ORSYS formation
CONTACT - +352 26 49 79 1204
CONTACT - 📞 +352 26 49 79 1204    drapeau francais   drapeau anglais

Consult our trainings :

Sécurité systèmes et réseaux, niveau 1 Training

Stage pratique
Best
Duration : 4 days
Ref : FRW
Price  2020 : 2330 € excl. taxes
Free breaks and lunches
  • Program
  • Cycles certifiants
  • Participants / Prerequisite
  • Intra/Tailored
Program

Instructional goals

Learning objectives

  • Learn the role of the various security devices
  • Design and construct a suitable security architecture
  • Implement the major network security tools
  • Use vulnerability detection tools: Scanners, IDS sensors
  • Secure a Windows and Linux system
  • Participants
  • Implementing an HTTP proxy solution in Windows or Linux, an antivirus solution for network flows. Designing and implementing a multi-firewall, multi-DMZ architecture. Implementing fundamental techniques to make the operating system secure.
  • TRAINING PROGRAM
PROGRAM

» Risks and threats

  • Introduction to security.
  • Overview of IT security.
  • IT security vocabulary.
  • "Low-level" attacks.
  • Strengths and weaknesses of the TCP/IP protocol.
  • Illustration of ARP, IP Spoofing, TCP-SYNflood, SMURF, and other attacks.
  • Denial of service and distributed denial of service.
  • Application attacks.
  • Intelligence gathering.
  • HTTP: A particularly vulnerable protocol (SQL injection, Cross Site Scripting, etc.).
  • DNS: Dan Kaminsky attack.
  • Hands-on work ¤Installation and use of the Wireshark network analyzer. Implementing an application solution.

» Security architectures

  • What architectures for what needs?
  • Secure addressing plan: RFC 1918.
  • Address translation (FTP as an example).
  • The role of demilitarized zones (DMZ).
  • Example architectures.
  • Making the architecture secure through virtualization.
  • Firewalls: Cornerstone of security.
  • Actions and limits of traditional network firewalls.
  • Technological change in firewalls (Appliance, VPN, IPS, UTM, etc.).
  • Firewalls and virtual environments.
  • Proxy server and application relay.
  • Proxy or firewall: Conflicting or complementary?
  • Reverse proxy, content filtering, cache, and authentication.
  • SMTP relay, an obligation?
  • Hands-on work ¤Implementation of a Caching proxy/Authentication.

» Data security

  • Cryptography.
  • Symmetrical and asymmetrical encryption. Hash functions.
  • Cryptographic services.
  • User authentication.
  • Importance of reciprocal authentication.
  • X509 certificates. Electronic signature. Radius. LDAP.
  • Worms, viruses, Trojans, malware, and keyloggers.
  • Current trends. Antiviruses available, complementary nature of elements. EICAR, a “virus” to recognize.
  • Hands-on work ¤Deploying an SMTP relay and an HTTP/FTP antivirus proxy. Implementing a server certificate.

» Transfer security

  • Wi-Fi security.
  • Risks inherent in wireless networks.
  • The limits of WEP. WPA and WPA2 protocol.
  • Types of attacks.
  • Man in the Middle attack with Rogue AP.
  • The IPSec protocol.
  • Overview of the protocol.
  • Tunnel and transport modes. ESP and AH.
  • Analyzing the protocol and associated technologies (SA, IKE, ISAKMP, ESP, AH, etc.).
  • The SSL/TLS protocols.
  • Overview of the protocol. Details of the negotiation
  • Analysis of main vulnerabilities.
  • Sslstrip and sslsnif attacks.
  • The SSH protocol. Overview and features
  • Differences with SSL.
  • Hands-on work ¤Carrying out a Man in the Middle attack on an SSL session. Implementing IPSec transport mode/PSK.

» Making a system secure, “Hardening”

  • Presentation.
  • Insufficiency of default installations.
  • Evaluation criteria (TCSEC, ITSEC, and common criteria).
  • Making Windows secure.
  • Account and authorization management.
  • Control of services.
  • Network configuration and auditing.
  • Making Linux secure.
  • Kernel configuration.
  • File system.
  • Network and service management.
  • Hands-on work ¤Example of making a Windows and Linux system secure.

» Auditing and security on an everyday basis

  • Tools and techniques available
  • Intrusion tests: Tools and means.
  • Detecting vulnerabilities (scanners, IDS probes, etc.).
  • Real-time IDS-IPS detection tools, agent, probe, or cut-off.
  • Reacting effectively in all circumstances.
  • Supervision and administration.
  • Organizational impacts.
  • Technological monitoring.

» Case study

  • Prior study
  • Analysis of needs.
  • Creating an architecture.
  • Defining the action plan.
  • Deployment
  • Approach to installing elements.
  • Implementing the filtering policy.
  • Hands-on work ¤Creating flow management.
Participants / Prerequisite

» Participants

Prerequisites

» Prerequisite

Hands-on work
Intra/Tailored

Contact Informations

By checking this box, I certify that I have read and accepted the conditions for the use of my data regarding the General Data Protection Regulation (GDPR).
You can at any time modify the use of your data and exercise your rights by sending an email to rgpd@orsys.fr
By checking this box, I agree to receive commercial and promotional communications from ORSYS Training*. You can unsubscribe at any time by using the link included in our communications.

Book your place

Click on a session for reserving.

Time schedule

Generally, courses take place from 9:00 to 12:30 and from 14:00 to 17:30.
However, on the first day attendees are welcomed from 8:45, and there is a presentation of the session between 9:15 and 9:30.
The course itself begins at 9:30. For the 4- or 5-day hands-on courses, the sessions finish at 15:30 on the last day
linkedin orsys
twitter orsys
it! orsys
instagram orsys
pinterest orsys
facebook orsys
youtube orsys
LA LETTRE DE
LA TRANSFORMATION DIGITALE
Recevez la newsletter