CIW Security Professional Series:

Network Security and Firewalls (CIWNSF)

Network Security and Firewalls is a three-day course designed to teach students how to secure networks from unauthorized activity. Students learn about establishing an effective security policy, different types of hacker activities, the hacker's mind-set, and preventing and managing hacker penetration. Students will also learn about authentication procedures, encryption standards and implementations, ports and protocols that hackers manipulate, and how to engage in proactive detection and response/reporting methods.

Target Audience

Network server administrators, firewall administrators, systems administrators, application developers, and IT security officers.

Job Responsibilities

Implement e-business solutions security policies; identify security threats and develop countermeasures using firewall systems and attack-recognition technologies; and manage the deployment of security solutions.

Prerequisites

Students must have passed the CIW Foundations, CIW Server Administrator, and CIW Internetworking Professional exams or have equivalent skills.

Topics

What is Security?

  • Hacker Statistics
  • What is the Risk?
  • The Myth of 100 Percent Security
  • Attributes of an Effective Security Matrix
  • What You Are Trying to Protect?
  • Who is the Threat?
  • Security Standards

Elements of Security

  • The Security Policy
  • Encryption
  • Authentication
  • Specific Authentication Techniques
  • Access Control
  • Auditing
  • Security Tradeoffs and Drawbacks

Applied Encryption

  • Creating Trust Relationships
  • Rounds, Parallelization and Strong Encryption
  • Symmetric-Key Encryption
  • Symmetric Algorithms
  • Asymmetric Encryption
  • Hash Encryption
  • Applied Encryption Processes
  • Public Key Infrastructure (PKI)
  • Encryption Review

Types of Attacks

  • Front-Door and Brute-Force Attacks
  • Bugs and Back Doors
  • Social Engineering and Non-direct Attacks

General Security Principles

  • Be Paranoid
  • Have a Security Policy
  • No System/Technique Stands Alone
  • Minimize Damage
  • Deploy Company-wide Enforcement
  • Provide Training
  • Use an Integrated Security Strategy
  • Place Equipment According to Needs
  • Identify Security Business Issues
  • Consider Physical Security

Protocol Layers and Security

  • TCP/IP and Network Security
  • The TCP/IP Suite and the OSI Reference Model
  • Physical, Network, Transport and Application Layers

Securing Resources

  • Implementing Security
  • Resources and Services
  • Protecting TCP/IP Services
  • SMTP
  • Testing and Evaluating
  • Implementing a New System
  • Security Testing Software
  • Security and Repetition

Levels of Firewall Protection

  • Firewall Strategies and Goals
  • Building a Firewall
  • Types of Bastion Hosts
  • Hardware Issues
  • Common Firewall Designs

Firewalls
  • Definition, Description and Role of a Firewall
  • Firewall Terminology
  • Demilitarized Zone (DMZ)
  • Firewall Configuration Defaults
  • Packet Filters
  • Packet Filter Advantages and Disadvantages
  • Proxy Servers
  • Web Proxies
  • Circuit-level Gateways
  • Application-level Gateways
  • Advanced Features
  • Remote Access and Virtual Private Networks (VPN)

Detecting and Distracting Hackers

  • Proactive Detection
  • Distracting and Punishing the Hacker

Incident Response

  • Decide Ahead of Time
  • Do Not Panic
  • Document Everything
  • Assess the Situation
  • Stop or Contain Activity
  • Execute the Response Plan
  • Analyze and Learn

Internet Security Resources (Appendix)

  • General, UNIX and Windows NT Resources
  • Instructor Setup for VPN: Subnetted and Single Segment Networks