Shon Harris SSCP Systems Security Certified Practitioner Training OnDemand Learning

Sale Price: $595 !! "tem #um$er: P#-SSCP Configuration: -online

% denotes re&uired field 'edia Content% () 'onths Online *ccess +uantity: Shon Harris Systems Security Certified Practitioner ,SSCPr-

The .-day SSCP course /ro0ides com/rehensi0e training in all 1 domains of the Common 2ody of 3no4ledge ,C23- The curriculum has $een designed to meet a strict set of criteria co0ering all critical elements necessary for security today "t is aimed at /rofessionals 4ith at least four years of e5/erience in the information security field or three years of e5/erience and a college degree ,or e&ui0alent life e5/erience- The SSCP certification is seen as a re&uirement for many technical and management /ositions

The Shon Harris SSCP course teaches security /olicy de0elo/ment6 secure soft4are de0elo/ment /rocedures6 net4or7 0ulnera$ilities6 attac7 ty/es and corres/onding countermeasures6 cry/togra/hy conce/ts and their uses6 disaster reco0ery /lans and /rocedures6 ris7 analysis6 crucial la4s and regulations6 forensics6 com/uter crime in0estigation /rocedures6 /hysical security6 and more 8urther6 students 4ill e5/lore the contents and conce/ts that ma7e u/ the di0erse domains and learn ho4 they 4or7 together to /ro0ide true in-de/th defense Our re/utation s/ea7s for itself9 See 4hat others are saying Testimonials

Pac7age "ncludes:

() 'onths Online *ccess6 8eaturing Li0e "nstructor-Led Classroom Sessions 4ith 8ull *udio and :ideo Lectures Soft4are :ideo Demonstrations Self-*ssessment 'odule ;e0ie4 +ui<<es Printa$le Course4are Certificate of Com/letion 8ree ( =ear >/grade Policy 'o$ile *ccess 0ia iPhones and iPads

O>;e5/ertTe5t Shon Harris

Shon Harris6 C"SSP6 'CS?6 is a security consultant6 a former engineer in the *ir 8orce "nformation @arfare >nit6 an instructor6 an author6 and President of Logical Security

She has 4ritten t4o $est selling C"SSP $oo7s6 and co-authored Hac7erAs Challenge and Bray Hat Hac7ing Shon has de0elo/ed a ne4 security $oo7 series6 $eing /u$lished $y 'cBra4-Hill6 4hich 4ill $e sold to cor/orations6 uni0ersities6 colleges6 and /rofessionals throughout the 4orld This series 4ill set the ne4 standards in security training6 education6 and industry /ractices

She is an acti0e contri$utor for "nformation Security 'aga<ine and @indo4s )!!! 'aga<ine Shon has taught com/uter and information security to a 4ide range of clients including ;S*6 De/artment of Defense6 De/artment of ?nergy6 #ational Security *gency ,#S*-6 2an7 of *merica6 Defense "nformation Systems *gency ,D"S*-6 2'C6 and more

Shon 4as recently recogni<ed $y "nformation Security 'aga<ine as one of the to/ )5 4omen technologists6 researchers and e5ecuti0es resha/ing information security today Da0id 'iller

Da0id ; 'iller ,'CT6 'CS?: Security @indo4s Ser0er )!!C6 'CS? @indo4s )!!! and #T D !6 C"SSP6 C?H6 ?CS*6 LPT6 C@#*6 CC#*6 C#?6 Com/T"* SecurityE6 *E6 #E- is a Technical 4riter6 trainer6 author6 curriculum de0elo/er6 net4or7 engineer Da0id $egan as a technical trainer in the mid (9F!As /ro0iding instruction on PC $ased medical thera/y de0ices Da0id achie0ed his C#? in the early (99!As and then founded 'icroLin7 Cor/oration in (99D in Dallas6 Te5as /erforming net4or7 installation and user training *fter attaining his first 'icrosoft certification in (9916 he $egan teaching the 'CS? trac7 at the Southern 'ethodist >ni0ersity in Dallas He Goined an 'CS?6 $oot cam/ style6 /ri0ate training institution6 "ntense School in (999 and 4as Director of training there until )!!)

He has $een 4or7ing 4ith Shon Harris6 $est selling author of C"SSP fame6 for the last se0eral years as Director of Training for Logical Security6 LLC There he has managed se0eral teams of curriculum de0elo/ers He acts as cor/orate "T Director and coordinates the de0elo/ment of student manuals6 la$ manuals and classroom setu/

Course 8eatures:

Course Outline THT Domain ( - *ccess Controls *ccess Controls Definitions *ccess Control 'echanism ?5am/les Technical Controls *dministrati0e Controls

*ccess Control Characteristics Pre0enti0e Controls Pre0enti0e - *dministrati0e Controls Pre0enti0e - Physical Controls Pre0enti0e - Technical Controls Control Com$inations Detecti0e - *dministrati0e Control Detecti0e ?5am/les *dministrating *ccess Control ,(OS6 *//lication6 Data$ase *dministrating *ccess Control ,)*uthori<ation Cree/ *ccounta$ility and *ccess Control Trusted Path 8a7e Login Pages Loo7 Con0incing @ho *re =ouI "dentification "ssues *uthentication 'echanisms Characteristics Strong *uthentication 8raud Controls "nternal Control Tool: Se/aration of Duties *uthentication 'echanisms in >se Today 2iometrics Technology 2iometric De0ices ?5am/le ,(:erification Ste/s

@hat a Person "s @hy >se 2iometricsI 2iometric Ty/e "dentification or *uthenticationI "ris Sam/ling "ris 8inger Scan Hand Beometry 8acial ;ecognition Com/arison 2iometrics :erification "ssues Do4nfalls to 2iometric >se 2iometrics ?rror Ty/es Crosso0er ?rror ;ate 2iometric System Ty/es Pass4ords Pass4ord Benerators Pass4ord JShouldsJ Su//ort "ssues Pass4ord *ttac7s *ttac7 Ste/s 'any Tools to 2rea7 =our Pass4ord ;ain$o4 Ta$le Pass4ords Should #OT Contain @hatAs LeftI

