Cursuri Network Security

During the course, participants will learn:

- What is denial of service attacks, Flooding, Sniffing, MIM?
- How to break from the network to the server?
- How to watch packets on the network (also running on switches)?
- Do you watch any combination of the world?
- How to monitor the network?
- How to configure a firewall?
- How to use encrypted connections?
- How to create tunnels?
- How to log packets?
- How to scan ports?
- How to reduce the number of unnecessary services on the server?

Since all applications today heavily rely on communication and networks, there is no application security without network security.

This course focuses on network security with a software security viewpoint, and discusses common network attacks and defenses on different OSI layers, with an emphasis on application layer issues, tackling topics like session management or denial of service.

As cryptography is a critical aspect of network security, the most important cryptographic algorithms in symmetric cryptography, hashing, asymmetric cryptography, and key agreement are also discussed. Instead of presenting an in-depth mathematical and theoretical background, these elements are discussed from a merely practical, engineering perspective, showing typical use-case examples and practical considerations related to the use of crypto, such as public key infrastructures. Security protocols in many areas of secure communication are introduced, with an in-depth discussion on the most widely-used protocol families such as IPSEC and SSL/TLS.

Finally, typical crypto vulnerabilities are discussed – both related to certain crypto algorithms and cryptographic protocols, such as BEAST, CRIME, TIME, BREACH, FREAK, Logjam, Padding oracle, Lucky Thirteen, POODLE and similar, as well as the RSA timing attack. In each case, the practical considerations and potential consequences are described for each problem, again, without going into deep mathematical details.

Participants attending this course will

- Understand basic concepts of security, IT security and secure coding
- Learn about network attacks and defenses at different OSI layers
- Have a practical understanding of cryptography
- Understand essential security protocols
- Understand some recent attacks against cryptosystems
- Get information about some recent related vulnerabilities
- Get sources and further readings on secure coding practices

Audience

Developers, Professionals

Audience:

System Administrators and Network Administrators as well as anyone who is interested in defensive network security technologies.

BeyondCorp is an open source Zero Trust security framework that allows employees to work securely from any location without the need for a traditional VPN.

In this instructor-led, live training, participants will learn hands-on how to set up a Zero Security system as they set up and deploy BeyondCorop in a live-lab environment.

By the end of this training, participants will be able to:

- Assess their organization's existing security model.
- Shift access controls from the perimeter to individual devices and users.
- Deploy applications using a user and device-centric authentication and authorization workflow.
- Understand, plan and implement a Zero Trust network within their organization.

Audience

- Network engineers
- Cyber security professionals
- System architects
- IT managers

Format of the Course

- Part lecture, part discussion, exercises and heavy hands-on practice

Note

- To request a customized training for this course, please contact us to arrange.

This instructor-led, live training in Moldova (online or onsite) is aimed at technical persons who wish to apply the most suitable tools and techniques to secure both telecom as well as wireless networks.

Why should you attend?

The Certified Lead Ethical Hacker training course enables you to develop the necessary expertise to perform information system penetration tests by applying recognized principles, procedures and penetration testing techniques, in order to identify potential threats on a computer network. During this training course, you will gain the knowledge and skills to manage a penetration testing project or team, as well as plan and perform internal and external pentests, in accordance with various standards such as the Penetration Testing Execution Standard (PTES) and the Open Source Security Testing Methodology Manual (OSSTMM). Moreover, you will also gain a thorough understanding on how to draft reports and countermeasure proposals. Additionally, through practical exercises, you will be able to master penetration testing techniques and acquire the skills needed to manage a pentest team, as well as customer communication and conflict resolution.

The Certified Lead Ethical Hacking training course provides a technical vision of information security through ethical hacking, using common techniques such as information gathering and vulnerability detection, both inside and outside of a business network.

The training is also compatible with the NICE (The National Initiative for Cybersecurity Education) Protect and Defend framework.

After mastering the necessary knowledge and skills in ethical hacking, you can take the exam and apply for the "PECB Certified Lead Ethical Hacker" credential. By holding a PECB Lead Ethical Hacker certificate, you will be able to demonstrate that you have acquired the practical skills for performing and managing penetration tests according to best practices.

Who should attend?

- Individuals interested in IT Security, and particularly in Ethical Hacking, to either learn more about the topic or to start a process of professional reorientation.
- Information security officers and professionals seeking to master ethical hacking and penetration testing techniques.
- Managers or consultants wishing to learn how to control the penetration testing process.
- Auditors wishing to perform and conduct professional penetration tests.
- Persons responsible for maintaining the security of information systems in an organization.
- Technical experts who want to learn how to prepare a pentest.
- Cybersecurity professionals and information security team members.

OpenVAS is an advanced open source framework which consists of several services and tools for network vulnerability scanning and management.

In this instructor-led, live training, participants will learn how to use OpenVAS for network vulnerability scanning.

By the end of this training, participants will be able to:

- Install and configure OpenVAS
- Learn the fundamental features and components of OpenVAS
- Configure and implement network vulnerability scans with OpenVAS
- Review and interpret OpenVAS scan results

Audience

- Network engineers
- Network administrators

Format of the course

- Part lecture, part discussion, exercises and heavy hands-on practice

Note

- To request a customized training for this course, please contact us to arrange.

This instructor-led, live training in Moldova (online or onsite) is aimed at developers who wish to prevent malware intrusion with Palo Alto Networks.

By the end of this training, participants will be able to:

- Set up the necessary development environment to start developing firewalls.
- Deploy a Palo Alto firewall in a cloud server.
- Manage packet flow through Palo Alto firewalls.
- Interpret QoS classifications and types.

This instructor-led, live training in Moldova (online or onsite) is aimed at software testers who wish to protect their organization's network with Nmap.

By the end of this training, participants will be able to:

- Set up the necessary testing environment to start using Nmap.
- Scan network systems for security vulnerabilities.
- Discover active and vulnerable hosts.

This instructor-led, live training in Moldova (online or onsite) is aimed at security engineers and system administrators who wish to use FortiGate NGFW's advanced security-driven network systems to protect their organization from internal and external threats.

By the end of this training, participants will be able to:

- Install and configure the preferred FortiGate NGFW software and hardware model.
- Operate and employ FortiGate NGFW to improve the efficiency of system administration tasks.
- Manage various forms of external and internal threats using FortiGate features.
- Integrate FortiGate security fabric with the entire IT infrastructure to provide quick automated protection.
- Ensure long-term protection from attacks with independent and continuous FortiGate threat intelligence.
- Troubleshoot the most common firewall system setup errors relevant to FortiGate NGFWs.
- Implement Fortinet security solutions in other enterprise applications.