Course Details/Schedule

Day 1

Measuring and Weighing Risk

• Risk Assessment
• Computing Risk Assessment 
• Acting on Your Risk Assessment 
• Risks Associated with Cloud Computing 
• Risks Associated with Virtualization 
• Developing Policies, Standards, and Guidelines 
• Implementing Policies 
• Understanding Control Types and False Positives/Negatives 
• Risk Management Best Practices 
• Disaster Recovery

Monitoring and Diagnosing Networks 

• Monitoring Networks 
• Network Monitors 
• Understanding Hardening 
• Working with Services 
• Patches 
• User Account Control 
• Filesystems 
• Securing the Network 
• Security Posture 
• Continuous Security Monitoring 
• Setting a Remediation Policy 
• Reporting Security Issues 
• Alarms 
• Alerts 
• Trends 
• Differentiating between Detection Controls and Prevention Controls

Understanding Devices and Infrastructure 

• Mastering TCP/IP 
• OSI Relevance 
• Working with the TCP/IP Suite 
• IPv4 and IPv6 
• Understanding Encapsulation 
• Working with Protocols and Services 
• Designing a Secure Network 
• Demilitarized Zones 
• Subnetting 
• Virtual Local Area Networks 
• Remote Access 
• Network Address Translation 
• Telephony 
• Network Access Control 
• Understanding the Various Network Infrastructure Devices 
• Firewalls 
• Routers 
• Switches 
• Load Balancers 
• Proxies 
• Web Security Gateway 
• VPNs and VPN Concentrators 
• Intrusion Detection Systems
• Understanding Intrusion Detection Systems 
• IDS vs. IPS 
• Working with a Network-Based IDS 
• Working with a Host-Based IDS 
• Working with NIPSs 
• Protocol Analyzers 
• Spam Filters 
• UTM Security Appliances

Day 2

Access Control, Authentication, and Authorization 

• Understanding Access Control Basics 
• Identification vs. Authentication 
• Authentication (Single Factor) and Authorization 
• Multifactor Authentication
• Layered Security and Defense in Depth 
• Network Access Control 
• Tokens 
• Federations 
• Potential Authentication and Access Problems 
• Authentication Issues to Consider 
• Authentication Protocols 
• Account Policy Enforcement 
• Users with Multiple Accounts/Roles 
• Generic Account Prohibition 
• Group-based and User-assigned Privileges 
• Understanding Remote Access Connectivity 
• Using the Point-to-Point Protocol 
• Working with Tunneling Protocols 
• Working with RADIUS 
• TACACS/TACACS+/XTACACS 
• VLAN Management 
• SAML 
• Understanding Authentication Services 
• LDAP 
• Kerberos 
• Single Sign-On Initiatives 
• Understanding Access Control 
• Mandatory Access Control 
• Discretionary Access Control 
• Role-Based Access Control 
• Rule-Based Access Control
• Implementing Access Controlling Best Practices 
• Least Privileges 
• Separation of Duties 
• Time of Day Restrictions 
• User Access Review 
• Smart Cards 
• Access Control Lists 
• Port Security 
• Working with 802.1X 
• Flood Guards and Loop Protection 
• Preventing Network Bridging 
• Log Analysis 
• Trusted OS 
• Secure Router Configuration

Protecting Wireless Networks 

• Working with Wireless Systems 
• IEEE 802.11x Wireless Protocols 
• WEP/WAP/WPA/WPA2 
• Wireless Transport Layer Security 
• Understanding Wireless Devices 
• Wireless Access Points 
• Extensible Authentication Protocol 
• Lightweight Extensible Authentication Protocol 
• Protected Extensible Authentication Protocol 
• Wireless Vulnerabilities to Know 
• Wireless Attack Analogy

Day 3

Securing the Cloud 

• Working with Cloud Computing 
• Software as a Service (SaaS) 
• Platform as a Service (PaaS) 
• Infrastructure as a Service (IaaS) 
• Private Cloud 
• Public Cloud 
• Community Cloud 
• Hybrid Cloud 
• Working with Virtualization 
• Snapshots 
• Patch Compatibility 
• Host Availability/Elasticity 
• Security Control Testing 
• Sandboxing 
• Security and the Cloud 
• Cloud Storage

Host, Data, and Application Security 

• Application Hardening 
• Databases and Technologies 
• Fuzzing 
• Secure Coding 
• Application Configuration Baselining
• Operating System Patch Management 
• Application Patch Management 
• Host Security 
• Permissions 
• Access Control Lists 
• Antimalware 
• Host Software Baselining 
• Hardening Web Servers 
• Hardening Email Servers 
• Hardening FTP Servers 
• Hardening DNS Servers 
• Hardening DHCP Services 
• Protecting Data Through Fault Tolerance 
• Backups 
• RAID 
• Clustering and Load Balancing 
• Application Security 
• Best Practices for Security 
• Data Loss Prevention 
• Hardware-Based Encryption Devices

