Path Home About Initiatives Cyber Security Education Consortium Courses Network Security Course Information - Objectives
Jump to navigation

Network Security Course Information - Objectives

Course Learning Objectives:

There are 11 exams covering these topics and objectives, a final exam and a hands-on performance final. Upon completion of these modules, students will be able to perform tasks related to:

  • Network Defense Fundamentals: In this topic, students are introduced to the core concepts of network security. Network defense technologies are examined, with particular emphasis given to the creation of a layered and diversified defense-in-depth architecture that begins with a security policy defining each layer. Students also identify the foundations of network auditing.
    • Objectives:
    1. Describe the five keys of network security.
    2. Identify and explain the concepts, policies, and technologies associated with a layered and diversified defense-in-depth strategy.
    3. Discuss the objectives of access control methods and describe how the available methods are implemented in the defense of a network.
    4. Identify the impact of a layered defense on the performance of the network.
    5. Define the concepts of auditing in a network, including the types of audits and the handling of data.
  • Advanced TCP/IP: In this topic, students examine the primary set of protocols that run networks and the Internet today, the Transmission Control Protocol (TCP) and Internet Protocol (IP) suite. Students become familiar with the details of how TCP/IP functions, including core concepts such as addressing and subnetting, and advanced concepts such as session establishment and packet analysis.
    • Objectives:
    1. Define the core concepts of TCP/IP, including model layers, RFCs, addressing and subnetting, VLSM and CIDR, and the TCP/IP protocol suite.
    2. Utilize a protocol analyzer to examine all the fields of IP, ICMP, TCP, and UDP.
    3. Examine TCP sessions, including the use of control flags, and sequence and acknowledgement numbers in the three-way handshake and session teardowns.
    4. View and analyze network traffic fragmentation.
    5. Utilize a protocol analyzer to observe and analyze a complete FTP session, frame by frame.
  • Routers and Access Control Lists: In this topic, students are introduced to the functioning of routers and routing protocols. Students examine the issues related to securing both routers and routing protocols, including the removal of unnecessary services, creation of access control lists, and configuration of logging to manage and secure the network.
    • Objectives:
    1. Configure fundamental router security, including the use of banners and the SSH protocol.
    2. Examine the principles of routing by capturing and analyzing routing protocol packets, and observing the IP and MAC address relationships in a routed environment.
    3. Create configurations to harden the core services and protocols on a Cisco router.
    4. Configure and examine the function of Access Control Lists on a Cisco router that defends against network attacks.
    5. Create the required configurations to enable logging on a Cisco router.
  • Designing Firewalls: In this lesson, you will be introduced to the concepts and technologies used in designing firewall systems. You will identify the methods of implementing firewalls in different scenarios, using different technologies. The strategies and concepts in this lesson are important in understanding later lessons.
    • Objectives:
    1. Examine the principles of firewall design and implementation.
    2. Construct a firewall policy based on stated requirements.
    3. Create a rule set for a packet filtering firewall.
    4. Describe the function and processes of a proxy server.
    5. Define bastion host and explain its purpose with respect to network security.
    6. Define honeypot and describe its function in the security of the network.
  • Configuring Firewalls: In this topic, students examine firewalls from a conceptual viewpoint to learn about the types of firewalls, how each of these types work, and what protection they can provide for the network. Students then apply this knowledge, utilizing Microsoft’s Internet Security and Acceleration server and Linux IPTables.
    • Objectives:
    1. Describe standard firewall functionality and common implementation practices.
    2. Install, configure, and monitor Microsoft ISA Server 2006, while exploring management, monitoring, and auditing options.
    3. Examine the concepts of IPTables, including a review of sample rule chains controlling the egress and ingress of specific network traffic.
    4. Apply firewall concepts and knowledge by designing a firewall topology and rule sets to create the required firewall security posture for a specific network situation.
