EC-Council Certified Network Defender

Transcription

1 EC-Council Certified Network Defender Duration: 5 Days Course Code: CND Version: 1 Overview: Certified Network Defender (CND) is a vendor-neutral, hands-on, instructor-led comprehensive network security certification training program. It is a skills-based, lab intensive program based on a job-task analysis and cybersecurity education framework presented by the National Initiative of Cybersecurity Education (NICE). The course has also been mapped to global job roles and responsibilities and the Department of Defense (DoD) job roles for system/network administrators. The course is designed and developed after extensive market research and surveys. Target Audience: Network AdministratorsNetwork security AdministratorsNetwork Security EngineerNetwork Defense TechniciansCND AnalystSecurity AnalystSecurity OperatorAnyone who involves in network operations Objectives: The program prepares network administrators on network security technologies and operations to attain Defense-in-Depth network security preparedness. It covers the protect, detect and respond approach to network security. The course contains hands-on labs, based on major network security tools and techniques which will provide network administrators real world expertise on current network security technologies and operations. The study-kit provides you with over 10 GB of network security best practices, assessments and protection tools. The kit also contains templates for various network policies and a large number of white papers for additional learning.

2 Content: Module 01: Computer Network and Defense Environmental Controls Best Security Practices for VPN Configuration Fundamentals Recommendations for VPN Connection Heating, Ventilation and Air Conditioning Network Fundamentals Module 10: Wireless Network Defense Electromagnetic Interference (EMI) Shielding Computer Network Wireless Terminologies Hot and Cold Aisles Types of Network Wireless Networks Physical Security: Awareness /Training Major Network Topologies Advantages of Wireless Networks Physical Security Checklists Network Components Disadvantages of Wireless Networks Module 06: Host Security Network Interface Card (NIC) Wireless Standard Host Security Repeater Wireless Topologies Common Threats Specific to Host Security Hub Ad-hoc Standalone Network Architecture (IBSS - Independent Basic Service Set) Where do they come from? Switches Infrastructure Network Topology (Centrally Why Host Security? Coordinated Architecture/ BSS - Basic Router Service Set) Before Configuring Host Security: Identify Bridges purpose of each Host Typical Use of Wireless Networks Gateways Host Security Baselining Extension to a Wired Network TCP/IP Networking Basics OS Security Multiple Access Points Standard Network Models: OSI Model Operating System Security Baselining LAN-to-LAN Wireless Network Standard Network Models: TCP/IP Model Common OS Security Configurations 3G Hotspot Windows Security Baselining: Example Comparing OSI and TCP/IP Microsoft Base Security Analyzer Components of Wireless Network (MBSA) Setting up BIOS Password TCP/IP Protocol Stack Auditing Windows Registry Access Point User and Password Management Disabling Unnecessary User Accounts Domain Name System (DNS) Configuring user authentication Wireless Cards (NIC) Patch Management DNS Packet Format Wireless Modem Configuring an update method for Installing Patches Transmission Control Protocol (TCP) Patch Management Tools Wireless Bridge TCP Header Format Disabling Unused System Services

3 TCP Services Wireless Repeater TCP Operation Three-way handshak Set Appropriate Local Security Policy Settings Wireless Router User Datagram Protocol (UDP) Configuring Windows Firewall UDP Operation Wireless Gateways IP Header Protecting from Viruses Wireless USB Adapter IP Header: Protocol Field Antivirus Software What is Internet Protocol v6 (IPv6)? IPv6 Header Protecting from Spywares Antenna Internet Control Message Protocol (ICMP) Antispywares Directional Antenna Parabolic Grid Antenna Format of an ICMP Message Security: AntiSpammers Dipole Antenna Omnidirectional Antenna Address Resolution Protocol (ARP) Spam Filtering Software Yagi Antenna ARP Packet Format Enabling Pop-up Blockers WEP (Wired Equivalent Privacy) Encryption Fiber Distributed Data Interface (FDDI) Windows Logs Review and Audit WPA (Wi-Fi Protected Access) Encryption Token Ring Log Review Recommendations Event IDs in Windows Event log WPA2 Encryption IP Addressing Configuring Host-based IDS/IPS WEP vs. WPA vs. WPA2 Host based IDS: OSSEC Classful IP Addressing AlienVault Unified Security Management (USM) Wi-Fi Authentication Method Tripwire Address Classes Additional Host Based IDSes Open System Authentication File System Security: Setting Access Controls Reserved IP Address and Permission to Files and Folders Shared Key Authentication Creating and Securing a Windows file Subnet Masking share Wi-Fi Authentication Process Using a Subnetting File and File System Encryption Centralized Authentication Server Supernetting EFS Limitations IPv6 Addressing Data encryption Recommendations Wireless Network Threats DATA Encryption Tools Difference between IPv4 and IPv6 IPv4 compatible IPv6 Address Linux Security War Driving Computer Network Defense (CND) Linux Base Security Checker: Client Mis-association buck-security Computer Fundamental Attributes Unauthorized Association Password Management What CND is NOT HoneySpot Access Point (Evil Twin) Attack Killing unnecessary processes CND Layers Rogue Access Point Attack CND Layer 1: Technologies Linux Patch Management CND Layer 2: Operations CND Layer 3: People Misconfigured Access Point Attack Understanding and checking Linux File Blue Teaming Permissions

