課程大綱:網絡和通信安全培訓
Understand Security Issues Related to Networks
Module Topics: OSI and TCP/IP Models, Internet Protocol (IP) Networking,
Network Topographies and Relationship, Commonly Used Ports and Protocols,
and HTTP Proxying. OSI and TCP/IP Models include OSI Model, Layer 1: Physical Layer,
Layer 2: Data-Link Layer, Layer
3: Network Layer, Layer 3 Protocols, Layer
4: Transport Layer, Layer
4 Protocols, Layer
5: Session Layer, Layer
6: Presentation Layer, Layer
6 Sublayers, Layer
6 Protocols, Layer
7: Application Layer, Layer
7 Protocols,
and TCP/IP Reference Model.
In Internet Protocol (IP) Networking you will learn about Network Classes,
IPv6, Transmission Control Protocol (TCP), User Datagram Protocol (UDP),
Internet-Intranet, Extranet, Dynamic Host Configuration Protocol (DHCP),
Internet Control Message Protocol (ICMP), Ping of Death,
ICMP Redirect Attack, Ping Scanning, Traceroute Exploitation,
and Remote Procedure Calls (RPC). In Network Topographies and Relationship
you will learn about Bus, Tree, Ring, Mesh, Star, Unicast, Multicast,
and Broadcast Transmissions, Circuit-Switched Networks,
Packet-Switched Networks, Switched Virtual Circuits (SVCs) and Permanennt Virtual Circuits (PVCs),
Carrier Sense Multiple Access (CSMA), Polling, Token Passing,Eethernet (IEEE 802.3),
Token Ring (IEEE 802.5), Fiber Distributed Data Interface (FDDI), Multiprotocol Label Switching (MPLS),
and Local Area Network (LAN). In Commonly Used Ports and Protocols
you will learn about Domain Name Service (DNS), DNS Quick Reference,
Lightweight Directory Access Protocol (LDAP), LDAP Quick Reference,
Network Basic Input Output System (NetBIOS), NetBIOS Quick Reference,
Network Information Service (NIS), NIS+, Common Internet File System (CIFS)/Server Message Block (SMB),
CIFS/SMB Quick Reference, Network File System (NFS), NFS Quick Reference,
Simple Mail transfer Protocol (SMTP) and Enhanced Simple Mail Transfer Protocol (ESMTP),
Comparing SMTP and ESMTP, File Transfer Protocol (FTP), FTP Quick Reference,
Transfer Modes, Anonymous FTP, TFTP Quick Reference, Hypertext Transfer Protocol (HTTP),
and HTTP Quick Reference. In HTTP Proxying you will learn about Anonymizing Proxies,
Open Proxy Servers, Content Filtering, HTTP Tunneling, Implication of Multilayer Protocols,
Supervisory Control and Data Acquisition (SCADA), SCADA System Components, SCADA Attacks, Defensive Actions, and Modbus.
Protect Telecommunications Technologies and Control Network Access
Module Topics for Protect Telecommunications Technologies and Control Network Access:
Converged Communications, VoIP, POTS and PBX, Cellular, and Attacks and Countermeasures.
In Converged Communications you will learn about IP Convergence, Implementation,
Fiber Channel Over Ethernet (FCoE), iSCSI, How iSCSI Works, Multi-Protocol Label Switching (MPLS), MPLS Pseudowires,
MPLS L3VPNs, MPLS VPLS, and MPLS Fast Reroute. In VoIP you will learn about Session Initiation Protocol (SIP), Packet Loss,
Jitter, Sequence Errors, and Codec Quality. In POTS and PBX you will learn about POTS, PBX,
and Cellular. In Attacks and Countermeasures you will learn about DDoS Attack for Hire,
and SIP Flooding Attacks. Module Topics for Control Network Access: Access Control and Monitoring, Operation of Hardware,
Transmission Media, Voice, Multimedia Collaboration, Open Protocols, Applications,
and Services, Remote Access, Remote Access Services, Virtual Access Services and Desktops and Data Communication.
In Access Control and Monitoring you will learn about Secure Routing/Deterministic Routing, Boundary Routers,
Non-Blind Spoofing, Blind Spoofing, Security Perimeter, Network Partitioning, Dual-Homed Host, Bastion Host,
and Demilitarized Zone (DMZ). In Operation of Hardware you will learn about Modems, Concentrators,
Front-End Processors, Multiplexers, Hubs and Repeaters, Bridges and Switches, and Routers.
In Transmission Media you will learn about Wired, Twisted Pair, Cable Categories, Unshielded Twisted Pair (UTP),
Shielded Twisted Pair (STP), Coaxial Cable, Fiber Optic, Patch Panels, Endpoint Security, and Moble Devices.
In Voice you will learn about Modems and Public Switched Telephone Networks (PSTN), and War Dialing.
In Multimedia Collaboration you will learn about Peer-to-Peer (P2P) Applications and Protocols, Remote Meeting
Technology, and Instant Messaging. In Open Protocols, Applications, and Services you will learn about Extensible
Messaging and Presence Protocol (XMPP) and Jabber, Internet Relay Chat (IRC), Tunneling Firewalls
and Other Restrictions. In Remote Access Point-to-Point Tunneling Protocol (PPTP), Layer
2 Tunneling Protocol (L2TP), Remote Authentication Dial-in User Service (RADIUS), and Simple Network Management Protocol (SNMP).
