MCSEClasses Certification Training Boot Camp MCSE MCSD MCDBA Cisco CIW Linux Oracle Java Security Military Discounts Testimonials About Us Linux/Unix Certification MCSD Certification Home MCSE Certification MCDBA Certification Cisco Certification Security Certification Java Certification Oracle® Certification CIW Certification Jobs Boot Camp Financing Boot Camp Pricing Boot Camp Technical Schedule Contact Us


Cyber Security Professional (A+, Network+, Security+, MCSA, MCSE, CISSP, CEH, ECSA)

Course Length: 44 days
Certifications: A+
Network+
Security+
MCSA: Windows 2016 Server
MCSE: Core Infrastructure
CISSP
EC-Council Ethical Hacker (CEH)
EC-Council Security Analyst (ECSA)
Number of Exams: 11
Class Schedule
02/11/19 - 20/12/19

Info/Enroll

02/12/19 - 07/02/20

Info/Enroll

04/01/20 - 20/03/20

Info/Enroll

15/02/20 - 20/03/20

Info/Enroll


  • Includes roundtrip airfare from the UK and lodging!
  • Hands-on instruction by a certified instructor
  • Includes all course materials and practice exams
  • Includes all certification exams
  • Onsite Testing
  • Breakfast and Lunch provided each day

If airfare and lodging are not required, the price is £575 less for 2-week courses, and £285 less for one week courses.


The CompTIA® A+® Core 1 and Core 2 (Exams 220-1001 and 220-1002) course provides the background knowledge and skills you will require to be a successful A+ technician. It will help you prepare to take the CompTIA A+ Core Series certification examinations, in order to become a CompTIA A+ Certified Professional.

The CompTIA Network+ (Exam N10-007) certification ensures that the successful candidate has the important knowledge and skills necessary to manage, maintain, troubleshoot, install, operate and configure basic network infrastructure, describe networking technologies, basic design principles, and adhere to wiring standards and use testing tools.

CompTIA Security+ (Exam SY0-501) is the primary course you will need to take if your job responsibilities include securing network services, network devices, and network traffic. It is also the main course you will take to prepare for the CompTIA Security+ examination. In this course, you'll build on your knowledge and professional experience with computer hardware, operating systems, and networks as you acquire the specific skills required to implement basic security services on any type of computer network.


Prove your mastery of the primary set of Windows Server 2016 skills required to reduce IT costs and deliver more business value.

Earning an MCSA: Windows Server 2016 certification qualifies you for a position as a network or computer systems administrator or as a computer network specialist, and it is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).

Earning an MCSE: Core Infrastructure certification validates that you have the skills needed to run a highly efficient and modern data center, identity management, systems management, virtualization, storage, and networking.


CISSP training is an advanced course designed to meet the high demands of the information security industry by preparing students for the Certified Information Systems Security Professional (CISSP) exam.


Ethical Hacking and Countermeasures will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The lab intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems.

EC-Council's Certified Security Analyst program is a highly interactive security class designed to teach Security Professionals the advanced uses of the methodologies, tools and techniques required to perform comprehensive information security tests. Students will learn how to design, secure and test networks to protect your organization from the threats hackers and crackers pose. By teaching the tools and ground breaking techniques for security and penetration testing, this class will help you perform the intensive assessments required to effectively identify and mitigate risks to the security of your infrastructure. As students learn to identify security problems, they also learn how to avoid and eliminate them, with the class providing complete coverage of analysis and network security-testing topics.


CompTIA A+/Network+/Security+

The CompTIA® A+® Core 1 and Core 2 (Exams 220-1001 and 220-1002) course provides the background knowledge and skills you will require to be a successful A+ technician. It will help you prepare to take the CompTIA A+ Core Series certification examinations, in order to become a CompTIA A+ Certified Professional.

The CompTIA Network+ (Exam N10-007) certification ensures that the successful candidate has the important knowledge and skills necessary to manage, maintain, troubleshoot, install, operate and configure basic network infrastructure, describe networking technologies, basic design principles, and adhere to wiring standards and use testing tools.

CompTIA Security+ (Exam SY0-501) is the primary course you will need to take if your job responsibilities include securing network services, network devices, and network traffic. It is also the main course you will take to prepare for the CompTIA Security+ examination. In this course, you'll build on your knowledge and professional experience with computer hardware, operating systems, and networks as you acquire the specific skills required to implement basic security services on any type of computer network.


A+ Certification

CompTIA A+ certified professionals are proven problem solvers. They support today's core technologies from security to cloud to data management and more. CompTIA A+ is the industry standard for launching IT careers into today's digital world. It is the only industry recognized credential with performance-based items to prove pros can think on their feet to perform critical IT support tasks in the moment. It is trusted by employers around the world to identify the go-to person in end point management and technical support roles. CompTIA A+ is regularly re-invented by IT experts to ensure that it validates core skills and abilities demanded in the workplace.

The CompTIA® A+® Core 1 and Core 2 (Exams 220-1001 and 220-1002) course provides the background knowledge and skills you will require to be a successful A+ technician. It will help you prepare to take the CompTIA A+ Core Series certification examinations, in order to become a CompTIA A+ Certified Professional.

Course Objectives:

In this course, you will install, configure, optimize, troubleshoot, repair, upgrade, and perform preventive maintenance on personal computers, digital devices, and operating systems.

You will:

  • Support operating systems.
  • Install and configure PC system unit components and peripheral devices.
  • Install, configure, and troubleshoot display and multimedia devices.
  • Install, configure, and troubleshoot storage devices.
  • Install, configure, and troubleshoot internal system components.
  • Install, configure, and maintain operating systems.
  • Maintain and troubleshoot Microsoft Windows.
  • Explain network infrastructure concepts.
  • Configure and troubleshoot network connections.
  • Manage users, workstations, and shared resources.
  • Implement client virtualization and cloud computing.
  • Implement physical security.
  • Secure workstations and data.
  • Troubleshoot workstation security issues.
  • Support and troubleshoot laptops.
  • Support and troubleshoot mobile devices.
  • Install, configure, and troubleshoot print devices.
  • Implement operational procedures.

Target Student:

This course is designed for individuals who have basic computer user skills and who are interested in obtaining a job as an entry-level IT technician. This course is also designed for students who are seeking the CompTIA A+ certification and who want to prepare for the CompTIA A+ Core 1 220-1001 Certification Exam and the CompTIA A+ Core 2 220-1002 Certification Exam.

Prerequisites:

To ensure your success in this course, you should have experience with basic computer user skills, be able to complete tasks in a Microsoft® Windows® environment, be able to search for, browse, and access information on the Internet, and have basic knowledge of computing concepts.

Course Content

Lesson 1: Supporting Operating Systems
  • Identify Common Operating Systems
  • Troubleshooting Methodology
  • Use Windows Features and Tools
  • Manage Files in Windows
  • Manage Disks in Windows
  • Manage Devices in Windows
Lesson 2: Installing and Configuring PC Components
  • Use Appropriate Safety Procedures
  • PC Components
  • Common Connection Interfaces
  • Install Peripheral Devices
Lesson 3: Installing, Configuring, and Troubleshooting Display and Multimedia Devices
  • Install and Configure Display Devices
  • Troubleshoot Display Devices
  • Install and Configure Multimedia Devices
Lesson 4: Installing, Configuring, and Troubleshooting Storage Devices
  • Install System Memory
  • Install and Configure Mass Storage Devices
  • Install and Configure Removable Storage
  • Configure RAID
  • Troubleshoot Storage Devices
Lesson 5: Installing, Configuring, and Troubleshooting Internal System Components
  • Install and Upgrade CPUs
  • Configure and Update BIOS/UEFI
  • Install Power Supplies
  • Troubleshoot Internal System Components
  • Configure a Custom PC
Lesson 6: Installing, Configuring, and Maintaining Operating Systems
  • Configure and Use Linux
  • Configure and Use macOS
  • Install and Upgrade Operating Systems
  • Maintain OSs
Lesson 7: Maintaining and Troubleshooting Microsoft Windows
  • Install and Manage Windows Applications
  • Manage Windows Performance
  • Troubleshoot Windows
Lesson 8: Network Infrastructure Concepts
  • Wired Networks
  • Network Hardware Devices
  • Wireless Networks
  • Internet Connection Types
  • Network Configuration Concepts
  • Network Services
Lesson 9: Configuring and Troubleshooting Networks
  • Configure Network Connection Settings
  • Install and Configure SOHO Networks
  • Configure SOHO Network Security
  • Configure Remote Access
  • Troubleshoot Network Connections
  • Install and Configure IoT Devices
Lesson 10: Managing Users, Workstations, and Shared Resources
  • Manage Users
  • Configure Shared Resources
  • Configure Active Directory Accounts and Policies
Lesson 11: Implementing Client Virtualization and Cloud Computing
  • Configure Client-Side Virtualization
  • Cloud Computing Concepts
Lesson 12: Security Concepts
  • Logical Security Concepts
  • Threats and Vulnerabilities
  • Physical Security Measures
Lesson 13: Securing Workstations and Data
  • Implement Security Best Practices
  • Implement Data Protection Policies
  • Protect Data During Incident Response
Lesson 14: Troubleshooting Workstation Security Issues
  • Detect, Remove, and Prevent Malware
  • Troubleshoot Common Workstation Security Issues
Lesson 15: Supporting and Troubleshooting Laptops
  • Use Laptop Features
  • Install and Configure Laptop Hardware
  • Troubleshoot Common Laptop Issues
Lesson 16: Supporting and Troubleshooting Mobile Devices
  • Mobile Device Types
  • Connect and Configure Mobile Device Accessories
  • Configure Mobile Device Network Connectivity
  • Support Mobile Apps
  • Secure Mobile Devices
  • Troubleshoot Mobile Device Issues
Lesson 17: Installing, Configuring, and Troubleshooting Print Devices
  • Maintain Laser Printers
  • Maintain Inkjet Printers
  • Maintain Impact, Thermal, and 3D Printers
  • Install and Configure Printers
  • Troubleshoot Print Device Issues
  • Install and Configure Imaging Devices
Lesson 18: Implementing Operational Procedures
  • Environmental Impacts and Controls
  • Create and Maintain Documentation
  • Use Basic Change Management Best Practices
  • Implement Disaster Prevention and Recovery Methods
  • Basic Scripting Concepts
  • Professionalism and Communication

[ back to top ]

Network+ certification

The CompTIA Network+ certification (Exam N10-007) is an internationally recognized validation of the technical knowledge required of foundation-level IT network practitioners.

This exam will certify the successful candidate has the knowledge and skills required to troubleshoot, configure, and manage common network devices; establish basic network connectivity; understand and maintain network documentation; identify network limitations and weaknesses; and implement network security, standards, and protocols. The candidate will have a basic understanding of enterprise technologies, including cloud and virtualization technologies.

CompTIA Network+ is accredited by ANSI to show compliance with the ISO 17024 Standard and, as such, undergoes regular reviews and updates to the exam objectives.

Prerequisites

It is recommended for CompTIA Network+ candidates to have the following:

  • CompTIA A+ certification or equivalent knowledge, though CompTIA A+ certification is not required.
  • Have at least 9 to 12 months of work experience in IT networking.

