0345 4506120

Defending the Perimeter from Cyber Attacks — GCHQ Certified Training

Ensure the confidentiality, integrity, and availability of your organization’s information by protecting your communications and data. In this training course, you learn how to define and implement security principles, install and customize secure firewalls, build Virtual Private Network (VPN) tunnels, and safeguard your organization’s network perimeter against malicious attacks.

Learning Objectives

You Will Learn How To

  • Fortify your network perimeter to provide an integrated defence
  • Prevent or mitigate the effects of network attacks with a firewall
  • Detect and respond to network attacks with Intrusion Detection and Prevention (IDP)
  • Design, instal, and configure secure Virtual Private Networks (VPNs)
  • Mitigate the impact of Denial-of-Service (DoS) attacks

Pre-Requisites

Recommended Experience:

  • Basic security knowledge at the level of:    
    • Course, System and Network Security Introduction
  • Working knowledge of TCP/IP and client server architecture

Course Content

Course Outline

Setting Your Security Objectives

Defining security principles

  • Ensuring data Confidentiality, Integrity and Availability (CIA)
  • Assessing defensive techniques
  • Setting a generic security stance

Developing a security policy

  • Balancing risk with business requirements
  • Identifying your information assurance objectives
  • Choosing security technologies

Deploying a Secure Firewall

Installing a firewall

  • Determining the appropriate firewall type
  • Selecting and hardening the operating system
  • Virtualising the firewall appliance

Configuring a firewall to support outgoing services

  • Supporting simple services: HTTP, SMTP
  • Filtering dangerous content and handling encrypted traffic
  • Managing complex services: VoIP, audio and video

Providing external services securely

  • Implementing publicly accessible servers
  • Building a DMZ architecture
  • Supporting SMTP mail

Allowing access to internal services

  • Customising DNS for firewall architectures
  • Configuring Network Address Translation (NAT)
  • Developing access lists for client server applications

Detecting and Preventing Intrusion

Deploying an IDS

  • Placing Network IDS (NIDS) within your network architecture
  • Operating sensors in stealth mode

Detecting intrusions in the enterprise

  • Designing a multi-layer IDS hierarchy
  • Managing distributed IDS

Interpreting alerts

  • Verifying IDS operation
  • Minimising false positives and negatives
  • Validating IDS events and recognising attacks

Stopping intruders

  • Exploiting IDS active responses
  • Snipping a TCP session
  • Controlling access with a firewall update

Configuring Remote User Virtual Private Networks (VPNs)

Building VPN tunnels

  • Compulsory vs. voluntary tunnels
  • Supporting remote users with layer 2 tunnels
  • Connecting remote sites with layer 3 tunnels

Deploying client software

  • Assessing remote access VPN alternatives
  • Implementing remote user authentication
  • Leveraging Layer 2 Tunneling Protocol (L2TP)
  • Protecting L2TP tunnels with IPsec Transport Mode

Creating Site-to-Site VPNs

Applying cryptographic protection

  • Ensuring confidentiality with symmetric encryption
  • Exchanging symmetric keys with asymmetric encryption
  • Checking message integrity with hashing
  • Managing digital certificates with PKI

Comparing tunnelling and protection methods

  • Employing VPN concentrators and VPN-capable routers
  • Applying IPsec Tunnel Mode
  • Assessing tunnelling protocols
  • Evaluating VPN topologies

Integrating Perimeter Defences

Reducing the impact of denial-of-service (DoS) attacks

  • Mitigating bombardment attacks
  • Rejecting connection-based attacks with IPSs
  • Blackholing and sinkholing
  • Implementing a DoS Defence System (DDS)
  • Blacklisting attack sites and address ranges

Perimeter architectures

  • Integrating IDS and VPNs with your firewall architecture
  • Positioning externally accessible servers
  • Monitoring and controlling wireless networks

Exams & Certification

GCHQ Certified Training and Exam Information:

  • This is a GCHQ Certified Training (GCT) course. GCHQ Certified Training has been recognised for excellence by a UK Government developed cyber security scheme. GCT is part of the UK Government’s initiative to address the shortage of skilled cyber security professionals. The GCT scheme is underpinned by the industry respected IISP framework and assesses the quality of the course materials and the Instructors’ delivery of the course against GCHQ’s exacting standards.
  • Successful completion of the end of course exam will gain you an independent APMG-International GCT certification award.

Privacy Notice

In order to provide you with the service requested we will need to retain and use your contact information in accordance with our Privacy Notice. If you choose to provide us with this information you explicitly consent to us using the information as necessary to provide the request service to you. If you do not agree please do not proceed to request the service from us.

Marketing Permissions

Would you like to receive our newsletter and other information on products and services which we think will be of interest to you by email. We will always treat your information with care and in accordance with our Privacy Notice. You are free to withdraw this permission at any time.

 

Online Courses

You may prefer an online course if you are looking for a flexible and cost-effective solution. Online courses allow you to study at your own pace, at a time that suits you.

We have the following eLearning options available:

Virtual Classroom

Virtual classrooms provide all the benefits of attending a classroom course without the need to arrange travel and accomodation. Please note that virtual courses are attended in real-time, commencing on a specified date.

Virtual Course Dates

Our Customers Include