Learn: in:
» back to Search Results

Course rating of 0 Vendor rating of 4

Course Outline

Chapter 1 - Primer and reaffirming our knowledge

ESX Networking Components
Virtual Ethernet Adapters and How They Work.
Virtual Switches and How They Work
Virtual Switches vis-a-vis Physical Switch
Why The Spanning Tree Protocol is Superfluous
What are Virtual Ports and Why Should we be Concerned?
VMWare so-called "Uplink Ports" and their interaction with the Physical equivalent
Concept of Port Groups - They are out of this (physical) world!
Virtual Switch Correctness
VLANs in VMware Infrastructure
NIC Teaming
Load Balancing
Failover Configurations
Layer 2 Security Features
Managing the Virtual Network with "VirtualCenter"
File System Structure
When do the processes start?
Starting and Stopping Processes
Interacting with Processes
Account and Groups
Password and Shadow File Formats
Linux and Unix Permissions
Set UID Programs
Trust Relationships
Logs and Auditing

Chapter 2 - Penetration Testing 101

What is a Penetration Test?
Benefits of a Penetration test
What is the Cost of a Hack?
Current Issues
Active Zombies
Hash Collisions
SQL Injection
Identity Theft
Social Engineering, EXploits and Chained Exploits
Chained Exploit Example
The Evolving Threat
Pen Testing Methodology
Types of Tests
Website Review
Common Management Errors
It's not Just about the Tools!

Chapter 3 - Routing and the Security Design of VMware

Security of Routing Data
How traffic is routed Between Virtual Machines on ESX host
Different vSwitches, same port group and VLAN
Same vSwitch, different port group and VLAN
Same vSwitch, same port group and VLAN
Security Design of the VMware Infrastructure 3 Architecture
VMware Infrastructure Architecture and Security Features
Virtualization Layer
CPU Virtualization
Buffer overflow
Memory Virtualization
Virtual Machines
Service Console
Virtual Networking Layer
Virtual Switches
Virtual Switch LANs
Virtual Ports
Virtual Network Adapters
Virtual Switch Isolation
Virtual Switch Correctness
Virtualized Storage
SAN Security
VMware Virtual Center

Chapter 4 – Information Gathering, Scanning and Enumeration

What information does the hacker gather?
Methods of Obtaining Information
Footprinting Defined
Firefox Add
Google Hacking
Introduction to Port Scanning
Port Scanning Tools
TCP Connect Port Scan
Half-Open Scan
Firewalled Ports
Service Version Detection
Additional NMAP Scans
UDP Scans
Enumeration Overview
Web Server Banner Grabbing
SMTP Server Banner
DNS Enumeration
Zone Transfers
Backtrack Tools
Active Directory Enumeration
LDAP miner
Null Sessions
Enumeration with Cain and Abel
NAT Dictionary Attack Tool
Cool Stuff with Cain

Chapter 5 – DMZ Virtualization

Virtualized DMZ Networks
Typical Virtualized DMZ
Three Typical Virtualized DMZ Configurations
Partially Collapsed DMZ with Separate Physical Trust
Partially Collapsed DMZ with Virtual Separation of Trust
Fully Collapsed DMZ
Best Practices for Achieving a Secure Virtualized DMZ Deployment
Harden and Isolate the Service Console
Clearly Label Networks for each Zone within the DMZ
Set Layer 2 Security Options on Virtual Switches
Enforce Separation of Duties
Use ESX Resource Management Capabilities
Regularly Audit Virtualized DMZ Configuration

Chapter 6 – Remote DataStore Security

Mask and Zone SAN Resources
LUN Masking
SAN Zoning
Port Zoning
Hard and Soft Zoning
WWN Zoning
Classes of Attacks against SANs
Fiber Channel
Fiber Channel – Security Protocol
ESP over Fiber Channel
Switch Link
Attacking Fiber Channel
Securing iSCSI, iFCP and FCIP over IP networks

Chapter 7 – Penetration Testing and the Tools of the Trade

Vulnerabilities in Network Services
Vulnerability Assessment Scanners
Windows Password Cracking
Syskey Encryption
Cracking Techniques
Disabling Auditing
Clearing the Event Log
Alternate Data Streams
Stream Explorer
Encrypted Tunnels
Port Monitoring Software
Core Impact
Penetration Testing Tool Comparison
ARP Cache Poisoning
Cain and Abel
Breaking SSL Traffic
Hash Algorithm
MD5 Hash Collisions

