Network Access Control Using the Risk Management Framework

Level: Intermediate

Help your organization produce a comprehensive security posture by developing generally accepted practices for access control in network security. In this Network Access Control (NAC) training course, you will learn how to perform security breaches with techniques from the FISMA Risk Management Framework, utilize protocol analyzers to track live attacks, analyze the effectiveness of network security control devices, and recommend improvements to block attacks. Help your organization produce a comprehensive security posture by developing generally accepted practices. In this training course, you learn how to perform security breaches with techniques from the FISMA Risk Management Framework, utilize protocol analyzers to track live attacks, analyze the effectiveness of security controls, and recommend improvements to block attacks.

Key Features of this Network Access Control Training

After-course instructor coaching benefit

Learning Tree end-of-course exam included

You Will Learn How To:

Protect assets by selecting and managing effective security controls

Evaluate the thoroughness and quality of security controls

Do more than just “security theater”

Provide and monitor a comprehensive, strong defense

Integrate accessibility into services and environments

Choose the Training Solution That Best Fits Your Individual Needs or Organizational

Goals Training At Your Site – Team Training

PRODUCT #3674 – $2990

Bring this or any training to your organization

Full – scale program development

Delivered when, where, and how you want it

Blended learning models

Tailored content

Expert team coaching

Team Training

Important Network Access Control Course Information

Recommended Experience

Previous experience in networking and TCP/IP protocol stack

Technical background in networking and security terms

Network Access Control Course Outline

Introduction

Applying defense in depth: tools, techniques and people

Comprehending FISMA and OMB oversight

Assimilating Risk Management Framework Security Life Cycle

Risk Management Framework

Multi-tiered risk management

Organization: Strategic risk management

Mission/Business: Tactical approach to risk

Information Systems

Defining roles and responsibilities

Distinguishing hierarchy and key roles of risk management

Defining responsibilities assigned to specific roles

Separating roles and areas of responsibility

Phases of risk management

Categorizing information systems Selecting security controls

Implementing security controls

Assessing security controls

Authorizing information systems

Monitoring security controls

Information Assurance

Introducing information assurance

Assuring security throughout the data life cycle

Integrating information assurance into software development

Building in “secure by design”

Implementing information assurance best practices

Ensuring component security

Penetration testing and vulnerability assessments

Validating security functions and configuration

Finding weaknesses within systems before the attacker does

Keeping current with information assurance

Full disclosure vs. responsible disclosure

Exploring vulnerability databases

Information Systems and Network Security

Modularization (the OSI 7 Layer Model)

Networking principles powering the Internet

Modeling a packet

Confidentiality, integrity and availability across the network

Encrypting for confidentiality

Sniffing the network and protocol analysis

Modifying data via man-in-the-middle attacks

Networking services and security

Poisoning the DNS cache

Incorporating core services including DHCP, ICMP, and ARP

Hardening the TCP/IP stack

Authentication and Access Control

Authenticating users

Managing factors of authentication (something you know, have or are)

Attacking passwords

Comprehending PKI and public key authentication systems

Evaluating the suitability of biometrics

Integrating multi-factor authentication

Authenticating hosts

Incorporating ARP, DHCP, DNS and protocol insecurities

Performing and detecting MAC and IP address spoofing

Achieving strong host authentication

Analyzing Kerberos and IPSec

Cryptography

Encrypting and exercising integrity functions

Capitalizing on asymmetric or Public Key cryptography

Applying symmetric cryptography

Exercising message digest functions for integrity

Certificates and Certification Authorities

Clarifying PKI and certificate fields

Publishing certificate revocation and certificate security

Digital signatures

Digitally signing for strong authentication

Proving authentication, integrity and non-repudiation

Accessibility

Promoting open data policies

Removing barriers to enhance accessibility for people Enabling IT accessibility

Network Access Control Training FAQs

How can I bring this course to my facility to teach my team Network Access Control?

Enhance your team’s effectiveness and boost productivity with instructor-led training delivered privately to your organization, live online, or to any preferred location!

Schedule of events