Network Defence and Incident Response (TN – 101)

In today’s ever expanding IT environment, ensuring the security of the entire IT infrastructure is a challenge to most of the IT Managers and administrators. Most of the security breaches in the network are either unknown to most of the administrators or gets detected after long time from the occurrence. This course can provide following immediate benefits to the IT professionals managing the IT infrastructure of their organizations.

  1. Better monitoring of IT Infrastructure
  2. Reduce risks of intrusions in the network
  3. Effectively build and retain IT policies
  4. Better Performance of IT resources
  5. Expertise to handle IT security issues
  6. Through understanding to incident response and mitigation strategies

Target Audience

Windows administrators, UNIX/Linux administrators, Desktop Engineers, Network Engineers, IT Managers, others interested to defend their network from intrusions

Mandatory Pre-requisites

  • Basic Technical Background

Helpful Pre-requisites

  • Operating system and networking concepts

Course Content

Information Security Goals

  • Five Principles to Remember

Networking Concepts

  • TCP/IP Vs OSI Model
  • Ports and Services
  • Port Scanning
  • Network Sniffing Tools
  • Understanding Man In The Middle Attack
  • Encrypted Vs Plain Text Protocols

Vulnerabilities

  • Introduction
  • Source
  • Types
  • Impact
  • Remediation

Malware

  • Introduction
  • Source
  • Types
  • Remediation

Corporate Network Architecture

  • Common Security Components

Firewalls

  • Firewall Rules Best Practices
  • Perimeter and Internal Firewalls
  • Commercial & FOSS firewalls
  • Demilitarized zones (DMZs)

IDS/IPS

  • Introduction
  • Commercial & FOSS IDS
  • HIPS/End-Point Security

Content Filtering

  • HTTP content filters
  • SMTP filters
  • Using Blacklist Databases
  • Anti-virus Policies
  • Spam filtering Techniques
  • Antivirus & Spam Test
  • Anti-relaying Configuration
  • Online Open-Relay Testing
  • Recommended policies and actions

System Analysis

  • Process Monitoring
  • File Analysis
  • Registry Analysis
  • Open Port Monitoring
  • Log Analysis

Utilizing Network Management Tools

Log Management
  • Centralized Logging
  • Correlation Engines

Operating System Hardening

Defense & Incident Response
  • Preparation
  • Detection
  • Containment
  • Eradication
  • Recovery & patching your network
  • Response and follow-Up
  • Best practices for incident handling

For customized trainings as per your business requirements, kindly contact trainings@torridnetworks.com

Related Content:

  1. Penetration Testing (TN – 102)
  2. Application Security Awareness Program (TN – 202)
  3. Secure Code Review for PHP Applications (TN – 206)
  4. Application Security For PCI (TN – 203)
  5. Secure Coding in PHP (TN – 205)

Tags: ,

Trackback from your site.

Facebook Fan Club