Recent high profile information security breaches have highlighted an ever increasing need for defending servers from such breaches. This course is a full 2-3 days of interactive training with integrated exercises and hands-on. From the course, delegates will be able to take back to their respective organizations, the skills learned and implement security for servers and prevent unauthorized access to sensitive information.
The objective of this course is to educate the delegates on various security aspects those are required to be controlled in order to protect the servers and the information on the servers. Covering both Windows and UNIX systems, this class shows you how hackers target and exploit computer security weaknesses. Net-Square consultants bring the real world experience to the classroom to empower you with skills to defend your servers and to implement effective countermeasures.
Beginning with elements of a security system, the participants will be introduced to Linux and Windows server security, network security, database security, auditing tools and methodologies. This will be followed by contingency practices.
- Security Fundamentals
- Windows Operating System Security
- Linux/Unix Operating System Security
- Protocols layers, Ports and Services
- Database Security
- Server based guards
- Logging and Auditing Tools
- Contingency Practices
Target Audience
- Network Administrators
- Database Administrators
- Information Security Personnel
- Auditors
- Security consultants
Prerequisites
- Basic familiarity with operating systems
- Primary understanding of networks
Course Outline
Schedule : Day 1
|
| Module 1 |
Security Fundamentals and Principles
Security industry landscape and trends
Security posture and evolution
Corporate security objectives
Threat framework and modeling
Attack vectors and their impact
Popular attack points and severities
Q &
A |
| Module 2 |
Windows Operating System Security
Windows architecture
Key vulnerabilities of Windows
Built-in security features of Windows
File, Folder, Share permissions
Access Control Lists
dening Techniques
Configuring password settings for improved security
Local security policies
Modifying the Windows registry to increase system security |
| Module 3 |
Linux Operating System Security
Key vulnerabilities of the Linux
File and FileSystem security
Permissions, Access Control
Configuring the loopback interface
Detecting Security Breaches
Script Kiddies, Trojans |
| |
Schedule : Day 2
|
| Module 4 |
Protocol layers, Ports and Services
TCP/IP protocol stack
Protocols used at the Network, Transport and Application layers
Major security vulnerabilities of network protocols
Open ports and services - An introduction to Tools
List services to assess security risks
A closer look at Internet Information Services
WWW, FTP and SMTP services
Security testing methodologies
Potential OS and TCP/IP stack attacks, Counter-measures
TCP/IP filtering in Windows
Basic steps to protect network services |
| Module 5 |
Database Server Security
Basic security structure
Database vulnerabilities
Server security
Database Connections
Access Control: Authorization and Authentication
Database Security in your Applications
Auditing features |
| |
Schedule : Day 3
|
| Module 6 |
Server-based Guards
Scanning at Email server
Web Application guards
Other Defense mechanism |
| Module 7 |
Logging and Audit Tools
Audit network activity in Windows
Analyzing logs to identify suspicious
Usage of auditing software such
Identifying common targets of attack
Penetration Testing - strategies and |
| Module 8 |
Contingency Practices
Implementing Lockdown mechanisms
Deter hackers using proactive detection techniques
Creating and implementing a response policy |
For further information please contact us at
