Tactical Perimeter Defense
Course Specifications
Course number: 085800, rev 2.0
Course length:
Software: N/A N/A
Course Description
This course is the official courseware for the Security Certified Program
SC0-451 certification exam. The Tactical Perimeter Defense course is designed
to provide network administrators and certification candidates with hands-on
tasks on the most fundamental perimeter security technologies. The network
perimeter is often the first line of defense in an organization’s network,
and this course covers the issues every administrator must be familiar with.
Prerequisites: To ensure your success, we recommend that you have CompTIA’s Security+
certification, or have equivalent experience. This course assumes that the
reader has fundamental working knowledge of networking concepts, and foundational
security knowledge.
Delivery Method: Instructor-led, group-paced, classroom-delivery learning model
with structured hands-on activities.
Hardware/Software Requirements
You will need:
- Student machines, one per student, recommended minimum specifications:
- Pentium 4, 2.0 GHz processor.
- 512 MB of RAM.
- 50 GB hard drive.
- DVD-ROM drive.
- NIC, capable of promiscuous mode support.
- Integrated video card, capable of 32-bit video.
- Instructor machine, same configuration as student machines.
- Three Cisco routers, 2500 Series preferred (used from a reseller
is fine), running IOS 12.2 or greater, with IPSec/SSH support.
- One Cisco console cable.
- Two serial cables.
- DCE to DTE, for connecting routers.
- Three switches/hubs, 10/100 Mbps.
- The firewall lesson will require Microsoft ISA Server 2006. This
must be downloaded as a 180-day trial from Microsoft, or full ISA Server software
must be provided for students.
- During the VPN lesson, machines designated as VPN servers will
require two NICs. The NICs can be either integrated or non-integrated.
- During the VPN lesson, the instructor machine will need to be
running the FTP Service. You may enable the service during your initial setup,
or during the VPN lesson, as you prefer.
- For class preparation, you will need the following tools. Note,
where the tools are available as per open source licensing, they have been
included on the course CD-ROM, all other tools should be downloaded and put
in the correct folder. All these tools should be copied to the C:\\Tools or
/Tools directories on your Windows and Linux systems accordingly.
| Lesson 2 |
WinPcap_4_0.exe |
SCNS Book CD |
|
wireshark-setup-0.99.5.exe |
SCNS Book CD |
|
tftp.cap |
SCNS Book CD |
|
fragment.cap |
SCNS Book CD |
|
ping.text |
SCNS Book CD |
|
ping.cap |
SCNS Book CD |
|
ftp.txt |
SCNS Book CD |
|
ftp.cap |
SCNS Book CD |
| Lesson 3 |
puTTY.exe |
SCNS Book CD |
|
ping_arp.mac.cap |
SCNS Book CD |
|
rip.update.cap |
SCNS Book CD |
|
ripv2withAuthentication.cap |
SCNS Book CD |
| Lesson 5 |
ISA Server 2006 |
www.microsoft.com/isaserver/prodinfo/default.mspx |
|
ISAScwHlpPack.exe |
SCNS Book CD |
| Lesson 6 |
rfc-index.wri |
SCNS Book CD |
|
rfc2547.txt |
SCNS Book CD |
|
rfc2979.txt |
SCNS Book CD |
| Lesson 8 |
Snort_2_6_1_2_Installer |
SCNS Book CD |
|
Snort Rules |
SCNS Book CD |
|
mysql-essential-5.0.27-win32 |
SCNS Book CD |
|
adodb493a.tgz |
SCNS Book CD |
|
base-1.2.7.tar.gz |
SCNS Book CD |
| Lesson 9 |
WildPackets_OmniPeek_Personal41 |
www.omnipeek.com/downloads.php |
|
dotnetfx.exe |
SCNS Book CD |
|
NetStumbler |
SCNS Book CD |
- In this course, there are several wireless components utilized.
