Network Defense

May 2 – May 4
9am – 5pm

This 3 day, hands-on class helps students develop robust ingress and egress filtering to mitigate threats of sophisticated malware. Learn the foundations of a solid defense strategy with techniques that will make your network a tough target. Taught from an offensive perspective, you will assume the role of an attacker. Once you have explored the attack concepts you will learn how to defend against these attacks. Additionally, you will learn how to segment and isolate an architecture in the event of a compromise. At the end of the course, participate in a war game event with your fellow students that will reinforce the topics you learned in the class.


Module 1:
Introduction to Network Defense

• Security Model
LAB: Security Model
• Security Posture
• Risk Management
• Risk Assessment
• Defining Types of Risk
• Security Policy
LAB: Allowing a Service

Module 2:
TCP/IP 101

• Introduction and Overview
• Introducing TCP/IP Networks
• What TCP/IP Provides: Key Application Services and Multivendor Capabilities TCP/IP and the Internet
• Internet RFCs and STDs
• TCP/IP Protocol Architecture
• Protocol Layering Concepts
• TCP/IP Layering
• Components of TCP/IP Networks

Module 3:
Introduction to Hacking

• Review of the Hacking Process
• Hacking Methodology
• Intelligence Gathering
• Footprinting
• Scanning
• Enumeration
• Identify Vulnerabilities
• Exploitation
• Covering Tracks
LAB: Hacking


Module 4:
Vulnerability Management

• Challenges of Vulnerability Assessment
• System Vulnerabilities
• Desktop Vulnerabilities
• Interpreting Advisory Notices
• Vulnerability Sites
• Lifecycle of A vulnerability and Exploit
• Challenges of Zero-day Vulnerability
• Exploitation of a Vulnerability
• Vulnerability Scanners
LAB: Vulnerability Assessment
• Prioritizing Vulnerabilities
LAB: Vulnerability Severity

Module 5:
Basic Concepts of Filtering and Best Practices

• Perimeter Configuration and Security
• Router Hardening
• Turning off Services Not Required
• Routing Protocol Weaknesses
LAB Basic Filtering
• Segmentation and Isolation – Establishing Security Zones

Module 6:
Cryptography as a Defense

• Symmetric
• Asymmetric
• Strengths and Weaknesses
• Key Strength and Protection
• Algorithms – Block, Stream
LAB Algorithms
• Protecting Data in Transit and at Rest
• Digital Signatures
• Hashing to Ensure Integrity
LAB Hashing
• Securing Remote Access: SSH, SCP, IPsec
LAB Remote Access


Module 7:
Deploying Countermeasures

• Strong Passwords
• Multi-Factor Authentication
• Top Mitigation Techniques
• Patch Applications: Adobe, Browsers, Office Applications
• Patch the Operating Systems: Windows Update, Third Party, Manual
• Practice the Concept of Least Privileges and Limit the Number of Administrator Accounts
LAB Deploying Countermeasures
• Application Whitelisting: AppLocker, Third Party, Identification, Prevention of Rogue Apps, Restricting Changes
LAB Application Whitelisting – Exploit Mitigation

Module 8:
Host Based Protection

• Firewall
• Monitoring
• Auditing
• Detecting Intrusions
• False Positives
• False Negatives
• Establishing a Monitoring Threshold
• Log Analysis
• Event Viewer

Module 9:
Introduction to Concepts of Advanced Defense

• Advanced Filtering
• Secure Network Architectures
• Web Applications
• Memory Analysis
• Network Access Protection
• Wireless Security

Module 10:
Attackers and Defenders

• War games

• Award-Winning Instructor
• Instructor Certified in What They Teach
• Instructor Who Is Practitioner – Bringing Expertise and Real-World Experience to Classroom
• Official Courseware
• Hands-on Training
• Certificate of Completion
• Lunch Every Day
• Snacks and Coffee Breaks for Duration of Training
• Instructor Availability
• Lifetime Membership to Hacker University
• Reduced Rates on Parameter Security’s Services
• Complimentary Pass to the Two Day ShowMeCon Conference
• Access to Conference Welcome Reception & After Parties
• And More

COST: $1,750 per person


QUESTIONS? Call us at 314.442.0472 or email info (at) showmecon (dot) com

(C) 2014 Parameter Security