Operating Systems Security

Ideal course for anyone charged with securing Operating Systems

Protecting the IT resources of a company against security threats is of vital importance. The Operating System Security is an ideal course for anyone charged with securing Operating systems. From securing a desktop, to the high availability options available on the platform, to directory services options, this course is going to be a swift overview of Windows 2008, Linux and Sun Solaris.

The Windows Security course includes everything important you need to know to secure your systems running Microsoft Windows. This training will show you how each Windows security technology works, how to access vulnerabilities and secure your information. You will master every aspect of Windows & Active Directory security and learn how to leverage the vast amount of security functionality. We will provide you with all of the Windows security techniques and strategies you would need in order to solve real problems by identifying risks inherent in Microsoft's design.

Why should you attend this course?

Throughout this course we will focus on reviewing existing exploits and the basic concepts and challenges of securing the Operating Systems. We then move on to the standard security measures that should always be employed, and the usability implications of each.

Who should attend this course?

If you're a newcomer to the field of information security but a long time user of these Operating Systems or a newcomer to these Operating Systems but a long time information security expert, this is the course for you. You will develop skills that will help you to bridge the gap between the Operating Systems administrators and the security administrators in most organizations; and you will learn the ins and outs of keeping your data private.

Course Contents

Windows

  • Module 1: Object Oriented Design
  • Module 2: Underlying Principles of Security Architecture
  • Module 3: Security Terminology
  • Module 4: Gathering system information
  • Module 5: Interpreting important information
  • Module 6: BIOS Password
  • Module 7: Password protected screen saver
  • Module 8: Number of Windows platforms on a machine
  • Module 9: Basic Guidelines
  • Module 10: Windows 2008 Security Policies
  • Module 11: Local Security Policy
  • Module 12: Global Policy
  • Module 13: Security Options
  • Module 14: Account Lockout Policy
  • Module 15: Password Policy
  • Module 16: Version of OS
  • Module 17: Patches and Service Packs
  • Module 18: Checking for hot fixes and service packs
  • Module 19: Using hfnetchk
  • Module 20: Software Inventory
  • Module 21: Alternative OS Support
  • Module 22: Drives and file systems
  • Module 23: NTFS, FAT
  • Module 24: Introduction to Access Control
  • Module 25: Shares and Share Security
  • Module 26: File/Folder permissions and Encryption
  • Module 27: Find Open Ports
  • Module 28: Determine services keeping open ports
  • Module 29: Unnecessary and necessary services
  • Module 30: Dangerous network protocols
  • Module 31: Network settings to avoid DoS attacks
  • Module 32: ODBC connections security
  • Module 33: IIS installation location
  • Module 34: IIS components
  • Module 35: Services required for IIS
  • Module 36: FPSE (Front Page Server Extensions) Security
  • Module 37: ACLs on virtual directories
  • Module 38: Sample files and websites
  • Module 39: Script mappings
  • Module 40: Registry Security
  • Module 41: Event Log configuration
  • Module 42: Backup procedures
  • Module 43: Virus Protection
  • Module 44: Integrated Zones
  • Module 45: Sites, domains and organizational units
  • Module 46: AD Groups
  • Module 47: AD redundancy
  • Module 48: Group Policy Objects

Linux

  • Module 49: Check Local User Accounts and Group Accounts
  • Module 50: Check password security
  • Module 51: Startup files in /etc/rc.d
  • Module 52: Network services
  • Module 53: Critical network files
  • Module 54: NFS Security
  • Module 55: Procedure of adding / removing users
  • Module 56: User security policy
  • Module 57: Securing root
  • Module 58: List of users
  • Module 59: Password and Account Policy
  • Module 60: /etc/shadow and /etc/password files
  • Module 61: Cracking user passwords
  • Module 62: Group membership
  • Module 63: The wheel group
  • Module 64: User quotas
  • Module 65: List of File Systems
  • Module 66: Using lsof
  • Module 67: Determine disk usage
  • Module 68: UNIX file permission
  • Module 69: SUID and SGID files
  • Module 70: Umask
  • Module 71: Permissions on critical files and folders File integrity mechanisms – Tripwire, MD5

Sun Solaris

  • Module 72: General Checks
  • Module 73: The Server itself
  • Module 74: EEPROM Security
  • Module 75: GUI Security
  • Module 76: Identify Vendor and Version
  • Module 77: Processes on Unix systems
  • Module 78: Hardware and software inventory
  • Module 79: Basic Security Module (BSM)
  • Module 80: Security patches
  • Module 81: Cron and At
  • Module 82: Logging
  • Module 83: Determine Network Interfaces
  • Module 84: Network connections
  • Module 85: Unix Services /etc/inetd.conf
  • Module 86: Startup files in /etc/rc.d
  • Module 87: Critical network files
  • Module 88: Network services
  • Module 89: NFS Security
  • Module 90: Banners
  • Module 91: SMTP Security
  • Module 92: FTP Security
  • Module 93: Apache Security
  • Module 94: NMAP
  • Module 95: Nessus
  • Module 96: BFI Languard
  • Module 97: BSM
  • Module 98: Solaris Security Toolkit – JASS
  • Module 99: Linux Boot Loader Security
  • Module 100: Linux kernel security
  • Module 101: RPM Security
  • Module 102: Xinetd features
  • Module 103: SSH Security
  • Module 104: Secure Apache Installation
  • Module 105: OS Security
  • Module 106: Directives
  • Module 107: CGI Security
  • Module 108: Chroot jail
  • Module 109: Secure HTTP Server

Tools

  • Nmap
  • Nessus
  • GFI Languard
  • MBSA / Belarc

Testimonials

I liked the instructor way for more illustration and the class was very interesting.
Mohammed Harbi,
One of the best instructor, I have ever met.
Yazeed, Senior Analyst
Thank you faculty. He has really gave us an excellent course by covering the material well.
Ali Al-Qahtani,
Faculty is very knowledgeable instructor, enthusiastic and helpful.
Moataz Allami,
Faculty is very knowledgeable and his attitude is awesome.
Bandar Munshi,

Ethical Hacking Training

This course goes deep down into depths of networking, systems, web applications, actual exploitation & helps beginners to take their confident first step towards information security field.

  • 6 Weeks Comprehensive Training
  • Built by Experienced Professionals
  • Regularly update on tools, techniques in course content