K2-108
Security Policy
ModuleSponsored by Cisco Systems, Inc.
Course Description
This module should allow the attendee to understand what he/she needs to put in place in his/her company, what are the issues and what type of products or designs can solve a given problem. This module can be seen as an agenda for the rest of the workshop.
Issues to be resolved:
Encryption technologies (mainly IP SEC)
Definitions
Type of algorithms
Type of keys
Certification authority
X500 architecture
Type of attacks
Cisco's implementation
Designs
Hub and spoke topologies
VPN Clients
Any to any
Mixt topologies
Back-up architectures
Voice integration (maybe)
Authentication
Tacacs+ and Radius protocol
Token card
Public/private keys
Smart cards
Windows NT
Kerberos
Cisco products integration with other vendors solution
Firewall
Access List
Stateful technologies
General design
When to use ACL or Stateful
Cisco IOS Firewall versus PIX firewall
Intrusion detection
Description of well known TCP or UDP attacks
Knowing weaknesses
Security inventory
Active audit
Attack response
Network management
How to secure the network itself
SSH
SNMP 1-3
Access control
E-Commerce (maybe)
SET
SSL
Vendor/user authentication
Digital signature
Non-repudiation
Organization
Computer Emergency Response Team Recovery
Orientation
April 7, 2000
Training Dates
April 10-14, 2000
Location
San Jose, California
Suggested Course Sequence
K2-102, K2-104, K2-105, K2-108