Duration: 5 days
Time: 9am to 6pm

What Will Be Taught For This Certified Network Defender Course?

The program prepares network administrators on network security technologies and operations to attain Defense-in-Depth network security preparedness. It covers the - protect, detect and respond - approach to network security. The course contains many hands-on labs, based on major network security tools and techniques which will provide network administrators expertise on current network security technologies and operations.

Learning Outcomes

After attending the course, participants should be able to:

  • Implement the network security policies and procedures
  • Troubleshoot their network for various basic, simple network problems
  • Identify various threats on organization’s wired and wireless network and mitigate them
  • Implement various physical security controls for their organizations
  • Harden security of various hosts, routers and switches individually in the organization’s network
  • Select appropriate firewall solution, topology, and configurations to harden security through firewall
  • Determine appropriate location for IDS/IPS sensors
  • Implement secure VPN implementation for their organization
  • Manage, assign, and maintain the list of network addresses
  • Perform risk assessment, vulnerability assessment/scanning through various scanning tools and generate detailed reports on it
  • Identify the critical data, choose appropriate back up method, media and technique to perform successful backup of organization data on regular basis
  • Provide first response to the network security incident and assist IRT team and forensics investigation team in dealing with an incident.
  • Apply operating system updates, patches and make configuration changes
  • Update system configurations to maintain an updated security posture using current patches, device and operating system hardening techniques, and Access Control Lists.
  • Manage network Authentication, Authorization, Accounting (AAA) for network devices
  • Monitor network traffic and ensure the security of network traffic
  • Manage Proxy and content filtering
  • Review audit logs from Firewall, IDS/IPS, servers and hosts on the internal, protected network
  • Maintain, configure, and analyze network and host‐based security platforms
  • Use File integrity verification and monitoring solutions
  • Implement Network Access Control (NAC)
  • Implement Data Loss Prevention (DLP) solutions
  • Manage and maintain Windows/Linux Security Administration

 

Statement of Attainment (SOA) from SSG
Participants will receive the SOA from SSG upon completion of training and assessment.

Module 01: Computer Network and Defense Fundamentals

  • Network Fundamentals
  • Network Components
  • TCP/IP Networking Basics
  • TCP/IP Protocol Stack
  • IP Addressing
  • Computer Network Defense (CND)
  • CND Triad
  • CND Process
  • CND Actions
  • CND Approaches

Module 02: Network Security Threats, Vulnerabilities, and Attacks

  • Essential Terminologies
  • Network Security Concerns
  • Network Security Vulnerabilities
  • Network Reconnaissance Attacks
  • Network Access Attacks
  • Denial of Service (DoS) Attacks
  • Distributed Denial-of-Service Attack (DDoS)
  • Malware Attacks

Module 03: Network Security Controls, Protocols, and Devices

  • Fundamental Elements of Network Security
  • Network Security Controls
  • User Identification, Authentication, Authorization and Accounting
  • Types of Authorization Systems
  • Authorization Principles
  • Cryptography
  • Security Policy
  • Network Security Devices
  • Network Security Protocols

Module 04: Network Security Policy Design and Implementation

  • What is Security Policy?
  • Internet Access Policies
  • Acceptable-Use Policy
  • User-Account Policy
  • Remote-Access Policy
  • Information-Protection Policy
  • Firewall-Management Policy
  • Special-Access Policy
  • Network-Connection Policy
  • Business-Partner Policy
  • Email Security Policy
  • Passwords Policy
  • Physical Security Policy
  • Information System Security Policy
  • Bring Your Own Devices (BYOD) Policy
  • Software/Application Security Policy
  • Data Backup Policy
  • Confidential Data Policy
  • Data Classification Policy
  • Internet Usage Policies
  • Server Policy
  • Wireless Network Policy
  • Incidence Response Plan (IRP)
  • User Access Control Policy
  • Switch Security Policy
  • Intrusion Detection and Prevention (IDS/IPS) Policy
  • Personal Device Usage Policy
  • Encryption Policy
  • Router Policy
  • Security Policy Training and Awareness
  • ISO Information Security Standards
  • Payment Card Industry Data Security Standard (PCI-DSS)
  • Health Insurance Portability and Accountability Act (HIPAA)
  • Information Security Acts: Sarbanes Oxley Act (SOX)
  • Information Security Acts: Gramm-Leach-Bliley Act (GLBA)
  • Information Security Acts: The Digital Millennium Copyright Act (DMCA) and Federal Information Security Management Act (FISMA)
  • Other Information Security Acts and Laws

