This four-day hands-on course is designed to increase the depth of knowledge and skills of technical staff charged with administering and securing information systems and networks. Developed around a scenario in which a production network has failed an information security audit, students will implement numerous technical security solutions to bring the network into compliance. Participants will work in teams to integrate these solutions throughout the enterprise and utilize system and network monitoring tools to respond to real world incidents. This course will bring together various security topics such as vulnerability assessment, systems administration, incident response, and computer forensics to provide students with the comprehensive defense-in-depth experience. Each student will have the use of a laptop for the duration of the course, as well as direct administrative access to a wide variety of networked systems.
The first day of the course will introduce students to the different types of vulnerability assessments. Instruction will consist of lecture/presentation, labs, and a team based vulnerability assessment exercise. Students will have the opportunity to actually perform network penetration and attack tasks which will then be analyzed later in the course from a defensive perspective.
The second day of the course will cover host system hardening and the implementation of system and network monitoring tools. After identifying vulnerabilities and configuration issues on day one, students will now put compensating controls in place to mitigate and/or prevent future compromise. Host system hardening concepts will be reviewed and along with labs, a team-based network/host hardening exercise will be used.
The third day of the course students will have the opportunity to familiarize themselves with the network tools implemented on day two. In addition to those labs, incident handling procedures and best practices will be reviewed. The scenarios at the end of day three are designed for students to again work as teams to identify and classify the type of activity and events active on the network and respond and document appropriately.
The fourth and final day of the course will introduce students to computer forensics. Concepts will include building a trusted toolkit, volatile and persistent data collection, and a brief introduction into malware handling and analysis. Using network attacks from the previous training, students will safely collect the necessary data and provide initial analysis.
Technical staff members who manage or support networked information systems and have (recommended)
U.S. Industry: |
$2900 |
U.S. Government/Academic: |
$2325 |
International: |
$5800 |
April 12 - 15, 2010 (SEI Arlington, VA)
This course may be offered by special arrangement at customer sites.
| Global Information Grid Survivability: Four Studies |  |
| SQUARE Up Your Security Requirements Engineering with SQUARE | |
| See more library items | |
| Information Security for Technical Staff |  |
| Better Incident Response Through Scenario Based Training |  |
| IT Infrastructure: Tips for Navigating Tough Spots | |
| Using the Facts to Protect Enterprise Networks: CERT"s NetSA Team | |
E-mail: course-info@sei.cmu.edu
Phone: 412-268-7622
|
2010 Dates |
This course may be offered by special arrangement at customer sites.
Schedule
This four-day course meets at the following times:
Days 1-4, 9:00 a.m.-5:00 p.m.
