Advanced IT Security
Learn how to secure and hardening security of the entire organization enterprise architecture with proper authentication and authorization of systems resources, include secure data by encrypt and decrypt during communicating over the internet between remote offices. The instructor will show you how to use Internet Protocol Security (IPSec) and security associations (SAs) to secure communication between networks. Control access of organizational resources based on user role, adhere with the least privilege principle, is one of the security techniques you'll learn during perform security hardening.
Practical steps will enable you to understand how to isolate you network and configure firewalls to defend against attacks while monitor traffic and events on your network. During these steps we will test to see if our infrastructure security is hardening enough using world known penetration testing tools.
Top 10 Attacks
- Injection
- Broken Authentication
- Sensitive data exposure
- XML External Entities (XXE)
- Broken Access control
- Security misconfigurations
- Cross Site Scripting (XSS)
- Insecure Deserialization
- Using Components with known vulnerabilities
- Insufficient logging and monitoring
Authentication and Authorization
- AAA Concepts
- LDAP and Kerberos
- RADIUS and TACACS+
- Network Policy Server
- Working with Active Directory
Encryption and Decryption
- Understanding Cryptography
- Public Key Infrastructure (PKI)
- SSL and TLS configurations
Same-origin Policies
- Content Security Policy
- Cross-Origin Resource Sharing (CORS)
- Communicate securely
- Cookies
Web Servers security
- Apache, Nginx, and IIS Overview
- Known vulnerabilities
- Secure configuration
- SSL/TLS installation
- Logging and Monitoring
Firewall
- Understanding Firewalls
- Windows Firewall
- Linux Distro Firewalls
- Configure NAT and DHCP
- Access Controls
- Monitor traffic and Events
Remote Access and Communication
- Introduction
- SSH connection with keys
- Transport Encryption
- Understand IPSec VPN
- Configure Site to Site VPN
- Direct access client
Penetration Testing
- Understanding Pen Test Tools
- Monitor your network
- Exploring most common Attacks
- Web security testing in depth