You will learn to develop the security policy and plan for an organization regardless of the network operating systems in use. Security specialists are becoming more and more common as part of an organizational IT Field. This course will provide you important background in Network Security.

·Networking Essentials ·TCP/IP ·Preliminary Knowledge of at least one network operating system

·Analyze your exposure to security threats and protect your organization's systems and valuable data ·Manage risks emanating from inside the organization and from the Internet & extranets ·Protect network users from hostile applications and viruses ·Reduce your susceptibility to an attack by deploying firewalls, data encryption and decryption, and other countermeasures ·Identify the security risks that need to be addressed in a security policy ·Develop Security Policy

Information Security
Brief History of Security
Physical Security, Communication Security, Emissions Security, Computer Security, Network Security, Information Security
Security is a Process· Anti Virus Software
Access Controls
Firewalls
Smart Cards
Intrusion Detection
Policy Management
Vulnerability Scanning
Encryption
Physical SecurityType of Attacks
Access Attacks
Modification Attacks
Denial-of-Service Attacks
Repudiation AttacksInformation Security Services
Confidentiality (Files, Transmission, Traffic Flow)
Integrity (Files, Information Transmission)
Availability (Backups, Fail-over, Disaster Recovery)
Accountability (Identification and Authorization, Audit)Security Policy
Importance of Policy
Types of Policy (Include Information Policy, Security Policy, Resource Usage Policy, Internet Use Policy, Email Use Policy, User Management Processes, System Administration Procedures, Incident Response Procedure, Configuration Management Procedures, Design Methodology, Disaster Recovery Plans
Creating Appropriate Policy
Deploying Policy (Education, Implementation)
Using Policy EffectivelyManaging Risk
What is Risk?
Identifying the Risk to an Organization
Measuring RiskInformation Security Processes
Assessment (Network, Physical Security, Policies and Procedures, Precautions, Awareness, People, Workload, Attitude, Adherence, Assessment Results)
Choosing the Order in which to develop policies
Implementation (Security Reporting Systems, Authentication Systems, Internet Security, Intrusion Detection Systems, Encryption, Physical SecurityAwareness Training (Employees, Administrators, Developers, Executives, Security Staff)
AuditInformation Security Practices
Administrative Security (Policies and Procedures, Resources, Responsibility, Education, Contingency Plan, Security Project Plan)
Technical Security (Network Connectivity, Virus Protection, Authentication, Audit, Encryption, Backup/Recovery, Physical)Internet Architecture
Deciding the Services to offer (Web, Mail, Internal Access to the Internet, External Access to Internal Systems)
Communication Architecture
Demilitarized Zone (DMZ)
Firewalls (Types of Firewalls, Firewall Configuration, Firewall Rule Set Design)
Network Address Translation
Partner Networks
IPSec (IP Security)Virtual Private Networks
Defining VPN· VPN Protocols (PPTP, L2TP)
User VPNs
Site VPNs
Standard VPN Techniques
E-Commerce Security Needs
E-Commerce Services
Availability
Client-Side Security
Server-side security
Application Security
Database Server Security
E-Commerce Architecture Encryption
Concepts
Private Key Encryption
Public Key Encryption
Digital Signatures
Key Management
Trust
Public Key Infrastructure (PKI)Hacker Techniques
Motivation
Hacking Techniques (Open Sharing, Bad Passwords, Unwise Programming, Social Engineering, Buffer Overflows, Denial of Service)
Methods of Untargeted Hacker
Methods of Targeted HackerIntrusion Detection
Types of Intrusion Detection Systems (Host-based, Network Based)
Setting up an IDS
Managing an IDS