Countermeasures for Pass4ord Crac7ing Cogniti0e Pass4ords One-Time Pass4ord *uthentication Synchronous To7en One Ty/e of Solution Synchronous Ste/s *dministrator Configures Challenge ;es/onse *uthentication ,(*synchronous To7en De0ice *synchronous Ste/s Challenge ;es/onse *uthentication ,)Cry/togra/hic 3eys Pass/hrase *uthentication 3ey Protection 'emory Cards 'emory Card Characteristics Smart Card Characteristics Card Ty/es Smart Card *ttac7s Soft4are *ttac7 Side Channel *ttac7 Side Channel Data Collection 'icro/ro$ing "dentity 'anagement Ho4 *re These ?ntities ControlledI

Some Current "ssues 'anagement Ty/ical Chaos Different "dentities "dentity 'anagement Technologies Directory Com/onent ?nter/rise Directory ,(Directory ;es/onsi$ilities *uthoritati0e Sources 'eta Directory Directory "nteractions @e$ *ccess 'anagement @e$ *ccess Pass4ord 'anagement Legacy Single Sign-On *ccount 'anagement Systems Pro0isioning Com/onent Pro0isioning #ot Kust Com/uters Profile >/date @or7ing Together ?nter/rise Directory ,)"dentity 'anagement Solution Com/onents ;ight for =our Com/any @hat you need to 7no4 8ederated "dentity

"dentity Theft 8a7e Login Tools Ho4 Do These *ttac7s @or7I *ttem/ts to Bet =our Credentials Ho4 Do These @or7I "nstructional ?mails 3no4ing @hat =ou *re Dis/osing of "s "m/ortant Other ?5am/les *nother Danger to 2e *4are of S/y4are "s Someone @atching =ouI @hat Does This Ha0e to Do 4ith 'y Com/uterI Sometimes =ou 3no4 that Soft4are "s "nstalling on =our System #e4 S/y4are "s 2eing "dentified ?0ery @ee7 S/y4are Comes in 'any Different 8orms Ho4 to Pre0ent S/y4are Different Technologies Single Sign-on Technology Single Sign-on Directory Ser0ices as a Single Sign-on Technology *cti0e Directory Some Technologies Can Com$ine Ser0ices Security Domain Domains of Trust Domain "llustration Thin Clients ?5am/le ,)-

3er$eros as a Single Sign-on Technology 3er$eros Com/onents @or7ing Together Pieces and Parts 'ore Com/onents of 3er$eros 3DC Com/onents 3er$eros Ste/s Tic7ets Tic7et Com/onents *uthenticators Ste/s of :alidation 3er$eros Security @hy Bo Through *ll of this Trou$leI "ssues Pertaining to 3er$eros 3er$eros "ssues S?S*'? as a Single Sign-on Technology S?S*'? Ste/s for *uthentication Com$o 'odels for *ccess *ccess Control 'odels ,(Discretionary *ccess Control 'odel *CL *ccess 8ile Permissions ?nforcing a D*C Policy Security "ssues 'andatory *ccess Control 'odel '*C ?nforcement 'echanism - La$els

8ormal 'odel Soft4are and Hard4are Soft4are and Hard4are Buards @here *re They >sedI S?Linu5 '*C :ersus D*C ;ole-2ased *ccess Control ;2*C Hierarchy ;2*C and SoD *c&uiring ;ights and Permissions ;ule-2ased *ccess Control 8ire4all ?5am/le *ccess Control 'atri5 ,(Ca/a$ility Ta$les >ser Ca/a$ility Ta$les Tem/oral *ccess Control *ccess Control *dministration *ccess Control 'ethods Centrali<ed *//roach ;emote Centrali<ed *dministration ;*D">S ;*D">S Ste/s ;*D">S Characteristics T*C*CSE Characteristics Diameter Characteristics Diameter Protocol

'o$ile "P Diameter *rchitecture T4o Pieces *:P Decentrali<ed *ccess Control *dministration Controlling *ccess to Sensiti0e Data Protecting *ccess to System Logs *ccounta$ility L *uditing ?0ents *ccess Control 'odels ,)Policy 0ersus 'odel State 'achine "nformation 8lo4 "nformation 8lo4 'odel 2ell-LaPadula ;ules of 2ell-LaPadula ;ules Clarified Tran&uility Ty/es 2i$a Definition of "ntegrity 2i$a *ccess ;ules Clar7-@ilson Boals of 'odel Clar7 @ilson Com/onents Clar7-@ilson ,Cont Clar7-@ilson 'odel #on-"nterference 'odel

Lattice-2ased *ccess Control Lattice *//roach >nderstanding Lattice *ccess Control 'atri5 'odel *ccess Control 'atri5 ,)2re4er and #ash 'odel - Chinese @all 2re4er and #ash Ta7e-Brant 'odel Braham-Denning 'odel Domain ( ;e0ie4 Domain ) - Security O/erations and *dministration Security O/erations and *dministration 'ainframe Days "n the Bood Old Days - @ho 3ne4I TodayAs ?n0ironment Security Definitions :ulnera$ilities ?5am/les of Some :ulnera$ilities that *re #ot *l4ays O$0ious ;is7 - @hat Does "t ;eally 'eanI ;elationshi/s @ho Deals 4ith ;is7I O0erall 2usiness ;is7 @hoI *"C Triad *0aila$ility "ntegrity

Confidentiality @ho "s @atchingI Social ?ngineering @hat Security Peo/le *re ;eally Thin7ing Security Conce/ts SecurityI The 2ad Buys *re 'oti0ated "f #ot O$scurity - Then @hatI O/en Standards Common O/en Standards @ithout Standards JSoftJ Controls Logical Controls Physical Controls *re There Ba/sI >nderstanding Dri0ers Holistic Security #ot *l4ays So ?asy @hat "s 8irstI Different Ty/es of La4 Ho4 "s Lia$ility DeterminedI ?5am/les of Due Diligence ?5am/les of Due Care Prudent Person ;ule Prudent Person Ta7ing the ;ight Ste/s

Com/onents of Security Program * Layered *//roach "n Security6 =ou #e0er @ant *ny Sur/rises 2uilding 8oundation ,(Security ;oadma/ 8unctional and *ssurance ;e&uirements 2uilding 8oundation ,)'ost Organi<ations Silo Security Structure "slands of Security #eeds and Tools Bet Out of a Silo *//roach Security "s a Process *//roach to Security 'anagement ;esult of 2attling 'anagement "ndustry 2est Practices Standards "SOM"?C (1199 Pieces and Parts #um$ering #e4 "SO Standards CO2"T "nside of CO2"T CO2"T - Control O$Gecti0es 'easurements "nformation Technology "nfrastructure Li$rary Security Bo0ernance Security Program Com/onents

