Home    |    Instructor-led Training    |    Online Training     
         
 
Courses
ADA
Adobe
Agile
AJAX
Android
Apache
AutoCAD
Big Data
BlockChain
Business Analysis
Business Intelligence
Business Objects
Business Skills
C/C++/Go programming
Cisco
Citrix
Cloud Computing
COBOL
Cognos
ColdFusion
COM/COM+
CompTIA
CORBA
CRM
Crystal Reports
Data Science
Datawarehousing
DB2
Desktop Application Software
DevOps
DNS
Embedded Systems
Google Web Toolkit (GWT)
IPhone
ITIL
Java
JBoss
LDAP
Leadership Development
Lotus
Machine learning/AI
Macintosh
Mainframe programming
Mobile
MultiMedia and design
.NET
NetApp
Networking
New Manager Development
Object oriented analysis and design
OpenVMS
Oracle
Oracle VM
Perl
PHP
PostgreSQL
PowerBuilder
Professional Soft Skills Workshops
Project Management
Rational
Ruby
Sales Performance
SAP
SAS
Security
SharePoint
SOA
Software quality and tools
SQL Server
Sybase
Symantec
Telecommunications
Teradata
Tivoli
Tomcat
Unix/Linux/Solaris/AIX/
HP-UX
Unisys Mainframe
Visual Basic
Visual Foxpro
VMware
Web Development
WebLogic
WebSphere
Websphere MQ (MQSeries)
Windows programming
XML
XML Web Services
Other
Hardening the Infrastructure
This course is provided by Wintrac. Wintrac provides one stop shopping for all your IT training needs. Wintrac’s course catalog of over two thousand courses includes courses on Security Training
Overview

Hardening the Infrastructure is designed to provide Network Administrators with an awareness of security-related issues and the essential skills they need to implement security in a given network. It is the first course offered in the first level of the Security Certified Program.

Prerequisites

To ensure your success, we recommend you first take the following course or have equivalent knowledge:

  • Security+ Certification
Delivery Method

Instructor-led, group-paced, classroom-delivery learning model with structured minds-on and hands-on activities.

Benefits

Students will learn to work with various protocols, and create security in router-based networks and across different platforms. They will also use some of the techniques that network attackers commonly use to learn the best ways to prevent attacks.

What's Next

After completing this course, students who want to complete Level 1: Defense of the Security Certified Program should take the next course in the series: Network Defense and Countermeasures.

Target Student:

We designed Hardening the Infrastructure for Network Administrators who are responsible for maintaining a wide range of network technologies, and who need to develop expertise in securing their networks.

Hardware/Software Requirements

To run this course, you will need:

  • A class-prep set of disks that should consist of:
    • Operating Systems:
      1. Bootable DOS diskette with common utilities.
      2. Windows 98
      3. Windows NT 4.0 Server
      4. Windows 2000 Server
      5. Red Hat Linux 8.0
      6. Drivers for all of the above
    • Service Packs and upgrades:
      1. The following three can be burned onto one CD
        1. SP6a for NT4.0
        2. SP2 for Windows 2000
        3. SP2 for Windows 2000
    • Others:
      1. Disk-Cloning/Imaging/Multicasting/SID-changing tools and utilities
  • Students should have access to:
    1. Utilities (viewers/unzippers) and TOOLS (as indicated on the following pages) for Level-1 with all the tools downloaded from the web.
    2. A Level1 CD included with the course manuals containing 'Captures' and 'Signatures' files for use with the course.
  • An instructor's set that should consist of all of the disks in the student set of disks plus:
    1. A Hardware Keylogger (for NSF/HTI)
    2. CheckPoint Firewall CD (for NDC)
  • Classroom Requirements:
    • 3 Cisco Routers (minimum 2500 Series, IOS v.12.2 or greater with IPSec/SSH capability)
    • 2 Instructor Machines:
      • Instructor Machine 1 will be the Firewalled Gateway on NT 4.0 Server SP6a (for the Checkpoint 2000 exercises).
    • 2 10/100 Hubs
    • Null modem and CAT5 crossover cables (1 set per 2 student machines)
    • 12 Student Machines
  • Student PC Setup:
    • PIII 500 (700+ recommended)
    • 128 MB Ram (256+ recommended)
    • 8 GB HDD min. (if larger it doesn't matter)
    • 2 NICs per PC (well-known brands preferred for promiscuous mode support)
    • Video card (well known brands preferred from the point of view of driver availability for all OSes)
  • Tools:
    • For use in class, you will also need to acquire the tools and utilities described in the following tables. Tables are arranged by function, such as network scanning, firewalls, and so forth. Links are provided to enable you to download files from the Web. Create a Tools share (or a CD) for use in class. Download and organize the tools in an appropriate folder structure, such as in folders named Linux Tools, Windows Tools, and Miscellaneous. The Miscellaneous folder can include utilities like MS Office file viewers, file unzippers, Acrobat Reader, and so forth. The capture and signature files required for some of the tasks in the course, as well as all the RFCs, are included with each course manual.
      SuperScan Windows/Eval is Free Yes http:// www.foundstone.com/ knowledge/scanning.html
      Nmap Linux/Free Yes http:// www.nmap.org/nmap/ nmap_download.html
      NmapFE Linux/Free Yes http:// www.nmap.org/nmap/ nmap_download.html
      NmapNT Windows/Free No http:// www.eeye.com/html/ Research/Tools/nmapnt.html
      Pinger Windows/Free No http://visualsoftru.com/ping/pinger.exe
      Strobe Linux, Windows/Free No http://www.luyer.net/software/strobe-classb/
      Nessus Linux, Windows/Free Yes http://www.nessus.org
      udpflood.exe Windows/Free Yes http:// www.foundstone.com/ knowledge/ stress_testing.html
      NetScan Tools Pro Windows/Eval is Free No http://www.netscantools.com /nstdownload.html
      Netcat Linux, Windows/Free Yes
      • http://www.atstake.com/research/tools/nc110.tgz
      • http://www.atstake.com/research/tools/nc11nt.zip

