
	Home > SearchSecurity.com's Web Security School

Security School:

LICENSING & REPRINTS

SearchSecurity.com's Web Security School

08 Jun 2005 | SearchSecurity.com

Digg This!

StumbleUpon Toolbar

StumbleUpon

Del.icio.us

Welcome to SearchSecurity.com's Web Security School, where you'll learn how to harden a Web server and apply countermeasures to prevent hackers from breaking into a network. Study at your own pace and learn how to implement security policies and test a Web site's security, as well as how to handle a breach should the unspeakable happen. Guest instructor Michael Cobb will also arm you with tactics for creating a human firewall to combat problems such as phishing and spyware. This course consists of an entrance exam, three lessons -- each consisting of a webcast, technical paper and quiz -- and a final exam. You'll also find handy checklists that you can download and use on the job. All of these resources are available on-demand so you can learn at your convenience.

   Course Outline
   Entrance Exam
   Begin Lesson 1
   Begin Lesson 2
   Begin Lesson 3
   Final Exam
   About the Instructor

SCHOOL HIGHLIGHTS

Send the editor your feedback on this Security School

Visit our Security School for CISSP training

Visit our SOX Security School

Visit our E-mail Security School

SPONSORED LINKS

thawte white paper:
Building customer confidence with thawte SSL Web server certificates and SuperCerts

Web Security School Course Outline

Web Security School Entrance Exam
Before you begin Web Security School, take this entrance exam to assess your knowledge of Web security and identify the areas you need to focus on. Make note of your score so you can gauge your progress at the end of the School with our final exam.
TAKE THE EXAM   (Download PDF)

Lesson 1
Learn how to plan and perform a secure installation of your Web server's operating system and services. Michael Cobb also explains detailed hardening procedures and how to secure other network services such as FTP and SMTP, as well as setting up access control and security policies. Finally, you will learn how to set up secure remote management and recovery procedures. After you've attended the webcast and read the technical paper, take the quiz to assess your knowledge of Web server security.
Webcast: Insider's guide to Web server security   (Download PDF)
Now available as an MP3: Insider's guide to Web server security
Companion materials:

Essential vs. nonessential services    (Download PDF)
Windows IIS server hardening checklist    (Download PDF)
IIS SMTP mail relay service and Microsoft Exchange Server    (Download PDF)

Technical paper: Why your Web site is at risk   (Download PDF)
Technical paper companion:
Checklist of known IIS vulnerabilities   (Download PDF)

Quiz: Lesson 1   (Download PDF)

Lesson 2
Learn what to expect and look for when analyzing an attack on your Web server. Michael Cobb presents a guide to logging and auditing leads, as well as a review of essential fortification, countermeasures and other recommended security enhancements for your server. After you've attended the webcast and read the technical paper, take the quiz to assess your knowledge of how to defeat Web server attacks.
Webcast: Web attacks and how to defeat them   (Download PDF)
Now available as an MP3: Web attacks and how to defeat them
Companion materials:

Windows tools for investigating an attack   (Download PDF)
Essential fortification checklist   (Download PDF)

Technical paper: Life at the edge: Securing the network perimeter   (Download PDF)

Quiz: Lesson 2   (Download PDF)

Lesson 3
Learn how to plan and implement Web directory structures and permissions, and manage Web development. This lesson includes a primer on secure coding and data management, and procedures for combating phishing, adware and spyware. The accompanying quiz will help you assess your knowledge of securing Web applications.
Webcast: Locking down your Web applications   (Download PDF)
Now available as an MP3: Locking down your Web applications
Companion materials:

Developer's active content delivery checklist   (Download PDF)
Spyware removal checklist   (Download PDF)

Technical paper: Top tools for testing your online security   (Download PDF)

Quiz: Lesson 3   (Download PDF)

Final Exam
After you've completed Lessons 1, 2 and 3, take the Web Security School final exam to assess your knowledge of Web security based on what you've learned here.
TAKE THE FINAL EXAM   (Download PDF)

  About the Instructor

Michael Cobb, CISSP-ISSAP is a renowned security author with more than 10 years experience in the IT industry and another 16 years experience in finance. He is the founder and managing director of Cobweb Applications Ltd., a consultancy that offers IT training and support in data security and analysis. He co-authored the book IIS Security and has written numerous technical articles for leading IT publications. Cobb is also a Microsoft Certified Database Administrator and a Microsoft Certified Professional.



Digg This!    StumbleUpon    Del.icio.us

RELATED CONTENT

IIS Security

Trend Micro site compromised

What server considerations should be made when setting up an internal network's private applications?

IT discussion: Is malware the cause of a DNS server error?

Insider's guide to IIS Web server security

Microsoft July updates for critical Excel, Windows and .NET flaws

Finding and blocking Web application server attack vectors

What's the best way to verify client authentication across unrelated Web servers?

Microsoft to release DNS patch Tuesday

DNS worm strikes at Microsoft flaw

How to implement IIS authentication settings

IIS Security Research

Internet Explorer Security

Microsoft addresses XSS in Internet Explorer

Internet Explorer open to spoofing, scripting attacks

Shrewd attackers bypass old security defenses with Web attacks

Inside MSRC: Microsoft outlines Internet Explorer flaws

Install Microsoft Office and IE patches first, experts say

IE patch glitch sends admins in search of workarounds

Microsoft security update causes IE meltdown

Security fixes on tap for Windows, IE, DirectX

Will Web browsers ever be fully equipped to detect and remove malware?

Preparing for uniform resource identifier (URI) exploits

Firefox Security and Mozilla Security

Shrewd attackers bypass old security defenses with Web attacks

Firefox 3 security looks promising, testers say

Mozilla plugs Firefox flaws

Mozilla to rush update for Firefox bugs

Will Web browsers ever be fully equipped to detect and remove malware?

Mozilla fixes multiple Firefox flaws

Preparing for uniform resource identifier (URI) exploits

Mozilla closes QuickTime attack vector in Firefox

Firefox security issues persist despite update

Mozilla to extend security in major Firefox update

Firefox Security and Mozilla Security Research

RELATED GLOSSARY TERMS

Terms from Whatis.com − the technology online dictionary

browser hijacker (SearchSecurity.com)

cache cramming (SearchSecurity.com)

NCSA (SearchSecurity.com)

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

TechTarget Security Media

Information Security

View this month\\'s issue and subscribe today.

Information Security Decisions

Apply online for free conference admission.

SearchSecurity.com

SEARCH :

Advanced Search | Site Index

Powered by:

About Us | Contact Us | For Advertisers | For Business Partners | Site Index | RSS

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.


TechTarget Corporate Web Site \| Media Kits \| Reprints \| Site Map All Rights Reserved, Copyright 2003 - 2008, TechTarget \| Read our Privacy Policy