Audit and Security of Networks

In the modern world of connected business, all auditors need a knowledge of of communications and networking, so that they can address the benefits and risks that network bring to the organisation. Auditors are often nervous about planning and carrying out a networks audit; there is a perception that it requires a large amount of technical knowledge and that the replies by the IT department may be almost impossible to understand.

While it is true that networks are the most technical area an auditor is likely to meet, it is still possible to carry out practical and useful audit of this area provided the basic issues are understood, and this 3-day course aims to provide all the underlying knowledge needed to plan and carry out a network review.

You will acquire all the basic knowledge you need to identify the risks present within a communications network, what controls to expect and how to test them. You will learn about networking terminology, networking standards and the security risks and issues that come with them. Using a structured, risk-based approach you will learn how to identify the key control points in a network, the audit questions to ask and how to evaluate the answers. You will see demonstrations of network management and security assessment tools (and use them yourself in the hands on option).

You will be provided with a full course manual and an extensive audit programme to get you started on planning and conducting an effective network audit.

Agenda

Principles of data communication
Understanding the terminology of networking – where are the main risks and priorities for the auditor?
The OSI model and its importance to auditors – where do the risks lie, and which layers should auditors pay attention to?
Communication Protocols – what is a protocol?
Are some protocols more risky than others? – What the auditor needs to know
Examples of networking — TCP/IP and NetBIOS


Wide Area Networks - their risk and associated controls
Risks of an undefined network perimeter
Risks of losing perimeter security via mobile devices
Information risks in WANs – loss and disclosure of confidential data
Countermeasures – encryption and message controls
Countermeasures – firewalls and other perimeter security devices


Local Area Networks – their risks and associated controls
LAN controls – accounting for network devices
Risks of network data ‘leakage’ and appropriate countermeasures
VLANs – their benefits and risks
Networked data storage – SANS and NAS – risks and recommended controls
Network Management Protocols and what the auditor needs to know about them


Network risks and countermeasures
How networks are attacked
Network reconnaissance
Identifying risky systems
Risks of insecure network infrastructure devices
Tools and techniques - scanners and network utilities
Firewalls – how they work
Network Intrusion Detection and Prevention


When the firewall won’t protect you – malware and application attacks
Attacking web applications
Demo of an insecure web application and how to break into it
Securing web servers


Introduction to VPNs
VPN types
VPN protocols and how they work
VPNs and encryption
Audit and securit issues of VPNs


The special security risks of wireless networking

Voice over IP (VoIP) systems – their risks and benefits

Control of mobile computing – BlackBerry and PDA devices