To learn more about additional tracks, click here:

 

  

Track 2 –IT/Cybersecurity Track


Wednesday, 11/20/19 - Friday, 11/22/19


"Auditing the Cybersecurity of Your Internet DMZ (Good Fences Make Good Neighbors)"


Course Description


Today’s Internet connections are typically shielded by a Demilitarized Zone (DMZ), a critical CyberSecurity buffer between your organization’s internal network and the outside world. Firewalls, intrusion detection/prevention systems, proxy servers, load balancers, filtering routers, VLANs, and VPNs all play a major role in regulating and restricting traffic flowing to and from the Internet CyberSpace. Failure to properly configure, maintain, and monitor a secure and efficient DMZ increases the risk of your organization being attacked by CyberCriminals and other external intruders. This intensive seminar is designed to equip you to better protect and audit your network’s perimeter CyberSecurity through a blend of practical, up-to-the minute knowledge transfer and audit case studies.


Learning Objectives


  • Identify key control points and building blocks in CybserSpace DMZs and CybserSpace connections

  • Evaluate CyberSecurity risks and safeguards associated with Internet and other external network connections

  • Identify and assess the role of each network device control point, firewalls and beyond, in the overall CyberSecurity policy of the DMZ

  • Locate sources of industry benchmarks for best CyberSecurity practices and compliance requirements for DMZ and external network connections

  • Tools and techniques for CyberAudits of network device configurations and overall network security for the DMZ and associated external network connections


Course Outline


Planning for Network Perimeter Security Audits


  • Risks to your Internet and other public facing network connections

  • DMZ security control points

  • Developing a TCP/IP application risk management methodology

  • Roles of devices in the DMZ

  • Sources of audit tools and resources

  • Developing an audit work program for DMZ audits

  • DMZ design analysis

    Router and Other Network Device Configurtion, CyberSecurity, and Audit


  • Classes of devices and protocols

  • Network device maintenance port access controls

  • Cisco IOS router configuration essentials for security and auditing

  • Border Gateway Protocol (BGP) security requirements

  • Router access control lists (ACLs)

  • Router configuration management and audit tools

  • Router configuration analysis

    Network Firewall Policies, Security, Configuration, and Audit


  • Firewall architectures pros and cons

  • State management

  • Typical firewall policy rule syntax

  • Basic packet filtering policy requirements

  • Network address translation (NAT)

  • Web application firewalls, mail guards, and other proxy servers

  • Common firewall configuration errors

  • Intrusion detection/prevention systems (IDS/IPS)

  • Firewall configuration management and audit tools

  • Firewall policy and configuration analysis

    Auditing VPN and Remote Access CyberSecurity*


  • Evaluating VPN protocol alternatives

  • VPN CyberSecurity configuration features and related policy requirements

  • Relative positioning of firewalls and VPN end-points

  • RADIUS and TACACS+ and other authentication services

  • VPN CyberSecurity configuration analysis

    Network Switch Configuration, CyberSecurity, and Audit*


  • Role of network switches in the DMZ

  • VLAN characteristics and configuration

  • Attacks and countermeasures for VLANs

  • Network switch configuration analysis

    Remote Discovery and Vulnerability Testing of Your Network Perimeter*


  • Special considerations for external network CyberSecurity discovery and vulnerability testing

  • Network host discovery, multi-protocol traceroutes, stealth scanning

  • Firewall, VPN, and other device discovery and footprinting procedures

    *Included in the 3-day lecture/demo and 5-day hands-on class only


Additional Information


Who Should Attend


  • IT Auditors

  • Information Security Managers, Analysts, and Architects

  • IT Management

  • IT Architects

  • Network Engineers

  • Consultants

    Learning Level

    Advanced

    Delivery

    Group-Live

    Field

    Auditing 

 

About the Speaker

Ken Cutler CISSP, CISM, CISA, Security+, CASP, Q/EH is President of Ken Cutler & Associates (KCA) InfoSec Assurance, an independent consulting firm delivering Information Security and IT audit professional consulting services. He is Director of Prof. Cert. Programs for Security University and a Sr Teaching Fellow at CPEi (CPE Interactive), specializing in Technical Audits of IT Security and IT controls. Ken is an internationally recognized consultant and trainer in the Info. Sec. and IT audit fields and is a Qualified Ethical Hacker (Q/EH) and a Certified Meteorologist (USAF).  He was formerly VP of Info. Sec. for MIS Training Institute and has held numerous positions in IT mgt, including being CIO of a Fortune 500 company.  He directed company-wide IS programs for American Express Travel Related Services, Martin Marietta Data Systems, and Midlantic Banks, Inc. Ken has been a long-time active participant in international gov. and industry security standards initiatives including the President’s Commission on Critical Infrastructure Protection, Generally Accepted System Security Principles (GSSP), Information Technology Security Evaluation Criteria (ITSEC), US Federal Criteria, and Department of Defense Information Assurance Certification Initiative.  Mr. Cutler is the primary author of the widely acclaimed Commercial International Security Requirements; co-author of the original NIST SP 800-41, “Guidelines on Firewalls and Firewall Policy”, and has published many other works in addition to being quoted as an expert in publications as well as tv appearances.