Kontakt oss nå og book din kurs.

EC-Council - EC-Council CAST Advanced Network Defense course

Varighet

Varighet:

Bare 3 dager

Metode

Metode:

klasserommet / på nett / Hybrid

Neste dato

Neste dato:

24/6/2024 (Mandag)

Overview

The EC-Council Centre of Advanced Security Training has arrived at Firebrand Training. This three-day Advanced Network Defense course is intensive, and will make you think like a hacker. You will learn how to defend against the latest attacks.

Warning: This is not a beginner’s course. You'll be expected to know how to attempt attacks against many platforms and architectures. The instructor will challenge you to attack a device or system, then you will learn how to defend against it. The course is right for you if you're a: firewall administrator, system architect, or system / Windows administrator.

You will learn:

  • How to identify security weaknesses in computer systems or networks, before it's too late
  • How to use hacking and pen testing to defend against various attacks
  • Best practices in developing secure system and network configurations
  • How to deploy machines in a protected state
  • Techniques critical to the protection of your entire enterprise against some of today’s most advanced threats
  • How to detect malware

Note: this course doesn't include an exam, but you'll become Advanced Network Defense certified.

9x Accredited Training Centre of the Year

Accredited Training Centre of the Year

Firebrand Training has again won the EC-Council Accredited Training Centre of the Year Award, from a Training Partner network that has more than 700 training centres across 107 countries. This extends a record-breaking run of successive awards to nine years.

Jay Bavisi, President of EC-Council said: “The annual EC-Council Awards highlights the commitment and achievements of our global partners and trainers that have contributed to the information security community.”

Det vil ta deg bare et øyeblikk å se hvor billige våre kurs er...

 Se priser

Her er 8 grunner til hvorfor du skal gjennomføre ditt CAST AND hos Firebrand Training:

  1. Du blir utdannet og sertifisert på bare 3 dager. Hos oss får du din utdanning og sertifisering på rekordtid, en sertifisering du også gjennomfører der og da som en integrert del av den intensive, akselererte utdanningen.
  2. Alt er inkludert. Et engangsbeløp dekker alt kursmaterial, eksamen, kost og losji og tilbyr den mest kostnadseffektive måten å gjennomføre ditt CAST AND kurs og sertifisering på. Og dette uten noen uannonserte ytterligere kostnader.
  3. Du klarer sertifiseringen første gangen eller kan gå kurset om igjen kostnadsfritt. Det er vår garanti. Vi er sikre på at du vil klare din CAST AND sertifisering første gangen. Men skulle du mot formodning ikke gjøre det kan du innen et år komme tilbake og kun betale for eventuelle overnattinger og din eksamen. Alt annet er gratis.
  4. Du lærer deg mer.Tradisjonelle utdanningsdager varer fra kl. 09.00 til 16.00 med lange lunsj- og kaffepauser. Hos Firebrand Training får du minst 12 timers effektiv og fokusert kvalitetsutdanning hver dag sammen med din instruktør, uten private eller arbeidsrelaterte, forstyrrende momenter.
  5. Du lærer deg CAST AND raskere. Vi kombinerer de tre innlæringsmetodene (Presentasjon |Øving| Diskusjon) slik at vi gjennomfører kurset på en måte som sikrer at du lærer deg raskere og lettere.
  6. Du er i sikre hender.Vi har utdannet og sertifisert 134.561 personer, vi er partner med alle de store navn i bransjen og vi har vunnet atskillige utmerkelser, bla. a. "Årets Learning Partner 2010, 2011, 2012, 2013 og 2015” fra Microsoft Danmark og med en vekst på 1430 % siden 2009 er vi årets Gazelle prisvinner på Sjælland, Danmark.
  7. Du lærer deg ikke bare teorien. Vi har videreutviklet CAST AND kursen og tilbyr flere praktiske øvelser og sikrer på den måten, at du kan bruke dine ferdigheter for å løse daglige praktiske problemstillinger.
  8. Du lærer av de beste. Våre instruktører på CAST AND er de beste i bransjen og tilbyr en helt unik blanding av kunnskap, praktisk erfaring og pasjon for å lære bort.

