NETWORK SECURITY AND PENETRATION TESTINGE MASTERCLASS TRAINING

Introduction

This network security course fully arms you to address the information security concerns within the organization for data protection.

You will gain in-depth understanding on the network hacking tools usage and how to conduct the network penetration testing in a careful, and professional manner. This course will also demonstrate various network hacking techniques as well as penetration testing methodologies to help you identify network security vulnerabilities.

About the workshop

This network security course fully arms you to address the information security concerns within the organization for data protection.

You will gain in-depth understanding on the network hacking tools usage and how to conduct the network penetration testing in a careful, and professional manner. This course will also demonstrate various network hacking techniques as well as penetration testing methodologies to help you identify network security vulnerabilities. We will take a deep focus on Open-box pen test, Closed-box pen test, Covert pen test, External pen test and Internal pen test.

The purpose of this masterclass training is to equip Professionals with proven methods used to identify security issues before hackers can locate them and perform an exploit.

We will use best practice used to conduct the best Pen tests to identify and confirm actual security threats and report on the manner in which the security issues can be located and exploited by hackers.

We are very confident that after completion of this Masterclass training, you will leave with proven methods and ready skills to apply on the live environment, advanced pen test skills that will able you locate weaknesses in your security model. We will ensure that your business can achieve a balance between maintaining the best network security possible and ensuring ongoing business functions in terms of possible security exploits.

This course is highly practical, even thought you do not need to have any hacking skills we will make sure we don’t leave a stone unturned, this masterclass will provide profound skills that will able you interpret pen results and provide the results in a manner that is acceptable to assist businesses and work environment with improved standard of security, from wireless networks, websites, wired networks to server, clients all the way to the world wide web platforms. You are guaranteed to become the best in planning to business continuity and disaster recovery.

job, office, team-5382501.jpg
Network Security and Penetration Testing Course Outline outcome
security, internet, crime