4 Ad Hoc Connection Attack Changing File Permissions Network Defense-In-Depth Common File Permission Settings Check and Verify Permissions for AP MAC Spoofing Sensitive Files and Directories Typical Secure Network Design Host-based Firewall Protection with iptables Denial-of-Service Attack CND Triad Linux Log review and Audit WPA-PSK Cracking CND Process Common Linux log files System Log Viewer RADIUS Replay Log Events to Look for CND Actions Securing Network Servers ARP Poisoning Attack CND Approaches Before Hardening Servers WEP Cracking Module 02: Network Security Threats, Vulnerabilities, and Attacks Hardening Web Server Man-in-the-Middle Attack Essential Terminologies Hardening Server: Recommendations Fragmentation Attack Threats Hardening FTP Servers: Recommendations Jamming Signal Attack Vulnerabilities Hardening Routers and Switches Bluetooth Threats Attacks Hardening Routers: Recommendations Leaking Calendars and Address Books Network Security Concerns Hardening Switches Bugging Devices Hardening Switches-Recommendations Why Network Security Concern Arises? Sending SMS Messages Logs Review and Audit: Syslog Fundamental Network Security Threats Causing Financial Losses GFI EventsManager: Syslog Server Types of Network Security Threats Remote Control Application/software Security How does network security breach affects Social Engineering business continuity? Application Security Application Security Phases Malicious Code Network Security Vulnerabilities Application Security: Recommendations Data Security Protocol Vulnerabilities Types of Network Security Vulnerabilities What is Data Loss Prevention (DLP) Wireless Network Security Technological Vulnerabilities Best Practices to Prevent Data Loss List of DLP Solution Vendors Creating Inventory of Wireless Devices Configuration Vulnerabilities Data Leak/Loss Prevention Tools Placement of Wireless Antenna Virtualization Security Security policy Vulnerabilities Disable SSID Broadcasting Virtualization Security Concern

5 Types of Network Security Attacks Virtualization Terminologies Selecting Stronger Wireless Encryption Mode Network Reconnaissance Attacks Introduction to Virtualization Implementing MAC Address Filtering Reconnaissance Attacks Reconnaissance Attacks: ICMP Scanning Characteristics of Virtualization Monitoring Wireless Network Traffic Reconnaissance Attacks: Ping Sweep Reconnaissance Attacks: DNS Footprinting Reconnaissance Attacks: Network Range Benefits of Virtualization Defending Against WPA Cracking Discovery Reconnaissance Attacks: Network Topology Passphrases Identification Virtualization Security Client Settings Reconnaissance Attacks: Network Passphrase Complexity Information Extraction using Nmap Scan Virtualization Security Concern Additional Controls Reconnaissance Attacks: Port Scanning Reconnaissance Attacks : Network Sniffing Securing Hypervisor Detecting Rogue Access Points How an Attacker Hacks the Network Using Sniffers Wireless Scanning: Reconnaissance Attacks : Social Securing Virtual machines Wired-side Network Scanning Engineering Attacks SNMP Polling Implementing Software Firewall Network Access Attacks Deploying Anti-virus Software Wi-Fi Discovery Tools Encrypting the Virtual Machines Password Attacks Secure Virtual Network Management inssider and NetSurveyor Methods to Secure Virtual Environment Password Attack Techniques Virtualization Security Best Practices for Vistumbler and NetStumbler Network Defenders Dictionary Attack Best Practices for Virtual Environment Brute Forcing Attacks Security Locating Rogue Access points Hybrid Attack Birthday Attack Module 07: Secure Firewall Configuration and Rainbow Table Attack Management Protecting from Denial-of-Service Attacks: Interference Man-in-the-Middle Attack Firewalls and Concerns Assessing Wireless Network Security Replay Attack What Firewalls Does? Wi-Fi Security Auditing Tool: AirMagnet WiFi Smurf Attack Analyzer What should you not Ignore?: Firewall Limitations Spam and Spim WPA Security Assessment Tool How Does a Firewall Work? Xmas Attack Elcomsoft Wireless Security Auditor Firewall Rules Pharming Cain ; Abel Types of Firewalls Privilege Escalation Wi-Fi Vulnerability Scanning Tools Hardware Firewall DNS Poisoning Deploying Wireless IDS (WIDS) and Wireless IPS (WIPS) Software Firewall ARP Poisoning Typical Wireless IDS/IPS Deployment Firewall Technologies DHCP Attacks: DHCP Starvation Attacks WIPS Tool