Policy 8rame4or7 Policy Ty/es Organi<ational Policy Policy *//ro0ed - #o4 @hatI "ssue-S/ecific Policies *SP Policy ?5am/le System-S/ecific Policies Standards Standard ?5am/le 2aseline ,(Data Collection for 'etrics ,(Buidelines Procedures Tying Them Together Program Su//ort ?ntity ;elationshi/s Senior 'anagementAs ;ole Security ;oles Custodian *uditor *ccess "nformation Classification "nformation Classification Program Data Lea7age Do =ou @ant to ?nd >/ in the #e4sI Ty/es of Classification Le0els

Data Protection Le0els Classification Program Ste/s "nformation Classification Com/onents Procedures and Buidelines Classification Le0els "nformation Classification Criteria Criteria ?5am/le Or #ot "nformation O4ner ;e&uirements Clearly La$eled Testing Classification Program @ho "s *l4ays Causing Pro$lemsI ?m/loyee 'anagement ?m/loyee Position and 'anagement Hiring and 8iring "ssues * 8e4 'ore "tems >nfriendly Termination Security *4areness and Training Training Characteristics *4areness Security ?nforcement "ssues Com/uter O/erations O/erations Security "n0ol0es @hat Do @e Ha0eI Hard4are Protection Licensing "ssues

Soft4are "nstallation "T"L - Pro$lem 'anagement Pro$lem 'anagement *reas of Pro$lem 'anagement Pro$lem 'anagement Procedures for Processing Pro$lems Higher Le0el Loo7 Data Out/ut Controls *dministrati0e Controls Personnel Controls #on-?m/loyees Security O/erations Personnel Change Control Configuration 'anagement ,(*nother ?5am/le *genda ( ;esource Protection Li$rary 'aintenance 'edia La$els 'edia Controls Soft4are ?scro4 'edia ;euse @ea7 Lin7 Lia$ilities of "nsecure Dis/osal of "nformation De0astating to the Com/any ;esults of Data Lea7age O$Gect ;euse Safe Dis/osal

Degaussing Neroi<ation Physical Destruction ;emaining Data Purging @hy #ot Kust Delete the 8ilesI 8ormatting 'edia 'ainframes *genda ) Different Ty/es of 2ac7u/s 2ac7u/s HS' Off-Line 2ac7u/ Ty/es "ncremental 2ac7u/ "ncremental Differential 2ac7u/ Differential 2ac7u/ Protection Continuous Threat *genda C De0ices @ill 8ail 'ean Time 2et4een 8ailure 'ean Time to ;e/air Single Point of 8ailure Countermeasures ;edundant and 8ault Tolerance

'irroring Data Dis7 Du/le5ing Direct *ccess Storage De0ice ;edundant *rray of "nde/endent Dis7s 'assi0e *rray of "nacti0e Dis7s ,'*"D;edundant *rray of "nde/endent Ta/es ,;*"TSerial *d0anced Technology *rchitecture S*# 8ault Tolerance #et4or7 ;edundancy 'esh #et4or7 ;edundancy 'echanism 2ac7u/ Configuration 8iles Some Threats to Com/uter O/erations Trusted ;eco0ery of Soft4are *fter System Crash Security Concerns *genda D Contingency Planning *genda 5 ;emote *ccess Security *uthentication ;emote *ccess *dministering Systems ;emotely 8acsimile Security Securing Data in 'otion

Su//ort Systems Configuration 'anagement ,)Change Control ;oles in C' CC2 Charter Configuration 'anagement Plan Change Control-Security ?n0ironment Process of Change 'anagement 2aseline ,)Data Collection for 'etrics ,);is7-$ased Cost ?ffecti0e Controls Soft4are Programming Security Considered at ?ach Phase @aterfall 'odel @ater8all Stages ;e&uirement *nalysis Design De0elo/ment :erification O/eration and 'aintenance "terati0e De0elo/ment 'odel ?5/loratory 'odel ;a/id *//lication De0elo/ment ,;*D- 'odel S/iral 'odel ;euse 'odel Com/uter *ided Soft4are ?ngineering 'odel ,C*S??5treme Programming

Trusted Com/uter System ?0aluation Criteria ,TCS?CTCS?C TCS?C ;ating 2rea7do4n ?0aluation Criteria - "TS?C "TS?C ;atings "TS?C - Bood and 2ad Common Criteria Common Criteria Standard Security 8unctional ;e&uirements Security *ssurance ;e&uirements Common Criteria Com/onents Common Criteria ;e&uirements Pac7age ;atings Common Criteria Outline Certification :ersus *ccreditation Security Le0els '*C 'odes 'odes of O/eration '*C 'odes ,Cont Sets of ?thics ,"SC-) Com/uter ?thics "nstitute "nternet *rchitecture 2oard Domain ) ;e0ie4 Domain C - ;is76 ;es/onse and ;eco0ery ;is76 ;es/onse and ;eco0ery

;is7 'anagement @hy "s ;is7 'anagement DifficultI #ecessary Le0el of Protection "s Different for ?ach Organi<ation Security TeamMCommittee ;is7 'anagement Process Planning Stage - Team *nalysis Paralysis Planning Stage - Sco/e Planning Stage - *nalysis 'ethod ;is7 'anagement Tools Defining *cce/ta$le Le0els *cce/ta$le ;is7 Le0el Collecting and *naly<ing Data 'ethods @hat "s a Com/any *ssetI Data Collection - "dentify *ssets Data Collection - *ssigning :alues *sset :alue Data Collection - "dentify Threats Data Collection - Calculate ;is7s Scenario 2ased - +ualitati0e ;is7 *//roach ,(+ualitati0e *nalysis Ste/s @ant ;eal *ns4ersI +ualitati0e ;is7 *nalysis ;atings +ualitati0e ;is7s +uantitati0e *nalysis Ste/s

