Information Security for Technical Staff - eLearning
This 13 module, online course is designed to provide participants with practical techniques for protecting the security of an organization's information assets and resources, beginning with concepts and proceeding on to technical implementations.
The course focuses on understanding and applying the concept of survivability through the effective management of risk, threats, policy, system configuration, availability, and personnel. The course also addresses incident response and provides a technical foundation for working with TCP/IP security and cryptography. The final section of the course helps participants learn to design a secure network architecture managing host systems, securing network services and infrastructure, working with firewalls, and understanding intrusion detection and prevention.
The principles, strategies, and practices covered are applicable to most system platforms and network environments. To illustrate important concepts and security technologies, demonstrations and exercises will include implementations applicable to Linux and Windows systems as well as Cisco Internetworking equipment.
The course involves extensive hands-on virtual laboratories utilizing heterogeneous network environment, scenario-based exercises, video lectures, and instructor demonstrations to help participants develop their understanding of the problems and strategies for securing information systems and networks.
Hands-on labs and demonstrations include subjects such as: Network scanning and enumeration; Packet capture and analysis, Windows Group Policy and Security templates; Network traffic encryption with IPSec; Intrusion detection and prevention with Snort; as well as information on personal and enterprise firewalls, password cracking, and extensive hacking/hardening of Linux, Windows, and Cisco platforms in both wireless and cabled networks.
This course is also offered as instructor-led training.
Technical staff members who manage or support networked information systems and have
- two years of practical experience with networked systems or equivalent training/education
- some degree of specific familiarity with the ISO/OSI 7-layered reference model as well as Ethernet, TCP/IP, and major network operating systems such as Windows NT/2000/XP and Unix
This course will help participants to:
- describe the components of survivability
- identify and define the components of an information security (IS) model
- describe the components of risk and asset management as applied to networked systems
- identify the benefits of invoking sound security policies and methods for implementing them
- describe the steps of the Security Knowledge in Practice(SKiP) methodology
- summarize key security concerns of the TCP/IP protocol suite
- describe the benefits of cryptography when applied to IS properties of confidentiality, integrity, and availability
- describe common methods of gathering information on networked systems
- describe the types of current vulnerabilities and threats to which an organization's information assets may be exposed
- identify common attack methods perpetrated against network systems
- describe best practices for hardening and actively defending host and networked systems from intrusions
- develop an approach for staying current with trends and requisite skills in information security
- the challenge of survivability
- asset and risk management
- policy formulation and implementation
- Security Knowledge in Practice
- TCP/IP security
- prelude to a hack (information gathering)
- threats, vulnerabilities, and attacks
- host system hardening
- securing network infrastructure
- deploying firewalls
- securing remote access
- intrusion detection systems
Information Security for Technical Staff online version will require a minimum of 20 hours of study time. The 13 module course contains 45 video lectures, 27 instructor demonstrations, and 15 virtual labs. Once registered, learners will be granted 24-hour-a-day access to the course material for 12 months.
Learners can proceed through the course at their convenience and can review and repeat individual sections as often as needed.
- Recorded instruction presented by SEI instructors
- 45 video training sessions with transcripts
- 27 instructor demonstrations
- 15 virtual labs
This course is presented in the form of video-recorded training sessions that were presented by SEI instructors to a classroom of students representing a variety of industries.
Demonstrations and virtual labs included with the course explore and reinforce the concepts taught and how they can be successfully applied. Exercise solution guidance supports this independent learning experience.
To access CERT STEPfwd, your computer must have the following:
- Web browsers - Internet Explorer 7+ or Firefox 3+
- Adobe Flash version 10+
- JRE Version 6+
- Computer system and network settings that allow access to streaming video from internet sources
- Minimum client resolution of 1280x1024 to enable proper Video and Lab Player display; Internet connection of 384 Kbps or greater (to sustain downloads with no more than 230ms of latency)
Training courses provided by the SEI are not academic courses for academic credit toward a degree. Any certificates provided are evidence of the completion of the courses and are not official academic credentials. For more information about SEI training courses, see Registration Terms and Conditions and Confidentiality of Course Records.