In Remote Access Services you will learn about TCP/IP Terminal Emulation Protocol (TELNET), Remote Log-in (rlogin), Remote Shell (rsh),
Remote Copy (rcp), and Screen Scraper. In Virtual Applications and Desktops you will be learn Virtual Network Terminal Services,
Telecommuting, and Other Telecommuting Considerations.
In Data Communication you will learn about Analog Communication, and Digital Communication.
Operate and Configure Network-Based Security Devices
Module Topics: The Network as a Bastion of Defense,
Firewalls and Proxies, Network Intrusion Detection/Prevention Systems,
DoS/DDoS, and Spoofing. In The Network as a Bastion of Defense you will learn about Key Concepts,
Network Security Objectives and Attack Modes, Confidentiality, Eavesdropping (Sniffing), Integrity,
Integrity, Domain Litigation, Open Mail Relay Servers, and Spam.
In Firewalls and Proxies you will learn about Firewalls, Filtering,
Network Address Translation (NAT), Port Address Translation (PAT),
Static Packet Filtering, Stateful Inspection or Dynamic Packet Filtering, Proxies,
Circuit-Level Proxy, Application-Level Proxy, and Web Proxy Servers.
In Network Intrusion Detection/Prevention Systems you will learn about Port Scanning, FIN,
NULL, and XMAS Scanning, TCP Sequence Number Attacks,
Methodology of an Attack, Network Security Tools and Tasks,
Intrusion Detection Systems (IDS), Architecture of an Intrusion Detection System (IDS),
Security Event Management (SEM)/Security Event and Incident Management (SEIM),
Scanners, Discovery Scanning, Compliance Scanning, Vulnerability Scanning and Penetration Testing,
Scanning Tools, and Network Taps. In IP Fragmentation Attacks and Crafted Packets
you will learn about Teardrop, Overlapping Fragment Attack, Source Routing Exploitation,
Smurf and Fraggle Attacks, NFS Attacks, Network News Transport Protocol (NNTP) Security,
Finger User Information Protocol, and Network Time Protocol (NTP).
In DoS/DDoS you will learn about Denial-of-Service Attack (DoS), Distributed Denial-of-Service Attack (DDoS),
and SYN Flooding. In Spoofing you will learn about IP Address Spoofing and SYN-ACK Attacks, E-Mail Spoofing,
DNS Spoofing, DNS Vulnerabilities, Manipulation of DNS Queries, Information Disclosure, and Namespace-Related Risks.
Manage LAN-Based Security and Implement and Operate Wireless Technologies
Module Topics for Manage LAN-Based Security: Separation of Data Plane and Control Plane,
Segmentation, MACsec (IEEE 802.1AE), and Secure Device Management.
In Separation of Data Plane and Control Plane you will learn about Logical Design for Control Planes.
In Segmentation you will learn about Advantages of Using VLANs, Implementing VLANs/Port-Based VLANs,
How Does Tagging Work? Tagging Rules, Other VLAN Classification Criteria, Protocol-Based VLANs,
Subnet-Based VLANs, and Common Attacks Against the Data-Link Layer.
In MACsec (IEEE 802.1AE) you will learn about How MACsec Works,
Understanding Connectivity Associations and Secure Channels,
Understanding Static Connectivity Association Key Security Mode,
and Understanding Static Secure Association Key Security Mode.
In Secure Device Management you will earn about Automated CM Tools,
Secure Shell (SSH), Simple Network Management Protocol (SNMP),
Ports Definitions, DNSSEC, New Record Types, RRset. Module
Topics for Implement and Operate Wireless Technologies: Transmission Security
and Common Vulnerabilities and Countermeasures and Wireless Security Issues.
In Transmission Security and Common Vulnerabilities and Countermeasures
you will learn about Types of Wireless Technologies,
Types of Wireless Networks, Direct-Sequence Spread Spectrum (DSSS),
Frequency-Hopping Spread Spectrum (FHSS), Orthogonal Frequency Division Multiplexing (OFDM),
Vectored Orthogonal Frequency Division Multiplexing (VOFDM),
Frequency Division Multiple Access (FDMA), and Time Division Multiple Access (TDMA).
In Wireless Security Issues you will learn about Open System Authentication, Shared Key Authentication,
Ad Hoc Mode, Infrastructure Mode, Wired Equivalent Privacy Protocol (WEP),
Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access 2 (WPA2), A “Parking Lot” Attack, Shared Key Authentication Flaw,
Service Set Identifier (SSID) Flaw, The Vulnerability of Wired Equivalent Privacy Protocol (WEP),
Attack on Temporal Key Integrity Protocol (TKIP), and Wireless Devices.
Case Study
This assignment is based on a case study that will require the student
to put into practice the knowledge they have gained through the course.
It requires the basic understanding of the topics and the ability to relate those topics to the real world.
The objective of review is to determine whether the student has understood the concepts and has performed the necessary analysis
to ensure a complete and thorough answer.
End-Of Course Assessment
加入高級會員獲得助教答疑