Course Outline

1.0 Networking Concepts
Explain the purposes and uses of ports and protocols.
  • Protocols and ports
  • Protocol types
  • Connection-oriented vs. connectionless
Explain devices, applications, protocols and services at their appropriate OSI layers.
  • Layer 1 - Physical
  • Layer 2 - Data link
  • Layer 3 - Network
  • Layer 4 - Transport
  • Layer 5 - Session
  • Layer 6 - Presentation
  • Layer 7 - Application
Explain the concepts and characteristics of routing and switching.
  • Properties of network traffic
  • Segmentation and interface properties
  • Routing
  • IPv6 concepts
  • Performance concepts
  • NAT/PAT
  • Port forwarding
  • Access control list
  • Distributed switching
  • Packet-switched vs. circuit-switched network
  • Software-defined networking
Given a scenario, configure the appropriate IP addressing components.
  • Private vs. public
  • Loopback and reserved
  • Default gateway
  • Virtual IP
  • Subnet mask
  • Subnetting
  • Address assignments
Compare and contrast the characteristics of network topologies, types and technologies.
  • Wired topologies
  • Wireless topologies
  • Types
  • Technologies that facilitate the Internet of Things (IoT)
Given a scenario, implement the appropriate wireless technologies and configurations.
  • 802.11 standards
  • Cellular
  • Frequencies
  • Speed and distance requirements
  • Channel bandwidth
  • Channel bonding
  • MIMO/MU-MIMO
  • Unidirectional/omnidirectional
  • Site surveys
Summarize cloud concepts and their purposes.
  • Types of services
  • Cloud delivery models
  • Connectivity methods
  • Security implications/considerations
  • Relationship between local and cloud resources
Explain the functions of network services.
  • DNS service
  • DHCP service
  • NTP
  • IPAM
2.0 Infrastructure
Given a scenario, deploy the appropriate cabling solution.
  • Media types
  • Plenum vs. PVC
  • Connector types
  • Transceivers
  • Termination points
  • Copper cable standards
  • Copper termination standards
  • Ethernet deployment standards
Given a scenario, determine the appropriate placement of networking devices on a network and install/configure them.
  • Firewall
  • Router
  • Switch
  • Hub
  • Bridge
  • Modems
  • Wireless access point
  • Media converter
  • Wireless range extender
  • VoIP endpoint
Explain the purposes and use cases for advanced networking devices.
  • Multilayer switch
  • Wireless controller
  • Load balancer
  • IDS/IPS
  • Proxy server
  • VPN concentrator
  • AAA/RADIUS server
  • UTM appliance
  • NGFW/Layer 7 firewall
  • VoIP PBX
  • VoIP gateway
  • Content filter
Explain the purposes of virtualization and network storage technologies.
  • Virtual networking components
  • Network storage types
  • Connection type
  • Jumbo frame
Compare and contrast WAN technologies.
  • Service type
  • Transmission mediums
  • Characteristics of service
  • Termination
3.0 Network Operations
Given a scenario, use appropriate documentation and diagrams to manage the network.
  • Diagram symbols
  • Standard operating procedures / work instructions
  • Logical vs. physical diagrams
  • Rack diagrams
  • Change management documentation
  • Wiring and port locations
  • IDF/MDF documentation
  • Labeling
  • Network configuration and performance baselines
  • Inventory management
Compare and contrast business continuity and disaster recovery concepts.
  • Availability concepts
  • Recovery
  • MTTR
  • MTBF
  • SLA requirements
Explain common scanning, monitoring and patching processes and summarize their expected outputs.
  • Processes
  • Event management
  • SNMP monitors
  • Metrics
Given a scenario, use remote access methods.
  • VPN
  • RDP
  • SSH
  • VNC
  • Telnet
  • HTTPS/management URL
  • Remote file access
  • Out-of-band management
Identify policies and best practices.
  • Privileged user agreement
  • Password policy
  • On-boarding/off-boarding procedures
  • Licensing restrictions
  • International export controls
  • Data loss prevention
  • Remote access policies
  • Incident response policies
  • BYOD
  • AUP
  • NDA
  • System life cycle
  • Safety procedures and policies
4.0 Network Security
Summarize the purposes of physical security devices.
  • Detection
  • Prevention
Explain authentication and access controls.
  • Authorization, authentication and accounting
  • Multifactor authentication
  • Access control
Given a scenario, secure a basic wireless network.
  • WPA
  • WPA2
  • TKIP-RC4
  • CCMP-AES
  • Authentication and authorization
  • Geofencing
Summarize common networking attacks.
  • DoS
  • Social engineering
  • Insider threat
  • Logic bomb
  • Rogue access point
  • Evil twin
  • War-driving
  • Phishing
  • Ransomware
  • DNS poisoning
  • ARP poisoning
  • Spoofing
  • Deauthentication
  • Brute force
  • VLAN hopping
  • Man-in-the-middle
  • Exploits vs. vulnerabilities
Given a scenario, implement network device hardening.
  • Changing default credentials
  • Avoiding common passwords
  • Upgrading firmware
  • Patching and updates
  • File hashing
  • Disabling unnecessary services
  • Using secure protocols
  • Generating new keys
  • Disabling unused ports
Explain common mitigation techniques and their purposes.
  • Signature management
  • Device hardening
  • Change native VLAN
  • Switch port protection
  • Network segmentation
  • Privileged user account
  • File integrity monitoring
  • Role separation
  • Restricting access via ACLs
  • Honeypot/honeynet
  • Penetration testing
5.0 Network Troubleshooting and Tools
Explain the network troubleshooting methodology.
  • Identify the problem
  • Establish a theory of probable cause
  • Test the theory to determine the cause
  • Establish a plan of action to resolve the problem and identify potential effects
  • Implement the solution or escalate as necessary
  • Verify full system functionality and, if applicable, implement preventive measures
  • Document findings, actions, and outcomes
Given a scenario, use the appropriate tool.
  • Hardware tools
  • Software tools
Given a scenario, troubleshoot common wired connectivity and performance issues.
  • Attenuation
  • Latency
  • Jitter
  • Crosstalk
  • EMI
  • Open/short
  • Incorrect pin-out
  • Incorrect cable type
  • Bad port
  • Transceiver mismatch
  • TX/RX reverse
  • Duplex/speed mismatch
  • Damaged cables
  • Bent pins
  • Bottlenecks
  • VLAN mismatch
  • Network connection LED status indicators
Given a scenario, troubleshoot common wireless connectivity and performance issues.
  • Reflection
  • Refraction
  • Absorption
  • Latency
  • Jitter
  • Attenuation
  • Incorrect antenna type
  • Interference
  • Incorrect antenna placement
  • Channel overlap
  • Overcapacity
  • Distance limitations
  • Frequency mismatch
  • Wrong SSID
  • Wrong passphrase
  • Security type mismatch
  • Power levels
  • Signal-to-noise ratio
Given a scenario, troubleshoot common network service issues.
  • Names not resolving
  • Incorrect gateway
  • Incorrect netmask
  • Duplicate IP addresses
  • Duplicate MAC addresses
  • Expired IP address
  • Rogue DHCP server
  • Untrusted SSL certificate
  • Incorrect time
  • Exhausted DHCP scope
  • Blocked TCP/UDP ports
  • Incorrect host-based firewall settings
  • Incorrect ACL settings
  • Unresponsive service
  • Hardware failure

[ back to top ]

Security+ certification

CompTIA Security+ (Exam SY0-501) is the certification globally trusted to validate foundational, vendor-neutral IT security knowledge and skills. As a benchmark for best practices in IT security, this certification covers the essential principles for network security and risk management - making it an important stepping stone of an IT security career.

IT security is paramount to organizations as cloud computing and mobile devices have changed the way we do business. With the massive amounts of data transmitted and stored on networks throughout the world, it's essential to have effective security practices in place. That's where CompTIA Security+ comes in. Get the Security+ certification to show that you have the skills to secure a network and deter hackers and you're ready for the job.

Security+ is government approved

CompTIA Security+ meets the ISO 17024 standard and is approved by U.S. Department of Defense to fulfill Directive 8570.01-M requirements. Once you obtain your Security+ you automatically have the CE designation required in the DoD Directive 8570.01 manual and going forward must comply with the CE program requirement of completing 50 CEUs in three years to maintain the credential. Security+ is also compliant with government regulations under Federal Information Security Management Act (FISMA).

Security+ is globally recognized

CompTIA Security+ is a globally recognized credential with certified professionals working in over 147 countries throughout the world.

Security+ provides substantial earnings potential

According to the Bureau of Labor Statistics, Security Specialists, Administrators and Managers earn over $86,000 per year.

Target Student

The CompTIA Security+ certification is aimed at an IT security professional who has:

  • A minimum of two years' experience in IT administration with a focus on security
  • Day-to-day technical information security experience
  • Broad knowledge of security concerns and implementation, including the topics in the domain list

Course Content

1.0 Threats, Attacks and Vulnerabilities
1.1 Given a scenario, analyze indicators of compromise and determine the type of malware.
  • Viruses
  • Crypto-malware
  • Ransomware
  • Worm
  • Trojan
  • Rootkit
  • Keylogger
  • Adware
  • Spyware
  • Bots
  • RAT
  • Logic bomb
  • Backdoor
1.2 Compare and contrast types of attacks
  • Social engineering
  • Application/service attacks
  • Wireless attacks
  • Cryptographic attacks
1.3 Explain threat actor types and attributes.
  • Types of actors
  • Attributes of actors
  • Use of open-source intelligence
1.4 Explain penetration testing concepts.
  • Active reconnaissance
  • Passive reconnaissance
  • Pivot
  • Initial exploitation
  • Persistence
  • Escalation of privilege
  • Black box
  • White box
  • Gray box
  • Penetration testing vs. vulnerability scanning
1.5 Explain vulnerability scanning concepts.
  • Passively test security controls
  • Identify vulnerability
  • Identify lack of security controls
  • Identify common misconfigurations
  • Intrusive vs. non-intrusive
  • Credentialed vs. non-credentialed
  • False positive
1.6 Explain the impact associated with types of vulnerabilities.
  • Race conditions
  • Vulnerabilities
  • Improper input handling
  • Improper error handling
  • Misconfiguration/weak configuration
  • Default configuration
  • Resource exhaustion
  • Untrained users
  • Improperly configured accounts
  • Vulnerable business processes
  • Weak cipher suites and implementations
  • Memory/buffer vulnerability
  • System sprawl/undocumented assets
  • Architecture/design weaknesses
  • New threats/zero day
  • Improper certificate and key management
2.0 Technologies and Tools
2.1 Install and configure network components, both hardware- and software-based, to support organizational security.
  • Firewall
  • VPN concentrator
  • NIPS/NIDS
  • Router
  • Switch
  • Proxy
  • Load balancer
  • Access point
  • SIEM
  • DLP
  • NAC
  • Mail gateway
  • Bridge
  • SSL/TLS accelerators
  • SSL decryptors
  • Media gateway
  • Hardware security module
2.2 Given a scenario, use appropriate software tools to assess the security posture of an organization.
  • Protocol analyzer
  • Network scanners
  • Wireless scanners/cracker
  • Password cracker
  • Vulnerability scanner
  • Configuration compliance scanner
  • Exploitation frameworks
  • Data sanitization tools
  • Steganography tools
  • Honeypot
  • Backup utilities
  • Banner grabbing
  • Passive vs. active
  • Command line tools
2.3 Given a scenario, troubleshoot common security issues.
  • Unencrypted credentials/clear text
  • Logs and events anomalies
  • Permission issues
  • Access violations
  • Certificate issues
  • Data exfiltration
  • Misconfigured devices
  • Weak security configurations
  • Personnel issues
  • Unauthorized software
  • Baseline deviation
  • License compliance violation (availability/integrity)
  • Asset management
  • Authentication issues
2.4 Given a scenario, analyze and interpret output from security technologies.
  • HIDS/HIPS
  • Antivirus
  • File integrity check
  • Host-based firewall
  • Application whitelisting
  • Removable media control
  • Advanced malware tools
  • Patch management tools
  • UTM
  • DLP
  • Data execution prevention
  • Web application firewall
2.5 Given a scenario, deploy mobile devices securely.
  • Connection methods
  • Mobile device management concepts
  • Enforcement and monitoring
  • Deployment models
2.6 Given a scenario, implement secure protocols.
  • Protocols
  • Use cases
3.0 Architecture and Design
3.1 Explain use cases and purpose for frameworks, best practices and secure configuration guides.
  • Industry-standard frameworks and reference architectures
  • Benchmarks/secure configuration guides
  • Defense-in-depth/layered security
3.2 Given a scenario, implement secure network architecture concepts.
  • Zones/topologies
  • Segregation/segmentation/isolation
  • Tunneling/VPN
  • Security device/technology placement
  • SDN
3.3 Given a scenario, implement secure systems design.
  • Hardware/firmware security
  • Operating systems
  • Peripherals
3.4 Explain the importance of secure staging deployment concepts.
  • Sandboxing
  • Environment
  • Secure baseline
  • Integrity measurement
3.5 Explain the security implications of embedded systems.
  • SCADA/ICS
  • Smart devices/IoT
  • HVAC
  • SoC
  • RTOS
  • Printers/MFDs
  • Camera systems
  • Special purpose
3.6 Summarize secure application development and deployment concepts.
  • Development life-cycle models
  • Secure DevOps
  • Version control and change management
  • Provisioning and deprovisioning
  • Secure coding techniques
  • Code quality and testing
  • Compiled vs. runtime code
3.7 Summarize cloud and virtualization concepts.
  • Hypervisor
  • VM sprawl avoidance
  • VM escape protection
  • Cloud storage
  • Cloud deployment models
  • On-premise vs. hosted vs. cloud
  • VDI/VDE
  • Cloud access security broker
  • Security as a Service
3.8 Explain how resiliency and automation strategies reduce risk.
  • Automation/scripting
  • Templates
  • Master image
  • Non-persistence
  • Elasticity
  • Scalability
  • Distributive allocation
  • Redundancy
  • Fault tolerance
  • High availability
3.9 Explain the importance of physical security controls.
  • Lighting
  • Signs
  • Fencing/gate/cage
  • Security guards
  • Alarms
  • Safe
  • Secure cabinets/enclosures
  • Protected distribution/Protected cabling
  • Airgap
  • Mantrap
  • Faraday cage
  • Lock types
  • Biometrics
  • Barricades/bollards
  • Tokens/cards
  • Environmental controls
  • Cable locks
  • Screen filters
  • Cameras
  • Motion detection
  • Logs
  • Infrared detection
  • Key management
4.0 Identity and Access Management
4.1 Compare and contrast identity and access management concepts
  • Identification, authentication, authorization and accounting (AAA)
  • Multifactor authentication
  • Federation
  • Single sign-on
  • Transitive trust
4.2 Given a scenario, install and configure identity and access services.
  • LDAP
  • Kerberos
  • TACACS+
  • CHAP
  • PAP
  • MSCHAP
  • RADIUS
  • SAML
  • OpenID Connect
  • OAUTH
  • Shibboleth
  • Secure token
  • NTLM
4.3 Given a scenario, implement identity and access management controls.
  • Access control models
  • Physical access control
  • Biometric factors
  • Tokens
  • Certificate-based authentication
  • File system security
  • Database security
4.4 Given a scenario, differentiate common account management practices.
  • Account types
  • General Concepts
  • Account policy enforcement
5.0 Risk Management
5.1 Explain the importance of policies, plans and procedures related to organizational security.
  • Standard operating procedure
  • Agreement types
  • Personnel management
  • General security policies
5.2 Summarize business impact analysis concepts.
  • RTO/RPO
  • MTBF
  • MTTR
  • Mission-essential functions
  • Identification of critical systems
  • Single point of failure
  • Impact
  • Privacy impact assessment
  • Privacy threshold assessment
5.3 Explain risk management processes and concepts.
  • Threat assessment
  • Risk assessment
  • Change management
5.4 Given a scenario, follow incident response procedures.
  • Incident response plan
  • Incident response process
5.5 Summarize basic concepts of forensics.
  • Order of volatility
  • Chain of custody
  • Legal hold
  • Data acquisition
  • Preservation
  • Recovery
  • Strategic intelligence/counterintelligence gathering
  • Track man-hours
5.6 Explain disaster recovery and continuity of operation concepts.
  • Recovery sites
  • Order of restoration
  • Backup concepts
  • Geographic considerations
  • Continuity of operation planning
5.7 Compare and contrast various types of controls.
  • Deterrent
  • Preventive
  • Detective
  • Corrective
  • Compensating
  • Technical
  • Administrative
  • Physical
5.8 Given a scenario, carry out data security and privacy practices.
  • Data destruction and media sanitization
  • Data sensitivity labeling and handling
  • Data roles
  • Data retention
  • Legal and compliance
6.0 Cryptography and PKI
6.1 Compare and contrast basic concepts of cryptography.
  • Symmetric algorithms
  • Modes of operation
  • Asymmetric algorithms
  • Hashing
  • Salt, IV, nonce
  • Elliptic curve
  • Weak/deprecated algorithms
  • Key exchange
  • Digital signatures
  • Diffusion
  • Confusion
  • Collision
  • Steganography
  • Obfuscation
  • Stream vs. block
  • Key strength
  • Session keys
  • Ephemeral key
  • Secret algorithm
  • Data-in-transit
  • Data-at-rest
  • Data-in-use
  • Random/pseudo-random number generation
  • Key stretching
  • Implementation vs. algorithm selection
  • Perfect forward secrecy
  • Security through obscurity
  • Common use cases
6.2 Explain cryptography algorithms and their basic characteristics.
  • Symmetric algorithms
  • Cipher modes
  • Asymmetric algorithms
  • Hashing algorithms
  • Key stretching algorithms
  • Obfuscation
6.3 Given a scenario, install and configure wireless security settings.
  • Cryptographic protocols
  • Authentication protocols
  • Methods
6.4 Given a scenario, implement public key infrastructure.
  • Components
  • Concepts
  • Types of certificates
  • Certificate formats

[ back to top ]

Microsoft MCSA: Windows Server 2016 / MCSE: Core Infrastructure

Prove your mastery of the primary set of Windows Server 2016 skills required to reduce IT costs and deliver more business value.

