CSI-HO-029 – Hands-On Security in IP Networks/Protocols

CellStream, Inc. – Telecom Consulting and Training!

2-Day Instructor Led Hands On Lab Class Available in either Web Based delivery or On-Site Delivery Minimum 10 students – Maximum 16 students

Course Description:

Having a good knowledge of Network Security in Wireless and TCP/IP networks is extremely important for anyone in the service provider business.  Knowledge and skills with regards to network security are vital to IP network backbone engineers, support engineers/technicians, engineers that test these networks and equipment that is installed in these networks, as well as development engineers. 

The course is a combination of knowledge training, systems analysis, with hands-on exercises using Linux based systems, designed by CellStream consultants to bring the technician/engineer, who knows a little about Security, to a deeper understanding of the terms, the tools, and the security issues. A combination of knowledge training, hands-on exercises, and hands-on experience reveals Network Security in a swift, detailed, and understandable way.

Course Objectives:

The objectives of the course are to:

1. Develop a “hands-on” skill set targeted at TCP/IP and Wi-Fi Security in the following key areas:
   • Tools
   • Security vulnerabilities and attack methods
   • Possible mitigations
2. Understand security terminology
3. Understand what hackers do and how they do it
4. Improve customer satisfaction by sharing the knowledge and skills to mitigate security risks
5. Deepen networking knowledge and understanding

These objectives are met by covering the necessary technical bases in a straight forward manner, by keep the content in context of the objectives – connecting the dots. Utilizing a short, subject specific architecture with exercises to drive home key points and Hands-On experience that reveal these points builds skills and knowledge based on Bloom’s Taxonomy. Presentation is industry current and up-to-date using a technology specialists.

Audience:

The target audience for this course is anyone in the telecommunications field that requires a solid and complete understanding of the fundamental operations of the TCP/IP protocol suite in networking, and desires hands-on skills that can be applied to their job function. Ideal candidates are:

• Central Office Technicians, Engineers, and Supervisors
• Line Technicians, and Customer Service Technicians
• Operations individuals that will provide IP configuration and support services
• Development Engineers that must know TCP/IP networking in order to provide hardware and software solutions
• Network Design Engineers that need to understand TCP/IP services and applications
• Network Management individuals that are providing element and network management tools
• Network Administrators and IT professionals
• Technical sales individuals that must be able to correlate features with functionality
• Technical marketing individuals that want more than just a basic understanding of IP
• Certification Track individuals that need to expand their knowledge and studies

Course Prerequisites:

All students must attend with a lap-top computer in order to interface to the Security Lab. If the course is held at a classroom where computers are available, the Lap-top computer will not be required.

Course Materials:

Students will be provided with a Course Student Guide and a Lab Guide. Also, a lab system for configuration and labs will be provided.

Related Content:

Some students have found that our approach to mastering Security provides needed skills towards acquiring further industry certifications.

Course Outline:

The course outline is as follows:

• Part 1: The Groundwork
  • Overview and Introductions
  • Introduction/Logistics/Time Frames/Course Plan
  • Accessing the Online School content
  • LAB: Setting up for the CellStream Security Lab
• Part 2: Introduction to Security
  • Security Terminology
  • Types of Hackers
  • Group Exercise: Where are vulnerabilities in an IP Network?
  • Phases in Hacking
  • Attack Types and Vectors
  • Confidentiality, Integrity, Availability
  • Malware, Malware Mitigation, Examples
• Part 3: Personal Security
  • Personal Awareness
  • Default Username/Passwords
  • Personal Security – Social Engineering
• Part 4: Security Appliances
  • Firewalls, Types, Functionality, Rules Examples
  • Intrusion Detection Systems
  • Penetration Detection Systems
• Part 5: Scanning, Attacks and Tools
  • Scanning Using ARP – demo
  • Scanning with nmap – demo
  • Local Network Scan mitigation
  • MAC Filtering – bypass demo
• Part 6: Layer 2 and Layer 3 Mitigation
  • Layer 2 Mitigation: Overview of PPPoE, why Layer 2
  • Layer 3 Mitigation: IPSec for VPN Security
    • Overview of IPSec
    • AH and ESP Protocols and Message Exchange
    • Cryptographic Algorithms
    • Tunnel and Transport Modes
    • IKE – Internet Key Exchange
    • LAB Exercise/Demonstration: IPsec Network View and Packet examination
    • Encryption Defined
    • Diffie-Helman Encryption example
• Part 7: Layer 5 Mitigation with SSH and HTTPS
  • How Does SSH Work?
  • Symmetrical and Asymmetrical Encryption
  • Hashing
  • SSH Process, Authentication
  • LAB Exercise/Demonstration: SSH Session Walkthrough and Packet Analysis
  • HTTPS Defined
  • TLS Version Comparison
  • SSL Certificates
  • LAB Exercise/Demonstration: HTTPS Process and Decryption Process
• Part 8: Other Security Tools
  • Scapy packet manipulator – LAB Exercise/Demonstration
  • Hping 3 – LAB Exercise/Demonstration
  • ARP Spoofing – LAB Exercise/Demonstration
  • Wireless Security – LAB Exercise/Demonstration
  • Group Exercise: How can we mitigate security vulnerabilities in an IP Network?

Course Availability:

Contact us for schedule dates and times.

View the course calendar and browse for our schedule.

Course Description, Content, Outline, and Instructional Design are Copyright ©CellStream, Inc.