Objective

This course aims to introduce you to the risks you may encounter in today's networked environment. It explains the background to current network and Internet technology, and describes the countermeasures available.

Target Audience

The course is aimed at anyone interested in understanding the security issues relevant to a network or Internet environment and how best to deal with them.

Materials Provided

Each delegate will receive a course workbook.

Course Outline

A Short History of the Internet

TCP/IP Overview

- Standards
- The OSI seven layer model
- IEEE standards
- Protocol choices
- TCP/IP architecture
- TCP/IP services
- IP addressing
- Sockets and ports

Threats

- Fraud
- Hacking
- Denial of Service
- Malware
Other Threats:
- Unwanted content
- E-mail (in)security
- Outsourcing

Defence: Firewalls

- What is a firewall?
- How firewalls work
- Stateful inspection
- Firewall design & testing
- Proxy servers

Defence: Virus Protection

Defence: Content Management

Defence: Intruder Detection

- Packet (network) analysis
- Active (host) monitoring
- Deception systems (honeypots)

Defence: Cryptography & Encryption

- Secret key encryption
- Public key cryptography
- Secure Sockets Layer
- Digital signatures
- Certificates

Defence: Good Design

Defence: Security Policy

- Scope & Objective
- BS ISO/IEC 17799
- How to implement an ISMS
- Personnel security
- Incident reporting
- Business Continuity Planning