Name: Advanced TCP/IP
Price: 3697 GBP
Availability: InStock

Redhill

<h3>OpenSSL for engineers training course description</h3>
 
 A hands on course covering OpenSSL. The course
focusses on the use of OpenSSL from the command
line as opposed to using its extensive libraries.
Certificate authorities are configured along with key
generation, HTTPS and a SSL VPN. 
 
				<h5>What will you learn</h5>
				<ul>
				 
 <li>Describe OpenSSL.</li>
 <li>Use OpenSSL.</li>
 <li>Describe and implement:</li>
																										<li>Explain how the various technologies involved in an
OpenSSL work.</li>
 
 </ul>
 <h5>
 OpenSSL for engineers training course details </h5>
				<div>
					<div>
						<ul>
							<li> Who will benefit: </li>
							
 Network personnel.
 
							<li>Prerequisites:</li>
							
 IP security foundation for engineers
 
							<li>Duration</li>
							
 2 days
 
							
 
 
						</ul>
					</div>
				</div>
 <h3>OpenSSL for engineers training course contents</h3>
				<ul>	<li>What is OpenSSL? </li>
What is SSL? SSL versions, TLS, TLS negotiation, TLS authentication, What is OpenSSL, Command line tool, SSL library. OpenSSH, OpenVPN.
 Hands on TLS packet analysis.

<li>Getting started with OpenSSL </li>
Downloading, source code, packages, installing, versions, configuration, openssl command. Cipher suite selection.
 Hands on Encrypting a file with openssl.

<li>Public and private keys </li>
Algorithms, creating keys, public keys, private keys, encrypting the private key.
 Hands on Encrypting a file with keys.

<li>Digital signatures </li>
Creating signatures, checking validity of signatures, Self signing SSL certificates. Viewing certificates. Certificate files. Converting between formats.
 Hands on Securing a web server with HTTPS.

<li>Simple PKI with OpenSSL </li>
Root CA, signing CA, configuration files, Certificate signing requests. Email certificates, TLS server certificates.
 Hands on Implementing a simple PKI with OpenSSL.

				</ul>

Systems & Network Training

Network & Security

Network Engineer

Definitive OpenSSL for engineers

General Admission

<h3>Cyber security training course description</h3>
 
 This cyber security course focusses on the network
side of security. Technologies rather than specific
products are studied focussing around the protection of
networks using firewalls and VPNs.
 
				<h5>What will you learn</h5>
				<ul>
				 
 <li>Describe: 
 
 	- Basic security attacks 
 		- RADIUS 
 		- SSL 
 		- VPNs 
 </li>
 <li>Deploy firewalls and secure networks</li>
 <li>Explain how the various technologies involved in an
IP VPN work.</li>
 <li>Describe and implement: 
 
 
					- L2TP 
					- IPsec 
 - SSL 
 - MPLS, L3, VPNs.</li>
 </ul>
 <h5>
 Cyber security training course details </h5>
				<div>
					<div>
						<ul>
							<li> Who will benefit: </li>
							
 Anyone working in the security field.
 
							<li>Prerequisites:</li>
							
 TCP/IP foundation for engineers
 
							<li>Duration</li>
							
 5 days
 
							
 
 
						</ul>
					</div>
				</div>
 <h3>Cyber security training course contents</h3>
				<ul>	<li>Security review </li>
Denial of service, DDOS, data manipulation, data theft, data destruction, security checklists, incident response.

<li>Security exploits </li>
IP spoofing, SYN attacks, hijacking, reflectors and amplification, keeping up to date with new threats.
 Hands on port scanning, use a 'hacking' tool.

<li>Client and Server security </li>
Windows, Linux, Log files, syslogd, accounts, data security.
 Hands on Server hardening.

<li>Firewall introduction </li>
What is a firewall? Firewall benefits, concepts.
 HAnds on launching various attacks on a target.

<li>Firewall types </li>
Packet filtering, SPI, Proxy, Personal. Software firewalls, hardware firewalls. Firewall products.
 Hands on Simple personal firewall configuration.

<li>Packet filtering firewalls </li>
Things to filter in the IP header, stateless vs. stateful filtering. ACLs. Advantages of packet filtering.
 Hands on Configuring packet filtering firewalls.

<li>Stateful packet filtering </li>
Stateful algorithms, packet-by-packet inspection, application content filtering, tracks, special handling (fragments, IP options), sessions with TCP and UDP. Firewall hacking detection: SYN attacks, SSL, SSH interception.
 Hands on SPI firewalls.

