Short course

Advanced IT Security

Learn how to secure and hardening security of the entire organization enterprise architecture with proper authentication and authorization of systems resources, include secure data by encrypt and decrypt during communicating over the internet between remote offices. The instructor will show you how to use Internet Protocol Security (IPSec) and security associations (SAs) to secure communication between networks. Control access of organizational resources based on user role, adhere with the least privilege principle, is one of the security techniques you'll learn during perform security hardening.

Practical steps will enable you to understand how to isolate you network and configure firewalls to defend against attacks while monitor traffic and events on your network. During these steps we will test to see if our infrastructure security is hardening enough using world known penetration testing tools.

Top 10 Attacks
  • Injection
  • Broken Authentication
  • Sensitive data exposure
  • XML External Entities (XXE)
  • Broken Access control
  • Security misconfigurations
  • Cross Site Scripting (XSS)
  • Insecure Deserialization
  • Using Components with known vulnerabilities
  • Insufficient logging and monitoring
Authentication and Authorization
  • AAA Concepts
  • LDAP and Kerberos
  • RADIUS and TACACS+
  • Network Policy Server
  • Working with Active Directory
Encryption and Decryption
  • Understanding Cryptography
  • Public Key Infrastructure (PKI)
  • SSL and TLS configurations
Same-origin Policies
  • Content Security Policy
  • Cross-Origin Resource Sharing (CORS)
  • Communicate securely
  • Cookies
Web Servers security
  • Apache, Nginx, and IIS Overview
  • Known vulnerabilities
  • Secure configuration
  • SSL/TLS installation
  • Logging and Monitoring
Firewall
  • Understanding Firewalls
  • Windows Firewall
  • Linux Distro Firewalls
  • Configure NAT and DHCP
  • Access Controls
  • Monitor traffic and Events
Remote Access and Communication
  • Introduction
  • SSH connection with keys
  • Transport Encryption
  • Understand IPSec VPN
  • Configure Site to Site VPN
  • Direct access client
Penetration Testing
  • Understanding Pen Test Tools
  • Monitor your network
  • Exploring most common Attacks
  • Web security testing in depth
Event Date & Details
15 Mar 2023 - 28 Mar 2023
Flomi Hotel, Morogoro
TZS 2,950,000
oscar.mashauri@udsm.ac.tz
0715677873

Frequently Asked Questions

Centre for Virtual Learning (CVL) offers students a full range of learning opportunities powered by the latest online technologies available. We are committed to setting very high standards for distance learning and know that the student-teacher interaction is key to student success.

Applications are now open to qualified candidates from Tanzania, the Eastern and Southern African region and beyond, who wish to pursue Undergraduate Degree and Non-Degree Programmes at the University of Dar es Salaam for the academic year 2022/2023.

Centre for Virtual Learning (CVL) offers students a full range of learning opportunities powered by the latest online technologies available. We are committed to setting very high standards for distance learning and know that the student-teacher interaction is key to student success.

Applications are now open to qualified candidates from Tanzania, the Eastern and Southern African region and beyond, who wish to pursue Undergraduate Degree and Non-Degree Programmes at the University of Dar es Salaam for the academic year 2022/2023.

Centre for Virtual Learning (CVL) offers students a full range of learning opportunities powered by the latest online technologies available. We are committed to setting very high standards for distance learning and know that the student-teacher interaction is key to student success.

Applications are now open to qualified candidates from Tanzania, the Eastern and Southern African region and beyond, who wish to pursue Undergraduate Degree and Non-Degree Programmes at the University of Dar es Salaam for the academic year 2022/2023.