Chapter 8 – Hardening your ESX Server

Hardening Your ESX Server
ESX Best Practices

  • Virtual Machines
  • Secure Virtual Machines as You Would Secure Physical Machines
  • Disable Unnecessary or Superfluous Functions
  • Take Advantage of Templates
  • Prevent Virtual Machines from Taking Over Resources
  • Isolate Virtual Machine Networks
  • Arp Cache Poisoning
  • VM Segmentation
  • Minimize Use of the VI Console
  • Virtual Machine Files and Settings
  • Disable Copy and Paste Operations Between the Guest Operating System and Remote Console
  • Limit Data Flow from the Virtual Machine to the Datastore
  • SetInfo Hazard
  • Do Not Use Nonpersistent Disks
  • Ensure Unauthorized Devices are Not Connected
  • Prevent Unauthorized Removal or Connection of Devices
  • Avoid Denial of Service Caused by Virtual Disk Modification Operations
  • Specify the Guest Operating System Correctly
  • Verify Proper File Permissions for Virtual Machine Files
  • Configuring the Service Console in ESX 3.5
  • Configure the Firewall for Maximum Security
  • Limit the Software and Services Running in the Service Console
  • Use VI Client and VirtualCenter to Administer the Hosts Instead of Service Console
  • Use a Directory Service for Authentication
  • Strictly Control Root Privileges
  • Control Access to Privileged Capabilities
  • Establish a Password Policy for Local User Accounts
  • Do Not Manage the Service Console as if it were a Linux Host
  • Maintain Proper Logging
  • Establish and Maintain File System Integrity
  • Secure the SNMP Configuration
  • Protect against the Root File System Filling Up
  • Disable Automatic Mounting of USB Devices

Best Practices ESXi

  • Configuring Host-level Management in ESXi 3.5
  • Strictly Control Root Privileges
  • Control Access to Privileged Capabilities
  • Maintain Proper Logging
  • Establish and Maintain Configuration File Integrity
  • Secure the SNMP Configuration
  • Ensure Secure Access to CIM
  • Audit or Disable Technical Support Mode

Configuring the ESX/ESXi Host

  • Isolate the Infrastructure-related Networks
  • Configure Encryption for Communication between Clients and ESX/ESXi
  • Label Virtual Networks Clearly
  • Do Not Create a Default Port Group
  • Do Not Use Promiscuous Mode on Network Interfaces
  • Protect against MAC Address Spoofing
  • Secure the ESX/ESXi Host Console
  • Mask and Zone SAN Resources Appropriately
  • Secure iSCSI Devices through Authentication


  • Set Up the Windows Host for VirtualCenter with Proper Security
  • Limit Administrative Access
  • Limit Network Connectivity to VirtualCenter
  • Use Proper Security Measures when Configuring the Database for VirtualCenter
  • Enable Full and Secure Use of Certificate-based Encryption
  • VirtualCenter Server Certificates Replacement
  • Pre-Installation
  • During Installation
  • Post-Installation
  • Use VirtualCenter Custom Roles
  • Document and Monitor Changes to the Configuration
  • VirtualCenter Add-on Components
  • VMware Update Manager
  • VMware Converter Enterprise
  • VMware Guided Consolidation
  • General Considerations

Client Components

  • Restrict the use of Linux-based Clients
  • Verify the Integrity of VI Client
  • Monitor the Usage of VI Client Instances
  • Avoid the Use of Plain-Text Passwords


The Basics of SAN Security, Part I
Increasing Security Concerns
Security Domains

  • Administrator-to-Security Management Domain
  • Host-to-Switch Domain
  • Security Management-to-Fabric Domain

Switch-to-Switch Domain
Data Integrity and Security

  • So What Is Zoning?
  • Zoning Types
  • Configuring Zoning Components
  • LUN Masking
  • Persistent Binding
  • Security Technologies
  • Host-to-Fabric
  • Summary and Conclusions

Security Management Part 2

Fibre Channel Security Management
Authentication and Authorization
Configuration Management
SAN Access
SAN Security Benefits
Host-Based and Switch Based Mapping
Controller-based Mapping
WWN Privileged Access
Summary and Conclusions
Appendix 1 – Malware
Distributing Malware
Malware Capabilities

  • Netcat Switches

Executable Wrappers
Avoiding Detection
Appendix 2 – SQL Injection
What is SQL Injection?
Why SQL Injection?
Attacking Database Servers

  • SQL Ping2
  • osql.ex

Prerequisites & Certificates

Virtual Infrastructure 3.5 Ultimate Bootcamp® or equivalent. In lieu of hands-on classroom training, an in-depth knowledge of VMware’s ESX virtualization environment is required.

Certificates offered

Certificate of Completion

Cancellation Policy
Cancellations or postponements received more than ten business days prior to the first day of the course, will be subject to a 15% administration fee, and course ware fees where applicable. The cost of the course is payable, in full, for any cancellations or postponements received within ten business days, or less, prior to the first day of the course.

Map & Reviews
TekSource Corporate Learning
[ View Provider's Profile ]


This course has not yet been rated by one of our members.

If you have taken a course through this vendor please log into your account and leave feedback for this vendor. You will be helping ensure our members get directed to the best training facilities.

