Average Rating: 0.00/10
(# Rating Votes: 0 | Rate This Course | Contribute a Review )
Short Description:
The Enterprise Security Assessment and Best Practices course provides students with information about the tools needed to conduct a security review and assessment of a company's environment against industry best practices. Security exposures and risks are identified within a company's policies, processes, procedures, networks, and systems.
Full Description:
Who Can Benefit
Internal information technology (IT) auditors, firewall administrators, system administrators, network security administrators, and IT security administrators.
Prerequisites
To succeed fully in this course, students should be able to:
Administer a network that includes a UNIX operating system, Transmission Control Protocol/Internet Protocol (TCP/IP), and network components, including routers, switches, and hubs
Describe basic security processes and procedures
Skills Gained
Upon completion of this course, you should be able to:
Describe the methodology and worksheets associated with an Enterprise Security Assessment (ESA)
Review a security policy against a best-practice checklist
Define and evaluate corporate documentation pertinent to a security assessment
Perform router and switch assessments, firewall assessments, network and system scanning tasks, host assessments, and authentication assessments
Identify risks and vulnerabilities within a company's policies, procedures, networks, and systems
Analyze data and provide recommendations on best-practice approaches to resolving the identified risks and vulnerabilities
Create a security executive summary or score card that rates an organization's process, technology, and people
Related Courses
Before: SA-399: Network Administration for the Solaris 9 Operating System
Before: SC-300: Administering Security on the Solaris 8 Operating System
Course Content
Module 1 - ESA Methodology
--------------------------------------------------------------------------------
Define the ESA methodology
List the key components of the ESA methodology
Describe the methodology and worksheets associated with an ESA
State the importance of a self-qualification questionnaire (SSQ)
Define the importance of a technical work plan (TWP)
Outline the major tasks in a TWP
Module 2 - Predelivery Tasks
--------------------------------------------------------------------------------
State the core subtasks in the TWP task A relating to predelivery preparation
Describe how you can build a scanning station
Describe how you can harden a scanning station
Describe how you can change a scanning station operating system (OS)
Describe potential scanning problems
List the tools you can use in the scanning process
State the core tasks in TWP task B relating to implementation preparation
Module 3 - Preparing for a Security Review
--------------------------------------------------------------------------------
Provide an overview of security policies and procedures
State core subtasks in TWP task C relating to the discovery of existing policies and practices
State core subtasks in TWP task I relating to documentation and policy review
Describe and assess the ten critical elements of a security score card
Explain the best practices relating to security policy contents
Module 4 - Router and Switch Assessment
--------------------------------------------------------------------------------
State the core tasks in TWP task D relating to router and switch assessment
Describe the best practices for the use and protection of routers and switches
Describe tools that you can use to check if the routers and switches on the network are adequately protected
State the different options available in the nmap tool and the snmpwalk tool
Module 5 - Host Assessment
--------------------------------------------------------------------------------
State the core tasks in TWP task G relating to host assessments
Describe best practices for auditing hosts
List the tools you can use to perform a host assessment
Module 6 - Firewall Assessment
--------------------------------------------------------------------------------
State the core tasks in TWP task E relating to firewall assessments
Define the best practices relating to firewalls
Describe the principal ways in which firewalls work
Describe the best practices relating to rulesets
Module 7 - Network and System Scanning
--------------------------------------------------------------------------------
State the core tasks in TWP task F related to network and system scanning
Describe the tools used for network and system scanning
Module 8 - Data Collection
--------------------------------------------------------------------------------
State the core tasks in TWP task H relating to data collection
Describe the best practices and policies regarding password protection and maintenance
Describe the Crack tool and its options
Module 9 - Data Analysis
--------------------------------------------------------------------------------
State the core tasks in TWP task J relating to data analysis
Describe how to carry out the analysis tasks in task J
Module 10 - Preliminary Findings and the Score Card
--------------------------------------------------------------------------------
Complete a score card based on the findings of the ESA
Assess organizational security compared to the security of similar organizations
Module 11 - Creating the ESA Report
--------------------------------------------------------------------------------
State the core tasks relating to TWP task L
Describe the structure and contents of the ESA report
Module 12 - Summary
--------------------------------------------------------------------------------
Summarize the salient features of the ESA methodology
Define the tasks in the TWP
State the overall learning objectives of this course
Duration:
4 days
Price:
$1995
Submitted by: admin
Hits: 0
Sun's Enterprise Security Assessment and Best Practices Course Web Page
|