<li>Proxy firewalls </li>
Circuit level, application level, SOCKS. Proxy firewall plusses and minuses.
 Hands on Proxy firewalls.

<li>Firewall architectures </li>
Small office, enterprise, service provider, what is a DMZ? DMZ architectures, bastion hosts, multi DMZ. Virtual firewalls, transparent firewalls. Dual firewall design, high availability, load balancing, VRRP.
 Hands on Resilient firewall architecture.

<li>Testing firewalls </li>
Configuration checklist, testing procedure, monitoring firewalls, logging, syslog.
 Hands on Testing firewalls.

<li>Encryption </li>
Encryption keys, Encryption strengths, Secret key vs Public key, algorithms, systems, SSL, SSH, Public Key Infrastructures.
 Hands on Password cracking.

<li>Authentication </li>
Types of authentication, Securid, Biometrics, PGP, Digital certificates, X.509 v3, Certificate authorities, CRLs, RADIUS.
 Hands on Using certificates.

<li>VPN overview </li>
What is a VPN? What is an IP VPN? VPNs vs. Private Data Networks, Internet VPNs, Intranet VPNs, Remote access VPNs, Site to site VPNs, VPN benefits and disadvantages.

<li>VPN Tunnelling </li>
VPN components, VPN tunnels, tunnel sources, tunnel end points, tunnelling topologies, tunnelling protocols, which tunnelling protocol? Requirements of tunnels.

<li>L2TP </li>
Overview, components, how it works, security, packet authentication, L2TP/IPsec, L2TP/PPP, L2 vs L3 tunnelling.
 Hands on Implementing a L2TP tunnel.

<li>IPsec </li>
AH, HMAC, ESP, transport and tunnel modes, Security Association, encryption and authentication algorithms, manual vs automated key exchange, NAT and other issues.
 Hands on Implementing an IPsec VPN.

<li>SSL VPNs </li>
Layer 4 VPNs, advantages, disadvantages. SSL. TLS. TLS negotiation, TLS authentication. TLS and certificates.
 Hands on Implementing a SSL VPN.

<li>MPLS VPNs </li>
Introduction to MPLS, why use MPLS, Headers, architecture, label switching, LDP, MPLS VPNs, L2 versus L3 VPNs. Point to point versus multipoint MPLS VPNs. MBGP and VRFs and their use in MPLS VPNs.
 Hands on Implementing a MPLS L3 VPN.

<li>Penetration testing </li>
Hacking webservers, web applications, Wireless networks and mobile platforms. Concepts, threats, methodology.
 Hands on Hacking tools and countermeasures.


				</ul>

Cyber security for engineers

<h3>SIP security training course description</h3>
 
 A hands-on course covering SIP security. It is assumed that delegates already know SIP as this course focuses purely on the security issues in SIP IP telephony networks. Hands-on practicals follow each major theory session and include use of various SIP security tools such as vomit, sipp, sipsak and sivus amongst others.
 
				<h5>What will you learn</h5>
				<ul>
				 
 <li>Secure SIP networks</li>
					<li>Use various SIP security tools</li>
 </ul>
				
 <h5>SIP security training course details </h5>
				<div>
					<div>
						<ul>
							<li> Who will benefit: </li>
							
 Technical staff working with SIP. 
 Technical security staff.
 
							<li>Prerequisites:</li>
							
 SIP for engineers
 
							<li>Duration</li>
							
 2 days
 
							
 
 
						</ul>
					</div>
				</div>
 <h3>SIP security training course contents</h3>
				<ul>	<li>SIP review</li>
SIP infrastructure and entities, example SIP session.
 Hands on Simple SIP network with and without
authentication.
					<li>SIP security attacks</li>
 DOS attacks, infrastructure attacks, eavesdropping,
spoofing, replay, message integrity. Hands on Basic
SIP packet capture, infrastructure attacks.
<li>SIP tools</li>
 SIP packet creation: Sivus, SIPsak, PROTOS, SFTF,
SIP bomber, SIPp, Seagull, Nastysip. SIP packet
generators: SIPNess, NetDude. Monitoring:
Wireshark, Cain &amp; Abel, Vomit, Oreka, VoiPong.
Scripts and tools: SIP-Fun, Skora.net, kphone-ddos,
sip-scan, sip-kill, sip-redirectrtp. Health of different
tools. Hands on Generating SIP packets, rebuilding
conversations from captured packets, password
cracking.
<li>VPNs and SIP</li>
 IPSec, AH, ESP, transport mode, tunnel mode, Pre
Shared Keys, Public keys. Hands on SIP calls over
IPSec.
<li>Secure SIP signaling</li>
 SIP relationship with HTTP, Deprecated HTTP 1.0
basic authentication, HTTP 1.1 Digest authentication,
S/MIME, SIPS, SIPS URI, TLS, DTLS, PKI
infrastructures. Hands on SIP with TLS.
<li>Secure media streams</li>
 SRTP, features, packet format, default encryption,
default authentication, key distribution. S/MIME,
MIKEY, SDP security descriptions. SIP security
agreements. Hands on Analysing SRTP packets.
<li>Firewalls</li>
 NAT traversal. Impact of firewall on infrastructure
attacks. TLS and firewalls. SIP specific firewalls.
 Hands on SIP calls through a firewall. 


