Certified Network Defender | CND Training Course

A 5 day practical networking course designed to familiarise students with Cisco IOS (version 12). The course details the key commands used to configure and secure Cisco routers and switches, and covers the CCNA syllabus - including wired and wireless LAN access.

Students will inter-connect networks by implementing static routes, distance-vector and link-state based dynamic routing protocols.

The devices will be configured to route traffic across LAN/VLAN//WAN boundaries, by encapsulating datagrams across serial data links using various WAN protocols, such as HDLC, Frame Relay, ISDN and PPP (with CHAP authentication). VLAN encapsulation/tagging will be via IEEE802.1Q/P.

Standard and Extended Access Control Lists will be configured and applied to router interfaces to filter traffic based on IP address and/or traffic type.

Students will configure static and dynamic NAT to route between private and public networks and cover the theory of Virtual Private Networks (VPN's)

Students will copy router configurations and IOS images to/from a TFTP Server. Privileged commands will be used to debug TCP/IP protocols to ensure proper operation of the routers. Students will also perform password recovery operations.

The course is primarily aimed at IP v4 but does give an overview of IP v6 addressing and covers migration from an IP v4 to an IP v6 network. Other protocols and technologies (VPN's / Wireless) may be demonstrated if time permits.

Course can be customised to precise requirements of customer.

Audience:

This course is suitable for anyone looking for a basic understanding of internetworking with Cisco devices and covers the CCNA syllabus.

Course is approximately 50% practical

BeyondCorp is an open source Zero Trust security framework that allows employees to work securely from any location without the need for a traditional VPN.

In this instructor-led, live training, participants will learn hands-on how to set up a Zero Security system as they set up and deploy BeyondCorop in a live-lab environment.

By the end of this training, participants will be able to:

• Assess their organization's existing security model.
• Shift access controls from the perimeter to individual devices and users.
• Deploy applications using a user and device-centric authentication and authorization workflow.
• Understand, plan and implement a Zero Trust network within their organization.

Audience

• Network engineers
• Cyber security professionals
• System architects
• IT managers

Format of the Course

• Part lecture, part discussion, exercises and heavy hands-on practice

Note

• To request a customized training for this course, please contact us to arrange.

Since all applications today heavily rely on communication and networks, there is no application security without network security.

This course focuses on network security with a software security viewpoint, and discusses common network attacks and defenses on different OSI layers, with an emphasis on application layer issues, tackling topics like session management or denial of service.

As cryptography is a critical aspect of network security, the most important cryptographic algorithms in symmetric cryptography, hashing, asymmetric cryptography, and key agreement are also discussed. Instead of presenting an in-depth mathematical and theoretical background, these elements are discussed from a merely practical, engineering perspective, showing typical use-case examples and practical considerations related to the use of crypto, such as public key infrastructures. Security protocols in many areas of secure communication are introduced, with an in-depth discussion on the most widely-used protocol families such as IPSEC and SSL/TLS.

Finally, typical crypto vulnerabilities are discussed – both related to certain crypto algorithms and cryptographic protocols, such as BEAST, CRIME, TIME, BREACH, FREAK, Logjam, Padding oracle, Lucky Thirteen, POODLE and similar, as well as the RSA timing attack. In each case, the practical considerations and potential consequences are described for each problem, again, without going into deep mathematical details.

Participants attending this course will

• Understand basic concepts of security, IT security and secure coding
• Learn about network attacks and defenses at different OSI layers
• Have a practical understanding of cryptography
• Understand essential security protocols
• Understand some recent attacks against cryptosystems
• Get information about some recent related vulnerabilities
• Get sources and further readings on secure coding practices

Audience

Developers, Professionals

Why should you attend?

