Network Security and Firewalls

Network Security and Firewalls teaches you how to secure your network from unauthorized activity. This course teaches you about security principles, such as establishing an effective security policy, and about the different types of hacker activities that you are most likely to encounter.

Prerequisites

Students must have completed the CIW Foundations and CIW Internetworking Professional series or be able to demonstrate equivalent Internet knowledge.

This course will define security and explain the need for network security, identify resources that need security and list security standards and organizations. It will explain the need for access control methods and describe the function of an access control list. It will describe the universal guidelines and principles for effective network security. Discuss network security management applications. Describe the role a firewall plays in a company’s security policy. This course will explain on securing resources, Firewalls and Virtual Private Networks, Levels of Firewall Protection, Detecting and Distracting Hackers.

Learning Level: Intermediate

Duration: 2day(s)

• Network Security Background
• What Is Security?
• Hacker Statistics
• What Is the Risk?
• The Myth of 100-Percent Security
• Attributes of an Effective Security Matrix
• What You Are Trying to Protect
• Who Is the Threat?
• Security Standards

• Security Concepts and Mechanisms
• Elements of Security
• The Security Policy
• Encryption
• Authentication
• Specific Authentication Techniques
• Access Control
• Auditing
• Security Tradeoffs and Drawbacks

• Reasons to Use Encryption
• Creating Trust Relationships
• Rounds, Parallelization and Strong
• Encryption
• Symmetric-Key Encryption
• Symmetric Algorithms
• Asymmetric Encryption
• Hash Encryption
• Applied Encryption Processes
• Encryption Review

• Attack Categories
• Brute-Force and Dictionary Attacks
• System Bugs and Back Doors
• Social Engineering and Non-Direct
• Attacks
   

• Introduction
• Be Paranoid
• You Must Have a Security Policy
• No System or Technique Stands Alone
• Minimize the Damage
• Deploy Companywide Enforcement
• Provide Training
• Use an Integrated Security Strategy
• Place Equipment According to Needs
• Identify Security Business Issues

• TCP/IP Security Introduction
• TCP/IP and Network Security
• The TCP/IP Suite and the OSI
• Reference Model
• Physical Layer
• Network Layer
• Transport Layer
• Application Layer
   

• TCP/IP Security Vulnerabilities
• Implementing Security
• Resources and Services
• Protecting TCP/IP Services
• Simple Mail Transfer Protocol (SMTP)
• Testing and Evaluating
• Implementing New Systems and Settings
• Security Testing Software
• Security and Repetition

• Access Control Overview
• Definition and Description of a Firewall
• The Role of a Firewall
• Firewall Terminology
• Firewall Configuration Defaults
• Creating Packet Filter Rules
• Packet Filter Advantages and
• Disadvantages
• Configuring Proxy Servers
• Remote Access and Virtual Private
• Networks (VPNs)
• Public Key Infrastructure (PKI)

• Designing a Firewall
• Types of Bastion Hosts
• Hardware Issues
• Common Firewall Designs
• Putting It All Together
   

• Preparing for the Inevitable
• Proactive Detection
• Distracting the Hacker
• Deterring the Hacker

• Planning for Response
• Create a Response Policy
• Decide Ahead of Time
• Do Not Panic
• Document Everything
• Assess the Situation
• Stop or Contain Activity
• Execute the Response Plan
• Analyze and Learn