Overview:

Knowing where your organization’s network is most vulnerable and maintaining the ability to assess and investigate threats to the network requires on-going learning and skills upgrading.

This four day Network Security Training Program gives the student hands on exposure to the most basic through to the most advanced threats facing any network. The course is constantly updated to ensure attendees are exposed to the latest vulnerability and threat information and exploit techniques. This program is for anyone responsible for securing networks and individuals responsible for investigating network intrusions.

In this information packed course you will be presented with lectures, practical demonstrations and lab sessions using the latest tools and methods of network attacks. You will be given a number of opportunities to test your newly acquired knowledge and skills.

Features:

During the four content filled training days, you will learn where your network is most vulnerable, how to quantitatively assess risks to information assets, concepts and  techniques used by malicious hackers and how to use selected tools to help your organization defend against intrusions.

Course Outline:

• Understanding TCP/IP
• Network Devices Overview
• ARP Attacks
• Port Scanning and OS Detection
• Enumeration and System Hardening
• Password Attacks
• Installing and Using Nessus Security Scanner
• Reverse Tunneling
• Attacking Microsoft IIS
• SQL Injection
• Microsoft SQL Server Attacks
• Privilege Escalation
• Attacking PHP
• Cross-Site Scripting
• Client Side Exploitation
• Exploitation Frameworks

Benefits:

• Over 30 total years of experience in Security, Consulting and Infrastructure
• Digital Boundary Group has performed security assessments/audits and penetration testing for over 250 North American clients since 2003.
• We have also developed and delivered Network Security Training programs to Municipal Government, Law Enforcement, Utilities, Financial Services, Insurance, Healthcare, Manufacturing, Professional Services and Education sectors.

Our training programs along with courseware are produced by our Security team. The program itself will be run by a Senior Security Specialist with 20+ years’ experience in security consulting, ethical hacking and prevention methodology.

Overview:

A hands-on security course that teaches students how to harden, monitor and protect Microsoft Windows-based networks. This hardening course is based on more than 10 years of security assessment and penetration testing experience. This course goes beyond theory and best practices and delivers proven, field-tested solutions for hardening, and monitoring and protecting Microsoft Windows-based networks. Students will learn in a hands-on environment that resembles a real world network consisting of Windows 2003/2008 Servers, Windows XP and Windows 7 clients, Exchange, SQL Server, ISA Server, IIS Server and more. Students will learn effective countermeasures to defend against modern attack tools and techniques. Upon completion of the course, students will be able to develop hardened, chaos tolerant networks that are resistant to present and future threats. Students will install and configure a host and network intrusion detection system utilizing Syslog, Snort and Windows Events. Students can export the configuration files for easy deployment in their own networks.

Features:

Students will harden a network consisting of:

• Microsoft Exchange
• Outlook Web Access
• Microsoft ISA Server
• Microsoft IIS
• Microsoft Windows XP/Windows 7 Clients
• Microsoft Windows Server 2003/2008
• Microsoft SQL Server
• Microsoft Software Update Services
• Firewall

Course Outline:

• Review of Common Exploitation Techniques
• Information Gathering and Prevention
• Active Directory Group Policies
• User Account and Password Management
• Authentication Mechanisms
• Auditing
• Event Logs
• Vulnerability Scanning Tools and Procedures
• Log Monitoring and Alerting
• Host Intrusion Detection
• Network Intrusion Detection
• Securing Services and Service Accounts
• Host Firewall Configuration
• Network Traffic Analysis
• Proxy Server
• File System Security
• Patch Management Solutions
• Software Restriction Policy
• Software Deployment through Group Policy

Benefits:

• Over 30 total years of experience in Security, Consulting and Infrastructure
• Digital Boundary Group has performed security assessments/audits and penetration testing for over 250 North American clients since 2003.
• We have also developed and delivered Network Security Training programs to Municipal Government, Law Enforcement, Utilities, Financial Services, Insurance, Healthcare, Manufacturing, Professional Services and Education sectors.

Testing:

A final lab scenario consisting of two phases:

Phase one: Tests the Student's ability to implement a host and network intrusion detection system on a virtual Windows network. Students must identify intrusion attempts by running a set of automated attacks.

Phase two: Tests the Student's ability to harden a virtual Windows network using the various techniques learned during the class. A set of automated attacks will attempt to break into the network, indicating success or failure of successful hardening.

