Advanced VMware Security class

Course:   VMASEC
Duration:   5 Days
Level:   II
On our website at:   http://www.verhoef-training.com/courses/VMASEC.html
 
Course Summary

The Advanced VMware (Virtualization) Security course focuses on where the vulnerabilities lie and how to reduce the attack surfaces in the virtualized environment. It goes beyond the typical security protocols administrators use to secure their environments and delves much deeper into the actual working (and short comings) of the VMware environment.

Topics Covered In This Course

Primer and reaffirming our knowledge

  • ESX Networking Components
  • Virtual Ethernet Adapters and How They Work.
  • Virtual Switches and How They Work
  • VLANS in VMWare Infrastructure
  • NIC Teaming, Failover Configurations
  • Layer 2 Security Features & File System Structure
  • Managing the Virtual Network with "VirtualCenter"
  • VMWare so-called "Uplink Ports" and their interaction with the Physical equivalent
  • Kernel, Processes, Account and Groups
  • Linux and Unix Permissions
  • Trust Relationships Logs and Auditing

Penetration Testing 101

  • What is a Penetration Test and benefits?
  • What is the Cost of a Hack?
  • Example
  • Current Issues and Evolving Threats
  • Pen Testing Methodology, Types of Tests, Website Review
  • Common Management Errors

Routing and the Security Design of VMware

  • Security of Routing Data
  • How traffic is routed Between Virtual Machines on ESX host
  • Security Design of the VMware Infrastructure 3 Architecture
  • VMware Infrastructure Architecture and Security Features

Information Gathering, Scanning and Enumeration

  • What information does the hacker gather?
  • Methods of Obtaining Information
  • Footprinting Defined, Google Hacking
  • Introduction to Port Scanning & Tools
  • Enumeration Overview

DMZ Virtualization

  • Virtualized DMZ Networks
  • Three Typical Virtualized DMZ Configurations
  • Best Practices for Achieving a Secure Virtualized DMZ Deployment

 Remote DataStore Security

  • Mask and Zone SAN Resources
  • Fiber Channel, Attacking Fiber Channel
  • Securing iSCSI, iFCP and FCIP over IP networks

Penetration Testing and the Tools of the Trade

  • Vulnerabilities in Network Services & Assessment Scanners
  • Windows Password Cracking
  • Alternate Data Streams, Encrypted Tunnels
  • Port Monitoring Software, Rootkits, Metasploit , Fuzzers
  • SaintExploit, Core Impact, Wireshark
  • Penetration Testing Tool Comparison
  • ARP Cache Poisoning, Hash Algorithm

Hardening your ESX Server

  • Hardening Your ESX Server, ESX, ESX Best Practices
  • Configuring the ESX/ESXi Host
  • VirtualCenter, Client Components
  • The Basics of SAN Security,Part 1, Increasing Security Concerns
  • Data Integrity and Security
  • Security Management Part 2
  • Fibre Channel Security Management
  • Authentication and Authorization
  • Configuration Management
  • SAN Access, SAN Security Benefits
  • Controller-based Mapping, WWN Privileged Access
  • Redundancy, Management
  • Distributing Malware, Malware Capabilities
  • Netcat
  • Executable Wrappers
  • Avoiding Detection
  • BPMTK
  • What is SQL Injection?
  • Why SQL Injection?
  • Attacking Database Servers
What You Can Expect

Walk away knowing how to secure a VMware environment in a DMZ and how to protect yourself from the common vulnerabilities of VMware attack surfaces from the eyes of an attacker

Who Should Take This Course

System Administrators and Security Administrators using virtualization software

Recommended Prerequisites

Virtual Infrastructure 4 Ultimate Bootcamp or equivalent. In lieu of hands-on classroom training, an in-depth knowledge of VMwares ESX virtualization environment is required

Training Style

Dive deep into the different layers of security and explore features to include how traffic routes between VM???s and different hosts, common denominators of Physical and Virtual Environments, and how to make the virtual environment the most secure

Related Courses
Code Course Title Duration Level
VMV4BC
VMware View 4 Ultimate Bootcamp
3 Days
I
Details
VMADM
VMware vSphere/vCenter: Install, Configure, Manage, Troubleshoot
5 Days
I
Details

Every student attending a Verhoef Training class will receive a certificate good for $100 toward their next public class taken within a year.

You can also buy "Verhoef Vouchers" to get a discounted rate for a single student in any of our public or web-based classes. Contact your account manager or our sales office for details.