Hardening Your Enterprise: Advanced Network Defense | CAST 614 Course

CAST614

CAST 614 Course

iLearn Self-Paced Base package includes:

  • Instructor led training modules (1 year access)
  • Official e-courseware (1 year access)
  • iLabs access (6 Months Access)
  • Certificate of Completion for each course
  • Exam Voucher

Ask about our group bundles and discounts

$999.00 Add to cart

Course Description

With this course you can be among the few who transcend the old idea of the hacker having all the fun, take pride being the defender, form an offensive mindset to skill-fully orchestrate robust and solid defenses and reinvent popular belief by beating the hacker at his own game.

You will be evaluating advanced “hacks” and methods of defense fortification bringing you closer to establishing perfect security by reviewing best practices and methodologies you can apply to secure environments, provide segmentation and isolation to reduce the effectiveness of the Advanced Persistent Threat.

The course will cover fundamental areas of fortifying your defense; you will discover methods of developing a secure baseline and how to “harden” your enterprise architectures from the most advanced attacks. Once a strategy for a fortified perimeter is defined the course moves on to defending against the sophisticated malware that is on the rise today and the importance of “live” memory analysis and real time monitoring.

Course Overview

Why CAST 614?

  • Executing a set of techniques that are critical to the protection of your entire enterprise against some of today’s most advanced threats
  • Reviewing methods of system deployments in as secure a state as possible while supporting your daily business requirements
  • Applying necessary techniques required for malware identification throughout the enterprise even in the case of the malware not being detectable by any of your security controls
  • Staging Advanced Attacks to appreciate methods of correctly eliminating or mitigating risk to an acceptable level

Who is it For?

Firewall administrators, system architects, system administrators, windows admin or those responsible for or interested in:
    • Identifying security weaknesses in computer systems or networks
    • Exposing weaknesses for system’s owners to fix breaches before being targets of compromise
    • Applying hacking and pen testing constructively to defend against various possible attacks
    • Analysing best practices in developing secure system and network configurations
    • Establishing a secure baseline in deploying machines in a protected state

Appreciating popular attack methods applied by hackers in order to fortify their systems


From practically any organization that handles important data would find this course beneficial, examples are:
  • Government agencies
  • Universities
  • Hospitality
  • Retail
  • Banking and Financial institutions
  • Brokerage and Trading firms
  • Insurance
  • Scientific institutions & research agencies
  • Telecommunication
  • Computer design firms
  • Consulting firms
  • Science and Engineering firms


Those involved with online related businesses & transactions
Card related businesses
NOTE: This is definitely not a beginner’s course; participants will be expected to possess the knowledge of attempting attacks against a variety of platforms and architectures under the supervision of an expert. Ideally, the student will be CEH, ECSA or hold equivalent industry experience.

Module 1Module 2Module 3Module 4Module 5Module 6Module 7Module 8Module 9

Firewalls

  • Firewalls
  • Firewall Types: Stateless Packet Filters
  • Improving Device Remote-Access Security
  • Locking Down the Console Port
  • Protecting Terminal Lines
  • Establishing Encrypted Communications
  • Configuring HTTPS
  • Configuring SSH



LAB: Securing the Perimeter

Advanced Filtering

  • Advanced Filtering Techniques
  • Ingress Filtering
  • Egress Filtering
  • Source Address Verification (SAV)
  • uRPF
  • Additional Filtering Considerations
  • Time-Based ACLs
  • Reflexive ACLs
  • Reflexive ACL vs. Static ACL
  • Context-Based Access Control (CBAC)
  • Essential Steps to Harden Routers



LAB: Advanced Filtering

Firewall Configuration

  • Firewall Types: Stateful Packet Filters
  • Application Proxies
  • Application Proxies vs. Stateful Packet filters
  • Web Application Firewalls
  • Web Application Firewall Types
  • Web Application Firewall Products
  • Firewall Architecture
  • Screened Subnet Firewall
  • The Classic Firewall Architecture
  • Belt and Braces Firewall
  • Separate Services Subnet
  • Fortress Mentality
  • De-parameterization
  • Perimeter Configuration



Lab: Selecting a Firewall Architecture

Hardening: Establishing a Secure Baseline

  • Windows NT/2000/2003 and XP
  • Windows 2000/2003/XP
  • Windows 2003
  • Windows Vista
  • Server 2003 Architecture
  • Broken Kernel
  • Modes of the OS
  • UNIX/Linux
  • Secure Server Guidelines
  • Hardening Systems
  • Security Compliance Manager
  • Device Security
  • Essential Steps to Harden Switches


LAB: Hardening

Windows Server 2008/2012 Security (Part I)

  • Server 2008 Components
  • Server 2012 Components
  • Enterprise Protection
  • AD RMS
  • AD RMS Components
  • EFS
  • EFS Enhancements in Server 2008/2012
  • EFS Best Practices


LAB: Server 2008 Lab

Windows Server 2008/2012 Security (Part II)

  • IPsec Rules
  • Firewall Scripting
  • netsh
  • Isolating a Server
  • Group Policy Object
  • Server Isolation Steps
  • Domain Isolation
  • Domain Isolation Issues
  • Best Practices
  • Trusted Platform Module
  • Wave Systems
  • TPM Architecture
  • Crypto API
  • Example
  • Embassy Server Software
  • Embassy Client Software
  • Self-Encrypting Drives



LAB: TPM

Intrusion Detection and Prevention Why Intrusion Detection?

