Advanced Network for Auditors
This challenging and intensive course brings together a series of advanced topics, to provide a basis for an auditor’s detailed understanding of the nature, structures and controls that apply to networks.
Suitability and duration
Suitability: Advanced
Duration: 2 days
Who should attend
This intensive and challenging course is designed for IT Auditors that need a detailed understanding of networks and network technologies. It is not suitable for a novice IT Auditor or those without a basic understanding of network technologies.
Benefits
Skills
After completion of this course, you will be able to:
Appreciate the nature and mechanisms that underpin TCP/IP
Demonstrate an understanding of the risks and issues related to network domain, network hosts and network trusts
Evaluate server and browser side security settings and interpret server logs
Review the type of operating system hardening that is used to support network hosts and appliances
Appreciate and understand the nature of a PKI and how it is deployed
Describe the different types of firewall and review a firewall’s rules
Describe the operation of a router and review a router’s configuration
Support Materials
This course is accompanied by a manual that includes full briefing notes.
Programme
TCP/IP
- Internet technical resources: the IETF and RFC
- Protocol stacks
- Encapsulation
- Application packet header structures: IP, TCP, UDP, ICMP
- Segments
- TCP and UDP
- Ports
- TCP/IP applets and commands
- Demonstration and casework: TCP/IP
TCP/IP advanced topics
- Network addressing IPV4 and IPV6
- Network routing methods
- Application addressing
- IPSec and security
- Integration TCP/IP with legacy systems
- Demonstration and casework: IPsec
Network domain security
- Security domains and domain planning
- Defining domain perimeters
- Domain administration
- Application security versus network security
- Casework: Security domain planning
Network host security
- Host security – routers and gateway challenges
- Verification of host security and network security – Scanners
- Scanner evaluation
- Demonstration: Scanners in action
Network security trusts
- Trusts: one way, two way, and transitive
- Security Policy (Trust) administration including Active Directory Trusts
- Case example of trust structure
Server-side security
- Administrative / Rot privilege
- Active Pages – ASP/PHP
- Scripting languages and .NET
- Virtual directories and Virtual File Services
- Server Logs and their interpretation
- Demonstration: Web Server log analysis and web server security
- Browser-side security
- Browser variants – Internet Explorer, Firefox, Mozilla, Safari
- Configuration settings for browsers – content, network, downloads, java sandbox control
- Active signed and unsigned content, including Java, JavaScript, Active X, Plug-ins and cookies
- Demonstration: Securing browsers
Firewalls and proxy servers, public web servers
- Types of firewalls and their functionality
- Firewall configuration and verification
- Demonstration: Firewall configuration
- Web proxy servers
- Content filtering at the network perimeter
PKI
- Digital certificates
- Certificate Authorities and Registration Authorities
- Public Certificates and Commercial Certificates
- Certificate Management
- Certificate Revocation
- PKI and the role of Commercial and internal Certificate Authorities
- Managing digital certificates
- Casework example: A PKI infrastructure
- SSL and secure Web transactions
- Implementation of SSL
