applied security conferences and training: CanSecWest | PacSec | EUSecWest |

Security Masters Dojo

Advanced and intermediate security training and technology enhancement for information security professionals.

CanSecWest: Security Masters Dojo Vancouver

Network Threat Defense, Countermeasures, and Controls

Register for March 2-3 Course
Register for March 4-5 Course

Instructor(s):
Joseph Karpenko
Randy Ivener

Description

In this 2-day instructor-led Dojo training course, attendees will perform 2 roles. First as a Security Practitioner who will secure and harden devices within an organizations network infrastructure and Second as a Security Incident Response Investigator who must correctly detect, classify, and prevent threats targeting a network by configuring and deploying advanced network threat defenses and countermeasures.

Security engineering teams often focus on the security of networked workstations, servers, and applications, but may neglect the network's infrastructure routers and switches. Failing to completely protect the network infrastructure from today's threats places the entire computing infrastructure of the organization at risk.

In the Security Practitioner role, attendees will learn about inherent security features and techniques on Cisco IOS software including Management Plane hardening, Infrastructure Access-lists, and Data Plane hardening. The attendees will acquire hands-on experience configuring and testing these inherent security features and techniques in simulated real world threat scenarios.

At the conclusion of this role, attendees will be prepared to effectively implement and deploy inherent security features and techniques for increasing the security posture and preparedness of their network infrastructure, allowing them to detect and mitigate current threats.

Security Incident Response Investigator

Miscreants continue to evolve as does the cyber threat landscape. Miscreant's targets are your business assets and disrupting the availability of your business operations. Why, depends on what you have to offer and its value, or who you may have negatively provoked. Questions to consider include:

In the Security Incident Response Investigator role, attendees must correctly detect, classify, and prevent threats targeting a network by configuring and deploying advanced network threat defenses and countermeasures, such as Control Plane Policing, IOS NetFlow, and Remotely-Triggered Black Hole (RTBH) Routing on network infrastructure devices. After these countermeasures and controls are implemented, attendees will be responsible for validating the control's effectiveness and adjusting them to changing network conditions and attack pattern profiles.

Class Outline

Day 1: Day 2:

PREREQUISITE WARNING Each class has prerequisites for software loads and a laptop is mandatory. These individual class guides will list material the students are expected have knowledge about coming in and software tools that need to be pre-installed before attending so you get the maximum benefit from the focused intermediate or advanced level course. Please pay particular attention to the prerequisites, as the material listed there will not be reviewed in the courses, and will be necessary to get the maximum benefit out of these educational programs.

Hardware and Software Requirement