  • Windows 2003, 2008, 2012 & 7 & 8
  • Fortress Mentality
  • Intrusion Detection 101
  • What is Intrusion Detection?
  • False positives!
  • Topology concerns
  • Recommended in most circles
  • Realistic
  • Intrusion Prevention
  • Types of IPS
  • Host-Based Intrusion Prevention Systems



LAB: Intrusion Detection

Protecting Web Applications

  • Windows 2003, 2008 & 2012
  • Top 10 www.owasp.org
  • Injection Flaws
  • Cross Site Scripting
  • Broken Authentication
  • Insecure Cryptographic Storage
  • Reverse Engineering Web Apps
  • Tools
  • Hackbar
  • Tamper Data
  • The Two Main Attacks for Web
  • XSS
  • SQL Injection
  • xp_ cmdshell
  • There is More
  • More Tools
  • SQL Inject Me
  • XSS ME
  • Choose The Right Database
  • Practice, Practice, Practice
  • Tutorials
  • Mutillidae
  • Web Application Firewalls
  • Components of Web Application Firewall



LAB: Protecting Web Apps

Memory Analysis

  • Data Types Revisited
  • Volatile
  • System date and time
  • Current network connections and Open ports
  • Processes that opened ports
  • Cached NetBIOS Names
  • Users Currently Logged On
  • Internal routing
  • Running Processes
  • Pslist
  • Trivia
  • Pslist –t
  • Tasklist
  • Tlist
  • Running Services
  • Open Files
  • Process Memory Dumps



LAB: Memory Analysis

Endpoint protection

  • Introduction to NAC
  • NAC Defined
  • NAC General Architecture
  • NAC General Architecture Illustrated
  • NAC Concepts
  • Inline NAC
  • Out-of-Band
  • Identifying NAC Requirements
  • Implementing User-Based Identity Access Control
  • Network Access Protection (NAP)
  • NAP Components
  • NAP Enforcement
  • NAP Best Practices
  • 802.1x
  • EAP Explained
LAB 1: Network Access Protection with DHCP

  • EMET
  • Micro-VM



LAB 2: Endpoint Protection[/su_list]

Securing Wireless

  • Wireless Tools
  • Wireless Vulnerabilities Summary
  • MAC Filtering
  • Hiding Access Points
  • Hijacking
  • Jamming
  • Identifying Targets
  • Wardriving
  • Sniffing on Wireless
  • Attacking Encrypted Networks
  • Wep Data
  • The other case
  • Reality
  • WPA Tools
  • WPA
  • LEAP
  • Asleap
  • Comparison



LAB: Securing Wireless

Training Methods

iLearn Self-Paced Online Security Training

iLearn is EC Council’s facilitated self-paced option. Facilitated in that all of the same modules taught in the live course are recorded and presented in a streaming video format. Self-paced in that a certification candidate can set their own learning pace by pausing the lectures and returning to their studies as their schedule permits!

The base iLearn package includes:

One Year Access to the official e-courseware, 6 months access to EC-Council’s official Online lab environment (iLabs) with all tools pre-loaded into platform, Certification Voucher & expert instructor-led training modules with streaming video presentations, practice simulators and learning supplements including official EC-Council Courseware for an all-inclusive training program that provides the benefits of classroom training at your own pace.

In an effort to keep our base package affordable in this tough economy, the iLearn pricing structure was designed to provide the most amount of training for the least amount of budget. However, we realize that everyone learns differently, so we have added popular upgrade options such as tablets, DVDS, Additional Labs, or physical courseware.


$999.00 Add to cart

Live, Online, Instructor-led

Live,Online courses delivered Live, Online by a Certified EC-Council Instructor! Courses run 8 am to 4 pm Mountain time, Monday thru Friday.

Training Includes:

  • Official Courseware
  • iLabs, Online Labs (6 Months Access)
  • Certification Exam Voucher
  • Test Prep Program

Request Information

Client-Site

EC-Council can bring a turn-key training solution to your location. Call for a quote. Training Includes:

Training Includes:

  • Official Courseware
  • iLabs, Online Labs (6 Months Access)
  • Certification Exam Voucher
  • Test Prep Program
  • Test Pass Guarantee

Request Information

Courseware Only

We recognize that some folks have the background and experience to forgo training, so official courseware is available for self-study.

*Cost includes shipping

Note: The exam runs $650 with $100 application fee.


Request Information