skip to main navigation skip to secondary navigation skip to content
Board of Governors of the Federal Reserve System
skip to content
Board of Governors of the Federal Reserve System

International Training & Assistance (ITA)
for Bank Supervisors

Network SecurityS.T.R.E.A.M/Technology Lab Courses - The Federal Reserve Bank of Chicago

Type of Participant Targeted

The Network Security course is a one-week course intended for examiners with IT examination responsibilities, but who may not have had university training in information technology. At least one year of field examination experience is preferred.

Prerequisites

None.

Course Overview

This course provides participants with a technical grounding in networking concepts and technologies that are critical to IT operations in financial institutions, including TCP/IP networking protocols and common network infrastructures and configurations. The course examines key network perimeter security tools, including firewalls and intrusion detection systems (IDS).

Course Objectives

After completing the course, the participant, at a minimum, will be able to

  • Explore, map, and analyze realistic TCP/IP networks using a variety of diagnostic software tools
  • Implement, test, and maintain common firewall types and architectures in a simulated e-banking setting
  • Identify different IDS products currently available, effectively implement and manage these systems, and understand the controls needed for maintaining an IDS infrastructure
  • Discuss examination procedures outlined in the IT Examination Handbook produced by the FFIEC

Post-Course Intervention

Participants will learn the essential components of a network. For each technical element (e.g., firewalls and intrusion detection systems), appropriate controls will be reviewed.

Curriculum Overview

Topic/Activity Approximate Class Hours
Network Attack Vectors 1.00
Anti-Virus and Spyware Exercises 1.00
Microsoft Baseline Security Analyzer Exercise 1.00
Perimeter Defense: Firewalls 2.00
Password Cracking Exercise .50
Network Diagramming and Exercises 3.00
Router Exercise 1.00
Wireless Networking and Exercises 1.50
Protocols .75
Encapsulation and Exercises 2.00
NMap Exercise .75
DNS/FTP/Telnet Exercises 2.50
Firewalls and Exercises 2.50
Intrusion Detection/Prevention Systems 2.50
IDS/IPS Exercises 2.50
TOTAL 24.50

Learning Objectives

Examiners should be able to articulate the key risk elements associated with operating and managing a production network. Good network security starts with an accurate risk assessment. Accuracy in this case means that consideration should be given to potential risks for each system (internal and external) and that all systems should be inventoried. Change management is critical as is ensuring that hosts are hardened according to corporate guidelines. Remote access also needs to be managed to include some form of monitoring and logging. Finally, the financial institution must be able to articulate a risk-mitigation strategy; this should be reviewed to ensure that new applications and/or systems are treated from a holistic perspective, and that controls for all systems are re-evaluated for effectiveness periodically.

Accomplishments by module

Module Learning Objectives
Network Attack Vectors
  • Identify and understand the technical implications of the latest network attack vectors
  • Assess effectiveness of alternative mitigation techniques
Perimeter Defense: Firewalls
  • Evaluate and assess appropriate implementation of firewall controls relative to the complexity of a given network
  • Use network configuration and sound design of firewall architecture through multiple filter points, active firewall monitoring and management, and integrated security monitoring
Network Diagramming
  • Review the elements of layered security and understand how network devices are used to separate zones of risk
Protocols
  • Illustrate the OSI model by following a packet from encapsulation on one computer to de-encapsulation on another
  • Examine the various protocol characteristics and evaluate the risk associated with using protocols in a production environment
IDPS Systems
  • Distinguish between alert and block versus alert and pass strategies
  • Identify sound practices associated with current state-of-the-art intrusion detection and prevention system devices

Class Size

The optimum class size is approximately 25 participants. To provide sufficient variety of interaction among class participants, the minimum class size is 10 participants.

Instructors

Network Security courses include one or more instructor(s) from the FRS and may also include instructors from an external agency.

Return to topReturn to top

Last update: January 18, 2012