The Certified Lead Ethical Hacker training course enables you to develop the necessary expertise to perform information system penetration tests by applying recognized principles, procedures and penetration testing techniques, in order to identify potential threats on a computer network. During this training course, you will gain the knowledge and skills to manage a penetration testing project or team, as well as plan and perform internal and external pentests, in accordance with various standards such as the Penetration Testing Execution Standard (PTES) and the Open Source Security Testing Methodology Manual (OSSTMM). Moreover, you will also gain a thorough understanding on how to draft reports and countermeasure proposals. Additionally, through practical exercises, you will be able to master penetration testing techniques and acquire the skills needed to manage a pentest team, as well as customer communication and conflict resolution.  

The Certified Lead Ethical Hacking training course provides a technical vision of information security through ethical hacking, using common techniques such as information gathering and vulnerability detection, both inside and outside of a business network.

The training is also compatible with the NICE (The National Initiative for Cybersecurity Education) Protect and Defend framework. 

After mastering the necessary knowledge and skills in ethical hacking, you can take the exam and apply for the "PECB Certified Lead Ethical Hacker" credential. By holding a PECB Lead Ethical Hacker certificate, you will be able to demonstrate that you have acquired the practical skills for performing and managing penetration tests according to best practices. 

Who should attend?

• Individuals interested in IT Security, and particularly in Ethical Hacking, to either learn more about the topic or to start a process of professional reorientation.
• Information security officers and professionals seeking to master ethical hacking and penetration testing techniques.
• Managers or consultants wishing to learn how to control the penetration testing process.
• Auditors wishing to perform and conduct professional penetration tests.
• Persons responsible for maintaining the security of information systems in an organization.
• Technical experts who want to learn how to prepare a pentest.
• Cybersecurity professionals and information security team members.

During the course, participants will learn:

• What is denial of service attacks, Flooding, Sniffing, MIM?
• How to break from the network to the server?
• How to watch packets on the network (also running on switches)?
• Do you watch any combination of the world?
• How to monitor the network?
• How to configure a firewall?
• How to use encrypted connections?
• How to create tunnels?
• How to log packets?
• How to scan ports?
• How to reduce the number of unnecessary services on the server?

DNS (domain name system) is the "phone book" of the internet, providing a directory of computer names and their IP addresses. BIND is the most common Linux implementation of DNS. When you open a website or send and receive an email, a DNS server somewhere is quietly addressing your message to its intended recipient.

In this instructor-led, live training, participants will learn the critical features of DNS while carrying out exercises in the setup and configuration of a BIND DNS server on Linux. The course starts with a refresher on key networking principles, then digs into hands-on practice with setup and configuration. Steadily, the discussion and practices move towards more complex topics such as security, availability, debugging and troubleshooting.

Format of the Course

• Part lecture, part discussion, heavy hands-on practice and implementation, occasional quizing to measure progress

FortiGuard Labs is a security and threat intelligence research company by Fortinet, one of the leading cybersecurity service providers today. Among its most notable products are FortiGate next-generation firewalls (NGFWs) that are more efficient than lower specification firewalls. FortiGate NGFWs can filter network traffic while maintaining features of stateful firewalls, making them optimal for hybrid and hyper-scale enterprise data centers.

This instructor-led, live training (online or onsite) is aimed at security engineers and system administrators who wish to use FortiGate NGFW's advanced security-driven network systems to protect their organization from internal and external threats.

By the end of this training, participants will be able to:

• Install and configure the preferred FortiGate NGFW software and hardware model.
• Operate and employ FortiGate NGFW to improve the efficiency of system administration tasks.
• Manage various forms of external and internal threats using FortiGate features.
• Integrate FortiGate security fabric with the entire IT infrastructure to provide quick automated protection.
• Ensure long-term protection from attacks with independent and continuous FortiGate threat intelligence.
• Troubleshoot the most common firewall system setup errors relevant to FortiGate NGFWs.
• Implement Fortinet security solutions in other enterprise applications.

