Description
This practical course will show you how to implement the main means of securing systems and networks. After studying some threats to the information system, you will learn the role of various security equipment in protecting the company in order to be able to design a security architecture and carry out its implementation.
Who is this training for ?
For whom ?Manager, security architect. Systems and network technicians and administrators.
Prerequisites
Training objectives
Training program
- Risks and threats
- - Introduction to security.
- - State of IT security.
- - The vocabulary of IT security.
- - Attacks " lower layers".
- - Strengths and weaknesses of the TCP/IP protocol.
- - Illustration of attacks such as ARP and IP Spoofing, TCP-SYNflood, SMURF, etc.
- - Denial of service and distributed denial of service.
- - Application attacks.
- - Intelligence gathering.
- - HTTP, a particularly exposed protocol (SQL injection, Cross Site Scripting, etc.
- - ).
- - DNS: Dan Kaminsky attack.
- - Practical work Installation and use of the Wireshark network analyzer.
- - Implementation of an application attack.
- Security architectures
- - Which architectures for what needs? Secure addressing plan: RFC 1918.
- - Address translation (FTP as an example).
- - The role demilitarized zones (DMZ).
- - Examples of architecture.
- - Securing architecture through virtualization.
- - Firewall: cornerstone of security.
- - Actions and limits of traditional network firewalls.
- - Technological evolution of firewalls (Appliance, VPN, IPS, UTM.
- - ).
- - Firewalls and virtual environments.
- - Server proxy and application relay.
- - Proxy or firewall: competition or complementarity? Reverse proxy, content filtering, caching and authentication.
- - SMTP relay, an obligation? Practical work Implementation of a Cache proxy/Authentication.
- Data security
- - Cryptography.
- - Symmetric and asymmetric encryption.
- - Hash functions.
- - Cryptographic services.
- - Authentication of the user.
- - The importance of mutual authentication.
- - X509 certificates.
- - Electronic signature.
- - Radius.
- - LDAP.
- - Worms, viruses, trojans, malware and keyloggers.
- - Current trends.
- - The antiviral offer, complementarity of elements .
- - EICAR, a "virus" to know.
- - Practical work Deployment of an SMTP relay and an HTTP/FTP Antivirus proxy.
- - Implementing a server certificate.
- Security of exchanges
- - Wi-Fi security.
- - Risks inherent to wireless networks.
- - The limits of WEP.
- - The WPA and WPA2 protocol.
- - Types of attacks.
- - Man in the Middle attack with rogue AP.
- - The IPSec protocol.
- - Presentation of the protocol.
- - Tunnel and transport modes.
- - ESP and AH.
- - Analysis of the protocol and associated technologies (SA, IKE, ISAKMP, ESP, AH.
- - ).
- - SSL/TLS protocols.
- - Protocol overview.
- - Negotiation details.
- - Analysis of the main vulnerabilities.
- - Sslstrip and sslsnif attacks.
- - The SSH protocol.
- - Presentation and functionalities.
- - Differences with SSL.
- - Practical work Performing a Man in the Middle attack on an SSL session.
- - Implementation of IPSec transport mode/PSK.
- Securing a system, “Hardening”
- - Presentation.
- - Insufficient default facilities.
- - Evaluation criteria (TCSEC, ITSEC and common criteria).
- - Securing Windows.
- - Account and permission management.
- - Service control.
- - Network configuration and auditing.
- - Securing Linux.
- - Kernel configuration.
- - File system.
- - Service and network management.
- - Practical work Example of securing a Windows and Linux system.
- Daily audit and security
- n'as pas encore du programme
- Case study
- - Preliminary study.
- - Needs analysis.
- - Develop an architecture.
- - Define the action plan.
- - Deployment.
- - Procedure for installing the elements.
- - Implementation of the filtering policy.
- - Practical work Development of a master's degree flow.
