Preferred method of contact:

Defending the Perimeter from Cyber Attacks — GCHQ Certified Training

COURSE TYPE

Intermediate

Course Number

2010

Duration

4 Days

PDF Add to WishList

Ensure the confidentiality, integrity, and availability of your organization’s information by protecting your communications and data. In this training course, you learn how to define and implement security principles, install and customize secure firewalls, build Virtual Private Network (VPN) tunnels, and safeguard your organization’s network perimeter against malicious attacks.

You Will Learn How To

  • Fortify your network perimeter to provide an integrated defence
  • Prevent or mitigate the effects of network attacks with a firewall
  • Detect and respond to network attacks with Intrusion Detection and Prevention (IDP)
  • Design, instal, and configure secure Virtual Private Networks (VPNs)
  • Mitigate the impact of Denial-of-Service (DoS) attacks

Important Course Information

Recommended Experience:

  • Basic security knowledge at the level of:
    • Course 468, System and Network Security Introduction
  • Working knowledge of TCP/IP and client server architecture

GCHQ Certified Training and Exam Information:

  • This is a GCHQ Certified Training (GCT) course. GCHQ Certified Training has been recognised for excellence by a UK Government developed cyber security scheme. GCT is part of the UK Government’s initiative to address the shortage of skilled cyber security professionals. The GCT scheme is underpinned by the industry respected IISP framework and assesses the quality of the course materials and the Instructors’ delivery of the course against GCHQ’s exacting standards.
  • Successful completion of the end of course exam will gain you an independent APMG-International GCT certification award.

Course Outline

  • Setting Your Security Objectives

Defining security principles

  • Ensuring data Confidentiality, Integrity and Availability (CIA)
  • Assessing defensive techniques
  • Setting a generic security stance

Developing a security policy

  • Balancing risk with business requirements
  • Identifying your information assurance objectives
  • Choosing security technologies
  • Deploying a Secure Firewall

Installing a firewall

  • Determining the appropriate firewall type
  • Selecting and hardening the operating system
  • Virtualising the firewall appliance

Configuring a firewall to support outgoing services

  • Supporting simple services: HTTP, SMTP
  • Filtering dangerous content and handling encrypted traffic
  • Managing complex services: VoIP, audio and video

Providing external services securely

  • Implementing publicly accessible servers
  • Building a DMZ architecture
  • Supporting SMTP mail

Allowing access to internal services

  • Customising DNS for firewall architectures
  • Configuring Network Address Translation (NAT)
  • Developing access lists for client server applications
  • Detecting and Preventing Intrusion

Deploying an IDS

  • Placing Network IDS (NIDS) within your network architecture
  • Operating sensors in stealth mode

Detecting intrusions in the enterprise

  • Designing a multi-layer IDS hierarchy
  • Managing distributed IDS

Interpreting alerts

  • Verifying IDS operation
  • Minimising false positives and negatives
  • Validating IDS events and recognising attacks

Stopping intruders

  • Exploiting IDS active responses
  • Snipping a TCP session
  • Controlling access with a firewall update
  • Configuring Remote User Virtual Private Networks (VPNs)

Building VPN tunnels

  • Compulsory vs. voluntary tunnels
  • Supporting remote users with layer 2 tunnels
  • Connecting remote sites with layer 3 tunnels

Deploying client software

  • Assessing remote access VPN alternatives
  • Implementing remote user authentication
  • Leveraging Layer 2 Tunneling Protocol (L2TP)
  • Protecting L2TP tunnels with IPsec Transport Mode
  • Creating Site-to-Site VPNs

Applying cryptographic protection

  • Ensuring confidentiality with symmetric encryption
  • Exchanging symmetric keys with asymmetric encryption
  • Checking message integrity with hashing
  • Managing digital certificates with PKI

Comparing tunnelling and protection methods

  • Employing VPN concentrators and VPN-capable routers
  • Applying IPsec Tunnel Mode
  • Assessing tunnelling protocols
  • Evaluating VPN topologies
  • Integrating Perimeter Defences

