Course 756:
Practical Security and Cryptography

(3 days)

 

Course Description

This course provides the foundation for Security and Cryptography using real-world examples. Throughout the course, attendees will cover the security concepts related to securing Computing Infrastructures, from the network, through the operating systems and applications that run on them. Through the use of lecture and hands-on labs using ROI’s Cyber-range, the key components of Security and Cryptography will be discussed, demonstrated, and practiced.

Learning Objectives

  • Security Foundations
  • Applied Cryptography—Including Symmetric, Asymmetric, and Hashing
  • How Security Tools and Methods Incorporate Cryptography
  • Understanding Attacks/Defense on the Network
  • Understanding Attacks/Defense on the Operating System
  • Hands-On Workshops giving practical experience with Security and Cryptography

Who Should Attend

Attendees should include Managers, Network and System Administrators, Developers, Programmers, Developers, and others with a need to know and understand Network Security related problems. This course is also an excellent foundation of knowledge for those studying for the CISSP exam.

Prerequisites

Since this is an Operating System and Networking course, it is highly recommended that students have an understanding of TCPIP Networking and experience with Operating System Administration (either UNIX or Windows).

Course Outline

Unit 1: Overview – Security Problems and Tools

  • Network and Operating System Components
  • CIAA – Confidentiality, Integrity, Availability, and Authentication
  • Knowing the Enemy
  • Internal and External Security
  • Network Security Components
  • Operating System Security
  • CyberRange Workshop: Port Scanning and Packet Capturing

Unit 2: Cryptography Essentials

  • Symmetric Encryption
    • DES/3DES, RC2, RC4, Blowfish, and AES
  • Workshop: Symmetric Encryption
  • Asymmetric Encryption and Key Exchange
    • RSA & Elliptical Curve
    • Diffe-Hellman
  • Workshop: Symmetric and Asymmetric Encryption
  • Hashing and Digests
    • MD5, SHA
    • MAC/HMAC
  • Public/Private Key Cryptography
    • Applying Symmetric/Asymmetric/Hashing Together
  • Public Key Infrastructure (PKI)
  • CyberRange Workshop: Securing Communication
  • Utilizing Cryptography and Encryption Effectively

Unit 3: Attacks and Securing the Network

  • Denial of Service
  • Wide Area Network and Local Area Network (LAN) Designs
  • Firewall Configuration
  • TCP/IP Communication Security
    • IPSec and Virtual Private Networks
    • SSL/TLS, FTPS and SMTPS
    • SSH/SFTP
    • Application-specific
  • CyberRange Workshops: Enhancing TCP/IP Security with Cryptography

Unit 5: Attacks on the OS

  • Crypto-lockers
  • Spyware/Malware
  • Locking Down an Operating System
  • OS Authentication Mechanisms
    • LM/NTLM/AD
    • Kerberos/RADIUS/TACACS+
  • Two-Factor Authentication
  • CyberRange Workshops: Attacking and Defending the Operating System

Unit 6: Technology Integration

  • Evaluating Cryptography in a New Application
  • Wireless and Cellular Technology Security
  • Remote Users and Security

Unit 7: Additional Security CyberRange Activities

  • Network Device Attacks
  • Operating System Upgrade Vulnerably
  • Website Attacks

Please Contact Your ROI Representative to Discuss Course Tailoring!