Module 05: Physical Security

  • Physical Security
  • Access Control Authentication Techniques
  • Physical Security Controls
  • Other Physical Security Measures
  • Workplace Security
  • Personnel Security: Managing Staff Hiring and Leaving Process
  • Laptop Security Tool: EXO5
  • Environmental Controls
  • Physical Security: Awareness /Training
  • Physical Security Checklists

Module 06: Host Security

  • Host Security
  • OS Security
  • Linux Security
  • Securing Network Servers
  • Hardening Routers and Switches
  • Application/software Security
  • Data Security
  • Virtualization Security

Module 07: Secure Firewall Configuration and Management

  • Firewalls and Concerns
  • What Firewalls Does?
  • What should you not Ignore?: Firewall Limitations
  • How Does a Firewall Work?
  • Firewall Rules
  • Types of Firewalls
  • Firewall Technologies
  • Firewall Topologies
  • Firewall Rule Set & Policies
  • Firewall Implementation
  • Firewall Administration
  • Firewall Logging and Auditing
  • Firewall Anti-evasion Techniques
  • Why Firewalls are Bypassed?
  • Full Data Traffic Normalization
  • Data Stream-based Inspection
  • Vulnerability-based Detection and Blocking
  • Firewall Security Recommendations and Best Practices
  • Firewall Security Auditing Tools

Module 08: Secure IDS Configuration and Management

  • Intrusions and IDPS
  • IDS
  • Types of IDS Implementation
  • IDS Deployment Strategies
  • Types of IDS Alerts
  • IPS
  • IDPS Product Selection Considerations
  • IDS Counterparts

Module 09: Secure VPN Configuration and Management

  • Understanding Virtual Private Network (VPN)
  • How VPN works?
  • Why to Establish VPN?
  • VPN Components
  • VPN Concentrators
  • Types of VPN
  • VPN Categories
  • Selecting Appropriate VPN
  • VPN Core Functions
  • VPN Technologies
  • VPN Topologies
  • Common VPN Flaws
  • VPN Security
  • Quality Of Service and Performance in VPNs

Module 10: Wireless Network Defense

  • Wireless Terminologies
  • Wireless Networks
  • Wireless Standard
  • Wireless Topologies
  • Typical Use of Wireless Networks
  • Components of Wireless Network
  • WEP (Wired Equivalent Privacy) Encryption
  • WPA (Wi-Fi Protected Access) Encryption
  • WPA2 Encryption
  • WEP vs. WPA vs. WPA2
  • Wi-Fi Authentication Method
  • Wi-Fi Authentication Process Using a Centralized Authentication Server
  • Wireless Network Threats
  • Bluetooth Threats
  • Wireless Network Security
  • Wi-Fi Discovery Tools
  • Locating Rogue Access points
  • Protecting from Denial-of-Service Attacks: Interference
  • Assessing Wireless Network Security
  • Wi-Fi Security Auditing Tool: AirMagnet WiFi Analyzer
  • WPA Security Assessment Tool
  • Wi-Fi Vulnerability Scanning Tools
  • Deploying Wireless IDS (WIDS) and Wireless IPS (WIPS)
  • WIPS Tool
  • Configuring Security on Wireless Routers
  • Additional Wireless Network Security Guidelines

Module 11: Network Traffic Monitoring and Analysis

  • Network Traffic Monitoring and Analysis(Introduction)
  • Network Monitoring: Positioning your Machine at Appropriate Location
  • Network Traffic Signatures
  • Packet Sniffer: Wireshark
  • Detecting OS Fingerprinting Attempts
  • Detecting PING Sweep Attempt
  • Detecting ARP Sweep/ ARP Scan Attempt
  • Detecting TCP Scan Attempt
  • Detecting SYN/FIN DDOS Attempt
  • Detecting UDP Scan Attempt
  • Detecting Password Cracking Attempts
  • Detecting FTP Password Cracking Attempts
  • Detecting Sniffing (MITM) Attempts
  • Detecting the Mac Flooding Attempt
  • Detecting the ARP Poisoning Attempt
  • Additional Packet Sniffing Tools
  • Network Monitoring and Analysis
  • Bandwidth Monitoring

