Average Rating: 0.00/10
(# Rating Votes: 0 | Rate This Course | Contribute a Review )
Short Description:
This advanced course, designed for computer security incident response team (CSIRT) technical personnel with several months of incident handling experience, builds on the methods and tools discussed in the Fundamentals of Incident Handling course.
Full Description:
Course Description
This advanced course, designed for computer security incident response team (CSIRT) technical personnel with several months of incident handling experience, builds on the methods and tools discussed in the Fundamentals of Incident Handling course.
The course addresses commonly used and emerging attacks that are targeted against a variety of operating systems and architectures. It provides steps that incident handlers can take in response to system compromises at the privileged level. Through interactive instruction, facilitated discussions, and small group exercises, CERT Coordination Center® (CERT®/CC) staff members help participants identify and analyze a set of incidents and vulnerabilities and then propose appropriate response strategies. Participants also review broader aspects of CSIRT work (e.g., artifact analysis, development of advisories, alerts, and management briefings).
Audience · Prerequisites · Objectives · Logistics
AUDIENCE
Current computer security incident response team (CSIRT) members; system and network administrators responsible for identifying and responding to security incidents
PREREQUISITES
Before attending this course, applicants must meet the following minimum prerequisites:
completion of the SEI CERT Fundamentals of Incident Handling course is preferred
at least three months of incident handling experience
basic programming skills and familiarity with various types of computer security attacks and tools
understanding of Internet services and protocols
TOPICS
impacts and consequences of privileged compromises
responding to and recovering from privileged compromises
review of probes and scans
overview of distributed denial of service attacks
overview of toolkits
the role of artifact analysis in incident handling
fundamental vulnerability causes and vulnerability handling
publishing information
handling major events
OBJECTIVES
Successful completion of this course will enable participants to
detect and characterize various attack types
gain practical experience in constructive analysis of artifacts left on a compromised system
understand the complexity of and effectively respond to privileged and major event incidents within your CSIRT
formulate effective advisories and alerts
LOGISTICS
Class Schedule
Advanced Incident Handling for Technical Staff is a five-day course. The daily schedule is from 9:00 a.m. to 5:00 p.m.
Availability
For More Information
CERT Coordination Center Web site: http://www.cert.org
For more information about public courses and on-site training, contact
Course Information
Phone and Voice Mail: 412-268-9564
E-mail: training-info@cert.org
Hotel and Travel Information
Information about travelling to SEI offices in Pittsburgh, Pennsylvania and Arlington, Virginia is available on our Travel and Lodging Web pages.
Questions about this course?
Please see our Frequently Asked Questions Web page for answers to some of the more common inquiries about SEI Education and Training. If you need more information, contact us via e-mail at course-info@sei.cmu.edu or telephone at +1 412-268-7622.
Related Products and Services
Courses
Fundamentals of Incident Handling
Creating a Computer Security Incident Response Team
Overview of Managing a Computer Security Incident Response Team
Managing Computer Security Incident Response Teams (CSIRTs)
Concepts and Trends in Information Security
Information Security for Technical Staff
Information Survivability: A New Executive Perspective
Publications
Incident Reporting Guidelines
CERT/CC Alerts
CSIRT Handbook
Other related publications can be seen on the CERT/CC Web site.
Events
Annual Computer Security Incident Handling Conference, sponsored by FIRST.ORG, Inc.
Duration:
5 Days
Price:
2500
Submitted by: admin
Hits: 0
SEI's Advanced Incident Handling for Technical Staff Course Web Page
|
