Some of the benefits of Enterprise Security Architecture and Design Online are:

• Attend the exact same course as the Instructor-Led Enterprise Security Architecture and Design Online course in an online format.
• Interact with over 44 online modules, taught by an expert instructor at your leisure via the Internet at home or work.
• We ship you a number of Virtual Machines (VMs) pre-installed with hundreds of tools and scripts that you use to perform over 21 hands-on lab exercises. These are the same lab exercises as the instructor-led class.
• Get online guidance while you perform the lab exercises, the labs have been recorded from start to finish.

A detailed outline of this course follows:

Module 1-Human Factors of Security:

The human factors that make implementing security difficult; Primary personality types
encountered and their motivations for (or against) security initiatives; how social awareness can help corporate security efforts succeed.

Module 2Objectives of Security:

The Active Defense approach to security "Defense in Depth model" Interaction between written and electronic policy; Layered approach to security including Perimeter Security, Network Security, Host Based Security, and Human Awareness

Module 3What The Hackers Know:

Information on some of the quick and easy tools available for finding information that can be used in a more coordinated attack by hackers; Some common tools that identify network assets; How to show both technical and business managers the amount of information that is exposed via the network

LabCHEOPS, Site TelePort Pro, NTOP, NmapFE, KMAP

Module 4Enemies and Their Motivation:

The most common hacker personality types; The reasons they participate in these activities;
Common targets for these individuals

Module 5Assessing Vulnerabilities:

Practical application of risk assessment to an organization; Basic understanding of vulnerability
categories; Conducting an assessment; Commonly found weak links in an assessment; Reviewing how breaking into your own network can be a practical way to get an accurate assessment of your risk

LabVulnerability Assessment, exploit usage and windows password weaknesses

Module 6Objectives of Risk Management:

dentifying specific areas where safeguards are needed to prevent deliberate or inadvertent unauthorized disclosure, modification, or unauthorized use of information, and denial of service

Module 6Objectives of Risk Management:

dentifying specific areas where safeguards are needed to prevent deliberate or inadvertent unauthorized disclosure, modification, or unauthorized use of information, and denial of service

• How much protection is required
• How much exists
• The most economical way of providing it
• Reducing the identified risk to an acceptable level

LabRisk Assessment and Costs

Module 7Defining Security Policy:

Developing computer security policies and procedures for Corporations that have systems connected to the Internet. Provide practical guidance to administrators trying to secure their information and services.

Module 8Developing Electronic Policy:

Security tools by and large require that you create electronic policies from the written security policy in order to enforce compliance on the network we examine e-policies, often referred to as electronic or enforceable policies, and how they are used.

Module 9Policy Enforcement with Technology:

Keeping the organization in compliance with their policies; Training and awareness programs; Enforcement using technical tools, Checking compliance and enforcing policy

LabResponding to CERT Alerts

Module 10Electronic Policy Baselines for Systems:

Developing good security through system baselines; Using scripts to automate baseline implementation; Tools for detecting system changes

Lab-Security Configuration Manager

Module 11Structured Monitoring:

dentifying policy and procedures; Log procedures using the Defense in Depth model; Identifying Critical and Weak link systems; Centralized, Remote, and
Decentralized Monitoring; Hardening the Monitoring Stations; Minimizing Management Consoles

Module 12Intrusion Detection and Centralized Monitoring:

Setup of a centralized monitoring system for a corporation; Identify cost effective placement of
monitoring devices; Remote administration of monitoring systems

LabSnort & Packet Analysis

Module 13 Overcoming Difficulty in Monitoring:

Intrusion Detection: Differentiation of what is relevant to the Intrusion sequence, what is not relevant, and what is not part of the sequence.

LabAnalyzing Attacks

Module 14Identifying Attack Signatures:

• Identifying signature by category of attack
• Identifying normal attack flow
• Identifying inspection and evasion of IDS
• Identifying potential false positives of IDS
• Identifying limitations in IDS monitoring

Module 15Justifying the Cost of Security:

A business case is made for Return of Security Investment by showing some areas where security saves money on labor and other items.

Module 16Incident Investigation Methods:

Incident investigation: the process, tools, and methods

• Avoiding contaminating evidence
• Definitions of common response terms
• Identification of business and legal considerations
• Understanding of the time sensitivity of response

Module 17Understanding the Logs:

Tools and methods for identifying critical information contained in the log files

LabIIS Log Analysis

Module 18Security Planning for Electronic Business:

Overview of the considerations necessary to securely and successfully implement electronic business over the Internet. Identifying the business structure required for conducting electronic business, identifying and minimizing the threats to electronic commerce, including threats that may involve electronic commerce partners.

Click here to get more information about this class!