Security, Privacy & Info. Integrity for Managers & Policy Makers

New Admin

10 years ago

Introduction: Network Security Philosophy
- The Ideal Security System
- Planning for Internet Security
- Organizational Security Policy
- Hacker Profiles and Motives
- Social Engineering and Reverse Social Engineering
- The Financial Impact of Network Security
- The Carrier and Service Provider Security Report Card

System Security Concepts
- Encryption/Cryptography
- Key Management Systems
- Authentication and Authorization
- Digital Certiﬁcates and Digital Signatures
- Policy-Based Security Enforcement
- Malicious Software

Physical and Infrastructure Security
- Pass Cards and ID
- Surveillance Systems
- Locks and Physical Security Systems

Network Security
- Point-to-Point Protocol (PPP)
- Password Authentication Protocol (PAP)
- Challenge Handshake Authentication Protocol (CHAP)
- Remote Authentication Dial-In User Security (RADIUS)
- Tunneling
  - Layer 2 Forwarding (L2F)
  - Point-to-Point Tunneling Protocol (PPTP)
  - Layer 2 Tunneling Protocol (L2TP)
  - Other
- Internet Protocol Security (IPsec)
- IP Proxy Agents/Proxy Servers
- Secure Sockets Layer (SSL)
- Kerberos

Anatomy of a Firewall
- A Sample Firewall: Checkpoint Systems
- Three Main Operational Areas
  - Security
  - Performance/Availability
  - Policy Enforcement
- Demilitarized Zone (DMZ) Architecture

Hacker Tools and Techniques
- The Insider Threat
- Exploiting Backdoors, Bugs, and Loopholes
- Packet Sniffers
- Social Engineering
- Reverse Social Engineering
- Trespassing, Dumpster Diving, and Shoulder Surﬁng
- Denial of Service (DoS), Smurﬁng, and Spam
- Covert Channels and Steganography
- Counter-cyberterrorism

Content Filtering and Monitoring
- CALEA
- Content Filtering and Stateful Inspection
- Filtering and Content Security Overview
- Privacy and Legal Issues in Domestic and Global Networks
- Children’s Internet Protection Act (CIPA) and Related Topics
- Types of Filtering: url, content, heuristic, photo, ‘sounds like’, etc
- Intrusion Detection System
- Intrusion Signatures
- Stateful Inspection
- Contextual analysis and heuristics

Disaster Recovery and Contingency Planning
- Risks to Carrier and Service Provider Infrastructure
- Disaster Recovery Services
- Disaster Recovery and Contingency Planning and Drills
- Disaster Recovery and Business Continuity

Legal and Regulatory Issues
- Sarbanes-Oxley (SOX)
- HIPAA
- Digital Millennium Copyright Act (DMCA)
- Software Piracy
- Protecting Intellectual Property
- Global Encryption/Cryptography Issues
- Personally Identifiable Information
- Privacy in the Workplace
- Obligations and Liabilities
- Case Law/Case Studies
The Organizational Security Report Card
- Report Card Overview
- Security Self-Assessment
- Security Report Card Exercise
- Applying Report Card Results in Your Company
Conclusion

Exit mobile version