Earning an MCSA: Windows Server 2016 certification qualifies you for a position as a network or computer systems administrator or as a computer network specialist, and it is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).

OR take the 70-743 Exam to Upgrade from an existing MCSA: Windows Server 2008 or MCSA: Windows Server 2012.

Earning an MCSE: Core Infrastructure certification validates that you have the skills needed to run a highly efficient and modern data center, identity management, systems management, virtualization, storage, and networking.


Microsoft Course 20740

Exam 70-740: This course is designed primarily for IT professionals who have some experience with Windows Server. It is designed for professionals who will be responsible for managing storage and compute by using Windows Server 2016, and who need to understand the scenarios, requirements, and storage and compute options that are available and applicable to Windows Server 2016.

Audience profile

This course is intended for IT professionals who have some experiencing working with Windows Server, and who are looking for a single course that covers storage and compute technologies in Windows Server 2016. This course will help them update their knowledge and skills related to storage and compute for Windows Server 2016.

Candidates suitable for this course would be:

  • Windows Server administrators who are relatively new to Windows Server administration and related technologies, and who want to learn more about the storage and compute features in Windows Server 2016.
  • IT professionals with general IT knowledge, who are looking to gain knowledge about Windows Server, especially around storage and compute technologies in Windows Server 2016.

The secondary audience for this course are IT professionals looking to take the Microsoft 70-740 certification exam, Installation, Storage and Compute with Windows Server 2016.

At course completion

After completing this course, students will be able to:

  • Prepare and install Nano Server, a Server Core installation, and plan a server upgrade and migration strategy.
  • Describe the various storage options, including partition table formats, basic and dynamic disks, file systems, virtual hard disks, and drive hardware, and explain how to manage disks and volumes.
  • Describe enterprise storage solutions, and select the appropriate solution for a given situation.
  • Implement and manage Storage Spaces and Data Deduplication.
  • Install and configure Microsoft Hyper-V.
  • Deploy, configure, and manage Windows and Hyper-V containers.
  • Describe the high availability and disaster recovery technologies in Windows Server 2016.
  • Plan, create, and manage a failover cluster.
  • Implement failover clustering for Hyper-V virtual machines.
  • Configure a Network Load Balancing (NLB) cluster, and plan for an NLB implementation.
  • Create and manage deployment images.
  • Manage, monitor, and maintain virtual machine installations.

Prerequisites

Before attending this course, students must have:

  • A basic understanding of networking fundamentals.
  • An awareness and understanding of security best practices.
  • An understanding of basic AD DS concepts.
  • Basic knowledge of server hardware.
  • Experience supporting and configuring Windows client operating systems such as Windows 8 or Windows 10.

Additionally, students would benefit from having some previous Windows Server operating system experience, such as experience as a Windows Server systems administrator.

Course Outline

Module 1: Installing, upgrading, and migrating servers and workloads

This module explains how to prepare and install Nano Server and Server Core. This module also explains how to upgrade and migrate server roles and workloads. Finally, this module explains how to choose an activation model based on your environment characteristics.

  • Introducing Windows Server 2016
  • Preparing and installing Nano Server and Server Core
  • Preparing for upgrades and migrations
  • Migrating server roles and workloads
  • Windows Server activation models

After completing this module, students will be able to:

  • Choose the appropriate version of the Windows Server operating system, and describe the installation options and new features of Windows Server 2016.
  • Prepare and install Nano Server and Server Core.
  • Consider whether an upgrade or migration is the best approach, and use tools to help determine upgrade or migration suitability.
  • Migrate server roles and workloads within a domain and across domains or forests.
  • Choose an activation model based on your environment characteristics.
Module 2: Configuring local storage

This module explains how to manage disks and volumes in Windows Server 2016.

  • Managing disks in Windows Server 2016
  • Managing volumes in Windows Server 2016

After completing this module, students will be able to:

  • Manage disks in Windows Server 2016.
  • Manage volumes in Windows Server 2016.
Module 3: Implementing enterprise storage solutions

This module describes the direct-attached storage (DAS), network-attached storage (NAS), and storage area networks (SANs). It also helps you understand Microsoft Internet Storage Name Service (iSNS) Server, data center bridging, and Multipath I/O (MPIO). Additionally, this module also compares Fibre Channel, Internet Small Computer System Interface (iSCSI), and Fibre Channel Over Ethernet (FCoE), and describes how to configure sharing in Windows Server 2016.

  • Overview of direct-attached storage, network-attached storage, and storage area networks
  • Comparing Fibre Channel, iSCSI, and FCoE
  • Understanding iSNS, data centre bridging, and MPIO
  • Configuring sharing in Windows Server 2016

After completing this module, students will be able to:

  • Describe DAS, NAS, and SANs, and the usage scenarios for each topology.
  • Compare Fibre Channel, FCoE, an iSCSI target and initiator.Describe iSNS, MPIO, data center bridging, and Windows Storage Server 2016 (two versions-Workgroup and Standard).
  • Configure server message block (SMB) and network file system (NFS) shares by using Server Manager and Windows PowerShell.
Module 4: Implementing Storage Spaces and Data Deduplication

This module explains how to implement and manage Storage Spaces. This module also explains how to implement Data Deduplication.

  • Implementing Storage Spaces
  • Managing Storage Spaces
  • Implementing Data Deduplication

After completing this module, students will be able to:

  • Implement Storage Spaces as an enterprise storage solution.
  • Manage Storage Spaces by using Server Manager and Windows PowerShell.
  • Implement Data Deduplication.
Module 5: Installing and configuring Hyper-V and virtual machines

This module provides an overview of Hyper-V. This module also explains how to configure, manage, and install Hyper-V.

  • Overview of Hyper-V
  • Installing Hyper-V
  • Configuring storage on Hyper-V host servers
  • Configuring networking on Hyper-V host servers
  • Configuring Hyper-V virtual machines
  • Managing Hyper-V virtual machines

After completing this module, students will be able to:

  • Describe Hyper-V and virtualization.
  • Prepare to install the Hyper-V role.
  • Configure storage on Hyper-V host servers.
  • Configure networking on Hyper-V host servers.
  • Configure Hyper-V virtual machines.
  • Move virtual machines from one host to another host, using PowerShell Direct to manage a virtual machine, and manage miscellaneous virtual machine settings.
Module 6: Deploying and managing Windows Server and Hyper-V containers

This module provides and overview of containers in Windows Server 2016. It also explains how to deploy, install, configure, and manage containers in Windows Server 2016.

  • Overview of containers in Windows Server 2016
  • Deploying Windows Server and Hyper-V containers
  • Installing, configuring, and managing containers

After completing this module, students will be able to:

  • Explain the purpose of Windows Server and Hyper-V containers.
  • Deploy and manage Windows Server and Hyper-V containers.
  • Install, configure, and manage containers.
Module 7: Overview of high availability and disaster recovery

This module provides an overview of high availability, business continuity, and disaster recovery. It further explains how to plan high availability and disaster recovery solutions. Additionally, in this module you will know how to back up and restore the Windows Server 2016 operating system and data by using Windows Server Backup. Finally, you will learn about Windows Server 2016 high availability with failover clustering.

  • Defining levels of availability
  • Planning high availability and disaster recovery solutions with Hyper-V virtual machines
  • Backing up and restoring the Windows Server 2016 operating system and data by using Windows Server B
  • High availability with failover clustering in Windows Server 2016

After completing this module, students will be able to:

  • Describe high availability, business continuity, and disaster recovery.
  • Plan for high availability and disaster recovery solutions with Hyper-V virtual machines.
  • Back up and restore Hyper-V hosts, virtual machines, Active Directory Domain Services (AD DS), and file and web servers by using Windows Server Backup.
  • Describe Windows Server 2016 high availability with failover clustering.
Module 8: Implementing and managing failover clustering

This module explains how to plan, create, configure, maintain, and troubleshoot a failover cluster. This module also explains how to implement site high availability with stretch clustering.

  • Planning a failover cluster
  • Creating and configuring a new failover cluster
  • Maintaining a failover cluster
  • Troubleshooting a failover cluster
  • Implementing site high availability with stretch clustering

After completing this module, students will be able to:

  • Describe the requirements and infrastructure considerations for a failover cluster.
  • Create and configure a new failover cluster.
  • Monitor and maintain failover clusters.
  • Troubleshoot failover clusters by using various tools such as Performance Monitor, Event Viewer, and Windows PowerShell.
  • Configure and implement a stretch cluster.
Module 9: Implementing failover clustering for Hyper-V virtual machines

This module describes integrating Hyper-V virtual machines in a clustered environment. It also explains how to implement and maintain Hyper-V virtual machines on failover clusters. Additionally, this module also explains how to configure network health protection.

  • Overview of integrating Hyper-V in Windows Server 2016 with failover clustering
  • Implementing and maintaining Hyper-V virtual machines on failover clusters
  • Key features for virtual machines in a clustered environment

After completing this module, students will be able to:

  • Explain the integration of Hyper-V in Windows Server 2016 with failover clustering.
  • Implement and maintain Hyper-V virtual machines on failover clusters.
  • Describe and configure network health protection.
Module 10: Implementing Network Load Balancing

This module provides an overview of NLB clusters. It also explains how to plan and configure an NLB cluster implementation.

  • Overview of NLB clusters
  • Configuring an NLB cluster
  • Planning an NLB implementation

After completing this module, students will be able to:

  • Describe NLB and how it works.
  • Configure an NLB cluster.
  • Describe the considerations for implementing NLB.
Module 11: Creating and managing deployment images

This module provides an introduction to deployment images. It also explains how to create and manage deployment images by using the Microsoft Deployment Toolkit (MDT). Additionally, it explains how to evaluate an organization's requirements for server virtualization.

  • Introduction to deployment images
  • Creating and managing deployment images by using MDT
  • Virtual machine environments for different workloads

After completing this module, students will be able to:

  • Explain the purpose of deployment images and the tools that you use to deploy and maintain them.
  • Implement and manage deployment images by using MDT.
  • Evaluate their organization's requirements for server virtualization.
Module 12: Managing, monitoring, and maintaining virtual machine installations

This module provides an overview on WSUS and explains the deployment options. It explains how to update management process with WSUS and also how to use Performance Monitor. Additionally, this module also provides an overview of PowerShell Desired State Configuration (DSC) and Windows Server 2016 monitoring tools. Finally, this module describes how to use Performance Monitor and monitor Event Logs.

  • WSUS overview and deployment options
  • Update management process with WSUS
  • Overview of PowerShell DSC
  • Overview of Windows Server 2016 monitoring tools
  • Using Performance Monitor
  • Monitoring Event Logs

After completing this module, students will be able to:

  • Describe the purpose of Windows Server Update Services (WSUS) and the requirements to implement WSUS.
  • Manage the update process with WSUS.
  • Describe the purpose and benefits of PowerShell DSC.
  • Describe the monitoring tools available in Windows Server 2016.
  • Describe how to use Performance Monitor.
  • Describe how to manage event logs.

[ back to top ]

Microsoft Course 20741

Exam 70-741: This course provides the fundamental networking skills required to deploy and support Windows Server 2016 in most organizations. It covers IP fundamentals, remote access technologies, and more advanced content including software defined networking.

Audience profile

This course is intended for existing IT professionals who have some networking knowledge and experience and are looking for a single course that provides insight into core and advanced networking technologies in Windows Server 2016. This audience would typically include:

  • Network administrators who are looking to reinforce existing skills and learn about new networking technology changes and functionality in Windows Server 2016.
  • System or Infrastructure Administrators with general networking knowledge who are looking to gain core and advanced networking knowledge and skills on Windows Server 2016.

The secondary audience for this course is those IT professionals who are looking to take the MCSA 70-741: Networking with Windows Server 2016 exam.

At course completion

After completing this course, students will be able to:

  • Plan and implement an IPv4 network.
  • Implement Dynamic Host Configuration Protocol (DHCP).
  • Implement IPv6.
  • Implement Domain Name System (DNS).
  • Implement and manage IP address management (IPAM).
  • Plan for remote access.
  • Implement DirectAccess.
  • Implement virtual private networks (VPNs).
  • Implement networking for branch offices.
  • Configure advanced networking features.
  • Implement software defined networking.

Prerequisites

In addition to professional experience, students who attend this training should already have the following technical knowledge:

  • Experience working with Windows Server 2008 or Windows Server 2012
  • Experience working in a Windows Server infrastructure enterprise environment
  • Knowledge of the Open Systems Interconnection (OSI) model
  • Understanding of core networking infrastructure components and technologies such as cabling, routers, hubs, and switches
  • Familiarity with networking topologies and architectures such as local area networks (LANs), wide area networks (WANs) and wireless networking
  • Some basic knowledge of the TCP/IP protocol stack, addressing and name resolution
  • Experience with and knowledge of Hyper-V and virtualization
  • Hands-on experience working with the Windows client operating systems such as Windows 8.1 or Windows 10

Course Outline

Module 1: Planning and implementing an IPv4 network

This module explains how to plan and implement an IPv4 addressing scheme to support organizational needs. This module also explains how to use fundamental networking tools and techniques to configure and troubleshoot IPv4-based networks.