      Visual Route Windows/Eval is free Yes http://www.visualroute.com/
      NeoTrace Windows/Eval is free Yes http://www.tucows.com/preview/194046.html

      Network Monitor Windows/Built-in Yes Included in Windows NT 4.0 Server and Windows 2000
      Ethereal Windows, Linux/Free Yes http://www.ethereal.com/distribution/Win32
      Tcpdump Linux/Free No http://www.tcpdump.org/
      Windump Windows/Free No http://windump.polito.it/install/default.htm
      WinPcap Windows/Free Yes http://windump.polito.it/install/default.htm

      L0pht Crack 2.5 Windows/Eval is Free Yes http://www.32bit.bhs.com /downloads/file.asp?id=4519
      L0pht Crack LC3 Windows/Eval is Free Yes http://online.securityfocus.com /tools/1005
      Crack 5.0 Linux/Free No ftp://ftp.openbsd.org/ pub/OpenBSD/2.7/ packages/i386/crack-5.0.tgz
      John the Ripper Windows, Linux, DOS/Free Yes http://www.openwall.com/john
      Snadboy's Revelation Windows/Free Yes http://www.snadboy.com

      Netbus Windows/Free Yes http:// nttoolbox.com/public/ tools/NetBus170.zip
      NetBus Pro Windows/Free Yes http:// home.t-online.de/home/ husky_college/nbpro201.exe
      SubSeven Windows/Free No http://www.subseven.ws/

      NTFSDOS DOS/Eval is free Yes http://www.sysinternals.com/ (The Read-only version will do.)

      GetAdmin Windows NT/Free No http://packetstormsecurity.org

      Keylogger Any (This is hardware.)/$89 to $199 (one per class only) Yes http://www.keyghost.com
      Security keyboard Any (This is hardware.)/$129 to $299 (one per class only) Yes http://www.keyghost.com
      Keystroke logger Any (This is hardware.)/$54.95 (one per class only) Yes http:// www.electronickits.com/ spy/finish/ computer/key.htm
      Klogger Windows/Free Yes http://ntsecurity.nu/toolbox/klogger/

      Internet Scanner 6 Windows/Free No Included with the Windows 2000 Server Resource Kit, or you can visit: http://www.iss.net/download/
      System Scanner 4.2 Windows/Free No Included with the Windows 2000 Server Resource Kit, or you can visit: http://www.iss.net/download/
      Snort Linux, Windows/Free No http://www.snort.org/
      IDScenter Windows/Free No http:// www.packx.net/packx/ download/idscenter/ idscenter11rc1.zip

      CheckPoint 2000/NG Firewall-1 Windows NT 4.0 Server with SP6a/$2100 approx. (one per class only) No http:// www.comark.com/site /L4.cfm?item_number =CPFW%2DFIG%2D25%2DV41 (recommended). After purchase, create a user account with and obtain a license for 172.17.10.1 (Instructor Machine-1) at http://usercenter.checkpoint.com
      ISA Server2000 Windows 2000 with SP1 min./Eval is Free No http:// www.microsoft.com/ isaserver/evaluation /trial/default.asp