6 DHCP Attacks: DHCP Spoofing Attack Packet Filtering Firewall Switch Port Stealing Adaptive Wireless IPS Circuit Level Gateway Spoofing Attacks AirDefense Application Level Firewall MAC Spoofing/Duplicating Configuring Security on Wireless Routers Denial of Service (DoS) Attacks Stateful Multilayer Inspection Firewall Multilayer Inspection Firewall Additional Wireless Network Security Distributed Denial-of-Service Attack (DDoS) Guides Application Proxy Malware Attacks Module 11: Network Traffic Monitoring and Network Address Translation Analysis Adware Spyware Rootkits Virtual Private Network Network Traffic Monitoring and Backdoors Analysis(Introduction) Logic Bomb Botnets Firewall Topologies Ransomware Advantages of Network Traffic Monitoring and Polymorphic malware Analysis Bastion host Malware Network Monitoring and Analysis: Techniques Types of Malware: Trojan Screened subnet Types of Malware: Virus and Armored Virus Non-Router based Malware Attacks Multi-homed firewall Router Based Monitoring Techniques Adware SNMP Monitoring Spyware Choosing Right Firewall Topology Netflow Monitoring Rootkits Backdoors Non-Router Based Monitoring Techniques Logic Bomb Firewall Rule Set ; Policies Botnets Packet Sniffers Ransomware Network Monitors Polymorphic malware Blacklist vs Whitelist Network Monitoring: Positioning your Machine Module 03: Network Security Controls, at Appropriate Location Protocols, and Devices Example: Packet Filter Firewall Ruleset Connecting Your Machine to Managed Switch Fundamental Elements of Network Security Implement Firewall Policy Network Traffic Signatures Network Security Controls Periodic Review of Firewall Policies Normal Traffic Signature Network Security Protocols Firewall Implementation Transport Layer Attack Signatures Network Layer Before Firewall Implementation and Application Layer Deployment Data Link Layer Baselining Normal Traffic Signatures Network Security Perimeter Appliances Firewall Implementation and Deployment Categories of Suspicious Traffic Signatures Network Security Controls Planning Firewall Implementation Informational Reconnaissance Unauthorized access Access Control Factors to Consider before Purchasing any Denial of service

7 Firewall Solution Access Control Terminology Attack Signature Analysis Techniques Access Control Principles Access Control System: Administrative Configuring Firewall Implementation Content-based Signatures Analysis Access Control Context-based Signatures Analysis Access Control System: Physical Access Atomic Signatures-based Analysis Controls Testing Firewall Implementation Composite Signatures-based Analysis Access Control System: Technical Access Controls Packet Sniffer: Wireshark Deploying Firewall Implementation Types of Access Control Understanding Wireshark Components Discretionary Access Control (DAC) Managing and Maintaining Firewall Role-based Access Implementation Wireshark Capture and Display Filters Network Access Control (NAC) Firewall Administration Monitoring and Analyzing FTP Traffic NAC Solutions Firewall Administration: Deny Unauthorized Public Network Access Monitoring and Analyzing TELNET Traffic User Identification, Authentication, Authorization and Accounting Firewall Administration: Deny Unauthorized Monitoring and Analyzing HTTP Traffic Access Inside the Network Types of Authentication :Password Authentication Detecting OS Fingerprinting Attempts Firewall Administration: Restricting Client s Access to External Host Types of Authentication: Two-factor Detecting Passive OS Fingerprinting Attempts Authentication Firewall Logging and Auditing Detecting Active OS Fingerprinting Attempts Types of Authentication : Biometrics Firewall Logging Detecting ICMP Based OS Fingerprinting Detecting TCP Based OS Fingerprinting Types of Authentication : Smart Card Authentication Firewall Logs Examine Nmap Process for OS Fingerprinting Types of Authentication: Single Sign-on (SSO) Firewall Anti-evasion Techniques Detecting PING Sweep Attempt Types of Authorization Systems Why Firewalls are Bypassed? Detecting TCP Scan Attempt Centralized Authorization Full Data Traffic Normalization TCP Half Open/ Stealth Scan Attempt Implicit Authorization Data Stream-based Inspection TCP Full Connect Scan Decentralized Authorization Vulnerability-based Detection and Blocking TCP Null Scan Attempt Explicit Authorization Firewall Security Recommendations and Best TCP Xmas Scan Attempt Practices Authorization Principles Detecting SYN/FIN DDOS Attempt Secure Firewall Implementation: Best Practices Least privilege Detecting UDP Scan Attempt Secure Firewall Implementation: Separation of duties Recommendations Detecting Password Cracking Attempts

