home | briefing notes | business contacts | contact us
 
 
home : catalog : network security : network security principles
 
 
 

Network Security Principles: Protecting Connected Systems

Focus
Networked computing applications are increasingly challenged by security concerns -- concerns that secrets may be lost to competitors, concerns that hackers may intrude into our business networks, concerns that someone may compromise critical resources.

Network Security Principles: Protecting Connected Systems presents a thorough assessment of the security threats and challenges that confront the IT professional and manager in modern web-based client/server computing environments.

Who Should Attend
This short course is designed to improve the effectiveness of IT professionals, managers and security officers by exposing them to an extensive view of networked computing security risks and solutions.

Anyone with a professional interest in knowing more about the risks to their client/server computing environments and the security solutions which are available will benefit from attending.

Format and Prerequisites
A permanent, comprehensive workbook is included for each attendee -- which provides a work-along class reference manual with a cross-referenced, comprehensive subject index, encyclopaedic glossary and recommended reading catalog.

There are no technical prerequisites for this program. Network Security Principles has been designed as a freestanding treatment of the subject, although previous familiarity with networking technology is assumed.

Program Outline: Network Security Principles: Protecting Connected Systems

(i) Introduction
The Networked Environment Differs From Traditional IT Security
Security in Distributed Systems
Elements of Risk in Client/Server Systems
Unique Challenges With Web-based Computing Services
Points of Security Exposure
The Orange Book Approach

(ii) Security-Related Features of Web-Based Computing
Summary Features of TCP and IP
World Wide Web Features and Security
Traditions of Trust in TCP/IP Networks
Key Components of Client/Server
Roles of Clients and Servers and Open Systems Issues
An Increasingly Sophisticated Threat Community
Challenges From Viruses and Other Unsavouries

(iii) Introduction to Cryptography
Starting With a Secure Physical Environment
National Policy Issues
Traditional Symmetric Key Cryptography
The DES and IDEA Algorithms
Public Key Cryptography
RSA

(iv) Authentication
Limitations of User ID's and Passwords
Authentication Services
Kerberos
The Public Key Infrastructure
Digital Certificates

(v) Security and Internet/Intranet Connectivity
Inherent Risks With the Internet Architecture
Security Risks in the DNS
Cookies and Their Implications
Java/Active-X Features and Risks
Network Management via SNMP

(vi) E-Commerce and Email Privacy
Demands of E-Commerce Solutions
Settlement Models
Secure Sockets Layer and SHTTP
Email Privacy; PEM, PGP and X-400

(vii) Firewalls
Firewalls Design Objectives
Survey of Firewall Types
Network Address Translation
DMZ Configurations
Limitations with Firewall-Connected Environments

(viii) Network Management Automation
Introduction to Network Management Systems
Scope of Network Management
Security Risks With Network Management Systems
Automation of Management Functions

(ix) Creating A Security Solution

Essential Elements of a Secure Environment
Promoting User Awareness
Physical Security Considerations
Elements of an Effective Security Policy
Defining a Model for Internet Access

Appendices
Glossary of Terminology
Suggestions For Further Reading

General Index

 

Click here to return to our catalog page