  • Planning IPv4 addressing
  • Configuring an IPv4 host
  • Managing and troubleshooting IPv4 network connectivity

After completing this module, students will be able to:

  • Plan IPv4 addressing.
  • Configure an IPv4 host.
  • Manage and troubleshoot IPv4 network connectivity.
Module 2: Implementing DHCP

This module explains how to plan and implement DHCP to support the IPv4 infrastructure.

  • Overview of the DHCP server role
  • Deploying DHCP
  • Managing and troubleshooting DHCP

After completing this module, students will be able to:

  • Explain the DHCP server role.
  • Deploy DHCP.
  • Manage and troubleshoot DHCP.
Module 3: Implementing IPv6

This module explains how to implement IPv6, and how to integrate IPv6 and IPv4 networks.

  • Overview of IPv6 addressing
  • Configuring an IPv6 host
  • Implementing IPv6 and IPv4 coexistence
  • Transitioning from IPv4 to IPv6

After completing this module, students will be able to:

  • Describe the features and benefits of IPv6.
  • Configure an IPv6 host.
  • Implement the coexistence between IPv4 and IPv6 networks.
  • Transition from an IPv4 network to an IPv6 network.
Module 4: Implementing DNS

This module explains how to install, configure, and troubleshoot DNS within the organization's network.

  • Implementing DNS servers
  • Configuring zones in DNS
  • Configuring name resolution between DNS zones
  • Configuring DNS integration with Active Directory Domain Services (AD DS)
  • Configuring advanced DNS settings

After completing this module, students will be able to:

  • Implement DNS servers.
  • Configure zones in DNS.
  • Configure name resolution between DNS zones.
  • Configure DNS integration with AD DS.
  • Configure advanced DNS settings.
Module 5: Implementing and managing IPAM

This module explains how to implement and manage the IPAM feature in Windows Server 2016. This module also explains how to use IPAM to manage services such as DHCP and DNS.

  • IPAM overview
  • Deploying IPAM
  • Managing IP address spaces by using IPAM

After completing this module, students will be able to:

  • Describe IPAM functionality and components.
  • Deploy IPAM.
  • Manage IP address spaces by using IPAM.
Module 6: Remote access in Windows Server 2016

This module explains how to plan for remote access in Windows Server 2016 and how to implement Web Application Proxy.

  • Remote access overview
  • Implementing Web Application Proxy

After completing this module, students will be able to:

  • Describe remote access.
  • Implement Web Application Proxy.
Module 7: Implementing DirectAccess

This module explains how to implement and manage DirectAccess in Windows Server 2016.

  • Overview of DirectAccess
  • Implementing DirectAccess by using the Getting Started Wizard
  • Implementing and managing an advanced DirectAccess infrastructure

After completing this module, students will be able to:

  • Explain DirectAccess and how it works.
  • Implement DirectAccess by using the Getting Started Wizard.
  • Implement and manage an advanced DirectAccess infrastructure.
Module 8: Implementing VPNs

This module explains how to implement and manage remote access in Windows Server 2016 by using VPNs.

  • Planning VPNs
  • Implementing VPNs

After completing this module, students will be able to:

  • Plan for VPNs.
  • Implement VPNs.
Module 9: Implementing networking for branch offices

This module explains how to implement network services for branch offices.

  • Networking features and considerations for branch offices
  • Implementing Distributed File System (DFS) for branch offices
  • Implementing BranchCache for branch offices

After completing this module, students will be able to:

  • Describe the networking features and considerations for branch offices.
  • Implement DFS for branch offices.
  • Implement BranchCache for branch offices.
Module 10: Configuring advanced networking features

This module explains how to implement an advanced networking infrastructure.

  • Overview of high performance networking features
  • Configuring advanced Hyper-V networking features

After completing this module, students will be able to:

  • Describe high performance networking features.
  • Configure advanced Hyper-V networking features.
Module 11: Implementing software defined networking

This module explains how to implement software defined networking.

  • Overview of software defined networking
  • Implementing network virtualization
  • Implementing Network Controller

After completing this module, students will be able to:

  • Describe software defined networking.
  • Implement network virtualization.
  • Implement Network Controller.

[ back to top ]

Microsoft Course 20742

Exam 70-742: This course teaches IT Pros how to deploy and configure Active Directory Domain Services (AD DS) in a distributed environment, how to implement Group Policy, how to perform backup and restore, and how to monitor and troubleshoot Active Directory-related issues with Windows Server 2016. Additionally, this course teaches how to deploy other Active Directory server roles such as Active Directory Federation Services (AD FS) and Active Directory Certificate Services (AD CS).

Audience profile

This course is primarily intended for existing IT professionals who have some AD DS knowledge and experience and who aim to develop knowledge about identity and access technologies in Windows Server 2016. This would typically include:

  • AD DS administrators who are looking to train in identity and access technologies with Windows Server 2012 or Windows Server 2016.
  • System or infrastructure administrators with general AD DS experience and knowledge who are looking to cross-train in core and advanced identity and access technologies in Windows Server 2012 or Windows Server 2016.

The secondary audience for this course includes IT professionals who are looking to consolidate their knowledge about AD DS and related technologies, in addition to IT professionals who want to prepare for the 70-742 exam.

At course completion

After completing this course, students will be able to:

  • Install and configure domain controllers.
  • Manage objects in AD DS by using graphical tools and Windows PowerShell.
  • Implement AD DS in complex environments.
  • Implement AD DS sites, and configure and manage replication.
  • Implement and manage Group Policy Objects (GPOs).
  • Manage user settings by using GPOs.
  • Secure AD DS and user accounts.
  • Implement and manage a certificate authority (CA) hierarchy with AD CS.
  • Deploy and manage certificates.
  • Implement and administer AD FS.
  • Implement and administer Active Directory Rights Management Services (AD RMS).
  • Implement synchronization between AD DS and Azure AD.
  • Monitor, troubleshoot, and establish business continuity for AD DS services.

Prerequisites

Before attending this course, students must have:

  • Some exposure to and experience with AD DS concepts and technologies in Windows Server 2012 or Windows Server 2016.
  • Experience working with and configuring Windows Server 2012 or Windows Server 2016
  • Experience and an understanding of core networking technologies such as IP addressing, name resolution, and Dynamic Host Configuration Protocol (DHCP).
  • Experience working with and an understanding of Microsoft Hyper-V and basic server virtualization concepts.
  • An awareness of basic security best practices.
  • Hands-on working experience with Windows client operating systems such as Windows 7, Windows 8, Windows 8.1, or Windows 10.
  • Basic experience with the Windows PowerShell command-line interface.

Course Outline

Module 1: Installing and configuring DCs

This module describes features of AD DS and how to install domain controllers (DCs). It also covers the considerations for deploying DCs.

  • Overview of AD DS
  • Overview of AD DS DCs
  • Deploying DCs

After completing this module, students will be able to:

  • Describe AD DS and its main components.
  • Describe the purpose of DCs and the roles that a DC can hold.
  • Describe the considerations for deploying DCs.
Module 2: Managing objects in AD DS

This module describes how to use various techniques to manage objects in AD DS. This includes creating and configuring user, group, and computer objects.

  • Managing user accounts
  • Managing groups in AD DS
  • Managing computer accounts
  • Using Windows PowerShell for AD DS administration
  • Implementing and managing organizational units

After completing this module, students will be able to:

  • Describe and perform various techniques to manage user accounts.
  • Manage groups in AD DS.
  • Manage computers in AD DS.
  • Use Windows PowerShell to manage AD DS more efficiently.
  • Delegate permission to perform AD DS administration.
Module 3: Advanced AD DS infrastructure management

This module describes how to plan and implement an AD DS deployment that includes multiple domains and forests. The module provides an overview of the components in an advanced AD DS deployment, the process of implementing a distributed AD DS environment, and the procedure for configuring AD DS trusts.

  • Overview of advanced AD DS deployments
  • Deploying a distributed AD DS environment
  • Configuring AD DS trusts

After completing this module, students will be able to:

  • Describe the components of an advanced AD DS deployment.
  • Implement a distributed AD DS environment.
  • Configure AD DS trusts.
Module 4: Implementing and administering AD DS sites and replication

This module describes how to plan and implement an AD DS deployment that includes multiple locations. The module explains how replication works in a Windows Server 2016 AD DS environment.

  • Overview of AD DS replication
  • Configuring AD DS sites
  • Configuring and monitoring AD DS replication

After completing this module, students will be able to:

  • Describe how replication works in a Windows Server 2012 AD DS environment.
  • Configure AD DS sites to optimize AD DS network traffic.
  • Configure and monitor AD DS replication.
Module 5: Implementing Group Policy

This module describes how to implement a GPO infrastructure. The module provides an overview of the components and technologies that compose the Group Policy framework.

  • Introducing Group Policy
  • Implementing and administering GPOs
  • Group Policy scope and Group Policy processing
  • Troubleshooting the application of GPOs

After completing this module, students will be able to:

  • Describe the components and technologies that compose the Group Policy framework.
  • Configure and understand a variety of policy setting types.
  • Scope GPOs by using links, security groups, Windows Management Instrumentation (WMI) filters, loopback processing, and preference targeting.
  • Troubleshoot the application of GPOs.
Module 6: Managing user settings with GPOs

This module describes how to configure Group Policy settings and Group Policy preferences. This includes implementing administrative templates, configuring folder redirection and scripts, and configuring Group Policy preferences.

  • Implementing administrative templates
  • Configuring Folder Redirection and scripts
  • Configuring Group Policy preferences

After completing this module, students will be able to:

  • Describe administrative templates.
  • Configure Folder Redirection and scripts.
  • Configure GPO preferences.
Module 7: Securing AD DS

This module describes how to configure domain controller security, account security, password security, and Group Managed Service Accounts (gMSA).

  • Securing domain controllers
  • Implementing account security
  • Audit authentication
  • Configuring managed service accounts (MSAs)

After completing this module, students will be able to:

  • Secure domain controllers.
  • Implement password and lockout policies.
  • Configure authentication auditing and examine the resulting audit log.
  • Configure gMSAs.
Module 8: Deploying and managing AD CS

This module describes how to implement an AD CS deployment. This includes deploying, administering, and troubleshooting CAs.

  • Deploying CAs
  • Administering CAs
  • Troubleshooting and maintaining CAs

After completing this module, students will be able to:

  • Plan and implement an AD CS CA infrastructure.
  • Administer CAs.
  • Troubleshoot and maintain CAs.
Module 9: Deploying and managing certificates

This module describes how to deploy and manage certificates in an AD DS environment. This involves deploying and managing certificate templates, managing certificate revocation and recovery, using certificates in a business environment, and implementing smart cards.

  • Deploying and managing certificate templates
  • Managing certificate deployment, revocation, and recovery
  • Using certificates in a business environment
  • Implementing and managing smart cards

After completing this module, students will be able to:

  • Plan and implement a certificate template deployment by using an AD CS CA.
  • Describe and perform certificate enrollment, revocation, and recovery.
  • Describe and use certificates in business environments.
  • Describe how to use certificates with smart cards.
Module 10: Implementing and administering AD FS

This module describes AD FS and how to configure AD FS in a single-organization scenario and in a partner-organization scenario.

  • Overview of AD FS
  • AD FS requirements and planning
  • Deploying and configuring AD FS
  • Overview of Web Application Proxy

After completing this module, students will be able to:

  • Describe identity federation business scenarios and how AD FS can address them.
  • Configure AD FS prerequisites and plan AD FS services.
  • Implement AD FS to enable single sign-on (SSO) in various scenarios.
  • Describe Web Application Proxy.
Module 11: Implementing and administering AD RMS

This module describes how to implement an AD RMS deployment. The module provides an overview of AD RMS, explains how to deploy and manage an AD RMS infrastructure, and explains how to configure AD RMS content protection.

  • Overview of AD RMS
  • Deploying and managing an AD RMS infrastructure
  • Configuring AD RMS content protection

After completing this module, students will be able to:

  • Describe AD RMS and how it can help protect content.
  • Deploy and manage an AD RMS infrastructure.
  • Configure content protection by using AD RMS.
Module 12: Implementing AD DS synchronization with Azure AD

This module describes how to plan and configure directory syncing between Microsoft Azure Active Directory (Azure AD) and on-premises AD DS. The modules describes various sync scenarios, such as Azure AD sync, AD FS and Azure AD, and Azure AD Connect.

  • Planning and preparing for directory synchronization
  • Implementing directory synchronization by using Azure AD Connect
  • Managing identities with directory synchronization

After completing this module, students will be able to:

  • Plan and prepare for the deployment of directory synchronization.
  • Configure directory synchronization by using Azure AD Connect.
  • Manage identities after deploying directory synchronization.
Module 13: Monitoring, managing, and recovering AD DS

This module describes how to monitor, manage, and maintain AD DS to help achieve high availability of AD DS.

  • Monitoring AD DS
  • Managing the AD DS database
  • Recovering AD DS objects

After completing this module, students will be able to:

  • Monitor AD DS.
  • Manage the AD DS database.
  • Perform AD DS backup and restore operations, and to recover deleted objects from AD DS.

[ back to top ]

Microsoft Course 20744

Exam 70-744: This course teaches IT professionals how they can enhance the security of the IT infrastructure that they administer. This course begins by emphasizing the importance of assuming that network breaches have occurred already, and then teaches you how to protect administrative credentials and rights to help ensure that administrators can perform only the tasks that they need to, when they need to.

This course explains how you can use auditing and the Advanced Threat Analysis feature in Windows Server 2016 to identify security issues. You will also learn how to mitigate malware threats, secure your virtualization platform, and use deployment options such as Nano server and containers to enhance security. The course also explains how you can help protect access to files by using encryption and dynamic access control, and how you can enhance your network's security.

Audience profile

This course is for IT professionals who need to securely administer Windows Server 2016 networks. These professionals typically work with networks that are configured as Windows Server domain-based environments, with managed access to the internet and cloud services.

