-
-
Cart
There are no items in your cart. Continue shopping on our Course Directory page.
SUBTOTALPay now -or- pay later
Pay by credit card at checkout
-or- pay later by invoice, as always.
-
Cyber Security: Accessibility and Quality
COURSE TYPE
Intermediate
Course Number
3674
Duration
4 Days
PDF Add to WishList
Help your organization produce a comprehensive security posture by developing generally accepted practices. In this training course, you learn how perform security breaches with techniques from the FISMA Risk Management Framework, utilize protocol analyzers to track live attacks, analyze the effectiveness of security controls, and recommend improvements to block attacks.
You Will Learn How To
- Protect assets by selecting and managing effective security controls
- Evaluate the thoroughness and quality of security controls
- Do more than just "security theater"
- Provide and monitor a comprehensive, strong defence
- Integrate accessibility into services and environments
Important Course Information
Recommended Experience
- Previous experience in networking and TCP/IP protocol stack
- Technical background in networking and security terms
Course Outline
- Introduction
- Applying defense in depth: tools, techniques and people
- Comprehending FISMA and OMB oversight
- Assimilating Risk Management Framework Security Life Cycle
- Risk Management Framework
Multi-tiered risk management
- Organization: Strategic risk management
- Mission/Business: Tactical approach to risk
- Information Systems
Defining roles and responsibilities
- Distinguishing hierarchy and key roles of risk management
- Defining responsibilities assigned to specific roles
- Separating roles and areas of responsibility
Phases of risk management
- Categorizing information systems
- Selecting security controls
- Implementing security controls
- Assessing security controls
- Authorizing information systems
- Monitoring security controls
- Information Assurance
Introducing information assurance
- Assuring security throughout the data life cycle
- Integrating information assurance into software development
- Building in "secure by design"
- Implementing information assurance best practices
- Ensuring component security
Penetration testing and vulnerability assessments
- Validating security functions and configuration
- Finding weaknesses within systems before the attacker does
Keeping current with information assurance
- Full disclosure vs. responsible disclosure
- Exploring vulnerability databases
- Information Systems and Network Security
Modularization (the OSI 7 Layer Model)
- Networking principles powering the Internet
- Modeling a packet
Confidentiality, integrity and availability across the network
- Encrypting for confidentiality
- Sniffing the network and protocol analysis
- Modifying data via man-in-the-middle attacks
Networking services and security
- Poisoning the DNS cache
- Incorporating core services including DHCP, ICMP, and ARP
- Hardening the TCP/IP stack
- Authentication and Access Control
Authenticating users
- Managing factors of authentication (something you know, have or are)
- Attacking passwords
- Comprehending PKI and public key authentication systems
- Evaluating the suitability of biometrics
- Integrating multi-factor authentication
Authenticating hosts
- Incorporating ARP, DHCP, DNS and protocol insecurities
- Performing and detecting MAC and IP address spoofing
- Achieving strong host authentication
- Analyzing Kerberos and IPSec
- Cryptography
Encrypting and exercising integrity functions
- Capitalizing on asymmetric or Public Key cryptography
- Applying symmetric cryptography
- Exercising message digest functions for integrity
Certificates and Certification Authorities
- Clarifying PKI and certificate fields
- Publishing certificate revocation and certificate security
Digital signatures
- Digitally signing for strong authentication
- Proving authentication, integrity and non-repudiation
- Accessibility
- Promoting open data policies
- Removing barriers to enhance accessibility for people
- Enabling IT accessibility
Exclusive Private Team Training Course
Enhance your team's effectiveness and boost productivity with this course, delivered privately to your organization or to any preferred location, including options for hybrid or all-virtual delivery via AnyWare.
This training course could be customized, and combined with other courses, to meet the specific needs of your team's training.
Attendee Benefits
Enhance Your Credentials with Professional Certification
Learning Tree's comprehensive training and exam preparation guarantees that you will gain the knowledge and confidence to achieve professional certification and advance your career.
This course is approved by CompTIA for continuing education units (CEUs). For additional information and to confirm which courses are eligible towards your CompTIA certification, click here.