Home    |    Instructor-led Training    |    Online Training     
         
 
Courses
ADA
Adobe
Agile
AJAX
Android
Apache
AutoCAD
Big Data
BlockChain
Business Analysis
Business Intelligence
Business Objects
Business Skills
C/C++/Go programming
Cisco
Citrix
Cloud Computing
COBOL
Cognos
ColdFusion
COM/COM+
CompTIA
CORBA
CRM
Crystal Reports
Data Science
Datawarehousing
DB2
Desktop Application Software
DevOps
DNS
Embedded Systems
Google Web Toolkit (GWT)
IPhone
ITIL
Java
JBoss
LDAP
Leadership Development
Lotus
Machine learning/AI
Macintosh
Mainframe programming
Mobile
MultiMedia and design
.NET
NetApp
Networking
New Manager Development
Object oriented analysis and design
OpenVMS
Oracle
Oracle VM
Perl
PHP
PostgreSQL
PowerBuilder
Professional Soft Skills Workshops
Project Management
Rational
Ruby
Sales Performance
SAP
SAS
Security
SharePoint
SOA
Software quality and tools
SQL Server
Sybase
Symantec
Telecommunications
Teradata
Tivoli
Tomcat
Unix/Linux/Solaris/AIX/
HP-UX
Unisys Mainframe
Visual Basic
Visual Foxpro
VMware
Web Development
WebLogic
WebSphere
Websphere MQ (MQSeries)
Windows programming
XML
XML Web Services
Other
Tactical Perimeter Defense
Overview

This course is the official courseware for the Security Certified Program SC0-451 certification exam. The Tactical Perimeter Defense course is designed to provide network administrators and certification candidates with hands-on tasks on the most fundamental perimeter security technologies. The network perimeter is often the first line of defense in an organization’s network, and this course covers the issues every administrator must be familiar with.

Prerequisites

To ensure your success, we recommend that you have CompTIA’s Security+ certification, or have equivalent experience. This course assumes that the reader has fundamental working knowledge of networking concepts, and foundational security knowledge.

Delivery Method

Instructor-led, group-paced, classroom-delivery learning model with structured hands-on activities.

Hardware/Software Requirements

You will need:
  • Student machines, one per student, recommended minimum specifications:
    • Pentium 4, 2.0 GHz processor.
    • 512 MB of RAM.
    • 50 GB hard drive.
    • DVD-ROM drive.
    • NIC, capable of promiscuous mode support.
    • Integrated video card, capable of 32-bit video.
  • Instructor machine, same configuration as student machines.
  • Three Cisco routers, 2500 Series preferred (used from a reseller is fine), running IOS 12.2 or greater, with IPSec/SSH support.
  • One Cisco console cable.
  • Two serial cables.
  • DCE to DTE, for connecting routers.
  • Three switches/hubs, 10/100 Mbps.
  • The firewall lesson will require Microsoft ISA Server 2006. This must be downloaded as a 180-day trial from Microsoft, or full ISA Server software must be provided for students.
  • During the VPN lesson, machines designated as VPN servers will require two NICs. The NICs can be either integrated or non-integrated.
  • During the VPN lesson, the instructor machine will need to be running the FTP Service. You may enable the service during your initial setup, or during the VPN lesson, as you prefer.
  • For class preparation, you will need the following tools. Note, where the tools are available as per open source licensing, they have been included on the course CD-ROM, all other tools should be downloaded and put in the correct folder. All these tools should be copied to the C:\\Tools or /Tools directories on your Windows and Linux systems accordingly.
    Lesson 2 WinPcap_4_0.exe SCNS Book CD
    wireshark-setup-0.99.5.exe SCNS Book CD
    tftp.cap SCNS Book CD
    fragment.cap SCNS Book CD
    ping.text SCNS Book CD
    ping.cap SCNS Book CD
    ftp.txt SCNS Book CD
    ftp.cap SCNS Book CD
    Lesson 3 puTTY.exe SCNS Book CD
    ping_arp.mac.cap SCNS Book CD
    rip.update.cap SCNS Book CD
    ripv2withAuthentication.cap SCNS Book CD
    Lesson 5 ISA Server 2006 www.microsoft.com/isaserver/prodinfo/default.mspx
    ISAScwHlpPack.exe SCNS Book CD
    Lesson 6 rfc-index.wri SCNS Book CD
    rfc2547.txt SCNS Book CD
    rfc2979.txt SCNS Book CD
    Lesson 8 Snort_2_6_1_2_Installer SCNS Book CD
    Snort Rules SCNS Book CD
    mysql-essential-5.0.27-win32 SCNS Book CD
    adodb493a.tgz SCNS Book CD
    base-1.2.7.tar.gz SCNS Book CD
    Lesson 9 WildPackets_OmniPeek_Personal41 www.omnipeek.com/downloads.php
    dotnetfx.exe SCNS Book CD
    NetStumbler SCNS Book CD
  • In this course, there are several wireless components utilized. Each training location can decide if they wish to acquire this equipment or use the content as the learning source. The equipment used in this lesson is:
    • Two laptops running Windows XP.
    • One Linksys WPC54G NIC and associated set-up CD-ROM.
    • One Netgear WPN511 NIC and associates set-up CD-ROM.
    • One Linksys WAP54G access point and associated set-up CD-ROM.
    • One Netgear WPN824 access point and associated set-up CD-ROM.
Performance-Based Objectives

