Information Security Training

Securing data with symmetric encryption

• Choosing your algorithm: DES, AES, Rc4, and others
• Assessing key length and key distribution

Solving key distribution issues with asymmetric encryption

• Generating keys
• Encrypting with RSA
• Explore PGP and GnuPG
• Evaluating Web of Trust and PKI

Ensuring integrity with hashes

• Hashing with Md5 and SHA
• Protecting data in transit
• Building the digital signature

Assessing traditional static password schemes

• Creating a strong password policy to prevent password guessing and cracking
• Protecting against social engineering attacks
• Encrypting passwords to mitigate the impact of password sniffing

Evaluating strong authentication methods

• Preventing password replay using one-time and tokenized passwords
• Employing biometrics as part of multi-factor authentication

Authenticating hosts

• Distrusting IP (Internet Protocol) addresses
• Mitigating address-spoofing issues and implementing countermeasures
• Implementing solutions for wireless networks

Discovering system vulnerabilities

• Searching for operating system vulnerabilities
• Discovering file permission issues
• Limiting access via physical security

Encrypting files for confidentiality

• Encrypting with application-specific tools
• Recovering encrypted data

Hardening the operating system

• Locking down user accounts
• Securing administrator's permissions
• Protecting against viruses

Scanning for vulnerabilities

• Searching for rogue servers
• Profiling systems and services

Reducing Denial of Service (DoS) attacks

• Securing DNS (Domain Name System)
• Limiting the impact of common attacks

Deploying firewalls to control network traffic

• Preventing intrusions with filters
• Implementing a cyber security policy
• Deploying personal firewalls

Protecting web services and applications

• Validating user input
• Controlling information leakage

Threats from the LAN

• Sniffing the network
• Mitigating threats from connected hosts
• Partitioning the network to prevent data leakage
• Identifying wireless LAN vulnerabilities

Confidentiality on external connections

• Ensuring confidentiality with encryption
• Securing communication with IPsec