ASPE-IT offers a full line of hands-on SharePoint training for complete implementation, management and usability for all key functions in your enterprise.

 

ASPE-IT offers real-world, independent training on Windows technologies giving you unbiased hands-on knowledge of the products.

 

Implemented correctly, virtualization technologies have the potential to create vast improvements in the utilization of IT resources.

 

ASPE-IT offers networking courses that focus on skills and knowledge of application development. The course you take will dissect the technology, and teaching you the protocols.

 

ASPE-IT provides premier hands-on Linux skills and certification training through its partnership with Red Hat.

 

Organizing & managing a company's vital information is one of the most extreme challenges in the IT sector today. We'll give you the knowledge and skills to find actionable data.

 

Protecting a company's vital information is one of the most important responsibility of today's IT Department. Get skills to fight todays most common attacks.

 

ITIL's best practices in IT Service Management enhance the cost-effectiveness of IT organizations, improve reliability and alignment with the needs of each business.

 
 

Fees starting at


Regular Individual Fee: $2395

Group (3+): $2195

GSA Individual: $1676.50


Terms & Conditions


Latest Blog Posts from ASPE-IT

FREE Web Seminars from our Archives

Connect with ASPE-IT

  • ASPE RSS Feeds
  • ASPE Blog
  • ASPE on Twitter
  • ASPE on LinkedIn



   Onsite

COURSE 62100 | 4-DAY SESSION
 Cyber Security Boot Camp
Course Outline


Course Outline

I. Introduction to the Current Landscape


  • By the Numbers – an enumeration of the prevalence of common threats
  • Size and Scope of recently documented Botnets
  • Annual cost malware represents to the average business
  • Chain of events – real world examples of actions, start to finish, that attackers have used to compromise a network
  • Hacking goals- data mining, the selling of private financial information in bulk
  • The top ten cyber security threats today

II. The Hacking Cycle –Enumeration


  • Public Information Sources that reveal too much
    1. Websites
    2. Social Networking Sites
    3. Job Boards
    4. SEC financial Reports
    5. Credit Reports
    6. DNS Registrations – Making your registrations generic and keeping them private
    7. Google and other search engines
    8. Cached Web Sites
    Lab – Using a browser, search and compile basic information about yourself garnered from public sources
    Lab – Use Whois and other utilities to view a public and private DNS Registrations
  • Passive Network Reconnaissance
    1. IP address blocks
    2. ISP/Service Provider Information – is your service provider secure?
    3. Software Vendors and Suppliers – limiting the amount and type of information available to those you do business with
    4. Visual Cues – what can be discerned about your network just from looking at your employees?
    Lab – Group discussion; identifying social engineering attempts and user training to prevent Reconnaissance from being successful
  • Network Scanning
    1. Ping Scanners and what they reveal
    2. How to detect a ping scan in progress
    3. TCP Port Scanning types
      • TCP Full and Partial Handshakes
      • Stealth Scans – The use of malformed packets and illegal flag Combinations
      • What ports to close and why
    4. UDP Scans and what they reveal
      • What ports to close and why
    5. ICMP Message quoting
      • Windows indicators
      • Linux and Unix indicators
      • Mac/Apple indicators
    Lab – Deploy and observe a network scanner, capture the scan in Wireshark and analyze scanning behavior
  • OS fingerprinting
    1. 4 most common clues used by attackers to identify your OS
      • Ports and services used by Windows
      • TTL values Defaults
      • ICMP Messages
      • Traceroute in a local network to identify Unix/Linux
    Lab – Use Netstat and other utilities to determine running services on a host. Discuss ways to disable unneeded services

III. TCP/IP Common Protocols and Their Exploitation


  • IP
    1. IPv4 Header field Review
    2. IPv4 Header field Manipulation
      • Header Length
      • TTL
      • Fragmentation Flags and Offset field
    3. IPv6 Header Review
    Lab – Capture and examine legal and malformed IP Packets, learn to distinguish the difference.
  • TCP
    1. TCP Open – session establishment
    2. TCP flags – proper use and manipulation
    3. Connection-Oriented Data transfer and retransmission
    4. TCP Close and Reset
  • UDP
    1. Connectionless Datagram delivery
    Lab – Capture and examine the three phase of a TCP session. Examine UDP datagram exchange.
  • DNS
    1. DNS Queries and Responses
    2. Client DNS Resolver function – hosts file and DNS Cache
    3. Local DNS Servers
    4. Caching Servers
    5. Forwarding Servers
    6. DNS Zone files and Zone Transfers
    7. DNSSec
    Lab – Capture and analyze a DNS query and Response. Examine the local host's hosts file and DNS cache.
    Lab – Observe a DNS Zone file, Record types, Zone Transfer and DNSSec.
  • DHCP
    1. DHCP Discover, Offer, Request and Acknowledgement
    2. DHCP Options
      • common options
      • VOIP options
    3. Rogue DHCP Servers – use and detection
    Lab – Configure a DHCP scope. Record and analyze the DHCP process.
  • ICMP
    1. Echo Request and Reply – ping, traceroute and pathping
    2. Redirection
    3. Destination Unreachable
    Lab – Capture and analyze ICMP messages.

