 | | |  | Unix and Linux Security - SANS SEC506 |  |
 |
 |
Dates of the coming sessions:
 4-8 June 2012 (Paris)
10-14 December 2012 (Paris)
Dates subject to modification without prior notice.
The sessions will only take place if the number of registered attendants is high enough.
|
|
|
|
 
 |
Goals
Certification
Cette formation prépare à l'examen de certification GIAC Certified UNIX
Security Administrator [GCUX]. L'examen n'est pas obligatoire. Il se passe dans
un centre agréé GIAC.
Duration
5 days (9h00-18h30).
Instructor(s)
Julien Reveret (Julien.Reveret@hsc.fr), responsable de la formation
Johann Broudin (Johann.Broudin@hsc.fr)
Pre-requisite for attendants
Teaching method
Lecture, with numerous demonstrations and practical work in French.
Related courses
Network Penetration Testing and Ethical Hacking - SANS SEC560
Advanced Penetration Testing, Exploits and Ethical Hacking - SANS SEC660
Web App Penetration Testing and Ethical Hacking - SANS SEC542
Defending Web Applications Security Essentials - SANS DEV522
Material
The course is delivered french and in french only.
Course material is in English
Agenda
Program is from SANS Institute SEC505 course and follows the program found here : http://www.sans.org/security-training/securing-windows-4502-tid
1. Securing Active Directory and DNS
- Securing controllers
- Property-Level Permissions (DACL) and Audit Settings (SACL)
- Delegation of Authority
- Custom (MMC) consoles
- Best Practices for Forest Design
- Best Practices for Securing DNS
2. Group Policy
- The Group Policy Management Console (GPMC)
- Security Templates
- Group Policy Objects (GPOs)
- MSI Deployment through Group Policy
- Pushing Out Scripts
- Software Restriction Policies
- Managing Internet Explorer Settings
- Replacing the Desktop Interface
- Micro-Managing Users' Applications
3. PKI, EFS et Bitlocker
- Why must I have a PKI?
- How to install the Windows PKI
- How to manage your PKI
- Delegation of Authority
- Deploying Smart Cards
- Encrypting File System (EFS)
- Bitlocker Drive Encryption
4. IPSec, Windows Firewall, NPS, VPNs and Wireless
- Secure Socket Tunneling Protocol
- Isn't IPSec just for VPNs ? No!
- IPSec domain isolation
- Group policy management of IPSec
- Windows Firewall with Advanced Security
- Configuring RADIUS policies (NPS)
- VPNs best practices
- Sécurising wireless networks
5. Securing IIS
- IIS server hardening
- Patch management
- Managing bindings
- Hardening TCP/IP
- IPSec for IIS serveurs
- Authentification options
- Minimal HTTP Permissions
- Minimal NTFS Permissions
- Running scripts and binaries on IIS
- HTTP.SYS filtering
- Securing XML config files
- Securing logs hands-free
- Finding hacking signatures in logs
6. PowerShell scripting
- What is PowerShell?
- CmdLets
- Running scripts
- Namespace providers
- Piping .NET objects
- Parameter binding
- Regular expressions
- Functions et filters
- The .NET class library
- Using properties and methods at the Command Line
- Security and execution policy
- Managing the Event Logs
- Accessing COM Objects: WMI, ADSI, ADO ...
Methods of inscription
For registering an HSC course, please contact our training department by phone : +33 141 409 704
or by email at formations@hsc.fr, with first and last name of every student, your postal address and your company VAT number.
Thoses informations enable us to send your the training agreement.
The training agreement must be return agreed with signature and company
stamp with you purchase order, at least 15 days before the course. This
strict delay is imposed by SANS.
The
purchase order should precise your billing address and our payment
regulations : net 30 days from our invoice date.
Registration is completed as soon as we received those two documents.
|
