AUDIENCE:   This course is designed for audit and security specialists who need to understand how networks operate, what the sources of risk are and how to manage the risk. Also, the training is particularly relevant to those who manage, or are responsible for large corporate networks. PREREQUISITES:   A general familiarity with the use of ICT in businesses, from the viewpoint of a user. You should feel comfortable loading, running and experimenting with software, under guidance from the instructor. You should be able to take in your stride the command line and GUI utilities that are employed on the course. DURATION:   3 days. Hands on. OBJECTIVES:   This course covers network technology and the business objectives and risks. In particular, it will help you to find out what is important in the world of networking and become familiar with networking terms so you will be able communicate with your network specialists. COURSE CONTENT:   1. A review of networking technology Network security concepts Business issues Network development lifecycle Network hardware and software Risks and objectives Local area networks TCP/IP LAN devices Directory services Virtual private networks Transmission system vulnerabilities General network management Ports and sockets Routing Various hacking and probing tools 2. WAN technology WAN technology Frame relay ATM ISDN ADSL Satellite General network management Virtual private networks  3. Remote access Remote access topologies Telephone lines Authenticating remote users – the Shiva corporation Defending the remote machine Virtual private networking Auditing equipment cross the internet Wireless LANs (WLANs) IP version 6 (IPV6)   4. Traffic control Candidate points of weakness Standard firewall services Firewall specimen specification Firewall deployment Risk assessment methods Rule lists and logs 5. Building a trust infrastructure Business objectives Types of encryption Symmetrical cryptography PGP Hash check-summing SSL Digital Certificates VPNs  6. System security checks Top 20 system risks in an e-commerce environment Detection of vulnerabilities What the hackers do Best practice in resisting intrusions MB08/02