Defending the Perimeter from Cyber Attacks
PDF Add to WishList
Ensure the confidentiality, integrity, and availability of your organization’s information by protecting your communications and data. In this training course, you learn how to define and implement security principles, install and customize secure firewalls, build Virtual Private Network (VPN) tunnels, and safeguard your organization’s network perimeter against malicious attacks.
You Will Learn How To
- Fortify your network perimeter to provide an integrated defence
- Prevent or mitigate the effects of network attacks with a firewall
- Detect and respond to network attacks with Intrusion Detection and Prevention (IDP)
- Design, instal, and configure secure Virtual Private Networks (VPNs)
- Mitigate the impact of Denial-of-Service (DoS) attacks
Important Course Information
Recommended Experience:
- Basic security knowledge at the level of:
- Course 468, System and Network Security Introduction
- Working knowledge of TCP/IP and client server architecture
Course Outline
- Setting Your Security Objectives
Defining security principles
- Ensuring data Confidentiality, Integrity and Availability (CIA)
- Assessing defensive techniques
- Setting a generic security stance
Developing a security policy
- Balancing risk with business requirements
- Identifying your information assurance objectives
- Choosing security technologies
- Deploying a Secure Firewall
Installing a firewall
- Determining the appropriate firewall type
- Selecting and hardening the operating system
- Virtualizing the firewall appliance
Configuring a firewall to support outgoing services
- Supporting simple services: HTTP, SMTP
- Filtering dangerous content and handling encrypted traffic
- Managing complex services: VoIP, audio and video
Providing external services securely
- Implementing publicly accessible servers
- Building a DMZ architecture
- Supporting SMTP mail
Allowing access to internal services
- Customizing DNS for firewall architectures
- Configuring Network Address Translation (NAT)
- Developing access lists for client server applications
- Detecting and Preventing Intrusion
Deploying an IDS
- Placing Network IDS (NIDS) within your network architecture
- Operating sensors in stealth mode
Detecting intrusions in the enterprise
- Designing a multi-layer IDS hierarchy
- Managing distributed IDS
Interpreting alerts
- Verifying IDS operation
- Minimizing false positives and negatives
- Validating IDS events and recognizing attacks
Stopping intruders
- Exploiting IDS active responses
- Snipping a TCP session
- Controlling access with a firewall update
- Configuring Remote User Virtual Private Networks (VPNs)
Building VPN tunnels
- Compulsory vs. voluntary tunnels
- Supporting remote users with layer 2 tunnels
- Connecting remote sites with layer 3 tunnels
Deploying client software
- Assessing remote access VPN alternatives
- Implementing remote user authentication
- Leveraging Layer 2 Tunneling Protocol (L2TP)
- Protecting L2TP tunnels with IPsec Transport Mode
- Creating Site-to-Site VPNs
Applying cryptographic protection
- Ensuring confidentiality with symmetric encryption
- Exchanging symmetric keys with asymmetric encryption
- Checking message integrity with hashing
- Managing digital certificates with PKI
Comparing tunneling and protection methods
- Employing VPN concentrators and VPN-capable routers
- Applying IPsec Tunnel Mode
- Assessing tunneling protocols
- Evaluating VPN topologies
- Integrating Perimeter Defenses
Reducing the impact of denial-of-service (DoS) attacks
- Mitigating bombardment attacks
- Rejecting connection-based attacks with IPSs
- Blackholing and sinkholing
- Implementing a DoS Defense System (DDS)
- Blacklisting attack sites and address ranges
Perimeter architectures
- Integrating IDS and VPNs with your firewall architecture
- Positioning externally accessible servers
- Monitoring and controlling wireless networks
Convenient Ways to Attend This Instructor-Led Course
Hassle-Free Enrolment: No advance payment required to reserve your seat.
Tuition due 30 days after you attend your course.
In the Classroom
Live, Online
Private Team Training
In the Classroom — OR — Live, Online
Tuition — Standard: $3285 Government: $2890
Aug 7 - 10
(4 Days)
9:00 AM - 4:30 PM EDT
Herndon, VA / Online (AnyWare)
Reserve Your Seat
Oct 9 - 12
(4 Days)
9:00 AM - 4:30 PM EDT
Ottawa / Online (AnyWare)
Reserve Your Seat
Dec 4 - 7
(4 Days)
9:00 AM - 4:30 PM EST
Alexandria, VA / Online (AnyWare)
Reserve Your Seat
Feb 5 - 8
(4 Days)
9:00 AM - 4:30 PM EST
Herndon, VA / Online (AnyWare)
Reserve Your Seat
Apr 9 - 12
(4 Days)
9:00 AM - 4:30 PM EDT
Ottawa / Online (AnyWare)
Reserve Your Seat
Guaranteed to Run
When you see the "Guaranteed to Run" icon next to a course event, you can rest assured that your course event — date, time, location — will run. Guaranteed.Private Team Training
Enroling at least 3 people in this course? Consider bringing this (or any course that can be custom designed) to your preferred location as a private team training.
For details, call 1-888-843-8733 or Click here »
Tuition
Standard
Government
In Classroom or
Online
Standard
$3285
Government
$2890
Private Team Training
Course Tuition Includes:
Training Hours
Standard Course Hours: 9:00 am – 4:30 pm
*Informal discussion with instructor about your projects or areas of special interest: 4:30 pm – 5:30 pm
Enhance Your Credentials with Professional Certification
Learning Tree's comprehensive training and exam preparation guarantees that you will gain the knowledge and confidence to achieve professional certification and advance your career.
This course is approved by CompTIA for continuing education units (CEUs). For additional information and to confirm which courses are eligible towards your CompTIA certification, click here.