Information Confidentiality

Objectives:

  • Analyze your exposure to security threats and protect your organization's systems and data
  • Reduce your susceptibility to an attack by deploying firewalls and data encryption
  • Assess alternative user and host authentication mechanisms
  • Manage risks emanating from inside the organization and from the Internet
  • Protect network users from hostile applications and viruses
  • Identify the security risks that need to be addressed within your organization

 

 Outline:

Building a Secure Organization

Real threats that impact cyber security

  • Hackers inside and out
  • Eavesdropping
  • Spoofing
  • Sniffing
  • Trojan horses
  • Viruses
  • Wiretaps

A cyber security policy: the foundation of your protection

  • Defining your information assurance objectives
  • Assessing your exposure

A Cryptography Primer

Securing data with symmetric encryption

  • Choosing your algorithm: DES, AES, RC4 and others
  • Assessing key length and key distribution

Solving key distribution issues with asymmetric encryption

  • Generating keys
  • Encrypting with RSA
  • PGP and GnuPG
  • Evaluating Web of Trust and PKI

Ensuring integrity with hashes

  • Hashing with MD5 and SHA
  • Protecting data in transit
  • Building the digital signature

Verifying User and Host Identity

Assessing traditional static password schemes

  • Creating a good quality password policy to prevent password guessing and cracking
  • Protecting against social engineering attacks
  • Encrypting passwords to mitigate the impact of password sniffing

Evaluating strong authentication methods

  • Challenge-response to prevent man-in-the-middle attacks
  • Preventing password replay using one-time and tokenized passwords
  • Employing biometrics as part of two-factor authentication

 

Authenticating hosts

  • Shortcomings of IP addresses
  • Address-spoofing issues and countermeasures
  • Solutions for wireless networks

Preventing System Intrusions

Discovering system vulnerabilities

  • Searching for operating system holes
  • Discovering file permission issues
  • Limiting access via physical security

Encrypting files for confidentiality

  • Encryption with application-specific tools
  • Recovering encrypted data

Hardening the operating system

  • Locking down user accounts
  • Securing administrator's permissions
  • Protecting against viruses

Guarding Against Network Intrusions

Scanning for vulnerabilities

  • Restricting access to critical services
  • Preventing buffer overflows

Reducing denial-of-service (DoS) attacks

  • Securing DNS
  • Limiting the impact of common attacks

Deploying firewalls to control network traffic

  • Contrasting firewall architectures
  • Preventing intrusions with filters
  • Implementing cyber security policy

Building network firewalls

  • Evaluating firewall features
  • Selecting an architecture and a personal firewall

Ensuring Network Confidentiality

Threats from the LAN

  • Sniffing the network
  • Mitigating threats from connected hosts
  • Partitioning the network to prevent data leakage
  • Identifying wireless LAN vulnerabilities

Confidentiality on external connections

  • Ensuring confidentiality with encryption
  • Securing data-link layer with PPTP and L2TP
  • Middleware information assurance with SSL and TLS
  • Deploying SSH (the Secure Shell)

Protecting data with IPSec

  • Authenticating remote locations
  • Tunnelling traffic between sites
  • Exchanging keys

Managing Your Organization's Security

  • Developing a security plan
  • Responding to incidents

Certificates

A Certificate of Completion will be issued to those who attend & successfully complete the programme.

Schedule

  08:30 – 10:15 First Session

 10:15 – 10:30 Coffee Break

10:30 – 12:15 Second Session

 12:15 – 12:30 Coffee Break

12:30 – 14:00 Third Session

 14:00 – 15:00 Lunch

 Fees

 The Fee for the seminar, including instruction materials, documentation, lunch, coffee/tea breaks & snack is: