Network Security Fundamentals
Course
Length: 5 Days
Course Description
Overview: Network Security Fundamentals is designed to provide both Windows
NT and Unix network administrators an awareness of
security related issues and the essential skills they need to implement
security in such networks. This course is the first course offered in Level 1
of the Security Certified Program. For more information on the Security
Certified Program, please see below.
Prerequisites: To ensure your continued
success, we recommend you first take the 
Software Training course,
CompTIA Network+ or have
extensive equivalent knowledge, and have a basic understanding
of your computer's operating system, and the Internet. For example, you should
know how to launch an application, create and save files, and copy files from
CDs and other media. The Software Training classes, Windows 98: Introduction, and
Internet Explorer 5.x are designed to teach these skills, though they
are not required.
Delivery Method: Instructor-led, group-paced, classroom-delivery learning model
with structured hands-on activities.
Course Content
Lesson 1: Foundations of
Network Security
Topic 1A: The Principles of Network
Security
Task 1A-1: Defining the
Basis of Network Security
Topic 1B: Network Security
Terminologies
Task 1B-1: Terminology
Examples
Topic 1C: Network Security and Data
Availability
Task 1C-1: The Impact of
Network Security on Data Availability
Topic 1D: Components of Network
Security
Task 1D-1: Describing a
Secure Network Environment
Topic 1E: Network Security Policies
Task 1E-1: Defining Security
Policies
Lesson 2: Advanced TCP/IP
Topic 2A: The Concepts of TCP/IP
Task 2A-1: Using TCP
commands
Task 2A-2: Using Basic TCP
Troubleshooting Tools
Task 2A-3: Viewing the List
of Well Known Port Numbers
Topic 2B: Subnet Masks
Task 2B-1: Configuring Subnetting
Topic 2C: Variable Length Subnet
Masks (VLSM)
Task 2C-1: Calculating Host
IDs
Task 2C-2: Configuring Subnetting Using VLSM
Topic 2D: Unicast,
Broadcast, and Multicast Concepts
Task 2D-1: Describing the
Uses of Multicasting
Topic 2E: The Three-Way Handshake
Task 2E-1: The Three-Way
Handshake
Topic 2F: The Process of DHCP and
APIPA
Task 2F-1: Describing the
DHCP Process
Topic 2G: Internet Protocol version 6
(IPv6)
Task 2G-1: Describing the
Need for IPv6
Lesson 3: IP Packet
Structure and Analysis
Topic 3A: Capture and Identify IP Datagrams
Task 3A-1: Capturing IP Datagrams
Topic 3B: Capture and Identify ICMP
Messages
Task 3B-1: Capturing ICMP
Messages
Topic 3C: Capture and Identify TCP Headers
Task 3C-1: Capturing TCP
Headers
Topic 3D: Capture and Identify UDP
Headers
Task 3D-1: Viewing Captured
UDP Headers
Topic 3E: Packet Fragmentation
Task 3E-1: Viewing Captured
Fragments
Topic 3F: The Three-Way Handshake
Task 3F-1: Viewing A Complete Session
Lesson 4: Routing and
Access Control Lists
Topic 4A: Describe the Arp Process
Task 4A-1: Describing Local
ARP Requests
Topic 4B: View the CISCO Routing
Modes
Task 4B-1: Viewing CISCO
Router Modes
Task 4B-2: Creating a
Warning Banner
Task 4B-3: Disabling CDP for
the Ethernet Interface
Task 4B-4: Matching Routing
Knowledge
Topic 4C: Describe the Routing
Process
Task 4C-1: Describing Static
versus Dynamic Routing
Topic 4D: Routing Tables
Task 4D-1: Creating the Network
from Routing Tables
Task 4D-2: Defining Routing
Terminology
Topic 4E: Access Control Lists
Task 4E-1: Creating Wildcard
Masks
Topic 4F: Implement Access Control
Lists
Task 4F-1: Viewing CISCO Access Control Lists
Task 4F-2: Creating Access
Control Lists
Lesson 5: Securing
Windows Computers
Topic 5A: Windows NT 4.0 Fundamental
Security
Task 5A-1: Creating a Logon
Warning Message
Task 5A-2: Disabling the
Last Username option
Task 5A-3: Creating a User
Account
Task 5A-4: Defining Account
Policies
Topic 5B: Windows NT 4.0 Resource
Security
Task 5B-1: Assigning Permissions
Task 5B-2: Enabling Auditing
Task 5B-3: Auditing the
Registry
Topic 5C: Windows 2000 Infrastructure
Task 5C-1: Obtaining a List
of users without authentication
Task 5C-2: Configuring a
Custom MMC
Task 5C-3: Creating a GPO
Task 5C-4: Editing a GPO.
