SANS Security Essentials Bootcamp Style Advanced Computer Forensic

Document Sample
SANS Security Essentials Bootcamp Style Advanced Computer Forensic Powered By Docstoc
					                                                              27 June - 2 July 2011
The Most Trusted Name in Information
     Security Training Worldwide

     Hands-on immersion
      training programs:

SANS Security Essentials
   Bootcamp Style

   Advanced Computer
  Forensic Analysis and
    Incident Response



     “SANS is the most
   knowledgeable in the
    industry. Well worth
          the cost!!”

       GIAC Approved Training          Register at
                SEC401: SANS Security Essentials Bootcamp Style
                         Six-Day Program • Mon, 27 June - Sat, 2 July 2011
                       9:00am - 7:00pm (Days 1-5) • 9:00am - 5:00pm (Day 6)
                   46 CPE Credits • Laptop Required • Instructor: Mark Hofman

Maximize your training time and turbo-charge your career in security by
learning the full SANS Security Essentials curriculum needed to qualify for
the GSEC certi cation.
In this course you will learn the language and underlying theory of computer
security. At the same time you will learn the essential, up-to-the-minute knowledge
and skills required for effective performance if you are given the responsibility for
securing systems and/or organizations. This course meets both of the key promises
SANS makes to our students: (1) You will gain up-to-the-minute knowledge you can GIAC Certification
put into practice immediately upon returning to work; and, (2) You will be taught
by the best security instructors in the industry. As always, great teaching sets SANS courses apart, and
SANS ensures this by choosing instructors who have ranked highest in a nine-year competition among
potential security faculty.

                                      B        O        O       T C              A       M P
                                             Security 401 PARTICIPANTS ONLY
                                    5:15pm - 7:00pm - Required — Course Days 1-5
Attendance is required for the evening bootcamp sessions as the information presented appears on
the GIAC exams. These daily bootcamps give you the opportunity to apply the knowledge gained
throughout the course in an instructor-led environment. It helps fill your toolbox with valuable tools
you can use to solve problems when you go back to work. The material covered is based on Dr. Eric
Cole’s “cookbook for geeks,” and most students find it to be one of the highlights of their Security
Essentials experience! Students will have the opportunity to install, configure, and use the tools and
techniques they have learned. CDs containing the software required will be provided for each student.
Students should arrive with a laptop properly configured. A working knowledge of each operating
system is recommended but not required. For students who do not wish to build a dual boot machine,
SANS will provide a bootable Linux CD for the Linux exercises.

              “Without a doubt one of the most informative
            courses I’ve attended so far, the knowledge base of
                   the instructor makes the di erence.”
                            -ANDRE MORGAN, GENERAL DYNAMICS

Mark Hofman                     SANS Certified Instructor
Mark Hofman is a director and founder of Shearwater Solutions and has over 15 years’ experience in
ICT Security. He has worked for both private industry and government and has provided a wide range
of information security consulting services to numerous organizations, including the nancial sector,
private sector, and government organizations. Mark has had a number of publications, has trained
and lectured internationally, and is a handler for the Internet Storm Center. Mark holds professional
certi cations, including CISSP, GIAC GCFW, CompTIA Security+ and BSI lead auditor accreditations.
                   FOR508: Advanced Computer Forensic Analysis
                             and Incident Response
            Six-Day Program • Mon, 27 June - Sat, 2 July 2011 • 9:00am - 5:00pm
                36 CPE Credits • Laptop Required • Instructor: Michael Murr

Data breaches and advanced intrusions are occurring daily.
Sensitive data and intellectual property is stolen from systems that are protected by
sophisticated network and host based security. A motivated criminal group or nation
state can and will always find a way inside enterprise networks. In the commercial
and government sectors, hundreds of victims responded to serious intrusions
costing millions of dollars and loss of untold terabytes of data. Cyber attacks
originating from China dubbed the Advanced Persistent Threat have proved difficult GIAC Certification
to suppress. FOR508 will help you respond to and investigate these incidents.

This course will give you a firm understanding of advanced incident response and computer forensics
tools and techniques to investigate data breach intrusions, tech-savvy rogue employees, advanced
persistent threats, and complex digital forensic cases.
Utilizing advances in spear phishing, web application attacks, and persistent malware these new
sophisticated attackers advance rapidly through your network. Incident Responders and Digital
Forensic investigators must master a variety of operating systems, investigation techniques, incident
response tactics, and even legal issues in order to solve challenging intrusion cases. This course will
teach you critical forensic analysis techniques and tools in a hands-on setting for both Windows- and
Linux-based investigations.
Attackers will use anti-forensic techniques to hide their tracks. They use rootkits, file wiping, timestamp
adjustments, privacy cleaners, and complex malware to hide in plain sight avoiding detection by standard
host-based security measures. Everything leaves will leave a trace; you merely need to know where to look.
Learning more than just how to use a forensic tool, by taking this course you will be able to
demonstrate how the tool functions at a low level. You will become skilled with new tools, such as
the Sleuthkit, Foremost, and the HELIX3 Pro Forensics Live CD. SANS hands-on technical course arms
you with a deep understanding of the forensic methodology, tools, and techniques to solve advanced
computer forensics cases.


Michael Murr                  SANS Certified Instructor
Michael has been a forensic analyst with Code-X Technologies for over ve years, has conducted
numerous investigations and computer forensic examinations, and has performed specialized
research and development. Michael has taught SANS Security 504 (Hacker Techniques, Exploits,
and Incident Handling), SANS Security 508 (Computer Forensics, Investigation, and Response),
and SANS Security 601 (Reverse-Engineering Malware); has led SANS@Home courses; and
is a member of the GIAC Advisory Board. Currently, Michael is working on an open-source
framework for developing digital forensics applications. Michael holds the GCIH, GCFA, and GREM
certi cations and has a degree in computer science from California State University at Channel
Islands. Michael also blogs about Digital forensics on his Forensic Computing blog.
                 SANS Training is back in Malaysia!
 SANS is pleased to announce SANS-IMPACT: Malaysia 2011 in Kuala Lumpur, Malaysia,
 27 June - 2 July 2011. We’re bringing our most popular courses to Malaysia. Don’t miss
 this opportunity to upgrade your skills, work toward your GIAC certi cation, and network
 with other security professionals.

 The International Multilateral Partnership Against Cyber Threats (IMPACT)is the world’s
  rst comprehensive alliance bringing together governments, academia and industry
 experts to enhance the global community’s capabilities in dealing with cyber threats.
 Based in Cyberjaya, Malaysia, IMPACT provides its partner countries access to expertise,
 facilities and resources to e ectively address cyber threats. For more information, please

         Venue Location                                       Suggested Hotel
  International Multilateral                           Cyberview Lodge Resort & Spa
     Partnership Against                                   Persiaran Multimedia
   Cyber Threats (IMPACT)                                      63000 Cyberjaya
           Jalan IMPACT                                       Selangor, Malaysia
          63000 Cyberjaya                          T (60 3) 8312-7000 F (60 3) 8312-7001
         Selangor, Malaysia                   

C O U R S E F E E S (U.S. Dollars)                Register at
Course      Paid by 18/5/11   Paid by 1/6/11   Paid after 1/6/11    GIAC Cert     OnDemand
SEC401         $ 3,700          $ 3,950           $ 4,200          Add $499       Add $399
FOR508         $ 3,685          $ 3,835           $ 4,085          Add $499       Add $399
   For further information, including group discounts, contact