Network Access Control Using the Risk Management Framework
Level: Intermediate
Help your organization produce a comprehensive security posture by developing generally accepted practices for access control in network security. In this Network Access Control (NAC) training course, you will learn how to perform security breaches with techniques from the FISMA Risk Management Framework, utilize protocol analyzers to track live attacks, analyze the effectiveness of network security control devices, and recommend improvements to block attacks. Help your organization produce a comprehensive security posture by developing generally accepted practices. In this training course, you learn how to perform security breaches with techniques from the FISMA Risk Management Framework, utilize protocol analyzers to track live attacks, analyze the effectiveness of security controls, and recommend improvements to block attacks.
Key Features of this Network Access Control Training
After-course instructor coaching benefit
Learning Tree end-of-course exam included
You Will Learn How To:
Protect assets by selecting and managing effective security controls
Evaluate the thoroughness and quality of security controls
Do more than just “security theater”
Provide and monitor a comprehensive, strong defense
Integrate accessibility into services and environments
Choose the Training Solution That Best Fits Your Individual Needs or Organizational
Goals Training At Your Site – Team Training
PRODUCT #3674 – $2990
Bring this or any training to your organization
Full – scale program development
Delivered when, where, and how you want it
Blended learning models
Tailored content
Expert team coaching
Team Training
Important Network Access Control Course Information
Recommended Experience
Previous experience in networking and TCP/IP protocol stack
Technical background in networking and security terms
Network Access Control Course Outline
Introduction
Applying defense in depth: tools, techniques and people
Comprehending FISMA and OMB oversight
Assimilating Risk Management Framework Security Life Cycle
Risk Management Framework
Multi-tiered risk management
Organization: Strategic risk management
Mission/Business: Tactical approach to risk
Information Systems
Defining roles and responsibilities
Distinguishing hierarchy and key roles of risk management
Defining responsibilities assigned to specific roles
Separating roles and areas of responsibility
Phases of risk management
Categorizing information systems Selecting security controls
Implementing security controls
Assessing security controls
Authorizing information systems
Monitoring security controls
Information Assurance
Introducing information assurance
Assuring security throughout the data life cycle
Integrating information assurance into software development
Building in “secure by design”
Implementing information assurance best practices
Ensuring component security
Penetration testing and vulnerability assessments
Validating security functions and configuration
Finding weaknesses within systems before the attacker does
Keeping current with information assurance
Full disclosure vs. responsible disclosure
Exploring vulnerability databases
Information Systems and Network Security
Modularization (the OSI 7 Layer Model)
Networking principles powering the Internet
Modeling a packet
Confidentiality, integrity and availability across the network
Encrypting for confidentiality
Sniffing the network and protocol analysis
Modifying data via man-in-the-middle attacks
Networking services and security
Poisoning the DNS cache
Incorporating core services including DHCP, ICMP, and ARP
Hardening the TCP/IP stack
Authentication and Access Control
Authenticating users
Managing factors of authentication (something you know, have or are)
Attacking passwords
Comprehending PKI and public key authentication systems
Evaluating the suitability of biometrics
Integrating multi-factor authentication
Authenticating hosts
Incorporating ARP, DHCP, DNS and protocol insecurities
Performing and detecting MAC and IP address spoofing
Achieving strong host authentication
Analyzing Kerberos and IPSec
Cryptography
Encrypting and exercising integrity functions
Capitalizing on asymmetric or Public Key cryptography
Applying symmetric cryptography
Exercising message digest functions for integrity
Certificates and Certification Authorities
Clarifying PKI and certificate fields
Publishing certificate revocation and certificate security
Digital signatures
Digitally signing for strong authentication
Proving authentication, integrity and non-repudiation
Accessibility
Promoting open data policies
Removing barriers to enhance accessibility for people Enabling IT accessibility
Network Access Control Training FAQs
How can I bring this course to my facility to teach my team Network Access Control?
Enhance your team’s effectiveness and boost productivity with instructor-led training delivered privately to your organization, live online, or to any preferred location!