Students who seek certification in the 70-744 Securing Windows server exam also will benefit from this course.

At course completion

After completing this course, students will be able to:

  • Secure Windows Server.
  • Protect credentials and implement privileged access workstations.
  • Limit administrator rights with Just Enough Administration.
  • Manage privileged access.
  • Mitigate malware and threats.
  • Analyze activity with advanced auditing and log analytics.
  • Deploy and configure Advanced Threat Analytics and Microsoft Operations Management Suite.
  • Configure Guarded Fabric virtual machines (VMs).
  • Use the Security Compliance Toolkit (SCT) and containers to improve security.
  • Plan and protect data.
  • Optimize and secure file services.
  • Secure network traffic with firewalls and encryption.
  • Secure network traffic by using DNSSEC and Message Analyzer.

Prerequisites

Students should have at least two years of experience in the IT field and should have:

  • Completed courses 740, 741, and 742, or the equivalent.
  • A solid, practical understanding of networking fundamentals, including TCP/IP, User Datagram Protocol (UDP), and Domain Name System (DNS).
  • A solid, practical understanding of Active Directory Domain Services (AD DS) principles.
  • A solid, practical understanding of Microsoft Hyper-V virtualization fundamentals.
  • An understanding of Windows Server security principles.

Course Outline

Module 1: Attacks, breach detection, and Sysinternals tools

This module frames the course so that students are thinking about security in environments where the infrastructure's basis is predominantly Microsoft products. The module begins with teaching students about the "assume breach" philosophy and getting them to understand the different types of attacks that can occur, including attack timelines and vectors. Additionally, it gets students thinking about key resources, how they respond when they detect an incident, and how an organization's direct needs and legislative requirements dictate its security policy.

  • Understanding attacks
  • Detecting security breaches
  • Examining activity with the Sysinternals tools

After completing this module, students will be able to:

  • Describe the types of attacks that can occur.
  • Explain how to detect security breaches.
  • Explain how to examine activity by using the Sysinternals suite of tools.
Module 2: Protecting credentials and privileged access

This module covers user accounts and rights, computer and service accounts, credentials, Privileged Access Workstations, and the Local Administrator Password Solution. In this module, students will learn about configuring user rights and security options, protecting credentials by using Credential Guard, implementing Privileged Access Workstations, and managing and deploying Local Administrator Password Solution to manage local administrator account passwords.

  • Understanding user rights
  • Computer and service accounts
  • Protecting credentials
  • Privileged Access Workstations and jump servers
  • Local administrator password solution

After completing this module, students will be able to:

  • Configure user rights.
  • Implement computer and service accounts.
  • Protect credentials.
  • Describe how to configure Privileged Access Workstations and jump servers.
  • Configure the Local Administrator Password Solution (LAPS).
Module 3: Limiting administrator rights with Just Enough Administration

This module explains how to deploy and configure Just Enough Administration (JEA), which is an administrative technology that allows students to apply role-based access control (RBAC) principles through Windows PowerShell remote sessions.

  • Understanding JEA
  • Verifying and deploying JEA

After completing this module, students will be able to:

  • Understand JEA.
  • Verify and deploy JEA.
Module 4: Privileged access management and administrative forests

This module explains the concepts of Enhanced Security Administrative Environment (ESAE) forests, Microsoft Identity Manager (MIM), and Just In Time (JIT) Administration, or Privileged Access Management (PAM).

  • ESAE forests
  • Overview of Microsoft Identity Manager
  • Overview of JIT administration and PAM

After completing this module, students will be able to:

  • Describe ESAE forests.
  • Describe MIM.
  • Understand JIT administration and PAM.
Module 5: Mitigating malware and threats

This module explains how to use tools such as Windows Defender, Windows AppLocker, Microsoft Device Guard, Windows Defender Application Guard, and Windows Defender Exploit Guard.

  • Configuring and managing Windows Defender
  • Restricting software
  • Configuring and using the Device Guard feature

After completing this module, students will be able to:

  • Configure and manage Windows Defender.
  • Use software restriction policies and AppLocker.
  • Configure and use the Device Guard feature.
Module 6: Analyzing activity with advanced auditing and log analytics

This module provides an overview of auditing, and then goes into detail about how to configure advanced auditing and Windows PowerShell auditing and logging.

  • Overview of auditing
  • Advanced auditing
  • Windows PowerShell auditing and logging

After completing this module, students will be able to:

  • Describe auditing.
  • Understand advanced auditing.
  • Configure Windows PowerShell auditing and logging.
Module 7: Deploying and configuring Advanced Threat Analytics and Microsoft Operations Management Suite

This module explains the Microsoft Advanced Threat Analytics tool and the Microsoft Operations Management suite (OMS). It also explains how you can use them to monitor and analyse the security of a Windows Server deployment. You will also learn about Microsoft Azure Security Center, which allows you to manage and monitor the security configuration of workloads both on-premises and in the cloud.

  • Deploying and configuring ATA
  • Deploying and configuring Microsoft Operations Management Suite
  • Deploying and configuring Azure Security Center

After completing this module, students will be able to:

  • Deploy and configure ATA.
  • Deploy and configure Microsoft Operations Management Suite.
  • Deploy and configure Azure Security Center.
Module 8: Secure Virtualization Infrastructure

This module explains how to configure Guarded Fabric VMs, including the requirements for shielded and encryption-supported VMs.

  • Guarded fabric
  • Shielded and encryption-supported virtual machines

After completing this module, students will be able to:

  • Configure the guarded fabric.
  • Describe shielded and encryption-supported VMs.
Module 9: Securing application development and server-workload infrastructure

This module describes the SCT, which is a free, downloadable set of tools that you can use to create and apply security settings. You will also learn about improving platform security by reducing the size and scope of application and compute resources by containerizing workloads.

  • Using SCT
  • Understanding containers

After completing this module, students will be able to:

  • Install SCT, and create and deploy security baselines.
  • Configure Windows and Hyper-V containers in Windows Server 2016.
Module 10: Planning and protecting data

This module explains how to configure Encrypting File System (EFS) and BitLocker drive encryption to protect data at rest. You will also learn about extending protection into the cloud by using Azure Information Protection.

  • Planning and implementing encryption
  • Planning and implementing BitLocker
  • Protecting data by using Azure Information Protection

After completing this module, students will be able to:

  • Plan and implement encryption.
  • Plan and implement BitLocker.
  • Plan and implement Azure Information Protection.
Module 11: Optimizing and securing file services

This module explains how to optimize file services by configuring File Server Resource Manager (FSRM) and Distributed File System (DFS). Students also will learn how to manage access to shared files by configuring Dynamic Access Control (DAC).

  • File Server Resource Manager
  • Implementing classification and file management tasks
  • Dynamic Access Control

After completing this module, students will be able to:

  • Describe File Server Resource Manager.
  • Implement classification and file management tasks.
  • Implement Dynamic Access Control.
Module 12: Securing network traffic with firewalls and encryption

This module explains how you can use Windows Firewall as an important part of an organization's protection strategy. It explains the use of Internet Protocol security (IPsec) to encrypt network traffic and to establish security zones on your network. You will also learn about the Datacenter Firewall feature that you can use to help protect your on-premises virtual environments.

  • Understanding network-related security threats
  • Understanding Windows Firewall with Advanced Security
  • Configuring IPsec
  • Datacenter Firewall

After completing this module, students will be able to:

  • Describe network-related security threats and how to mitigate them.
  • Configure Windows Firewall with Advanced Security.
  • Configure IPsec.
  • Describe Datacenter Firewall.
Module 13: Securing network traffic

This module explores some of the Windows Server 2016 technologies that you can use to help mitigate network-security threats. It explains how you can configure DNSSEC to help protect network traffic, and use Microsoft Message Analyzer to monitor network traffic. The module also describes how to secure Server Message Block (SMB) traffic.

  • Configuring advanced DNS settings
  • Examining network traffic with Message Analyzer
  • Securing and analyzing SMB traffic

After completing this module, students will be able to:

  • Configure advanced DNS settings.
  • Use the Message Analyzer.
  • Secure SMB traffic.

[ back to top ]

CISSP - Certified Information Systems Security Professional

Reimbursement of the CISSP exam scheduled through ISC2.

CISSP training is an advanced course designed to meet the high demands of the information security industry by preparing students for the Certified Information Systems Security Professional (CISSP) exam.

Led by an authorized instructor, this training course provides a comprehensive review of information security concepts and industry best practices, covering the 8 domains of the CISSP CBK:

  • Security and Risk Management
  • Asset Security
  • Security Engineering
  • Communications and Network Security
  • Identity and Access Management
  • Security Assessment and Testing
  • Security Operations
  • Software Development Security

Who should attend?

This training course is intended for professionals who have at least 5 years of recent full-time professional work experience in 2 or more of the 8 domains of the CISSP CBK and are pursuing CISSP training and certification to acquire the credibility and mobility to advance within their current information security careers. The training seminar is ideal for those working in positions such as, but not limited to:

  • Security Consultant
  • Security Manager
  • IT Director/Manager
  • Security Auditor
  • Security Architect
  • Security Analyst
  • Security Systems Engineer
  • Chief Information Security Officer
  • Director of Security
  • Network Architect
The CISSP Helps You:
  • Validate your proven competence gained through years of experience in information security
  • Demonstrate your technical knowledge, skills, and abilities to effectively develop a holistic security program set against globally accepted standards
  • Differentiate yourself from other candidates for desirable job openings in the fast-growing information security market
  • Affirm your commitment to the field and ongoing relevancy through continuing professional education and understanding of the most current best practices
  • Gain access to valuable career resources, such as networking and ideas exchange with peers
The CISSP Helps Employers:
  • Protect against threats with qualified professionals who have the expertise to competently design, build, and maintain a secure business environment
  • Ensure professionals stay current on emerging threats, technologies, regulations, standards, and practices through the continuing professional education requirements
  • Increase confidence that candidates are qualified and committed to information security
  • Ensure employees use a universal language, circumventing ambiguity with industry-accepted terms and practices
  • Increase organizations' credibility when working with clients and vendors

Learning Objectives

  • Understand and apply the concepts of risk assessment, risk analysis, data classification, and security awareness and Implement risk management and the principles used to support it (Risk avoidance, Risk acceptance, Risk mitigation, Risk transference)
  • Apply a comprehensive and rigorous method for describing a current and/or future structure and behavior for an organization's security processes, information security systems, personnel, and organizational sub-units so that these practices and processes align with the organization's core goals and strategic direction and address the frameworks and policies, concepts, principles, structures, and standards used to establish criteria for the protection of information assets, as well as to assess the effectiveness of that protection and establish the foundation of a comprehensive and proactive security program to ensure the protection of an organization's information assets
  • Apply a comprehensive and rigorous method for describing a current and/or future structure and behavior for an organization's security processes, information security systems, personnel, and organizational sub-units so that these practices and processes align with the organization's core goals and strategic direction and examine the principles, means, and methods of applying mathematical algorithms and data transformations to information to ensure its integrity, confidentiality, and authenticity
  • Understand the structures, transmission methods, transport formats, and security measures used to provide confidentiality, integrity, and availability for transmissions over private and public communications networks and media and identify risks that can be quantitatively and qualitatively measured to support the building of business cases to drive proactive security in the enterprise.
  • Offer greater visibility into determining who or what may have altered data or system information, potentially affecting the integrity of those asset and match an entity, such as a person or a computer system, with the actions that entity takes against valuable assets, allowing organizations to have a better understanding of the state of their security posture.
  • Plan for technology development, including risk, and evaluate the system design against mission requirements, and identify where competitive prototyping and other evaluation techniques fit in the process
  • Protect and control information processing assets in centralized and distributed environments and execute the daily tasks required to keep security services operating reliably and efficiently.
  • Understand the Software Development Life Cycle (SDLC) and how to apply security to it, and identify which security control(s) are appropriate for the development environment, and assess the effectiveness of software security

To qualify for a re-sit of the Official CISSP course, a student must have attempted the exam and failed before a free re-sit is permitted.

Prerequisites

Candidates must have a minimum of five (5) years of cumulative paid full-time professional security work experience in two or more of the 8 domains of the CISSP CBK.

Candidates may receive a one year experience waiver with a four-year college degree, or regional equivalent OR additional credential from the approved list, thus requiring four (4) years of direct full-time professional security work experience in two or more of the ten domains of the CISSP CBK.

Candidates who have not completed the 5 years of experience to take the CISSP, can take an Associate CISSP exam. This will give them a credential showing their knowledge until they are able to meet the experience requirements for the CISSP.

How to Get Your CISSP® Certification

Course Outline

Security and Risk Management
  • Security governance principles
  • Compliance
  • Legal and regulatory issues
  • Professional ethic
  • Security policies, standards, procedures and guidelines
Asset Security
  • Information and asset classification
  • Ownership (e.g. data owners, system owners)
  • Protect privacy
  • Appropriate retention
  • Data security controls
  • Handling requirements (e.g. markings, labels, storage)
Security Engineering
  • Engineering processes using secure design principles
  • Security models fundamental concepts
  • Security evaluation models
  • Security capabilities of information systems
  • Security architectures, designs, and solution elements vulnerabilities
  • Web-based systems vulnerabilities
  • Mobile systems vulnerabilities
  • Embedded devices and cyber-physical systems vulnerabilities
  • Cryptography
  • Site and facility design secure principles
  • Physical security
Communication and Network Security
  • Secure network architecture design (e.g. IP & non-IP protocols, segmentation)
  • Secure network components
  • Secure communication channels
  • Network attacks
Identity and Access Management
  • Physical and logical assets control
  • Identification and authentication of people and devices
  • Identity as a service (e.g. cloud identity)
  • Third-party identity services (e.g. on-premise)
  • Access control attacks
  • Identity and access provisioning lifecycle (e.g. provisioning review)
Security Assessment and Testing
  • Assessment and test strategies
  • Security process data (e.g. management and operational controls)
  • Security control testing
  • Test outputs (e.g. automated, manual)
  • Security architectures vulnerabilities
Security Operations
  • Investigations support and requirements
  • Logging and monitoring activities
  • Provisioning of resources
  • Foundational security operations concepts
  • Resource protection techniques
  • Incident management
  • Preventative measures
  • Patch and vulnerability management
  • Change management processes
  • Recovery strategies
  • Disaster recovery processes and plans
  • Business continuity planning and exercises
  • Physical security
  • Personnel safety concerns
Software Development Security
  • Security in the software development lifecycle
  • Development environment security controls
  • Software security effectiveness
  • Acquired software security impact

[ back to top ]

EC-Council Certified Ethical Hacker & Security Analyst (CEH/ECSA)

Ethical Hacking and Countermeasures will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The lab intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems.

