27 June - 2 July 2011
The Most Trusted Name in Information
Security Training Worldwide
SANS Security Essentials
Forensic Analysis and
“SANS is the most
knowledgeable in the
industry. Well worth
-WALTINA LARUE, SYMANTEC
GIAC Approved Training Register at www.sans.org/malaysia-2011
SEC401: SANS Security Essentials Bootcamp Style
Six-Day Program • Mon, 27 June - Sat, 2 July 2011
9:00am - 7:00pm (Days 1-5) • 9:00am - 5:00pm (Day 6)
46 CPE Credits • Laptop Required • Instructor: Mark Hofman
Maximize your training time and turbo-charge your career in security by
learning the full SANS Security Essentials curriculum needed to qualify for
the GSEC certi cation.
In this course you will learn the language and underlying theory of computer
security. At the same time you will learn the essential, up-to-the-minute knowledge
and skills required for effective performance if you are given the responsibility for
securing systems and/or organizations. This course meets both of the key promises
SANS makes to our students: (1) You will gain up-to-the-minute knowledge you can GIAC Certiﬁcation
put into practice immediately upon returning to work; and, (2) You will be taught www.giac.org
by the best security instructors in the industry. As always, great teaching sets SANS courses apart, and
SANS ensures this by choosing instructors who have ranked highest in a nine-year competition among
potential security faculty.
B O O T C A M P
Security 401 PARTICIPANTS ONLY
5:15pm - 7:00pm - Required — Course Days 1-5
Attendance is required for the evening bootcamp sessions as the information presented appears on
the GIAC exams. These daily bootcamps give you the opportunity to apply the knowledge gained
throughout the course in an instructor-led environment. It helps ﬁll your toolbox with valuable tools
you can use to solve problems when you go back to work. The material covered is based on Dr. Eric
Cole’s “cookbook for geeks,” and most students ﬁnd it to be one of the highlights of their Security
Essentials experience! Students will have the opportunity to install, conﬁgure, and use the tools and
techniques they have learned. CDs containing the software required will be provided for each student.
Students should arrive with a laptop properly conﬁgured. A working knowledge of each operating
system is recommended but not required. For students who do not wish to build a dual boot machine,
SANS will provide a bootable Linux CD for the Linux exercises.
“Without a doubt one of the most informative
courses I’ve attended so far, the knowledge base of
the instructor makes the di erence.”
-ANDRE MORGAN, GENERAL DYNAMICS
Mark Hofman SANS Certiﬁed Instructor
Mark Hofman is a director and founder of Shearwater Solutions and has over 15 years’ experience in
ICT Security. He has worked for both private industry and government and has provided a wide range
of information security consulting services to numerous organizations, including the nancial sector,
private sector, and government organizations. Mark has had a number of publications, has trained
and lectured internationally, and is a handler for the Internet Storm Center. Mark holds professional
certi cations, including CISSP, GIAC GCFW, CompTIA Security+ and BSI lead auditor accreditations.
FOR508: Advanced Computer Forensic Analysis
and Incident Response
Six-Day Program • Mon, 27 June - Sat, 2 July 2011 • 9:00am - 5:00pm
36 CPE Credits • Laptop Required • Instructor: Michael Murr
Data breaches and advanced intrusions are occurring daily.
Sensitive data and intellectual property is stolen from systems that are protected by
sophisticated network and host based security. A motivated criminal group or nation
state can and will always ﬁnd a way inside enterprise networks. In the commercial
and government sectors, hundreds of victims responded to serious intrusions
costing millions of dollars and loss of untold terabytes of data. Cyber attacks
originating from China dubbed the Advanced Persistent Threat have proved difﬁcult GIAC Certiﬁcation
to suppress. FOR508 will help you respond to and investigate these incidents. www.giac.org
This course will give you a ﬁrm understanding of advanced incident response and computer forensics
tools and techniques to investigate data breach intrusions, tech-savvy rogue employees, advanced
persistent threats, and complex digital forensic cases.
Utilizing advances in spear phishing, web application attacks, and persistent malware these new
sophisticated attackers advance rapidly through your network. Incident Responders and Digital
Forensic investigators must master a variety of operating systems, investigation techniques, incident
response tactics, and even legal issues in order to solve challenging intrusion cases. This course will
teach you critical forensic analysis techniques and tools in a hands-on setting for both Windows- and
Attackers will use anti-forensic techniques to hide their tracks. They use rootkits, ﬁle wiping, timestamp
adjustments, privacy cleaners, and complex malware to hide in plain sight avoiding detection by standard
host-based security measures. Everything leaves will leave a trace; you merely need to know where to look.
Learning more than just how to use a forensic tool, by taking this course you will be able to
demonstrate how the tool functions at a low level. You will become skilled with new tools, such as
the Sleuthkit, Foremost, and the HELIX3 Pro Forensics Live CD. SANS hands-on technical course arms
you with a deep understanding of the forensic methodology, tools, and techniques to solve advanced
computer forensics cases.
FIGHT CRIME. UNRAVEL INCIDENTS... ONE BYTE AT A TIME.
Michael Murr SANS Certiﬁed Instructor
Michael has been a forensic analyst with Code-X Technologies for over ve years, has conducted
numerous investigations and computer forensic examinations, and has performed specialized
research and development. Michael has taught SANS Security 504 (Hacker Techniques, Exploits,
and Incident Handling), SANS Security 508 (Computer Forensics, Investigation, and Response),
and SANS Security 601 (Reverse-Engineering Malware); has led SANS@Home courses; and
is a member of the GIAC Advisory Board. Currently, Michael is working on an open-source
framework for developing digital forensics applications. Michael holds the GCIH, GCFA, and GREM
certi cations and has a degree in computer science from California State University at Channel
Islands. Michael also blogs about Digital forensics on his Forensic Computing blog.
SANS Training is back in Malaysia!
SANS is pleased to announce SANS-IMPACT: Malaysia 2011 in Kuala Lumpur, Malaysia,
27 June - 2 July 2011. We’re bringing our most popular courses to Malaysia. Don’t miss
this opportunity to upgrade your skills, work toward your GIAC certi cation, and network
with other security professionals.
The International Multilateral Partnership Against Cyber Threats (IMPACT)is the world’s
rst comprehensive alliance bringing together governments, academia and industry
experts to enhance the global community’s capabilities in dealing with cyber threats.
Based in Cyberjaya, Malaysia, IMPACT provides its partner countries access to expertise,
facilities and resources to e ectively address cyber threats. For more information, please
Venue Location Suggested Hotel
International Multilateral Cyberview Lodge Resort & Spa
Partnership Against Persiaran Multimedia
Cyber Threats (IMPACT) 63000 Cyberjaya
Jalan IMPACT Selangor, Malaysia
63000 Cyberjaya T (60 3) 8312-7000 F (60 3) 8312-7001
Selangor, Malaysia www.cyberview-lodge.com
C O U R S E F E E S (U.S. Dollars) Register at www.sans.org/malaysia-2011
Course Paid by 18/5/11 Paid by 1/6/11 Paid after 1/6/11 GIAC Cert OnDemand
SEC401 $ 3,700 $ 3,950 $ 4,200 Add $499 Add $399
FOR508 $ 3,685 $ 3,835 $ 4,085 Add $499 Add $399
For further information, including group discounts, contact AsiaPaciﬁc@sans.org.