concourse-advanced

    • Network Security

      Duration : 48 hrs

      Request a Quote

    Prerequisites

    • Basic IT knowledge: Familiarity with operating systems (Windows/Linux) and file systems
    • Networking fundamentals: Understanding of IP addresses, subnets, DNS, routing, and firewalls
    • Cloud basics: Awareness of cloud concepts (IaaS, PaaS, SaaS, public vs private cloud)
    • Cybersecurity awareness: Basic knowledge of threats like phishing, malware, and password security

    Course Content

    Topics:

    Day 1:

    Introduction to Network Defence & Security
    • Evolution of network security
    • Security architecture layers (CIA triad, defense-in-depth)
    • Threat actors, attack vectors, and kill chain model
    • CND vs CEH perspective
    Handson:
    • Use Wireshark to capture traffic and identify different protocols
    • Identify clear-text vs encrypted communication
    Networking Fundamentals & Traffic Analysis
    • OSI & TCP/IP security layers
    • Common network services (DNS, DHCP, HTTP/S, FTP, SMTP, SNMP)
    • Packet analysis basics
    • Normal vs suspicious network behavior
    Handson:
    • Capture packets with Wireshark/tcpdump
    • Analyze suspicious traffic (e.g., DNS tunneling, malformed packets)
    Day 2:
    Network Security Controls & Devices
    • Firewalls (packet filtering, stateful, next-gen)
    • IDS/IPS systems
    • SIEM integration
    Handson :
    Configure pfSense firewall rules
    Deploy Snort/Suricata IDS and analyze alerts
    Advanced Threats/Forensics
    • APTs, evasion, network forensics
    Secure Architecture (SDN)
    • Define SDN, micro-segmentation, Zero Trust implementation
    Automation/Orchestration
    • SOAR functionality working, automated playbooks
    Compliance & Governance
    • Overview of compliance frameworks, audit/reporting
    • Honeypots and deception technology
    Day 3 :
    Introduction to Network Access Control / RADIUS
    • Definition and Purpose of NAC
    • Why organizations need NAC (security, compliance, visibility)
    • Where RADIUS fits into AAA
    • Comparison: RADIUS vs. TACACS+
    • How NAC solutions use RADIUS for authentication
    • 802.1X authentication and RADIUS role in wired/wireless networks
    • Securing RADIUS communication
    Hands on :
    • Imlement NAC
    • Configure RADIUS Server
    • Configure Security of RADIUS
    Network Attacks & Exploitation Techniques
    • Scanning & footprinting (Nmap, Netdiscover)
    • Vulnerability scanning (Nessus, OpenVAS)
    • Common attacks (DoS/DDoS, MITM, ARP spoofing, DNS poisoning, session hijacking)
    Hands on:
    • Perform Nmap scans with different switches
    • Simulate ARP spoofing using Ettercap
    • Conduct vulnerability scan on a test VM
    Hands on :
    • Perform Nmap scans with different switches
    • Simulate ARP spoofing using Ettercap
    • Conduct vulnerability scan on a test VM
    Day 4:
    Secure Network Design & Hardening
    • Network segmentation & VLAN security
    • Secure router/switch configuration
    • Zero Trust Network design
    • Wireless network security (WPA3, rogue AP detection)
    Hands on:
    • Configure VLANs and ACLs in Cisco Packet Tracer/GNS3
    • Detect rogue AP using Kismet or Aircrack-ng tools
      Endpoint & Server Security
    • Endpoint hardening (Windows & Linux security baselines)
    • Patch & vulnerability management
    • Logging & monitoring best practices
    Hands on :
    Apply Windows Defender & firewall rules
    Audit Linux system using Lynis and chkrootkit
    Day 5:
    Incident Detection & Response
    • SOC operations overview
    • SIEM use cases (Splunk, ELK)
    • Threat hunting methodology
    • Incident handling process
    Hands on :
    • Ingest logs into Splunk/ELK
    • Detect brute-force attack patterns in logs
    • Perform a mock incident triage & response
    Cryptography & Secure Communications
    • Symmetric vs Asymmetric encryption
    • PKI & digital certificates
    • VPNs & SSL/TLS
    Hands on :
    • Generate SSL certificates with OpenSSL
    • Configure VPN tunnel (OpenVPN or strongSwan)
    Day 6: 
    Web & Cloud Network Defence
    • Web server security (Apache/IIS/Nginx hardening)
    • OWASP Top 10 overview
    • Cloud networking risks (Azure/AWS security groups, VPC)
    • Cloud-native security tools (Defender for Cloud, GuardDuty)
    Handson:
    • Run Nikto scan against a test web server
    • Configure Azure NSG rules / AWS Security Groups
    • Detect malicious activity using cloud monitoring tools
    Red vs Blue Team Simulation & Final Project
    • Red Team tactics (attack simulation)
    • Blue Team response (monitoring & defense)
    • Applying threat intelligence in defense
    Handson:
    • Red Team: Perform scanning, ARP spoofing, and basic exploitation
    • Blue Team: Detect activity in logs/IDS, apply firewall rules, block attack
    • Present Incident Response Report


    All trademarks and copyrights of respective owners acknowledged

    RJP Infotek Pvt Ltd

    No 34, 2nd floor, Sendhan Tower First Avenue Jawaharlal Nehru Salai, Ashok Nagar, chennai - 600083.