Web Security School Lesson 1

In Lesson 1 of Web Security School, our guest instructor, Michael Cobb, teaches you how to plan and perform a secure installation of your Web server's operating system and services. He also explains detailed hardening procedures, and how to secure other network services such as FTP and SMTP, as well as setting up access control and security policies. Finally, you will learn how to set up secure remote management and recovery procedures.    Webcast: Insider's guide to Web server security    Technical paper: Why your Web site is at risk    Quiz: Lesson 1    About the Instructor

MAIN MENU

Web Security School Home Lesson 1 Lesson 2 Lesson 3

Webcast: Insider's guide to Web server security

Guest instructor Michael Cobb lays the groundwork for locking down a Web server before it goes live. This tutorial begins with a look at Web server hardening procedures, followed by access control and security policies. Mike also explains how to secure other network services such as SMTP and FTP, and the best way to prepare recovery plans and backup procedures. You will come away from this webcast with a checklist to ensure your IIS Web server is secure and ready for the online world. This webcast is available on-demand. Through our agreement with (ISC)², all CISSP and SSCP participants who attend this webcast can earn one CPE credit.

Webcast companion materials:

BEGIN THE WEBCAST   (Download PDF)
Find out how you can earn CPE credits

Now available as an MP3: Insider's guide to Web server security

Technical paper: Know your enemy: Why your Web site is at risk

Knowing the enemy is the first step in building a defense. Get a true sense of the scope of the threats and risks to your Web site, and who is behind them.

Technical paper companion:

READ THIS TECHNICAL PAPER   (Download PDF)

Quiz: Lesson 1

The final part of this lesson is the quiz to assess your knowledge of Web server security. In order to successfully pass the quiz, you need to attend the webcast and read the technical paper.

TAKE THE QUIZ   (Download PDF)

About the Instructor

Michael Cobb, CISSP-ISSAP, is a renowned security author with more than 10 years experience in the IT industry and another 16 years experience in finance. He is the founder and managing director of Cobweb Applications Ltd., a consultancy that offers IT training and support in data security and analysis. He co-authored the book IIS Security and has written numerous technical articles for leading IT publications. Cobb is also a Microsoft Certified Database Administrator and a Microsoft Certified Professional.

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT IIS Security Kaminsky: DNS flaw capable of attacks on many fronts Trend Micro site compromised What server considerations should be made when setting up an internal network's private applications? IT discussion: Is malware the cause of a DNS server error? Insider's guide to IIS Web server security Microsoft July updates for critical Excel, Windows and .NET flaws Finding and blocking Web application server attack vectors What's the best way to verify client authentication across unrelated Web servers? Microsoft to release DNS patch Tuesday DNS worm strikes at Microsoft flaw IIS Security Research SSL & TLS Google Chrome unlikely to attract security-minded users Plug-in opens door for self-signed SSL certs in Firefox 3 Which operating system can best secure an FTP site? If email attachments are sent via SSL will they be encrypted? Transit Safety Yahoo fixes SSL flaw in Business E-mail Quiz: Web application threats and vulnerabilities Secure data transmission methods Apple patches 13 flaws in Mac OS X Security Bytes: IE7 defenses revealed Web Application Security (Also see Web Access Control) PCI DSS 1.2 clarifies wireless, antivirus use MySpace, Facebook ignoring basic principles of security Positive changes coming to ModSecurity Kaminsky: DNS flaw capable of attacks on many fronts Can IBM's SMash technology secure Web applications? Microsoft tools won't be quick fix for SQL injection attacks New defenses for automated SQL injection attacks HP aims at IBM with application vulnerability scanning as service Information security book excerpts and reviews Kaminsky on DNS rebinding attacks, hacking techniques

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary Secure Shell  (SearchSecurity.com) Secure Sockets Layer  (SearchSecurity.com) server accelerator card  (SearchSecurity.com) Transport Layer Security  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary