AUDIENCE:   Anyone who needs to know and understand the workings of firewall technology, from a security or audit standpoint, should attend this course. If you come from one of these business areas, you would find the course very useful: - IT systems implementer wishing to protect vulnerable systems. - IT manager wishing to understand why the purchase of firewalling is necessary and what is involved. - Senior user or system owner wishing to understand ways of mitigating risk. - Network analyst looking to understand options for firewall protection. - Computer auditors and computer audit planners. - Computer security specialists. - Business risk analysts. PREREQUISITES:   Delegates should have a reasonable knowledge of IT in general. You should feel comfortable investigating system settings through a Windows GUI interface, as well as entering line commands in console environments. Some investigations may be carried out on a UNIX platform. The course has technical content, but this is technically in breadth, rather than depth. DURATION:   3 days. Hands on. OBJECTIVES:   This course will enable you to understand the workings of firewall technology, from a security or audit standpoint. The IT technical components will be explained to you, so you will understand how the various elements work together. COURSE CONTENT:   Introduction What are we protecting ourselves against? Which persons are the threat? What do we have that anyone would wish to violate? Communications Protocols Used on the Internet TCP/IP mechanism Ports and services Network services Intruder techniques Port scanning and detection TCP/IP based threats Harvesting Information What intruders are looking for Tools of the trade Attack signatures Introducing Encryption Business objectives Types of encryption Virtual private networks Traffic Control Firewalls Application level filtering and proxy services System Security Checks Top 20 IT-based vulnerabilities Appendices Appendix 1 Checkpoint firewall audit Appendix 2 Firewall audit (general) MB07/01