Nie masz czasu na szukanie?

71 353 52 51 Centrala Obsługi Klienta

biuro@prolearning.pl

Pobierz PDF Pobierz DOC Formularz na szkolenie

Formularz na egzamin

2 +
= 10

Enterprise Intrusion Analysis (SC-375

Program

  • Enterprise Footprinting
    • Describe the principals of least privilege and disclosure
    • Describe how attackers use active fingerprinting using port scans, DNS and ICMP
    • Describe how attackers use passive fingerprinting using search engines
    • Describe how attackers enumerate services by collecting banner messages and protocol information
    • Describe how attackers use social engineering methods to gather information about an enterprise
  • Unauthorized System Access
    • Describe how attackers gain unauthorized access through user accounts
    • Describe how attackers gain unauthorized access through software flaws
    • Explain the attacker methodology for locating vulnerable enterprise services and creating exploits
    • Describe a buffer overflow
    • Describe privilege escalation
    • Describe a Trojan horse as a means to escalate privileges
  • Securing root Access
    • Describe how attackers secure root access through backdoors on a system
    • Describe the following back doors: SUID shell, bound shell, and trusted hosts
    • Describe a file system root kit
    • Demonstrate how a file system root kit hides files, processes, and connections
    • Describe a kernel root kit
    • Demonstrate how a kernel rootkit captures all system activity
  • Encrypting and Hiding Data on a System
    • Review encryption technology
    • Describe how attackers use cryptography to encrypt files
    • Demonstrate encryption using GnuPGP and OpenSSL
    • Describe digital steganography
    • Demonstrate how attackers hide files within files using digital steganography
    • Describe how attackers hide data within unexpected parts of the file system
    • Demonstrate how attackers hide a file in file system metadata
    • Demonstrate how attackers use the loopback file system and extended attributes to hide data
  • Enterprise Log Analysis
    • Identify the different types of enterprise services: like DNS, DHCP, SMTP, HTTP, and Firewalls
    • Identify available log files for enterprise services
    • Describe the relevant intrusion information in each log file
    • Examine enterprise log files to locate suspicious activity
    • Correlate information from multiple log files to determine an intrusion
  • Unauthorized System Access Intrusion Analysis
    • Identify default system access log files in the /var directory structure
    • Identify optional Basic Security Module (BSM) and system accounting log files
    • Describe log file formats and tools available to read the formats
    • Describe the relevant information in each log file
    • Correlate information from multiple log files to determine unauthorized system access
    • Demonstrate how attackers modify log files to hide their presence on a system
  • File System Intrusion Analysis
    • Define systems and utility trust
    • Locate backdoors on a UNIX System: alternate root accounts, bound shells, SUID shells, trusted host files
    • Locate file system root kits on a UNIX System
    • Discover hidden directories, replaced system commands, remote command utilities, and network sniffers
    • Describe automated file system analysis tools
    • Implement the rkhunter, chkrootkit, and Solaris Fingerprint Database to locate root kits
  • System Memory Analysis
    • Describe the important types of intrusion data that resides in memory
    • Describe techniques to capture volatile memory data to a file system
    • Introduce memory analysis tools mdb and gdb
    • Demonstrate how to recovery data from memory using the mdb and gdb tools
  • Incident Investigation Methodologies
    • Identify different types of intrusion scenarios
    • Apply a methodology based on an intrusion scenario
    • Collect the appropriate data (log files, file systems, and memory images) based on the intrusion scenario

Cel

 

Detect an enterprise system intrusion
Analyze a compromised system for crucial information: attack time, attacker location, attacker modifications to the system
Correlate multiple log files from different parts of the enterprise to determine attacker usage
Conduct an audit of file systems to determine attacker modifications
Describe modern attacker methodology with proof of concept examples

Wymagania

 

System Administration for the Solaris 10 Operating System Part 2 (SA-202-S10)
Demonstrate basic UNIX system and network administration skills
Demonstrate a basic understanding of Transmission Control Protocol/Internet Protocol (TCP/IP) networking
Demonstrate an intermediate understanding of network services: DNS, DHCP, SMTP, HTTP, and firewalls
Network Administration for the Solaris 10 Operating System (SA-300-S10)
Solaris[tm] OE Network Intrusion Detection (SC-345)

 

Trener

Oracle Certified Trainer

W ramach uczestnictwa zapewniamy Państwu

  • organizacje szkolenia oraz zapewnienie trenera
  • autoryzowany certyfikat ukończenia szkolenia
  • autoryzowane materiały szkoleniowe
  • samodzielne stanowisko komputerowe
  • catering podczas przerw (kawa, herbata, ciastka)
  • lunch

Referencje

"W dniach 13-14, 15-16, 20-21.02.2017r. firma ProLearning przeprowadziła zaawansowane szkolenie z obsługi programu EXCEL 2013 dla pracowników firmy QuickService Logistics Polska Sp. z o.o. spółka komandytowa w…"

QuickService Logistics

więcej

"Centrum Innowacji ProLearning jest organizatorem szkolenia z, w którym uczestniczył pracownik naszej firmy. W maju 2012 roku brał udział w autoryzowanym szkoleniu: MS10748 – Deploying System Center 2012 Configuration Manage Ankiety…"

PartnerTech

więcej
więcej referencji

Ostatnio przeglądane

Słowa kluczowe

Oracle, Footprinting, Enterprise Intrusion Analysis, attackers, DNS, DHCP, SMTP, HTTP, UNIX System, Java System, Basic Security Module, BSM
  • Nasze certyfikacje

  • Microsoft
  • Oracle
  • Certiport
  • Pearson Vue

Kurs:

Czas trwania:
Liczba godzin dziennie:
Liczba dni:
Lokalizacja:
Termin
Cena netto :

Twoje dane

- Zobacz regulamin
×

Prosimy o uzupełnienie poniższego formularza w celu zapisu na wybrane egzaminy.

Kod * Nazwa * Data * Godzina Opcja
+

Twoje dane

- Zobacz regulamin
×