8 Cryptography Secure Firewall Implementation: Do s and Detecting FTP Password Cracking Attempts Don ts Encryption Detecting Sniffing (MITM) Attempts Firewall Security Auditing Tools Symmetric Encryption Asymmetric Encryption Detecting the Mac Flooding Attempt Firewall Analyzer Hashing: Data Integrity Detecting the ARP Poisoning Attempt Firewall Tester: Firewalk Digital Signatures Additional Packet Sniffing Tools FTester Digital Certificates Network Monitoring and Analysis Wingate Public Key Infrastructure (PKI) PRTG Network Monitor Symantec Enterprise Firewall Security Policy Bandwidth Monitoring Hardware Based Firewalls Network Security Policy Bandwidth Monitoring - Best Practices Module 08: Secure IDS Configuration and Key Consideration for Network Security Policy Management Bandwidth Monitoring Tools Types of Network Security Policies Intrusions and IDPS Module 12: Network Risk and Vulnerability Management Network Security Devices Intrusions General Indications of Intrusions What is Risk? Firewalls Intrusion Detection and Prevention Systems (IDPS) Risk Levels DMZ Why do We Need IDPS? Extreme/High Virtual Private Network (VPN) IDS Medium Proxy Server Role of IDS in Network Defense Advantages Of using Proxy Servers Low IDS Functions Honeypot Risk Matrix Advantages of using Honeypots What Events do IDS Examine? Honeypot Tools Risk Management Benefits Intrusion Detection System (IDS) What IDS is NOT? Key Roles and Responsibilities in Risk Intrusion Prevention System (IPS) IDS Activities management IDS/IPS Solutions How IDS Works? Key Risk Indicators(KRI) Network Protocol Analyzer IDS Components Risk Management Phase How it Works Network Sensors

9 Advantages of using Network Protocol Alert Systems Risk Identification Analyzer Command Console Network Protocol Analyzer Tools Response System Establishing Context Attack Signature Database Quantifying Risks Internet Content Filter Intrusion Detection Steps Risk Assessment Advantages of using Internet Content Filters Internet Content Filters Risk Analysis Types of IDS Implementation Risk Prioritization Integrated Network Security Hardware Risk Treatment Approach-based IDS Network Security Protocols Anomaly and Misuse Detection Systems Risk Tracking ; Review Transport Layer Network Layer Behavior-based IDS Application Layer Enterprise Network Risk Management Data Link Layer Protection-based IDS RADIUS Enterprise Risk Management Framework (ERM) Structure-based IDS TACACS+ Goals of ERM Framework Analysis Timing based IDS Kerbros NIST Risk Management Framework Source Data Analysis based IDS Pretty Good Service (PGP) Protocol COSO ERM Framework IDS Deployment Strategies S/MIME Protocol COBIT Framework How it Works Staged IDS Deployment Difference between PGP and S/MIME Risk Management Information Systems Secure HTTP Deploying Network-based IDS (RMIS) Hyper Text Transfer Protocol Secure (HTTPS) Types of IDS Alerts Tools for RMIS Transport Layer Security (TLS) True Positive (Attack - Alert) Enterprise Network Risk Management Policy Internet Protocol Security (IPsec) False Positive (No Attack - Alert) Best Practices for Effective Implementation of Risk Management Module 04: Network Security Policy Design and False Negative(Attack - No Alert) Implementation Vulnerability Management True Negative (No Attack - No Alert) What is Security Policy? Discovery What should be the Acceptable Levels of False Alarms Hierarchy of Security Policy Asset Prioritization Calculating False Positive/False Negative Rate Characteristics of a Good Security Policy Assessment Dealing with False Negative Advantages of Vulnerability Assessment Contents of Security Policy Requirements for Effective Network Vulnerability Assessment Excluding False Positive Alerts with Cisco Types of Vulnerability Assessment Policy Statements Secure IPS Steps for Effective External Vulnerability Assessment