EC-Council's Certified Security Analyst program is a highly interactive security class designed to teach Security Professionals the advanced uses of the methodologies, tools and techniques required to perform comprehensive information security tests. Students will learn how to design, secure and test networks to protect your organization from the threats hackers and crackers pose. By teaching the tools and ground breaking techniques for security and penetration testing, this class will help you perform the intensive assessments required to effectively identify and mitigate risks to the security of your infrastructure. As students learn to identify security problems, they also learn how to avoid and eliminate them, with the class providing complete coverage of analysis and network security-testing topics.

Prerequisites

A foundational knowledge of computers Operating Systems and Networking protocols.


Ethical Hacking

This class will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The lab intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems. Students will begin by understanding how perimeter defenses work and then be lead into scanning and attacking their own networks, no real network is harmed. Students then learn how intruders escalate privileges and what steps can be taken to secure a system. Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation. When a student leaves this intensive class they will have hands on understanding and experience in Ethical Hacking.

This course prepares you for EC-Council Certified Ethical Hacker (Exam 312-50)

Who Should Attend

This course will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.

Certification

The Certified Ethical Hacker certification (Exam 312-50) will be conducted on the last day of training. Students need to pass the online Prometric exam to receive CEH certification.

Prerequisites

A foundational knowledge of computers Operating Systems and Networking protocols.

Course Outline

Ethics and Legality
  • What is an Exploit?
  • The security functionality triangle
  • The attacker's process
  • Passive reconnaissance
  • Active reconnaissance
  • Types of attacks
  • Categories of exploits
  • Goals attackers try to achieve
  • Ethical hackers and crackers - who are they
  • Self proclaimed ethical hacking
  • Hacking for a cause (Hacktivism)
  • Skills required for ethical hacking
  • Categories of Ethical Hackers
  • What do Ethical Hackers do?
  • Security evaluation plan
  • Types of Ethical Hacks
  • Testing Types
  • Ethical Hacking Report
  • Cyber Security Enhancement Act of 2002
  • Computer Crimes
  • Overview of US Federal Laws
  • Section 1029
  • Section 1030
  • Hacking Punishment
Footprinting
  • What is Footprinting
  • Steps for gathering information
  • Whois
  • http://tucows.com
  • Hacking Tool: Sam Spade
  • Analyzing Whois output
  • NSLookup
  • Finding the address range of the network
  • ARIN
  • Traceroute
  • Hacking Tool: NeoTrace
  • Visual Route
  • Visual Lookout
  • Hacking Tool: Smart Whois
  • Hacking Tool: eMailTracking Pro
  • Hacking Tool: MailTracking.com
Scanning
  • Determining if the system is alive?
  • Active stack fingerprinting
  • Passive stack fingerprinting
  • Hacking Tool: Pinger
  • Hacking Tool: Friendly Pinger
  • Hacking Tool: WS_Ping_Pro
  • Hacking Tool: Netscan Tools Pro 2000
  • Hacking Tool: Hping2
  • Hacking Tool: KingPing
  • Hacking Tool: icmpenum
  • Hacking Tool: SNMP Scanner
  • Detecting Ping sweeps
  • ICMP Queries
  • Hacking Tool: netcraft.com
  • Port Scanning
  • TCPs 3-way handshake
  • TCP Scan types
  • Hacking Tool: IPEye
  • Hacking Tool: IPSECSCAN
  • Hacking Tool: nmap
  • Port Scan countermeasures
  • Hacking Tool: HTTrack Web Copier
  • Network Management Tools
  • SolarWinds Toolset
  • NeoWatch
  • War Dialing
  • Hacking Tool: THC-Scan
  • Hacking Tool: PhoneSweep War Dialer
  • Hacking Tool: Telesweep
  • Hacking Tool: Queso
  • Hacking Tool: Cheops
  • Proxy Servers
  • Hacking Tool: SocksChain
  • Surf the web anonymously
  • TCP/IP through HTTP Tunneling
  • Hacking Tool: HTTPort
  • Hacking Tool: Tunneld
  • Hacking Tool: BackStealth
Enumeration
  • What is Enumeration
  • NetBios Null Sessions
  • Null Session Countermeasures
  • NetBIOS Enumeration
  • Hacking Tool: DumpSec
  • Hacking Tool: Hyena
  • Hacking Tool: NAT
  • SNMP Enumertion
  • SNMPUtil
  • Hacking Tool: IP Network Browser
  • SNMP Enumeration Countermeasures
  • Windows 2000 DNS Zone transfer
  • Identifying Win2000 Accounts
  • Hacking Tool: User2SID
  • Hacking Tool: SID2User
  • Hacking Tool: Enum
  • Hacking Tool: UserInfo
  • Hacking Tool: GetAcct
  • Hacking Tool: smbbf
  • SMB Auditing Tools
  • Active Directory Enumeration
  • W2K Active Directory attack
System Hacking
  • Administrator Password Guessing
  • Performing Automated Password Guessing
  • Legion
  • NTInfoScan
  • Defending Against Password Guessing
  • Monitoring Event Viewer Logs
  • VisualLast
  • Eavesdroppin on Network Password Exchange
  • Hacking Tool: L0phtCrack
  • Hacking Tool: KerbCrack
  • Privilege Escalation
  • Hacking Tool: GetAdmin
  • Hacking Tool: hk
  • Manual Password Cracking Algorithm
  • Automatic Password Cracking Algorithm
  • Password Types
  • Types of Password Attacks
  • Dictionary Attack
  • Brute Force Attack
  • Distributed Brute Force Attack
  • Password Change Interval
  • Hybrid Attack
  • Cracking Windows 2000 Passwords
  • Retrieving the SAM file
  • Redirecting SMB Logon to the Attacker
  • SMB Redirection
  • Hacking Tool: SMBRelay
  • Hacking Tool: SMBRelay2
  • Hacking Tool: pwdump2
  • Hacking Tool: SAMdump
  • Hacking Tool: C2MYAZZ
  • Win32 Create Local Admin User
  • Offline NT Password Resetter
  • Hacking Tool: psexec
  • Hacking Tool: remoxec
  • SMBRelay Man-in-the-Middle (MITM)
  • SMBRelay MITM Countermeasures
  • Hacking Tool: SMBGrinder
  • Hacking Tool: SMBDie
  • Hacking Tool: NBTDeputy
  • NetBIOS DoS Attack
  • Hacking Tool: nbname
  • Hacking Tool: John the Ripper
  • LanManager Hash
  • Password Cracking Countermeasures
  • Keystroke Logger
  • Hacking Tool: Spector
  • AntiSpector
  • Hacking Tool: eBlaster
  • Hacking Tool: SpyAnywhere
  • Hacking Tool: IKS Software Logger
  • Hacking Tool: Fearless Key Logger
  • Hacking Tool: E-mail Keylogger
  • Hardware Tool: Hardware Key Logger
  • Hacking Tool: Rootkit
  • Planting Rootkit on Windows 2000 Machine
  • _rootkit_ embedded TCP/IP Stack
  • Rootkit Countermeasures
  • MD5 Checksum utility
  • Tripwire
  • Covering Tracks
  • Disabling Auditing
  • Auditpol
  • Clearing the Event Log
  • Hacking Tool: Elslave
  • Hacking Tool: Winzapper
  • Hacking Tool: Evidence Eliminator
  • Hidding Files
  • NTFS File Streaming
  • Hacking Tool: makestrm
  • NTFS Streams Countermeasures
  • LNS
  • Steganography
  • Hacking Tool: ImageHide
  • Hacking Tool: BlindSide
  • Hacking Tool: MP3Stego
  • Hacking Tool: Snow
  • Hacking Tool: Camera/Shy
  • Steganography Detection
  • StegDetect
  • Hacking Tool: Stealth Files
  • Encrypted File System
  • Hacking Tool: dskprobe
  • Hacking Tool: EFSView
  • Buffer Overflows
  • Creating Buffer Overflow Exploit
  • Outlook Buffer Overflow
  • Hacking Tool: Outoutlook
Trojans and Backdoors
  • What is a Trojan Horse?
  • Overt and Covert
  • Hacking Tool: QAZ
  • Hacking Tool: Tini
  • Hacking Tool: Netcat
  • Hacking Tool: Donald Dick
  • Hacking Tool: SubSeven
  • Hacking Tool: BackOrifice 2000
  • Back Oriffice Plug-ins
  • BoSniffer
  • Hacking Tool: NetBus
  • ComputerSpy Key Logger
  • Hacking Tool: Beast Trojan
  • Hacking Tool: CyberSpy Telnet Trojan
  • Hacking Tool: SubRoot Telnet Trojan
  • Hacking Tool: LetMeRule
  • Wrappers
  • Hacking Tool: Graffiti
  • Hacking Tool: Silk Rope 2000
  • Hacking Tool: EliteWrap
  • Hacking Tool: IconPlus
  • Packaging Tool: Microsoft WordPad
  • Hacking Tool: Whack a Mole
  • Trojan Construction Kit
  • Writing Trojans in Java
  • Hacking Tool: FireKiller 2000
  • Covert Channels
  • ICMP Tunneling
  • Hacking Tool: Loki
  • Reverse WWW Shell
  • Backdoor Countermeasures
  • BO Startup and Registry Entries
  • NetBus Startup and Registry Keys
  • Port Monitoring Tools
  • fPort
  • TCPView
  • Process Viewer
  • Inzider - Tracks Processes and Ports
  • Trojan Maker
  • Hacking Tool: Hard Disk Killer
  • Man-in-the-Middle Attack
  • Hacking Tool: dsniff
  • System File Verification
  • TripWire
Sniffers
  • What is a Sniffer?
  • Hacking Tool: Ethereal
  • Hacking Tool: Snort
  • Hacking Tool: WinDump
  • Hacking Tool: EtherPeek
  • Passive Sniffing
  • Active Sniffing
  • Hacking Tool: EtherFlood
  • How ARP Works?
  • Hacking Tool: ArpSpoof
  • Hacking Tool: DSniff
  • Hacking Tool: Macof
  • Hacking Tool: mailsnarf
  • Hacking Tool: URLsnarf
  • Hacking Tool: Webspy
  • Hacking Tool: Ettercap
  • Hacking Tool: WebMiTM
  • IP Restrictions Scanner
  • Hacking Tool: sTerm
  • Hacking Tool: Cain and Abel
  • Hacking Tool: Packet Crafter
  • Hacking Tool: SMAC
  • MAC Changer
  • ARP Spoofing Countermeasures
  • Hacking Tool: WinDNSSpoof
  • Hacking Tool: Distributed DNS Flooder
  • Hacking Tool: WinSniffer
  • Network Tool: IRIS
  • Network Tool: NetInterceptor
  • SniffDet
  • Hacking Tool: WinTCPKill
Denial of Service
  • What is Denial of Service Attack?
  • Types of DoS Attacks
  • How DoS Work?
  • What is DDoS?
  • Hacking Tool: Ping of Death
  • Hacking Tool: SSPing
  • Hacking Tool: Land
  • Hacking Tool: Smurf
  • Hacking Tool: SYN Flood
  • Hacking Tool: CPU Hog
  • Hacking Tool: Win Nuke
  • Hacking Tool: RPC Locator
  • Hacking Tool: Jolt2
  • Hacking Tool: Bubonic
  • Hacking Tool: Targa
  • Tools for Running DDoS Attacks
  • Hacking Tool: Trinoo
  • Hacking Tool: WinTrinoo
  • Hacking Tool: TFN
  • Hacking Tool: TFN2K
  • Hacking Tool: Stacheldraht
  • Hacking Tool: Shaft
  • Hacking Tool: mstream
  • DDoS Attack Sequence
  • Preventing DoS Attack
  • DoS Scanning Tools
  • Find_ddos
  • SARA
  • DDoSPing
  • RID
  • Zombie Zapper
Social Engineering
  • What is Social Engineering?
  • Art of Manipulation
  • Human Weakness
  • Common Types of Social Engineering
  • Human Based Impersonation
  • Important User
  • Tech Support
  • Third Party Authorization
  • In Person
  • Dumpster Diving
  • Shoulder Surfing
  • Computer Impersonation
  • Mail Attachments
  • Popup Windows
  • Website Faking
  • Reverse Social Engineering
  • Policies and Procedures
  • Social Engineering Security Policies
  • The Importance of Employee Education
Session Hijacking
  • What is Session Hijacking?
  • Session Hijacking Steps
  • Spoofing Vs Hijacking
  • Active Session Hijacking
  • Passive Session Hijacking
  • TCP Concepts - 3 way Handshake
  • Sequence Numbers
  • Sequence Number Example
  • Guessing the Sequence Numbers
  • Hacking Tool: Juggernaut
  • Hacking Tool: Hunt
  • Hacking Tool: TTYWatcher
  • Hacking Tool: IP Watcher
  • Hacking Tool: T-Sight
  • Remote TCP Session Reset Utility
  • Dangers Posed by Session Hijacking
  • Protection against Session Hijacking
Hacking Web Servers
  • Apache Vulnerability
  • Attacks against IIS
  • IIS Components
  • ISAPI DLL Buffer Overflows
  • IPP Printer Overflow
  • msw3prt.dll
  • Oversized Print Requests
  • Hacking Tool: Jill32
  • Hacking Tool: IIS5-Koei
  • Hacking Tool: IIS5Hack
  • IPP Buffer Overflow Countermeasures
  • ISAPI DLL Source Disclosure
  • ISAPI.DLL Exploit
  • Defacing Web Pages
  • IIS Directory Traversal
  • Unicode
  • Directory Listing
  • Clearing IIS Logs
  • Network Tool: LogAnalyzer
  • Attack Signature
  • Creating Internet Explorer (IE) Trojan
  • Hacking Tool: IISExploit
  • Hacking Tool: UnicodeUploader.pl
  • Hacking Tool: cmdasp.asp
  • Escalating Privilages on IIS
  • Hacking Tool: IISCrack.dll
  • Hacking Tool: ispc.exe
  • IIS WebDav Vulnerability
  • Hacking Tool: WB
  • RPC Exploit-GUI
  • Hacking Tool: DComExpl_UnixWin32
  • Hacking Tool: Plonk
  • Unspecified Executable Path Vulnerability
  • Hacking Tool: CleanIISLog
  • File System Traversal Countermeasures
  • Microsoft HotFix Problems
  • UpdateExpert
  • Cacls utility
  • Network Tool: Whisker
  • N-Stealth Scanner
  • Hacking Tool: WebInspect
  • Network Tool: Shadow Security Scanner
Web Application Vulnerabilities
  • Documenting the Application Structure
  • Manually Inspecting Applications
  • Using Google to Inspect Applications
  • Directory Structure
  • Hacking Tool: Instant Source
  • Java Classes and Applets
  • Hacking Tool: Jad
  • HTML Comments and Contents
  • Hacking Tool: Lynx
  • Hacking Tool: Wget
  • Hacking Tool: Black Widow
  • Hacking Tool: WebSleuth
  • Cross Side Scripting
  • Session Hijacking using XSS
  • Cookie Stealing
  • Hacking Tool: IEEN
  • Hacking Tool: IEflaw
  • Exposing Sensitive Data with Google
Web Based Password Cracking Techniques
  • Basic Authentication
  • Message Digest Authentication
  • NTLM Authentication
  • Certificate based Authentication
  • Digital Certificates
  • Microsoft Passport Authentication
  • Forms based Authentication
  • Creating Fake Certificates
  • Hacking Tool: WinSSLMiM
  • Password Guessing
  • Dfault Account Database
  • Hacking Tool: WebCracker
  • Hacking Tool: Brutus
  • Hacking Tool: ObiWan
  • Hacking Tool: Munga Bunga
  • Password dictionary Files
  • Attack Time
  • Hacking Tool: Variant
  • Hacking Tool: PassList
  • Query Strings
  • Post data
  • Hacking Tool: cURL
  • Stealing Cookies
  • Hacking Tool: CookieSpy
  • Hacking Tool: ReadCookies
  • Hacking Tool: SnadBoy
SQL Injection
  • What is SQL Injection Vulnerability?
  • SQL Insertion Discovery
  • Blank sa Password
  • Simple Input Validation
  • SQL Injection
  • OLE DB Errors
  • 1=1
  • blah' or 1=1
  • Preventing SQL Injection
  • Database Specific SQL Injection
  • Hacking Tool: SQLDict
  • Hacking Tool: SQLExec
  • Hacking Tool: SQLbf
  • Hacking Tool: SQLSmack
  • Hacking Tool: SQL2.exe
  • Hacking Tool: Oracle Password Buster
Hacking Wireless Networks
  • 802.11 Standards
  • What is WEP?
  • Finding WLANs
  • Cracking WEP keys
  • Sniffing Trafic
  • Wireless DoS Attacks
  • WLAN Scanners
  • WLAN Sniffers
  • MAC Sniffing
  • Access Point Spoofing
  • Securing Wireless Networks
  • Hacking Tool: NetTumbler
  • Hacking Tool: AirSnort
  • Hacking Tool: AiroPeek
  • Hacking Tool: WEP Cracker
  • Hacking Tool: Kismet
  • Hacking Tool: AirSnarf
  • WIDZ- Wireless IDS
Virus and Worms
  • Cherobyl
  • ExploreZip
  • I Love You
  • Melissa
  • Pretty Park
  • Code Red Worm
  • W32/Klez
  • BugBear
  • W32/Opaserv Worm
  • Nimda
  • Code Red
  • SQL Slammer
  • Batch File Virus Creator
  • How to write your own Virus?
  • Worm Construction Kits
Novell Hacking
  • Common accounts and passwords
  • Accessing password files
  • Password crackers
  • Netware Hacking Tools
  • Chknull
  • NOVELBFH
  • NWPCRACK
  • Bindery
  • BinCrack
  • SETPWD.NLM
  • Kock
  • userdump
  • Burglar
  • Getit
  • Spooflog
  • Gobbler
  • Novelffs
  • Pandora
Linux Hacking
  • Why Linux ?
  • Linux Basics
  • Compiling Programs in Linux
  • Scanning Networks
  • Mapping Networks
  • Password Cracking in Linux
  • Linux Vulnerabilities
  • SARA
  • TARA
  • Sniffing
  • A Pinger in Disguise
  • Session Hijacking
  • Linux Rootkits
  • Linux Security Countermeasures
  • IPChains and IPTables
IDS, Firewalls and Honeypots
  • Intrusion Detection System
  • System Integrity Verifiers
  • How are Intrusions Detected?
  • Anomaly Detection
  • Signature Recognition
  • How does IDS match Signatures with Incoming Traffic?
  • Protocol Stack Verification
  • Application Protocol Verification
  • What Happens after an IDS Detects an Attack?
  • IDS Software Vendors
  • SNORT
  • Evading IDS (Techniques)
  • Complex IDS Evasion
  • Hacking Tool: fragrouter
  • Hacking Tool: TCPReplay
  • Hacking Tool: SideStep
  • Hacking Tool: NIDSbench
  • Hacking Tool: ADMutate
  • IDS Detection
  • Tools to Detect Packet Sniffers
  • Tools to inject strangely formatted packets onto the wire
  • Hacking Through Firewalls
  • Placing Backdoors through Firewalls
  • Hiding behind Covert Channels
  • Hacking Tool: Ncovert
  • What is a Honeypot?
  • Honeypots Evasion
  • Honeypots vendors
  • Hacking Tool: Honeyd
Buffer Overflows
  • What is a Buffer Overflow?
  • Exploitation
  • Assembly Language Basics
  • How to Detect Buffer Overflows in a Program?
  • Skills Required
  • CPU/OS Dependency
  • Understanding Stacks
  • Stack Based Buffer Overflows
  • Buffer Overflow Technical Implementation
  • Writing your own Buffer Overflow Exploit in C
  • Defense against Buffer Overflows
  • Type Checking Tools for Compiling Programs
  • StackGuard
  • Immunix
Cryptography
  • What is PKI?
  • Digital Certificates
  • RSA
  • MD-5
  • RC-5
  • SHA
  • SSL
  • PGP
  • SSH
  • Encryption Cracking Techniques
Penetration Testing Methodologies

