Learn how to secure and hardening security of the entire organization enterprise architecture with proper authentication and authorization of systems resources, include secure data by encrypt and decrypt during communicating over the internet between remote offices. The instructor will show you how to use Internet Protocol Security (IPSec) and security associations (SAs) to secure communication between networks. Control access of organizational resources based on user role, adhere with the least privilege principle, is one of the security techniques you'll learn during perform security hardening.

Practical steps will enable you to understand how to isolate you network and configure firewalls to defend against attacks while monitor traffic and events on your network. During these steps we will test to see if our infrastructure security is hardening enough using world known penetration testing tools.

Introduction

• ICT Security Principals
• Security Frameworks

OWASP Top 10 Attacks & Pen Testing

• Injection
• Broken Authentication
• Sensitive data exposure
• XML External Entities (XXE)
• Broken Access control
• Security misconfigurations
• Cross Site Scripting (XSS)
• Insecure Deserialization
• Using Components with known vulnerabilities
• Insufficient logging and monitoring

Authentication and Authorization

• AAA Concepts
• LDAP and Kerberos
• RADIUS and TACACS+
• Network Policy Server

Cryptography

• Understanding Cryptography
• Symmetric & Asymmetric Cryptography
• Key Management
• Public Key Infrastructure (PKI)
• Transport Encryption & Decryption

Remote Access and Communication

• Introduction
• SSH connection with keys
• Understand IPSec VPN
• Configure Site to Site VPN
• Direct access client

Web Servers security

• Apache and Nginx Overview
• Known vulnerabilities
• Secure configuration
• Same-origin Policies
• SSL/TLS installation
• Logging and Monitoring

Firewall

• Understanding Firewalls
• Windows Firewall
• Linux Distro Firewalls
• Configure NAT and DHCP
• Access Controls
• Monitor traffic and Events

ICT Forensics

• Understand ICT forensics
• Operating Systems and Digital forensics
• Incident Response
• Forensic Tools
• Malware analyzing and Reporting

Payments

All payments should be made through Control Numbers.Register, then we will send an invoice with a Control Number to you.

Who should attend this course?

• Systems Administrator, Network Engineers, and IT professional
• Anyone who interesting in Cybersecurity

Prerequisites

• Come with your own Laptop computer with minimum of 100GB HD free space and 8GB RAM
• Should know how to use your own computer
• Should be familiar with basic database syntax