+uantitati0e *nalysis ,(Ho4 Often @ill This Ha//enI *;O :alues and Their 'eaning Calculate *L? *L? :alue >ses ;elationshi/s Calculate ;is7s - *L? ?5am/le =our Turn9 *L? Calculation Can a Purely +uantitati0e *nalysis 2e *ccom/lishedI ;is7 Ty/es ?5am/les of Ty/es of Losses Delayed Loss CostM2enefit *nalysis Cost of a Countermeasure CostM2enefit *nalysis Countermeasure Criteria Calculating CostM2enefit Controls Control Selection ;e&uirements +uantitati0e *nalysis ,)+uantitati0e *nalysis Disad0antages +ualitati0e *nalysis *//roach +ualitati0e *nalysis Disad0antages Can =ou Bet ;id of *ll ;is7I Calculating ;esidual ;is7 >ncertainty *nalysis

Dealing 4ith ;is7 'anagementAs ;es/onse to "dentified ;is7s ;is7 *cce/tance ;is7 *nalysis Process Summary #eeds for 2CP "s =our Organi<ation Pre/aredI "s =our Com/any Pre/aredI 9M(( Changed 'entalities *$out 2CP Disaster affected 'any *merica is ;e$uilding Partial 8?'* Disaster List for )!!5 Do @e ha0e a PlanI D;P 8ocus 2CP 8ocus Com/aring the T4o @hat is the Pur/ose of a 2CPI 'ore ;easons to ha0e Plans in Place 8rame4or7 2CP is a Core Com/onent of ?0ery Security Program Ste/s of 2CP Process Different 2CP 'odel Documentation Documentation and *//ro0al 2CP Policy Outlines 2CP Policy Sam/le @ho is "n Charge and @ho Can @e 2lameI

@hatAs #eeded in a TeamI 2CP De0elo/ment Team ProGect Si<ing Pro/erly Determining Sco/e is "m/ortant 2CP ;is7 *nalysis Ste/s 2"* Ste/s Data Bathering "nformation from Different Sources *nalysis Critical 8unctions Ho4 to "dentify the 'ost Critical Com/any 8unctions "nterde/endencies @ell6 of course an Organi<ation 3no4s Ho4 it @or7s9 2usiness Silos >nderstanding the ?nter/rise 2"* Ste/s ,Cont "dentifying 8unctionsA ;esources @ho Connects to @hoI 2"* Ste/s ,Cont 'a5imum Tolera$le Do4ntime 'TD ?5am/le 'TD Definitions 2"* Ste/s ,Cont ;ange of Threats to Consider Thin7ing Outside of the 2o5 @hat if

2iological Threats 2"* Ste/s ,Cont Potential Disasters ;is7 *//roach ,);an7ing $y ;is7 Le0el Potential Losses "nclude all ;"S3 Com/onents @hat Ha0e @e Com/leted >/ to #o4I 2"* Ste/s ,Cont ;eco0ery Strategies *lternate 2usiness Process Procedures 2usiness Process ;econstruction ;eco0ery Strategies ,Cont 8acility ;eco0ery 8acility 2ac7u/s - Hot Site 8acility 2ac7u/s - @arm Site 8acility 2ac7u/s - Cold Site Com/ati$ility "ssues 4ith Offsite 8acility Tertiary Sites Su$scri/tion Costs 'ulti/le Processing Centers Location6 Location6 Location Choosing Site Location Other Offsite *//roaches Security does #ot Sto/ 'ore O/tions

;olling Hot Site ;eco0ery Strategies ,Cont Su//ly and Technology ;eco0ery :o"P ?&ui/ment ;e/lacement @hat "tems #eed to 2e ConsideredI Priorities *nything ?lseI ;e/lacements ?5ecuti0e Succession Planning ;eco0ery Strategies ,Cont >ser ?n0ironment ;eco0ery ;eco0ery Strategies ,Cont Data ;eco0ery Technologies Co-Location Data ;eco0ery 2ac7u/ ;edundancy ;eco0ering Data *utomated 2ac7u/ Technologies Ta/e :aulting Data ;eco0ery ,Cont Clustering for 8ault Tolerance Clustering Dis7 or Data$ase Shado4ing @hich O/tion to >se Cost ?ffecti0e 'easures

;esources6 Time6 Solutions Determining ;eco0ery Solutions Cost and ;eco0ery Times Proacti0e 2"* Ste/s ,Cont -

;eco0ery Solutions Pre0entati0e 'easures ;e0ie4ing "nsurance ;esults from the 2"* #o4 ;eady to De0elo/ the Plan 2asic Structure of 2CP Products That Can Hel/ Plan Com/onents Teams to 2e De0elo/ed ?5ternal Brou/s Policy Com/onents *cti0ation Phase Damage *ssessment #otifying Personnel Plan *cti0ation ?mergency ;es/onse Policy Com/onents ,Cont #e5t Phases ;eco0ery Procedures Documentation of ;eco0ery Ste/s Policy Com/onents ,Cont -

;econstitution Phase ;econstitution "tems ;eturning to Original 8acility @ho goes 8irstI Disaster Hit - #o4 @hatI Termination of 2CP Life Cycle @ho has the PlanI 2ac7u/ of the 2ac7u/ Plan ;esults Ty/es of Tests to Choose 8rom Test O$Gecti0es Training ;e&uirements Lessons Learned @hat "s SuccessI Out of DateI 2CP Plans Commonly and +uic7ly 2ecome Out of Date 3ee/ing it Current Change Control ;esulting Plan Should Contain Phases of the 2CP *genda ) Com/uter Crime and "ts 2arriers Countries @or7ing Together @orld4ide Cy$ercrime Security Princi/les for "nternational >se

Determine if a Crime Has "ndeed 2een Committed 2ringing in La4 ?nforcement Citi<en 0ersus La4 ?nforcement "n0estigation "n0estigation of *ny Crime ;ole of ?0idence in a Trial ?0idence ;e&uirements Chain of Custody ,(Ho4 "s ?0idence ProcessedI Hearsay ?0idence Hearsay ;ule ?5ce/tion *genda C Pre/aring for a Crime 2efore "t Ha//ens "ncident Handling ?0idence Collection To/ics Com/uter 8orensics Hidden Secrets Trying to Tra/ the 2ad Buy Com/anies Can 2e 8ound Lia$le @hy "ncident ;es/onseI "ncident ;es/onse *larms Threats "ncident ;es/onse 8rame4or7 Pre/aration and Planning ";T - "ncident ;es/onse Team "ncident ;es/onse Team - 'ission "ncident ;es/onse Team - O$Gecti0es

