Agenda and Session Outline

Materials at http://www.ch13stl.com/2014symposium/

Session 1 (8:45 - 10:15): The IT Track and the Dos and Don’ts for the Chapter 13 IT Managers

1. Welcome and Introductions 2. Code of Ethics 3. Roles and Responsibilities 4. Handbook IT and Security Requirements 5. IT Assets and Baseline Security Controls and Guards

Session 2 (10:30 - 12:00): Exploration – Tour the Chapter 13 Trustee’s IT System

1. Enumerating Partners, Data Processes and Interdependency (13-20) 2. TCP/IP and OSI model 3. Typical Office Network and Network Components 4. Network Services a. DNS/DHCP b. SNMP (nmap of printer/PC) c. Zero Config d. Email SMTP/POP(s)/IMAP(s) e. Trustee Network with Initial Network Services f. Web Sites HTTP(s) 5. Remote Access VPN 6. Wireless Networks 7. Useful Tools 8. Keeping it Organized a. Asset management b. Diagram c. Software/hardware/licenses d. Master Password List e. Task List (spreadsheet)

Session 3 (1:30 - 3:00): Disaster Recovery - Virtually Guaranteed

1. Server Virtualization a. What is it? b. Why consider it? c. Why avoid it? 2. Typical Virtual Machine Architecture 3. Planning Recommendations for the Trustee office virtual Servers 4. Backups and the Cloud a. Handbook and general requirements Agenda and Session Outline

b. Local and Cloud Models c. Cloud-based Virtualization: Virtual Servers as a Service (DRaaS) d. Plan 5. Disaster Recovery: Bringing it all together

Session 4 (3:15 - 4:45): Two Factor Authentication & Mobile Device Security

1. Why we need? - Credential theft 2. What is it? - Something you are, have or know (pick 2) 3. Where it’s needed? a. Remote Logins b. Services 4. Mobile Device Security

Session 5 (8:30 - 10:00): Protocol Potpourri

1. What is the Cloud? 2. IaaS, PaaS, SaaS, DRaaS 3. Security Risks, Requirements and Standards 4. Cloud Services and Security Options 5. Managed Services

Session 6 (10:15 - 11:45): Last Minute Left Overs

1. Vendor Management 2. Other Topics to Revisit 3. Troubleshooting: Tools, Techniques and Documentation a. Nmap, Wireshark/tcpdump, Proc, i. Visio – Network Map b. Wireshark/Etherreal/Tcpdump(Unix) i. Typical Web page access ii. DNS Resolution iii. TCP 3-way handshake SYN/ACK/SYN-ACK, PUSH, FIN/RST Flags iv. Wireshark Network Browsing – What do you see? 1. Multicast (224.0.0.0) and Broadcast (x.x.x.255) 2. Packets sent to and from your IP address for internal and external IP addresses c. Windows Command Prompt Window i. Ping, Traceroute, Netstat, ipconfig, netstat –rn, arp -a ii. Nslookup iii. Whois, , browse to http(s)//IP:port