Topic 5D: Windows 2000 Authentication
Task 5D-1: Describing the
Process of NTLM Authentication
Topic 5E: Windows 2000 User and Group
Security
Task 5E-1: Creating Domain
User Accounts
Task 5E-2: Restricting Logon
Hours
Task 5E-3: Creating an
Expiration Date for a User Account
Task 5E-4: Analyzing Default
Password Settings of Security Templates
Task 5E-5: Creating a Custom
Security Template
Task 5E-6: The Security
Configuration and Analysis Snap-In
Task 5E-7: Implementing a Template
Topic 5F: Windows 2000 Resource
Security
Task 5F-1: Assigning
Permissions
Task 5F-2: Compromising NTFS
Security
Task 5F-3: Setting Registry
Permissions
Task 5F-4: Saving Registry
Information
Topic 5G: Windows 2000 Encrypting
File System
Task 5G-1: Command Line File
Encryption
Topic 5H: Windows 2000 Network
Security
Task 5H-1: Describing IPSec Implementation Benefits
Lesson 6: Securing Linux
Computers
Topic 6A: Key Linux Concepts
Task 6A-1: Viewing the /etc/passwd File
Topic 6B: Linux Administration and
Security
Task 6B-1: Creating a New
User and Setting their Password
Task 6B-2: Defining Linux
Security Terminologies
Task 6B-3: Using Basic Linux
Commands
Topic 6C: Key Linux Network Files
Task 6C-1: Examining Linux
Security Components
Topic 6D: Key Linux Network Processes
Task 6D-1: Inetd
Topic 6E: Key Linux Network Commands
Task 6E-1: Identifying Linux
Commands
Topic 6F: Hardening Linux
Task 6F-1: Rlogin
Topic 6G: Portmap
and Linux
Task 6G-1: RPC
Topic 6H: Network File System (NFS)
and Linux
Task 6H-1: NFS
Topic 6I: Network Information Service
(NIS) and Linux
Task 6I-1: NIS Usage
Lesson 7: Security on the
Internet and the World Wide Web
Topic 7A: Components of the Internet
Task 7A-1: Diagramming the
Internet
Topic 7B: The Weak Points of the
Internet
Task 7B-1: Defining the Risk
Points of the Internet
Topic 7C: The Techniques of Web
Hacking
Task 7C-1: Web Hacking
Techniques
Task 7C-2: Attacking an IIS
Web Server
Task 7C-3: Disabling Parent
Paths
Topic 7D: Methods of Attacking Users
Task 7D-1: Identifying
Internet Security Concerns
Lesson 8: Attack
Techniques
Topic 8A: Network Reconnaissance
Topic 8B: Mapping the Network
Task 8B-1: Using Windows
Tracing Tools
Task 8B-2: Using NeoTrace
Topic 8C: Sweeping the Network
Task 8C-1: Using SuperScan
Topic 8D: Scanning the Network
Task 8D-1: Using Nmap
Task 8D-2: Using SuperScan
Task 8D-3: Using Nmap to Identify an Operating System
Task 8D-4: Using Nmap Front End
Task 8D-5: Installing Nessus for First Time Use
Task 8D-6: Using Nessus for Vulnerability Scanning
Topic 8E: Viruses, Worms, and Trojan
Horses
Task 8E-1: Using NetBus 1.7
Task 8E-2: Using NetBus Pro
Topic 8F: Gaining Control over the
System
Task 8F-1: Using Netcat
Topic 8G: Record Keystrokes
Task 8G-1: Using Software
Keystroke Logging
Task 8G-2: Using A Keystroke Logging Keyboard
Topic 8H: Crack Encrypted Passwords
Task 8H-1: Using L0pht
Task 8H-2: Using L0pht LC3
Task 8H-3: Using John the
Ripper
Topic 8I: Reveal Hidden Passwords
Task 8I-1: Revealing Hidden
Passwords
Topic 8J: Social Engineering
Task 8J-1: Discussing Social
Engineering Examples
Topic 8K: Case Study: Social
Engineering
Task 8K-1: Social Engineering
Case Study Example
Topic 8L: Gain Unauthorized Access
Task 8L-1: Privilege
Escalation
Task 8L-2: Using GetAdmin
Task 8L-3: Renaming the SAM
Task 8L-4: Single User LILO
Topic 8M: Hide Evidence of an Attack
Task 8M-1: Hiding the
Evidence
Task 8M-2: Hiding the Files
Topic 8N: Perform a Denial of Service
Task 8N-1: Flooding with Udpflood
Appendix A: Equipment and
Software List, Class Setup, and Layout
File and Software Requirements