ExitCertified Formation Formation de Java Solaris Red Hat IBM Symantec Siebel PeopleSoft
 
ExitCertified Formation Formation de Java Solaris Red Hat IBM Symantec Siebel PeopleSoft
 
start courses and schedules education savings it certification education solutions
recherche de formation
Faites confiance à votre formation en TI   |
Oracle University reconnaît ExitCertified comme Partenaire en formation de l’année en Amérique du Nord.

Enterprise Intrusion Analysis

Format: Formation en classe avec formateur
Autres formats:
 
 

The Enterprise Intrusion Analysis course provides students with the skills needed to discover and analyze enterprise intrusions in a UNIX environment.

Students who can benefit from this course:
  • Systems Administrators and Security Administrators who are responsible for detecting and analyzing enterprise system intrusions

This course counts towards the Hands-on course requirement for the Oracle Solaris 10 Security Administrator Certification. Only instructor-led inclass or instructor-led online formats of this course will meet the Certification Hands-on Requirement. Self Study CD-Rom and Knowledge Center courses DO NOT meet the Hands-on Requirement.
 
Sun Microsystems Certified Training Course   Sun Microsystems Training Savings
 

Compétences acquises
 

  • Detect an enterprise system intrusion

  • Analyze a compromised system for crucial information: attack time, attacker location, attacker modifications to the system

  • Correlate multiple log files from different parts of the enterprise to determine attacker usage

 

  • Conduct an audit of file systems to determine attacker modifications

  • Describe modern attacker methodology with proof of concept examples

Préalables
 

  • System Administration for the Solaris 10 Operating System Part 2 (SA-202-S10)

  • Demonstrate basic UNIX system and network administration skills

 

  • Demonstrate a basic understanding of Transmission Control Protocol/Internet Protocol (TCP/IP) networking

  • Demonstrate an intermediate understanding of network services: DNS, DHCP, SMTP, HTTP, and firewalls
 
Enroll For This Class
Enroll For This Class
Sun Microsystems Training Course Ce cours est donné par des formateurs certifiés Oracle.

ExitCertified est le seul partenaire en formation agréée Sun au Canada et le plus important revendeur Sun en Amérique du Nord.

Il y a une différence....découvrez-la.
Training Class Enrollment Ask A Question About This Training
Code: SC-375
Format: Formation en classe avec formateur
Durée: 5 Days
Certifié par: Oracle
Frais d’inscription (CAD): 4,125$
Oracle University Awards ExitCertified the North American Partner of the Year Award for 2011
Recherchez des cours semblables
Cours connexes

Trier l'horaire par: 
No Course Dates Ce cours n'est pas prévu à l'horaire pour l'instant. Si vous êtes intéressé à suivre ce cours, utilisez le lien ci-dessous pour demander une date.
   
demander la date/l’emplacement demander de la formation sur place
 

Enterprise Intrusion Analysis Contenu détaillé
 
 
Enterprise Footprinting
  • Describe the principals of least privilege and disclosure
  • Describe how attackers use active fingerprinting using port scans, DNS and ICMP
  • Describe how attackers use passive fingerprinting using search engines
  • Describe how attackers enumerate services by collecting banner messages and protocol information
  • Describe how attackers use social engineering methods to gather information about an enterprise
Unauthorized System Access
  • Describe how attackers gain unauthorized access through user accounts
  • Describe how attackers gain unauthorized access through software flaws
  • Explain the attacker methodology for locating vulnerable enterprise services and creating exploits
  • Describe a buffer overflow
  • Describe privilege escalation
  • Describe a Trojan horse as a means to escalate privileges
Securing root Access
  • Describe how attackers secure root access through backdoors on a system
  • Describe the following back doors: SUID shell, bound shell, and trusted hosts
  • Describe a file system root kit
  • Demonstrate how a file system root kit hides files, processes, and connections
  • Describe a kernel root kit
  • Demonstrate how a kernel rootkit captures all system activity
Encrypting and Hiding Data on a System
  • Review encryption technology
  • Describe how attackers use cryptography to encrypt files
  • Demonstrate encryption using GnuPGP and OpenSSL
  • Describe digital steganography
  • Demonstrate how attackers hide files within files using digital steganography
  • Describe how attackers hide data within unexpected parts of the file system
  • Demonstrate how attackers hide a file in file system metadata
  • Demonstrate how attackers use the loopback file system and extended attributes to hide data
 
