Network Security Essentials - ASG203

Network Security Essentials

Network Security Essentials - ASG203
ENROLL IN THIS COURSE

Upcoming Dates & Locations

Onsite - Orlando
Dec 6th, 2021 - Dec 8th, 2021

Network Security Essentials - ASG203

CPE:24


Price: $1833.00


Overview

In this course students learn the basic operating characteristics, threats, vulnerabilities, and risks associated with modern LANs, WANs, client/server, peer-to-peer networks, and other forms of networking including cloud-technologies. It includes identification of network assets and control points, categorizing risks and associated risks, vulnerability management, tracking the growing scope of threats, and a plan for success.


Who Should Attend

Information security professionals or IT auditors working with networks.


Prerequisites

  • IT Auditing and Controls (ITG101)
  • IT Audit School (ITG121), or equivalent experience

What You’ll Learn

You will learn the fundamentals of network security including key reference models and protocols, network risks and safeguards, security strategies, and risk analysis.


Objectives

Defining the Distributed Information Technology Environment:

  • defining a network
  • network terminology
  • computing models: centralized and distributed
  • shared data networks
  • distributed computing: client/server; peer-to-peer, middleware
  • defining the scope of network security and audit programs
  • locating network security control points

Developing a Reference Framework for Network Security and Audit: Network Standards and Protocols:

  • protocol defined
  • network and computing standards and rules for communications
  • understanding internet technical documents
  • network protocol rule; protocol stacks: frameworks for networking
  • open systems interconnection (OSI) reference model
  • transmission control protocol/internet protocol (TCP/IP)
  • encapsulation, information formats, addressing layers
  • OSI layer risk analysis
  • IEEE 802.x wired and wireless standards and technology
  • wireless/mobile network security risks and safeguards
  • network addresses: physical/media access, reserved addresses; use of whois tools
  • domain naming and DNS
  • TCP/IP application ports: foundation for all network security and audit risk analysis
  • TCP/IP security risks and safeguards
  • security services: access control and encryption

Demystifying Network Media Access Technologies:

  • network transmission media—twisted pair copper wire, fiber optics, wireless
  • network physical and logical topologies: bus, ring, star, tree
  • lan protocols ethernet, token ring, wireless LANS
  • geographical network delineation: PAN, LAN, CAN, MAN, WAN
  • physical WAN and internet connections: analog dial-up, leased lines, residential broadband
  • switched WAN network services: frame relay, ATM, MPLS
  • surveying wireless technologies, risks, and safeguards: personal area, local area, wide area
  • security and audit considerations for wired and wireless media access connections

Network Interconnection Devices: Functionality, Management, and Security:

  • positioning network devices in the OSI Reference Model
  • interconnection devices: hubs, bridges, switches, routers, wireless access points—risks and safeguards
  • WiFi, bluetooth and WLAN security; risks and safeguards
  • network domains and segmentation
  • routers: border vs. interior routing protocols
  • network domains, virtual lans (VLANs) and segmentation
  • hierarchical network design implementation
  • network device maintenance/management port access security
  • simple network management protocol (SNMP)
  • enterprise authentication systems: TACACS+, RADIUS, diameter
  • network device security best practices for network interconnection device security and audit
  • network device audit procedures

Identifying and Managing Network Host Services Security:

  • common server and workstation vulnerabilities and risks
  • security control zones—developing a layered software risk analysis and management methodology
  • establishing your server security baseline
  • use of health check software tools and other analytical tools
  • port scanning—techniques and importance
  • server message block—risks and safeguards
  • managing and securing network file shares
  • managing and controlling remote control software—do’s and don’ts
  • network print and multi-function office devices—threats and vulnerabilities—risks and safeguards

Address Management and Directory Services Security:

  • overview of critical network address management and directory services
  • manual and automated address management: hosts, DHCP, DNS, LDAP
  • domain name system (DNS)
  • lightweight directory access protocol (LDAP) directories
  • how to audit DHCP, DNS, LDAP and directory services

Effective Network Perimeter Security Strategies:

  • perimeter security (hacker intrusion) objectives
  • network security strategies
  • network demilitarized zone (DMZ) architectures and key control points
  • warning banners
  • network firewalls and proxy servers: policies, architectures
  • intrusion detection/prevention systems (IDS/IPS)
  • remote access / virtual private network technologies
  • how to secure VPN and remote access to your network
  • the risks of split tunneling
  • user authentication credentials
  • evolving nature of perimeter security threats
  • how to protect against phishing, spearphishing, credential theft, ransomware, malicious attachments, exploit kits and other techniques
  • analysis of landmark data breaches and strategies which would have prevented them

Wrap-up: Performing a Network Security Risk Analysis:

  • identifying the network assets and control points
  • categorizing the threats and associated risks
  • vulnerability management: identifying, tracking, and closing serious network exposures
  • review of the growing scope of threats
  • analysis of the first “cyberweapon”
  • course wrap-up; a practical strategy for information security—12-point plan for success
  • how to achieve perfect network security

Why You Should Attend

You should attend because organizations depend on network technologies, yet these are subject to many risks that if not mitigated appropriately can result in substantial operational, financial, reputation and strategic damages.

ACI Learning is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.nasbaregistry.org.

ENROLL IN THIS COURSE