Replacew/NGE87076CIW Security Professional Part 2: Network Security and Firewalls

Course Code NGE87012

Contents

1. Contents
2. Description
3. Audience
4. Prerequisites
5. Objectives
6. Topics Include
7. Duration
8. Minimum Requirements
9. Media

Screenshot

Description

This is the second course in a five part series that teaches protocol layers and security, the resources needed to secure servers, using firewalls, the levels of firewall protection, how to detect and distract hackers, and how to respond to hacker activity.

Audience

The target audiences for this course are, System Administrators, Application Developers, Firewall Administrators, and IT Security Officers. Students must have CIW Foundations certification or equivalent experience, as well pass the CIW Server Administrator and CIW Internetworking Professional exams or have equivalent skills. In addition, students should have taken part one of this series (87011). This course is an approved study guide that will help Certified Internet Webmaster (CIW) candidates prepare for exam 1D0-470.

Prerequisites

(Currently no course prerequisite information)

Objective

• Identify the components of a TCP/IP packet and security risks related to TCP/IP at various layers of the OSI model.
• Identify the implementation of TCP/IP security on a Windows NT system.
• Identify securing the Web server, FTP server, and SMTP server and testing the network security for a specific network.
• Identify firewalls and proxy servers.
• Identify setting up RAS for VPN and establishing a VPN session.
• Identify firewall design.
• Identify how to configure WinRoute.
• Identify proactive detection, the prevention of breach of network security, and the creation of response plans to handle breach of network security.

Topics Include

Unit 1: TCP/IP and Security

• Match the methods to breach security in the lower-level OSI layers with the specific situations.
• Match the methods to breach network security in the application layer of the OSI model with the corresponding situations.
• Configure Windows NT Server to lock a specific port by using the TCP/IP Security dialog box.
• Conduct a traceback to a Windows NT server from a Linux computer by using plisten.
• Identify the correct set of commands to establish a connection to a port of a Windows NT server from another computer by using Netcat.

Unit 2: Securing Network Resources

• Identify the strategies that comply with the guidelines of a security implementation model in a specific situation.
• Identify the guidelines that should be followed to secure services in a specific situation.
• Identify the guidelines followed to secure a Web server in a specific situation.
• Identify the strategies used to prevent security holes in CGI scripts in a specific situation.
• Secure a Web server by using MMC.
• Identify the situation that conforms to the guidelines for securing an FTP server.
• Secure an FTP server by using MMC.
• Identify a scenario where the guidelines for securing an SMTP server are followed.
• Match the security options that you configure to secure an SMTP server with their functions.
• Identify the strategies that conform to the guidelines for ensuring network security in a specific situation.
• Identify the uses of a specific tool that is used to test network security.

Unit 3: Firewalls

• Identify the role of a firewall in a specific situation on a network.
• Match the types of firewalls with the situations in which they are implemented.
• Identify the packet-filtering rule used to implement a security policy.
• Match the types of proxy servers with the scenarios in which they are used.
• Install Proxy Server on a network by using Microsoft Proxy Server 2.0 CD.
• Enable access control for Web proxy service on a proxy server by using MMC.
• Set up RAS to use a VPN connection on a Windows NT server.
• Establish a VPN session by using RAS.

Unit 4: Firewalls: Designing and Configuring

• Identify the guidelines for designing a firewall for a specific network.
• Identify the appropriate firewall design based on the security requirements of a specific network.
• Configure WinRoute to segregate internal and external networks.
• Create packet filters to prevent the transfer of packets of specific types from one network to another.

Unit 5: Detecting and Distracting Hackers

• Match the proactive detection techniques with the corresponding situations to ensure security on a network.
• Create a dummy account to distract a hacker by using User Manager for Domains.
• Identify the correct block of commands to install the Tripwire program.
• Identify the appropriate strategy to respond to a hacker attack in a specific situation.
• Identify the response plan to be executed on the basis of the scope of security breach in the event of a hacker attack.

Duration

8

Minimum Requirements

The CDROM version of this course requires:

• At least a 486DX 33Mhz CPU.
• Microsoft Windows 3.1 or higher and a Microsoft compatible mouse.
• At least 8MB RAM.
• At least VGA graphics capability with a minimum 512K video RAM (1MB video RAM recommended).
• At least a double speed CDROM drive.
• An MPC compliant sound card with attached speakers or headphones is recommended (Currently, only the CDROM version supports audio).

• At least a 486DX 33Mhz CPU.
• Microsoft Windows 3.1 or higher and a Microsoft compatible mouse.
• At least 8MB RAM and 22MB available hard disk space or file server space.
• At least VGA graphics capability with a minimum 512K video RAM (1MB video RAM recommended).

Media