Solaris[tm] OE Network Intrusion Detection (SC-345)

Voorkennis | Doel | Onderwerpen | Data & prijzen | Aanmelden
Deze PlusPartner cursus hebben we niet meer in ons assortiment maar nog wel andere cursussen, bijvoorbeeld:Meer informatie? Klik hier!

The Solaris Operating System Network Intrusion Detection course provides students with the knowledge and skills necessary to perform the advanced administration skills required to firewall, monitor, log, identify and respond to network security breaches.Students who can benefit from this course:Experienced System Administrators and Security Administrators who are tasked with protecting Sun Solaris systems in a non-trusted environment such as the Internet or a LAN environment with multiple unknown/untrusted users

Voorkennis

Wij adviseren onderstaande voorkennis:

  • Configuring Security on the Solaris 10 Operating System (SC-301-S10)

Doel

  • Identify and protect against design flaws in standard networking protocols (such as TCP, UDP, IP, ICMP, SSL, SSH, HTTP and ARP)

Onderwerpen cursus Solaris[tm] OE Network Intrusion Detection (SC-345)

De cursus Solaris[tm] OE Network Intrusion Detection (SC-345) behandelt de volgende onderwerpen:

    • Ethernet and IP Operation
    • IP and ARP Vulnerability Analysis
    • UDP/TCP Protocol and TELNET Vulnerability Analysis
    • FTP and HTTP Vulnerability Analysis
    • DNS Vulnerability Analysis
    • SSH and HTTPS Vulnerability Analysis
    • Remote Operating System Detection
    • Network Attack Techniques and Basic Attack Detection
    • Identify the difference between host based and network based IDS
    • Advanced NIDS Configuration
    • Writing snort rules
    • Solaris Routing
    • Solaris Firewalls
    • Solaris Network (NAT) and Port Translation (PAT)

    Klik hier voor een gedetailleerde onderwerpenlijst

Meer informatie?

Geïnteresseerd geraakt in deze opleiding
en wilt u weten welke (vergelijkbare) cursus(sen) u wel kunt volgen?


Vraag informatie aan



Gedetailleerde onderwerpenlijst cursus Solaris[tm] OE Network Intrusion Detection (SC-345)

Hieronder vind u een gedetailleerd overzicht met onderwerpen die in de cursus Solaris[tm] OE Network Intrusion Detection (SC-345) behandeld zullen worden:

    • Ethernet and IP Operation
      • Review OSI network model
      • Review application and network service layers
      • Identify Ethernet security issues
      • Review IPv4 addressing
      • Understand IP fragmentation
      • Identify ICMP security issues
      • Implement basic traffic capture and analysis
    • IP and ARP Vulnerability Analysis
      • Identify IP security issues
      • Describe IP routing and routing protocol security
      • Protect against IP abuse
      • Identify ARP security issues
      • Execute attacks against ARP
      • Protect against ARP abuse
      • Implement advanced packet capture and analysis
    • UDP/TCP Protocol and TELNET Vulnerability Analysis
      • Discuss characteristics of UDP and TCP
      • Identify TCP security issues
      • Describe common TCP abuses: SYN attack, sequence guessing, connection hijacking
      • Discuss characteristics of TELNET
      • Identify TELNET security issues
      • Execute attacks on TCP and TELNET
      • Protect against TCP and TELNET abuse
    • FTP and HTTP Vulnerability Analysis
      • Describe FTP transfer methods and modes and identify FTP security issues
      • Describe common FTP abuses: FTP bounce attack, port stealing, brute force
      • Discuss characteristics of HTTPv1.1
      • Describe role of HTTP proxy servers and HTTP authentication
      • Identify HTTP security issues
      • Describe common HTTP abuses: path name stealing, header spoofing, proxy poisoning
      • Execute attacks on FTP and HTTP
      • Protect against FTP and HTTP abuse
    • DNS Vulnerability Analysis
      • Discuss characteristics of DNS
      • Identify DNS security issues
      • Describe common DNS abuses: DNS spoofing, DNS cache poisoning, unauthorized zone transfers
      • Execute attacks on DNS
      • Protect against DNS abuse
    • SSH and HTTPS Vulnerability Analysis
      • Discuss characteristics of SSH
      • Describe differences between SSH1 and SSH2 protocol
      • Identify SSH security issues
      • Describe common SSH abuses: insertion attack, brute force attack, CRC compensation attack
      • Describe characteristics HTTPS (SSL)
      • Discuss other SSL enabled protocols
      • Describe common SSL abuses: man-in-the-middle and version rollback attack
    • Remote Operating System Detection
      • Use standard system commands and exploit default settings to guess remote operating systems
      • Use open source utilities to guess remote operating systems by scanning open ports
      • Describe TCP/IP stack fingerprinting
      • Install and use nmap for remote OS detection
    • Network Attack Techniques and Basic Attack Detection
      • Identify sources of network attacks
      • Discuss methods of intrusion
      • Describe common network attacks: denial-of-service, software buffer overflow, poor system configuration, password guessing/cracking
      • Describe a typical intrusion scenario
      • Introduce the concept of an Intrusion Detection System (IDS)
      • List some of the most popular IDS tools: Klaxon, Portsentry, snort
      • Implement basic scan detection
      • Implementing Intrusion Detection Technologies
    • Identify the difference between host based and network based IDS
      • Discuss different types of IDS implementation: hybrid NIDS and honeypots
      • Describe core components of a NIDS using the snort NIDS
      • Compile and install the snort NIDS
    • Advanced NIDS Configuration
      • Discuss advanced snort features like "real time response" and snort log monitors
      • Install a database (mysql) to log snort alerts
      • Install the graphical user interfaces (GUI) Demarc and ACID to better interpret snort logs by querying the snort database
      • Generate outside attacks that trigger snort alerts
      • Interpret GUI snort monitors to identify attacks
    • Writing snort rules
      • Describe the different components of a snort rule
      • Configure different snort rule options
      • Write custom snort rules to watch for specific traffic patterns
      • Execute attacks against custom snort rules and interpret GUI snort monitors to identify attacks
    • Solaris Routing
      • List requirements for a Solaris host to be a router
      • Implement a Solaris host as a router
      • Use the ndd utility to secure a Solaris router
    • Solaris Firewalls
      • Describe different types of Solaris firewalls: application firewalls and packet filters
      • Identify two of the most common Solaris firewall products: Sunsceen Lite and IPfilter
      • Learn firewall policy basics
      • Write firewall rules for network or host based firewalls
      • Install an IPfilter firewall on a Solaris host
    • Solaris Network (NAT) and Port Translation (PAT)
      • Describe NAT and PAT concepts
      • Implement NAT to secure a private network behind a Solaris firewall

Getoonde informatie onder voorbehoud, genoemde prijzen zijn exclusief BTW.

Share |

 
Informatie 
  Contact
  Cursusoverzicht
  Cursuskalender
  Bel mij!
  Brochure aanvragen
  Aanmelden voor nieuwsbrief
  Stel een vraag
 
 
Cursuscategorieën