				</ul>

SIP security for engineers

<h3>Securing UNIX systems training course description</h3>
 This course teaches you everything you need to know
to build a safe Linux environment. The first section
handles cryptography and authentication with
certificates, openssl, mod_ssl, DNSSEC and filesystem
encryption. Then Host security and hardening is
covered with intrusion detection, and also user
management and authentication. Filesystem Access
control is then covered. Finally network security is
covered with network hardening, packet filtering and
VPNs. 
 
				<h5>What will you learn</h5>
				<ul>
				 
 <li>Secure UNIX accounts.</li>
					 <li>Secure UNIX file systems.</li>
 <li>Secure UNIX access through the network.</li>
 </ul>
 
 
 <h5>
 Securing UNIX systems course details </h5>
				<div>
					<div>
						<ul>
							<li> Who will benefit: </li>
							
 Linux technical staff needing to secure their systems.
 
							<li>Prerequisites:</li>
							
 Linux system administration (LPIC-1)
 
							<li>Duration</li>
							
 5 days
						
 
							
 
 
						</ul>
					</div>
				</div>
 <h3>Securing UNIX systems course contents</h3>
 <ul>
				<li>Cryptography</li>
<li>Certificates and Public Key Infrastructures</li>
				X.509 certificates, lifecycle, fields and certificate
extensions. Trust chains and PKI. openssl. Public and
private keys. Certification authority. Manage server and
client certificates. Revoke certificates and CAs.
<li>Encryption, signing and authentication</li>
SSL, TLS, protocol versions. Transport layer security
threats, e.g. MITM. Apache HTTPD with mod_ssl for
HTTPS service, including SNI and HSTS. HTTPD with
mod_ssl to authenticate users using certificates. HTTPD
with mod_ssl to provide OCSP stapling. Use OpenSSL
for SSL/TLS client and server tests.
<li>Encrypted File Systems</li>
Block device and file system encryption. dm-crypt with
LUKS to encrypt block devices. eCryptfs to encrypt file
systems, including home directories and, PAM
integration, plain dm-crypt and EncFS.
<li>DNS and cryptography</li>
DNSSEC and DANE. BIND as an authoritative name
server serving DNSSEC secured zones. BIND as an
recursive name server that performs DNSSEC validation,
KSK, ZSK, Key Tag, Key generation, key storage, key
management and key rollover, Maintenance and resigning of zones, Use DANE. TSIG.
				<li>Host Security</li>
<li>Host Hardening</li>
BIOS and boot loader (GRUB 2) security. Disable
useless software and services, sysctl for security related
kernel configuration, particularly ASLR, Exec-Shield and
IP / ICMP configuration, Exec-Shield and IP / ICMP
configuration, Limit resource usage. Work with chroot
environments, Security advantages of virtualization.
<li>Host Intrusion Detection</li>
The Linux Audit system, chkrootkit, rkhunter, including
updates, Linux Malware Detect, Automate host scans
using cron, AIDE, including rule management,
OpenSCAP.
<li>User Management and Authentication</li>
NSS and PAM, Enforce password policies. Lock
accounts automatically after failed login attempts,
SSSD, Configure NSS and PAM for use with SSSD,
SSSD authentication against Active Directory, IPA,
LDAP, Kerberos and local domains, Kerberos and local
domains, Kerberos tickets.
<li>FreeIPA Installation and Samba Integration</li>
FreeIPA, architecture and components. Install and
manage a FreeIPA server and domain, Active Directory
replication and Kerberos cross-realm trusts, sudo,
autofs, SSH and SELinux integration in FreeIPA.
				<li>Access Control</li>
<li>Discretionary Access Control</li>
File ownership and permissions, SUID, SGID. Access
control lists, extended attributes and attribute classes.
<li>Mandatory Access Control</li>
TE, RBAC, MAC, DAC. SELinux, AppArmor and Smack.
<li>etwork File Systems</li>
NFSv4 security issues and improvements, NFSv4
server and clients, NFSv4 authentication mechanisms
(LIPKEY, SPKM, Kerberos), NFSv4 pseudo file system,
NFSv4 ACLs. CIFS clients, CIFS Unix Extensions, CIFS
security modes (NTLM, Kerberos), mapping and
handling of CIFS ACLs and SIDs in a Linux system. 
				<li>Network Security</li>
<li>Network Hardening</li>
FreeRADIUS, nmap, scan methods. Wireshark, filters
and statistics. Rogue router advertisements and DHCP
messages.
<li>Network Intrusion Detection</li>
ntop, Cacti, bandwidth usage monitoring, Snort, rule
management, OpenVAS, NASL.
<li>Packet Filtering</li>
Firewall architectures, DMZ, netfilter, iptables and
ip6tables, standard modules, tests and targets. IPv4 and
IPv6 packet filtering. Connection tracking, NAT. IP sets
and netfilter rules, nftables and nft. ebtables. conntrackd
<li>Virtual Private Networks</li>
OpenVPN server and clients for both bridged and routed
VPN networks. IPsec server and clients for routed VPN
networks using IPsec-Tools / racoon. L2TP.

