Average Rating: 0.00/10
(# Rating Votes: 0 | Rate This Course | Contribute a Review )
Short Description:
The Intrusion Detection and Forensics course builds on the foundation of a X-Force™ Education Services system for Information Assurance in an organization. It presents an insight into intrusion detection and forensics and incident response strategies that organizations need in order to protect their critical assets; hacker techniques are also discussed.
Full Description:
Introduction
Every organization has threats that need monitoring and will encounter a security related incident.
Are you prepared? Do you have policy and procedures in place that you apply daily? Does the IT help desk, security team, and management all know what to do if a trojan is found on a corporate system?
Do you know what other backdoors the hacker left after he/she compromised the workstation on your network.
Can you trace the network traffic, host logs and identify what is happening, with and without the help of commercial IDS products?
Are you sure you contained the attack and eradicated everything related to the vulnerability? Do you really think the obvious entry point was not just a ploy from the hacker to lead you down the wrong track? Hackers will put in secondary backdoors for later access.
Do you control your incident response so that evidence can be used for legal action if needed?
Do you integrate your incident handling into a lessons learned or historical FAQ that and escalate information reporting so others can benefit from your time and effort?
If your answer to any of the above questions is NO, then this class is for you. Incidents happen. Hackers are smart and will try to cover their tracks. Sometimes, it can take even the most qualified security professional days to identify and erase the damage of a new attack. This course will prepare you for minimizing time and effort by sharing examples of analysis with you.
Incident response is complex. It takes a special set of skills that combine business and technical analysis. You have to know the hacker techniques and be technically able to find all backdoors. This cannot be learnt from a book. This class will convey to you our professional experience of developing an Intrusion Detection and Forensics Environment and running a Regional Computer Emergency Response Team. You will be given the necessary tools and framework to help you prepare your business against attacks, and ensure that your activity can continue efficiently and smoothly.
The Intrusion Detection and Forensics course builds on the foundation of a X-Force™ Education Services system for Information Assurance in an organization. It presents an insight into intrusion detection and forensics and incident response strategies that organizations need in order to protect their critical assets; hacker techniques are also discussed.
Intended Audience
The course is intended for network or system administrators, information security professionals engaged in assessing security and securing information assets.
Prerequisites
Students should have a solid knowledge of:
TCP/IP, the OSI model, and network architecture
ISS Real Secure (Basic or Advanced Class), Snort or tcpdump analysis experience
NT administration
Show knowledge of Linux/Unix Administration.
Key Hands-on Lab Focus and Objectives
Ensure the students understand the motives and can identify the Five common hacker steps in an attack by using incident analysis:
Scanning
Exploiting Systems
Keeping Access
Covering Track
Ensure the student understands and can implement the Six steps of incident handling:
preparation
identification
containment
eradication recovery
lessons learned
Ensure that the students can perform critical tasks that will be required after class:
Plan, install and maintain the use of Network based IDS Plan
Install and maintain the use of host based IDS
Identify Advanced Hacker Techniques and rootkits that bypass the IDS or erase evidence
Social Engineering and Security Awareness for Response Match network security Policy, E-Policy, and Response
Perform Advanced Forensics for Unix system
Perform Advanced Forensics for NT/2000
Course Fee
The course fee includes detailed course material and lunch each day. Please contact one of our education specialists at 1-888-263-8739 or send an email to us at training@iss.net for course fees and class availability.
Registration
Please call 1-888-263-8739, or register on line.
Duration:
5 Days
Price:
Submit
Submitted by: admin
Hits: 0
ISS's Intrusion Detection and Forensics Course Web Page
|
