Cybersecurity: Technical Solutions and Architectures

  • Acquire overall control over securing a network and its interconnection with external networks
  • Have the techniques to set up cybersecurity: identity and access management, interconnection, cryptography, systems, applications, surveillance and defense.

System and network administrators, security managers, IT managers and inter-intranet project managers.

Prior knowledge of internet / intranet networks

5 Days.

This network security training includes the following practical workshops
– Implementation of workstation security elements
– Implementation of IP security
– Implementation of a VPN
– Highlighting of protocol security flaws (http, SMTP, POP3, FTP, etc.) by analyzing frames in Wireshark
For “distance” training, they are carried out with a Teams or Zoom type videoconferencing tool, depending on the case, allowing the trainer to adapt his teaching methods.
Find all the details on distance sessions or virtual classes on our website.

  • Introduction and reminder on the legal aspects
  • General overview of IS Security
  • Respect for private life / CNIL
  • Repression of IS crimes
  • Responsibilities of managers
  • Internet access, charter and log records
  • Protecting yourself with the right cryptography: principles and implementation
  • Basic principles
  • Mathematical foundations
  • Algorithms and resistance
  • Discovery of algorithms
  • State of the art
  • Practical work: testing the strength of a password
  • Develop an authentication policy
  • Authentication isn’t just for users
  • Methods used by the different OS
  • How Mimikatz uncovers Microsoft’s bad choices
  • Strong authentication
  • Certificates, PKI, SSO the ultimate solution?
  • Protect network access
  • Problem of access on Ethernet
  • The shortcomings of Ethernet and IP v4
  • Authenticate users and machines
  • The elements of NAC (Network Access Control)
  • Design a secure interconnection
  • Firewalls and DMZ
  • Adapt the architecture to the desired level of security
  • Segment your network to protect it
  • Defense in depth
  • TP: Wireshark, Nmap, Netcat
  • Secure remote access
  • VPN and link security
  • SSL vpns (OpenVPN)
  • IpSec technologies and implementations
  • Routing and authentication in a remote access context
  • Administer securely
  • Infrastructure
  • Authenticating is also empowering
  • Update on common tools Rdp, vnc, telnet, ssh
  • Secure internet browsing
  • DNS: a fundamental and sensitive protocol
  • Recommendations for the main browsers
  • The weak link: educating users through a few good practices
  • The proxy: a regulatory need and a technical solution
  • Protect your application and web servers
  • Certificates: management and implementation
  • Reverse proxy
  • TP: Metasploit
  • Harden operating systems
  • Workplace safety
  • Windows 10
  • Microsoft Active Directory
  • Linux
  • Virtualization and security
  • Virtualization functionality and security
  • Impacts on DICT criteria
  • Modification of the perception of networks (Ethernet, IP, etc.)
  • Practical Recommendations for Configuring Vmware ESX
  • Messaging architecture
  • SMTP, an insecure protocol
  • Messaging remains a very important attack vector
  • Good user practices are decisive
  • Network segmentation but also application segmentation, dns, telecom operators
  • Monitor and defend by leveraging system logs and logs
  • The Netflow protocol
  • SysLog Server
  • Log operations: analysis and correlation tools
  • Some tools: Splunk, SEC
  • IDS, IPS probes, dedicated boxes (appliance)
  • Some tools: Snort, OSSEC, Prelude IDS
  • Prepare to respond to crises
  • PCA and PRA devices