Website: http://www.btstraining.com
Toll Free: 1-877-Info2Day
Email: info@btstraining.com
Hands-On
Network Security
IPsec / VPNs / Firewalls / Wireless
 
Course Description
This Hands-On course is designed to expand an attendees general knowledge of networking into leading edge technologies. Attendees will learn about the security risks all networks present and some of the key security solutions to meet these challenges needed for new and old technologies in service today. Specifically, the student will learn about secure networking via VLANs and VPNs delivered by tunneling or the hot new concept of MPLS VPNs.

Security inevitably involves trade-offs in practice. Real systems need to provide reliable operation while still offering sufficient effective system power.
Designing secure systems involves building systems that are difficult for an attacker to defeat. To understand this well, the course first demonstrates the most popular hacking techniques for compromising systems and then teaches how these techniques can be defeated by good design and security features.
Students Will Learn
Target Audience
Anyone responsible for, or interested in a Real-World practical hands-on approach to Security in Data Networking Technologies, Modern Techniques, Applications and Design. This includes Telecom professionals, outside plant field, network operations staff, central office technicians, technical marketing staff, help desk agents, project managers, network engineers, network administrators, voice engineers, and those in charge of converging voice and data networks.
Prerequisites
Attendees should already be familiar with the TCPIP protocol, routing and switching technologies in a network as well as common operating systems. Attendees should bring their own laptop computers to undertake the practical hands-on sessions in class.
Course Outline

Module I:    Security Fundamentals

Locating what needs to be secured

Identifying the range of Network Vulnerabilities

Analyzing the consequences of successful network attacks

Applying MOM analysis of threats

Security efficiency tradeoffs

Footprinting and Intelligence Gathering

Acquiring target information

Locating useful and relevant information

Scavenging published data

Mining archive sites

Scanning and enumerating resources

Identifying Vulnerabilities

Correlating weaknesses and exploits

Researching databases

Determining target configuration

What hackers need to attack a network

Analyzing the hacking tools Hands-on

Evaluating Vulnerability Assessment tools

Leveraging opportunities for attack

Hands-on exercise capturing and analysing traffic

 

 

 

Module II:    Addressing and Spoofing

 

Identifying addresses and names used in our network

Address duplication methods

MAC addresses duplication methods

IP address discovery and spoofing

Hands-on Exercise Spoofing addresses

Communications using TCP and UDP Ports

Firewall use of port filters

Discovering filtered ports

Manipulating ports to gain access

Connecting to blocked services

Hands-on exercise Port scanning

Defeating firewalls

Port scanning countermeasures

Hands-on exercise detecting port scanning

 

 

 

Module III:   Naming

 

Domain Name Service issues

Poisoning DNS

Gaining control of browsers

Creating custom malware

Harvesting client information

Enumerating internal data

Spoofing names and the impact of spoofed name

Hands-on Exercise spoofing DNS names

Implementing countermeasures to DNS spoofing

 

 

 

Module IV:   Authentication Systems

 

Pivoting and island hopping

Deploying portable media attacks

Routing through compromised clients

Forwarding and redirecting ports

Pilfering target information

Stealing password hashes

Hands-on exercise password scanning

Hands-on exercise defeating Password Scanning

 

 

 

Module V:    External Connections

 

Testing Antivirus and IDS Security

Masquerading network traffic

Sidestepping perimeter defenses

Evading antivirus systems

Falsifying file headers to inject malware

Discovering the gaps in antivirus protection

Hands-on exercise analyzing external connections

 

 

 

Module VI:    Using Confidentiality Techniques to Defeat Sniffers

 

Using service separation techniques to isolate risk

Separating services on LANs using VLANs

Hands-on exercise deploying VLANs

Separating services over WANs using MPLS Paths

Deploying VPN Security

Separating Services using Encrypted Tunnels

Deploying Authentication options

Encryption: Symmetric and Asymmetric

DES, RSA, AES

Exploiting IPSec for VPNs over the Internet

Using PPTP Tunnels

Authenticating using RADIUS and DIAMETER  

L2TP

Key management

Public Key Infrastructures for Private Data Exchange

Corporate security policies

Hands-on Exercise using VPN to defeat sniffing

 

 

Module VII:    Wireless Vulnerability

 

Analyzing how WiFi works

Security using WEP

Hiding access points

Hands-on Exercise scanning for access points

WEP vulnerabilities

Hands-on Exercise Hacking a Wireless Access Point using WEP

WiFi security countermeasures

Deploying IEEE 802 Security concepts

Understanding EAP, WPA and WPA-2

Deploying AAA

Hands-on exercise Implementing WPA to defeat hacking and testing vulnerability

 

 

Module VIII:   Compromising operating systems

 

Examining Windows protection modes

Analyzing Linux/UNIX processes

Subverting Web applications

Injecting SQL and HTML code

Bypassing authentication mechanisms

Manipulating Clients to Uncover Internal Threats

Baiting and snaring inside users

 

 

Review and Evaluation

 

 
Delivery Method
Instructor-Led with numerous Hands-On labs and exercises.
Equipment Requirements
(This apply's to our hands-on courses only)
BTS always provides equipment to have a very successful Hands-On course. BTS also encourages all attendees to bring their own equipment to the course. This will provide attendees the opportunity to incorporate their own gear into the labs and gain valuable training using their specific equipment.
Course Length
3 Days

Website: http://www.btstraining.com
Toll Free: 1-877-Info2Day
Email: info@btstraining.com