Networks - Security

Objective
To become familiar with the operation and use of network technologies.

Target audience
Network administrators and managers, system administrators, IT technicians and project managers, IT directors and business telecom/telephony managers.

Prerequisites
Knowledge of computer science.

Topics covered

• Network architecture and types: local area networks (LANs), metropolitan area networks (MANs) and wide area networks (WANs)
• LANs: Ethernet (10/100/1G)
• Transmission media: cable and fiber optic
• xDSL networks: ISDN, SDSL, ADSL, HDSL and VDSL
• High-speed WANs: frame relay, ATM, SONET, WDM, DWDM and MPLS
• Cable networks: cable modem technology and powerline telecommunications
• Wireless networks: satellite, PCS (1G, 2G and 3G), MMDS, LMDS, WLAN (802.11x and Bluetooth) and WiMAX 802.16 technologies
• Internetworking equipment: repeaters, hub, switches, bridges, routers and gateways
• Virtual local area networks (VLANs): architecture and practical implementations

Objective
To describe the role and operation of all protocols from the TCP/IP family.

Target audience
Network administrators and managers, system administrators, IT technicians and IT directors.

Prerequisites
Knowledge of network technologies (Course RE101).

Topics covered

• Multi-layer architecture: TCP/IP
• Public and private IP addresses
• Routing: routing tables, routing protocols (RIP, OSPF) vs. routed protocols
• ARP protocol (MAC address resolution) and RARP protocol (MAC reverse address resolution)
• IP protocol: services, addressing, classes and routing
• ICMP (Internet Control Message) protocol
• UDP (User Datagram) protocol: kinematics, ports and datagram format
• TCP (Transmission Control) protocol: kinematics, ports and segment format
• SNMP (Simple Network Management) protocol
• The DNS, FTP and Telnet services
• TCP/IP security: IPSec and SSL
• Voice over IP, IP telephony
• The future of TCP/IP: IPv6, SNMP V3, RSVP, Diffserv and quality of service (QoS)

Objective
To provide the knowledge and skills required to evaluate security risks inherent in information systems (workstations, servers, LAN, WAN, intranets, extranets and the Internet), and to identify the policies and countermeasures required to prevent them.

Target audience
IT directors, projects managers and corporate managers.

Prerequisites
Knowledge of computer science.

Topics covered

• Introduction to information systems security
• Identifying risks and threats
• Cryptography and steganography
• Deep security: firewalls, intrusion detection systems, and decoy systems (Honeypot), virtual private networks
• Wireless networks: risks and solutions
• Virtual private networks (VPN): available technologies
• Logical security: password management and single sign-on
• Securing Web sites, servers and workstations
• Security incidents: implementing a preemptive action plan, and handling the response to an incident
• Security policies: risk analysis, security techniques, the role of security audits, and implementation strategies
• Developing security policies: the ISO 27000 norms

Note: TCP/IP and Internet security are covered in detail in Course RE108.

Objective
To gain a good understanding of security issues on TCP/IP networks in order to implement proper security measures.

Target audience
Those in charge of security or involved in architectural planning, network administration and management, system analysis and development.

Prerequisites
Knowledge of TCP/IP (Course RE102).

Topics covered

• Review of TCP/IP
• The weaknesses of TCP/IP, Telnet, FTP, TFTP, DNS and routing protocols: bypass solutions
• IP Address translation (NAT, PAT) and private addressing
• Firewalls and IPS/IDS: architecture and management
• Virtual private network functions with IPSec and SSL/TLS
• Authentication in IP networks: basic, strong authentication, and with ICP/PKI
• Security and IP telephony
• E-mail security (SMTP, POP3, IMAP4) and spam
• Privacy and e-mail signatures: S/MIME and OpenPGP
• Web security vulnerabilities: HTTP, Java, ActiveX, JavaScript, CGI
• Web security: SSL, TLS and certificates
• Principles of Web application development: session, authentication and cookies

Note: intrusion prevention and detection is covered in greater depth in Course RE110.

Objective
To provide the knowledge and skills required to identify the various types of intrusions and attacks on a TCP/IP network as well as the mechanisms which can be used to detect them, and to choose among the available detection tools.

Target audience
Those in charge of security or involved in architectural planning, network and system administration, system analysis and development.

Prerequisites
Knowledge of TCP/IP (Course RE102).

Topics covered

• Uses of intrusion detection systems
• Common security threats: examples and characteristics of some attacks
• Security problems with TCP/IP: fragmentation, ICMP, OS fingerprinting, DNS, SYN flood, etc.
• Tools for detecting Intrusion and analyzing vulnerability: commercial and free software, and examples of use (TCPdump, Wireshark, Snort 2.8.x, Nessus and Nikto)
• Architecture of an intrusion detection system: IDS vs. IPS, physical and logical location in the network, system disturbance analysis and system abuse detection, alarms, logging, link with the security gateway and false positives
• The weight calculation method, false positives
• Securing servers and workstations
• Trace analysis
• Autopsies (Forensic)
• Preparing an action plan for handling intrusions
• Administering an intrusion detection system
• Standardization projects and technology watch
• Case studies: exercises, trace analyses

Objective
To provide the knowledge and skills required to install, configure and secure an 802.11 wireless network in a corporate environment.

Target audience
Network administrators and managers, system administrators, IT technicians and IT directors.

Prerequisites
Knowledge of TCP/IP (Course RE102).

Topics covered

• Wireless technologies: Wi-Fi (802.11), Bluetooth and WiMAX
• Introduction to the 802.11 protocol: frequencies, modes (ad-hoc and infrastructure), transmission techniques (FHSS, DHSS and OFDM), the CSMA/CA mechanism, and the various protocol versions (a, b, n)
• Installing a wireless network: architecture, constraints, choice of equipment, costs
• Inherent weaknesses and vulnerabilities of wireless networks
• Security policies for wireless networks
• Defining the SSID
• Encryption and authentication: WEP, WAP, WAP2 (802.11i), TKIP, EAP (802.1X) and Radius
• Quality of service (802.11e) and roaming (802.11f)
• Example: configuring a Wi-Fi access point
• Example: configuring a Wi-Fi card in a laptop
• Case studies