0345 4506120

System and Network Security Introduction — GCHQ Certified Training

In this Network security training course, you gain the knowledge and skills to analyze and assess network risks, select and deploy appropriate countermeasures, evaluate methods for strong authentication, search for possible vulnerabilities in operating systems, and reduce your organization’s exposure to dangers in enterprise-wide and virtual private networks.

Learning Objectives

You Will Learn How To

  • Analyse your exposure to security threats
  • Protect your organisation's systems and data
  • Deploy firewalls and data encryption to minimise threats
  • Assess alternative user and host authentication mechanisms
  • Manage risks originating from inside the organisation and the internet

Pre-Requisites

Recommended Experience:

  • Familiarity using Microsoft Windows

Course Content

Course Outline

Building a Secure Organisation

Real threats that impact cybersecurity

  • Hackers inside and out
  • Eavesdropping
  • Spoofing
  • Sniffing
  • Trojan horses
  • Viruses
  • Wiretaps

A cyber security policy: the foundation of your protection

  • Defining your information assurance objectives
  • Assessing your exposure

A Cryptography Primer

Securing data with symmetric encryption

  • Choosing your algorithm: DES, AES, Rc4 and others
  • Assessing key length and key distribution

Solving key distribution issues with asymmetric encryption

  • Generating keys
  • Encrypting with RSA
  • PGP and GnuPG
  • Evaluating Web of Trust and PKI

Ensuring integrity with hashes

  • Hashing with Md5 and SHA
  • Protecting data in transit
  • Building the digital signature

Verifying User and Host Identity

Assessing traditional static password schemes

  • Creating a good quality password policy to prevent password guessing and cracking
  • Protecting against social engineering attacks
  • Encrypting passwords to mitigate the impact of password sniffing

Evaluating strong authentication methods

  • Preventing password replay using one-time and tokenised passwords
  • Employing biometrics as part of multi-factor authentication

Authenticating hosts

  • Distrusting IP addresses
  • Address-spoofing issues and countermeasures
  • Solutions for wireless networks

Preventing System Intrusions

Discovering system vulnerabilities

  • Searching for operating system vulnerabilities
  • Discovering file permission issues
  • Limiting access via physical security

Encrypting files for confidentiality

  • Encryption with application-specific tools
  • Recovering encrypted data

Hardening the operating system

  • Locking down user accounts
  • Securing administrator's permissions
  • Protecting against viruses

Guarding Against Network Intrusions

Scanning for vulnerabilities

  • Searching for rogue servers
  • Profiling systems and services

Reducing Denial of Service (DoS) attacks

  • Securing DNS
  • Limiting the impact of common attacks

Deploying firewalls to control network traffic

  • Preventing intrusions with filters
  • Implementing cyber security policy
  • Deploying personal firewalls

Protecting web services and applications

  • Validating user input
  • Controlling information leakage

Ensuring Network Confidentiality

Threats from the LAN

  • Sniffing the network
  • Mitigating threats from connected hosts
  • Partitioning the network to prevent data leakage
  • Identifying wireless LAN vulnerabilities

Confidentiality on external connections

  • Ensuring confidentiality with encryption
  • Securing communication with IPSec

Exams & Certification

Certification Preparation:

  • This course covers multiple domains on the (ISC)2 CISSP certification exam
  • If you are interested in achieving the CISSP certification, see Course, Certified Information Systems Security  Professional (CISSP) Certification Exam Preparation
  • This course provides 23 'A-level' CPE credits toward maintaining your CISSP certification

GCHQ Certified Training and Exam Information:

  • This is a GCHQ Certified Training (GCT) course. GCHQ Certified Training has been recognised for excellence by a UK Government developed cyber security scheme. GCT is part of the UK Government’s initiative to address the shortage of skilled cyber security professionals. The GCT scheme is underpinned by the industry respected IISP framework and assesses the quality of the course materials and the Instructors’ delivery of the course against GCHQ’s exacting standards.
  • Successful completion of the end of course exam will gain you an independent APMG-International GCT certification award.

This course is approved by CompTIA for continuing education units (CEUs)

Privacy Notice

In order to provide you with the service requested we will need to retain and use your contact information in accordance with our Privacy Notice. If you choose to provide us with this information you explicitly consent to us using the information as necessary to provide the requested service to you. If you do not agree please do not proceed to request the service from us.

Marketing Permissions

Would you like to receive our newsletter and other information on products and services which we think will be of interest to you by email. We will always treat your information with care and in accordance with our Privacy Notice. You are free to withdraw this permission at any time.

 

Online Courses

You may prefer an online course if you are looking for a flexible and cost-effective solution. Online courses allow you to study at your own pace, at a time that suits you.

We have the following eLearning options available:

Virtual Classroom

Virtual classrooms provide all the benefits of attending a classroom course without the need to arrange travel and accomodation. Please note that virtual courses are attended in real-time, commencing on a specified date.

Virtual Course Dates

Our Customers Include