shriftSinf ta'limi
ro'yxatdan o'tish
CAST614-portfeli

Tavsif

Tomoshabin va old shartlar

Kursning tasviri

Dastur va tariflar

tasdiqlash

Murakkab Tarmoq mudofaasi - CAST 614

Ushbu kurs bilan talabalar hackerning barcha fikr-mulohazalariga ega bo'lgan eski fikrdan yuqoriga ko'tarilgan, himoyachi bo'lish g'ururi va yoqimsiz xayolotni tashkil etadigan oz sonli kishilar orasida bo'lishi mumkin. Talabalar xavfsiz muhit uchun eng yaxshi uslublar va amaliyotlarni ko'rib chiqish orqali mukammal xavfsizlikni o'rnatish orqali mudofaa kuchlarini takomillashtirish usullarini taxmin qiladilar.

Maqsadlar

  • XSSni tushunish
  • SQL injectionni tushunish
  • Tarmoqdan foydalanishni himoyalash (NAP)
  • NAP komponentlarini tushunish
  • NAPni ijro etishni tushunish
  • Xp_cmdshell tushunchasini tushuntiring
  • SQLni tushintirish
  • XSS ME ni tushunish
  • O'ng ma'lumotlar bazasini tanlang
  • Foydalanuvchilarga asoslangan identifikatsiyadan foydalanishni boshqarishni amalga oshirish
  • Enjeksiyonluk kamchiliklarni tushunish
  • Cross-saytlar skriptlarini tushintirish
  • Comprehend Broken Authentication
  • Xavfli bo'lmagan kriptografik saqlashni tushunish
  • Teskari muhandislik veb-ilovalarini tushunish

mo'ljallangan auditoriya

The ideal student should have a development background, coding or architecting background either previously or currently. This course is also best suited for application developers and security professionals.

Course Outline Duration: 3 Days

01. Xavfsizlik devorlari

  • Xavfsizlik devorlari
  • Faervol turlari: Vatansız Paket Filtrlar
  • Qurilmani masofaviy erkin foydalanish xavfsizligini yaxshilash
  • Konsol portini qulflash
  • Terminal liniyalarini muhofaza qilish
  • Shifrlangan aloqalarni o'rnatish
  • HTTPSni sozlash
  • SSH ni sozlash

02. Murakkab filtrlash

  • Murakkab filterlash texnologiyalari
  • Kirish filtri
  • Filtrni o'chirish
  • Manba manzili tekshirish (SAV)
  • URPF
  • Qo'shimcha filtrlash masalalari
  • Vaqt asosida ACLlar
  • Qaytgan ACLlar
  • Reflektiv ACL va Statik ACL
  • Kontekstli asoslangan kirishni boshqarish (CBAC)
  • Routersni qat'iylashtirish uchun muhim qadamlar

03. Firewall Configuration

  • Murakkab filterlash texnologiyalari
  • Firewall Types: Stateful Packet Filters
  • Application Proxies
  • Application Proxies vs. Stateful Packet filters
  • Web Application Firewalls
  • Web Application Firewall Types
  • Web Application Firewall Products
  • Firewall Architecture
  • Screened Subnet Firewall
  • The Classic Firewall Architecture
  • Belt and Braces Firewall
  • Separate Services Subnet

04. Qattiqlashuv: Xavfsiz bazani yaratish

  • Windows NT / 2000 / 2003 va XP
  • Windows 2000 / 2003 / XP
  • Windows 2003
  • Windows Vista
  • Server 2003 Architecture
  • Broken Kernel
  • Modes of the OS
  • UNIX/Linux
  • Secure Server Guidelines
  • Hardening Systems
  • Security Compliance Manager
  • Qurilma havfsizligi
  • Essential Steps to Harden Switches

05. Intrusionlarni aniqlash va oldini olish Nima uchun hujumni aniqlash mumkin?

  • Windows NT / 2000 / 2003 va XP
  • Fortress Mentality
  • Intrusion Detection 101
  • What is Intrusion Detection?
  • False positives!
  • Topology concerns
  • Recommended in most circles
  • haqiqiy
  • Intrusion oldini olish
  • Types of IPS
  • Host-Based Intrusion Prevention Systems
  • Host-Based Intrusion Prevention Systems

06. Veb-ilovalarni himoyalash

  • Windows NT / 2000 / 2003 va XP
  • Top 10 www.owasp.org
  • Injection Flaws
  • Cross Site Scripting
  • Broken Authentication
  • Insecure Cryptographic Storage
  • Reverse Engineering Web Apps
  • Asboblar
  • Hackbar
  • Tamper Data
  • The Two Main Attacks for Web
  • XSS
  • SQL injection
  • xp_cmdshell
  • There is More
  • More Tools
  • SQL Inject Me
  • XSS ME
  • Choose The Right Database
  • Amaliyot, amaliyot, amaliyot
  • Tutorials
  • Mutillidae
  • Web Application Firewalls
  • Components of Web Application Firewall

07. Xotirani tahlil qilish

  • Ma'lumot turlari qayta ko'rib chiqildi
  • Vaqtinchalik
  • System date and time
  • Current network connections and Open ports
  • Processes that opened ports
  • Cached NetBIOS Names
  • Users Currently Logged On
  • Internal routing
  • Running Processes
  • Pslist
  • Arzimas narsalar
  • Pslist –t
  • TasklistTlist
  • Running Services
  • Fayllarni ochish
  • Process Memory Dumps

08. Endpoint muhofazasi

  • NAC ga kirish
    • NAC belgilangan
    • NAC umumiy arxitekturasi
    • NAC umumiy arxitekturasi tasvirlangan
    • NAC tushunchalari
    • Inline NAC
    • Chiqishdan tashqarida
    • NAC talablarini aniqlash
    • Foydalanuvchilarga asoslangan identifikatorga kirishni amalga oshirish
    nazorat
    • Tarmoqdan foydalanishni himoyalash (NAP)
    • NAP komponentlari
    • NAP ijrosi
    • NAP Best Practices
    • 802.1x
    • EAP Ta'riflangan

09. Simsiz xavfsizligi

  • Simsiz vositalari
  • Wireless Vulnerabilities Summary
  • MAC Filtering
  • Hiding Access Points
  • O'ldirish
  • Jamming
  • Identifying Targets
  • Wardriving
  • Simsiz aloqada harakatlanish
  • Attacking Encrypted Networks
  • Wep Data
  • The other case
  • voqelik
  • WPA Tools
  • WPA
  • LEAP
  • Asleap
  • qiyoslash

Iltimos, bizga yozing info@itstechschool.com Kurs bahosi va sertifikatlash narxi, jadval va joylashuvi uchun + 91-9870480053 da biz bilan bog'laning

Bizga so'rovni qoldiring

tasdiqlash

Qo'shimcha ma'lumot olish uchun Biz bilan bog'lanish.