Benefits

Er du klar for kurset? Ta en GRATIS test for å måle og vurdere kunnskapsnivået ditt.

 Gratis Test

Curriculum

Module 1: Firewalls

  • Firewalls
  • Firewall Types: Stateless Packet Filters
  • Improving Device Remote-Access Security
  • Locking Down the Console Port
  • Protecting Terminal Lines
  • Establishing Encrypted Communications
  • Configuring HTTPS
  • Configuring SSH

LAB: Securing the Perimeter

Module 2: Advanced Filtering

  • Advanced Filtering Techniques
  • Ingress Filtering
  • Egress Filtering
  • Source Address Verification (SAV)
  • uRPF
  • Additional Filtering Considerations
  • Time-Based ACLs
  • Reflexive ACLs
  • Reflexive ACL vs. Static ACL
  • Context-Based Access Control (CBAC)
  • Essential Steps to Harden Routers

LAB: Advanced Filtering

Module 3: Firewall Configuration

  • Firewall Types: Stateful Packet Filters
  • Application Proxies
  • Application Proxies vs. Stateful Packet filters
  • Web Application Firewalls
  • Web Application Firewall Types
  • Web Application Firewall Products
  • Firewall Architecture
  • Screened Subnet Firewall
  • The Classic Firewall Architecture
  • Belt and Braces Firewall
  • Separate Services Subnet
  • Fortress Mentality
  • De-parameterization
  • Perimeter Configuration

LAB: Selecting a Firewall Architecture

Module 4: Hardening: Establishing a Secure Baseline

  • Windows NT/2000/2003 and XP
  • Windows 2000/2003/XP
  • Windows 2003
  • Windows Vista
  • Server 2003 Architecture
  • Broken Kernel
  • Modes of the OS
  • UNIX/Linux
  • Secure Server Guidelines
  • Hardening Systems
  • Security Compliance Manager
  • Device Security
  • Essential Steps to Harden Switches

LAB: Hardening

Windows Server 2008 Security (Part I)

  • Server 2008 Components
  • Enterprise Protection
  • AD RMS
  • AD RMS Components
  • EFS
  • EFS Enhancements in Server 2008
  • EFS Best Practices

LAB: Server 2008 Lab

Windows Server 2008 Security (Part II)

  • IPsec Rules
  • Firewall Scripting
  • netsh
  • Isolating a Server
  • Group Policy Object
  • Server Isolation Steps
  • Domain Isolation
  • Domain Isolation Issues
  • Best Practices
  • Trusted Platform Module
  • Wave Systems
  • TPM Architecture
  • Crypto API
  • Example
  • Embassy Server Software
  • Embassy Client Software
  • Self-Encrypting Drives

LAB: TPM

Module 5: Intrusion Detection and Prevention

  • Why Intrusion Detection?
  • Fortress Mentality
  • Intrusion Detection 101
  • What is Intrusion Detection?
  • False positives!
  • Topology concerns
  • Recommended in most circles
  • Realistic
  • Intrusion Prevention
  • Types of IPS
  • Host-Based Intrusion Prevention Systems
  • Host-Based Intrusion Prevention Systems

LAB: Intrusion Detection

Module 6: Protecting Web Applications

  • Top 10 www.owasp.org
  • Injection Flaws
  • Cross Site Scripting
  • Broken Authentication
  • Insecure Cryptographic Storage
  • Reverse Engineering Web Apps
  • Tools
  • Hackbar
  • Tamper Data
  • The Two Main Attacks for Web
  • XSS
  • SQL Injection
  • xp_cmdshell
  • There is More
  • More Tools
  • SQL Inject Me
  • XSS ME
  • Choose The Right Database
  • Practice, Practice, Practice
  • Tutorials
  • Mutillidae
  • Web Application Firewalls
  • Components of Web Application Firewall

LAB: Protecting Web Apps

Module 7: Memory Analysis

  • Data Types Revisited
  • Volatile
  • System date and time
  • Current network connections and Open ports
  • Processes that opened ports
  • Cached NetBIOS Names
  • Users Currently Logged On
  • Internal routing
  • Running Processes
  • Pslist
  • Trivia
  • Pslist –t
  • Tasklist
  • Tlist
  • Running Services
  • Open Files
  • Process Memory Dumps

