Information Security Fundamentals — A 5 day course

Synopsis

This 5-day instructor-led course serves as an in depth introduction to the field of Information Security - it is not aligned to a specific examination or vendor accreditation and therefore the content can be updated on a regular basis.

The course allows delegate extensive hands-on experience with a variety of security software and techniques. The content is vendor-agnostic and focuses on general information security.

Objectives

Delegates will learn how to

Understand the IT security threats faced by a modern network
Understand the techniques used to mitigate these threats
Respond to IT security incidents
Understand IT security policies
Understand cryptography and its uses
Understand authentication mechanisms
Understand the importance of physical security
Understand the compliance and legal requirements of an organisation

Introduction to Information Security

Information Security fundamentals
Information Security models
IS standards
Attack overviews

Risk Management

Risk management process
Risk analysis
Risk control

Operating System Security

Popular operating systems
OS hardening
Vulnerabilities and the patch cycle
OS scanning

Access Control

Types of access control
Physical access
Controlling resource access
Microsoft Windows NTFS
Linux ext3/4
Cloud security

Encryption

Introduction to cryptography
Hashing
Encrypting stored data
Digital signatures
Public Key Infrastructure (PKI)
Encrypting network data
Transport Layer Security
Virtual private networks

Authentication

Authentication mechanisms
Good password strategies
Microsoft Windows Kerberos
Attacking Windows authentication
Linux authentication mechanisms
Certificate-based authentication
Biometric authentication

Legal Compliance & Security Policies

UK legal regulations
The role of security policies
Writing security policies
Ensuring business continuity

Application Security

General guidelines for application security
Securing web applications
Securing mail applications
Securing databases

Malware

Types of malware
Malware detection
Malware removal
Trojans
Rootkits
Botnets
Spam delivery

Perimeter Security

Network designs
Mobile workers
Firewalls
Proxy servers

Attacking TCP/IP

Weaknesses in TCP/IP
Securing network devices
IPSec
Network Intrusion Detection
SNORT

Wireless Network Security

Introduction to wireless networking
Problems with WEP
WPA2
Mobile IP

Publicly scheduled dates, locations, and prices

Select a date to enquire about availability of places. For dates after 25 June 2019, please call 0333 210 0140 or use our contact form to enquire about places and availability.

Leeds — £1950 (+VAT)

18–22 Feb 2019

London — £1950 (+VAT)

Suitable For

This course is designed for IT professionals and technical managers who want to understand key IT security issues and how best to address them. The course will also be of benefit to IT systems analysts, designers and software developers.

Prerequisites

Previous knowledge and use of the Internet is essential, particularly awareness of TCP/IP and standard Internet services such as the World Wide Web, e-mail and DNS. This knowledge can be gained by attending our Introduction to Networking course. The course requires an understanding of Microsoft Windows operating systems; and familiarity with Linux would be an advantage.