Workshop Benefits

Module 1: Overview of Network Security

  • Security Policy
  • Standards
  • Procedures
  • Baselines
  • Guidelines
  • Security Models
  • The OSI Model & the Domino Effect
  • Security Wheel
Module 2: Network Protocols & Analysis
  • Internet Protocol (IP)
  • IP Addressing
  • Transmission Control Protocol (TCP)
  • TCP header
  • TCP Communication Flags
  • Internet Control Message Protocol (ICMP)
  • ICMP MESSAGE TYPES
  • Internet Group Management Protocol (IGMP)
  • Address Resolution Protocol (ARP)
  • Dynamic Host Configuration Protocol (DHCP)
  • User Datagram Protocol (UDP)
  • UDP Datagram Format
  • UDP DATAGRAM FIELDS
  • Domain Name Service (DNS)
  • Lightweight Directory Access Protocol (LDAP)
  • Telnet
  • File Transfer Protocol (FTP)
  • Trivial File Transfer Protocol (TFTP)
  • Simple Mail Transfer Protocol (SMTP)
  • Post Office Protocol (POP)
  • Internet Message Access Protocol (IMAP)
  • Simple Network Management Protocol (SNMP)
  • Voice over IP (VoIP)
  • Session Initiation Protocol (SIP)
  • Hyper Text Transfer Protocol (HTTP)
  • General Headers
  • Request Headers
  • Response Headers
  • HTTPS
Module 3: Network Security Threats
  • Spam
  • Malware
  • Worm
  • Trojan
  • Drive-by download
  • Spyware
  • Keystroke logging
  • Adware
  • BOT
  • Social engineering
  • Phishing
  • Tab nabbing
  • Email spoofing
  • Password cracking
  • Denial-of-Service attack
  • Buffer Overflow
  • Network scanning
  • Information gathering
  • Port Scanning
  • Vulnerability Scanning
  • Man-in-the Middle (MiTM)
  • MITM Attack tools
  • MITM Proxy only tools
Module 4: Network Vulnerability Assessment
  • NMAP
  • Nessus
Module 5: Intrusion Detection System (IDS) and Intrusion Prevention System (IPS)
  • IDS Technologies
  • Detection Types
  • IDS System Components
  • Network Intrusion Detection System (NIDS)
  • NIDS Sensor Placement
  • Wireless Detection System
  • Network Behavior Anomaly Detection
  • IDS Challenges
Module 6: Firewalls
  • Packet-Filtering Firewalls
  • Circuit-Level Firewalls
  • Application-Level Firewalls
  • Demilitarized Zone
  • Honey Pot
  • Best Practices for Firewall Deployments
Module 7: Hardening Operating Systems & Patch Management
  • Removing Unnecessary Applications and Services
  • Default Installed Services in OS
  • Service Packs
  • Patch Management
  • Group Policies, Security Templates, and Configuration Baselines
  • Hardening a Hard Disk
  • OS and application hardening in Linux
Module 8: Hardening Physical Security
  • Types of Attackers
  • Factors Affecting Physical Security
  • Dumpster Diving
  • Premise Security
  • Office Security
  • Individuals Authentication
  • Workplace Security
  • Physical Security Countermeasures
Module 9: Application Security
  • Cookies
  • HTTP Proxies
  • State and Sessions
  • SQL Injection (SQLi)
  • Cross Site Scripting
  • Cross Site Request Forgery (CSRF)
  • HTTP Parameter Pollution Attack
  • Command Injection
  • File Upload Attack
Module 10: E-Mail Security
  • Email Message Format
  • Email Attack Vectors / Threats
  • Key features for an Email Security solutions
Module 11: Authentication: Encryption, Cryptography & Digital Signatures
  • Objectives of Cryptography
  • Government Access to Keys (GAK)
  • Encryption Algorithms
  • Advanced Encryption Standard (AES)
  • Data Encryption Standard (DES)
  • RC4, RC5, RC6 Algorithms
  • Rivest Shamir Adleman (RSA)
  • Message Digest (One-way Bash) Functions
  • Message Digest Function: MD5
  • Secure Hashing Algorithm (SHA)
  • Secure Shell (SSH)
  • Public Key Infrastructure (PKI)
  • Digital Signature
  • Cryptography Attacks
Module 12: Virtual Private Network
  • Basic VPN Requirements
  • Tunneling Basics
  • VPN Tunneling Protocols
  • How Tunneling Works
  • Tunneling Protocols and the Basic Tunneling Requirements
  • General Security Risks
  • Risk Mitigation
Module 13: Log Analysis
  • Security Software Logs
  • Operating System Logs
  • Application Logs
  • Challenges in Log Management
  • Architecture of Log Management Infrastructure
  • Log Management Functions
  • Storage
  • Analysis
  • Disposal
Module 14: Wireless Network Security
  • Denial of Service (DoS) attacks
  • Man-in-the-middle attacks
  • ARP poisoning
  • Wired Equivalent Privacy (WEP)
  • WPA-PSK and WPA-Enterprise
  • WPA 2
  • WEP vs WPA vs WPA2
Module 15: Incident Response
  • Events and Incidents
  • Incident Response Policy
  • Sharing Incidence Information with Outside Parties
  • Incident Response Team Structure
  • Team Models
  • Team Model Selection
  • Handling an Incident

Who Should Participate in this Virtual Instructor-Led Training?

Anyone responsible for ensuring the continuity of an organization’s critical systems or processes, including project and business managers, Internal Auditors,

  • System engineers
  • Network administrators,
  • Firewall administrators,
  • IT managers,
  • Information security professionals,
  • Penetration testers,
  • Ethical hackers and anyone who is interested in network security and penetration

Register now for a special discount!

Event Option: 1  Face to Face Hotel Exc.

5 days summit = USD 2,500.00 include, round trip airport transfer, conference documentation, tours, lunch, Certification and limited refreshments.

Event options: 1 Face to Face Hotel Inc.

5 days summit = USD 3,550.00 per delegate include 6 nights bed & breakfast, round trip airport transfer, tours, lunch, dinner, conference documentation, Certification and limited refreshments.

 Event options: 2 Per Day Virtual

This option is designed for delegates that cannot manage to attend the full 5 days as option 1, for your convenience option 2 allows you to pick days suitable to your schedule. Per 1-day virtual instructor-led training  = USD 130.00 per delegate.

Event Option: 2  Full 5 Days Virtual

5-days virtual instructor-led training discounted = USD 500.00 per delegate.