10 Vulnerability Assessment Phases Steps to Create and Implement Security Characteristics of a Good IDS Network Vulnerability Assessment Tools Policies Choosing a Vulnerability Assessment Tool Choosing a Vulnerability Assessment Tool: IDS mistakes that should be avoided Deployment Practices and Precautions Considerations Before Designing a Security Policy Reporting IPS Sample Vulnerability Management Reports Design of Security Policy IPS Technologies Remediation Policy Implementation Checklist Remediation Steps IPS Placement Remediation Plan Types of Information Security Policy Verification IPS Functions Enterprise information security policy(eisp Issue specific security policy(issp) Module 13: Data Backup and Recovery System specific security policy (SSSP) Need of IPS Internet Access Policies Introduction to Data Backup IDS vs IPS Promiscuous Policy Backup Strategy/Plan Types of IPS Permissive Policy Network-Based IPS Identifying Critical Business Data Host-Based IPS Wireless IPS Paranoid Policy Network Behavior Analysis (NBA) Selecting Backup Media System Prudent Policy Network-Based IPS Advantages/Disadvantages of RAID systems Network-Based IPS: Security Capabilities Acceptable-Use Policy Placement of IPS Sensors RAID Storage Architecture Host-Based IPS User-Account Policy RAID Level 0: Disk Striping Host-Based IPS Architecture Remote-Access Policy Wireless IPS RAID Level 1: Disk Mirroring WLAN Components and Architecture Information-Protection Policy Wireless IPS: Network Architecture RAID Level 3: Disk Striping with Parity Security Capabilities Management Firewall-Management Policy RAID Level 5: Block Interleaved Distributed Network Behavior Analysis (NBA) System Parity Special-Access Policy NBA Components and Sensor Locations NBA Security Capabilities RAID Level 10: Blocks Striped and Mirrored Network-Connection Policy IDPS Product Selection Considerations RAID Level 50: Mirroring and Striping across Multiple RAID Levels Business-Partner Policy General Requirements Selecting Appropriate RAID Levels Security Policy Security Capability Requirements Hardware and Software RAIDs Passwords Policy Performance Requirements RAID Usage Best Practices

11 Physical Security Policy Management Requirements Storage Area Network (SAN) Information System Security Policy Life Cycle Costs Advantages of SAN Bring Your Own Devices (BYOD) Policy Complementing IDS SAN Backup Best Practices Software/Application Security Policy Vulnerability Analysis or Assessment Systems SAN Data Storage and Backup Management Data Backup Policy Advantages ; Disadvantages of Tools Vulnerability Analysis Confidential Data Policy File Integrity Checkers Network Attached Storage (NAS) File Integrity Checkers Tools Data Classification Policy Types of NAS Implementation Honey Pot ; Padded Cell Systems Integrated NAS System Internet Usage Policies Honey Pot and Padded Cell System Gateway NAS System Tools Selecting Appropriate Backup Method Server Policy IDS Evaluation: Snort Hot Backup(On) Wireless Network Policy IDS/IPS Solutions Cold Backup(Off) Incidence Response Plan (IRP) IDS Products and Vendors Warm Backup (Near) User Access Control Policy Module 09: Secure VPN Configuration and Management Choosing the Right Location for Backup Switch Security Policy Understanding Virtual Private Network (VPN) Onsite Data Backup Personal Device Usage Policy How VPN works? Offsite Data Backup Encryption Policy Why to Establish VPN? Cloud Data Backup Router Policy VPN Components Backup Types Security Policy Training and Awareness VPN Client Full/Normal Data Backup ISO Information Security Standards Tunnel Terminating Device Differential Data Backup ISO/IEC 27001:2013: Information technology Security Techniques Information security Network Access Server (NAS) Management Systems Requirements Incremental Data Backup VPN Protocol ISO/IEC 27033:Information technology -- Backup Types Advantages and Security techniques -- Network security Disadvantages VPN Concentrators Payment Card Industry Data Security Standard Choosing Right Backup Solution (PCI-DSS) Functions of VPN Concentrator

