InfoSec Institute: Information Security Training
Intrusion Detection, Incident Response and Computer Forensics Training Training
Security incidents happen. There were over 100,000 incidents reported to CERT/CC at Carnige-Mellon University in 2002. Recent state legislation requires companies to publicly disclose security incidents that involve the compromise of consumer data. It has never been a better time to get Intrusion Detection, Incident Response and Computer Forensics Training training.
This hands-on network security course offers practical experience in a wide array of technical incident response tactics. Learn how to mitigate the harmful and high-dollar loss effects of a serious insider computer breach, detect the warning signs associated with an impending cyber attack, and effectively respond to devastating worms (i.e. MS Blaster, Nachi, and Slammer).
Intrusion Detection, Incident Response and Computer Forensics Training training neatly meshes the three skills required in order to respond to security incidents. While most courses focus on a single aspect of incident response, InfoSec Institute prepares you with all the required skills you must have to do the job right.
In the two day Intrusion Detection training component of the network security course, you will master many different skills. A select sample of the material includes:
-
Detecting and blocking Worms and Viruses
-
Running distributed Snort
-
Deploying and running Internet Security System's RealSecure
-
Writing Snort signatures rules from packet captures
-
Network IDS sensor placement
-
IDS tuning strategy
-
Host IDS and Host IPS
-
False positive reduction
-
TCP/IP manipulations
-
IDS evasion strategies
-
Detecting hacker's stealth attacks
-
Fragmentation attacks
-
Network forensics
Detecting the security incident is a first and crucial step. But, learning how to detect incidents is worthless without an effective response to the incident that lessens and removes the harmful effects of the incident. This is why we have a full day dedicated to technical incident response procedures. Some of the content in this information security training course includes:
-
Developing an Incident Response Plan
-
Coordinating an Incident Response Team (CERT)
-
Testing the Incident Response plan
-
Collecting evidence
-
Restoration of normal business processing
-
Crisis management
The final two days of the course focus on Computer Forensics Training training. Once you have detected and responded to the incident, you must learn to discover how the security event occurred in the first place. The only way to prevent future incidents is to determine the origin of the incident. The Computer Forensics Training training will also help you develop strategies for proper evidence gathering that is submissible in court. Some of the topics include:
-
Unix and Linux Forensics
-
Data recovery on Windows systems
-
Chain of Custody and evidence collection
-
Timestamp analysis
-
NTFS, FAT, Ext3 filesystem analysis
-
Forensic training imaging
-
Image handling and image integrity via hashing
-
Recovering hidden and erased data
-
Gigabyte data mining techniques
-
Imaging and recovering volatile memory
-
Collecting email evidence
-
Worm and Virus dissassembly and analysis
Interested in learning more about
InfoSec Institute?
Contact a technical student coordinator
that can answer your questions!
Have A Quick Question? Want to find out pricing?
Fill out this form and get an answer fast!
