Tactical Perimeter Defense (SC0-451)

Introduction

This course is the official course for the Security Certified Program SC0-451 certification exam. The Tactical Perimeter Defense course is designed to provide network administrators and certification candidates with hands-on tasks on the most fundamental perimeter security technologies. The network perimeter is often the first line of defense in an organization’s network, and this course covers the issues every administrator must be familiar with.

After this course, students will be able to:

  • Describe the core issues of building a perimeter network defense system.
  • Investigate the advanced concepts of the TCP/IP protocol suite.
  • Secure routers through hardening techniques and configure Access Control Lists.
  • Design and configure multiple firewall technologies.
  • Examine and implement IPSec and Virtual Private Networks.
  • Design and configure an Intrusion Detection System.
  • Secure wireless networks through the use of encryption systems.

Course Outline

Lesson 1: Network Defense Fundamentals

  • Topic 1A: Network Defense
  • Topic 1B: Defensive Technologies
  • Topic 1C: Objectives of Access Control
  • Topic 1D: The Impact of Defense
  • Topic 1E: Network Auditing Concepts


Lesson 2: Advanced TCP/IP

  • Topic 2A: TCP/IP Concepts
  • Topic 2B: Analyzing the Three-way Handshake
  • Topic 2C: Capturing and Identifying IP Datagrams
  • Topic 2D: Capturing and Identifying ICMP Messages
  • Topic 2E: Capturing and Identifying TCP Headers
  • Topic 2F: Capturing and Identifying UDP Headers
  • Topic 2G: Analyzing Packet Fragmentation
  • Topic 2H: Analyzing an Entire Session


Lesson 3: Routers and Access Control Lists

  • Topic 3A: Fundamental Cisco Security
  • Topic 3B: Routing Principles
  • Topic 3C: Removing Protocols and Services
  • Topic 3D: Creating Access Control Lists
  • Topic 3E: Implementing Access Control Lists
  • Topic 3F: Logging Concepts


Lesson 4: Designing Firewalls

  • Topic 4A: Firewall Components
  • Topic 4B: Create a Firewall Policy
  • Topic 4C: Rule Sets and Packet Filters
  • Topic 4D: Proxy Server
  • Topic 4E: The Bastion Host
  • Topic 4F: The Honeypot


Lesson 5: Configuring Firewalls

  • Topic 5A: Understanding Firewalls
  • Topic 5B: Configuring Microsoft ISA Server 2006
  • Topic 5C: IPTables Concepts
  • Topic 5D: Implementing Firewall Technologies


Lesson 6: Implementing IPSec and VPNs

  • Topic 6A: Internet Protocol Security
  • Topic 6B: IPSec Policy Management
  • Topic 6C: IPSec AH Implementation
  • Topic 6D: Combining AH and ESP in IPSec
  • Topic 6E: VPN Fundamentals
  • Topic 6F: Tunneling Protocols
  • Topic 6G: VPN Design and Architecture
  • Topic 6H: VPN Security
  • Topic 6I: Configuring a VPN


Lesson 7: Designing an Intrusion Detection System

  • Topic 7A: The Goals of an Intrusion Detection System
  • Topic 7B: Technologies and Techniques of Intrusion Detection
  • Topic 7C: Host-based Intrusion Detection
  • Topic 7D: Network-based Intrusion Detection
  • Topic 7E: The Analysis
  • Topic 7F: How to Use an IDS
  • Topic 7G: What an IDS Cannot Do


Lesson 8: Configuring an IDS

  • Topic 8A: Snort Foundations
  • Topic 8B: Snort Installation
  • Topic 8C: Snort as an IDS
  • Topic 8D: Configuring Snort to Use a Database
  • Topic 8E: Running an IDS on Linux


Lesson 9: Securing Wireless Networks

  • Topic 9A: Wireless Networking Fundamentals
  • Topic 9B: Wireless LAN (WLAN) Fundamentals
  • Topic 9C: Wireless Security Solutions
  • Topic 9D: Wireless Auditing
  • Topic 9E: Wireless Trusted Networks