Module 12: Network Risk and Vulnerability Management

  • What is Risk?
  • Risk Levels
  • Risk Matrix
  • Key Risk Indicators(KRI)
  • Risk Management Phase
  • Enterprise Network Risk Management
  • Vulnerability Management

Module 13: Data Backup and Recovery

  • Introduction to Data Backup
  • RAID (Redundant Array Of Independent Disks) Technology
  • Storage Area Network (SAN)
  • Network Attached Storage (NAS)
  • Selecting Appropriate Backup Method
  • Choosing the Right Location for Backup
  • Backup Types
  • Conducting Recovery Drill Test
  • Data Recovery
  • Windows Data Recovery Tool
  • RAID Data Recovery Services
  • SAN Data Recovery Software
  • NAS Data Recovery Services

Module 14: Network Incident Response and Management

  • Incident Handling and Response
  • Incident Response Team Members: Roles and Responsibilities
  • First Responder
  • Incident Handling and Response Process
  • Overview of IH&R Process Flow

Assessment Format & Duration (only applicable for learner taking SF grant)

Assessment Format Duration
Written Assessment Summative, case studies 60 mins
Stimulation Summative, open-ended questions 60 mins
Total 120 mins

Who Should Attend This Certified Network Defender Training?

Although Network Administrators are the primary target audience, people in the following job’s roles will also benefit from this course:

  • Network Defense Technician
  • Network Engineer
  • Security Analyst
  • Security Operator
  • Anyone who involves in network operations

Pre-requisite

Participants should have fundamental knowledge of TCP/IP networking concept.

  w/o GST w GST
Course Fee $2,580 $2,760.60
Singapore Citizen & PR aged ≥ 21 years $2,025 $2,205.60
Singapore Citizen aged ≥ 40 years
(SkillsFuture Mid-Career Enhancement Funding)
$730 $910.60
Singapore Citizen aged ≥ 35 years with earning ≤ $2,000/month
(WTS Scheme)
$619 $799.60
  w/o GST w GST
Course Fee $2,580 $2,760.60
Singapore Citizen & PR aged ≥ 21 years $2,025 $2,205.60
Singapore Citizen aged ≥ 40 years
(SkillsFuture Mid-Career Enhancement Funding)
$730 $910.60
Singapore Citizen aged ≥ 35 years with earning ≤ $2,000/month
(WTS Scheme)
$619 $799.60
  w/o GST w GST
Course Fee $2,580 $2,760.60
Singapore Citizen & PR aged ≥ 21 years $730 $910.60
Singapore Citizen aged ≥ 40 years
(SkillsFuture Mid-Career Enhancement Funding)
$730 $910.60
Singapore Citizen aged ≥ 35 years with earning ≤ $2,000/month
(WTS Scheme)
$619 $799.60

Exam:

Course fees listed above are inclusive of exam fees.

  w/o GST w GST
Retest Fee
$300 $321

Remarks:

COMAT is a business centre of e-Services, Electronics, ST Engineering.

Individual Sponsored

  • Eligible Singapore Citizens can use their SkillsFuture Credit to offset course fee payable after funding.
  • This course is supported under UTAP funding.
  • This course is eligible for using PSEA funds.

Company Sponsored

  • Absentee Payroll claimable by SMEs: Up to 80%of hourly basic salary capped at $7.50/hr
  • Absentee Payroll claimable by Non-SMEs: Up to 80% of hourly basic salary capped at $4.50/hr
  • Absentee payroll claimable by companies (SMEs and Non-SMEs) sponsoring candidates under WTS Scheme: Up to 95% of hourly basic salary (no dollar cap)

Terms & Conditions

  • All prices stated above are in Singapore Dollars (SGD). This funding support is only applicable for Singapore Citizen and Permanent Residents.
  • Trainee must attain minimum 75% attendance and pass all assessment(s) within 3 months to qualify for funding.
  • Trainee undertakes to reimburse e-Services, Electronics, ST Engineering FULL course fees should he/she be ineligible for course fee grant. e-Services, Electronics, ST Engineering is not liable for any other funding not approved by WSG.
  • e-Services, Electronics, ST Engineering reserves the right to change the date or venue without prior notice.
  • e-Services, Electronics, ST Engineering reserves the right to cancel or reschedule the course due to class size or unforeseen circumstances.



Please click on the course date to enrol.