"ncident ;es/onse Team - Priorities "ncident ;es/onse Team - Liaisons Detection Chain of Custody ,)Po7ing into #et4or7 Traffic Snort Containment Containment - Some Considerations #otification "n0estigation ;ules of ?0idence *cce/ta$le ?0idence ?5clusionary ;ules ?0idence ;ecognition ?0idence Disco0ery Search and Sei<ure #et4or7 'onitoring ;e0ie4ing System Logs "nter0ie4ing Terminating the "n0estigation ;eco0ery ;es/onse 8ollo4->/ 8ollo4->/ - ;ecord 3ee/ing 8ollo4->/ - Lessons Learned 8ollo4->/ - 8inal ;e/ort

?lectronic 8orensic 'edia *nalysis Procedures 'edia *nalysis - "*C"S 8rame4or7 Ste/ ( - Sterile 'edia Ste/ ) - Legal Soft4are Ste/ C - Physical ?5amination of the ?0idence Ste/ D - *0oid *ltering the ?0idence Ste/ 5 - Ca/ture DateMTime and C'OS ,;TCM#:;*'- "nformation Ste/ . - Create an ?5act "mage Ste/ 1 - Logically ?5amine the "mage Ste/ F - ?5amine the 2oot ;ecord Data and >ser-Defined 8iles Ste/ 9 - ;eco0er and ?5amine *ll Deleted 8iles Ste/ (! - Create a Listing of *ll 8iles Ste/ (( - ?5amine >nallocated S/ace for Lost or Hidden Data Ste/ () - ?5amine 8ile Slac7 Ste/ (C - ?5amine *ll >ser Created 8iles Ste/ (D - >nloc7 and ?5amine Pass4ord-Protected 8iles Ste/ (5 - Create Printouts of *ll of the *//arent ?0idence Ste/ (. - ?5amine ?5ecuta$le 8iles and ;un *//lications Ste/ (1 - @rite the 8orensic *nalysis ;e/ort Domain C ;e0ie4 Domain D - *nalysis and 'onitoring *nalysis and 'onitoring Security *uditing @hat *re Security *uditsI @hy *re Security *udits PerformedI

*udit Partici/antAs ;ole Defining the *udit Sco/e Defining the *udit Plan *udit Data Collection 'ethods Post *udit *cti0ities Controls Control Chec7s Control Chec7s - >ser *ccess Control Control Chec7s - #et4or7 *ccess #et4or7 Configurations D'N Configurations 8ire4all Com/arisons #et4or7 De0ices - 8ire4alls Host "solation - *udit +uestions 8ire4alls - *udit +uestions "ntrusion Detection System "DS - *udit +uestions #et4or7 'onitoring Control Chec7s - 'onitoring 'onitoring - *udit +uestions Control Chec7s - System Hardening Control Chec7s - >nnecessary Ser0ices Control Chec7s - Patching Patching - *udit +uestions Control Chec7s - *nti-:irus Control Chec7s - ?ncry/tion

Control Chec7s - Logging Protecting *ccess to System Logs *udit Process Security Testing O0er0ie4 @hyI @henI @hoI Security Testing Boals Security Testing - Tools 2efore Carrying Out :ulnera$ility Testing Testing for :ulnera$ilities :ulnera$ility *ssessments Security Testing "ssues :ulnera$ility Scanning :ulnera$ility Scans Penetration Testing ,(Penetration Testing :ariations Ty/es of Testing Ste/ "n *ttac7 Chart Testing Ste/s *utomated Pen Testing Tools Can0asT O/eration Penetration Testing ,)*utomated Pen Testing Tools Core "m/actT O/eration Test Ty/e Chart Security Testing Ste/s

;econnaissance ;econnaissance - Social ?ngineering ;econnaissance - @HO"S "nformation ;econnaissance - D#S None Transfer #et4or7 'a//ing #et4or7 'a//ing - HostMPort 'a//ing :ulnera$ility *ssessment Security Bate4ay Testing Security 'onitoring Testing @eeding Out 8alse Positi0es Security 'onitoring Post-Testing and *ssessment Ste/s 'oti0ation 2ehind *ttac7s "ntrusions @hat is *cce/ta$leI Security 'onitoring for ?0eryday Life Security 'onitoring for Com/uting Systems @hy Security 'onitoring "s #ecessaryI Security 'onitoring "ssues 'onitoring Terminologies "ntrusion Detection Systems "DS Categories #et4or7-$ased "DS Host-$ased "DS *nomaly Detection Signature-$ased "DS

'isuse Detection Ty/es "DS as a Patch for 8ire4all ?0ent Logging ?0ent Logging - >sefulness Log Sources Centrali<ed logging infrastructure Log ;e0ie4s Logging Priority Secure Logging ?0ent *lerting and "nter/retation *ccounta$ility L *uditing ?0ents Security 'onitoring ?0asion O$fuscation 8ragmentation ?ncry/tion O0erloading Slo4 Scans Log *lteration Security 'onitoring "m/lementation "ssues Criticality 2ased De/loyment 'aintenance and Tuning Data Collection for "ncident ;es/onse 'onitoring ;es/onse Techni&ues *cti0e ;es/onse Pitfalls "DS "DS Ste/s

#et4or7 "DS Sensors Host "DS Com$ination Ty/es of "DSs Signature-2ased ?5am/le 2eha0ior-2ased "DS Statistical *nomaly Statistical "DS Protocol *nomaly @hat "s a Protocol *nomalyI Protocol *nomaly "ssues Traffic *nomaly "DS ;es/onse 'echanisms ;es/onses to *ttac7s "DS "ssues "ntrusion Pre0ention System Differences :ulnera$le "DS Tra//ing an "ntruder Domain D ;e0ie4 Domain 5 - Cry/togra/hy Cry/togra/hy Ser0ices Pro0ided $y Cry/togra/hy Cry/togra/hic Definitions Ci/her Cry/tanalysis