      IPv6 protocol Any/Free Yes http:// msdn.microsoft.com /downloads/sdks/ platform/tpipv6/ download.asp
      Webmin Any (Browser based management.)/Free Yes http://www.webmin.com (There you will find lots of GUI goodies, including an IPchains [or IPtables] configurator).
      Bastille Linux/Free Yes http://www.bastille-linux.org/
      pwlib-1.3.3-5.i386.rpm Linux/Free Yes http:// www.bastille-linux.org /pwlib-1.3.3-5.i386.rpm
      perl-TK-800.023-9mdk.i586.rpm Linux/Free Yes http:// www.bastille-linux.org /perl-TK-800.023-9mdk.i586.rpm
      PuTTY.exe Windows/Free Yes http:// www.chiark.greenend.org.uk /~sgtatham/putty/
      HiSecWeb security template Windows/Free Yes http://support.microsoft.com/ support/misc/ kblookup.asp?id=Q316347
      IIS Lockdown tool Windows/Free Yes http://www.microsoft.com /downloads/ release.asp?ReleaseID=43955
      HFNetChk Windows/Free Yes http://www.microsoft.com /downloads/ search.aspx?displaylang=en (Select HFNetChk from the Product/Technology drop-down list, and download Nsch332.exe.)
    Performance-Based Objectives

    • Investigate advanced concepts and procedures related to the TCP/IP protocol.
    • Work with the secure version of IP, IPSec.
    • Secure Linux computers and networks.
    • Secure Windows 2000 computers and test the effectiveness of various security measures.
    • Secure routers by using Access Control Lists and logging options.
    • Investigate measures that can help ensure business continuity in the event of a disaster, such as contingency planning, and power and backup issues.
    • Define common Internet components and identify techniques used in Web hacking and other attacks.
    • Examine and work with common techniques used to attack networks and specific operating systems.
    Course duration

    5 Days

    Course outline

    Lesson 1: Advanced TCP/IP

    • Topic 1A: TCP/IP Concepts
    • Topic 1B: Analyzing the Three-Way Handshake
    • Topic 1C: Capturing and Identifying IP Datagrams
    • Topic 1D: Capturing and Identifying ICMP Messages
    • Topic 1E: Capturing and Identifying TCP Headers
    • Topic 1F: Capturing and Identifying UDP Headers
    • Topic 1G: Analyzing Packet Fragmentation
    • Topic 1H: Analyzing an Entire Session
    • Topic 1I: Fundamentals of IPv6


    • Lesson 2: Implementing IPSec

    • Topic 2A: Internet Protocol Security
    • Topic 2B: IPSec Policy Management
    • Topic 2C: IPSec AH Implementation
    • Topic 2D: IPSec ESP Implementation
    • Topic 2E: Combining AH and ESP in IPSec


    Lesson 3: Hardening Linux Computers

    • Topic 3A: Introduction to Linux Administration
    • Topic 3B: Fundamental Linux Security
    • Topic 3C: Access Control
    • Topic 3D: Securing Network Services
    • Topic 3E: Final OS Hardening


    Lesson 4: Hardening Windows Computers

    • Topic 4A: Windows 2000 Infrastructure Security
    • Topic 4B: Windows 2000 Authentication
    • Topic 4C: Windows 2000 Security Configuration Tools
    • Topic 4D: Windows 2000 Resource Security
    • Topic 4E: Windows 2000 Auditing and Logging
    • Topic 4F: Windows 2000 EFS
    • Topic 4G: Windows 2000 Network Security


    Lesson 5: Routers and Access Control Lists

    • Topic 5A: Fundamental Cisco Security
    • Topic 5B: Routing Principles
    • Topic 5C: Removing Protocols and Services
    • Topic 5D: Creating Access Control Lists
    • Topic 5E: Implementing Access Control Lists
    • Topic 5F: Logging Concepts


    Lesson 6: Contingency Planning

    • Topic 6A: Continuity and Recovery
    • Topic 6B: Developing the Plan
    • Topic 6C: The Technologies of Staying On
    • Topic 6D: Backing up the Operating Systems


    Lesson 7: Security on the Internet and the WWW

    • Topic 7A: Describing the Components of the Internet
    • Topic 7B: Identifying the Weak Points of the Internet
    • Topic 7C: Describing Web-Hacking Techniques
    • Topic 7D: Describing Methods Used to Attack Users


    Lesson 8: Attack Techniques

    • Topic 8A: Network Reconnaissance
    • Topic 8B: Mapping the Network
    • Topic 8C: Sweeping the Network
    • Topic 8D: Scanning the Network
    • Topic 8E: Viruses, Worms, and Trojan Horses
    • Topic 8F: Malicious Web sites
    • Topic 8G: Gaining Control over the System
    • Topic 8H: Recording Keystrokes
    • Topic 8I: Cracking Encrypted Passwords
    • Topic 8J: Revealing Hidden Passwords
    • Topic 8K: Social Engineering
    • Topic 8L: Case Study: Social Engineering
    • Topic 8M: Gaining Unauthorized Access
    • Topic 8N: Hiding Evidence of an Attack
    • Topic 8O: Performing a Denial of Service
    Please contact your training representative for more details on having this course delivered onsite or online

    Training Outlines - the one stop shopping center for IT training.
    © Training Outlines All rights reserved