Cryptography 

• An Overview of Cryptography 
• Historical Cryptography 
• Modern Cryptography 
• Working with Symmetric Algorithms 
• Working with Asymmetric Algorithms 
• What Cryptography Should You Use? 
• Hashing Algorithms 
• Rainbow Tables and Salt 
• Key Stretching 
• Understanding Quantum Cryptography 
• Cryptanalysis Methods 
• Wi-Fi Encryption 
• Using Cryptographic Systems 
• Confidentiality and Strength 
• Integrity 
• Digital Signatures 
• Authentication 
• Nonrepudiation 
• Key Features

Day 4

• Understanding Cryptography Standards and Protocols 
• The Origins of Encryption Standards 
• Public-Key Infrastructure X.509 / Public-Key Cryptography Standards 
• X.509 
• SSL and TLS 
• Certificate Management Protocols 
• Secure Multipurpose Internet Mail Extensions 
• Secure Electronic Transaction 
• Secure Shell 
• Pretty Good Privacy 
• HTTP Secure 
• Secure HTTP 
• IP Security 
• Tunneling Protocols 
• Federal Information Processing Standard 
• Using Public-Key Infrastructure 
• Using a Certificate Authority 
• Working with Registration Authorities and Local Registration Authorities 
• Implementing Certificates 
• Understanding Certificate Revocation 
• Implementing Trust Models 
• Hardware-Based Encryption Devices 
• Data Encryption
• Malware, Vulnerabilities, and Threats 
• Understanding Malware 
• Surviving Viruses 
• Symptoms of a Virus Infection 
• How Viruses Work 
• Types of Viruses 
• Managing Spam to Avoid Viruses 
• Antivirus Software 
• Understanding Various Types of Attacks 
• Identifying Denial-of-Service and Distributed Denial-of-Service Attacks 
• Spoofing Attacks 
• Pharming Attacks 
• Phishing, Spear Phishing, and Vishing 
• Xmas Attack
• Man-in-the-Middle Attacks 
• Replay Attacks 
• Smurf Attacks 
• Password Attacks 
• Privilege Escalation 
• Malicious Insider Threats 
• Transitive Access 
• Client-Side Attacks 
• Typo Squatting and URL Hijacking 
• Watering Hole Attack 
• Identifying Types of Application Attacks 
• Cross-Site Scripting and Forgery 
• SQL Injection 
• LDAP Injection 
• XML Injection 
• Directory Traversal/Command Injection 
• Buffer Overflow 
• Integer Overflow 
• Zero-Day Exploits 
• Cookies and Attachments 
• Locally Shared Objects and Flash Cookies 
• Malicious Add-Ons 
• Session Hijacking 
• Header Manipulation 
• Arbitrary Code and Remote Code Execution 
• Tools for Finding Threats 
• Interpreting Assessment Results 
• Tools to Know 
• Risk Calculations and Assessment Types

Day 5

Social Engineering and Other Foes 

• Understanding Social Engineering 
• Types of Social Engineering Attacks 
• What Motivates an Attack? 
• The Principles Behind Social Engineering 
• Social Engineering Attack Examples 
• Understanding Physical Security 
• Hardware Locks and Security 
• Mantraps 
• Video Surveillance 
• Fencing
• Access List 
• Proper Lighting 
• Signs 
• Guards 
• Barricades 
• Biometrics 
• Protected Distribution 
• Alarms 
• Motion Detection 
• Environmental Controls 
• HVAC 
• Fire Suppression 
• EMI Shielding 
• Hot and Cold Aisles 
• Environmental Monitoring 
• Temperature and Humidity Controls 
• Control Types 
• A Control Type Analogy 
• Data Policies 
• Destroying a Flash Drive 
• Some Considerations 
• Optical Discs

Security Administration 

• Third-Party Integration 
• Transitioning 
• Ongoing Operations 
• Understanding Security Awareness and Training 
• Communicating with Users to Raise Awareness 
• Providing Education and Training 
• Safety Topics 
• Training Topics 
• Classifying Information 
• Public Information 
• Private Information 
• Information Access Controls 
• Security Concepts 
• Complying with Privacy and Security Regulations 
• The Health Insurance Portability and Accountability Act 
• The Gramm-Leach-Bliley Act
• The Computer Fraud and Abuse Act 
• The Family Educational Rights and Privacy Act 
• The Computer Security Act of 1987 
• The Cyberspace Electronic Security Act 
• The Cyber Security Enhancement Act 
• The Patriot Act 
• Familiarizing Yourself with International Efforts 
• Mobile Devices 
• BYOD Issues 
• Alternative Methods to Mitigate Security Risks

Disaster Recovery and Incident Response 

• Issues Associated with Business Continuity 
• Types of Storage Mechanisms 
• Crafting a Disaster-Recovery Plan 
• Incident Response Policies 
• Understanding Incident Response 
• Succession Planning 
• Tabletop Exercises 
• Reinforcing Vendor Support 
• Service-Level Agreements 
• Code Escrow Agreements 
• Penetration Testing 
• What Should You Test? 
• Vulnerability Scanning