* 8e4 'ore Definitions #eed Some 'ore DefinitionsI #o4 This @ould $e Hard @or7 Symmetric Cry/togra/hy - >se of Secret 3eys Historical >ses of Symmetric Cry/togra/hy - Hierogly/hics Scytale Ci/her Su$stitution Ci/hers Sim/le Su$stitution Ci/her *t$ash Sim/le Su$stitution Ci/her Caesar Ci/her Caesar Ci/her ?5am/le Sim/le Su$stitution Ci/her ;OT(C Historical >ses Polyal/ha$etic Ci/her - :igenere Ci/her Polyal/ha$etic Su$stitution :igenere *lgorithm ?nigma 'achine >-2oats had ?nigma 'achines Code 2oo7 Historical >ses of Symmetric Cry/togra/hy - ;unning 3ey and Concealment *genda ( Trans/osition Ci/hers 3ey and *lgorithm ;elationshi/ Does Si<e ;eally 'atterI "t Does 4ith 3ey Si<es 3ey s/ace @ays of 2rea7ing Cry/tosystems - 2rute 8orce

2rute 8orce Com/onents @ays of 2rea7ing Cry/tosystems - 8re&uency *nalysis Strength of a Cry/tosystem Do =ou 3no4 @hat =ou are DoingI De0elo/ing Cry/togra/hic Solutions "n-House Characteristics of Strong *lgorithms O/en or Closed 'ore SecureI *genda ) Ty/es of Ci/hers >sed Today Ty/e of Symmetric Ci/her - 2loc7 Ci/her S-2o5es >sed in 2loc7 Ci/hers 2inary 'athematical 8unction ( Ty/e of Symmetric Ci/her - Stream Ci/her Symmetric Characteristics "nitiali<ation :ectors Security Holes Strength of a Stream Ci/her LetAs Di0e in Dee/er Symmetric 3ey Cry/togra/hy Out-of-2and Transmission Symmetric 3ey 'anagement "ssue Symmetric *lgorithm ?5am/les Symmetric Do4nfalls @hyI *symmetric Cry/togra/hy 3ey 8unctions

Pu$lic 3ey Cry/togra/hy *d0antages *symmetric *lgorithm Disad0antages Confusing #ames Symmetric 0ersus *symmetric *symmetric *lgorithm ?5am/les +uestions ( @hen to >se @hich 3ey >sing the *lgorithm Ty/es Together ?ncry/tion Ste/s ;ecei0erAs Pu$lic 3ey "s >sed to ?ncry/t the Symmetric 3ey ;ecei0erAs Pri0ate 3ey "s >sed to Decry/t the Symmetric 3ey Digital ?n0elo/e ?-mail Security Secret 0ersus Session 3eys *symmetric *lgorithms @e @ill Di0e "nto *symmetric *lgorithm - Diffie-Hellman Diffie-Hellman 3ey *greement Schemes *symmetric *lgorithm - ;S* 8actoring Large #um$ers ;S* O/erations ;S* 3ey Si<e ?l Bamal ?CC ?CC 2enefits *symmetric 'athematics

*symmetric Security 'athematics Symmetric Ci/hers @e @ill Di0e "nto Symmetric *lgorithms - D?S 2loc7 Ci/her Dou$le D?S ?0olution of D?S 'odes of CD?S ?ncry/tion 'odes 2loc7 Ci/her 'odes - C2C ": and C2C C2C ?5am/le Different 'odes of 2loc7 Ci/hers -?C2 ?C2 0ersus C2C 2loc7 Ci/her 'odes - C82 and O82 C82 and O82 'odes Counter 'ode 'odes Summary Symmetric Ci/her - *?S "D?* ;CD ;C5 *genda C Data "ntegrity Hashing Ste/s Protecting the "ntegrity of Data

Hashing *lgorithms Data "ntegrity 'echanisms Hashing Strength +uestion ( @ea7ness in >sing Only Hash *lgorithms 'ore Protection in Data "ntegrity '*C H'*C - Sender H'*C - ;ecei0er *nother Loo7 @hat Ser0ices *uthentication Ty/es C2C-'*C '*C >sing 2loc7 Ci/hers "ntegrityI @hat Ser0icesI +uestion ) Digital Signatures One 'ore Loo7 ( > S Bo0ernment Standard @hat is #ot Bi0ing u/ the 8arm Nero 3no4ledge Proof 'essage "ntegrity Controls Security "ssues in Hashing ?5am/le of a 2irthday *ttac7

2irthday *ttac7 "ssues 3ey 'anagement 3ey 2ac7u/ 3ey 'anagement ,Cont 3ey >sage Cry/to/eriod '-of-# 3ey Ty/es *genda D @hy Do @e #eed a P3"I P3" and "ts Com/onents Com/onents of P3" P3" P3" Ste/s ;* ;oles C* LetAs @al7 Through an ?5am/le Digital Certificates Certificate Signing the Certificate :erifying the Certificate Trusted C*As #on-Trusted C* One 'ore Loo7 ) @hat Do =ou Do 4ith a CertificateI Com/onents of P3"6 ;e/ository6 and C;Ls

;e0o7edI C;L Process Different >ses for Certificates Lifecycle of a Certificate Cross Certification P3" and Trust *genda 5 Historical >ses of Symmetric Cry/togra/hy - :ernam Ci/her 2inary 'athematical 8unction ) One-Time Pad in *ction One-Time Pad Characteristics Steganogra/hy Steganogra/hy >tilities Digital @atermar7ing Lin7 0ersus ?nd-to-?nd ?ncry/tion ?nd-to-?nd ?ncry/tion ?ncry/tion Location ?mail Standards =ou Decide #on-Hierarchical Secure Protocols SSL Connection Setu/ ?5am/le - SSL :alidating Certificate Secure Protocols ,Cont SSL and the OS" 'odel

?-Commerce Ho4 *re =ou DoingI Hard the 8irst Times Through Secure ?mail Standard *genda . #et4or7 Layer Protection "PSec 3ey 'anagement "PSec Handsha7ing Process :P# ?sta$lishment S*s in >se 3ey "ssues @ithin "PSec Configuration of S* Parameters "PSec Configuration O/tions "PSec "s a Suite of Protocols *H and ?SP 'odes "PSec 'odes of O/eration :P# ?sta$lishment ,Cont ;e0ie4 +uestions ) *ttac7 Ty/es *ttac7s on Cry/tosystems 3no4n-Plainte5t *ttac7 Chosen-Plainte5t *ttac7 Chosen-Ci/herte5t *ttac7 *da/ti0e *ttac7s Side Channel *ttac7s