IV. Common Malware, Prevention and Mitigation


  • Virus Types
    1. Armored
    2. Stealth
    3. Polymorphic
    4. Retro
    5. Macro
    6. Multipartite
  • Worms
  • Trojans
  • Rootkits
  • Illicit Servers
  • Spyware
    1. Keyloggers
    2. Screen capture
    3. Cookie Grabbing
    4. The Evercookie
    5. Temporary data storage locations
  • Antivirus Software
    1. Disk Scanning and Definitions
    2. Memory-Resident Scanners
    3. Heuristics and execution prevention
    4. Boot-time Scanning
    Lab – Install and configure anti-virus software
    Lab – Scan an infected system using definition based, memory-resident based and boot-time scan based anti-virus.
    Lab – Capture and observe an attempt to disable anti-virus.
  • Host Based Intrusion Detection
    1. Inoculation
    2. Behavior Based and Heuristic Detection
  • Spyware Detection
    1. Anti-Spyware
    2. Private browsing
    3. Private Data Deletion

V. Defense in Depth


  • Edge/Ingress Router – the first line of defense
    1. Layer 3 filters
      • Source and Target IP Address
      • Fragmentation Flags & Offset
      • Protocol ID Field
      • TOS/DSCP
      • IP Options
    2. Layer 4 filters
      • TCP Flags
      • TCP Options
      • Source and Target Ports
    3. Access Control Lists
      • Syntax
      • 5 Rules that all ACL's should contain
    4. What the packet filtering router can miss
    Lab – Write ACL's to meet a security policy's requirements for packet filtering. Capture and inspect crafted packets that evade the ACL.
  • The Stateful Firewall
    1. Reflexive ACL's
    2. Content inspection and the canonical form
    3. Syn-Flood Mitigation
    4. Maintenance – Definitions, Application support and Firmware
    Lab – Configure and deploy a personal firewall.
    Lab – Read log reports of a Stateful firewall.
  • Application Layer Proxy
    1. Content filtering
    2. Pattern matching
    3. Anti-virus
    4. Caching
    5. NAT
    Lab – Configure and test pattern matching in an application layer proxy.
    Lab – Read and interpret log reports of a proxy server.
  • Intrusion Detection/Prevention Devices
    1. Packet capture and analysis
      • Definitions, Behavior, Anomaly and Heuristics
    2. Active vs. Passive responses
    3. Location and protection
    Lab – Configure and deploy an IDS. Read and interpret IDS alerts.
  • Honey Pots

VI. Access Control


  • Physical controls
    1. Perimeter defense
    2. Barriers – types, use and location
    3. Surveillance
    Lab – Group discussion of common physical access controls and measures attackers use to defeat them.
  • Access Control models
    1. Mandatory
    2. Rule-Based
    3. Role-Based
    4. Discretionary
  • Authentication Factors
    1. Something you Know
      • Passwords – strength
      • Password policy
      • Password Cracking methods
        • Brute Force
        • Dictionary
        • Rainbow Tables
      Lab – Use a password cracking tool to reveal weak passwords. Calculate Password strength
    2. Something you Have
      • Smart Cards
      • Tokens
    3. Something you Are – Biometrics
      • Common Biometric Authentication types
      • Methods used to defeat Biometrics
      • Error Rates
  • Authentication Protocols
    1. PAP, CHAP and EAP
      • Process and common uses
      • Vulnerabilities
      • Securing EAP
      Lab – Capture and analyze a CHAP and an EAP exchange.
    2. Kerberos
      • Elements of Kerberos
      • Steps in authentication and service access
    3. RADIUS and TACACS+
      • Compare and contrast the protocols
      • Common uses in a remote access network
      • Vulnerabilities

VII. Encryption, Certificates and The Public Key Infrastructure


  • Confidentiality, Integrity, Authentication and Non-repudiation
  • Symmetric and Asymmetric Ciphers
    1. US Export Restricted - DES, DES3 and AES
    2. International, Open or not Patented – CAST, Twofish, IDEA
    3. Key Exchange – Diffee-Hellman and RSA
    4. Mobile Computing – ECC
    5. PGP – El Gamal
    Lab – Capture and inspect encrypted messages.
  • Hashing Algorithms
    1. MD-5, SHA-1 and SHA-2
    2. Hashing in Password Storage
    3. Hashing in Digital Signatures
    Lab – Hash a file using MD-5 and SHA-1. Compare hash outputs.
  • X.509v3 Certificates
    1. Certificate Types and Format
    2. Use, storage and retrieval
  • The PKI
    1. Certificate Authorities
    2. Certificate Validation
  • PGP
    1. Software
    2. Key Generation and Distribution
    Lab – Examine an X.509 v3 Certificate. View built-in Root CA certificates in FireFox and Internet Explorer.
    Lab – Create a PGP certificate. Sign, encrypt, receive and validate a secure email using PGP.

VIII. VPN's and IP Security Protocols


  • L2TP and PPTP
    1. Layer 2 Encapsulation
    2. Message Format
    3. Compatibility Issues
  • IPSec
    1. Three most common access models
    2. Transport Mode vs. Tunnel Mode
    3. Encapsulated Security Payload
    4. Authentication Header
    5. Security Associations, IKE and ISAKMP
  • SSL/TLS
    1. Versions of SSL and TLS
    2. Secure Handshake
    3. The Digital Envelope and Session Key Exchange
    4. The Role of the CA in Secure Session Establishment
    5. Vulnerabilities of SSL in the public Internet
    Lab – Capture and analyze an SSL session establishment.
  • SSH
    1. Message Encryption
    2. Forward and Reverse Tunnels
    Lab – Create SSH tunnels for secure message exchange.