Audit & Security of Networks Course
Course Description
The course is intended for those who need to find out what networks are, how they work and what the prime risks are. It covers the range from wires and PC boards to business objectives and risks. Networking technology and its jargon are explained in non-technical terms.
Having acquired a high level understanding of networking technology, you will learn how to assess security by workshop exercises. All aspects are covered, both business and technical. Business-based workshops are introduced as knowledge is acquired. These require you to decide how networks and applications should be deployed and managed. You will hear commentary on certain real disasters that have happened to high profile companies in the past.
Planning for audits and discussion of suitable tests forms a substantial part of the course. Where hands on is possible, delegates will get a chance to run network probes, port scanners and examine network settings.
The course attempts to demystify the technology surrounding networks and is suitable not only for security specialists but also for non-technical business managers who need to control networking projects.
Course pre-requisites:
Delegates should have a good general understanding of IT.
Topics covered on the 3 day Audit & Security of Networks course
A review of networking technology
- Network security concepts
- Business issues
- Network development lifecycle, network hardware and software
- Risks and objectives
- Local area networks, TCP/IP, LAN devices, WAN technology
- Virtual private network
- Transmission system vulnerabilities
- General network management
- Firewalls
Risks and controls
- Securing networks
- An overview of generic risks
- Controls
Controls and services
- Baseline controls, selective controls
- Auditing baseline security - identifying the scope
- Control tactics
- Audit categories for network assessment
- Steps the operational auditor must take
- List of network vulnerabilities and controls
- Management services, information model
- System management functions, SNMP
- Management duties regarding network security
- Strategy for distributed system management
- Managing network services
- Performance measurement services
- Services supporting monitoring
- Fault management, handling techniques and management controls
- Security management services
- Unique security features of distributed systems
- Security objectives and mechanisms
- Capacity management through performance analysis
- Acceptance testing
- Detailed tracking of all network activity
- Choosing a network service provider (NSP)
- Security tips for corporate networks
- How to audit a network
Remote access
- Introduction
- Risks, defences
- Internet-related risks
Inter-network security
- Points of weakness
- Standard firewall services
- Firewall specimen specification, Firewall deployment
- Securing user access
- MIME sweeper
- Firewall platforms
- Risk assessment methods
- Risks associated with internet service
- Attack scenarios, types of firewall
- Rule lists and logs, logging and auditing
- Firewall operations
- Additional audit control requirements
- Linking vulnerabilities to threats
- Monitor/control of internet access
- Auditing session walls
This is an instructor led training course taught in a classroom based environment.
Course Classification:
Technical Training Course
Course Fee = £1095 (excl.VAT)
Scheduled course dates
| May 2008 |
June 2008 |
July 2008 |
August 2008 |
September 2008 |
| - | - | - | - |
|
|
If you want to attend the course but can't make the dates published then click here for details of our one-to-one training packages.
PTR Associates Limited
21A Peach Street, Wokingham, Berkshire, RG40 1XJ, United Kingdom
Tel: 0118 979 4000 Fax: 0118 979 4035
Email: training@ptr.co.uk
|
|
