0800 282 353 or +44 1372 364610
TRAINING YOU CAN TRUST
 
 

Vulnerability Assessment: Protecting Your Organisation

Exposing Network Weaknesses
 
Course: 589   Type: Hands-On Training   Duration: 4 Days
 
 

You Will Learn How To

  • Detect and respond to vulnerabilities that put your organisation at risk using scanners
  • Employ real-world exploits and evaluate their effect on your systems
  • Configure vulnerability scanners
  • Analyse the results of vulnerability scans
  • Assess vulnerability alerts and advisories
  • Establish a strategy for vulnerability management

Course Benefits

Knowledge of vulnerability assessment and hacking techniques allows you to detect vulnerabilities before your networks are attacked. In this course, you learn to configure and use vulnerability scanners to detect weaknesses and prevent network exploitation. You acquire the knowledge to assess the risk to your enterprise from an array of vulnerabilities and to minimise your exposure to costly security breaches.

Who Should Attend

Security auditors, firewall/IDS personnel, PCI security testers, network managers and others involved in securing enterprise systems. Experience with network security at the level of Course 468, "System and Network Security Introduction", is assumed. A working knowledge of TCP/IP is also assumed.

Hands-On Training

Exercises provide you with practical experience assessing vulnerabilities and include:
  • Configuring scanners
  • Port scanning and enumeration
  • Scanning infrastructure, servers and desktops
  • Exploiting browsers, IDS, SQL and buffer overflows
  • Investigating and preventing spyware
  • Creating custom vulnerability tests
  • Performing a risk assessment
  • Interpreting scanning reports
  • Identifying false positives and negatives
  • Comparing scanner results

Related Courses

  • 367 TCP/IP Comprehensive Introduction
  • 537 Ethical Hacking and Countermeasures
  • 940 Securing Web Applications, Services and Servers
  • 289 Disaster Recovery Planning
  • 288 Change Management: People and Process
  • 599 Securing Windows Server 2003
  • 536 Computer Forensics and Incident Response
  • 433 UNIX and Linux Security

   Vulnerability Assessment

Upcoming Dates

23 - 26 Sep, 2008
London
16 - 19 Dec, 2008
London
27 - 30 Jan, 2009
Edinburgh
10 - 13 Mar, 2009
London
2 - 5 Jun, 2009
London
14 - 17 Jul, 2009
Edinburgh
18 - 21 Aug, 2009
London

For complete schedule, please visit www.learningtree.co.uk
 
http://www.learningtree.co.uk/courses/uk589.htm
 
 
0800 282 353 or +44 1372 364610
TRAINING YOU CAN TRUST
 
 

Vulnerability Assessment: Protecting Your Organisation

Exposing Network Weaknesses
 
Course: 589   Type: Hands-On Training   Duration: 4 Days
 
 
Course Content
 

Fundamentals

Introduction

  • Defining vulnerability, exploit, threat and risk
  • Identifying the goals of assessments
  • Creating a vulnerability report
  • Conducting an initial scan
  • Common Vulnerabilities and Exposure (CVE) list

Scanning and exploits

  • Vulnerability detection methods
  • Types of scanners
  • Port scanning and OS fingerprinting
  • Enumerating targets to test information leakage
  • Types of exploits: worm, spyware, backdoor, rootkits, Denial of Service (DoS)
  • Deploying exploit frameworks

Analysing Vulnerabilities and Exploits

Uncovering infrastructure vulnerabilities

  • Scanning the infrastructure
  • Uncovering switch weaknesses
  • Vulnerabilities in Ethereal and Wireshark
  • Network management tool attacks

Attacks against firewalls and IDS

  • Firewall weaknesses
  • Identifying the Snort IDS buffer overflow
  • Corrupting memory with format string errors

Exposing server vulnerabilities

  • Scanning servers: assessing vulnerabilities on your network
  • Canonicalisation and privilege escalation
  • Catching input validation errors
  • Performing buffer overflow attacks
  • SQL injection
  • Cross-site scripting (XSS) and cookie theft

Revealing desktop vulnerabilities

  • Scanning for desktop vulnerabilities
  • Client buffer overflows
  • Silent downloading: spyware and adware
  • Attacking cross-application vulnerabilities
  • Identifying browser plug-in weaknesses

Configuring Scanners and Generating Reports

Implementing scanner operations and configuration

  • Choosing credentials, ports and dangerous tests
  • Identifying dependencies
  • Preventing false negatives
  • Creating custom vulnerability tests
  • Fixing Nessus scans
  • Handling false positives

Creating and interpreting reports

  • Filtering and customising reports
  • Interpreting differential reports
  • Contrasting the results of different scanners
  • Producing a differential report

Assessing Risks in a Changing Environment

Researching alert information

  • Using the National Vulnerability Database (NVD) to find relevant vulnerability and patch information
  • Evaluating and investigating security alerts and advisories
  • Determining vulnerability severity
  • Employing the Common Vulnerability Scoring System (CVSS)

Identifying factors that affect risk

  • Evaluating the impact of a successful attack
  • Calculating vulnerability severity
  • Weighing important risk factors
  • Performing a risk assessment

Managing Vulnerabilities

The vulnerability management cycle

  • Applying a vulnerability process
  • Standardising scanning with Open Vulnerability Assessment Language (OVAL)
  • Patch and configuration management

Vulnerability controversies

  • Rewards for vulnerability discovery
  • Bounties on hackers
  • Legal issues and disclosure
 
http://www.learningtree.co.uk/courses/uk589.htm
 
 
0800 282 353 or +44 1372 364610
TRAINING YOU CAN TRUST
 
 

Vulnerability Assessment: Protecting Your Organisation Tuition

Exposing Network Weaknesses
 
Course: 589   Type: Hands-On Training   Duration: 4 Days
 
 

Course 589 Tuition

£ 1,695Standard Tuition
Tuition with a Savings Plan
£ 98010-Day Training Pass
£ 915Flex-Training Pass
£ 1,46010-Training Vouchers
£ 1,5605-Training Vouchers
£ 1,525Alumni Gold Tuition

Your Course Fee Entitles You To...

  • Class participation
  • Team workshops
  • Use of in-class hands-on equipment
  • Comprehensive course materials
  • Morning and afternoon refreshments
  • Lunch
  • Course Completion Certificate
  • FREE participation in the Learning Tree Professional Certification Programmes (including related exams)
  
 

Tuition Savings Plans

Flex-Training Pass
  • 3 Courses for £2 750
  • As little as £915
  • Savings as much as 50%
  • 3 courses in 24 months
10-Day Training Pass
  • Save as much as £770 per course
  • Any combination of courses
  • Only £2,450
Training Vouchers
  • Save as much as £535 per course
  • Fully transferable
  • As low as £1,460 per course
Alumni Gold Discount Attend your first course and you will receive a personalised Alumni Gold Discount card, entitling you to save as much as £200 on each course you take in the following 24 months. Take just one course every two years, and you will be entitled to ongoing discounts...year after year. You save 10%.
* Exact savings may vary depending on courses selected.

Your Guarantee of Satisfaction

Unless you feel 100% satisfied that Learning Tree delivered even more than you expected, there is no fee for your course attendance. Our Guarantee of Quality lets you experience the value of the course - and then pay only if you feel the course was well worth the fee.

Enrolling is Easy and Flexible!

Enrol by phone or online. If your plans change, just let us know and, without a fee, you can transfer to another course or cancel your enrollment. Pay after you've taken the course, and then only if you are 100% satisfied.
 
http://www.learningtree.co.uk/courses/uk589.htm