The MikroTik Certified Security Engineer (MTCSE) is a two-day intermediate-level training course that teaches Cybersecurity concepts. It’s designed for network engineers and technicians who want to deploy and secure medium and large enterprise/ISP size networks.

What’s covered:

Introduction

• Attacks, mechanisms and services

• The most common threats

• RouterOS security deployment

Firewall

• Packet flow, firewall chains

• Stateful firewall

• RAW table

• SYN flood mitigation using RAW table

• RouterOS default configuration

• Best practices for management access

• Detecting an attack to critical infrastructure services

• Bridge filter

• Advanced options in firewall filter

• ICMP filtering

OSI Layer Attacks

• MNDP attacks and prevention

• DHCP: rogue servers, starvation attacks and prevention

• TCP SYN attacks and prevention

• UDP attacks and prevention

• ICMP Smurf attacks and prevention

• FTP, telnet and SSH brute-force attacks and prevention

• Port scan detection and prevention

Cryptography

• Introduction to cryptography and terminology

• Encryption methods

• Algorithms – symmetric, asymmetric

• Public key infrastructure (PKI)

• Certificates

• Self-signed certificates

• Free of charge valid certificates

• Using the certificates in RouterOS

Securing the Router

• Port knocking

• Secure connections (HTTPS, SSH, WinBox)

• Default ports for the services

• Tunneling through SSH

Secure Tunnels

• Introduction to IPsec

• L2TP + IPsec

• SSTP with certificates

By the end of this training, participants should be able to plan and implement appropriate security measures suitable for the network at hand.