TypeClassroom Training
REGISTER

Contact Us

Fields marked with an * are required

 

CAST614-portfolio

Description

Audience & Prerequisites

Course Outline

Schedule & Fees

Certification

CAST 614 Advanced Network Defense

With this course, students can be among the few who rise above the old thought of the hacker having all the fun, taking pride being the defender, and forming an unpleasant mindset. Students will be estimating techniques of defense strengthening by establishing perfect security by reviewing best methodologies and practices for secure environments.

Objectives

  • Comprehend XSS
  • Comprehend SQL Injection
  • Comprehend Network Access Protection (NAP)
  • Comprehend NAP Components
  • Comprehend NAP Enforcement
  • Comprehend xp_cmdshell
  • Comprehend SQL Inject Me
  • Comprehend XSS ME
  • Choose the Right Database
  • Implement User-Based Identity Access Control
  • Comprehend Injection Flaws
  • Comprehend Cross Site Scripting
  •  Comprehend Broken Authentication
  • Comprehend Insecure Cryptographic Storage
  • Comprehend Reverse Engineering Web Apps

Intended Audience

The ideal student should have a development background, coding or architecting background either previously or currently. This course is also best suited for application developers and security professionals.

Course Outline                                       Duration: 3 Days

01. Firewalls

  • Firewalls
  • Firewall Types: Stateless Packet Filters
  • Improving Device Remote-Access Security
  • Locking Down the Console Port
  • Protecting Terminal Lines
  • Establishing Encrypted Communications
  • Configuring HTTPS
  • Configuring SSH

02. Advanced Filtering

  • Advanced Filtering Techniques
  • Ingress Filtering
  • Egress Filtering
  • Source Address Verification (SAV)
  • uRPF
  • Additional Filtering Considerations
  • Time-Based ACLs
  • Reflexive ACLs
  • Reflexive ACL vs. Static ACL
  • Context-Based Access Control (CBAC)
  • Essential Steps to Harden Routers

03. Firewall Configuration 

  •  Advanced Filtering Techniques
  •  Firewall Types: Stateful Packet Filters
  •  Application Proxies
  •  Application Proxies vs. Stateful Packet filters
  •  Web Application Firewalls
  •  Web Application Firewall Types
  •  Web Application Firewall Products
  •  Firewall Architecture
  •  Screened Subnet Firewall
  •  The Classic Firewall Architecture
  •  Belt and Braces Firewall
  •  Separate Services Subnet

04. Hardening: Establishing a Secure Baseline

  • Windows NT/2000/2003 and XP
  •  Windows 2000/2003/XP
  •  Windows 2003
  •  Windows Vista
  •  Server 2003 Architecture
  •  Broken Kernel
  •  Modes of the OS
  •  UNIX/Linux
  •  Secure Server Guidelines
  •  Hardening Systems
  •  Security Compliance Manager
  •  Device Security
  •  Essential Steps to Harden Switches

05. Intrusion Detection and Prevention Why Intrusion Detection?

  • Windows NT/2000/2003 and XP
  •  Fortress Mentality
  •  Intrusion Detection 101
  •  What is Intrusion Detection?
  •  False positives!
  •  Topology concerns
  •  Recommended in most circles
  •  Realistic
  •  Intrusion Prevention
  •  Types of IPS
  •  Host-Based Intrusion Prevention Systems
  •  Host-Based Intrusion Prevention Systems

06. Protecting Web Applications

  • Windows NT/2000/2003 and XP
  •  Top 10 www.owasp.org
  •  Injection Flaws
  •  Cross Site Scripting
  •  Broken Authentication
  •  Insecure Cryptographic Storage
  •  Reverse Engineering Web Apps
  •  Tools
  •  Hackbar
  •  Tamper Data
  •  The Two Main Attacks for Web
  •  XSS
  •  SQL Injection
  •  xp_cmdshell
  •  There is More
  •  More Tools
  •  SQL Inject Me
  •  XSS ME
  •  Choose The Right Database
  •  Practice, Practice, Practice
  •  Tutorials
  •  Mutillidae
  •  Web Application Firewalls
  •  Components of Web Application Firewall

07. Memory Analysis

  • Data Types Revisited
  •  Volatile
  •  System date and time
  •  Current network connections and Open ports
  •  Processes that opened ports
  •  Cached NetBIOS Names
  •  Users Currently Logged On
  •  Internal routing
  •  Running Processes
  •  Pslist
  •  Trivia
  •  Pslist –t
  •  TasklistTlist
  •  Running Services
  •  Open Files
  •  Process Memory Dumps

08. Endpoint protection

  • Introduction to NAC
    • NAC Defined
    • NAC General Architecture
    • NAC General Architecture Illustrated
    • NAC Concepts
    • Inline NAC
    • Out-of-Band
    • Identifying NAC Requirements
    • Implementing User-Based Identity Access
    Control
    • Network Access Protection (NAP)
    • NAP Components
    • NAP Enforcement
    • NAP Best Practices
    • 802.1x
    • EAP Explained

09. Securing Wireless

  • Wireless Tools
  •  Wireless Vulnerabilities Summary
  •  MAC Filtering
  •  Hiding Access Points
  •  Hijacking
  •  Jamming
  •  Identifying Targets
  •  Wardriving
  • Sniffing on Wireless
  •  Attacking Encrypted Networks
  •  Wep Data
  •  The other case
  •  Reality
  •  WPA Tools
  •  WPA
  •  LEAP
  •  Asleap
  •  Comparison

Please write to us at info@itstechschool.com & contact us at +91-9870480053 for the course price & certification cost, schedule & location

Drop Us a Query

Certification

For more info kindly contact us.


Reviews