> > > SSSE Detailed outline

Security Solutions for System Engineers (SSSE)

Course Description Schedule Course Outline

Detailed Course Outline

Module 1: The Threat Landscape and Goals of Security Engineering

    Lesson 1: General Principles
  • Risks to Enterprise Business Processes
  • Security Terminology
  • Types of Attackers
  • Value of Assets and Cost of Incidents
  • Security Engineering
    Lesson 2: Physical Attacks
  • Physical Access
  • Theft
  • Physical Intrusion and Destruction
  • Electromagnetic Leakage and Interference
    Lesson 3: Network Infrastructure Attacks
  • Impact of Network Infrastructure Attacks
  • Device- and Link-Focused Attacks
  • Attacks Against Network Infrastructure Signaling Processes
  • Attacks Against Management Protocols and Supporting Infrastructure Applications
    Lesson 4: System and Application Attacks
  • Impact of System and Application Attacks
  • Attacks Against Network and Application Protocols
  • Attacks Against Operating Systems
  • Attacks Against Applications Lesson 5: User Attacks
  • Impact of User Attacks
  • Types of User Attacks

Module 2: Overview of Security Controls

    Lesson 1: Organizational Controls
  • Security Policies and Procedures
  • Organizational Controls
  • Security Life-Cycle Management
  • Security Life-Cycle Management Models
  • Security Regulation
  • Security Evaluation and Assurance
    Lesson 2: Types of Controls
  • Access Control
  • Detection and Response
  • Proactive and Reactive Controls
  • Network, Endpoint, and Data-Centric Controls
    Lesson 3: Security Engineering Principles
  • Matching Controls to Threats
  • Realistic Assumptions
  • Simplicity
  • Fail-Open and Fail-Closed Controls
  • Defense in Depth
  • Limiting Damage
    Lesson 4: Distribution of Controls Between Network and Endpoints
  • Infrastructure-Endpoint Architecture
  • Perimeter-Endpoint Architecture
  • Endpoint-Only Architecture
  • Combining Security Architectures
    Lesson 5: Cryptographic Services
  • Cryptographic Controls
  • Confidentiality as a Cryptographic Service
  • Integrity as a Cryptographic Service
  • Authentication as a Cryptographic Service
  • Nonrepudiation as a Cryptographic Service
  • Key Management
    Lesson 6: Authentication and Identity Management
  • Identity Management
  • Subjects and Credentials
  • Authentication Protocols
  • Authentication Architectures
    Lesson 7: Network Controls
  • Network Infrastructure Controls
  • Network Separation and Boundary Controls
    Lesson 8: System Controls
  • Native Operating System Controls
  • Operating System Security Extensions
    Lesson 9: Application Controls
  • Secure Application Protocols
  • Secure Development, Testing, and Operations
  • Data Validation
  • Access Control and Auditing

Module 3: Network Infrastructure Protection Solutions

    Lesson 1: Overview of Threats, Controls, and Specific Customer Requirements
  • Threats Against the Network Infrastructure
  • Customer Environment and Requirements
    Lesson 2: Architectures and Design Guidelines
  • Architecture Components
  • Device Hardening Design
  • Network Signaling Protection Design
  • Permanent Traffic Filtering Design
  • On-Demand Traffic Filtering Design
  • Edge User Access Control Design
  • Edge User Compliance Verification Design
  • Secure Management Design
    Lesson 3: Case Studies
  • The lesson includes these topics:
  • Network Infrastructure Security for Enterprise IP Telephony
  • Enterprise Infrastructure-Based Worm Defense

Module 4: Enterprise Internet Access Solutions

    Lesson 1: Overview of Threats, Controls, and Specific Customer Requirements
  • Threats Against Enterprise Internet Access
  • Customer Environment and Requirements
    Lesson 2: Architectures and Design Guidelines
  • Architectural Components
  • Resource Separation Design
  • Infrastructure Security Design
  • Boundary Network Access Control Design
  • Endpoint Protection Design
  • High-Availability and High-Performance Solutions Design
  • Management Support Design
    Lesson 3: Case Studies
  • Enterprise Internet Access Case Study
  • Internet Access Protection Technology Demonstration

