Skip Navigation Links

Course Length:
5 Days
Course Description:
This course is the official courseware for the Security Certified Program SC0-471 certification exam. The Strategic Infrastructure Security (SIS) course is designed to follow the hands-on skills utilized in the Tactical Perimeter Defense (TPD) course. The SIS course continues with hardening of strategic elements of your infrastructure, such as your Windows and Linux servers, and goes into detail on one of the most critical areas to understand in security, Cryptography.
Who Should Attend:
This course is for network administrators and certification candidates.
Benefits of Attendance:
Upon completion of this course, students will be able to:
  • Detail the core issues of cryptography, including public and private key.
  • Harden SuSe Linux 10 Server computers.
  • Harden Windows Server 2003 computers.
  • Utilize ethical hacking attack techniques.
  • Secure DNS and web servers, and examine Internet and WWW security.
  • Perform a risk analysis.
  • Create a security policy.
  • Analyze packet signatures.
Prerequisites:
To ensure your success, we recommend that you have completed the SCP Tactical Perimeter Defense (TPD) course. The TPD course will ensure you have the core security concepts and skills in developing a secure perimeter for your organization.
Course Outline:
  • Lesson 1: Cryptography and Data Security
    1. History of Cryptography
    2. Math and Algorithms
    3. Private Key Exchange
    4. Public Key Exchange
    5. Message Authentication
  • Lesson 2: Hardening Linux Computers
    1. Linux Filesystem and Navigation
    2. General Secure System Management
    3. User and Filesystem Security Administration
    4. Network Interface Configuration
    5. Security Scripting
    6. Useful Linux Security Tools
  • Lesson 3: Hardening Windows Server 2003
    1. Windows 2003 Infrastructure Security
    2. Windows 2003 Authentication
    3. Windows 2003 Security Configuration Tools
    4. Windows 2003 Resource Security
    5. Windows 2003 Auditing and Logging
    6. Windows 2003 EFS
    7. Windows 2003 Network Security
  • Lesson 4: Attack Techniques
    1. Network Reconnaissance
    2. Mapping the Network
    3. Sweeping the Network
    4. Scanning the Network
    5. Vulnerability Scanning
    6. Viruses, Worms, and Trojan Horses
    7. Gaining Control Over the System
    8. Recording Keystrokes
    9. Cracking Encrypted Passwords
    10. Revealing Hidden Passwords
    11. Social Engineering
    12. Gaining Unauthorized Access
    13. Hiding Evidence of an Attack
    14. Performing a Denial of Service
  • Lesson 5: Security on the Internet and the WWW
    1. Describing the Major Components of the Internet
    2. Securing DNS Services
    3. Describing Web Hacking Techniques
    4. Describing Methods Used to Attack Users
  • Lesson 6: Performing a Risk Analysis
    1. Concepts of Risk Analysis
    2. Methods of Risk Analysis
    3. The Process of Risk Analysis
    4. Techniques to Minimize Risk
    5. Continuous Risk Assessment
  • Lesson 7: Creating a Security Policy
    1. Concepts of Security Policies
    2. Policy Design
    3. Policy Contents
    4. An Example Policy
    5. Incident Handling and Escalation Procedures
    6. Partner Policies
  • Analyzing Packet Signatures
    1. Signature Analysis
    2. Common Vulnerabilities and Exposures (CVE)
    3. Signatures
    4. Normal Traffic Signatures
    5. Abnormal Traffic Signatures