-by-step approaches used by hackers globally, the latest attack vectors and how to safeguard against them, Incident Handling procedures (including developing the process from start to finish and establishing your Incident Handling team), strategies for each type of attack, recovering from attacks and much more. With the help of this course will be able to confidently undertake the CIHE certification examination (recommended). You will enjoy an in-depth course that is continuously updated to maintain and incorporate the ever-changing security world. Assessment: At the end of the course, you will be required to sit for an online MCQ test. Your test will be assessed automatically and immediately. You will instantly know whether you have been successful or not. Before sitting for your final exam you will have the opportunity to test your proficiency with a mock exam. Certification: After completing and passing the course successfully, you will be able to obtain an Accredited Certificate of Achievement. Certificates can be obtained either in hard copy at a cost of £39 or in PDF format at a cost of £24. Who is this Course for? Certified Incident Handling Engineer (CIHE) - Complete Video Training is certified by CPD Qualifications Standards and CiQ. This makes it perfect for anyone trying to learn potential professional skills. As there is no experience and qualification required for this course, it is available for all students from any academic background. Requirements Our Certified Incident Handling Engineer (CIHE) - Complete Video Training is fully compatible with any kind of device. Whether you are using Windows computer, Mac, smartphones or tablets, you will get the same experience while learning. Besides that, you will be able to access the course with any kind of internet connection from anywhere at any time without any kind of limitation. Career Path After completing this course you will be able to build up accurate knowledge and skills with proper confidence to enrich yourself and brighten up your career in the relevant job market. Introduction Introduction FREE 00:09:00 Threats, Vulnerabilities and Exploits Threats, Vulnerabilities and Exploits 00:48:00 IH Preparation IH Preparation 00:45:00 Request Tracker for Incident Handling Request Tracker for Incident Handling 00:12:00 Preliminary Response Preliminary Response 00:30:00 Identification and Initial Response Identification and Initial Response 00:12:00 Sysinternals Sysinternals 00:13:00 Containment Containment 00:16:00 Eradication Eradication 00:29:00 Follow-up Follow-up 00:12:00 Recovery Recovery 00:16:00 Virtualization Security Virtualization Security 00:13:00 Malware Incident Handling Malware Incident Handling 01:14:00 Mock Exam Mock Exam- Certified Incident Handling Engineer (CIHE) - Complete Video Training 00:20:00 Final Exam Final Exam- Certified Incident Handling Engineer (CIHE) - Complete Video Training 00:20:00 Certificate and Transcript Order Your Certificates and Transcripts 00:00:00

Duration 5 Days 30 CPD hours This course is intended for Security Engineers, Security Administrators, Security Operations Specialists, Security Analysts, and Support Staff Overview The Palo Alto Networks Firewall 10.2 Essentials: Configuration and Management (EDU-210) course is five days of instructor-led training that will help you to: Configure and manage the essential features of Palo Alto Networks next-generation firewalls Configure and manage Security and NAT policies to enable approved traffic to and from zones Configure and manage Threat Prevention strategies to block traffic from known and unknown IP addresses, domains, and URLs Monitor network traffic using the interactive web interface and firewall reports Palo Alto Networks next-generation firewalls are architected to safely enable applications and prevent modern threats. Their approach identifies all network traffic based on applications, users, content and devices, and lets you express your business policies in the form of easy-to-understand security rules. Flexible deployment options and native integration with their next-generation security platform extend the policy enforcement and cyberthreat prevention to everywhere your users and data are located: in your network, on your endpoints and in the cloud. Palo Alto Networks next-generation firewalls are architected to safely enable applications and prevent modern threats. Their approach identifies all network traffic based on applications, users, content and devices, and lets you express your business policies in the form of easy-to-understand security rules. Flexible deployment options and native integration with their next-generation security platform extend the policy enforcement and cyberthreat prevention to everywhere your users and data are located: in your network, on your endpoints and in the cloud.

Employees, managers and directors should all have a good understanding of the threat posed by cyber-attacks and the importance of guarding against data breaches. This short course will explain why cyber attacks and data breaches happen and provide practical advice on how to set up effective defences.

This course will get you started with Nmap and teach you all the techniques and tricks needed for scanning and probing computer networks, including host discovery and operating system detection by sending packets and analyzing the responses.