 </ul>

Securing UNIX systems

<h3>Securing Linux systems training course description</h3>
 This course teaches you everything you need to know
to build a safe Linux environment. The first section
handles cryptography and authentication with
certificates, openssl, mod_ssl, DNSSEC and filesystem
encryption. Then Host security and hardening is
covered with intrusion detection, and also user
management and authentication. Filesystem Access
control is then covered. Finally network security is
covered with network hardening, packet filtering and
VPNs. 
 
				<h5>What will you learn</h5>
				<ul>
				 
 <li>Secure Linux accounts.</li>
					 <li>Secure Linux file systems.</li>
 <li>Secure Linux access through the network.</li>
 </ul>
 
 
 <h5>
 Securing Linux systems training course details </h5>
				<div>
					<div>
						<ul>
							<li> Who will benefit: </li>
							
 Linux technical staff needing to secure their systems.
 
							<li>Prerequisites:</li>
							
 Linux system administration (LPIC-1)
 
							<li>Duration</li>
							
 5 days
						
 
							
 
 
						</ul>
					</div>
				</div>
 <h3>Securing Linux systems training course contents</h3>
 <ul>
				<li>Cryptography</li>
<li>Certificates and Public Key Infrastructures</li>
				X.509 certificates, lifecycle, fields and certificate
extensions. Trust chains and PKI. openssl. Public and
private keys. Certification authority. Manage server and
client certificates. Revoke certificates and CAs.
<li>Encryption, signing and authentication</li>
SSL, TLS, protocol versions. Transport layer security
threats, e.g. MITM. Apache HTTPD with mod_ssl for
HTTPS service, including SNI and HSTS. HTTPD with
mod_ssl to authenticate users using certificates. HTTPD
with mod_ssl to provide OCSP stapling. Use OpenSSL
for SSL/TLS client and server tests.
<li>Encrypted File Systems</li>
Block device and file system encryption. dm-crypt with
LUKS to encrypt block devices. eCryptfs to encrypt file
systems, including home directories and, PAM
integration, plain dm-crypt and EncFS.
<li>DNS and cryptography</li>
DNSSEC and DANE. BIND as an authoritative name
server serving DNSSEC secured zones. BIND as an
recursive name server that performs DNSSEC validation,
KSK, ZSK, Key Tag, Key generation, key storage, key
management and key rollover, Maintenance and resigning of zones, Use DANE. TSIG.
				<li>Host Security</li>
<li>Host Hardening</li>
BIOS and boot loader (GRUB 2) security. Disable
useless software and services, sysctl for security related
kernel configuration, particularly ASLR, Exec-Shield and
IP / ICMP configuration, Exec-Shield and IP / ICMP
configuration, Limit resource usage. Work with chroot
environments, Security advantages of virtualization.
<li>Host Intrusion Detection</li>
The Linux Audit system, chkrootkit, rkhunter, including
updates, Linux Malware Detect, Automate host scans
using cron, AIDE, including rule management,
OpenSCAP.
<li>User Management and Authentication</li>
NSS and PAM, Enforce password policies. Lock
accounts automatically after failed login attempts,
SSSD, Configure NSS and PAM for use with SSSD,
SSSD authentication against Active Directory, IPA,
LDAP, Kerberos and local domains, Kerberos and local
domains, Kerberos tickets.
<li>FreeIPA Installation and Samba Integration</li>
FreeIPA, architecture and components. Install and
manage a FreeIPA server and domain, Active Directory
replication and Kerberos cross-realm trusts, sudo,
autofs, SSH and SELinux integration in FreeIPA.
				<li>Access Control</li>
<li>Discretionary Access Control</li>
File ownership and permissions, SUID, SGID. Access
control lists, extended attributes and attribute classes.
<li>Mandatory Access Control</li>
TE, RBAC, MAC, DAC. SELinux, AppArmor and Smack.
<li>etwork File Systems</li>
NFSv4 security issues and improvements, NFSv4
server and clients, NFSv4 authentication mechanisms
(LIPKEY, SPKM, Kerberos), NFSv4 pseudo file system,
NFSv4 ACLs. CIFS clients, CIFS Unix Extensions, CIFS
security modes (NTLM, Kerberos), mapping and
handling of CIFS ACLs and SIDs in a Linux system. 
				<li>Network Security</li>
<li>Network Hardening</li>
FreeRADIUS, nmap, scan methods. Wireshark, filters
and statistics. Rogue router advertisements and DHCP
messages.
<li>Network Intrusion Detection</li>
ntop, Cacti, bandwidth usage monitoring, Snort, rule
management, OpenVAS, NASL.
<li>Packet Filtering</li>
Firewall architectures, DMZ, netfilter, iptables and
ip6tables, standard modules, tests and targets. IPv4 and
IPv6 packet filtering. Connection tracking, NAT. IP sets
and netfilter rules, nftables and nft. ebtables. conntrackd
<li>Virtual Private Networks</li>
OpenVPN server and clients for both bridged and routed
VPN networks. IPsec server and clients for routed VPN
networks using IPsec-Tools / racoon. L2TP.

