Tech300: Understanding and Securing the Network

Description: This one or two day workshop starts with a quick review of key terms and technologies to ensure an understanding of what is involved in a network.  Attendees then explore TCP/IP basics such as ports, CIDR addressing, TCP Headers and the IP Datagram to ensure knowledge of key network aspects. An introduction to IPv6 with its improved addressing and security completes the overview.

The seminar then focuses on examining the components of a strong password and the use of biometrics and challenge response tokens to learn how they can work to provide enhanced security. From firewalls and VPNs to Metaframe, participants learn the key aspects of each technology, how they are used and more importantly, how they are properly audited. Included is a review of wireless technologies and their authentication, risks and need for controls. Finally, participants learn techniques in network vulnerability testing, to discover weaknesses and test controls.

Audience: This seminar is intended for internal and external audit professionals, security analysts and administrators and security consultants who wish to learn more about securing and auditing the network.

Prerequisites: There is no prerequisite for this seminar.

Objectives: After completing this seminar, participants will be able to:

·         Recognize the key elements of a network

·         Describe how each part of the network works to enhance or reduce security

·         Know what good password techniques are and how to enhance them with biometrics or challenge response

·         Understand how the implementation of IPV6 might help secure your network

·         Conduct an assessment and technical review of their organization's network

Course Outline:

Review of TCP/IP fundamentals

IPV6, Status, Controls and Issues

Authentication – passwords, biometrics and tokens

Firewalls

Router authentication & controls

Using Virtual Private Networks

Implementing IPSEC

Understanding & Using SSH

Making use of PPTP or other VPNs

Implementing Two-Factor Authentication (Securid, others)

Using Metaframe

Understanding Wireless authentication

Vulnerability assessment and testing techniques

Mr. Lewis’ seminar will draw upon his almost 30 years of experience in the areas of IT operations and information security in both industry and consulting and with his expertise in leading seminars around the world for over 20 years.