12 Data Backup Software : AOMEI Backupper Health Insurance Portability and Accountability Types of VPN Act (HIPAA) Data Backup Tools for Windows Data Backup Tools for MAC OS X Client-to-site (Remote-access) VPNs Information Security Acts: Sarbanes Oxley Act Data Recovery (SOX) Site-to-Site VPNs Windows Data Recovery Tool Information Security Acts: Gramm-Leach-Bliley Act (GLBA) Establishing Connections with VPN Recover My Files Information Security Acts: The Digital VPN Categories Millennium Copyright Act (DMCA) and Federal EASEUS Data Recovery Wizard Information Security Management Act (FISMA) Hardware VPNs PC INSPECTOR File Recovery Other Information Security Acts and Laws Hardware VPN Products Software VPNs Data Recovery Tools for MAC OS X Cyber Law in Different Countries Software VPN Products RAID Data Recovery Services Module 05: Physical Security Selecting Appropriate VPN SAN Data Recovery Software Physical Security VPN Core Functions NAS Data Recovery Services Need for Physical Security Encapsulation Module 14: Network Incident Response and Factors Affecting Physical Security Encryption Management Symmetric Encryption Physical Security Controls Asymmetric Encryption Incident Handling and Response Administrative Controls Authentication Physical Controls Incident Response Team Members: Roles Technical Controls and Responsibilities VPN Technologies Physical Security Controls: Location and Architecture Considerations First Responder Hub-and-Spoke VPN Topology Physical Security Controls: Fire Fighting Network Administrators as First Responder Systems Point-to-Point VPN Topology What Should You Know? Physical Security Controls: Physical Barriers Full Mesh VPN Topology First Response Steps by Network Physical Security Controls: Security Personnel Star Topology Administrators Avoid Fear, Uncertainty and Doubt (FUD) Access Control Authentication Techniques Common VPN Flaws Make an Initial Incident Assessment Determining Severity Levels Communicate the Incident Authentication Techniques: Knowledge Factors VPN Fingerprinting Contain the Damage : Avoid Further Harm Control Access to Suspected Devices Collect and Prepare Information about Authentication Techniques: Ownership Factors Insecure Storage of Authentication Suspected Device Credentials by VPN Clients Record Your Actions Restrict Yourself from Doing Investigation Authentication Techniques: Biometric Factors Do Not Change the State of Suspected

13 Username Enumeration Vulnerabilities Device Disable Virus Protection Physical Security Controls Off Password Cracking Incident Handling and Response Process Administrative Controls Physical Controls Technical Controls Man- in- the Middle Attacks Overview of IH;R Process Flow Physical Locks Lack of Account Lockout Preparation for Incident Handling and Response Mechanical locks: Poor Default Configurations Detection and Analysis Combination locks: Poor Guidance and Documentation Classification and Prioritization Electronic /Electric /Electromagnetic locks: VPN Security Incident Prioritization Concealed Weapon/Contraband Detection Devices Firewalls Notification and Planning Mantrap VPN Encryption and Security Protocols Containment Symmetric Encryption Security Labels and Warning Signs Asymmetric Encryption Forensic Investigation Authentication for VPN Access Alarm System Network Forensics Investigation VPN Security: IPsec Server People Involved in Forensics Investigation AAA Server Typical Forensics Investigation Video Surveillance Methodology Connection to VPN: SSH and PPP Eradication and Recovery Physical Security Policies and Procedures Connection to VPN: Concentrator Countermeasures Systems Recovery Other Physical Security Measures VPN Security Radius Post-incident Activities Lighting System Incident Documentation Quality Of Service and Performance in VPNs Incident Damage and Cost Assessment Review and Update the Response Policies Power Supply Improving VPN Speed Training and Awareness Workplace Security Quality of Service (QOS) in VPNs Reception Area SSL VPN Deployment Considerations Server/ Backup Device Security Client security Client integrity scanning Sandbox Critical Assets and Removable Devices Secure logoff and credential wiping Timeouts and re-authentication Virus, malicious code and worm activity Securing Network Cables Audit and Activity awareness Internal Network Security Failings Securing Portable Mobile Devices IP VPN Service Level Management

14 Personnel Security: Managing Staff Hiring and Leaving Process Laptop Security Tool: EXO5 VPN Service Providers Auditing and Testing the VPN Testing VPN File Transfer Laptop Tracking Tools Further Information: For More information, or to book your course, please call us on (0) or training@globalknowledge.com.eg Global Knowledge, 16 Moustafa Refaat St. Block 1137, Sheraton Buildings, Heliopolis, Cairo