 </ul>

Securing Linux systems

<h3>Definitive 802.1X training course description</h3>
 
 A hands-on training course concentrating solely on 802.1X. Hands on sessions follow major chapters to reinforce the theory.
 
				<h5>What will you learn</h5>
				<ul>
				 
 <li>Describe 802.1X.</li>
 		 <li>Explain how 802.1X works</li>
 		 <li>Configure 802.1X</li>
 		 <li>Troubleshoot 802.1X.</li>
 </ul>
				
 <h5>Definitive 802.1X training course details </h5>
				<div>
					<div>
						<ul>
							<li> Who will benefit: </li>
							
 Technical network staff. 
 Technical security staff.
 
							<li>Prerequisites:</li>
							
 SIP for engineers
 
							<li>Duration</li>
							
 2 days
 
							
 
 
						</ul>
					</div>
				</div>
 <h3>Definitive 802.1X training course contents</h3>
				<ul>	<li>Introduction</li>
What is 802.1X? Authentication access, 802.3,
802.11. IEEE, 802, 802.1X-2001, 802.1X-2010.
				<li>Architecture</li>
Supplicant, Authenticator, Authentication server,
EAP, EAPOL, RADIUS, Diameter.
<li>Port configuration</li>
802.1X in a switch environment.
 Hands on Configuring 802.1X.
<li>How it works</li>
Controlled ports, uncontrolled ports.
Authentication flow chart, Initialisation, initiation,
negotiation, authentication.
 Hands on 802.1X packet analysis.
<li>802.1X and 802.11</li>
WiFi, WiFi security.
 Hands on 802.1X WiFi port access.
<li>EAP</li>
Extensible Authentication Protocol, RFC 3748,
RFC 5247. EAP methods: Weak, MD5, LEAP,
Strong: TTLS, TLS, FAST. Encapsulation:
802.1X, PEAP, RADIUS, Diameter, PPP.
<li>802.1X accounting</li>
RADIUS, accounting messages, 802.1X
accounting AV pairs.
<li>8021.X and VLANS</li>
VLANs, Guest VLAN, restricted VLAN, voice
VLAN.
 Hands on VLAN assignments with 802.1X.


				</ul>

Definitive 802.1X for engineers

<h3>Network forensics training course description</h3>
 
 This course studies network forensics-monitoring and
analysis of network traffic for information gathering,
intrusion detection and legal evidence. We focus on the
technical aspects of network forensics rather than other
skills such as incident response procedures etc.. Hands
on sessions follow all the major sections.
 