[ back to top ]

ECSA

ECSA is a security class like no other! Providing real world hands on experience, it is the only in-depth Advanced Hacking and Penetration Testing class available that covers testing in all modern infrastructures, operating systems and application environments.

EC-Council's Certified Security Analyst program is a highly interactive 5-day security class designed to teach Security Professionals the advanced uses of the methodologies, tools and techniques required to perform comprehensive information security tests. Students will learn how to design, secure and test networks to protect your organization from the threats hackers and crackers pose. By teaching the tools and ground breaking techniques for security and penetration testing, this class will help you perform the intensive assessments required to effectively identify and mitigate risks to the security of your infrastructure. As students learn to identify security problems, they also learn how to avoid and eliminate them, with the class providing complete coverage of analysis and network security-testing topics.

This course prepares you for EC-Council's Certified Security Analyst Exam 412-79.

Who Should Attend

Network server administrators, Firewall Administrators, Security Testers, System Administrators and Risk Assessment professionals.

Certification

The ECSA certification exam will be conducted on the last day of training. Students need to pass the online Prometric exam 412-79 to receive the ECSA certification.

Prerequisites

A foundational knowledge of computers Operating Systems and Networking protocols & the CEH certification.

Course Outline

Module 1: The Need for Security Analysis
  • What Are We Concerned About?
  • So What Are You Trying To Protect?
  • Why Are Intrusions So Often Successful?
  • What Are The Greatest Challenges?
  • Environmental Complexity
  • New Technologies
  • New Threats, New Exploits
  • Limited Focus
  • Limited Expertise
  • Authentication
  • Authorization
  • Confidentiality
  • Integrity
  • Availability
  • Nonrepudiation
  • We Must Be Diligento:p>
  • Threat Agents
  • Assessment Questions
  • How Much Security is Enough?
  • Risk
  • Simplifying Risk
  • Risk Analysis
  • Risk Assessment Answers Seven Questions
  • Steps of Risk Assessment
  • Risk Assessment Values
  • Information Security Awareness
  • Security policies
  • Types of Policies
  • Promiscuous Policy
  • Permissive Policy
  • Prudent Policy
  • Paranoid Policy
  • Acceptable-Use Policy
  • User-Account Policy
  • Remote-Access Policy
  • Information-Protection Policy
  • Firewall-Management Policy
  • Special-Access Policy
  • Network-Connection Policy
  • Business-Partner Policy
  • Other Important Policies
  • Policy Statements
  • Basic Document Set of Information Security Policies
  • ISO 17799
  • Domains of ISO 17799
  • No Simple Solutions
  • U.S. Legislation
  • California SB 1386
  • Sarbanes-Oxley 2002
  • Gramm-Leach-Bliley Act (GLBA)
  • Health Insurance Portability and Accountability Act (HIPAA)
  • USA Patriot Act 2001
  • U.K. Legislation
  • How Does This Law Affect a Security Officer?
  • The Data Protection Act 1998
  • The Human Rights Act 1998
  • Interception of Communications
  • The Freedom of Information Act 2000
  • The Audit Investigation and Community Enterprise Act 2005
Module 2: Advanced Googling
  • Site Operator
  • intitle:index.of
  • error | warning
  • login | logon
  • username | userid | employee.ID | "your username is"
  • password | passcode | "your password is"
  • admin | administrator
  • admin login
  • -ext:html -ext:htm -ext:shtml -ext:asp -ext:php
  • inurl:temp | inurl:tmp | inurl:backup | inurl:bak
  • intranet | help.desk
  • Locating Public Exploit Sites
  • Locating Exploits Via Common Code Strings
  • Searching for Exploit Code with Nonstandard Extensions
  • Locating Source Code with Common Strings
  • Locating Vulnerable Targets
  • Locating Targets Via Demonstration Pages
  • "Powered by" Tags Are Common Query Fodder for Finding Web Applications
  • Locating Targets Via Source Code
  • Vulnerable Web Application Examples
  • Locating Targets Via CGI Scanning
  • A Single CGI Scan-Style Query
  • Directory Listings
  • Finding IIS 5.0 Servers
  • Web Server Software Error Messages
  • IIS HTTP/1.1 Error Page Titles
  • "Object Not Found" Error Message Used to Find IIS 5.0
  • Apache Web Server
  • Apache 2.0 Error Pages
  • Application Software Error Messages
  • ASP Dumps Provide Dangerous Details
  • Many Errors Reveal Pathnames and Filenames
  • CGI Environment Listings Reveal Lots of Information
  • Default Pages
  • A Typical Apache Default Web Page
  • Locating Default Installations of IIS 4.0 on Windows NT 4.0/OP
  • Default Pages Query for Web Server
  • Outlook Web Access Default Portal
  • Searching for Passwords
  • Windows Registry Entries Can Reveal Passwords
  • Usernames, Cleartext Passwords, and Hostnames!
Module 3: TCP/IP Packet Analysis
  • TCP/IP Model
  • Application Layer
  • Transport Layer
  • Internet Layer
  • Network Access Layer
  • Comparing OSI and TCP/IP
  • Addressing
  • IPv4 Addresses
  • IP Classes of Addresses
  • Reserved IP Addresses
  • Private Addresses
  • Subnetting
  • IPv4 and IPv6
  • Transport Layer
  • Flow Control
  • Three-Way Handshake
  • TCP/IP Protocols
  • TCP Header
  • IP Header
  • IP Header: Protocol Field
  • UDP
  • TCP and UDP Port Numbers
  • Port Numbers
  • TCP Operation
  • Synchronization or 3-way Handshake
  • Denial of Service (DoS) Attacks
  • DoS Syn Flooding Attack
  • Windowing
  • Acknowledgement
  • Windowing and Window Sizes
  • Simple Windowing
  • Sliding Windows
  • Sequencing Numbers
  • Positive Acknowledgment and Retransmission (PAR)
  • UDP Operation
  • Port Numbers Positioning between Transport and Application Layer (TCP and UDP)
  • Port Numbers
  • http://www.iana.org/assignments/port-numbers
  • What Makes Each Connection Unique?
  • Internet Control Message Protocol (ICMP)
  • Error Reporting and Error Correction
  • ICMP Message Delivery
  • Format of an ICMP Message
  • Unreachable Networks
  • Destination Unreachable Message
  • ICMP Echo (Request) and Echo Reply
  • Detecting Excessively Long Routes
  • IP Parameter Problem
  • ICMP Control Messages
  • ICMP Redirects
  • Clock Synchronization and Transit Time Estimation
  • Information Requests and Reply Message Formats
  • Address Masks
  • Router Solicitation and Advertisement
Module 4: Advanced Sniffing Techniques
  • What is Wireshark?
  • Wireshark: Filters
  • IP Display Filters
  • Example
  • Wireshark: Tshark
  • Wireshark: Editcap
  • Wireshark: Mergecap
  • Wireshark: Text2pcap
  • Using Wireshark for Network Troubleshooting
  • Network Troubleshooting Methodology
  • Using Wireshark for System Administration
  • ARP Problems
  • ICMP Echo Request/Reply Header Layout
  • TCP Flags
  • TCP SYN Packet Flags Bit Field
  • Capture Filter Examples
  • Scenario 1: SYN no SYN+ACK
  • Scenario 2: SYN Immediate Response RST
  • Scenario 3: SYN SYN+ACK ACK
  • Using Wireshark for Security Administration
  • Detecting Internet Relay Chat Activity
  • Wireshark as a Detector for Proprietary Information Transmission
  • Sniffer Detection
  • Wireless Sniffing with Wireshark
  • AirPcap
  • Using Channel Hopping
  • Interference and Collisions
  • Recommendations for Sniffing Wireless
  • Analyzing Wireless Traffic
  • IEEE 802.11 Header
  • IEEE 802.11 Header Fields
  • Filters
  • Filtering on Source MAC Address and BSSID
  • Filtering on BSSID
  • Filter on SSID
  • Wireless Frame Types Filters
  • Unencrypted Data Traffic
  • Identifying Hidden SSIDs
  • Revealed SSID
  • Identifying EAP Authentication Failures
  • Identifying the EAP Type
  • Identifying Key Negotiation Properties
  • EAP Identity Disclosure
  • Identifying WEP
  • Identifying TKIP and CCMP
  • Identifying IPSec/VPN
  • Decrypting Traffic
  • Scanning
  • TCP Connect Scan
  • SYN Scan
  • XMAS Scan
  • Null Scan
  • Remote Access Trojans
  • NetBus Analysis
  • Trojan Analysis Example NetBus Analysis
Module 5: Vulnerability Analysis with Nessus
  • Nessus
  • Features of Nessus
  • Nessus Assessment Process
  • Nessus: Scanning
  • Nessus: Enumeration
  • Nessus: Vulnerability Detection
  • Configuring Nessus
  • Updating Nessus Plug-Ins
  • Using the Nessus Client
  • Starting a Nessus Scan
  • Generating Reports
  • Data Gathering
  • Host Identification
  • Port Scan
  • SYN scan
  • Timing
  • Port Scanning Rules of Thumb
  • Plug-in Selection
  • Dangerous plugins
  • Scanning Rules of Thumb
  • Report Generation
  • Reports: Result
  • Identifying False Positives
  • Suspicious Signs
  • False Positives
  • Examples of False Positives
  • Writing Nessus Plugins
  • Writing a Plugin
  • Installing and Running the Plugin
  • Nessus Report with output from our plugin
  • Security Center http://www.tenablesecurity.com
Module 6: Advanced Wireless Testing
  • Wireless Concepts
  • Wireless Concepts
  • 802.11 Types
  • Core Issues with 802.11
  • What's the Difference?
  • Other Types of Wireless
  • Spread Spectrum Background
  • Channels
  • Access Point
  • Service Set ID
  • Default SSIDs
  • Chipsets
  • Wi-Fi Equipment
  • Expedient Antennas
  • Vulnerabilities to 802.1x and RADIUS
  • Wired Equivalent Privacy
  • Security - WEP
  • Wired Equivalent Privacy
  • Exclusive OR
  • Encryption Process
  • Chipping Sequence
  • WEP Issues
  • WEP - Authentication Phase
  • WEP - Shared Key Authentication
  • WEP - Association Phase
  • WEP Flaws
  • WEP Attack
  • WEP: Solutions
  • WEP Solution - 802.11i
  • Wireless Security Technologies
  • WPA Interim 802.11 Security
  • WPA
  • 802.1X Authentication and EAP
  • EAP Types
  • Cisco LEAP
  • TKIP (Temporal Key Integrity Protocol)
  • Wireless Networks Testing
  • Wireless Communications Testing
  • Report Recommendations
  • Wireless Attack Countermeasures
  • Wireless Penetration Testing with Windows
