Security Assessment and Audit
Course
In Ahmedabad
Description
-
Type
Course
-
Location
Ahmedabad
-
Duration
3 Days
Facilities
Location
Start date
Start date
Reviews
Course programme
Overview:
This program provides a technological perspective and exposure to several audit and evaluation parts and products to fit the best in the organization, the main target is to provide candidates with the abilities necessary to carry out independent evaluations and audits of systems and networks.
Program Objective:
This Program is planned and trained with the following objectives for security experts
1. Briefing on security problems and concerns
2. Understand the safety demands
3. Acquire knowledge of methods of evaluation and audit
4. Carrying out large-scale network
5. Footprinting, enumerate and attacks on system
6. Gain Vulnerability and exploit knowledge
7. Understand about Web, routers, firewalls assessments
8. Understand Database Hacking
9. Reports and excellent practices
Who can attend this program?
* Security consultants and Experts
* Security Experts
* Auditors
* Whoever desires to being network security! Ideal for beginners who want to know about the safety in action.
Requirements:
Candidates should have the following prerequisite knowledge before attend this program:
* Participants should have basic familiarity with Windows and Unix systems
* Participants should have elementary knowledge of networking
Topics Covered:
In this three days training program candidates will learn about:
Schedule: Day-1
Module-1 Understand Security Fundamentals and Concepts
* Security industry landscape and trends
* Know about Security position and evolution
* Goals corporate security
* Threats framework and models
* Attack vectors and its impact
* Popular points of attack and severity
* Q & A
Module-2 Understand Assessment and Audit - approaches and methodologies
* Methods of evaluating and fundamentals
* The goals and targets of the evaluation
* The role of tools and credibility
* Fields of evaluation and value
* Fundamentals of Audit and objectives
* The compliance and standards
* Q & A
Module-3 Understand Network Assessment - Footprinting and Asset Identifications
* Fundamentals of footprinting and objectives
* Methods and approaches
* Queries the public domain
* WHOIS - Query all
* Searches ARIS
* DNS queries and zone transfers
* Draw routes and maps
* Network Awareness
* Windows footprinting
* Reporting and targets designs
* Laboratory
Module- 4 Discovery and Posture Mapping
* Learn about fundamentals of TCP
* Understand Ping sweeps
* Network scanning (TCP and UDP)
* Operating System identification and stack fingerprinting
* Understand Banner grabbing
* Identification Protocol
* Network mapping
* Reports and targets designs
* Laboratory
Schedule: Day-2
Module-5 Information Collecting and Enumeration - Windows
* Introduction to Windows security
* Learn basics of Enumerating
* Understand Security issues with enumeration
* Understand Windows enumeration - NetBIOS over TCP
* Domain Name System Enumeration
* Simple Network Management Protocol (SNMP) query
* LDAP Enumeration
* Laboratory
Module-6 The data collection and enumeration - Linux and Unix
* Linux and Unix security overview
* Linux and Unix systems enumeration fundamentals
* Enumerating NFS
* Remote Procedure call (RPC) query
* Snmpwalk and enumeration
* Users and groups enumeration
* SAMBA information collection
* Finger, rwho and rusers
* Laboratory
Module-7 Understanding of Hacking and Attacks
* Password-guessing
* Password-cracking
* Password-sniffing
* Privilege Escalation
* Introduction to Netcat shell
* Other attack vectors
* Laboratory
Module-8 Understand Assessment of Vulnerability and Exploitation
* Fundamentals of Vulnerabilities
* Detecting vulnerabilities
* Scan vulnerability applying nessus and other tools
* Development exploits
* Exploit frameworks - Metasploit
* Countermeasures and Security
* Laboratory
Schedule: Day-3
Module-9 Learn about Web Hacking
* Fundamentals of Hypertext Transfer Protocol
* Learn about Web Application Components
* Web server assessment
* Web Application Profiling
* Web application hacking
* Development web application
* Tools and technology
* Laboratory
Module-10 Hacking network devices
* Network Maps and entry points
* Router Identification
* Compromising routers
* Firewall Identification
* Firewall banner grabbing
* Loop holes Firewall
* Compromising ACLs
* Virtual Private Network and other tools
* Laboratory
Module-11 Understand SQL (Structured Query Language) Hacking
* Structured Query Language Identification
* Structured Query Language banner grabbing
* Microsoft SQL cracks
* Microsoft SQL hacking
* ORACLE cracks
* ORACLE security problems
* Tools and technology
* Laboratory
Security Assessment and Audit