How to Audit TCP/IP: IT Audit Training and IS Audit Training

Information Security Training
from the Henderson Group

This page is:
AUDIT TRAINING: HG72: TCP/IP

Quick Links:

HOME PAGE

CONTACT US

INFOSEC TRAINING

HG04: Effective RACF

HG05: Advanced RACF

HG06: UNIX FOR RACF ADMINS

HG17: Comprehensive
z/OS Security

Seminar Schedule/
Registration/
Locations

IT AUDIT TRAINING

NEWSLETTERS AND USER GROUPS

ARTICLES

PRIVACY STATEMENT

ABOUT US

OTHER INFO SOURCES

HG72: How to Audit TCP/IP

(1 Day, 8 CPE Credits; $410)

Currently available for in-house sessions
TCP/IP (Transmission Control Protocol/Internet Protocol) is the most common method for two computers to exchange information. It started with the UNIX operating system, spread to the Internet, and is now supported by IBM computers, Novell computers, and Windows 2000 computers as well. As the computers in our organizations become connected into "one big intranet", TCP/IP is the means to link them together.
In this class you will learn in clear, straight-forward terms: what TCP/IP is, how it works, and the security issues it raises. You will learn the different types of security risk for TCP/IP, and the available, practical measures to control them.
You will then learn how to audit TCP/IP security on any computer or network in your organization.

You will learn:

What IP is and how it works
What TCP/IP is and how it works
Where the control points are and how to evaluate them
What data to collect and how to interpret it
How to conduct the audit, from planning and scoping through follow-up
What all the related buzzwords and acronyms mean
How to conduct the audit rapidly and efficiently, with maximum benefit to your organization
The workbook is a valuable reference, and includes a complete audit program.
For more information on seminar dates and locations, and how to register, please click here:
Seminar Schedule/Registration/Locations

Please scroll down for more info on this class.

Return to Top of Page

Return to Home Page

Who Should Attend HG72?

Information Techology auditors who will be auditing TCP/IP
Financial auditors who want to learn more about IT auditing

Please note that you can save money by holding these classes in-house. Call Stu at (301) 229-7187 for details.
Note also the classes we offer for Information Security Training, as listed on the left under QUICK LINKS.
Return to Top of Page

Return to Home Page

"Stu makes the difficult easy to understand and learn. Learning security became enjoyable." --- William Casement, AT&T
"The session format was very relaxed and informal. A great way to learn a difficult subject."
---Conrad Gillispie, Florida Dept. of Transportation

Table of Contents and Class Outline: HG72: How to Audit TCP/IP I Keywords and Concepts A. Introduction B. What TCP/IP is and How Does It Work C. How TCP/IP Security Works D. Security Risks with TCP/IP 1) Copying, alteration, etc. of Data 2) Denial of Service 3) Spoofing by Hijacking a Session 4) Spoofing by Learning Names and Passwords 5) Hijacking a Domain Name 6) Seizing Control of a Port 7) Port Scanning E. Security Protections with TCP/IP 1) Firewalls 2) Encryption and Secured Channels 3) Controlling the Programs 4) Controlling the Ports 5) Intrusion Detection 6) Security Software F. How to Evaluate TCP/IP Security on Any Computer G. Control Objectives H. The Audit Program II Action Plan A. Scoping, Planning, and Basic Data-Gathering B. Identification of TCP/IP Security C. Evaluation of How the Security Pieces Fit Together D. Wrap-up, Working Papers, Follow-up III Forms and Reference A. Basic Security Model B. Forms to Document TCP/IP Network Configuration C. Audit Plan D. Model Documents E. Layout of Important TCP/IP Data Elements 1) IP Datagram 2) TCP Packet 3) IP Addresses and Subnets 4) The OSI Reference Model 5) Some Well Known Port Numbers F. Firewalls INDEX

Return to Top of Page

Return to Home Page