Short courses

Advanced IT Security

  • Date: - -
  • Venue: Gold Crest Hotel, Mwanza
  • Cost: TZS 2,950,000
  • Contact: 0715677873 |
  • Register

Learn how to secure and hardening security of the entire organization enterprise architecture with proper authentication and authorization of systems resources, include secure data by encrypt and decrypt during communicating over the internet between remote offices. The instructor will show you how to use Internet Protocol Security (IPSec) and security associations (SAs) to secure communication between networks. Control access of organizational resources based on user role, adhere with the least privilege principle, is one of the security techniques you'll learn during perform security hardening.

Practical steps will enable you to understand how to isolate you network and configure firewalls to defend against attacks while monitor traffic and events on your network. During these steps we will test to see if our infrastructure security is hardening enough using world known penetration testing tools.

Top 10 Attacks

  • Injection
  • Broken Authentication
  • Sensitive data exposure
  • XML External Entities (XXE)
  • Broken Access control
  • Security misconfigurations
  • Cross Site Scripting (XSS)
  • Insecure Deserialization
  • Using Components with known vulnerabilities
  • Insufficient logging and monitoring

Authentication and Authorization

  • AAA Concepts
  • LDAP and Kerberos
  • Network Policy Server
  • Working with Active Directory

Encryption and Decryption

  • Understanding Cryptography
  • Public Key Infrastructure (PKI)
  • SSL and TLS configurations

Same-origin Policies

  • Content Security Policy
  • Cross-Origin Resource Sharing (CORS)
  • Communicate securely
  • Cookies

Web Servers security

  • Apache, Nginx, and IIS Overview
  • Known vulnerabilities
  • Secure configuration
  • SSL/TLS installation
  • Logging and Monitoring


  • Understanding Firewalls
  • Windows Firewall
  • Linux Distro Firewalls
  • Configure NAT and DHCP
  • Access Controls
  • Monitor traffic and Events

Remote Access and Communication

  • Introduction
  • SSH connection with keys
  • Transport Encryption
  • Understand IPSec VPN
  • Configure Site to Site VPN
  • Direct access client

Penetration Testing

  • Understanding Pen Test Tools
  • Monitor your network
  • Exploring most common Attacks
  • Web security testing in depth

Log in