Average Rating: 0.00/10
(# Rating Votes: 0 | Rate This Course | Contribute a Review )
Short Description:
In Incident Response, instructors provide you with the forensic techniques to recognize, respond to, and recover not only from attacks.
Full Description:
Hackers and malicious insiders are an undeniable threat to a company's network. They have increasingly sophisticated tools and backdoor programs at their disposal to steal information, perform other unlawful or unauthorized activity and cover their tracks. Because of this level of sophistication, security professionals charged with protecting their organizations can be overwhelmed, causing attacks to be ignored or mistakenly diagnosed as "network problems."
Incident Response/Forensics is a powerful weapon against these network enemies. Traditional incident-response training often focuses on external attacks, paying little attention to insider threats, which could potentially be even more damaging. In Incident Response, instructors provide you with the forensic techniques to recognize, respond to, and recover not only from outsider attacks, but insider ones as well.
This course qualifies for up to 32 hours of CPE for CISSP/SSCP and 28 hours of CE for CISA/CISM holders.
What You Will Learn?
In this hands-on course, you will learn about the computer forensics process. You will find out how to respond to unlawful access and information theft, learning to recognize the traces of numerous attacks. Starting from creating evidentiary disk images to recognizing the often-faint trail of unauthorized activity, this course integrates the latest security threats and countermeasures.
With Foundstone's expert instruction, you learn step-by-step incident-response procedures for UNIX, Windows NT, and Windows 2000 systems. The methods are tailored to your organization's security architecture, so you can apply them in the real world long after class is completed.
Why Do We Teach This?
Malcontents and security holes exist in alarming numbers, the possible compromises on your network are an unfortunate fact of corporate life. A total network-security plan includes the capability to resolve incidents after they occur. Incident Response is a comprehensive, technically detailed course that enables you to develop a total network-security plan that will successfully respond to incidents and reinforce your security posture.
Who Teaches the Class?
Uniquely qualified to present this material, Foundstone instructors have responded to dozens of intrusions on corporate and military networks and developed effective incident-response programs. As the leading "white hats" in the industry, course instructors know the "black hats" latest exploits – whether they are hackers in the shadows or malicious insiders deploying the latest underground techniques.
Instructors have managed or directed the security-assessment teams at the Big 5 accounting firms, as well as amassed real-world experience ranging from the United States Air Force to Wall Street. Members of the instructor team authored the best-selling “Hacking Exposed: Network Security Secrets & Solutions” and write a weekly column for InfoWorld magazine. They are also frequent speakers at industry conferences such as NetWorld Interop, Usenix, and the Black Hat Briefings.
Who Should Take the Course?
If you are a system and network administrator, corporate security personnel, an auditor, law enforcement officer, and/or consultant who deals with network intrusions, then you should take this course. Basic understanding of Unix, Windows NT, computer forensics, and TCP/IP networking is required for the course to be fully beneficial.
Topics
Developing "best practices" incident-response procedures
Incident detection for Windows NT and UNIX
Incident investigation for Windows NT and UNIX
How and when to monitor your network
Recognizing anomalies on your network
Tracking backdoor, privilege escalation, and other Windows NT and UNIX attacks
Investigating Web server, DNS server, and mail server attacks
The critical step of incident documentation
Evidence collection, handling, and chain-of-custody procedures
Disk-imaging methods for Intel-based and other processors
Lab Exercises
Forensic analysis of victimized systems
Analysis of victimized systems before power-down
Intrusion-log review
Full content monitoring of network traffic
Review backdoor tools that circumvent intrusion-detection systems
Determine the function of unidentified processes
Detection of loadable kernel modules
Rootkit and trojan detection
What Do You Get?
Includes an individual dual-boot Windows/Linux laptop for use during the course, use of the lab network and computers, class handouts, and a CD-ROM with course tools and scripts. Breakfast and an afternoon snack are provided.
Duration:
4 days
Price:
$3500
Submitted by: admin
Hits: 0
Foundstone's Ultimate Hacking: Incident Response & Forensics Course Web Page
|