Domain 5 ;e0ie4

Domain . - #et4or7ing and Telecom #et4or7ing and Telecom *genda ( OS" 'odel OS" Layers #et4or7ing Communications *n Older 'odel Data ?nca/sulation *//lication Layer OS" - *//lication Layer Presentation Layer OS" - Presentation Layer OS" - Session Layer ClientMSer0er 'odel ClientMSer0er Session Layer Trans/ort Layer Trans/ort Layer *nalogy Trans/ort Protocols OS" - #et4or7 Layer Here to There #et4or7 Layer OS" - Data Lin7 Data Lin7 Su$layers

OS" - Physical Layer Physical Layer Layers @or7ing Together Protocols at ?ach Layer De0ices @or7 at Different Layers Ty/es of #et4or7s #et4or7 To/ologies - Physical Layer To/ology Ty/e - 2us To/ology Ty/e - ;ing To/ology Ty/e - Star #et4or7 To/ologies - 'esh 'esh To/ologies Summary of To/ologies *genda ) L*# 'edia *ccess Technologies 'edia *ccess One Boal of 'edia *ccess Technologies Collision Domain 2ac7 Off6 2uddy Carrier Sense 'ulti/le *ccess CS'*MCollision *0oidance ,CS'*MC*'edia *ccess Technologies - ?thernet 'edia *ccess Technologies - To7en Passing To7enAs ;ole Other Technologies 'edia *ccess Technologies - Polling

*genda C Ca$ling Ty/es - Coa5ial Coa5ial Ca$ling Ty/es - T4isted Pair Ca$le Ty/es Ty/es of Ca$ling - 8i$er 'ultimode 0s Single 'ode Signal and Ca$le "ssues Signaling "ssues Transmission Ty/es - *nalog and Digital Transmission Ty/es - Synchronous *synchronous Transmission Ty/es - 2ase$and Transmission Ty/es - 2road$and Ca$ling "ssues - Plenum-;ated Transmission Ty/es - #um$er of ;ecei0ers "nternet Brou/ 'anagement Protocol 'ulticasting #et4or7 Technologies ?5tranet #et4or7 Technologies ,Cont ?D" ?0olution #et4or7ing De0ices #et4or7 De0ice - ;e/eater #et4or7 De0ice - Hu$ #et4or7ing De0ice - 2ridge

8or4arding Ta$le ?5am/le #et4or7 De0ices - S4itch :irtual L*# :L*# "nterfaces and :L*#s Sniffers #et4or7ing De0ices - ;outer Ho/s ;outers 2ridges Com/ared to ;outers #et4or7 De0ices - Bate4ay *genda D Port and Protocol ;elationshi/ Client Ports Conce/tual >se of Ports TCPM"P Suite >DP 0ersus TCP TCP Segment S=# 8lood Teardro/ *ttac7 Source ;outing Source ;outing Ty/es "P *ddress ;anges "P0. Protocols Protocols - *;P

"P to '*C 'a//ing Ho4 *;P @or7s *;P Poisoning "C'P Pac7ets * @ay Hac7ers >se "C'P Ping Ste/s Protocols - S#'P S#'P in *ction S#'P S#'P Out/ut POPC and S'TP Protocols - S'TP 'ail ;elay Protocols - 8TP6 T8TP6 Telnet Protocols - ;*;P and 2ootP DHCP - Dynamic Host Configuration Protocol *genda 5 #et4or7ing De0ice - 2astion Host #et4or7 Configurations D'N Configurations 8ire4all Com/arisons #et4or7 De0ices - 8ire4alls 8ire4all Ty/es - Pac7et 8iltering Pac7et 8iltering 8ire4all Pac7et 8iltering 8ire4all @ea7nesses Pac7et 8iltering

;ule Set ?5am/le 8ire4all Ty/es - Pro5y 8ire4alls 8ire4all Ty/es - Circuit-Le0el Pro5y 8ire4all Circuit-Le0el Pro5y 8ire4all Ty/es - *//lication-Layer Pro5y *//lication-Layer Pro5y *d0antages *//lication-Layer Pro5y Disad0antages Dedicated Pro5y Ser0ers 8ire4all Ty/es - Stateful State Ta$le Com/are 8ire4all Ty/es - 3ernel Pro5ies 8ire4all $ased :P# De0ices 2est Practices 8ire4all Placement Pac7et 8iltering ,Cont Screened Host 8ire4all *rchitecture Ty/es - 'ulti- or Dual-Homed Screened Su$net *genda . Dial->/ Protocols and *uthentication Protocols Dial->/ Protocol - SL"P Dial->/ Protocol - PPP PPP PPP 0ersus SL"P *uthentication Protocols - P*P

*uthentication Protocols - CH*P *uthentication Protocol - ?*P Data "ns/ection :irtual Pri0ate #et4or7 Technologies @hat "s a Tunneling ProtocolI *nalogy ?5am/les Tunneling Protocols - PPTP Tunneling Protocols - L)TP L)TP ?nca/sulation Tunneling Protocols - "PSec "PSec 2asic 8eatures "PSec Trans/ort 'ode "PSec Tunnel 'ode Security *ssociations ,S*sCom$ining Sas "terated Tunnelling *genda 1 SDLC and HDLC Layer C at Layer ) 'PLS 'ulti/rotocol La$el S4itching +uality of Ser0ice ,+oS+oS Ser0ices *utonomous Systems ;outing Protocols ;outing

;outing Protocols ,Cont OSP8 OSP8 Pac7et :alues "B;P 2BP ;outing Protocol *ttac7s 'etro/olitan *rea #et4or7 Technologies '*# Technologies - 8DD" 8DD" SO#?T ;ings '*# Technologies - SO#?T Connecting #et4or7s #et4or7 Ser0ices #et4or7 Ser0ice - D#S D#S Ser0er Structure #ame ;esol0ing Ste/s S/lit D#S Host #ame ;esolution *ttac7s #et4or7 Ser0ice - #*T Ty/es of #*T P*T #"S Storing Data #"SE *uthentication *genda F @*# Technologies *re Circuit or Pac7et S4itched