Overview:

Focused upon the best and most successful Open Source projects currently available, students learn how to leverage the benefits of Open Source solutions through step-by-step hands-on instruction. This course is designed for Windows System Administrators and anyone responsible for network and system security with no previous Linux experience.  This introductory course teaches students practical applications of Open Source tools within their existing Windows environment.

The course begins with an introduction to Linux command shell and basic system administration.  Students implement a virtual network secured by a powerful edge firewall featuring enterprise class capabilities.  Because over 70% of reported intrusions originate internally, course topics focus on reducing the attack surface of Windows hosts by adding Open Source security layers and detect anomalous network activity through event collection, filtering and notification.

Some of the Open Source security layers include a Proxy server with web content filtering. A network intrusion detection sensor with instant notifications and no false positives. A central event logging server capable of reporting anomalous activity from key infrastructure servers and network devices. And a well known host-based intrusion detection system that monitors service activity, log file output, registry activity and system performance.

By the end of the course students have the necessary skills to install a basic Linux Server, configure Open Source tools to secure a Windows network and detect anomalous activity.

Features:

This course features security pillars no network should be without. It begins with a secure and powerful firewall implementation featuring enterprise class capabilities typically costing thousands of dollars from leading commercial vendors. Secondly, an accurate network intrusion detection sensor makes false positives a distant memory with the added benefit of instant notification. Iron clad security benefits of a Proxy server, layered with web content filtering and anti-virus scanning are also covered. Much improved email gateway security through the use of MTA coupled with anti-virus scanning thus eliminating typical MS Exchange attack surface. And, an SSL based VPN implementation with the proven security of Public Key Infrastructure by way of SSL client certificates and two-factor software token authentication. Students are immersed in a VMWare virtual network. Through live demonstrations, class discussions and hands-on labs, students are introduced to Open Source and taught how to install, configure and implement Open Source tools to secure a typical Windows network.

Students will harden a network consisting of:

• VMWare Workstation
• Ubuntu Linux
• Vyatta Firewall
• Squid Proxy Server
• Content Inspection
• SMTP Email Gateway Antivirus
• Virtual Private Network
• Intrusion Detection
• Logging
• OSSEC-HIDS
• Web Application scanning and Clam-AV Anti-virus

Benefits:

• Over 30 total years of experience in Security, Consulting and Infrastructure
• Digital Boundary Group has performed security assessments/audits and penetration testing for over 250 North American clients since 2003.
• We have also developed and delivered Network Security Training programs to Municipal Government, Law Enforcement, Utilities, Financial Services, Insurance, Healthcare, Manufacturing, Professional Services and Education sectors.

Testing:

Final Hacking Attack Exercise:

Students will be challenged with a hacking attack exercise whereby a number of unknown automated attacks will occur against select virtual hosts. Students will be given limited time to apply appropriate configuration changes against virtual hosts to detect and notify of attacks. Upon completion of the exercise Students will be asked to identify attack targets and the purpose of each attack event.

Overview:

Minimize your organization's operational risks and financial loss due to the lack of awareness in information security best practices. Our online end-user security awareness course has been designed by our information security and instructional experts to conform to the internal needs of our clients. These practices have been implemented and tested repeatedly in the private and public sectors to ensure that policies and content are adaptable and exclusively available for your organization.

Features:

Providing a permanent, comprehensive, measurable, global approach to your organization's end-user security needs, this course will impart a homogenous level of knowledge that will reinforce good information security habits.

This will be accomplished by:

• Offering cutting-edge content, based upon real-world scenarios and current issues
• Having adaptable lesson plans that can be tailored to any organization's needs
• Always conforming with industry standards and laws
• Allowing for installation on various platforms (LMS)
• Providing a complete glossary, audio, and post course quizzes to measure and track awareness levels, and as an extra incentive, a follow-up schedule of security awareness newsletters

Benefits:

• Over 30 total years of experience in Security, Consulting and Infrastructure
• Digital Boundary Group has performed security assessments/audits and penetration testing for over 250 North American clients since 2003.
• We have also developed and delivered Network Security Training programs to Municipal Government, Law Enforcement, Utilities, Financial Services, Insurance, Healthcare, Manufacturing, Professional Services and Education sectors.

Inclusions:

Complete customizable internal communications program available, featuring links to any organization's policies and content.