Here are some reviews of the training vendor.
A quick note to say thanks very much for the information I garnered at the course. The training was very informative and practical; the handout material contains a lot of information that will be helpful in future.
Reviewed by 2014
I found the course to be useful and easy to follow. Would use their service again.
Reviewed by 2014
I really enjoyed this training session, I found it incredible helpful for our needs of customizing our CRM. The instructor was good
Reviewed by 2013
By choice, and as I didn't want to disturb the man next to me, I didn't ask to many questions of the instructor. I realize that taking the same course at the same time would have been ideal, but I understand why we were put in the same space. I had a few computer glitches which shuffled the course material around a bit which I eventually found a work around for. A lot of material for one day and I did find myself paying attention to the clock to make sure I finished at a reasonable time.
Reviewed by 2012
very well organized and flexible. Helped me with my specific needs. Steve was very helpful.
Reviewed by 2012
I thought that the course content was excellent, it covered a wide variety of new features in 2010 at a sufficeint level of detail. The video instructor was also very diliegent about highlighting the various ribbon features and showing alternate methods of completing a task. This teaching method may not be for everyone, but I enjoyed the ability to learn at my own pace, without being slowed down by questions that were not relevant to me. It would be nice to have better control over the video streaming in order to skip over/ahead on topics that are familiar to the user.
Reviewed by 2012
the instructor was very knowledgeable, and most importantly patient.
Reviewed by 2012
Found that the advance training was where my level was at already on most items (wishing there was a super advanced training). Found the ‘instructor’ not to be conversant on the program I was being trained on (probably the same level as I was) which was frustrating. He did ask other personnel which did have more knowledge but did not give me a clear answer (said it was part of the limits of the program and what I was looking for was very customized, duh this is why I took the advanced) He was willing to go over the ideas of tables and relationships with me which was not covered in the course, which I was thankful for. The course did delivered though what it had said it would and it was good to get reinforcement on what I had learned on my own, that I was on the right track.
Reviewed by 2012
The course was really useful for me.
Reviewed by 2012
over all it is a good experience and I learnt something out of it.
Reviewed by 2012
Course content was not as comprehensive as I'd hoped. Would have liked more indepth lessons about macros.
Reviewed by 2012
It would be great to separate two different session for the topic. It was usufull and meantime it was too much information.
Reviewed by 2012
Hi, There was one problem with the flow. I'm not completely sure as to how best to describe it but basically, it didn't flow from one module to the next. Specifically, if I was in a particular module (say the introduction or first sub-module) and it completed, I was not automatically taken to the next sub-module within the overall module (a module being a section of the course). Feel free to give me a call to discuss at 416-686-3141.
Reviewed by 2012
The first hour of the course was difficult due to the noisy environment. There were 3 separate software platforms being mentored by 2 instructors simultaneously. As each required unique start up instructions, it was very difficult to concentrate on the video teaching for my session in spite of the headphones as there was a significant amount of background noise. I suggest that future sessions that are mentored rather than led be done as dedicated sessions (i.e. only 1 software platform being taught at a time) to minimize the impact of this situation. Additionally, the 2 instructors had side conversations that had nothing to do with teaching the sessions and needed to be asked not to do this as I found it was hindering my ability to listen to the video lesson. Unwilling to crank the volume on the headset, I could hear them clearly over the top of the lesson I was listening to.
Reviewed by 2012
Everyone was extremely laid back, kind and courteous. I felt very comfortable and no matter who you were in contact with, all employees were approachable.
Reviewed by 2012
While the instructor had a basic understanding of Project 2010, he did not have "advanced" knowledge which was the level of the course. He had not really used the software in "real life" so didn't have any context. Whenever I had questions, he looked for answers from microsoft.com (I could have done the same). I was hoping the instructor would provided added knowledge to what I was learning from the videos.
Reviewed by 2012
Fantastic and very relevant. The instructor was very pleasant and helpful.
Reviewed by 2012
Too many mistakes made in the videos, this made it confusing about what to follow and what to avoid. Seminar presenter got off-topic too much which made me pressed for time.
Reviewed by 2011
There really is not enough time in one day to do all the exersizes in the training manual, watch all the videos, take the quizzes, and discuss specifc issues with the instructor. I would suggest improving the video intruction to actual take you through some of the exersizes rather than leaving you to do it on your own, because you really only learn by doing.
Reviewed by 2011
Thought the directions in the book exercises exercises could be written a little clearer.
Reviewed by 2011
My second course with TekSource and it's always an enjoyable experience. It's a nice clean office environment close to the subway. And the staff is excellent and helpful.
Reviewed by 2011
Not instructor led hence one star rating
Reviewed by 2011
The only somewhat critical comment I have is that it can be difficult to concentrate when the mentor is explaining to another student. In a small classroom setting, I guess that is just a reality of mentor-assisted training.
Reviewed by 2011
Steve Meggenson understand French. He helped me a lot with my documents from work. Now I know how to use Access for my work. I should take this course 5 years ago! But, it's not too late! I want to take the monitored or coach course with Steve again because he can read and understand french!
Reviewed by 2011
I wish that there had been more examples and more exercises for pivot tables and vlook up. They are very valuable tools.
Reviewed by 2011
Very positive experience.
Reviewed by 2011

This course currently does not have any dates scheduled. Please call 1-877-313-8881 to enquire about future dates or scheduling a private, in house course for your team.

This page has been viewed 262 times.