Each training location can decide if they wish to acquire this equipment or
use the content as the learning source. The equipment used in this lesson
is:
- Two laptops running Windows XP.
- One Linksys WPC54G NIC and associated set-up CD-ROM.
- One Netgear WPN511 NIC and associates set-up CD-ROM.
- One Linksys WAP54G access point and associated set-up CD-ROM.
- One Netgear WPN824 access point and associated set-up CD-ROM.
Performance-Based Objectives
- Describe the core issues of building a perimeter network defense
system.
- Investigate the advanced concepts of the TCP/IP protocol suite.
- Secure routers through hardening techniques and configure Access
Control Lists.
- Design and configure multiple firewall technologies.
- Examine and implement IPSec and Virtual Private Networks.
- Design and configure an Intrusion Detection System.
- Secure wireless networks through the use of encryption systems.
Course Content
- Lesson 1: Network Defense Fundamentals
- Topic 1A: Network Defense
- Topic 1B: Defensive Technologies
- Topic 1C: Objectives of Access Control
- Topic 1D: The Impact of Defense
- Topic 1E: Network Auditing Concepts
- Lesson 2: Advanced TCP/IP
- Topic 2A: TCP/IP Concepts
- Topic 2B: Analyzing the Three-way Handshake
- Topic 2C: Capturing and Identifying IP Datagrams
- Topic 2D: Capturing and Identifying ICMP Messages
- Topic 2E: Capturing and Identifying TCP Headers
- Topic 2F: Capturing and Identifying UDP Headers
- Topic 2G: Analyzing Packet Fragmentation
- Topic 2H: Analyzing an Entire Session
- Lesson 3: Routers and Access Control Lists
- Topic 3A: Fundamental Cisco Security
- Topic 3B: Routing Principles
- Topic 3C: Removing Protocols and Services
- Topic 3D: Creating Access Control Lists
- Topic 3E: Implementing Access Control Lists
- Topic 3F: Logging Concepts
- Lesson 4: Designing Firewalls
- Topic 4A: Firewall Components
- Topic 4B: Create a Firewall Policy
- Topic 4C: Rule Sets and Packet Filters
- Topic 4D: Proxy Server
- Topic 4E: The Bastion Host
- Topic 4F: The Honeypot
- Lesson 5: Configuring Firewalls
- Topic 5A: Understanding Firewalls
- Topic 5B: Configuring Microsoft ISA Server 2006
- Topic 5C: IPTables Concepts
- Topic 5D: Implementing Firewall Technologies
- Lesson 6: Implementing IPSec and VPNs
- Topic 6A: Internet Protocol Security
- Topic 6B: IPSec Policy Management
- Topic 6C: IPSec AH Implementation
- Topic 6D: Combining AH and ESP in IPSec
- Topic 6E: VPN Fundamentals
- Topic 6F: Tunneling Protocols
- Topic 6G: VPN Design and Architecture
- Topic 6H: VPN Security
- Topic 6I: Configuring a VPN
- Lesson 7: Designing an Intrusion Detection System
- Topic 7A: The Goals of an Intrusion Detection System
- Topic 7B: Technologies and Techniques of Intrusion Detection
- Topic 7C: Host-based Intrusion Detection
- Topic 7D: Network-based Intrusion Detection
- Topic 7E: The Analysis
- Topic 7F: How to Use an IDS
- Topic 7G: What an IDS Cannot Do
- Lesson 8: Configuring an IDS
- Topic 8A: Snort Foundations
- Topic 8B: Snort Installation
- Topic 8C: Snort as an IDS
- Topic 8D: Configuring Snort to Use a Database
- Topic 8E: Running an IDS on Linux
- Lesson 9: Securing Wireless Networks
- Topic 9A: Wireless Networking Fundamentals
- Topic 9B: Wireless LAN (WLAN) Fundamentals
- Topic 9C: Wireless Security Solutions
- Topic 9D: Wireless Auditing
- Topic 9E: Wireless Trusted Networks