This is a multi-part series to assist the participant in evaluating all the necessary components to conducting a cyber risk assessment. The purpose of a cyber risk assessment lies in the objectives of ensuring: Availability Confidentiality Integrity of data Integrity of processing We utilize the National Institute of Standards and Technology (NIST) cybersecurity framework to walk through various elements that should be considered with a cyber risk assessment. A previous segment delved into the first function outlined by NIST which is the “Identify” concept. This segment will delve into the “protect” function. We try to protect our information assets and systems against attack. Protection strategies can be the first line of defense, and breaches usually are a failure of protection strategies. Utilizing the concepts of categories and sub-categories an organization can effectively begin to map out their cyber risk process. The sub-categories of the protect function include: Awareness control Awareness and training Data security Information protection and procedures Maintenance Protective technologies This segment is dedicated to delving into each of these sub-categories and outlining possible considerations for protecting information and cyber assets. Learning Objectives Explore the objectives of a cyber risk management assessment. Explore security control designations. Explore the concept of baseline controls. Identify the requirements of ensuring awareness control within the protect function. Identify the requirements of ensuring awareness and training within the protect function. Identify the requirements of ensuring data security within the protect function. Identify the requirements of ensuring information protection and procedures within the protect function. Identify the requirements of ensuring maintenance within the protect function. Identify the requirements of ensuring protective technology within the protect function. Recognised Accreditation This course is accredited by continuing professional development (CPD). CPD UK is globally recognised by employers, professional organisations, and academic institutions, thus a certificate from CPD Certification Service creates value towards your professional goal and achievement. The Quality Licence Scheme is a brand of the Skills and Education Group, a leading national awarding organisation for providing high-quality vocational qualifications across a wide range of industries. What is CPD? Employers, professional organisations, and academic institutions all recognise CPD, therefore a credential from CPD Certification Service adds value to your professional goals and achievements. Benefits of CPD Improve your employment prospects Boost your job satisfaction Promotes career advancement Enhances your CV Provides you with a competitive edge in the job market Demonstrate your dedication Showcases your professional capabilities What is IPHM? The IPHM is an Accreditation Board that provides Training Providers with international and global accreditation. The Practitioners of Holistic Medicine (IPHM) accreditation is a guarantee of quality and skill. Benefits of IPHM It will help you establish a positive reputation in your chosen field You can join a network and community of successful therapists that are dedicated to providing excellent care to their client You can flaunt this accreditation in your CV It is a worldwide recognised accreditation What is Quality Licence Scheme? This course is endorsed by the Quality Licence Scheme for its high-quality, non-regulated provision and training programmes. The Quality Licence Scheme is a brand of the Skills and Education Group, a leading national awarding organisation for providing high-quality vocational qualifications across a wide range of industries. Benefits of Quality License Scheme Certificate is valuable Provides a competitive edge in your career It will make your CV stand out Course Curriculum Introduction Introduction and Objectives to Cyber Risk Assessment: Protect 00:04:00 Identify Critical Assets 00:07:00 Prioritize 00:07:00 Prioritize with Criticality 00:16:00 Prioritize Further Utilizing Impacts 00:10:00 Prioritize Further Utilizing Impacts Continued 00:10:00 Applying Likelihood to Impact 00:02:00 Integrating Priority with Impact/Likelihood 00:10:00 Summary 00:10:00 Supplementary Resources Supplementary Resources - Cyber Risk Framework - Protect Assets 00:00:00 Obtain Your Certificate Order Your Certificate of Achievement 00:00:00 Get Your Insurance Now Get Your Insurance Now 00:00:00 Feedback Feedback 00:00:00