Enterprise Log Analysis
  • Identify the different types of enterprise services: like DNS, DHCP, SMTP, HTTP, and Firewalls
  • Identify available log files for enterprise services
  • Describe the relevant intrusion information in each log file
  • Examine enterprise log files to locate suspicious activity
  • Correlate information from multiple log files to determine an intrusion
Unauthorized System Access Intrusion Analysis
  • Identify default system access log files in the /var directory structure
  • Identify optional Basic Security Module (BSM) and system accounting log files
  • Describe log file formats and tools available to read the formats
  • Describe the relevant information in each log file
  • Correlate information from multiple log files to determine unauthorized system access
  • Demonstrate how attackers modify log files to hide their presence on a system
File System Intrusion Analysis
  • Define systems and utility trust
  • Locate backdoors on a UNIX System: alternate root accounts, bound shells, SUID shells, trusted host files
  • Locate file system root kits on a UNIX System
  • Discover hidden directories, replaced system commands, remote command utilities, and network sniffers
  • Describe automated file system analysis tools
  • Implement the rkhunter, chkrootkit, and Solaris Fingerprint Database to locate root kits
System Memory Analysis
  • Describe the important types of intrusion data that resides in memory
  • Describe techniques to capture volatile memory data to a file system
  • Introduce memory analysis tools mdb and gdb
  • Demonstrate how to recovery data from memory using the mdb and gdb tools
Incident Investigation Methodologies
  • Identify different types of intrusion scenarios
  • Apply a methodology based on an intrusion scenario
  • Collect the appropriate data (log files, file systems, and memory images) based on the intrusion scenario


  ExitCertified is your Authorized IT Training Partner  
  Lorsque vous suivez un cours certifié chez ExitCertified, vous apprenez directement des concepteurs des produits que vous utilisez. Notre engagement envers la communauté des TI, de même que notre autorisation à offrir des cours certifiés, vous assurent une expérience de formation supérieure. Il y a une différence. Apprenez directement de la source.

Il y a une différence. Apprenez directement de la source.		  
Training Contacts  
   
Canada United States

Formation à Montréal :: 514.876.1666
Formation à Ville de Québec :: 514.876.1666
Formation à Ottawa :: 613.232.3948
Formation à Toronto :: 416.487.3948

Formation à Vancouver :: 604.633.3948
Formation à Victoria :: 1.866.328.3948
Formation à Calgary :: 403.291.2855
Formation à Edmonton :: 780.441.3948
Formation à Regina :: 1.866.328.3948

 Formation à Sacramento :: 916.669.3970
Formation à San Francisco :: 415.975.3948
Formation à San Jose :: 408.288.3948
Formation à Las Vegas :: 1.800.803.3948
Formation à Phoenix :: 602.889.9350
À travers le monde - 613.232.3948 Des questions?
Il nous fait plaisir de vous aider. Transmettez-nous ce formulaire par courriel et nous vous répondrons dans les plus brefs délais.
   



(c) 2012 ExitCertified Corp. Tous droits réservés.


ExitCertified est un fournisseur international agréé de formation en technologies. Voici quelques-uns de nos cours les plus souvent consultés :
 
Formation Sun Formation Oracle Formation Symantec Formation IBM Formation Red Hat :: Linux
Formation Java, Cours J2EE, Formation JSP, servlets, EJB, Struts, réseaux, Formation Solaris, Java Composite Application Platform (JCAPS), SeeBeyond, XML, Formation Solaris 10, certification Java, certification Solaris Cours PeopleSoft, 11g, Formation Oracle SQL, Oracle PL/SQL, DBA, Hyperion, Fusion Middleware, 10g, 9i, certification 11g, certification DBA, certification Oracle Formation NetBackup, Cours Veritas, protection contre les virus, sécurité des TI, certification Symantec DB2, OS/400, Formation zSeries, s/390, iSeries, AIX SUSE, Formation RedHat
         
Formation MySQL Formation Apple Formation en gestion de projet    
Base de données MySQL Cours Apple, Formation Leopard Formation du PMI