Security +

12/15

Code Date Venue Fees Registration
12/15 06 - 10 May Cairo Register Now
12/15 21 - 25 Oct Cairo 1600 USD Register Now

Module 1: Computer Systems Security

  • The Basics of Information Security
  • Computer Systems Security Threats
  • Malicious Software
  • Viruses
  • Worms
  • Trojan Horses
  • Spyware
  • Rootkits
  • Spam
  • Summary of Malware Threats
  • Ways to Deliver Malicious Software
  • Active Interception
  • Privilege Escalation
  • Backdoors
  • Logic Bombs
  • Botnets and Zombies
  • Implementing Security Applications
  • Personal Software Firewalls
  • Host-Based Intrusion Detection Systems
  • Pop-Up Blockers
  • Data Loss Prevention Systems
  • Securing Computer Hardware and Peripherals
  • Securing the BIOS
  • Securing Storage Devices
  • Removable Storage
  • Network Attached Storage
  • Whole Disk Encryption
  • Hardware Security Modules

Module 2: OS Hardening and Virtualization

  • Hardening Operating Systems
  • Removing Unnecessary Applications and Services
  • Service Packs
  • Windows Update, Patches, and Hotfixes
  • Patches and Hotfixes
  • Patch Management
  • Group Policies, Security Templates, and Configuration Baselines
  • Hardening File Systems and Hard Drives
  • Virtualization Technology
  • Types of Virtualization and Their Purposes
  • Working with Virtual Machines
  • Microsoft Virtual PC
  • Securing Virtual Machines

Module 3: Application Security

  • Securing the Browser
  • General Browser Security Procedures
  • Implement Policies
  • Use a Proxy and Content Filter
  • Secure Against Malicious Code
  • Securing Internet Explorer
  • Securing Other Applications
  • Secure Programming
  • Systems Development Life Cycle
  • Programming Vulnerabilities and Attacks
  • More Code Injection Examples

Module 4: Network Design Elements and Network Threats

  • Network Design
  • Network Devices
  • Hub   Switch   Router
  • Network Address Translation, and Private Versus Public IP
  • Network Zones and Interconnections
  • LAN Versus WAN
  • Internet
  • Demilitarized Zone (DMZ)
  • Intranets and Extranets
  • Cloud Computing
  • Network Access Control (NAC)
  • Subnetting
  • Virtual Local Area Network (VLAN)
  • Telephony Devices
  • Modems /   PBX Equipment
  • VOIP
  • Ports and Protocols
  • Ports Ranges, Inbound Versus Outbound, and Common Ports
  • Malicious Network Attacks
  • DoS   DDoS     Spoofing
  • Transitive Access and Client-Side Attacks
  • DNS Poisoning and Other DNS Attacks
  • ARP Poisoning

 

Module 5: Network Perimeter Security

  • Firewalls and Network Security
  • Firewalls
  • Proxy Servers
  • Data Loss Prevention (DLP)
  • NIDS Versus NIPS
  • NIDS / NIPS

Module 6: Securing Network Media and Devices

  • Securing Wired Networks and Devices
  • Network Device Vulnerabilities
  • Weak Passwords
  • Privilege Escalation
  • Network Attacks
  • Other Network Device Considerations
  • Cable Media Vulnerabilities
  • Interference
  • Crosstalk
  • Data Emanation
  • Tapping into Data and Conversations
  • Securing Wireless Networks
  • Wireless Access Point Vulnerabilities
  • Secure the Administration Interface
  • SSID Broadcast
  • Rogue Access Points
  • Weak Encryption
  • Other Wireless Access Point Security Strategies
  • Wireless Transmission Vulnerabilities
  • Bluetooth Vulnerabilities
  • Bluejacking / Bluesnarfing

Module 7: Physical Security and Authentication Models

  • General Building and Server Room Security
  • Door Access / Biometric Readers
  • Authentication Models and Components
  • Authentication Models
  • Localized Authentication Technologies
  • 1X and EAP 273
  • LDAP
  • Kerberos and Mutual Authentication
  • Terminal Services
  • Remote Authentication Technologies
  • Remote Access Service
  • Virtual Private Networks
  • RADIUS Versus TACACS

Module 8: Access Control Methods and Models

  • Access Control Models Defined
  • Discretionary Access Control
  • Mandatory Access Control
  • Access Control Wise Practices
  • Rights, Permissions, and Policies
  • Users, Groups, and Permissions
  • Permission Inheritance and Propagation
  • Moving and Copying Folders and Files
  • Usernames and Passwords
  • Policies
  • User Account Control (UAC)

Module 9: Vulnerability and Risk Assessment

  • Conducting Risk Assessments
  • Qualitative Risk Assessment
  • Quantitative Risk Assessment
  • Security Analysis Methodologies
  • Security Controls
  • Vulnerability Management
  • Penetration Testing
  • Assessing Vulnerability with Security Tools 352
  • Vulnerability Scanning 355
  • Network Sniffing 358

Module 10: Monitoring and Auditing

  • Monitoring Methodologies
  • Signature-Based Monitoring
  • Anomaly-Based Monitoring
  • Behavior-Based Monitoring
  • Using Tools to Monitor Systems and Networks
  • Performance Baselining
  • Protocol Analyzers
  • Wireshark
  • Network Monitor
  • SNMP
  • Conducting Audits
  • Auditing Files
  • Logging
  • Log File Maintenance and Security
  • Auditing System Security Settings

Module 11: Encryption and Hashing Concepts

  • Cryptography Concepts
  • Symmetric Versus Asymmetric Key Algorithms
  • Symmetric Key Algorithms
  • Asymmetric Key Algorithms
  • Public Key Cryptography
  • Key Management 422
  • Steganography
  • Encryption Algorithms
  • DES and 3DES
  • RC / RSA
  • Hashing Basics
  • Cryptographic Hash Functions
  • MD5 / SHA

Module 12: PKI and Encryption Protocols

  • Public Key Infrastructure
  • Certificates
  • Single-Sided and Dual-Sided Certificates
  • Web of Trust
  • Security Protocols
  • S/MIME / SSL/TLS / SSH
  • PPTP, L2TP, and IPsec
  • PPTP / L2TP / IPsec

Module 13: Redundancy and Disaster Recovery

  • Redundancy Planning
  • Redundant Power
  • Redundant Power Supplies
  • Uninterruptible Power Supplies
  • Backup Generators
  • Redundant Data
  • Redundant Networking
  • Redundant Servers
  • Redundant Sites
  • Disaster Recovery Planning and Procedures
  • Data Backup

Module 14: Policies, Procedures, and People

  • Environmental Controls
  • Fire Suppression and Extinguishers
  • Sprinkler Systems
  • Special Hazard Protection Systems
  • Shielding / Social Engineering
  • Pretexting
  • Diversion Theft
  • Phishing / Hoaxes / Shoulder Surfing
  • Eavesdropping
  • Dumpster Diving
  • Baiting
  • Piggybacking / Tailgating
  • Summary of Social Engineering Types
  • User Education and Awareness
  • Legislative and Organizational Policies
  • Data Sensitivity and Classification of Information
  • Personnel Security Policies
  • Privacy Policies
  • Acceptable Use
  • Change Management

Registration
Course Details
Personal Details

Search in Courses

Download Training Plan 2018

Register Upcoming Courses

Featured Training Courses