GIAC Security Essentials GSEC

This GIAC Security Essentials Certification GSEC training course includes all you need to know to gain this in-demand Network Security Certification. You will cover subjects such as Networking Concepts, Network Security Overview , TCP/IP, Routing and Host Security, Information Warfare and Web Security, Internet Security Technologies, Network Vulnerabilities, Intrusion Detection and Risk Management, Introducing Encryption and Cryptography, PKI and Steganography, Secure Communications, Wireless Security, Windows Security, Windows XP Security and IIS Security, Backing up Windows and UNIX, Managing Software, System Services and Auditing, and UNIX Security. These skills will show employers that you can support and maintain Network Security and protect organisations’ essential IT processes and data. Course Contents: Stage 1: Networking Concepts Stage 2: Network Security Overview Stage 3: TCP/IP, Routing and Host Security Stage 4: Information Warfare and Web Security Stage 5: Internet Security Technologies, Network Vulnerabilities Stage 6: Intrusion Detection and Risk Management Stage 7: Introducing Encryption and Cryptography Stage 8: PKI and Steganography Stage 9: Secure Communications Stage 10: Wireless Security Stage 11: Windows Security Stage 12: Windows XP Security and IIS Security Stage 13: Backing up Windows and UNIX Stage 14: Managing Software, System Services and Auditing Stage 15: UNIX Security Course Code: GSEC-1 Course Duration: 12 months Typical Study Hours: 40 - 50 hours Study Prerequisite: Basic PC hardware and software knowledge. Additional Information for Stage 1: Networking Concepts Discuss the broad goals and content of the SANS GIAC Security Essentials Certification (GSEC). Differentiate between local area networks (LANs) and wide area networks (WANs). Identify the basic topologies in a network. Describe network components and their application. Explain the role of bridges, switches, and routers in a network. Explain the OSI reference model. Discuss the OSI and TCP/IP reference models and how they relate to each other. Describe layer 3 protocols. Explain the fundamentals of IP addressing. Additional information for Stage 2: Network Security Overview Explain the underlying concepts and principles of security management. Describe the fundamentals of Defense in Depth. Describe some real-life information security defense failures. Define security policy and identify issue-specific security policy documents. Design a security policy document. Discuss the responsibilities of users and correct user response to security incidents. Describe how passwords are stored and explain why they are vulnerable to attack. Explain why a strong password policy is important and what can be done to protect password files on UNIX and Windows systems. Use the password cracking utility LC4 and employ it to audit passwords from a number of locations. Additional information for Stage 3: TCP/IP, Routing and Host Security Describe the functions of the transport layer of the OSI model. Explain how connection-oriented services are established. Describe the functionality of Internet Control Message Protocol (ICMP), the ping command, and the traceroute command. Describe how different port scanners operate. Perform a port scan using Nmap and SuperScan. Explain what a routing protocol is. Explain how routers create routing tables. Explain the router bootup and log in to the router CLI. Explain the requirement for access lists. Describe how access lists filter by protocols and packet details. Describe host vulnerabilities and applications to protect against them. Configure a personal firewall. Additional information for Stage 4: Information Warfare and Web Security Discuss how to respond to and manage computer-related security incidents. Describe threats to information security and network infrastructure. Explain how different types of denial-of-service attacks affect a network. Detail threats that arise specifically from hackers. Set up and monitor a Telnet session using a protocol analyser. Provide an overview of the various threats to web security. Describe how web sites and web applications can be attacked and defended. Describe how to design and maintain a secure web site. Run a Black Widow scan to probe a web site for vulnerabilities. Additional information for Stage 5: Internet Security Technologies, Network Vulnerabilities Describe the basic operation of firewalls and proxy servers. List the components of NAT and explain when NAT should be implemented. Describe Mitnick attacks and outline steps that can be taken to prevent them. Discuss footprinting and network discovery tools. Discuss the threat of social engineering. explain how system scanners work. Describe some vulnerability scanning tools and outline how they operate. Describe how Gnutella and peer-to-peer networks work and outline the security issues that arise from their use. Additional information for Stage 6: Intrusion Detection and Risk Management Discuss the principles of detecting network intruders. Describe the characteristics and features of intrusion detection systems. Describe the different types of intrusion detection mechanisms. Discuss the deployment of intrusion detection systems. Recognise the functionality and deployment issues of intrusion detection. Describe how to distract network intruders and limit the damage they can cause. Set up a decoy account and monitor both failed and successful login attempts. Discuss risk management and its requirements with reference to security issues. Describe the processes involved