Course Code: secnets
Duration: 28 hours
Prerequisites:
  • knowledge of basic network issues
    computer (IP addressing, Ethernet, basic services – DNS, DHCP)
  • knowledge of Windows and Linux operating systems (basics of administration, system terminal)

Audience

  • people responsible for network and service security,
  • network and system administrators who want to learn about security systems,
  • everyone interested in the topic.
Overview:

The training presents the mechanisms and services ensuring security in modern
network solutions. Basic mechanisms for ensuring data confidentiality and integrity (encryption, certificates and PKI, secure password storage), protocols and security services used in networks (IEEE 802.1x, DHCP Snooping, Dynamic ARP Inspection), wireless network security and ready-made security systems (firewalls, IPS/IDS systems, WAF, DLP) will be presented. Methods for connecting company branches (secure VPN tunnels) will also be presented. The training will allow for an introduction to the operation of such systems, their specifics and methods of designing and connecting such solutions, while showing how to build a well-secured network that will be easy to maintain and expand. Participants will have the opportunity to configure and test the operation of many of the presented mechanisms in practice (firewall, IPS/IDS system, DLP system, VPN tunnels and many others) and convince themselves of their security and proper functioning.

Format of the Course

  • Interactive lecture and discussion.
  • Lots of exercises and practice.
  • Hands-on implementation in a live-lab environment.

Course Customization Options

  • To request a customized training for this course, please contact us to arrange.
Course Outline:

Introduction – what is security?

  • Some basic definitions and how to think about security
  • Attacker profiles, or who might want to attack us and why
  • Simple risk management, or what to protect first
  • Threat and vulnerability assessment
  • Sources of good practices and recommendations

Basic confidentiality and integrity mechanisms

  • Encryption – Basic Algorithms, Where They Are Used and What They Give Us
  • Cryptographic attacks – which algorithms to avoid and why
  • Integrity – How to protect data from modification
  • Certificates and public key infrastructure (PKI)
  • Man-in-the-middle attacks
  • Secure password storage
  • Password Cracking and User Database Leaks – What’s It All About?

Network security services

  • AAA model
  • Authentication and authorization protocols (RADIUS, TACACS, Kerberos)
  • IEEE 802.1x – User and Device Authentication
  • Protection of services in local networks (DHCP Snooping, Dynamic ARP Inspection)

Security systems

  • Firewalls – types, methods of operation, configuration
  • Intrusion prevention systems (IPS/IDS)
  • Data Leak Protection (DLP)
  • Event logging systems

Wireless networks

  • WEP, WPA, WPS – what is it all about?
  • Attempted hacking, or what can be obtained from intercepted traffic

Building a wide area network – connecting branches

  • Traffic Tunneling Protocols – The Basics
  • VPN Tunnels – Types (Site-to-Site and Remote Access)
  • Corporate vs. Public VPNs – What’s the Deal?
  • Security Problems – or What Solutions Not to Use

Security testing

  • Penetration Testing – What Is It All About?
  • Network scanning and vulnerability detection
  • Network attack attempt
Sites Published:

Polska - Bezpieczeństwo sieci komputerowych – jak zabezpieczyć swoje usługi