Certification Programme description: Fundamental problems of computer networks security: network layer, transport layer, application layer, typical attacks on network infrastructures, Denial of Service attacks (review of DoS attacks, defensive methods against DoS/DDoS attacks), remote access security mechanisms, security tools; VPN virtual tunnels: configuration of VPN networks, IPsec protocol (IPsec protocol working modes, Authentication Header AH protocol, ESP protocol, security association, key management, protocol limits, IPsec in Windows Operating System, security of IPv6 protocol), port forwarding and application connections propagation, SSL tunnels; Firewalls and network address translation, functions of firewall systems, components of firewall systems (filtering router, computer fortress, demilitarized zone), network address translation (NAT), additional functionalities of firewalls,problems in firewalls implementation; Attack methods on WWW applications, countermeasures and defensive techniques: stealing of the source code, hidden HTML fields, Cookies variables, Path Traversal, SQL Injection, session takeover, software firewalls systems, software Intrusion Detection Systems IDS: software firewall implementations, netfilter/iptables networks firewall (iptables configuration, address translation, iptables extension modules, short target descriptions TARGETs, additional informations, examples), built-in personal firewall in Microsoft Windows Operating Systems, Intrusion Detection Systems IDS, Snort system, Secure configuration of the Apache HTTP server: introduction, Apache server, log of the Apache server, logical and physical paths, block directives, remote access security based on addresses, access control by user authorization, HTTPS connections; VPN networks in Linux and MS Windows environment: applications of the VPN technology, creation of VPN networks in Linux and Windows, OpenVPN software (fundamentals of operation, VPN Linux to Linux connection with use of the shared key method, VPN Linux to Linux connection with use of the digital certificates method, VPN Linux to Windows connection with use of the shared key method, summary of the OpenVPN software functionalities), Openswan software package (IPsec protocol implementation, VPN creation by use of the Openswan software); spoofing: types and methods of the spoofing attacks (IP spoofing, web spoofing, e-mail spoofing, DNS spooing, Caller ID spoofing, SMS spoofing)
Certification Programme version/revision: EITC/IS/ACNSv1r2)Earned ECTS credits: 2
