Fundamentals of Network Security

Target Audience
This course provides students with the knowledge and skills to begin supporting network security within an organization. It has been approved as CompTIA Authorized Quality Curriculum (CAQC) for the CompTIA Security+ certification.

Pre-Requisites
Before attending this course, students must have the following pre-requisites:A minimum of 1 year of experience managing Windows 2000 Server or have equivalent knowledge and skills.

Purpose
At the end of the course, students will be able to explain common attacks against network assets; explain how to use cryptography choose an appropriate encryption method; implement security-enhanced computing baselines; help protect information by using authentication and access control; deploy and manage certificates; help protect transmission of data by identifying threats to network devices and implementing security for common data transmission, remote access, and wireless network traffic; help protect Web servers against common attacks and configure security for Web browsers; help protect e-mail messages and instant messaging from common security threats; identify common security threats and vulnerabilities to directory services and DNS, and then protect them; identify network perimeter threats; identify types of security policies and ensure compliance by users; preserve business continuity by implementing a security-enhanced disaster recovery strategy and performing secure backup and recovery; identify, respond to, and assist in the formal investigation of security incidents.

Course outline

1. Preparing to Secure Information
2. Implementing Security-Enhanced Computing Baselines
3. Helping to Protect Information Using Authentication and Access Control
4. Using Cryptography to Help Protect Information
5. Using a PKI to Help Protect Information
6. Securing Internet Applications and Components
7. Implementing Security for E-Mail and Instant Messaging
8. Managing Security for Directory Services and DNS
9. Securing Data Transmission
10. Implementing and Monitoring Security for Network Perimeters
11. Managing Operational Security
12. Preserving Business Continuity
13. Responding to Security Incidents

Module 1:Preparing to Secure Information

• Explaining How Assets Are Attacked
• Explaining How Assets Are Secured
• Lab: Preparing to Secure Information

Module 2:Implementing Security-Enhanced Computing Baselines

• Introduction to Trusted Computing Bases
• Establishing a Security Baseline
• Monitoring a Security Baseline
• Helping to Secure Computers Physically
• Maintaining a Security Baseline
• Lab: Maintaining Baseline Security

Module 3:Helping to Protect Information Using Authentication and Access Control

• Introduction to Access Control
• Implementing an Authentication Strategy
• Implementing an Access Control Strategy
• Lab: Securing Accounts (MBSA)

Module 4:Using Cryptography to Help Protect Information

• Introduction to Cryptography
• Using Symmetric Encryption
• sing Hash Functions
• Using Public Key Encryption
• Lab: Using Cryptography to Help Protect Information

Module 5:Using a PKI to Help Protect Information

• Introduction to Certificates
• Introduction to Public Key Infrastructure
• Deploying and Managing Certificates
• Lab: Using Certificates

Module 6:Securing Internet Applications and Components

• Helping to Protect Web Servers
• Configuring Security for Common Internet Protocols
• Configuring Security for Web Browsers
• Configuring Security for Databases
• Lab: Securing Web Servers
• Lab: Protecting Clients from Active Content

Module 7:Implementing Security for E-Mail and Instant Messaging

• Securing E-Mail Servers
• Securing E-Mail Clients
• Securing Instant Messaging
• Lab: Securing Mail Servers

Module 8:Managing Security for Directory Services and DNS

• Helping protect Directory Services Against Common Threats
• Helping Protect DNS Against Common Threats
• Lab: Managing Security for Directory Services and DNS

Module 9:Securing Data Transmission

• Identifying Threats to Network Devices
• Implementing Security for Common Data Transmission
• Implementing Security for Remote Access
• Implementing Security for Wireless Network Traffic
• Lab: Securing Data Transmission
• Lab: Using IPSec to Secure Data Transmission

Module 10:Implementing and Monitoring Security for Network Perimeters

• Introduction to Network Perimeters
• Implementing Security on Inbound and Outbound Network Traffic
• Monitoring Network Traffic
• Introduction to Network Perimeters
• Implementing Security on Inbound and Outbound Network Traffic
• Monitoring Network Traffic
• Lab: Implementing and Monitoring Security for Network Perimeters

Module 11:Managing Operational Security

• Establishing Security Policies and Procedures
• Educating Users about Security Policies
• Applying Security Policies to Operational Management
• Resolving Ethical Dilemmas When Helping to Protect Assets
• Lab: Managing Operational Security

Module 12:Preserving Business Continuity

• Preparing to Recover from Disasters
• Communicating the Impact of Risks
• Performing a Security-Enhanced Backup and Recovery
• Lab: Preserving Business Continuity

Module 13:Responding to Security Incidents

• Identifying Security Incidents
• Responding to Security Incidents
• Investigating Security Incidents
• Lab: Responding to Security Incidents