Average Rating: 0.00/10
(# Rating Votes: 0 | Rate This Course | Contribute a Review )
Short Description:
Information Security for Technical Staff is a five-day course designed to provide participants with practical techniques for protecting the security of an organization's information assets and resources. Security issues, technologies, and recommended practices are addressed at increasing layers of complexity, beginning with concepts and proceeding on to technical implementations.
Full Description:
Course Description
Information Security for Technical Staff is a five-day course designed to provide participants with practical techniques for protecting the security of an organization's information assets and resources. Security issues, technologies, and recommended practices are addressed at increasing layers of complexity, beginning with concepts and proceeding on to technical implementations.
The principles, strategies, and practices covered are applicable to most system platforms and network environments. To illustrate important concepts and security technologies, demonstrations and exercises will include implementations applicable to Linux and Windows systems as well as Cisco Internetworking equipment.
The course involves extensive hands-on laboratories utilizing a heterogeneous network environment, scenario-based exercises, lecture/briefings, and open discussion to help participants develop their understanding of the problems and strategies for securing information systems and networks.
Hands-on labs and demonstrations include: PGP, SNORT/ACID, IPSEC, SSH, Tripwire, ARPwatch, NMap and other scanners, Nessus, DSniff, Ethereal/TCPDump, honeynets, personal and enterprise firewalls, password cracking, as well as extensive hacking/hardening of Linux, Windows, and Cisco platforms in both wireless and cabled networks. Each student will have the use of a dual-boot laptop for the duration of the course, as well as access to a wide variety of networked systems.
Audience · Prerequisites · Objectives · Logistics
AUDIENCE
This course is designed for technical staff members who manage or support networked information systems. Two years of practical experience with networked systems or equivalent training/education is assumed; however, the intended audience should be relatively new to information security.
In general, students should have some familiarity with the concepts of data networking. They should have some degree of specific familiarity with the ISO/OSI 7-layered reference model as well as Ethernet, TCP/IP, and major network operating systems such as Windows NT/2000/XP and Unix.
PREREQUISITES
None
TOPICS
The Challenge of Survivability
Asset and Risk Management
Policy Formulation and Implementation
Security Knowledge in Practice
TCP/IP Security
Cryptography
Prelude to a Hack (Information Gathering)
Threats, Vulnerabilities, and Attacks
Host System Hardening
Securing Network Infrastructure
Deploying Firewalls
Securing Remote Access
Intrusion Detection Systems
OBJECTIVES
Successful completion of this course will enable participants to
Describe the components of survivability
Identify and define the components of an information security (IS) model
Describe the components of risk and asset management as applied to networked systems
Identify the benefits of invoking sound security policies and methods for implementing them
Describe the steps of the Security Knowledge in Practice(SKiP) methodology
Summarize key security concerns of the TCP/IP protocol suite
Describe the benefits of cryptography when applied to IS properties of confidentiality, integrity, and availability
Describe common methods of gathering information on networked systems
Describe the types of current vulnerabilities and threats to which an organization's information assets may be exposed
Identify common attack methods perpetrated against network systems
Describe best practices for hardening and actively defending host and networked systems from intrusions
Develop an approach for staying current with trends and requisite skills in information security
LOGISTICS
Class Schedule
The daily schedule is:
Day 1 - 4 - 9:00 a.m. to 5:00 p.m.
Day 5 - 9:00 a.m. to 2:30 p.m.
Availability
For More Information
CERT Coordination Center Web site: http://www.cert.org
For more information about public courses and on-site training, contact
Course Information
Phone and Voice Mail: 412 / 268-9564
E-mail: training-info@cert.org
Hotel and Travel Information
Information about travelling to SEI offices in Pittsburgh, Pennsylvania and Arlington, Virginia is available on our Travel and Lodging Web pages.
Questions about this course?
Please see our Frequently Asked Questions Web page for answers to some of the more common inquiries about SEI Education and Training. If you need more information, contact us via e-mail at course-info@sei.cmu.edu or telephone at +1 412-268-7622.
Duration:
5 Days
Price:
$2500
Submitted by: admin
Hits: 0
SEI's Information Security for Technical Staff Course Web Page
|
