Certified Network Defender (Exam Included)

Formation inter-entreprise

À qui s'adresse la formation?

Tout public

Niveau atteint

Avancé

Durée

5,00 jour(s)

Langues(s) de prestation

EN

Prochaine session

Objectifs

Certified Network Defender (CND) is a vendor-neutral, hands-on, instructor-led comprehensive network security certification training program. It is a skills-based, lab intensive program based on a job-task analysis and cybersecurity education framework presented by the National Initiative of Cybersecurity Education (NICE). The program prepares network administrators on network security technologies and operations to attain Defense-in-Depth network security preparedness. It covers the protect, detect and respond approach to network security.

Contenu

The program prepares network administrators on network security technologies and operations to attain Defense-in-Depth network security preparedness. It covers the protect, detect and respond approach to network security. The course contains hands-on labs, based on major network security tools and techniques which will provide network administrators real world expertise on current network security technologies and operations. The study-kit provides you with over 10 GB of network security best practices, assessments and protection tools. The kit also contains templates for various network policies and a large number of white papers for additional learning.

Objectives
  • Computer Network and Defense Fundamentals.
  • Network Security Threats, Vulnerabilities, and Attacks.
  • Network Security Controls, Protocols, and Devices.
  • Network Security Policy Design and Implementation.
  • Physical Security.
  • Host Security.
  • Secure Firewall Configuration and Management.
  • Secure IDS Configuration and Management.
  • Secure VPN Configuration and Management.
  • Wireless Network Defense.
  • Network Traffic Monitoring and Analysis.
  • Network Risk and Vulnerability Management.
  • Data Backup and Recovery.
  • Network Incident Response and Management.

Points abordés

Module 01: Computer Network and Defense Fundamentals

  • Network Fundamentals
  • Network Components
  • TCP/IP Networking Basics
  • TCP/IP Protocol Stack
  • IP Addressing
  • Computer Network Defense (CND)
  • CND Triad
  • CND Process
  • CND Actions
  • CND Approaches

Module 02: Network Security Threats, Vulnerabilities, and Attacks

  • Essential Terminologies
  • Network Security Concerns
  • Network Security Vulnerabilities
  • Network Reconnaissance Attacks
  • Network Access Attacks
  • Denial of Service (DoS) Attacks
  • Distributed Denial-of-Service Attack (DDoS)
  • Malware Attacks

Module 03: Network Security Controls, Protocols, and Devices

  • Fundamental Elements of Network Security
  • Network Security Controls
  • User Identification, Authentication, Authorization and Accounting
  • Types of Authorization Systems
  • Authorization Principles
  • Cryptography
  • Security Policy
  • Network Security Devices
  • Network Security Protocols

Module 04: Network Security Policy Design and Implementation

  • What is Security Policy?
  • Internet Access Policies
  • Acceptable-Use Policy
  • User-Account Policy
  • Remote-Access Policy
  • Information-Protection Policy
  • Firewall-Management Policy
  • Special-Access Policy
  • Network-Connection Policy
  • Business-Partner Policy
  • Email Security Policy
  • Passwords Policy
  • Physical Security Policy
  • Information System Security Policy
  • Bring Your Own Devices (BYOD) Policy
  • Software/Application Security Policy
  • Data Backup Policy
  • Confidential Data Policy
  • Data Classification Policy
  • Internet Usage Policies
  • Server Policy
  • Wireless Network Policy
  • Incidence Response Plan (IRP)
  • User Access Control Policy
  • Switch Security Policy
  • Intrusion Detection and Prevention (IDS/IPS) Policy
  • Personal Device Usage Policy
  • Encryption Policy
  • Router Policy
  • Security Policy Training and Awareness
  • ISO Information Security Standards
  • Payment Card Industry Data Security Standard (PCI-DSS)
  • Health Insurance Portability and Accountability Act (HIPAA)
  • Information Security Acts: Sarbanes Oxley Act (SOX)
  • Information Security Acts: Gramm-Leach-Bliley Act (GLBA)
  • Information Security Acts: The Digital Millennium Copyright Act (DMCA) and Federal Information Security Management Act (FISMA)
  • Other Information Security Acts and Laws

Module 05: Physical Security

  • Physical Security
  • Access Control Authentication Techniques
  • Physical Security Controls
  • Other Physical Security Measures
  • Workplace Security
  • Personnel Security: Managing Staff Hiring and Leaving Process
  • Laptop Security Tool: EXO5
  • Environmental Controls
  • Physical Security: Awareness /Training
  • Physical Security Checklists

Module 06: Host Security

  • Host Security
  • OS Security
  • Linux Security
  • Securing Network Servers
  • Hardening Routers and Switches
  • Application/software Security
  • Data Security
  • Virtualization Security