LAB: Memory Analysis

Module 8: Endpoint protection

  • Introduction to NAC
  • NAC Defined
  • NAC General Architecture
  • NAC General Architecture Illustrated
  • NAC Concepts
  • Inline NAC
  • Out-of-Band
  • Identifying NAC Requirements
  • Implementing User-Based Identity Access Control
  • Network Access Protection (NAP)
  • NAP Components
  • NAP Enforcement
  • NAP Best Practices
  • 802.1x
  • EAP Explained
  • LAB 1: Network Access Protection with DHCP
  • LAB 2: Network Access Protection with IPsec
  • LAB 3: Endpoint Protection

Module 9: Securing Wireless

  • Wireless Tools
  • Wireless Vulnerabilities Summary
  • MAC Filtering
  • Hiding Access Points
  • Hijacking
  • Jamming
  • Identifying Targets
  • Wardriving
  • Sniffing on Wireless
  • Attacking Encrypted Networks
  • Wep Data
  • The other case
  • Reality
  • WPA Tools
  • WPA
  • LEAP
  • Asleap
  • Comparison

LAB: Securing Wireless

What's Included

Official EC-Council Courseware

  • CAST 614 - Advanced Network Defense

Prerequisites

Warning: This is not a beginner’s course. You'll be expected to know how to attempt attacks against many platforms and architectures. The instructor will challenge you to attack a device or system, then you will learn how to defend against it. The course is right for you if you're a: firewall administrator, system architect, or system / Windows administrator.

You must be familiar with IT security best practices, and have a good understanding of programming logic and common web technologies, as well as binary applications:

  • Basic Windows administration for servers and workstations
  • Basic Linux/NIX system administration skill
  • Basic command line proficiency on both Windows and NIX systems

Ideally, the you'll be EC-Council CEH or ECSA certified - or have the equivalent experience.

Anmeldelser

Vi har lært opp 134.561 personer på 12 år. Vi ba dem om å anmelde vår akselererte opplæring. Akkurat nå har 96,41% angitt at Firebrand overgikk forventningene:

"Great 4 days of in-person training. The trainer was knowledgeable and brought a wealth of real world examples to what would have been otherwise a very theoretical training course."
Ian Smith, DWP. (8/1/2024 (Mandag) til 11/1/2024 (Torsdag))

"I attended the CND course which was online-led. This course was delivered very well allowing me to develop my knowledge in the related topics. Despite being online, I felt involved and felt as if I could ask any questions at any time."
Molly Macuras, Electricity North West Limited. (8/1/2024 (Mandag) til 11/1/2024 (Torsdag))

"The course was very informative and helped introduce us to the material. Instructor was very attentive and showed us many practical examples also."
SON, Lloyds. (3/10/2023 (Tirsdag) til 6/10/2023 (Fredag))

"Good training experience. The trainer was engaging and knowledgable and tried to explain the subject matter in an easy to understand way, rather than just reading slides."
SM. (3/10/2023 (Tirsdag) til 6/10/2023 (Fredag))

"Excellent course, our trainer was more than happy to go above and beyond."
Richard Williams, Head of Assurance. (25/9/2023 (Mandag) til 29/9/2023 (Fredag))

Kursdatoer

Start

Slutt

Kapasitet

Plass

Registrer deg

19/2/2024 (Mandag)

21/2/2024 (Onsdag)

Ferdig - Gi tilbakemelding

-

 

24/6/2024 (Mandag)

26/6/2024 (Onsdag)

Venteliste

Landsdekkende

 

5/8/2024 (Mandag)

7/8/2024 (Onsdag)

Begrenset kapasitet

Landsdekkende

 

16/9/2024 (Mandag)

18/9/2024 (Onsdag)

Ledige plasser

Landsdekkende

 

28/10/2024 (Mandag)

30/10/2024 (Onsdag)

Ledige plasser

Landsdekkende

 

9/12/2024 (Mandag)

11/12/2024 (Onsdag)

Ledige plasser

Landsdekkende

 

Siste anmeldelser fra studenten vår

Trustpilot