HG72: How to Audit TCP/IP

(1 Day, 8 CPE Credits; $515)

Please click: Here for Registration Form

For more information on seminar dates, locations, and hotels, and how to register, please click here:
Schedule/Registration/Locations/Hotels for IS Audit Training

TCP/IP (Transmission Control Protocol/Internet Protocol) is the most common method for two computers to exchange information. It started with the UNIX operating system, spread to the Internet, and is now supported by IBM computers, Novell computers, and Windows computers as well. As the computers in our organizations become connected into "one big intranet", TCP/IP is the means to link them together.

In this class you will learn in clear, straight-forward terms: what TCP/IP is, how it works, and the security issues it raises. You will learn the different types of security risk for TCP/IP, and the available, practical measures to control them.

You will then learn how to audit TCP/IP security on any computer or network in your organization.

HG72: You Will Learn:

  • What IP is and how it works
  • What TCP/IP is and how it works
  • Where the control points are and how to evaluate them
  • What data to collect and how to interpret it
  • How to conduct the audit, from planning and scoping through follow-up
  • What all the related buzzwords and acronyms mean
  • How to conduct the audit rapidly and efficiently, with maximum benefit to your organization

The workbook is a valuable reference, and includes a complete audit program.

Who Should Attend HG72?

Class Outline

 Table of Contents and Class Outline: HG72: How to Audit TCP/IP

I     Keywords and Concepts

        A.  Introduction
        B.  What TCP/IP is and How Does It Work
        C.  How TCP/IP Security Works
        D.  Security Risks with TCP/IP
                1)  Copying, alteration, etc. of Data
                2)  Denial of Service
                3)  Spoofing by Hijacking a Session
                4)  Spoofing by Learning Names and Passwords
                5)  Hijacking a Domain Name
                6)  Seizing Control of a Port
                7)  Port Scanning
        E.  Security Protections with TCP/IP
                1)  Firewalls
                2)  Encryption and Secured Channels
                3)  Controlling the Programs
                4)  Controlling the Ports
                5)  Intrusion Detection
                6)  Security Software
        F.  How to Evaluate TCP/IP Security on Any Computer
        G.  Control Objectives
        H.  The Audit Program

II    Action Plan

        A.  Scoping, Planning, and Basic Data-Gathering
        B.  Identification of TCP/IP Security
        C.  Evaluation of How the Security Pieces Fit Together
        D.  Wrap-up, Working Papers, Follow-up

III   Forms and Reference

        A.  Basic Security Model
        B.  Forms to Document TCP/IP Network Configuration
        C.  Audit Plan
        D.  Model Documents
        E.  Layout of Important TCP/IP Data Elements
                        1)   IP Datagram
                        2)   TCP Packet
                        3)   IP Addresses and Subnets
                        4)   The OSI Reference Model
                        5)   Some Well Known Port Numbers
        F.  Firewalls

Please note that these seminars are available for In-House Sessions.

You can save more money by learning about our seminar Discounts

Return to Top of Page         Return to Home Page

Stu Henderson offers MVS security audits, consulting, seminars, articles, and other information sharing related to information security and auditing. His consulting includes: security reviews, risk assessments, RACF implementation assistance, and Information Technology audit technical counseling.
His most popular seminars provide: RACF training, mainframe audit training including MVS and z/OS audit training. His RACF seminars include: "Effective RACF Administration", "Advanced RACF Administration", and "UNIX (USS) for RACF Administrators".
His audit seminars include: "How to Audit MVS, RACF, ACF2, TopSecret, CICS, DB2, and MQ Series Security" and the follow-on "How to Audit z/OS with USS, TCP/IP, FTP, and the Internet", as well as "How to Audit UNIX and Windows Security" and "How to Audit TCP/IP Security".
Information on class location and schedules, as well as articles, links and other useful information sharing may be found on his website at www.stuhenderson.com