|
Get Root Access and practice to config Servers.
Inspect servers security and try to find and fix bugs.
|
Digital Forensics Consultant
Level 1 – Office Security:
- How to create company politics for IT Security.
- How to protect office and personal computers from viruses and Trojan Horses.
- Protection of company and home WLAN.
- How to select and manage passwords.
- What is and how to use VLAN.
- Protect data transfer – SSL and VPN.
- Block and Control Computer activity.
- Manage data access control.
- How to backup and crypt company data.
- Protect staff from social engineering.
Level 2 – Network Security:
- How to access, configure and monitor network devices.
- More about telnet vs SSH, FTP vs SFTP, SNMP vs SNMP v2.
- More about centralized monitoring system like MRTG and others.
- VLAN, Port Security, IDS, Traffic Analysis.
- Information about Man in The Middle attack, arp spoofing and different DNS and DHCP based attacks.
Level 3 – Server Security:
- Server level security – user access control, user groups, process monitoring, kernel patch
- Resource management – disk quota, CPU and Memory limits.
- Firewall and IDS, centralized monitoring and management.
- Security when access server – more about ssh, ssl, VLC, RDP and etc.
- Services security – web server , mail server, Samba server and other services security configuration like chroot, resource limits and etc.
Level 4 – Web Site Security:
- Secure file upload to server – FTP vs SFTP.
- Secure access to web site content http vs https.
- Restrict access to admin panel – limit login attempts, permit or denied IP address.
- Login and monitor all login attempts.
- PHP IDS, and Apache Mod Security.
- More about cross site scripting, Directory traversal attack, SQL Injection and input data validation.
|