  • Implementing IPsec and VPNs: In this topic, students examine Virtual Private Networks (VPNs) and the security issues related to them. Students are introduced to the concepts of IPSec, then examine and configure the Microsoft Management Console (MMC) and identify the predefined IPSec policies in Windows Server 2003. Students create new policies and implement IPSec to specifically use AH, ESP, or both, in Transport Mode. IPSec traffic is analyzed using a protocol analyzer.
    • Objectives:
    1. Define the function of IPSec in a networked environment.
    2. Examine IPSec policy management.
    3. Implement and examine IPSec AH configurations.
    4. Implement and examine IPSec AH and ESP configurations.
    5. Analyze the IPSec structure, cryptography, the Encapsulating Security Payload, the Authentication Header, the Internet Key Exchange, and modes of implementation on a running network.
    6. Examine the business drivers and technology components for a VPN.
    7. Examine the concepts of IPSec and other tunneling protocols, including Point-to-Point Tunneling Protocol (PPTP) and Layer 2 Tunneling Protocol (L2TP).
    8. Analyze secure VPN design and implementation issues.
    9. Examine the issues of VPN and firewall architecture and VPN authentication.
    10. Configure VPN options built into Windows 2003 Server.
  • Designing an Intrusion Detection System: In this topic, students are introduced to the concepts surrounding one of the critical areas to the defensive network protection scheme—the Intrusion Detection System (IDS). This system, in conjunction with the firewall technologies in place, is the basis for a very solidly defended network. The IDS is used to detect when an intruder is attempting penetration of the network, or tampering with the firewalls.
    • Objectives:
    1. Examine the components of Intrusion Detection Systems and describe how these interact to accomplish the goals of intrusion detection.
    2. Describe the technologies and techniques of intrusion detection.
    3. Examine the process of intrusion detection and how behavioral use is implemented in the IDS.
    4. Compare and contrast host-based and network-based IDSs.
    5. Examine the principles of intrusion detection data analysis.
    6. Describe the methods of IDS usage for the detection of, monitoring of, and anticipation of attacks.
    7. Identify IDS limitations.
  • Configuring an IDS: In this topic, students implement an Intrusion Detection System known as Snort. Students use this installation to capture and monitor TCP/IP traffic and to create rule sets that identify suspicious traffic and direct network attacks.
    • Objectives:
    1. Describe how Snort works as an Intrusion Detection System, highlighting the pros and cons of its implementation in a production network environment.
    2. Install Snort on a stand-alone computer.
    3. Describe, create, and test a Snort rule set.
    4. Configure Snort to send alert data to a MySQL database.
    5. Use Snort to configure a complete Intrusion Detection System on a Linux system, including a MySQL database and the BASE Console to view alerts.
  • Securing Wireless Networks: In this topic, students learn to implement and secure a wireless network. Students examine wireless network components and configurations, and identify the security options required for making wireless networks part of a trusted enterprise. Wireless network analysis tools are used to audit wireless networks.
    • Objectives:
    1. Examine the fundamental issues, equipment, media, and systems of wireless networking.
    2. Describe the fundamentals of wireless local area networks, including their operations, IEEE 802.11 framing options, configuration essentials, and vulnerabilities.
    3. Implement and analyze wireless security solutions, including WEP, SSID broadcast disabling, MAC address filtering, and WPA.
    4. Utilize wireless tools, including AiroPeek NX and NetStumbler, to audit a wireless network.
    5. Describe the components and procedures required to implement a trusted wireless network.
  • Analyzing Packet Signatures: In this topic, students are introduced to the core concepts of analyzing network packets, including those that are designated as allowed and disallowed for use on a network. Students examine in detail both the headers and payload sections of several packet types.
    • Objectives:
    1. Describe the concepts of TCP/IP packet signature analysis.
    2. Examine the function and describe the benefits of the Common Vulnerabilities and Exposure (CVE) standard.
    3. Examine the concepts of signatures and their use in identifying multiple types of traffic as malicious.
    4. Identify, examine, and contrast normal and abnormal TCP/IP traffic signatures.
  • Transmission and TEMPEST Security: In this topic, students examine issues related to the interception of data signals and computer emissions. Students study methods for securing computer equipment from detectable emissions, and examine the TEMPEST program.
    • Objectives:
    1. Identify and describe how data signals may be intercepted.
    2. Identify and describe methods of securing computer equipment emissions.
    3. Examine the TEMPEST program.
Jump to content