Description: This one or two day workshop starts with a quick
review of key terms and technologies to ensure an understanding of what is
involved in a network. Attendees then explore
TCP/IP basics such as ports, CIDR addressing, TCP Headers and the IP Datagram
to ensure knowledge of key network aspects. An introduction to IPv6 with its
improved addressing and security completes the overview.
The seminar then focuses on examining the components
of a strong password and the use of biometrics and challenge response tokens to
learn how they can work to provide enhanced security. From firewalls and VPNs
to Metaframe, participants learn the key aspects of
each technology, how they are used and more importantly, how they are properly audited.
Included is a review of wireless technologies and their authentication, risks
and need for controls. Finally, participants learn techniques in network vulnerability
testing, to discover weaknesses and test controls.
Audience:
This seminar is intended for internal and external audit professionals, security
analysts and administrators and security consultants who wish to learn more
about securing and auditing the network.
Prerequisites: There is no prerequisite for this seminar.
Objectives:
After completing this seminar, participants will be able to:
·
Recognize
the key elements of a network
·
Describe
how each part of the network works to enhance or reduce security
·
Know
what good password techniques are and how to enhance them with biometrics or
challenge response
·
Understand
how the implementation of IPV6 might help secure your network
·
Conduct
an assessment and technical review of their organization's network
Course Outline:
Review of TCP/IP fundamentals
IPV6, Status, Controls and
Issues
Authentication – passwords,
biometrics and tokens
Firewalls
Router authentication &
controls
Using Virtual Private
Networks
Implementing IPSEC
Understanding & Using SSH
Making use of PPTP or other
VPNs
Implementing Two-Factor
Authentication (Securid, others)
Using Metaframe
Understanding Wireless
authentication
Vulnerability assessment and
testing techniques
Mr. Lewis’ seminar will draw upon his almost 30 years of experience in
the areas of IT operations and information security in both industry and
consulting and with his expertise in leading seminars around the world for over
20 years.