|
If your organization has an Internet connection and one or
two disgruntled employees (and whose doesn't!), your computer
systems will get attacked. From the five, ten, or even one
hundred daily probes against your Internet infrastructure
to the malicious insider slowly creeping through your most
vital information assets, attackers are targeting your systems
with increasing viciousness and stealth.
By helping you understand attackers' tactics and strategies
in detail, giving you hands-on experience in finding vulnerabilities
and discovering intrusions, and equipping you with a comprehensive
incident handling plan, the in-depth information in this course
helps you turn the tables on computer attackers. This course
addresses the latest cutting-edge insidious attack vectors
and the "oldie-but-goodie" attacks that are still
so prevalent, and everything in between. Instead of merely
teaching a few hack attack tricks, this course includes a
time-tested, step-by-step process for responding to computer
incidents, a detailed description of how attackers undermine
systems so you can prepare, detect, and respond to them, and
a hands-on workshop for discovering holes before the bad guys
do. Additionally, the course explores the legal issues associated
with responding to computer attacks, including employee monitoring,
working with law enforcement, and handling evidence.
This challenging course is particularly well suited to individuals
who lead or are a part of an incident handling team. Furthermore,
general security practitioners, system administrators, and
security architects will benefit by understanding how to design,
build, and operate their systems to prevent, detect, and respond
to attacks.
It is imperative that you get written
permission from the proper authority in your organization
before using these tools and techniques on your company's
system, and also that you advise your network and computer
operations teams of your testing.
|
|
|
Who Should Attend
- Members and leaders of incident handling teams
- System administrators and security personnel
- Ethical hackers/penetration testers who want to understand
the concepts underlying their testing regimen
|
A Sampling of Topics
- The step-by-step approach used by many computer attackers
- The latest computer attack vectors and how you can stop
them
- Proactive and reactive defenses for each stage of a computer
attack
- Hands-on workshop addressing scanning for, exploiting,
and defending systems
- Strategies and tools for detecting each type of attack
- Attacks and defenses for Windows, Unix, switches, routers
and other systems
- Application-level vulnerabilities, attacks, and defenses
- Developing an incident handling process and preparing
a team for battle
- Legal issues in incident handling
- Recovering from computer attacks and restoring systems
for business
|
 GIAC
Certification Available |
|
| INSTRUCTOR |
|
John
Strand
John Strand has been
teaching the SANS GCIH and CISSP classes. He is currently
certified GIAC Gold in the GCIH and GCFW. He is also a holder
of the CISSP certification. He started working computer security
with Accenture Consulting in the areas of intrusion detection,
incident response, and vulnerability assessment/penetration
testing. Currently, he is employed with Northrop Grumman specializing
in DCID 6/3 PL3-PL5 (multi-level security solutions), security
architectures, and program certification and accreditation
preparation. He has a Masters degree from Denver University,
and is currently a professor at Denver University. In his
spare time he writes loud rock music and makes various futile
attempts at fly-fishing.
|
Author Statement
My favorite part of teaching the Hacker Techniques, Exploits,
and Incident Handling track is watching students when they finally
get it. Its usually a two-stage process. First, students begin
to realize how truly malicious some of these attacks are. Some
students have a very visceral reaction, occasionally shouting
out Oh, shoot! when they see what the bad guys are really up
to. But if I stopped the process at that point, Id be doing
a disservice. The second stage is even more fun. Later in the
class, students gradually realize that, even though the attacks
are really nasty, they can prevent, detect, and respond to them.
Using the knowledge they gain in this track, they know they'll
be ready when a bad guy launches an attack against their systems.
And being ready to thwart the bad guys is what its all about.
- ED SKOUDIS |
|
