-
Discover a proven method for conducting thorough and effective technical information audits. Learn how to develop the testing methodology essential for technical security reviews.
This course follows a proven methodology for conducting thorough and effective technical security audits and assessments based on guidelines from NIST. Learn how to develop the testing methodology essential for technical security reviews. Discover how to identify and analyze targets, use key technical testing tools, identify and mitigate findings, and more. Performing technical information security audits and assessments is essential to protecting information assets. By the end of this course, you'll know how to determine if your network is secure.
Overview
Syllabus
-
Introduction
- Welcome
- What are technical security assessments?
- Who this course is for
- Develop a technical security assessment methodology
- Overview of technical security assessment techniques
- Select your testing viewpoint
- Challenge: Pick the right technical security assessment
- Solution: Pick the right technical security assessment
- Required skillsets
- Conduct documentation reviews
- Conduct log reviews
- Conduct ruleset reviews
- Conduct system configuration reviews
- Conduct network sniffing
- Network sniffing tool demo: Wireshark
- Conduct file integrity checking
- File integrity checking tool demo
- Challenge: Pick the right reviews
- Solution: Pick the right reviews
- Required skillsets
- Conduct network discovery
- Network discovery tool demo
- Challenge: Install and run Nmap
- Solution: Install and run Nmap
- Identify network ports and services
- Network ports and services discovery tool demo
- Scan for vulnerabilities
- Vulnerability scanning tool demo
- Scan wireless networks
- Required skillsets
- Crack passwords
- Challenge: Install and run a password cracker
- Solution: Install and run a password cracker
- Password cracking tool demo
- Conduct penetration tests
- Penetration testing tool demo
- Conduct social engineering
- Develop a security assessment policy
- Prioritize and schedule the assessments
- Select and customize techniques
- Select the assessors
- Select the location
- Select tools and resources
- Develop the assessment plan
- Challenge: Write a security assessment methodology
- Solution: Write a security assessment methodology
- Legal considerations
- Coordinate the assessment
- Conduct the assessment
- Conduct the analysis
- Challenge: Categorize assessment findings
- Solution: Categorize assessment findings
- Data handling considerations
- Recommend mitigation solutions
- Challenge: Recommend mitigation solutions
- Solution: Recommend mitigation solutions
- Report the results
- Implement remediation and mitigation
- Next steps
