Security + Course Content
Overview of Systems Security Threats
- Privilege escalation
- Virus
- Worm
- Trojan
- Spyware
- Spam
- Adware
- Rootkits
- Botnets
- Logic bomb
Security risks pertaining to system hardware and peripherals
- BIOS
- USB devices
- Cell phones
- Removable storage
- Network attached storage
Implementing OS hardening practices and procedures to achieve workstation and server security
- Hotfixes
- Service packs
- Patches
- Patch management
- Group policies
- Security templates
- Configuration baselines
Procedures to establish Application Security
- ActiveX
- Java
- Scripting
- Browser
- Buffer overflows
- Cookies
- SMTP open relays
- Instant messaging
- P2P
- Input validation
- Cross-site scripting (XSS)
Implementing security applications
- HIDS
- Personal software firewalls
- Antivirus
- Anti-spam
- Popup blockers
Virtualization Technology: purpose and application
Ports & Protocols: Threats and Mitigation Techniques
- Antiquated protocols
- TCP/IP hijacking
- Null sessions
- Spoofing
- Man-in-the-middle
- Replay
- DOS
- DDOS
- Domain Name Kiting
- DNS poisoning
- ARP poisoning
Network design elements and components
- DMZ
- VLAN
- NAT
- Network interconnections
- NAC
- Subnetting
- Telephony
Network Security Tools
- NIDS
- NIPS
- Firewalls
- Proxy servers
- Honeypot
- Internet content filters
- Protocol analyzers
Using Network Security Tools
- NIDS
- Firewalls
- Proxy servers
- Internet content filters
- Protocol analyzers
Vulnerabilities and Mitigations of Network Devices
- Privilege escalation
- Weak passwords
- Back doors
- Default accounts
- DOS
Vulnerabilities and Mitigations of Transmission Media
- Vampire taps
Vulnerabilities and Mitigations of wireless Networking
- Data emanation
- War driving
- SSID broadcast
- Blue jacking
- Bluesnarfing
- Rogue access points
- Weak encryption
Industry Best Practices for access control methods
- Implicit deny
- Least privilege
- Separation of duties
- Job rotation
Common Access Control Models
- MAC
- DAC
- Role & Rule based access control
Organizing Users and Computers: Security Groups, Rights & Privileges.
Security controls to file and print resources
Logical Access Control Methods: Defining and Implementing
- ACL
- Group policies
- Password policy
- Domain password policy
- User names and passwords
- Time of day restrictions
- Account expiration
- Logical tokens
Authentication models and components
- One, two and three-factor authentication
- Single sign-on
Deploying Authentication Models and components
- Biometric reader
- RADIUS
- RAS
- LDAP
- Remote access policies
- Remote authentication
- VPN
- Kerberos
- CHAP
- PAP
- Mutual
- 802.1x
- TACACS
Difference between Identification and Authentication (Identity Proofing)
Physical Access Security Methods
- Physical access logs/lists
- Hardware locks
- Physical access control – ID badges
- Door access systems
- Man-trap
- Physical tokens
- Video surveillance – camera types and positioning
Conducting Risk Assessments and implement Risk Mitigation
Vulnerability Assessments through common tools
- Port scanners
- Vulnerability scanners
- Protocol analyzers
- OVAL
- Password crackers
- Network mappers
Penetration Testing versus Vulnerability Scanning
Using Monitoring Tools to detect security-related anomalies
- Performance monitor
- Systems monitor
- Performance baseline
- Protocol analyzers
Monitoring Methodologies
- Behavior-based
- Signature-based
- Anomaly-based
Logging procedures and results evaluation
- Security application
- DNS
- System
- Performance
- Access
- Firewall
- Antivirus
Periodic Audits of system security settings
- User access and rights review
- Storage and retention policies
- Group policies
Cryptography Concepts
- Key management
- Steganography
- Symmetric key
- Asymmetric key
- Confidentiality
- Integrity and availability
- Non-repudiation
- Comparative strength of algorithms
- Digital signatures
- Whole disk encryption
- Trusted Platform Module (TPM)
- Single vs. Dual sided certificates
- Use of proven technologies
Hashing Concepts and Algorithms
- SHA
- MD5
- LANMAN
- NTLM
Encryption Concepts and Algorithms
- DES
- 3DES
- RSA
- PGP
- Elliptic curve
- AES
- AES256
- One time pad
- Transmission encryption (WEP TKIP, etc)
Protocols: Definition and Implementation
- SSL/TLS
- S/MIME
- PPTP
- HTTP vs. HTTPS vs. SHTTP
- L2TP
- IPSEC
- SSH
Public Key Cryptography
- Public Key Infrastructure (PKI)
- Recovery agent
- Public key
- Private keys
- Certificate Authority (CA)
- Registration
- Key escrow
- Certificate Revocation List (CRL)
- Trust models
Implementing PKI and Certificate Management
- Public Key Infrastructure (PKI)
- Recovery agent
- Public key
- Private keys
- Certificate Authority (CA)
- Registration
- Key escrow
- Certificate Revocation List (CRL)
Redundancy Planning and its components
- Hot site
- Cold site
- Warm site
- Backup generator
- Single point of failure
- RAID
- Spare parts
- Redundant servers
- Redundant ISP
- UPS
- Redundant connections
Implementing Disaster Recovery Procedures
- Planning
- Disaster recovery exercises
- Backup techniques and practices – storage
- Schemes
- Restoration
Incident Response Procedures: Types and Implementation
- Forensics
- Chain of custody
- First responders
- Damage and loss controlReporting – disclosure of
Applicable legislation and organizational policies
- Secure disposal of computers
- Acceptable use policies
- Password complexity
- Change management
- Classification of information
- Mandatory vacations
- Personally Identifiable Information (PII)
- Due care
- Due diligence
- Due process
- SLA
- Security-related HR policy
- User education and awareness training
Environmental Controls
- Fire suppression
- HVAC
- Shielding
Social Engineering: Concept of and how to reduce the risks
- Phishing
- Hoaxes
- Shoulder surfing
- Dumpster diving
- User education and awareness training