				<h5>What will you learn</h5>
				<ul>
				 
 <li>Recognise network forensic data sources.</li>
	<li>Perform network forensics using: 
		Wireshark 
 NetFlow 
			Log analysis 
		
		
</li>
 <li>Describe issues such as encryption.</li> 
 </ul>
 <h5>
 Network forensics training course details </h5>
				<div>
					<div>
						<ul>
							<li> Who will benefit: </li>
							
 Technical network and/or security staff. 
 
							<li>Prerequisites:</li>
							
 TCP/IP foundation for engineers.
 
							<li>Duration</li>
							
 3 days
 
							
 
 
						</ul>
					</div>
				</div>
 <h3>Network forensics training course contents</h3>
	<ul>				
					
<li>What is network forensics?</li>
What it is, host vs network forensics, purposes,
legal implications, network devices, network data
sources, investigation tools. Hands on whois, DNS
queries.
					
<li>Host side network forensics</li>
Services, connections tools. Hands on Windows
services, Linux daemons, netstat, ifoconfig/ipconfig,
ps and Process explorer, ntop, arp, resource
monitor.
<li>Packet capture and analysis</li>
Network forensics with Wireshark, Taps,
NetworkMiner. Hands on Performing Network
Traffic Analysis using NetworkMiner and Wireshark.
<li>Attacks</li>
DOS attacks, SYN floods, vulnerability exploits,
ARP and DNS poisoning, application attacks, DNS
ANY requests, buffer overflow attacks, SQL
injection attack, attack evasion with fragmentation.
 Hands on Detecting scans, using nmap, identifying
attack tools.
<li>Calculating location</li>
Timezones, whois, traceroute, geolocation. Wifi
positioning. Hands on Wireshark with GeoIP
lookup.
<li>Data collection</li>
NetFlow, sflow, logging, splunk, splunk patterns,
GRR. HTTP proxies. Hands on NetFlow
configuration, NetFlow analysis.
<li>The role of IDS, firewalls and logs</li>
Host based vs network based, IDS detection styles,
IDS architectures, alerting. Snort. syslog-ng.
Microsoft log parser. Hands on syslog, Windows
Event viewer.
<li>Correlation</li>
Time synchronisation, capture times, log
aggregation and management, timelines. Hands on
Wireshark conversations.
<li>Other considerations</li>
Tunnelling, encryption, cloud computing, TOR.
 Hands on TLS handshake in Wireshark.

	</ul>

Definitive network forensics for engineers

<h3>Security+ training course description</h3>
 
 A hands on course aimed at getting delegates successfully through the CompTia Security+ examination. 
 
				<h5>What will you learn</h5>
				<ul>
				 
 <li>Explain general security concepts.</li>
					<li>Describe the security concepts in communications.</li>
					<li>Describe how to secure an infrastructure.</li>
 <li>Recognise the role of cryptography.</li>
					<li>Describe operational/organisational security.</li>
 </ul>
 <h5>
 Security+ training course details </h5>
				<div>
					<div>
						<ul>
							<li> Who will benefit: </li>
							
 Those wishing to pass the Security+ exam.
 
							<li>Prerequisites:</li>
							
 TCP/IP foundation for engineers
 
							<li>Duration</li>
							
 5 days
 
							
 
 
						</ul>
					</div>
				</div>
 <h3>Security+ training course contents</h3>
				<ul>	<li>General security concepts</li>
Non-essential services and protocols. Access
control: MAC, DAC, RBAC. Security attacks: DOS,
DDOS, back doors, spoofing, man in the middle,
replay, hijacking, weak keys, social engineering,
mathematical, password guessing, brute force,
dictionary, software exploitation. Authentication:
Kerberos, CHAP, certificates, usernames/
passwords, tokens, biometrics. Malicious code:
Viruses, trojan horses, logic bombs, worms.
Auditing, logging, scanning.
					<li>Communication security</li>
Remote access: 802.1x, VPNs, L2TP, PPTP,
IPsec, RADIUS, TACACS, SSH. Email: S/MIME,
PGP, spam, hoaxes. Internet: SSL, TLS, HTTPS,
IM, packet sniffing, privacy, Javascript, ActiveX,
buffer overflows, cookies, signed applets, CGI,
SMTP relay. LDAP. sftp, anon ftp, file sharing,
sniffing, 8.3 names. Wireless: WTLS, 802.11,
802.11x, WEP/WAP.
	<li>Infrastructure security</li>
Firewalls, routers, switches, wireless, modems,
RAS, PBX, VPN, IDS, networking monitoring,
workstations, servers, mobile devices. Media
security: Coax, UTP, STP, fibre. Removable
media. Topologies: Security zones, DMZ, Intranet,
Extranet, VLANs, NAT, Tunnelling. IDS: Active/
passive, network/host based, honey pots, incident
response. Security baselines: Hardening OS/NOS,
networks and applications.
	<li>Cryptography basics</li>
Integrity, confidentiality, access control,
authentication, non-repudiation. Standards and
protocols. Hashing, symmetric, asymmetric. PKI:
Certificates, policies, practice statements,
revocation, trust models. Key management and
certificate lifecycles. Storage: h/w, s/w, private key
protection. Escrow, expiration, revocation,
suspension, recovery, destruction, key usage.
	<li>Operational/Organisation security</li>
Physical security: Access control, social
engineering, environment. Disaster recovery:
Backups, secure disaster recovery plans.
Business continuity: Utilities, high availability,
backups. Security policies: AU, due care, privacy,
separation of duties, need to know, password
management, SLAs, disposal, destruction, HR
policies. Incident response policy. Privilege
management: Users, groups, roles, single sign
on, centralised/decentralised. Auditing. Forensics:
Chain of custody, preserving and collecting
evidence. Identifying risks: Assets, risks, threats,
vulnerabilities. Role of education/training. Security
documentation. 