in implementing information risk management. Describe the importance of risk assessment and auditing to network security. Identify the risks to valuable information. Additional information for Stage 7: Introducing Encryption and Cryptography Outline the history of encryption and the reasons why encryption is important. Outline the principles of symmetric encryption. Explain what a block cipher is and identify the algorithms that use them. Discuss the fundamentals of asymmetric encryption. Explain the functionality of hashes and message functions in protecting the integrity of encrypted data. Describe the processes involved in symmetric and asymmetric encryption. Outline the different methods of managing encryption keys. Discuss some practical applications of encryption. Implement a secure encryption scheme on a computer. Exchange encrypted e-mails. Additional information for Stage 8: PKI and Steganography Explain the use of certificates for trusted secure public-key implementation. Discuss the X.509 standard for public-key certificates. Describe public-key infrastructure and Secure Electronic Transactions (SETs). Describe revocation and nonrepudiation of public-key certificates. Outline certificate practices, policies, and paths. Detail what steganography is and how it works. Hide and recover data using steganographic tools. Additional information for Stage 9: Secure Communications Explain the technologies used to implement VPNs for secure WAN communications. Detail the features of a VPN solution for secure remote connectivity. Implement a VPN solution for secure remote access. Outline the RADIUS authentication mechanism. Outline the TACACS+ authentication mechanism and compare it to the RADIUS authentication mechanism. Describe different virus types and how they operate. Outline steps to protect against viruses. configure antivirus software such as AVG. Additional information for Stage 10: Wireless Security Describe WEP and the differences between the various wireless LAN standards. Describe wireless LAN security attacks and explain how to prevent them. Identify the strengths and weaknesses of various wireless LAN security techniques. Identify appropriate security solutions for wireless LANs. Explain corporate security policies and outline the procedures involved in performing a site survey. Conduct a wireless LAN site survey. Describe the WAP protocol and discuss mechanisms for protecting the WAP gateway. Additional information for Stage 11: Windows Security Describe security issues with MS Windows. Configure account policy in Windows. Describe Security Configuration Manager. Implement the SYSKEY utility. Enable auditing, configure an audit policy, and analyse audit logs. Implement a step-by-step process to ensure security on Windows NT machines. Discuss how to manage network and security policies and to outline how to configure security policies through Group Policy. Evaluate security by using Group Policy. Analyse security configuration in Group Policy. Implement user security in Windows 2000. Manage security in Windows 2000 using Group Policy. Harden Windows 2000 during installation. Additional information for Stage 12: Windows XP Security and IIS Security Describe advanced boot options for troubleshooting startup problems in Windows XP Professional system restorations. Explain the encrypting file system. Use security templates and analyze system security in Windows XP Professional. Apply a security configuration policy to a computer using a security template. Describe improved reliability features in Windows XP over Windows 2000. Describe how to install or upgrade Internet Information Services 5.0 and how to customize its installation to suit an organisations needs. Discuss how Internet Information Services security is integrated into Windows 2000 security. Apply Internet Information Services 5.0 security methods. Additional information for Stage 13: Backing up Windows and UNIX Describe backup strategies and best practices for implementing backups. Detail the backup utilities available in UNIX. Describe backups in UNIX. Use NT 4.0 utilities to back up data. Describe backup and recover utilities in Windows 2000. Perform a backup in Windows 2000 using Win 2000 Backup. Additional information for Stage 14: Managing Software, System Services and Auditing Detail different security log types and analyse their contents. Describe how to filter, store, and manage log files. Discuss audit assessment reports and compliance. Enable and utilize a security log file. Describe some useful auditing tools and utilities that are used to simplify auditing. Apply upgrade patches and software upgrades to UNIX systems. Install software using the Debian package management tool and RPM, and discover Information about packages using RPM. Describe boot services in UNIX. Describe the boot process in UNIX. Describe how to limit services launched by inetd and xinetd. Decide which services to disable or remove in a UNIX system. Additional information for Stage 15: UNIX Security Understand UNIX user and group accounts. Describe the UNIX password system. Restrict boot-level and root access to UNIX systems. Describe how UNIX file attributes relate to file ownership and access rights. Manage UNIX file attributes. Protect the security of entire UNIX file systems. Set security parameters in UNIX kernels and prevent cron and unwanted shutdown security issues. Change file permissions and implement permission-based system security in UNIX. Benchmark operating systems (OS), including UNIX OS, and evaluate the security of their configurations.