Format of the Course

• Interactive lecture and discussion.
• Lots of exercises and practice.
• Hands-on implementation in a live-lab environment.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

This 2 day course investigates the theory and technology associated with IPSec VPN’s.VPN’s are setup using Cisco IOS Routers and ASA Firewalls using the web interface. The workings of the protocols are examined using debug commands and protocol analyser traces of relevant negotiations.

Audience:

Suitable for network planners, engineers or anyone interested in IPSec VPNs

Course is approximately 40% practical

A 2 day theoretical course (with some practical demonstrations) covering the fundamentals of Internet Protocol v6 – including addressing, protocol formats, ICMP v6, discovery processes and IP v6 routing.

Audience:

Network Planners, Designers, and Engineers requiring an understanding of IP v6. Those requiring a comprehensive overview of IP v6 and the migration process from an IP v4 environment.

This 4 day course involves a mixture of expository based (utilising protocol analyser traces where appropriate) and practical experiments to test and verify the operation of TCP/IP networks. The major aspects of the TCP/IP protocol stack are covered, including subnetting, supernetting and running dynamic routing protocols. TCP and UDP will be compared and contrasted, covering the end-to-end reliability and congestion avoidance capabilities of the TCP/IP stack. Some application layer protocols (HTTP, TLS, DNS, DHCP etc) will be investigated during the course. Network security in the form of TLS will be covered both from a theoretical and practical standpoint. The practical exercises are designed to augment the theory and enhance both the understanding of the underlying protocols and also the problem solving abilities of the delegates.

Audience:

Suitable for anyone looking for an understanding of TCP/IP.

Course is approximately 50% practical.

Audience:

System Administrators and Network Administrators as well as anyone who is interested in defensive network security technologies.

Nmap is a port scanner used for penetration and network testing. Port scanners such as Nmap, discover vulnerable communications on computer network systems.

This instructor-led, live training (online or onsite) is aimed at software testers who wish to protect their organization's network with Nmap.

By the end of this training, participants will be able to:

• Set up the necessary testing environment to start using Nmap.
• Scan network systems for security vulnerabilities.
• Discover active and vulnerable hosts.

Format of the Course

• Interactive lecture and discussion.
• Lots of exercises and practice.
• Hands-on implementation in a live-lab environment.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

OpenVAS is an advanced open source framework which consists of several services and tools for network vulnerability scanning and management.

In this instructor-led, live training, participants will learn how to use OpenVAS for network vulnerability scanning.

By the end of this training, participants will be able to:

• Install and configure OpenVAS
• Learn the fundamental features and components of OpenVAS
• Configure and implement network vulnerability scans with OpenVAS
• Review and interpret OpenVAS scan results

Audience

• Network engineers
• Network administrators

Format of the course

• Part lecture, part discussion, exercises and heavy hands-on practice

Note

• To request a customized training for this course, please contact us to arrange.

Palo Alto Networks offers a platform that includes advanced firewalls and cloud extension. Palo Alto firewalls prevents malware intrusion with an automated approach that delivers consistent security.

This instructor-led, live training (online or onsite) is aimed at developers who wish to prevent malware intrusion with Palo Alto Networks.

By the end of this training, participants will be able to:

• Set up the necessary development environment to start developing firewalls.
• Deploy a Palo Alto firewall in a cloud server.
• Manage packet flow through Palo Alto firewalls.
• Interpret QoS classifications and types.

Format of the Course

• Interactive lecture and discussion.
• Lots of exercises and practice.
• Hands-on implementation in a live-lab environment.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

Wireless and telecom network security refers the practices carried out to safeguard communication devices, terminal equipment, routing equipment, servers and Wireless devices and networks against malicious attacks. 

This instructor-led, live training (online or onsite) is aimed at technical persons who wish to apply the most suitable tools and techniques to secure both telecom as well as wireless networks.

Format of the Course

• Interactive lecture and discussion.
• Lots of exercises and practice.
• Hands-on implementation in a live-lab environment.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.