Duration 5 Days 30 CPD hours This course is intended for This course is targeted towards the information technology (IT) professional that has a minimum 1 year IT Security and Networking experience. This course would be ideal for Information System Owners, Security Officers, Ethical Hackers, Information Owners, Penetration Testers, System Owner and Managers as well as Cyber Security Engineers. Overview Upon completion, the Certified Professional Ethical Hacker candidate will be able to competently take the CPEH exam. The CPEH certification training enables students to understand the importance of vulnerability assessments and how to implement counter response along with preventative measures when it comes to a network hack. Security Fundamentals Overview The Growth of Environments and Security Our Motivation? The Goal: Protecting Information! CIA Triad in Detail Approach Security Holistically Security Definitions Definitions Relationships Method: Ping The TCP/IP Stack Which Services Use Which Ports? TCP 3-Way Handshake TCP Flags Malware Types of Malware Types of Malware Cont... Types of Viruses More Malware: Spyware Trojan Horses Back Doors DoS DDoS Packet Sniffers Passive Sniffing Active Sniffing Firewalls, IDS and IPS Firewall ? First Line of Defense IDS ? Second Line of Defense IPS ? Last Line of Defense? Firewalls Firewall Types: (1) Packet Filtering Firewall Types: (2) Proxy Firewalls Firewall Types ? Circuit-Level Proxy Firewall Type of Circuit- Level Proxy ? SOCKS Firewall Types ? Application-Layer Proxy Firewall Types: (3) Stateful Firewall Types: (4) Dynamic Packet-Filtering Firewall Types: (5) Kernel Proxies Firewall Placement Firewall Architecture Types ? Screened Host Multi- or Dual-Homed Screened Subnet Wi-Fi Network Types Wi-Fi Network Types Widely Deployed Standards Standards Comparison 802.11n - MIMO Overview of Database Server Review Access Controls Overview Role of Access Control Definitions More Definitions Categories of Access Controls Physical Controls Logical Controls ?Soft? Controls Security Roles Steps to Granting Access Access Criteria Physical Access Control Mechanisms Biometric System Types Synchronous Token Asynchronous Token Device Memory Cards Smart Card Cryptographic Keys Logical Access Controls OS Access Controls Linux Access Controls Accounts and Groups Password & Shadow File Formats Accounts and Groups Linux and UNIX Permissions Set UID Programs Trust Relationships Review Protocols Protocols Overview OSI ? Application Layer OSI ? Presentation Layer OSI ? Session Layer Transport Layer OSI ? Network Layer OSI ? Data Link OSI ? Physical Layer Protocols at Each OSI Model Layer TCP/IP Suite Port and Protocol Relationship Conceptual Use of Ports UDP versus TCP Protocols ? ARP Protocols ? ICMP Network Service ? DNS SSH Security Protocol SSH Protocols ? SNMP Protocols ? SMTP Packet Sniffers Example Packet Sniffers Review Cryptography Overview Introduction Encryption Cryptographic Definitions Encryption Algorithm Implementation Symmetric Encryption Symmetric Downfalls Symmetric Algorithms Crack Times Asymmetric Encryption Public Key Cryptography Advantages Asymmetric Algorithm Disadvantages Asymmetric Algorithm Examples Key Exchange Symmetric versus Asymmetric Using the Algorithm Types Together Instructor Demonstration Hashing Common Hash Algorithms Birthday Attack Example of a Birthday Attack Generic Hash Demo Instructor Demonstration Security Issues in Hashing Hash Collisions MD5 Collision Creates Rogue Certificate Authority Hybrid Encryption Digital Signatures SSL/TLS SSL Connection Setup SSL Hybrid Encryption SSH IPSec - Network Layer Protection IPSec IPSec Public Key Infrastructure Quantum Cryptography Attack Vectors Network Attacks More Attacks (Cryptanalysis) Review Why Vulnerability Assessments? Overview What is a Vulnerability Assessment? Vulnerability Assessment Benefits of a Vulnerability Assessment What are Vulnerabilities? Security Vulnerability Life Cycle Compliance and Project Scoping The Project Overview Statement Project Overview Statement Assessing Current Network Concerns Vulnerabilities in Networks More Concerns Network Vulnerability Assessment Methodology Network Vulnerability Assessment Methodology Phase I: Data Collection Phase II: Interviews, Information Reviews, and Hands-On Investigation Phase III: Analysis Analysis cont. Risk Management Why Is Risk Management Difficult? Risk Analysis Objectives Putting Together the Team and Components What Is the Value of an Asset? Examples of Some Vulnerabilities that Are Not Always Obvious Categorizing Risks Some Examples of Types of Losses Different Approaches to Analysis Who Uses What? Qualitative Analysis Steps Quantitative Analysis ALE Values Uses ALE Example ARO Values and Their Meaning ALE Calculation Can a Purely Quantitative Analysis Be Accomplished? Comparing Cost and Benefit Countermeasure Criteria Calculating Cost/Benefit Cost of a Countermeasure Can You Get Rid of All Risk? Management?s Response to Identified Risks Liability of Actions Policy Review (Top-Down) Methodology Definitions Policy Types Policies with Different Goals Industry Best Practice Standards Components that Support the Security Policy Policy Contents When Critiquing a Policy Technical (Bottom-Up) Methodology Review Vulnerability Tools of the Trade Vulnerability Scanners Nessus SAINT ? Sample Report Tool: Retina Qualys Guard http://www.qualys.com/products/overview/ Tool: LANguard Microsoft Baseline Analyzer MBSA Scan Report Dealing with Assessment Results Patch Management Options Review Output Analysis and Reports Overview Staying Abreast: Security Alerts Vulnerability Research Sites Nessus SAINT SAINT Reports GFI Languard GFI Reports MBSA MBSA Reports Review Reconnaissance, Enumeration & Scanning Reconnaissance Overview Step One in the Hacking ?Life-Cycle? What Information is Gathered by the Hacker? Passive vs. Active Reconnaissance Footprinting Defined Social Access Social Engineering Techniques Social Networking Sites People Search Engines Internet Archive: The WayBack Machine Footprinting Tools Overview Maltego GUI Johnny.Ihackstuff.com Google (cont.) Domain Name Registration WHOIS Output DNS Databases Using Nslookup Traceroute Operation Web Server Info Tool: Netcraft Introduction to Port Scanning Which Services use Which Ports? Port Scan Tips Port Scans Shou