Overview:

With this course you can be among the few who transcend the old idea of the hacker having all the fun, take pride being the defender, form an offensive mindset to skillfully orchestrate robust and solid defenses and reinvent popular belief by beating the hacker at his own game.

You will be evaluating advanced hacking methods of defense fortification bringing you closer to establishing perfect security best practices and methodologies you can apply to secure environments. This course provides segmentation and isolation to reduce the effectiveness of the advanced persistent threats.

CAST 614 will cover fundamental areas of fortifying your defenses by discovering methods of developing a secure baseline and how to harden your enterprise architecture from the most advanced attacks. Once a strategy for a fortified perimeter is defined the course moves on to defending against the sophisticated malware that is on the rise today and the importance of live memory analysis and real time monitoring.

Duration:

Intended Audience

-      Firewall administrators, system architects, system administrators, windows admin or those responsible for or interested in:

-      Identifying security weaknesses in computer systems or networks

-      Exposing weaknesses for system’s owners to fix breaches before being targets of compromise

-      Applying hacking and pen testing constructively to defend against various possible attacks

-      Analysing best practices in developing secure system and network configurations

-      Establishing a secure baseline in deploying machines in a protected state

-      Appreciating popular attack methods applied by hackers in order to fortify their systems

Course outlines:

1.      Firewalls

• Firewalls
• Firewall Types: Stateless Packet Filters
• Improving Device Remote-Access Security
• Locking Down the Console Port
• Protecting Terminal Lines
• Establishing Encrypted Communications
• Configuring HTTPS
• Configuring SSH

LAB: Securing the Perimeter

2.      Advanced Filtering

• Advanced Filtering Techniques
• Ingress Filtering
• Egress Filtering
• Source Address Verification (SAV)
• uRPF
• Additional Filtering Considerations
• Time-Based ACLs
• Reflexive ACLs
• Reflexive ACL vs. Static ACL
• Context-Based Access Control (CBAC)
• Essential Steps to Harden Routers

LAB: Advanced Filtering

3.      Firewall Configuration

• Advanced Filtering Techniques
• Firewall Types: Stateful Packet Filters
• Application Proxies
• Application Proxies vs. Stateful Packet filters
• Web Application Firewalls
• Web Application Firewall Types
• Web Application Firewall Products
• Firewall Architecture
• Screened Subnet Firewall
• The Classic Firewall Architecture
• Belt and Braces Firewall
• Separate Services Subnet
• Fortress Mentality
• De-parameterization
• Perimeter Configuration

LAB: Selecting a Firewall Architecture

4.      Hardening: Establishing a Secure Baseline

• Windows NT/2000/2003 and XP
• Windows 2000/2003/XP
• Windows 2003
• Windows Vista
• Server 2003 Architecture
• Broken Kernel
• Modes of the OS
• UNIX/Linux
• Secure Server Guidelines
• Hardening Systems
• Security Compliance Manager
• Device Security
• Essential Steps to Harden Switches

LAB: Hardening

5.      Intrusion Detection and Prevention Why Intrusion Detection?

• Windows NT/2000/2003 and XP
• Fortress Mentality
• Intrusion Detection 101
• What is Intrusion Detection?
• False positives!
• Topology concerns
• Recommended in most circles
• Realistic
• Intrusion Prevention
• Types of IPS
• Host-Based Intrusion Prevention Systems

LAB: Intrusion Detection

6.      Protecting Web Applications

• Windows NT/2000/2003 and XP
• Top 10 http://www.owasp.org
• Injection Flaws
• Cross Site Scripting
• Broken Authentication
• Insecure Cryptographic Storage
• Reverse Engineering Web Apps
• Tools
• Hackbar
• Tamper Data
• The Two Main Attacks for Web
• XSS
• SQL Injection
• xp_cmdshell
• There is More
• More Tools
• SQL Inject Me
• XSS ME
• Choose The Right Database
• Practice, Practice, Practice
• Tutorials
• Mutillidae
• Web Application Firewalls
• Components of Web Application Firewall

LAB: Protecting Web Apps

7.       Memory Analysis

• Data Types Revisited
• Volatile
• System date and time
• Current network connections and Open ports
• Processes that opened ports
• Cached NetBIOS Names
• Users Currently Logged On
• Internal routing
• Running Processes
• Pslist
• Trivia
• Pslist –t
• Tasklist
• Tlist
• Running Services
• Open Files
• Process Memory Dumps

LAB: Memory Analysis

8.      Endpoint protection

• Introduction to NAC
• NAC Defined
• NAC General Architecture
• NAC General Architecture Illustrated
• NAC Concepts
• Inline NAC
• Out-of-Band
• Identifying NAC Requirements
• Implementing User-Based Identity Access Control
• Network Access Protection (NAP)
• NAP Components
• NAP Enforcement
• NAP Best Practices
• 802.1x
• EAP Explained

LAB 1: Network Access Protection with DHCP

LAB 2: Network Access Protection with IPsec

LAB 3: Endpoint Protection

9.      Securing Wireless

• ireless Tools
• Wireless Vulnerabilities Summary
• MAC Filtering
• Hiding Access Points
• Hijacking
• Jamming
• Identifying Targets
• Wardriving
• Sniffing on Wireless
• Attacking Encrypted Networks
• Wep Data
• The other case
• Reality
• WPA Tools
• WPA
• LEAP
• Asleap
• Comparison