Module 5: Solutions for Exposed Enterprise Services and Data Centers

    Lesson 1: Overview of Threats, Controls, and Specific Customer Requirements
  • Threats with Exposed Enterprise Services and Data Centers
  • Customer Environment and Requirements
    Lesson 2: Architectures and Design Guidelines
  • Architectural Components
  • Resource Separation Design
  • Infrastructure Security Design
  • Boundary Network Access Control Design
  • Endpoint Protection Design
  • High-Availability and High-Performance Solutions Design
  • Management Support Design
    Lesson 3: Case Studies
  • Exposed Enterprise Service Case Study
  • Protection of Enterprise Exposed Services

Module 6: Unified Communications Protection Solutions

    Lesson 1: Overview of Threats, Controls, and Specific Customer Requirements
  • Threats Against Unified Communications Systems
  • Customer Environment and Requirements
    Lesson 2: Architectures and Design Guidelines
  • Architectural Components
  • Physical Security Design
  • Resource Separation Design
  • Network Infrastructure Security Design
  • Boundary Network Access Control Design
  • Endpoint Protection Design
  • Management Support Design
    Lesson 3: Case Studies
  • Unified Communications Protection Solutions

Module 7: Secure WAN Solutions

    Lesson 1: Overview of Threats, Controls, and Specific Customer Requirements
  • Threats Against Enterprise WANs
  • Customer Environment and Requirements
    Lesson 2: Architectures and Design Guidelines
  • Architectural Components
  • Authentication and Transmission Protection Design
  • Infrastructure Security Design
  • Point-to-Point Secure WAN Design
  • Hub-and-Spoke Secure WAN Design
  • Meshed Secure WAN Design
  • High-Availability and High-Performance Design
  • Management Support Design
  • Secure WAN Feature Matrix
    Lesson 3: Case Studies
  • Hub-and-Spoke IPsec WAN
  • Fully-Meshed IPsec WAN
  • Demonstration of an On-Demand Fully Meshed IPsec VPN

Module 8: Secure Remote Access Solutions

    Lesson 1: Overview of Threats, Controls, and Specific Customer Requirements
  • Threats Against Enterprise Remote Access and Mobility
  • Customer Environment and Requirements
    Lesson 2: Architectures and Design Guidelines
  • Architectural Components
  • Authentication and Transmission Protection Design
  • Infrastructure Security Design
  • Remote Access Solutions Design
  • High-Availability and High-Performance Design
  • Network and Content Access Control Design
  • Remote User Protection and Data Loss Protection Design
  • Management Support Design
    Lesson 3: Case Studies
  • Enterprise Remote Access
  • Secure Remote Access Technology Demonstration

Module 9: Enterprise Wireless Security Solutions

    Lesson 1: Overview of Threats, Controls, and Specific Customer Requirements
  • Threats Against Enterprise Wireless Access
  • Customer Environment and Requirements
    Lesson 2: Architectures and Design Guidelines
  • Architectural Components
  • Infrastructure Security Design
  • Authentication Design
  • Transmission Protection Design
  • Endpoint Protection Design
  • Guest Access Design
  • Management Support Design
    Lesson 3: Case Studies
  • Enterprise WLAN Case Study

Module 10: Enterprise Security Management Solutions

    Lesson 1: Overview of Specific Customer Requirements
  • Customer Environment and Requirements
    Lesson 2: Architectures and Design Guidelines
  • Architectural Components
  • Management Network and System Protection Design
  • Infrastructure Security Design
  • Policy Provisioning Design
  • Secure Monitoring and SIM Design
  • Design Compliance Assessment
    Lesson 3: Case Studies
  • Enterprise Security Management Case Study
 

Accessing our website tells us you are happy to receive all our cookies. However you can change your cookie settings at any time. Find out more.   Got it!