The primary focus
of this course
is the rapidly
changing, increasingly
vital area of
security in context
of networked computer
applications.
This specifically
includes addressing
the risks and
challenges associated
with safe computing
operations on
the public Internet
- and appropriately
securing the corporate
intranet (which
may or may not
be part of the
Internet).
Heightened security
awareness in recent
years and a continuing,
growing concern
about the unregulated
and uncontrollable
aspects of the
Internet all create
an urgent priority
for professionals
and managers to
have an effective
understanding
of the issues
that comprise
network security.
There is definitely
a dark side to
the Internet,
and prudent corporate/enterprise
network managers
and professionals
recognize their
fundamental responsibility
to ensure that
appropriate measures
are taken, and
precautions put
in place to protect
corporate data
and systems from
these threats.
The objectives
of this course
are to:
- Describe the
important elements
of network security,
which range
over a wide
spectrum of
measures and
countermeasures,
from creating
barriers (e.g.
firewalls) and
restrictions
(e.g. security
policy) to rendering
data and systems
inaccessible
through robust
access control
measures, Virtual
Private Networks
and data encryption.
- Create an
appreciation
of where systems
and networks
are most vulnerable,
and develop
an understanding
of the way in
which vulnerabilities
can be identified
and appropriate
countermeasures
deployed.
- Demystify,
describe and
explain the
various types
of malicious
software that
present a threat
to safe, convenient
use of tools
like email and
the World Wide
Web - including
viruses, Trojan
Horse programs,
worms and logic
bombs.
- Put the issues
of personal
privacy and
individual preferences
for confidential
communication
in perspective
with the right
and obligation
of employers
to protect corporate
information
and ensure prudent
use of corporate
network resources.
- Describe
the various
aspects and
features of
the highly complex
and mathematical
topic of encryption
at a level of
technical detail
suitable to
IT professionals
and managers
who are not
particularly
interested in
the mathematics
of cryptography.
- Develop an
appreciation
of trends (in
both the threats
and countermeasures
to threats)
that are evident
in the industry,
and attempt
to put them
into perspective.
This course is
intended for IT
professionals,
engineers and
technical managers
who need an intensive,
thorough exposure
to the principles
and issues that
define network
security. This
subject is often
presented in a
mathematically
intense format
- but this course
has been designed
to minimize this
aspect, so that
professionals
in all disciplines
that are affected
by these issues
will be able to
benefit from attending.
Many of the delegates
who attend this
course fit into
these broad groups:
- People newly
appointed to
a security-oriented
position that
need to develop
a functional
knowledge foundation
covering the
many aspects
of the subject.
- Junior to
intermediate
IT and networking
personnel who
need an effective
grounding in
the scope and
principles of
the subject.
- More senior
professionals
in related fields
that require
a functional
vocabulary and
understanding
of how these
issues affect
their individual
disciplines.
- Individuals
with responsibility
in other areas
of security
(such as physical
security) and
who need to
broaden their
knowledge of
the business
with an appreciation
of network and
IT security.
There are no
technical prerequisites
for this program.
Our Network Security
course has been
designed as a
freestanding treatment
of the subject,
although previous
familiarity with
networking technology
is assumed.
Each delegate
will be provided
with a permanent,
comprehensive
workbook that
is much more than
a set of lecture
notes. In addition
to being a workbook
designed to track
with the lecture
portion of the
program, it is
designed with
features that
give it real value
as a permanent
reference resource.
These include:
- A complete
descriptive
text format,
designed to
be a highly
readable, valuable
reference on
the job.
- A textbook
style Subject
Index and a
comprehensive
Table of Contents,
consistent with
effective reference
access to content
details.
- A thorough,
highly readable
subject-specific
glossary that
provides detailed
descriptive
treatment of
key items of
terminology.
(i) Introduction
The Networked
Environment Differs
From Traditional
IT Security
Security in Distributed
Systems
Authentication,
Confidentiality,
Integrity and
Non-Repudiation
Elements of Risk
in Client/Server
Systems
Points of Security
Exposure
The Orange Book
Approach
(ii) Security-Related
Features of Web-Based
Computing
Summary Features
of TCP and IP
World Wide Web
Features and Security
Traditions of
Trust in TCP/IP
Networks
Roles of Clients
and Servers and
Open Systems Issues
An Increasingly
Sophisticated
Threat Community
(iii)
Malicious Software
Challenges From
the Rapid Proliferation
of Malicious Software
Viruses
Trojan Horses
Worms
Logic Bombs
(iv) Denial
of Service Threats
The Opponent Does
Not Need to Intrude
to Threaten
Ways in Which
DOS Attacks are
Launched
Distributed Denial
of Service Threats
Countermeasures
(v) Introduction
to Cryptography
Starting With
a Secure Physical
Environment
National Policy
Issues
Traditional Symmetric
Key Cryptography
The DES, AES and
IDEA Algorithms
Public Key Cryptography
Hash Functions
(vi) Authentication
Limitations of
User ID's and
Passwords
Automated Authentication
Services
Kerberos and Other
Authentication
Methods
Issues of Trust
(vii)
The Public Key
Infrastructure
PKI - a Systematic
Hierarchy of Trust
Relationships
The Public Key
Infrastructure;
Concepts and Features
Digital Certificates
and Signatures
LDAP and X.500
Directory Services
Practical Implementation
Challenges
(viii)
Security and Internet/Intranet
Connectivity
Inherent Risks
With the Internet
Architecture
Security Risks
in the DNS
Cookies and Their
Implications
Remote Access
Issues; RADIUS
and TACACS+
Network Management
via SNMP
(ix) E-Commerce
and Email Privacy
Demands of E-Commerce
Solutions
Settlement Models
Secure Sockets
Layer and SHTTP
Email Privacy;
PEM, PGP and X-400
(x) Firewalls
Firewalls Design
Objectives
Firewall Types;
Stateless and
Stateful
Network Address
Translation
DMZ Configurations
Proxy-based Firewalls
Limitations with
Firewall-Connected
Environments
Intrusion Detection
Systems
(xi) Creating
A Security Solution
and Defining Policy
Essential Elements
of a Secure Environment
Promoting User
Awareness
Elements of an
Effective Security
Policy
Communicating
the Security Policy
Defining a Model
for Internet Access
Appendices
Glossary
of Terminology
Suggestions For
Further Reading
General
Index
Click
here to return
to our catalog
page
|