General Information

Course Duration
4 hours

Audience
A wide range of information technology (IT) professionals and business managers, including IT managers, webmasters, system integrators, Internet/intranet/extranet consultants, departmental managers, and strategic IT planners

Prerequisites
Familiarity with web technologies, inluding web applications and host and server operating systems

Topics Covered

• Attacking the Internet server
• Authentication and access corntrol
• DNS security

• Securing Internet services
• Securing web content
• Other services
• Server-side scripting
• Exercise: Identifying model components

• Housekeeping
• Security tools and physical security
• Exercise: Security tool functions

Course Aim

To provide an overview of the threats to an organisation's Internet servers and services, and to explain concepts, technologies and practices to minimize or counter these threats

Learning Objectives

After taking this course, the student should be able to

• describe the web security model
  
  
• examine UNIX and NT implmwntations of the web security model
  
  
• explain the risks involved with security services and how to combat them
  
  
• explain the security threats inherent in scripts
  
  
• outline the importance of a security model
  
  
• explain why regular auditing and reporting is necessary
  
  
• describe the use of security tools