ISACA T&T Training Week Course Outline

1. COURSE OUTLINE
Training Week 2012
May 7-11 2012
Hyatt Regency
Port of Spain, Trinidad, W.I.

2. FACILITATOR’S BIO
John Tannahill, CA, CISM, CGEIT, CRISC is a management
consultant specializing in information security and audit
services. His current focus is on information security
management and control in large information systems
environments and networks. His specific areas of technical
expertise inclu de UNIX and Windows operating system security,
include
network security, and Oracle and Microsoft SQL Server security.
John is a frequent speaker in Canada, Europe and the US on the subject of
information security and audit.
He is a member of the Toronto ISACA Cha pter and has spoken at many ISACA
Chapter
Conferences and Chapter Events including ISACA Training Weeks; North America
CACS; EuroCACS; Asia- Pacific CACS; International and Network and Information
Security Conferences.
John is the 2008 Recipient of the ISACA John KuyerBest Speaker/Best Conference
Best
Contributor Award.
Prior speaking engagements include:
ngagements
 ISACA Chapter seminars (e.g. Toronto, Pittsburgh, Houston, Washington ,
Trinidad & Tobago)
 ISACA Training Weeks (2001 present)
(2001-
 ISACA NACACS, EuroCACS, Asia -Pacific CACS Conferences
 ISACA Information Security Management Conferences
 ISACA International Conferences
 CSI Annual Computer Security Conference (2009)
 Presented many in-house 1
house 1-day – 5-day seminars
2
Page
Training Week 2012. May 7-11 2012.Hyatt Regency Trinidad, W.I.
Regency.

3. SESSION ABSTRACTS
INTRODUCTION TO ETHICAL HACKING & FIREWALL SECURITY: 2 DAYS (HANDS-ON)
This session will provide participants with a practical methodology and approach to performing ethical
hacking assessments, and will include testing firewall security design and control. Detailed exercises and
demonstrations of tools and techniques used will allow the participant to evaluate network vulnerabilities
and identify key control recommendations that should be implemented to address the issues.
SESSION HIGHLIGHTS
 Hands-on environment used for  Sample assessment report outline
demonstration & discussion purposes  Listing of reference material for ethical
 Detailed discussion of output and results hacking assessment methodologies,
obtained from each part of the assessment techniques and tools
1. NETWORK DISCOVERY AND FOOTPRINT
 Network Address Spaces (DNS, IP Address  Information Gathering Tools (e.g. SNMP
Blocks) information)
 Ping Sweep Techniques; Firewalking etc.  Use of Search Engines such as Google and
other Web-based resources
2. TCP/IP SERVICE IDENTIFICATION AND ENUMERATION
 Port Scanning Techniques (tcp; udp and  Other Port Scanning, Fingerprinting and
icmp scanning) Service Identification Tools such as amap
(application fingerprinting) and netcat
 Use of Nmap(including NSE – Nmap
Scripting Engine)  Advanced scanning techniques and tools
(including use of Hping and other packet
crafting tools)
3. ETHICAL HACKING – IDENTIFY AND EXPLOITING VULNERABILITIES
 Vulnerability identification tools and  Testing web applications
techniques (including configuration and use
of network testing tools such as OpenVAS)  Testing vulnerabilities in Unix and Windows
operating systems using tailored scripts and
 Use of NIST National Vulnerability Database OS-specific tools
(NVD) and related resources
 Using the Metasploit Framework
 Testing firewalls including configuration and
rules assessments  Effective reporting and risk-ranking of
assessment results
 Testing specific TCP/IP Services e.g. web
3
servers
Page
Training Week 2012.May 7-11 2012.Hyatt Regency. Trinidad, W.I.

4. UNDERSTANDING AND SECURING WINDOWS 2008: 2 DAYS (HANDS-ON)
This session will focus on the audit and security issues related to the use of the Windows 2008 Server
Operating System.
SESSION HIGHLIGHTS
 Understand Windows 2008 architecture and  Demonstration of Windows 2008 security
security components and audit tools
 Use of Windows 2008 server operating  Demonstration of Windows 2008 Server
systems to demonstrate key security security features, including default security
features settings, security hardening steps and use of
the Group Policy
1. WINDOWS 2008 CONCEPTS
 Overview of Windows 2008  Build and Deployment Processes
 Server Versions  Configuration Management
 Service Packs & Hotfixes  Patch Management
2. UNDERSTANDING WINDOWS 2008 SECURITY COMPONENTS
 Active Directory Services (ADS)  Security Configuration
 Group Policy Objects (GPO)
3. WINDOWS 2008 SECURITY AND CONTROL
 Security Baselines  Privilege Management
 Active Directory Security  Network Share Security
 Windows 2008 Domains  Directory & File Permissions
 Trust Relationship Mechanisms  Registry Security
 Group Policy Objects (GPO)  Security Event Logs
 User Accounts  Windows Services
 Authentication Controls  Network Security
 User Rights  Security Administration
 Groups
4. AUDITING THE WINDOWS 2008 ENVIRONMENT
 Audit Objectives  Automated Tools/ Scripts for Audit Testing
 Auditing Domain Controllers  Approach to Windows 2008 Security Audit
 Auditing Member Servers
5. SECURITY AND AUDIT TOOLS & TECHNIQUES
 Windows 2008 Resource Kit
 Demonstration of Windows 2008 Security &
Audit Tools
4
Page
Training Week 2012.May 7-11 2012.Hyatt Regency. Trinidad, W.I.

5. UNDERSTANDING AND SECURING WIRELESS & MOBILE TECHNOLOGIES: 1 DAY(SEMINAR)
This seminar will focus on the audit and security issues related to the use of Wireless and Mobile
Technologies.
SESSION HIGHLIGHTS
 Detailed discussion of Wireless Network  Demonstration and discussion of security
Security Issues and audit tools and techniques
 Live wireless LAN environment used in class
to demonstrate key concepts and
security/audit areas /steps
1. UNDERSTANDING WIRELE SS & MOBILE TECHNOLOGIES
 Wireless LANs (WLAN)  Bluetooth Technology and Security
(IEEE 802.15)
 Wireless LAN standards and current
implementations - IEEE 802.11g;  Other Wireless Technologies (e.g. Wi-
802.11n technologies and security Max – 802.16)
mechanisms
 Mobile Technologies – Blackberry;
 Wi-Fi Protected Access (WPA/WPA2) iPhone; iPAD; Android; USB and
removable media
2. UNDERSTANDING WIRELE SS & MOBILE TECHNOLOGY THREATS AND RISKS
 WLAN Access Point Security  Fake Access Points
 War Driving  Traffic Capture and Analysis
 Unauthorized Network Access  Bluetooth Threats
 Rogue Access Points  Theft / Loss of Client Devices
3. SECURING & AUDITING WIRELESS & MOBILE TE CHNOLOGIES
 Authentication and Encryption
 Wireless Security Policy and Standards  VPN, Firewall and IDS measures
 Mobile Technology Security Standards  Wireless Security Assessment
 Wireless & Mobile Technology Risk  Auditing a WLAN environment
Assessment  Wireless Client Security
 Secure Wireless Architecture, Design  Bluetooth Security Configuration
and Deployment  Mobile Device Configuration Security
 Access Point Security
4. SECURITY AND AUDIT TOOLS & TECHNIQUES
 Demonstration of wireless security and audit tools and techniques, including Kismet, Aircrack;
Bluetooth Assessment tools etc
5
 Useful reference material
Page
Training Week 2012.May 7-11 2012.Hyatt Regency. Trinidad, W.I.