Security Solutions for System Engineers (SSSE)

Detailed Outlines

Course Outlines

Module 1: The Threat Landscape and Goals of Security Engineering

    Lesson 1: General Principles
  • Risks to Enterprise Business Processes
  • Security Terminology
  • Types of Attackers
  • Value of Assets and Cost of Incidents
  • Security Engineering
    Lesson 2: Physical Attacks
  • Physical Access
  • Theft
  • Physical Intrusion and Destruction
  • Electromagnetic Leakage and Interference
    Lesson 3: Network Infrastructure Attacks
  • Impact of Network Infrastructure Attacks
  • Device- and Link-Focused Attacks
  • Attacks Against Network Infrastructure Signaling Processes
  • Attacks Against Management Protocols and Supporting Infrastructure Applications
    Lesson 4: System and Application Attacks
  • Impact of System and Application Attacks
  • Attacks Against Network and Application Protocols
  • Attacks Against Operating Systems
  • Attacks Against Applications Lesson 5: User Attacks
  • Impact of User Attacks
  • Types of User Attacks

Module 2: Overview of Security Controls

    Lesson 1: Organizational Controls
  • Security Policies and Procedures
  • Organizational Controls
  • Security Life-Cycle Management
  • Security Life-Cycle Management Models
  • Security Regulation
  • Security Evaluation and Assurance
    Lesson 2: Types of Controls
  • Access Control
  • Detection and Response
  • Proactive and Reactive Controls
  • Network, Endpoint, and Data-Centric Controls
    Lesson 3: Security Engineering Principles
  • Matching Controls to Threats
  • Realistic Assumptions
  • Simplicity
  • Fail-Open and Fail-Closed Controls
  • Defense in Depth
  • Limiting Damage
    Lesson 4: Distribution of Controls Between Network and Endpoints
  • Infrastructure-Endpoint Architecture
  • Perimeter-Endpoint Architecture
  • Endpoint-Only Architecture
  • Combining Security Architectures
    Lesson 5: Cryptographic Services
  • Cryptographic Controls
  • Confidentiality as a Cryptographic Service
  • Integrity as a Cryptographic Service
  • Authentication as a Cryptographic Service
  • Nonrepudiation as a Cryptographic Service
  • Key Management
    Lesson 6: Authentication and Identity Management
  • Identity Management
  • Subjects and Credentials
  • Authentication Protocols
  • Authentication Architectures
    Lesson 7: Network Controls
  • Network Infrastructure Controls
  • Network Separation and Boundary Controls
    Lesson 8: System Controls
  • Native Operating System Controls
  • Operating System Security Extensions
    Lesson 9: Application Controls
  • Secure Application Protocols
  • Secure Development, Testing, and Operations
  • Data Validation
  • Access Control and Auditing

Module 3: Network Infrastructure Protection Solutions

    Lesson 1: Overview of Threats, Controls, and Specific Customer Requirements
  • Threats Against the Network Infrastructure
  • Customer Environment and Requirements
    Lesson 2: Architectures and Design Guidelines
  • Architecture Components
  • Device Hardening Design
  • Network Signaling Protection Design
  • Permanent Traffic Filtering Design
  • On-Demand Traffic Filtering Design
  • Edge User Access Control Design
  • Edge User Compliance Verification Design
  • Secure Management Design
    Lesson 3: Case Studies
  • The lesson includes these topics:
  • Network Infrastructure Security for Enterprise IP Telephony
  • Enterprise Infrastructure-Based Worm Defense

Module 4: Enterprise Internet Access Solutions

    Lesson 1: Overview of Threats, Controls, and Specific Customer Requirements
  • Threats Against Enterprise Internet Access
  • Customer Environment and Requirements
    Lesson 2: Architectures and Design Guidelines
  • Architectural Components
  • Resource Separation Design
  • Infrastructure Security Design
  • Boundary Network Access Control Design
  • Endpoint Protection Design
  • High-Availability and High-Performance Solutions Design
  • Management Support Design
    Lesson 3: Case Studies
  • Enterprise Internet Access Case Study
  • Internet Access Protection Technology Demonstration