				</ul>

Security+

<h3>CWSP training course description</h3>
 A hands-on training course concentrating solely on WiFi security with an emphasis on the delegates learning the necessary knowledge and skills to pass the CWSP exam. The course progresses from simple authentication, encryption and key management onto in depth coverage of 802.X and EAP along with many other security solutions such as access control, intrusion prevention and secure roaming.
 
				<h5>What will you learn</h5>
				<ul>
				 
 
 							 <li>Demonstrate the threats to WiFi networks.</li>
 <li>Secure WiFi networks.</li>
 <li>Configure:
 
 WPA2 
 RADIUS 
 802.1x 
 EAP 
 
					</li>
 <li>Pass the CWSP exam.</li>
 </ul>
 
 <h5>
 CWSP training course details </h5>
				<div>
					<div>
						<ul>
							<li> Who will benefit: </li>
							
 Technical network staff. 
 Technical security staff. 
 
							<li>Prerequisites:</li>
							
 
 Certified Wireless Network Associate.
 
							<li>Duration</li>
							
 5 days
 
							
 
 
						</ul>
					</div>
				</div>
 <h3>CWSP training course contents</h3>
 <ul>
				<li>WLAN Security overview</li>
Standards, security basics, AAA, 802.11 security
history. Hands on WLAN connectivity.
				<li>Legacy 802.11 security</li>
Authentication: Open system, shared key. WEP.
VPNs. MAC filters. SSID segmentation, SSID
cloaking. Hands on Analysing 802.11 frame
exchanges, viewing hidden SSIDs.
<li>Encryption</li>
Basics, AES, TKIP, CCMP, WPA, WPA2. Hands on Decrypting 802.11 data frames.
<li>802.11 layer 2 authentication</li>
802.1X: Supplicant, Authenticator, Authentication
server. Credentials. Legacy authentication. EAP,
Weak EAP protocols, Strong EAP protocols: EAP
-PEAP, EAP-TTLS, EAP-TLS, EAP-FAST. Hands on Analysing 802.1X/EAP frames.
<li>802.11 layer 2 dynamic key generation</li>
Robust Security Network. Hands on
Authentication and key management.
<li>SOHO 802.11 security</li>
WPA/WPA2 personal, Preshared Keys, WiFi
Protected Setup (WPS). Hands on PSK
mapping.
<li>WLAN security infrastructure</li>
DS, Autonomous APs, WLAN controllers, split
MAC, mesh, bridging, location based access
control. Resilience. Wireless network
management system. RADIUS/LDAP servers,
PKI, RBAC. Hands on 802.1X/EAP
configuration. RADIUS configuration.
<li>802.11 Fast secure roaming</li>
History, RSNA, OKC, Fast BSS transition,
802.11k. Hands on Roaming.
<li>Wireless security risks</li>
Rogue devices, rogue prevention.
Eavesdropping, DOS attacks. Public access and
hotspots. Hands on Backtrack.
<li>WiFi security auditing</li>
Layer 1 audit, layer 2 audit, pen testing. WLAN
security auditing tools.
<li>WiFi security monitoring</li>
Wireless Intrusion Detection and Prevention
Systems. Device classification, WIDS/WIPS
analysis. Monitoring. 802.11w. Hands on Laptop
spectrum analysers.
<li>VPNs, remote access, guest access</li>
Role of VPNs in 802.11, remote access,
hotspots, captive portal.
<li>Wireless security policies</li>
General policy, functional policy,
recommendations.
 

