Only 5 days
Classroom
16/12/2024 (Monday)
Overview
On this accelerated Firebrand course, you'll prove you’re qualified for hands-on IT system security tasks and get GIAC GSEC certified in just five days. Fill the gaps in your IT security knowledge and build a solid foundation of security skills, principles and techniques – this certification is ideal for entry-level security professionals, operations personnel and managers alike.
You’ll learn how to design and build network architecture, run Windows/Linux command line tools, install VMware to create virtual machines and design an effective security policy for your organisation.
Build a solid base of effective IT security knowledge with GSEC
Apply your new knowledge within your organisation immediately. On Firebrand's accelerated GSEC course, you’ll study:
- Networking concepts
- Defense in-depth
- Internet security technologies
- Secure communications
- Windows security
- Unix/Linux security
Firebrand's course will prepare you for the GIAC Security Essentials (GSEC) exam certification and provides knowledge equivalent to the SANS SEC401: Security Essentials
Benefits
Please Note
- Examination vouchers not included for GIAC, CREST and CISSP CBK Review
- On site testing not included for GIAC, CREST or ITIL Managers and Revision Certification Courses
Curriculum
802.11 Attacks & countermeasures
Different 802.11 protocols, common wireless attacks and how to prevent them.
Access Control Theory
The fundamental theory of access control.
Alternate Network Mapping Techniques
Network mapping techniques an attacker might use to examine wireless networks, and public switched telephony networks. You will also learn how to identify the basic penetration techniques at a high level.
Authentication and Password Management
The role of authentication controls, how they are managed, and the methods used to control access to systems.
Common Types of Attacks
Identify the most common attack methods, as well as the basic strategies used to mitigate those threats.
Contingency Planning
Critical aspect of contingency planning with a Business Continuity Plan (BCP) and Disaster Recover Plan (DRP).
Critical Security Controls
The background, history and purpose of the Critical Security Controls.
Crypto Concepts
Demonstrate a high-level understanding of the mathematical concepts which contribute to modern cryptography.
Crypto Fundamentals
Core concepts of cryptography and the three main algorithms.
Defense-in-Depth
The terminology and concepts of Risk and Defense-in-Depth, including threats and vulnerabilities.
DNS
High-level understanding of the Domain Name System architecture.
Firewalls
Fundamental understanding of firewalling technologies and techniques.
Honeypots
Basic honeypot techniques and common tools used to set up honeypots.
ICMP
The structure and purpose of ICMP, as well as the fields in a ICMP datagram header.
Incident Handling Fundamentals
The concepts of incident handling and the six-step incident handling process.
Information Warfare
Information warfare methods and defense.
Intrusion Detection Overview
Overall concepts of Intrusion Detection.
IP Packets
Build an understanding of how the IP protocol works.
IPS Overview
Demonstrate a high-level understanding of how IPS systems operate.
IPv6
Develop a high-level understanding of the IPv6 protocol.
Legal Aspects of Incident Handling
The basic legal issues in incident and evidence handling.
Linux/Unix Configuration Fundamentals
Linux/Unix fundamental configuration settings, including file permissions, user accounts, groups, and passwords, and commands used to display information and run backups.
Linux/Unix Logging and Log Management
Various logging capabilities and log file locations common to Linux operating systems.
Linux/Unix OS Security Tools and Utilities
How to use key security utilities and tools that are available for Linux/Unix systems, including file integrity, host firewalls, and applications such as SELinux.
Linux/Unix Overview
Different variants of Linux/Unix, the Linux file system, and important commands.
Linux/Unix Patch Management
Process of patch management, best practices, and common patch management tools and techniques for Linux/Unix systems.
Linux/Unix Process and Service Management
How to manage Linux/Unix processes, run levels, and services, and best practices for common processes and services.
Mitnick-Shimomura
Details of the famous Mitnick-Shimomura attack, as well as what we can learn from this attack to appropriately protect our networks today against these vulnerabilities. You will also demonstrate an understanding of the strategies that would have prevented the Mitnick attack.
Network Addressing
Essentials of IP addressing, subnets, CIDR and netmasks.
Network Fundamentals
Basic network hardware, topologies and, architectures.
Network Mapping and Scanning
The common tools attackers use to scan systems and the techniques used to create a network map.
Network Protocol
Properties and functions of network protocols and network protocol stacks.
Policy Framework
Purpose and components of policy.
Protecting Data at Rest
Functionality of PGP cryptosystems and how they operate.
Public Key Infrastructure PKI
How PKI works and the key components for managing keys.
Reading Packets
How to decode a packet from hexadecimal output.
Risk Management
Terminology and basic approaches to Risk Management.
Securing Windows Server Services
Basic measures in securing Windows IIS, SQL, and Terminal Servers.
Steganography Overview
The different methods of steganography, as well as some of the common tools used to hide data with steganography.
TCP
The structure and purpose of TCP, as well as the fields in a TCP datagram header.
UDP
The structure and purpose of UDP, as well as the fields in a UDP datagram header.
Virtual Private Networks VPNs
Build a high-level understanding of VPNs and identify IPSec and non-IPSec protocols used for VPN communications.
Viruses and Malicious Code
You will demonstrate an understanding of what malicious code is, how it propagates and why it is such an expensive problem. Additionally, you will demonstrate an understanding of the attack vectors leveraged by recent malicious code attacks.
Vulnerability Management Overview
Demonstrate the ability to perform reconnaissance and resource protection to manage vulnerabilities, and address threats and vectors.
Vulnerability Scanning
How data generated from a port scanner like nmap, and vulnerability assessment tools like nessus can be used to examine systems, ports and applications in more depth to secure an environment.
Web Application Security
Build an understanding of web application security and common vulnerabilities including CGI, cookies, SSL and active content.
Windows Auditing
The techniques and technologies used to audit Windows hosts.
Windows Automation and Configuration
The techniques and technologies used to automate configuration.
Windows Network Security Overview
Basic measures in securing a Windows host, including managing services and VPNs.
Windows Permissions & User Rights
How permissions are applied in the Windows NT File System, Shared Folder, Encrypting File System, Printer, Registry Key, Active Directory, and how User Rights are applied.
Windows Security Templates & Group Policy
The features and functionality of Group Policy and best practices for locking down systems.
Windows Service Packs, Hotfixes and Backups
How to manage Windows Service Packs and Hotfixes, as well as backups and restoration for a network of Windows hosts.
Windows Workgroups, Active Directory and Group Policy Overview
Basic security infrastructure of local accounts, workgroups, Active Directory and Group Policy.
Wireless Overview
Build a fundamental understanding of wireless technologies including Bluetooth and Zigbee.
Exam Track
This course will prepare you for the following exam. The exam fee is not included in the course price. If you wish to take the exam, we’ll provide instructions on how to register with GIAC.
GIAC Security Essentials (GSEC)
- 180 questions
- 5 hour time limit
- 73% minimum passing score
You will be required to renew your GSEC certification every four years through Continuing Professional Experience (CPE) credits.
What's Included
Included:
- Official Firebrand courseware
Prerequisites
You do not need to possess any prerequisites for this certification.