|
|
1-800-THE-TREE (1-800-843-8733)
|
|
|
 |
|
Controlling Network Access: Hands-On
Course: 941
Type: Hands-On Training
Duration: 4 Days
You Will Learn How To
- Secure enterprise networks using access control tools and best practices
- Deploy advanced filtering techniques to add state and support Quality of Service (QoS)
- Block attack traffic using intrusion prevention systems (IPS) and application-level firewalls
- Detect, mitigate and limit the impact of zero-day attacks with IPS
- Deny rogue and untrusted computer access with network access control (NAC)
- Ensure secure communication with IPsec and SSL/TLS VPNs
Course Benefits As enterprises expand, networks are exposed to increasing amounts of traffic that can pose a threat to mission-critical data. The ability to control internal and external access is vital in establishing a secure architecture. In this course, you gain the practical skills and knowledge required to perform information assurance that protects data integrity and maintains organizational credibility.Who Should Attend This course is valuable for network and security administrators, engineers, architects and others who design, implement or manage access control within the enterprise. Knowledge of networking and security fundamentals at the level of Course 468, "System and Network Security Introduction," is assumed.Hands-On Training Through an evolving case study, you gain practical experience securing the enterprise by applying access control methodology that incorporates industry best practices. Exercises include:
- Configuring routers and switches to support advanced filtering
- Hardening perimeter devices
- Deploying a Web-application firewall
- Implementing a network-based IPS to mitigate or stop simulated attacks
- Filtering protocols and Web-based content
- Defeating zero-day attacks with host-based IPS
- Applying NAC solutions
- Securing remote access with VPN technology
Course 941 Content
- Investigating security model components
- Validating your organization's security policy
- Quantifying risk to determine access controls
- Identifying network protocols
- Blueprinting encapsulation
- Analyzing headers to classify packets
- Securing access to devices
- Hardening routers and switches
- Prioritizing network traffic
- Classifying traffic to achieve Quality of Service (QoS)
- Ingress and egress filtering
- Providing state with context-based access controls
- Preventing address spoofing
- Containing resource starvation
- Stateless vs. stateful packet filters
- Application proxies
- Web application firewalls: Profense, mod_security
- Refining the topology
- Setting a security perimeter
- Combining components to give defense in depth
- Safeguarding application servers
- Supporting DMZ services
- Fingerprinting Operating Systems
- Interpreting malicious traffic
- Establishing thresholds and boundaries
- Inspecting network traffic for abnormal activity
- Leveraging intrusion prevention technologies
- Correlating signature- and anomaly-based events
- Constructing proxy controls
- Assessing proxy operations
- Preventing malicious Web-based content
- Validating Ajax and SOAP messages
- Defensive techniques with an offensive mindset
- Dissecting an attack methodology
- Defeating attacks with host-based intrusion prevention
- Processing system calls and system-level access
- Identifying NAC requirements
- Partitioning and segmenting zones
- Neutralizing rogue clients
- Guest, contractors and others
- Maintaining awareness of who is on your network
- Implementing 802.1x port access control
- Pruning ports to deter intrusion
- Tunneling with IPsec and SSL/TLS
- Developing secure communications
- Site-to-site vs. client-to-site
- Avoiding pitfalls of split tunneling
- Screening complex protocols
- Expanding de-perimeterization across the enterprise
|
Related Courses
|
|
|
|
|
|
|
Print Friendly
E-mail a Colleague
Course FAQ
Course PDF
Home