PST# Connecting to the PST# Circuit S4itching Ste/s of Connections 'ulti/le5ing Ty/es of 'ulti/le5ing TD' Process Statistical Time Di0ision 'ulti/le5ing 8D' 8D' Process Pac7et S4itching Circuit 0ersus Pac7et S4itching @*# Technologies - Pac7et S4itched @*# Technologies - H )5 H )5 @*# Technologies - 8rame ;elay @*# ?5am/le 8rame ;elay P:C and S:C @*# Technologies - *T' Cell S4itching @ide *rea #et4or7 Technologies Dedicated Lines @*# Technologies - "SD# On-Demand "SD# Ser0ice Ty/es

@*# Technologies - DSL DSL *DSL SDSL @*# Technologies - Ca$le 'odem Ca$le 'odems Ca$le #et4or7 Satellites Hy$rid Connection Satellite Co0erage Satellite Su//lying Different Su$scri$ers #et4or7 Perimeter Security Com/le5ity only "ncreases * Layered *//roach *genda 9 Traditional :oice #et4or7 PST# ,Cont Pri0ate 2ranch ?5change P2H :ulnera$ilities P2H 2est Practices "P Tele/hony :oice O0er "P Com$ination of Old and #e4 "P Tele/hony Com/onents 'edia Bate4ays P2H and :o"P

:oice o0er "P Tele/hony "ssues Tele/hony Protection 'echanisms Tele/hony Security "P Tele/hony 4ith @ireless "P Phones Security 'o$ile Technology Benerations 'o$ile Phone Security 'o$ile De0ice Security Cell Phone *genda (! @ireless Technologies - *ccess Point @ireless 8re&uencies *l/ha$et Sou/ of Standards S/read S/ectrum O8D' @here does S/read S/ectrum @or7I F!) ((n @ireless Technologies - *ccess Point ,Cont *rchitectures @ireless Technologies - Ser0ice Set "D *uthenticating to an *P F!) (( *uthentication @ireless Technologies - @?P @?P Pro$lems @ireless Technologies - 'ore @?P @oes

Lac7 of "ntegrity @?P Security "ssues 8re&uency 'anagement F!) (( Security Solutions F!) (5 F!) (5 *uthentication Ty/es of F!) (( Security "??? F!) ((i Standard @ireless ?*P @ireless Technologies - Common *ttac7s @ireless Technologies - @ar Dri0ing #etStum$ler ?5am/le @ireless ;econnaissance Out/ut @archal7ing Countermeasures @ireless *ttac7s @ormhole *ttac7 @ireless Technologies - @*P @ireless Technologies - @TLS i-mode 2luetooth "nstant 'essaging "' Threats "' Countermeasures "' Secure "nfrastructure Domain . ;e0ie4

Domain 1 - 'alicious Code 'alicious Code Common "nformation 8lo4 :ulnera$ilities at Different Layers Tiered #et4or7 *rchitectures Sensiti0e Data *0aila$ility Coo7ies 8ind Out @here =ou Ha0e 2een Pulling Data @e$ Ser0er ?rror Pages Common @e$ Ser0er 8la4s "m/ro/er Data :alidation Directory Tra0ersal 2uffer O0erflo4 Cross Site Scri/ting *ttac7 Common S+L "nGection *ttac7 CB" "nformation Logging *cti0ities 2est Practices *genda ,(*re *LL Patches *//liedI Patching Process Chart Patching "ssues *genda ,):irus 2oot Sector "n0asion

Ty/es of :iruses 'ore 'al4are 2lended 'al4are Hoa5es *genda ,C'al4are Protection Ty/es 'ore 2ad Stuff *ttac7 Characteristics Disclosing Data in an >nauthori<ed 'anner Co0ert Storage Channel Co0ert Timing Channel Circum0enting *ccess Controls *ttac7s *ttac7 Ty/e - ;ace Condition *ttac7ing Through *//lications Ho4 2uffers and Stac7s *re Su//osed to @or7 Ho4 a 2uffer O0erflo4 @or7s @atching #et4or7 Traffic Traffic *nalysis 8unctionally T4o Different Ty/es Dou$le 8ile ?5tensions Denial of Ser0ice Definition History of Denial of Ser0ice Denial of Ser0ice *ttac7s Ty/es of DoS *ttac7s S=# 8lood

S=# *ttac7s S=# *ttac7s Defense DDoS Distri$uted DoS DoS Tools DDoS Tool: Trin!! Other DDoS :ariations DDoS Defenses DDoS Countermeasures ;PC #ull 8ragment *ttac7 *nother Danger to 2e *4are of S/y4are #e4 S/y4are "s 2eing "dentified ?0ery @ee7 Pass4ords Pass4ord Benerators Pass4ord *ttac7s ;ain$o4 Ta$le Countermeasures for Pass4ord Crac7ing Cogniti0e Pass4ords One-Time Pass4ord *uthentication Synchronous To7en One Ty/e of Solution Synchronous Ste/s ChallengeM;es/onse *uthentication *synchronous Ste/s Cry/togra/hic 3eys Pass/hrase *uthentication

'emory Cards Smart Card Characteristics Card Ty/es Home Page HiGac7ing @e$/age Defacement Precautions Pass4ord :erifier Online *ttac7 Offline *ttac7 Salt Ping Ping of Death Session HiGac7ing *ttac7 Ste/s S/oofing 'an-in-the-'iddle ,'i'- *ttac7 'o$ile Code 4ith *cti0e Content Ty/es of 'o$ile Code *ttac7s *ttac7s and ?5/loits Ka0aScri/t and :isual 2asic Scri/t Structure and 8ocus of 'alicious Code *ttac7s 'alicious Code *ttac7s Phases of an *ttac7 ;econnaissance D#S Commands and Tools

@hois Tool Screen Ca/ture Tools S#'P Tools Port Scanning Security Pro$es - #essus *ccess and Pri0ilege ?scalation Hac7ers 'oti0ations "nternal ;is7 Defense in De/th *//lication Defenses O/erating System Defenses #et4or7 Defenses *nti-:irus Soft4are Patch 'anagement "ssues @ith Patches *utomatic Patch 'anagement Solutions :ulnera$ility 'anagement Common :ulnera$ilities #et4or7 'onitors and *naly<ers ContentMConte5t 8iltering Honey/ot Honeynet *ttac7 Pre0ention Techni&ues Safe ;eco0ery Techni&ues and Practices 8ile 2ac7u/ and ;estoration Plan

Domain 1 ;e0ie4 Course Closure