Controlling Network Access: Hands-On

Frequently Asked Questions

What is this course about? As enterprises expand, networks are exposed to increasing amounts of traffic that can pose a threat to mission-critical data. The ability to control internal and external access is vital in establishing a secure architecture. This hands-on course takes you from the perimeter of the network to the inside and covers the required and best practices for controlling network access at all levels of the enterprise. Who will benefit from this course? This course is ideal for those responsible for configuring routers and switches or controlling access to and from remote sites. Targeted class attendees include network engineers, firewall engineers, security architects, system engineers, network and system administrators, and computer security officers. This course is valuable for those directly involved with an organization's security. What background do I need? Knowledge of networking and security fundamentals at the level of Course 468, System and Network Security: A Comprehensive Introduction, is assumed. Experience with the TCP/IP protocol is helpful but not required. Is this course focused exclusively on Network Access Control (NAC)? No. This course goes into great detail on NAC. However, NAC is but one element of a total access control architecture. The main focus of this course is on the processes and methodologies needed to implement effective security best practices across both large and small enterprises. Will I learn how to configure Intrusion Prevention Systems? This course covers the requirements to deploy and maintain network and host intrusion prevention systems (IPS). This course focuses on interpreting your organization's security policy in terms of access control, which includes identifying high risk traffic and isolating or segmenting it to mitigate risk. Does this course focus specifically on Linux- or Windows-based systems? Through the application of Windows, Linux and UNIX systems, this course demonstrates software appliances in a variety of operating system formats. Will I learn about protecting Web servers and services? Yes. This course covers best practices and recommendations for deploying and controlling access to both Web servers and services. Will this course help me prepare for the CompTIA Security+ Certification Exam? Some sections of this course address elements covered in the exam. However, this course is not designed to prepare you for this exam. For a course that provides in-depth review of the terminology and the five domains included in the exam, please see Course 446, Preparing for the CompTIA Security+™ Certification Exam. Will this course help me prepare for the CISSP Certification examination? Although not intended for exam preparation, this course does deal with some aspects of the CISSP Certification exam. Learning Tree plans to introduce a CISSP Exam preparation course in May: Course 958, The (ISC)2 CISSP CBK Review Seminar. How much time is spent on each topic? Content Hours Establishing a Secure Framework 2.5 Fortifying the Perimeter 3.5 Strengthening Gateway Defense 3.5 Implementing Network Intrusion Prevention 2.5 Filtering Content 2.0 Protecting the Infrastructure 2.0 Network Access Control (NAC) 3.0 Securing Remote Access 3.0 The Future of Access Control 1.0 Times, including the workshops, are estimates; exact times may vary according to the needs of each class. How much of this course is hands-on? Approximately 40 percent of the course is spent participating in hands-on exercises that are designed to give you confidence and experience deploying access control procedures. Exercises include the following: Configuring routers and switches to support advanced filtering Hardening perimeter devices Deploying a Web-application firewall Implementing a network-based IPS to mitigate or stop simulated attacks Filtering protocols and Web-based content Defeating zero-day attacks with host-based IPS Applying NAC solutions Securing remote access with VPN technology Will this course teach me how to support remote users? Yes. The course covers SSL and IPsec Virtual Private Networks (VPNs) deployment and implementation to support remote users. How does this course relate to other Learning Tree courses? Course 468, System and Network Security: A Comprehensive Introduction, provides a detailed introduction to analyzing the security risks to your computer and network systems-the fundamental knowledge you need for Course 941 Course 589, Vulnerability Assessment: Protecting Your Organization, identifies risks to your systems by applying exploits and running vulnerability scans Course 367, TCP/IP: A Comprehensive Hands-On Introduction, provides a strong background to the TCP/IP applications and services that need to pass through your firewall Course 433, UNIX® and Linux® Security: Hands-On, provides the information you need to successfully secure UNIX servers used for public access services and the firewall itself Course 536, Computer Forensics and Incident Response: Hands-On, provides you with extensive experience in the latest Windows-based computer forensic techniques Course 537, Ethical Hacking and Countermeasures: Hands-On, provides you with a process and methodology of security testing In addition, the following courses help you prepare for security-related certification exams: Course 445, Preparing for the CompTIA A+® Certification Exam: Hands-On Course 446, Preparing for the CompTIA Security+™ Certification Exam Two new security exam preparation courses are coming soon: Course 958, The (ISC)2 CISSP CBK Review Seminar Course 959, The (ISC)2 CISSP SSCP CBK Review Seminar