This practical training will show you how to implement the most common ways of making systems and networks secure. After studying several threats to the Information System, you'll learn the role that each piece of security equipment plays in protecting the company in order to be capable of designing a security architecture and implementing it.
Training at your location, our location or remotely
Ref. FRW
4d - 28h
Would you like to transpose this course—without changes—for your company?
A la carte training
Do you want a training course tailored to the needs of your company and its teams? Your training will be built to measure by our experts!
This practical training will show you how to implement the most common ways of making systems and networks secure. After studying several threats to the Information System, you'll learn the role that each piece of security equipment plays in protecting the company in order to be capable of designing a security architecture and implementing it.
Teaching objectives
At the end of the training, the participant will be able to:
Know the flaws and threats of information systems
Learn the role of various security devices
Design and create a suitable security architecture
Implement the most common means of securing networks
Securing a Windows and Linux system
Participants
Implementing an HTTP proxy solution in Windows or Linux, an antivirus solution for network flows. Designing and implemen
TRAINING PROGRAM
Intended audience
Department heads, security architects. System and network technicians and administrators.
Prerequisites
Good knowledge of networks and systems.
Course schedule
Risks and threats
Introduction to security.
Overview of IT security.
IT security vocabulary.
"Low-level" attacks.
Strengths and weaknesses of the TCP/IP protocol.
Illustration of ARP, IP Spoofing, TCP-SYNflood, SMURF, and other attacks.
Denial of service and distributed denial of service.
Application attacks.
Intelligence gathering.
HTTP: A particularly vulnerable protocol (SQL injection, Cross Site Scripting, etc.).
DNS: Dan Kaminsky attack.
Hands-on work ¤Installation and use of the Wireshark network analyzer. Implementing an application solution.
Security architectures
What architectures for what needs?
Secure addressing plan: RFC 1918.
Address translation (FTP as an example).
The role of demilitarized zones (DMZ).
Example architectures.
Making the architecture secure through virtualization.
Firewalls: Cornerstone of security.
Actions and limits of traditional network firewalls.
Technological change in firewalls (Appliance, VPN, IPS, UTM, etc.).
Firewalls and virtual environments.
Proxy server and application relay.
Proxy or firewall: Conflicting or complementary?
Reverse proxy, content filtering, cache, and authentication.
SMTP relay, a must?
Hands-on work ¤Implementation of a Caching proxy/Authentication.
Data security
Cryptography.
Symmetrical and asymmetrical encryption. Hash functions.
Real-time IDS-IPS detection tools, agent, probe, or cut-off.
Reacting effectively in all circumstances.
Supervision and administration.
Organizational impacts.
Technological monitoring.
Case study
Prior study.
Analysis of needs.
Creating an architecture.
Defining the action plan.
Deployment.
Approach to installing elements.
Implementing the filtering policy.
Hands-on work ¤Creating flow management.
Practical details
Implementing an HTTP proxy solution in Windows or Linux, an antivirus solution for network flows. Designing and implementing a multi-firewall, multi-DMZ architecture. Implementing fundamental techniques to make the operating system secure.
Customer reviews
4,2 / 5
Customer reviews are based on end-of-course evaluations. The score is calculated from all evaluations within the past year. Only reviews with a textual comment are displayed.
Dates and locations
Select your location or opt for the remote class then choose your date.
Remote class
No session at the moment, we invite you to consult the schedule of distance classes.