ISACA T&T Training Week Course Outline
- 1. COURSE OUTLINE Training Week 2012 May 7-11 2012 Hyatt Regency Port of Spain, Trinidad, W.I.
- 2. FACILITATOR’S BIO John Tannahill, CA, CISM, CGEIT, CRISC is a management consultant specializing in information security and audit services. His current focus is on information security management and control in large information systems environments and networks. His specific areas of technical expertise inclu de UNIX and Windows operating system security, include network security, and Oracle and Microsoft SQL Server security. John is a frequent speaker in Canada, Europe and the US on the subject of information security and audit. He is a member of the Toronto ISACA Cha pter and has spoken at many ISACA Chapter Conferences and Chapter Events including ISACA Training Weeks; North America CACS; EuroCACS; Asia- Pacific CACS; International and Network and Information Security Conferences. John is the 2008 Recipient of the ISACA John KuyerBest Speaker/Best Conference Best Contributor Award. Prior speaking engagements include: ngagements ISACA Chapter seminars (e.g. Toronto, Pittsburgh, Houston, Washington , Trinidad & Tobago) ISACA Training Weeks (2001 present) (2001- ISACA NACACS, EuroCACS, Asia -Pacific CACS Conferences ISACA Information Security Management Conferences ISACA International Conferences CSI Annual Computer Security Conference (2009) Presented many in-house 1 house 1-day – 5-day seminars 2 Page Training Week 2012. May 7-11 2012.Hyatt Regency Trinidad, W.I. Regency.
- 3. SESSION ABSTRACTS INTRODUCTION TO ETHICAL HACKING & FIREWALL SECURITY: 2 DAYS (HANDS-ON) This session will provide participants with a practical methodology and approach to performing ethical hacking assessments, and will include testing firewall security design and control. Detailed exercises and demonstrations of tools and techniques used will allow the participant to evaluate network vulnerabilities and identify key control recommendations that should be implemented to address the issues. SESSION HIGHLIGHTS Hands-on environment used for Sample assessment report outline demonstration & discussion purposes Listing of reference material for ethical Detailed discussion of output and results hacking assessment methodologies, obtained from each part of the assessment techniques and tools 1. NETWORK DISCOVERY AND FOOTPRINT Network Address Spaces (DNS, IP Address Information Gathering Tools (e.g. SNMP Blocks) information) Ping Sweep Techniques; Firewalking etc. Use of Search Engines such as Google and other Web-based resources 2. TCP/IP SERVICE IDENTIFICATION AND ENUMERATION Port Scanning Techniques (tcp; udp and Other Port Scanning, Fingerprinting and icmp scanning) Service Identification Tools such as amap (application fingerprinting) and netcat Use of Nmap(including NSE – Nmap Scripting Engine) Advanced scanning techniques and tools (including use of Hping and other packet crafting tools) 3. ETHICAL HACKING – IDENTIFY AND EXPLOITING VULNERABILITIES Vulnerability identification tools and Testing web applications techniques (including configuration and use of network testing tools such as OpenVAS) Testing vulnerabilities in Unix and Windows operating systems using tailored scripts and Use of NIST National Vulnerability Database OS-specific tools (NVD) and related resources Using the Metasploit Framework Testing firewalls including configuration and rules assessments Effective reporting and risk-ranking of assessment results Testing specific TCP/IP Services e.g. web 3 servers Page Training Week 2012.May 7-11 2012.Hyatt Regency. Trinidad, W.I.
- 4. UNDERSTANDING AND SECURING WINDOWS 2008: 2 DAYS (HANDS-ON) This session will focus on the audit and security issues related to the use of the Windows 2008 Server Operating System. SESSION HIGHLIGHTS Understand Windows 2008 architecture and Demonstration of Windows 2008 security security components and audit tools Use of Windows 2008 server operating Demonstration of Windows 2008 Server systems to demonstrate key security security features, including default security features settings, security hardening steps and use of the Group Policy 1. WINDOWS 2008 CONCEPTS Overview of Windows 2008 Build and Deployment Processes Server Versions Configuration Management Service Packs & Hotfixes Patch Management 2. UNDERSTANDING WINDOWS 2008 SECURITY COMPONENTS Active Directory Services (ADS) Security Configuration Group Policy Objects (GPO) 3. WINDOWS 2008 SECURITY AND CONTROL Security Baselines Privilege Management Active Directory Security Network Share Security Windows 2008 Domains Directory & File Permissions Trust Relationship Mechanisms Registry Security Group Policy Objects (GPO) Security Event Logs User Accounts Windows Services Authentication Controls Network Security User Rights Security Administration Groups 4. AUDITING THE WINDOWS 2008 ENVIRONMENT Audit Objectives Automated Tools/ Scripts for Audit Testing Auditing Domain Controllers Approach to Windows 2008 Security Audit Auditing Member Servers 5. SECURITY AND AUDIT TOOLS & TECHNIQUES Windows 2008 Resource Kit Demonstration of Windows 2008 Security & Audit Tools 4 Page Training Week 2012.May 7-11 2012.Hyatt Regency. Trinidad, W.I.
- 5. UNDERSTANDING AND SECURING WIRELESS & MOBILE TECHNOLOGIES: 1 DAY(SEMINAR) This seminar will focus on the audit and security issues related to the use of Wireless and Mobile Technologies. SESSION HIGHLIGHTS Detailed discussion of Wireless Network Demonstration and discussion of security Security Issues and audit tools and techniques Live wireless LAN environment used in class to demonstrate key concepts and security/audit areas /steps 1. UNDERSTANDING WIRELE SS & MOBILE TECHNOLOGIES Wireless LANs (WLAN) Bluetooth Technology and Security (IEEE 802.15) Wireless LAN standards and current implementations - IEEE 802.11g; Other Wireless Technologies (e.g. Wi- 802.11n technologies and security Max – 802.16) mechanisms Mobile Technologies – Blackberry; Wi-Fi Protected Access (WPA/WPA2) iPhone; iPAD; Android; USB and removable media 2. UNDERSTANDING WIRELE SS & MOBILE TECHNOLOGY THREATS AND RISKS WLAN Access Point Security Fake Access Points War Driving Traffic Capture and Analysis Unauthorized Network Access Bluetooth Threats Rogue Access Points Theft / Loss of Client Devices 3. SECURING & AUDITING WIRELESS & MOBILE TE CHNOLOGIES Authentication and Encryption Wireless Security Policy and Standards VPN, Firewall and IDS measures Mobile Technology Security Standards Wireless Security Assessment Wireless & Mobile Technology Risk Auditing a WLAN environment Assessment Wireless Client Security Secure Wireless Architecture, Design Bluetooth Security Configuration and Deployment Mobile Device Configuration Security Access Point Security 4. SECURITY AND AUDIT TOOLS & TECHNIQUES Demonstration of wireless security and audit tools and techniques, including Kismet, Aircrack; Bluetooth Assessment tools etc 5 Useful reference material Page Training Week 2012.May 7-11 2012.Hyatt Regency. Trinidad, W.I.