  • Attacks And Tools
  • War Driving
  • The Jargon - WarChalking
  • WarPumpkin
  • Wireless: Tools of the Trade
  • Mapping with Kismet
  • WarDriving with NetStumbler
  • How NetStumbler Works?
  • "Active" versus "Passive" WLAN Detection
  • Disabling the Beacon
  • Running NetStumbler
  • Captured Data Using NetStumbler
  • Filtering by Channels
  • Airsnort
  • WEPCrack
  • Monkey-Jack
  • How Monkey-Jack Works
  • Before Monkey-Jack
  • After Monkey-Jack
  • AirCrack-ng
  • How Does It Work?
  • FMS and Korek Attacks
  • Crack WEP
  • Available Options
  • Usage Examples
  • Cracking WPA/WPA2 Passphrases
  • Notes
  • Determining Network Topology: Network View
  • WarDriving and Wireless Penetration Testing with OS X
  • What is the Difference between "Active" and "Passive" Sniffing?
  • Using a GPS
  • Attacking WEP Encryption with KisMAC
  • Deauthenticating Clients
  • Attacking WPA with KisMAC
  • Brute-force Attacks Against 40-bit WEP
  • Wordlist Attacks
  • Mapping WarDrives with StumbVerter
  • MITM Attack basics
  • MITM Attack Design
  • MITM Attack Variables
  • Hardware for the Attack Antennas, Amps, WiFi Cards
  • Wireless Network Cards
  • Choosing the Right Antenna
  • Amplifying the Wireless Signal
  • Identify and Compromise the Target Access Point
  • Compromising the Target
  • Crack the WEP key
  • Aircrack-ng Cracked the WEP Key
  • The MITM Attack Laptop Configuration
  • IP Forwarding and NAT Using Iptables
  • Installing Iptables and IP Forwarding
  • Establishing the NAT Rules
  • Dnsmasq
  • Configuring Dnsmasq
  • Apache Web Servers
  • Virtual Directories
  • Clone the Target Access Point and Begin the Attack
  • Start the Wireless Interface
  • Deauthenticate Clients Connected to the Target Access Point
  • Wait for the Client to Associate to Your Access Point
  • Spoof the Application
  • Modify the Page
  • Example Page
  • Login/php page
  • Redirect Web Traffic Using Dnsmasq
Module 7: Designing a DMZ
  • Introduction
  • DMZ Concepts
  • Multitiered Firewall With a DMZ Flow
  • DMZ Design Fundamentals
  • Advanced Design Strategies
  • Designing Windows DMZ
  • Designing Windows DMZ
  • Precautions for DMZ Setup
  • Security Analysis for the DMZ
  • Designing Sun Solaris DMZ
  • Placement of Servers
  • Advanced Implementation of a Solaris DMZ Server
  • Solaris DMZ Servers in a Conceptual Highly Available Configuration
  • Private and Public Network Firewall Ruleset
  • DMA Server Firewall Ruleset
  • Solaris DMZ System Design
  • Disk Layout and Considerations
  • Designing Wireless DMZ
  • Placement of Wireless Equipment
  • Access to DMZ and Authentication Considerations
  • Wireless DMZ Components
  • Wireless DMZ Using RADIUS to Authenticate Users
  • WLAN DMZ Security Best-Practices
  • DMZ Router Security Best-Practice
  • DMZ Switch Security Best-Practice
  • Six Ways to Stop Data Leaks
  • Reconnex
Module 8: Snort Analysis
  • Snort Overview
  • Modes of Operation
  • Features of Snort
  • Configuring Snort
  • Variables
  • Preprocessors
  • Output Plugins
  • Rules
  • Working of Snort
  • Initializing Snort
  • Signal Handlers
  • Parsing the Configuration File
  • Decoding
  • Possible Decoders
  • Preprocessing
  • Detection
  • Content Matching
  • Content-Matching Functions
  • The Stream4 Preprocessor
  • Inline Functionality
  • Writing Snort Rules
  • Snort Rule Header
  • Snort Rule Header: Actions
  • Snort Rule Header: Other Fields
  • IP Address Negation Rule
  • IP Address Filters
  • Port Numbers
  • Direction Operator
  • Rule Options
  • Activate/Dynamic Rules
  • Meta-Data Rule Options: msg
  • Reference Keyword
  • sid/rev Keyword
  • Classtype Keyword
  • Payload Detection Rule Options: content
  • Modifier Keywords
  • Offset/depth Keyword
  • Uricontent keyword
  • fragoffset keyword
  • ttl keyword
  • id keyword
  • flags keyword
  • itype keyword : icmp id
  • Writing Good Snort Rules
  • Sample Rule to Catch Metasploit Buffer Overflow Exploit
  • Tool for writing Snort rules: IDS Policy Manager
  • Subscribe to Snort Rules
  • Honeynet Security Console Tool
  • Key Features
Module 9: Log Analysis
  • Introduction to Logs
  • Types of Logs
  • Events that Need to be Logged
  • What to Look Out For in Logs
  • W3C Extended Log File Format
  • Automated Log Analysis Approaches
  • Log Shipping
  • Analyzing Syslog
  • Syslog
  • Setting up a Syslog
  • Syslog: Enabling Message Logging
  • Main Display Window
  • Configuring Kiwi Syslog to Log to a MS SQL Database
  • Configuring Ethereal to Capture Syslog Messages
  • Sending Log Files via email
  • Configuring Cisco Router for Syslog
  • Configuring DLink Router for Syslog
  • Configuring Cisco PIX for Syslog
  • Configuring an Intertex / Ingate/ PowerBit/ SurfinBird ADSL router
  • Configuring a LinkSys wireless VPN Router
  • Configuring a Netgear ADSL Firewall Router
  • Analyzing Web Server Logs
  • Apache Web Server Log
  • AWStats
  • Configuring AWStats for IIS
  • Log Processing in AWStats
  • Analyzing Router Logs
  • Router Logs
  • Analyzing Wireless Network Devices Logs
  • Wireless Traffic Log
  • Analyzing Windows Logs
  • Configuring Firewall Logs in Local Windows System
  • Viewing Local Windows Firewall Log
  • Viewing Windows Event Log
  • AAnalyzing Linux Logs
  • iptables
  • Log Prefixing with iptables
  • Firewall Log Analysis with grep
  • Analyzing SQL Server Logs
  • SQL Database Log
  • ApexSQL Log
  • Configuring ApexSQL Log
  • Analyzing VPN Server Logs
  • VPN Client Log
  • Analyzing Firewall Logs
  • Why Firewall Logs are Important
  • Firewall Log Sample
  • ManageEngine Firewall Analyzer
  • Installing Firewall Analyzer
  • Viewing Firewall Analyzer Reports
  • Firewall Analyzer Log Reports
  • Analyzing IDS Logs
  • SnortALog
  • IDS Log Sample
  • Analyzing DHCP Logs
  • DHCP Log
  • NTP Configuration
  • Time Synchronization and Logging
  • NTP Overview
  • NTP Client Configuration
  • Configuring an NTP client using the Client Manager
  • Configuring an NTP Server
  • NTP: Setting Local Date and Time
  • Log Analysis Tools
  • All-Seeing Eye Tool: Event Log Tracker
  • Network Sniffer Interface Test Tool
  • Syslog Manager 2.0.1
  • Sawmill
  • WALLWATCHER
  • Log Alert Tools
  • Network Eagle Monitor
  • Network Eagle Monitor: Features
  • SQL Server Database Log Navigator
  • What Log Navigator does?
  • How Does Log Navigator Work?
  • Snortsnarf
  • Types of Snort Alarms
  • ACID (Analysis Console for Intrusion Databases)
Module 10: Advanced Exploits and Tools
  • Common Vulnerabilities
  • Buffer Overflows Revisited
  • Smashing the Stack for Fun and Profit
  • Smashing the Heap for Fun and Profit
  • Format Strings for Chaos and Mayhem
  • The Anatomy of an Exploit
  • Vulnerable code
  • Shellcoding
  • Shellcode Examples
  • Delivery Code
  • Delivery Code: Example
  • Linux Exploits Versus Windows
  • Windows Versus Linux
  • Tools of the Trade: Debuggers
  • Tools of the Trade: GDB
  • Tools of the Trade: Metasploit
  • Metasploit Frame work
  • User-Interface Modes
  • Metasploit: Environment
  • Environment: Global Environment
  • Environment: Temporary Environment
  • Metasploit: Options
  • Metasploit: Commands
  • Metasploit: Launching the Exploit
  • MetaSploit: Advanced Features
  • Tools of the Trade: Canvas
  • Tools of the Trade: CORE Impact
  • IMPACT Industrializes Penetration Testing
  • Ways to Use CORE IMPACT
  • Other IMPACT Benefits
  • ANATOMY OF A REAL-WORLD ATTACK
  • CLIENT SIDE EXPLOITS
  • Impact Demo Lab
Module 11: Penetration Testing Methodologies
Module 12: Customers and Legal Agreements
Module 13: Penetration Testing Planning and Scheduling
Module 14: Pre Penetration Testing Checklist
Module 15: Information Gathering
Module 16: Vulnerability Analysis
Module 17: External Penetration Testing
Module 18: Internal Network Penetration Testing
Module 19: Router Penetration Testing
Module 20: Firewall Penetration Testing
Module 21: IDS Penetration Testing
Module 22: Wireless Network Penetration Testing
Module 23: Denial of Service Penetration Testing
Module 24: Password Cracking Penetration Testing
Module 25: Social Engineering Penetration Testing
Module 26: Stolen Laptop Penetration Testing
Module 27: Application Penetration Testing
Module 28: Physical Security Penetration Testing
Module 29: Database Penetration Testing
Module 30: VoIP Penetration Testing
Module 31: VPN Penetration Testing
Module 32: Penetration Testing Report Analysis
Module 33: Penetration Testing Report and Documentation Writing
Module 34: Penetration Testing Deliverables and Conclusion
Module 35: Ethics of a Licensed Penetration Tester

[ back to top ]


MCSEClasses.com is your best choice for Cyber Security Professional, Cyber Security Professional training, Cyber Security Professional certification, Cyber Security Professional certification boot camp, Cyber Security Professional boot camp, Cyber Security Professional certification training, Cyber Security Professional boot camp training, Cyber Security Professional boot camp certification, Cyber Security Professional certification course, Cyber Security Professional course, training Cyber Security Professional, certification Cyber Security Professional, boot camp Cyber Security Professional, certification Cyber Security Professional boot camp, certification Cyber Security Professional training, boot camp Cyber Security Professional training, certification Cyber Security Professional course.



mcseclasses home | technical schedule | application schedule | class outlines | mcse, mcdba, mcsd training | microsoft .net | cisco certification | security training | ced solutions oracle® certification training | linux, unix, aix | comptia certification | webmaster training | pricing | locations | financing | instructors needed | e-mail us





Search classes by keyword:


Search classes by category:

Copyright © 2019 CED Solutions. CED Solutions Refund Policy. All Rights Reserved.