Reducing the impact of denial-of-service (DoS) attacks

  • Mitigating bombardment attacks
  • Rejecting connection-based attacks with IPSs
  • Blackholing and sinkholing
  • Implementing a DoS Defence System (DDS)
  • Blacklisting attack sites and address ranges

Perimeter architectures

  • Integrating IDS and VPNs with your firewall architecture
  • Positioning externally accessible servers
  • Monitoring and controlling wireless networks
Show complete outline
Show Less

Convenient Ways to Attend This Instructor-Led Course

Hassle-Free Enrolment: No advance payment required to reserve your seat.
Tuition Fee due 30 days after you attend your course.

In the Classroom

Live, Online

Private Team Training

In the Classroom — OR — Live, Online

Tuition Fee — Standard: £2095  

16 - 19 Jan (4 Days)
9:00 AM - 4:30 PM GMT
London / Online (AnyWare) London / Online (AnyWare) Reserve Your Seat

How would you like to attend?

Live, Online
In-Class

1 - 4 May (4 Days)
9:00 AM - 4:30 PM BST
London / Online (AnyWare) London / Online (AnyWare) Reserve Your Seat

How would you like to attend?

Live, Online
In-Class

11 - 14 Sep (4 Days)
9:00 AM - 4:30 PM BST
London / Online (AnyWare) London / Online (AnyWare) Reserve Your Seat

How would you like to attend?

Live, Online
In-Class

AFTERNOON START: Attend these live courses online via Anyware

20 - 23 Feb (4 Days)
2:00 PM - 9:30 PM GMT
Herndon, VA / Online (AnyWare) Herndon, VA / Online (AnyWare) Reserve Your Seat

How would you like to attend?

Live, Online
In-Class

7 - 10 Aug (4 Days)
2:00 PM - 9:30 PM BST
Herndon, VA / Online (AnyWare) Herndon, VA / Online (AnyWare) Reserve Your Seat

How would you like to attend?

Live, Online
In-Class

Guaranteed to Run

Private Team Training

Enroling at least 3 people in this course? Consider bringing this (or any course that can be custom designed) to your preferred location as a private team training.

For details, call 0800 282 353 or Click here »

Tuition Fee

Standard

In Classroom or
Online

Standard

£2095

Private Team Training

Contact Us »

Course Tuition Fee Includes:

After-Course Instructor Coaching
When you return to work, you are entitled to schedule a free coaching session with your instructor for help and guidance as you apply your new skills.

Free Course Exam
You can take your Learning Tree course exam on the last day of your course or online at any time after class and receive a Certificate of Achievement with the designation "Awarded with Distinction."

Prev
Next

Training Hours

Standard class hours:
9:00 a.m. - 4:30 p.m.

Last day class hours:
9:00 a.m. - 3:30 p.m.

Free Course Exam – Last Day:
3:30 p.m. - 4:30 p.m.

Each class day:
Informal discussion with instructor about your projects or areas of special interest:
4:30 p.m. - 5:30 p.m.

AFTERNOON START class hours:
2:00 p.m. - 9:30 p.m.


Last day class hours:
2:00 p.m. - 8:30 p.m.


Free Course Exam – Last Day:
8:30 p.m. - 9:30 p.m.


Each class day:
Informal discussion with instructor about your projects or areas of special interest
9:30 p.m. - 10:30 p.m.

Enhance Your Credentials with Professional Certification

Learning Tree's comprehensive training and exam preparation guarantees that you will gain the knowledge and confidence to achieve professional certification and advance your career.

This course is approved by CompTIA for continuing education units (CEUs). For additional information and to confirm which courses are eligible towards your CompTIA certification, click here.

Learning Tree Courses mapped to the Industry respected IISP Skills Framework and assessed against the exacting standards of GCHQ. Read more ...

- ,

Prev
Next
Chat Now

Please Choose a Language

Canada - English

Canada - Français