  • Describe the core issues of building a perimeter network defense system.
  • Investigate the advanced concepts of the TCP/IP protocol suite.
  • Secure routers through hardening techniques and configure Access Control Lists.
  • Design and configure multiple firewall technologies.
  • Examine and implement IPSec and Virtual Private Networks.
  • Design and configure an Intrusion Detection System.
  • Secure wireless networks through the use of encryption systems.
Course duration

5 Days

Course outline

Lesson 1: Network Defense Fundamentals
  • Topic 1A: Network Defense
  • Topic 1B: Defensive Technologies
  • Topic 1C: Objectives of Access Control
  • Topic 1D: The Impact of Defense
  • Topic 1E: Network Auditing Concepts

Lesson 2: Advanced TCP/IP
  • Topic 2A: TCP/IP Concepts
  • Topic 2B: Analyzing the Three-way Handshake
  • Topic 2C: Capturing and Identifying IP Datagrams
  • Topic 2D: Capturing and Identifying ICMP Messages
  • Topic 2E: Capturing and Identifying TCP Headers
  • Topic 2F: Capturing and Identifying UDP Headers
  • Topic 2G: Analyzing Packet Fragmentation
  • Topic 2H: Analyzing an Entire Session

Lesson 3: Routers and Access Control Lists
  • Topic 3A: Fundamental Cisco Security
  • Topic 3B: Routing Principles
  • Topic 3C: Removing Protocols and Services
  • Topic 3D: Creating Access Control Lists
  • Topic 3E: Implementing Access Control Lists
  • Topic 3F: Logging Concepts

Lesson 4: Designing Firewalls
  • Topic 4A: Firewall Components
  • Topic 4B: Create a Firewall Policy
  • Topic 4C: Rule Sets and Packet Filters
  • Topic 4D: Proxy Server
  • Topic 4E: The Bastion Host
  • Topic 4F: The Honeypot

Lesson 5: Configuring Firewalls
  • Topic 5A: Understanding Firewalls
  • Topic 5B: Configuring Microsoft ISA Server 2006
  • Topic 5C: IPTables Concepts
  • Topic 5D: Implementing Firewall Technologies

Lesson 6: Implementing IPSec and VPNs
  • Topic 6A: Internet Protocol Security
  • Topic 6B: IPSec Policy Management
  • Topic 6C: IPSec AH Implementation
  • Topic 6D: Combining AH and ESP in IPSec
  • Topic 6E: VPN Fundamentals
  • Topic 6F: Tunneling Protocols
  • Topic 6G: VPN Design and Architecture
  • Topic 6H: VPN Security
  • Topic 6I: Configuring a VPN

Lesson 7: Designing an Intrusion Detection System
  • Topic 7A: The Goals of an Intrusion Detection System
  • Topic 7B: Technologies and Techniques of Intrusion Detection
  • Topic 7C: Host-based Intrusion Detection
  • Topic 7D: Network-based Intrusion Detection
  • Topic 7E: The Analysis
  • Topic 7F: How to Use an IDS
  • Topic 7G: What an IDS Cannot Do

Lesson 8: Configuring an IDS
  • Topic 8A: Snort Foundations
  • Topic 8B: Snort Installation
  • Topic 8C: Snort as an IDS
  • Topic 8D: Configuring Snort to Use a Database
  • Topic 8E: Running an IDS on Linux

Lesson 9: Securing Wireless Networks
  • Topic 9A: Wireless Networking Fundamentals
  • Topic 9B: Wireless LAN (WLAN) Fundamentals
  • Topic 9C: Wireless Security Solutions
  • Topic 9D: Wireless Auditing
  • Topic 9E: Wireless Trusted Networks

Please contact your training representative for more details on having this course delivered onsite or online

Training Outlines - the one stop shopping center for IT training.
© Training Outlines All rights reserved