What You Will Learn
1. Defining the Distributed Information Technology Environment
- defining a network
- network terminology
- computing models: centralized and distributed
- shared data networks
- distributed computing: client/server, peer-to-peer, middleware
- major risks to network security
- defining the scope of network security and audit programs
- locating network security control points
2. Developing a Reference Framework for Network Security and Audit: Network Standards and Protocols
- protocol defined
- network communications standards and rules for communications
- categorizing network protocols: media access, internetworking/transport, and application/end-user services
- protocol stacks: frameworks for networking
-- Open Systems Interconnection (OSI) Reference Model
--Transmission Control Protocol/Internet Protocol (TCP/IP)
- network addresses: physical/media access, logical numeric and domain names
- TCP/IP application ports: foundation for all network security and audit risk analysis
3. Demystifying Network Media Access Technologies: Local Area Networks (LANs) and Wide Area Networks (WANs)
- geographical network delineation: PAN, LAN, CAN, MAN, WAN
- untangling the ‘Nets: Internet, intranets, and extranets
- common network transmission media: twisted pair copper wire, fiber optics, wireless
- physical LAN topologies: bus, ring, star, tree
- logical LAN topologies: Ethernet, FDDI
- WAN and Internet connections: analog dial-up, leased lines, residential broadband
- switched WAN network services: Frame Relay, ATM, MPLS
- surveying wireless technologies, risks, and safeguards: personal area, local area, wide area
- security and audit considerations for wired and wireless media access connections
4. Network Interconnection Devices: Functionality, Management, and Security
- positioning network devices in the OSI Reference Model: btidges, switches, routers, wireless access points
- network domains and segmentation
- network device maintenance/management port access security
- Simple Network Management Protocol (SNMP)
- enterprise authentication systems: TACACS+, RADIUS, Diameter
- best practices for network interconnection device security and audit
5. Enterprise Network Directory Services Security and Audit
- overview of critical network directory services
- Lightweight Directory Access Protocol (LDAP) directories
- Domain Name System (DNS)
- securing and auditing directory services
6. Keeping a Lid on Network Host Services Security
- common server and workstation vulnerabilities and risks
- TCP/IP applications and associated risks
- host and network-based tools for locating and assessing active network services security
- developing a 3-layer TCP/IP application risk analysis and management methodology
- detection and protection of network file sharing
- remote control program do’s and don’ts
- averting the perils of networked printers, print servers, and multi-function office devices
7. Circling the Wagons: Network Perimeter Security
- hacker intrusion objectives
- network security strategies
- legal warning banners
- network demilitarized zone (DMZ) architectures and key control points
- network firewalls and proxy servers: policies, architectures
- intrusion detection/prevention systems
- remote user authentication credentials
- network encryption and virtual private networks (VPNs)
- reducing the risks in using Software as a Service (SAAS)/cloud computing
- best practices for network perimeter security and audit
8. Wrap-up: Performing a Network Security Risk Analysis
- identifying the network assets and control points
- categorizing the threats and associated risks
- vulnerability management: identifying, tracking, and closing serious network exposures
- defining “perfect” network security
- a practical strategy for information security
- 12-point plan for success
|