 </ul>

Certified Wireless Security Professional

<h3>Advanced TCP/IP training course description</h3>
 An intensive advanced TCP/IP course focusing on the details of the protocols according to the RFCs. This course is designed to go into the technical details of the protocols and is not for those that are new to TCP/IP. A particular focus is on TCP and performance. Those more interested in routing protocols should see our Definitive IP routing for engineers course. It is expected that delegates are totally familiar with configuration addressing. Hands on sessions consist of protocol analysis using Wireshark.
 
				<h5>What will you learn</h5>
				<ul>
				 
 <li>Analyse packets and protocols in detail.</li>
 <li>Troubleshoot networks using Wireshark.</li>
 <li>Find performance problems using Wireshark.</li>
 <li>Perform network forensics.</li>
 </ul>
 <h5>Advanced TCP/IP training course details </h5>
				<div>
					<div>
						<ul>
							<li> Who will benefit: </li>
							
 Advanced technical staff. 
 
							<li>Prerequisites:</li>
							
 TCP/IP Foundation for engineers
 
							<li>Duration</li>
							
 5 days
 
							
 
 
						</ul>
					</div>
				</div>
 <h3>Advanced TCP/IP training course contents</h3>
				<ul>	<li>IP</li>
Fragmentation and MTU issues, Path MTU
discovery, Geolocation, unusual IP addresses,
forwarding broadcasts, DiffServ, DSCP, ECN,
assured and expedited forwarding. TTL usage in
traceroute, Protocol field. Sanitising IP addresses
in trace files. Wireshark and checksum errors.
<li>IPv6</li>
The header. Extension headers. Traffic class and
flow labels. Tunnelling. IPv6 and fragmentation.
<li>ARP</li>
Requests, responses, gratuitous ARP, Proxy ARP,
ARP poisoning.
<li>ICMP</li>
ping, Round Trip Times, ICMP redirect, ICMP
router advertisement and solicitation, Time
Exceeded, Destination unreachable. ICMPv6:
Similarity to ICMPv4, Neighbor discovery and the
replacement of ARP. MLD.
<li>First hop redundancy</li>
ICMP discovery, HSRP, VRRP, GLBP.
<li>IGMP</li>
Multicast overview, multicast architecture,
multicast addresses, IGMP v1, IGMPv2, IGMPv3.
<li>UDP</li>
Use in broadcasts and multicasts. Port numbers.
<li>TCP</li>
Connections, RST, FIN, sequence numbering,
packet loss recovery, Fast recovery, RTO timeout,
SACK, TCP flow control, receive window,
congestion window, van Jacobsen, nagle, delayed
ACKs, PSH, URG, TCP options, MSS, Window
scaling, TCP timestamps. Congestion notification.
 Hands on Troubleshooting with sequence
numbers, Wireshark IO and TCP graphs to
analyse performance. Window size issues.
<li>DHCP</li>
DHCP header. Relationship to BOOTP. Discover,
offer, request, decline, ACK, release. Lease,
renewal and rebind times. Relay agents. DHCPv6
<li>DNS</li>
Names and addresses, Resource Records,
queries, responses, problems. MDNS.
<li>HTTP</li>
Requests, methods, request modifiers, response
codes. HTTPS. SSL, TLS. Proxies. Hands on
Redirects, recreating pages from packets.
<li>FTP</li>
Commands, responses, passive/active mode.
<li>Email</li>
SMTP, POP3, IMAP, commands responses.
<li>Voice and Video</li>
RTP, RTCP, SIP. IP PBXs. Traffic flows. Hands on Voice playback.
<li>SNMP</li>
MIBs, GET, TRAP, polling.
<li>Performance</li>
Baselining, high latency, Wireshark and timings,
packet loss, redirections, small packets,
congestion, name resolution.
<li>Security</li>
Network forensics, scanning and discovery,
suspect traffic. IPsec, SSH.


				</ul>

1 Educators providing TLS courses in Birmingham

packt

Birmingham

Courses matching "TLS"

Definitive OpenSSL for engineers

By Systems & Network Training

Cyber security for engineers

By Systems & Network Training

SIP security for engineers

By Systems & Network Training

Securing UNIX systems

By Systems & Network Training

Securing Linux systems

By Systems & Network Training

Definitive 802.1X for engineers

By Systems & Network Training

Definitive network forensics for engineers

By Systems & Network Training

Security+

By Systems & Network Training

Certified Wireless Security Professional

By Systems & Network Training

Advanced TCP/IP

By Systems & Network Training

Search By Location