Module 07: Secure Firewall Configuration and Management

  • Firewalls and Concerns
  • What Firewalls Does?
  • What should you not Ignore?: Firewall Limitations
  • How Does a Firewall Work?
  • Firewall Rules
  • Types of Firewalls
  • Firewall Technologies
  • Firewall Topologies
  • Firewall Rule Set & Policies
  • Firewall Implementation
  • Firewall Administration
  • Firewall Logging and Auditing
  • Firewall Anti-evasion Techniques
  • Why Firewalls are Bypassed?
  • Full Data Traffic Normalization
  • Data Stream-based Inspection
  • Vulnerability-based Detection and Blocking
  • Firewall Security Recommendations and Best Practices
  • Firewall Security Auditing Tools

Module 08: Secure IDS Configuration and Management

  • Intrusions and IDPS
  • IDS
  • Types of IDS Implementation
  • IDS Deployment Strategies
  • Types of IDS Alerts
  • IPS
  • IDPS Product Selection Considerations
  • IDS Counterparts

Module 09: Secure VPN Configuration and Management

  • Understanding Virtual Private Network (VPN)
  • How VPN works?
  • Why to Establish VPN?
  • VPN Components
  • VPN Concentrators
  • Types of VPN
  • VPN Categories
  • Selecting Appropriate VPN
  • VPN Core Functions
  • VPN Technologies
  • VPN Topologies
  • Common VPN Flaws
  • VPN Security
  • Quality Of Service and Performance in VPNs

Module 10: Wireless Network Defense

  • Wireless Terminologies
  • Wireless Networks
  • Wireless Standard
  • Wireless Topologies
  • Typical Use of Wireless Networks
  • Components of Wireless Network
  • WEP (Wired Equivalent Privacy) Encryption
  • WPA (Wi-Fi Protected Access) Encryption
  • WPA2 Encryption
  • WEP vs. WPA vs. WPA2
  • Wi-Fi Authentication Method
  • Wi-Fi Authentication Process Using a Centralized Authentication Server
  • Wireless Network Threats
  • Bluetooth Threats
  • Wireless Network Security
  • Wi-Fi Discovery Tools
  • Locating Rogue Access points
  • Protecting from Denial-of-Service Attacks: Interference
  • Assessing Wireless Network Security
  • Wi-Fi Security Auditing Tool: AirMagnet WiFi Analyzer
  • WPA Security Assessment Tool
  • Wi-Fi Vulnerability Scanning Tools
  • Deploying Wireless IDS (WIDS) and Wireless IPS (WIPS)
  • WIPS Tool
  • Configuring Security on Wireless Routers
  • Additional Wireless Network Security Guidelines

Module 11: Network Traffic Monitoring and Analysis

  • Network Traffic Monitoring and Analysis(Introduction)
  • Router Based Monitoring Techniques
  • Non-Router Based Monitoring Techniques
  • Network Monitoring: Positioning your Machine at Appropriate Location
  • Network Traffic Signatures
  • Packet Sniffer: Wireshark
  • Detecting OS Fingerprinting Attempts
  • Detecting PING Sweep Attempt
  • Detecting ARP Sweep/ ARP Scan Attempt
  • Detecting TCP Scan Attempt
  • Detecting SYN/FIN DDOS Attempt
  • Detecting UDP Scan Attempt
  • Detecting Password Cracking Attempts
  • Detecting FTP Password Cracking Attempts
  • Detecting Sniffing (MITM) Attempts
  • Detecting the Mac Flooding Attempt
  • Detecting the ARP Poisoning Attempt
  • Additional Packet Sniffing Tools
  • Network Monitoring and Analysis
  • Bandwidth Monitoring

Module 12: Network Risk and Vulnerability Management

  • What is Risk?
  • Risk Levels
  • Risk Matrix
  • Key Risk Indicators(KRI)
  • Risk Management Phase
  • Enterprise Network Risk Management
  • Vulnerability Management

Module 13: Data Backup and Recovery

  • Introduction to Data Backup
  • RAID (Redundant Array Of Independent Disks) Technology
  • Storage Area Network (SAN)
  • Network Attached Storage (NAS)
  • Selecting Appropriate Backup Method
  • Choosing the Right Location for Backup
  • Backup Types
  • Conducting Recovery Drill Test
  • Data Recovery
  • Windows Data Recovery Tool
  • RAID Data Recovery Services
  • SAN Data Recovery Software
  • NAS Data Recovery Services

Module 14: Network Incident Response and Management

  • Incident Handling and Response
  • Incident Response Team Members: Roles and Responsibilities
  • First Responder
  • Incident Handling and Response Process
  • Overview of IH&R Process Flow

Ces formations pourraient vous intéresser