skip to main navigation skip to secondary navigation skip to content
Board of Governors of the Federal Reserve System
skip to content
Board of Governors of the Federal Reserve System

International Training and Assistance (ITA)
for Bank Supervisors

Network SecurityS.T.R.E.A.M/Technology Lab Courses - The Federal Reserve Bank of Chicago

Type of Participant Targeted

The Network Security course is a one-week course intended for examiners with IT examination responsibilities, but who may not have had university training in information technology. At least one year of field examination experience is preferred.

Prerequisites

None.

Course Overview

After reviewing attack vectors and network diagrams, this class provides a further look at network protocols and the OSI (Open Systems Interconnection) and Internet Models. Building on this knowledge, topics such as firewalls, intrusion detection, and security event monitoring are covered to relate and emphasize the necessity for proper device management. At the end of the course the gained knowledge will be used to assess weaknesses in controls during a live pen test lab and demonstration in a simulated banking environment.

Course Objectives

After completing the course, the participant, at a minimum, will be able to

  • Explore, map, and analyze realistic TCP/IP (Transmission Control Protocol/Internet Protocol) networks using a variety of diagnostic software tools
  • Examine the role of access controls within an networked environment
  • Explore the different firewall types and architectures that exist in a simulated e-banking setting
  • Identify the different Intrusion Detection Systems (IDS) products currently available, determine the limitations of these products, and understand the controls needed for maintaining an IDS infrastructure
  • Discuss examination procedures outlined in the IT Examination Handbook produced by the FFIEC
  • Conduct hands-on lab work utilizing commonly available network tools

Post-Course Intervention

Participants will learn the essential components of a network. For each technical element (e.g., firewalls and intrusion detection systems), appropriate controls will be reviewed.

Learning Objectives

Examiners should be able to articulate the key risk elements associated with operating and managing a production network. Good network security starts with an accurate risk assessment. Accuracy in this case means that consideration should be given to potential risks for each system (internal and external) and that all systems should be inventoried. Change management is critical as is ensuring that hosts are hardened according to corporate guidelines. Remote access also needs to be managed to include some form of monitoring and logging. Finally, the financial institution must be able to articulate a risk-mitigation strategy; this should be reviewed to ensure that new applications and/or systems are treated from a holistic perspective, and that controls for all systems are re-evaluated for effectiveness periodically.

By module, the following learning objectives will be accomplished:

Module Learning Objectives
Network Attack Vectors
  • Identify and understand the technical implications of the latest network attack vectors
  • Assess effectiveness of alternative mitigation techniques
Perimeter Defense: Firewalls
  • Evaluate and assess appropriate implementation of firewall controls relative to the complexity of a given network
  • Use network configuration and sound design of firewall architecture through multiple filter points, active firewall monitoring and management, and integrated security monitoring
Network Diagramming
  • Review the elements of layered security and understand how network devices are used to separate zones of risk
Protocols
  • Illustrate the OSI model by following a packet from encapsulation on one computer to de-encapsulation on another
  • Examine the various protocol characteristics and evaluate the risk associated with using protocols in a production environment
IDS/Intrusion Prevention Systems (IPS)
  • Distinguish between alert and block versus alert and pass strategies
  • Identify sound practices associated with current state-of-the-art intrusion detection and prevention system devices

Instructors

This course is developed and supported by a group of instructors with extensive examination experience and expertise in banking technologies. Instructors come from across the Federal Reserve System as well as other regulatory agencies and industry.

Return to topReturn to top

Last update: February 2, 2017