Module 5: Solutions for Exposed Enterprise Services and Data Centers

    Lesson 1: Overview of Threats, Controls, and Specific Customer Requirements
  • Threats with Exposed Enterprise Services and Data Centers
  • Customer Environment and Requirements
    Lesson 2: Architectures and Design Guidelines
  • Architectural Components
  • Resource Separation Design
  • Infrastructure Security Design
  • Boundary Network Access Control Design
  • Endpoint Protection Design
  • High-Availability and High-Performance Solutions Design
  • Management Support Design
    Lesson 3: Case Studies
  • Exposed Enterprise Service Case Study
  • Protection of Enterprise Exposed Services

Module 6: Unified Communications Protection Solutions

    Lesson 1: Overview of Threats, Controls, and Specific Customer Requirements
  • Threats Against Unified Communications Systems
  • Customer Environment and Requirements
    Lesson 2: Architectures and Design Guidelines
  • Architectural Components
  • Physical Security Design
  • Resource Separation Design
  • Network Infrastructure Security Design
  • Boundary Network Access Control Design
  • Endpoint Protection Design
  • Management Support Design
    Lesson 3: Case Studies
  • Unified Communications Protection Solutions

Module 7: Secure WAN Solutions

    Lesson 1: Overview of Threats, Controls, and Specific Customer Requirements
  • Threats Against Enterprise WANs
  • Customer Environment and Requirements
    Lesson 2: Architectures and Design Guidelines
  • Architectural Components
  • Authentication and Transmission Protection Design
  • Infrastructure Security Design
  • Point-to-Point Secure WAN Design
  • Hub-and-Spoke Secure WAN Design
  • Meshed Secure WAN Design
  • High-Availability and High-Performance Design
  • Management Support Design
  • Secure WAN Feature Matrix
    Lesson 3: Case Studies
  • Hub-and-Spoke IPsec WAN
  • Fully-Meshed IPsec WAN
  • Demonstration of an On-Demand Fully Meshed IPsec VPN

Module 8: Secure Remote Access Solutions

    Lesson 1: Overview of Threats, Controls, and Specific Customer Requirements
  • Threats Against Enterprise Remote Access and Mobility
  • Customer Environment and Requirements
    Lesson 2: Architectures and Design Guidelines
  • Architectural Components
  • Authentication and Transmission Protection Design
  • Infrastructure Security Design
  • Remote Access Solutions Design
  • High-Availability and High-Performance Design
  • Network and Content Access Control Design
  • Remote User Protection and Data Loss Protection Design
  • Management Support Design
    Lesson 3: Case Studies
  • Enterprise Remote Access
  • Secure Remote Access Technology Demonstration

Module 9: Enterprise Wireless Security Solutions

    Lesson 1: Overview of Threats, Controls, and Specific Customer Requirements
  • Threats Against Enterprise Wireless Access
  • Customer Environment and Requirements
    Lesson 2: Architectures and Design Guidelines
  • Architectural Components
  • Infrastructure Security Design
  • Authentication Design
  • Transmission Protection Design
  • Endpoint Protection Design
  • Guest Access Design
  • Management Support Design
    Lesson 3: Case Studies
  • Enterprise WLAN Case Study

Module 10: Enterprise Security Management Solutions

    Lesson 1: Overview of Specific Customer Requirements
  • Customer Environment and Requirements
    Lesson 2: Architectures and Design Guidelines
  • Architectural Components
  • Management Network and System Protection Design
  • Infrastructure Security Design
  • Policy Provisioning Design
  • Secure Monitoring and SIM Design
  • Design Compliance Assessment
    Lesson 3: Case Studies
  • Enterprise Security Management Case Study

Objectives and Pre-requisites

Course Objectives

  • Recognize modern threats to enterprise business processes
  • Recognize modern security controls
  • Choose appropriate controls for specific threats and environments
  • Apply basic security design guidelines
  • Recognize basic customer requirements and environment limitations and build an optimal solution based on them
  • Position Cisco security products in basic customer scenarios

Prerequisites

The knowledge and skills you must have before attending this course are as follows:

  • Valid CCDA Certification
   
 
Classroom training
Duration: 5 days
Price: US$ ----
CLC: 35

 
Course Schedule:
Egypt, Cairo,  Jan 2015
Dubai,  Feb, 2015
Qatar, Doha, May 2015

 
   PDF
PDF of this course
                                                  
 

User Rating: 0 / 5

Star inactiveStar inactiveStar inactiveStar inactiveStar inactive
 
 Privacy Policy
Terms & Conditions