[44] in Best-of-Security
BoS: c4i-pro Network Security Training
daemon@ATHENA.MIT.EDU (Jerry Holland)
Tue Feb 25 10:50:42 1997
Date: Thu, 20 Feb 1997 09:18:26 -0500
From: Jerry Holland <jholland@afcea.org>
Reply-To: Jerry Holland <jholland@afcea.org>
Errors-To: best-of-security-request@suburbia.net
To: best-of-security@suburbia.net
Resent-From: best-of-security@suburbia.net
Jerry Holland <jholland@afcea.org>
AFCEA Professional Development Center offers its course on
"Security in Computer Networks"
April 1, 2, 3, 4, 1997
Fairfax, Virginia
This course is Unclassified. CEU=3D2.4 =09
BACKGROUND.
As information systems become more distributed, depending upon the good
will of the users as a basis for security becomes foolhardy. With DoD
increasingly relying on public communications, security in all systems
accessible through the public networks is a major issue for designers
and operators. Experience in government and commercial espionage
coupled with threats from hackers and viruses cause great concern. Much
of Defensive Information Warfare revolves on these same issues.=20
However, real defenses exist. Security principles and practices for
computer networks are covered in this course. Specific technologies and
products are discussed with practical advice on their use.
OBJECTIVE
This course provides a comprehensive overview of computer network
security fundamentals to include theory, implementation, technology and
products. Through the use of case studies and real-world problems, the
student will learn to identify their security threats and recognize
appropriate and practical solutions.
WHO SHOULD ATTEND
This course is intended for users, designers and evaluators of
sensitive information systems who need a thorough understanding of the
Information Security (INFOSEC) mechanisms that can help secure their
systems. Systems administrators of Wide and Local Area Networks which
handle classified, sensitive or private information will find the course
very useful to gain a basic understanding of the fundamentals of
security as well as learning practical, inexpensive and effective
techniques and products to secure their networks or systems. The course
is technical in nature; students should have a basic familiarization
with computers and communications.
COURSE OUTLINE: Security in Computer Networks
Network Overview
Advantages of Networks
Types of Networks
Internetworks
OSI Reference Model
OSI/DOD Protocol Stacks
Overview of Computer Network Security
Basic Security Concepts
Definition of Terms
Information Security Objectives
Threats and Vulnerabilities
Misconfigured software
Network Spoofing
Password Cracking
Wiretapping
Hackers
Denial of Service
Malicious Software (Viruses, Trojan Horses, Worms)
CERT Advisories
Network Security Site Assessment Tools (SPI, SATAN, COPS, etc.)
Secure Network Administration
Cryptography
Basic Encryption Techniques
Types of Attacks
Mathematics of Cryptography
Private Key Cryptography - DES, Clipper/Capstone/Skipjack, etc.
Public Key Cryptography - RSA, Diffie-Hellman, Digital Signature =09
Standard, etc.
Uses of Public Key Cryptography
Implementation Guidance
Key Management and Distribution
Key Distribution Centers
Certification Authorities
Electronic Key Management System (EKMS) and the MISSI Key
Management Infrastructure
Authentication
User Authentication and Identification
Passwords
Authentication Protocols
X.509 Authentication
Authentication in Distributed Systems
Kerberos
Tokens
Smart Cards
Biometrics
Access Control
Access Control Lists
Mandatory/Discretionary Access Control
Authorization/Auditing
Network Security Architecture
Security Mechanisms in Protocol Layers
Architectural Placement of Security
Physical Placement of Security
Security Protocols and Standards
DOD (MSP, KMP, SP4, SP3, etc.)
Commercial
Security related RFCs, PEM, PGP, SHTTP, Netscape SSL,=20
Internet Commerce, etc.
NCSC Orange Book (C1, C2, B1, B2, B3, A1) and CMW
Products
In-Line Encryption
NES, TACLANE, TEED, FASTLANE, CANEWARE
Workstation Security with FORTEZZA and FORTEZZA Enabled Products
Multi-level Information Systems Security Initiatives=20
(Applications, Implementations and Case Studies)
Mr. Robert Serenelli
Course Coordinator and Lecturer
Mr. Robert Serenelli has been involved in the design, use and evaluation
of secure information systems for the past thirteen years. He has been
security engineer on many government development programs and security
standards working groups. Mr. Serenelli is currently employed by the
MITRE Corporation. He is the author of numerous papers in the area of
network security and is an Adjunct Faculty member at Rutgers University
and Monmouth University where he teaches graduate level courses.
Register by submitting the following information to:
AFCEA=92s Professional Development Center
4400 Fair Lakes Court
Fairfax, Virginia 22033-3899
Phone: (703) 631-6135 FAX (703) 631 4693
email=3D pdc@afcea.org
Course Name or Number:
Date Course Convenes:
Rank/Honorific:
Service:
First Name:
MI:
Last Name:
Title/Position:
Company/Organization:
Division:
Mail Stop/ Suite/ Office Symbol:
Street Address:
City:
State:
ZIP:
Country
Telephone: (area code)
Fax: (area code)
Fee: Government $950
Industry $1195
Please indicate method of payment intended:
Mastercard/Visa/AMEX/Diners Club/ DD1556/Voucher
All registrations will be acknowledged. The acknowledgment letter will
contain information on location of the course, housing and
transportation details.