Register now online or call 1-831-662-9164.
Overview
Incident response is becoming an increasingly important area within the
field of information security because systems, applications, and networks have
become more complex and diverse and are thus increasingly difficult to defend.
50 percent of all respondents to the 1998 FBI/Computer Security Institute Survey
reported experiencing at least one significant security-related incident.
This two-day course teaches attendees what an incident is, the rationale for
having an effective incident response capability, the types of incidents that
occur and complications in dealing with them, how to detect incidents, how to
use a structured methodology for dealing with evidence, how to trace network
intrusions, and considerations involved in forming and managing an incident
response capability. Case studies from the instructor's experience as founder
and manager of the U.S. Department of Energy's Computer Incident Advisory
Capability (CIAC) are included throughout the course. The course covers a
variety of technical, procedural, and managerial information, and is thus
appropriate for attendees with both technical and non-technical backgrounds.
Outline
The last half day is dedicated to a stimulating and highly popular simulation
on responding to incidents. Participants (who will work in small teams) will
play the role of network administrators who have a limited number of resources
to invest in security controls. Probes and intrusion attempts (generated by a
random event generator) occur constantly. When incidents occur, each team must
determine an appropriate course of action, giving participants the opportunity
to apply what they have learned in the course.
About the Instructor
Dr. Schultz is a Certified Information Systems Security Professional, a Principal Engineer with the Lawrence Livermore National Laboratory in Northern California, and a Professor of Computer Science at the University of California at Berkeley. As an expert
in information security, Dr. Schultz has authored three books and more than 90 papers on the topic, and serves as the Editor-in-Chief of Information Security Bulletin, a highly respected professional journal. He has received the Information Systems Security Association Professional Contribution Award and the NASA Technical Excellence Award.
Two years ago, Dr. Schultz was appointed the chair of the Presidential Commission on Critical Infrastructure Protection -- Intrusion Detection. While at Lawrence Livermore National Laboratory, Dr. Schultz founded the Computer Incident Advisory Capability (CIAC) for the U.S. Department of Energy, and has been called upon to provide expert testimony on issues related to information security before various U.S. Senate and House of Representatives subcommittees. Advisor to corporate chiefs around the world on computer security policy and practice, Dr. Schultz is considered to be one of the foremost experts of computer security.
Dr. Schultz currently teaches the following computer security courses for Megamind:
Incident Response
Length: 1 day
Tuition $495
Dr. Eugene E. Schultz, Ph.D., CISSP
* Incident Response and Reporting
* Securing IIS Web Servers: Avoiding an IIS Catastrophe!
* Securing your Enterprise in the 21st Century
* UNIX Security (Intro, Intermediate, and Advanced levels)
* Windows NT Security (Intro, Intermediate, and Advanced levels)
* Windows 2000 Security