Course Summary

The following course descriptions can be used to gather basic information about each of Outbreak's course offerings. To download a detailed (PDF) description of any of the courses, click on the desired course title.

Creating a Computer Security Incident Response Team (1 day)
This course is designed for managers and project leaders who have been tasked with implementing a computer security incident response team (CSIRT). and provides a high level overview of the key issues and decisions that must be addressed in establishing a CSIRT. As part of the course, attendees will develop an action plan that can be used as a starting point in planning and implementing their own CSIRT.

Managing Computer Security Incident Response Teams (3 days)
This course is designed for managers and project leaders responsible for coordinating CSIRT operations and provides insight into the type and nature of the work that CSIRT staff may be expected to handle. The course also provides prospective or current managers with an overview of the incident handling process and the types of tools available to incident handlers.

Fundamentals of Incident Handling (5 days)
This course provides a basic introduction to the main incident handling tasks and critical thinking skills that will help an incident handler perform their daily work. It is recommended to those new to incident handling work. It is designed to provide insight into the type and nature of work that an incident handler may perform. It will provide an overview of the incident handling arena, including CSIRT services, intruder threats, and the nature of incident response activities.

Advanced Incident Handling for Technical Staff (5 days)
This course is designed for experienced CSIRT technical personnel to addresses techniques employed in detecting and responding to current and emerging computer security threats and attacks that are targeted against a variety of operating systems and architectures. Participants work as a team throughout the week to handle a series of escalating incidents that are presented as part of an ongoing scenario. Work includes team analysis of information and presentation of findings and response strategies. Participants also review broader aspects of CSIRT work such as artifact analysis; vulnerability handling; and the development of advisories, alerts, and management briefings.

Information Security for Technical Staff (5 days)
This course provides participants with practical techniques for protecting the security of an organization's information assets and resources, beginning with concepts and proceeding on to technical implementations. To illustrate important concepts and security technologies, demonstrations and multiple hands-on exercises will include implementations applicable to Linux and Windows systems as well as Cisco networking equipment.

Advanced Information Security for Technical Staff (5 days)
This course increases the depth of knowledge and skills of technical staff charged with administering and securing information systems and networks. Developed around a scenario in which a production network has failed an information security audit, students will implement numerous technical security solutions to bring the network into compliance. Participants will work in teams to integrate these solutions throughout the enterprise. Each student will have the use of a dual-boot laptop for the duration of the course, as well as direct administrative access to a wide variety of networked systems.

Introduction to Software Security (2 days)
The key to proactive computer security thus involves getting a risk management handle on the software security problem. This comprehensive two-day course—designed by the experts who literally wrote the book on software security—encompasses software security awareness and best practices through a combination of lecture and hands-on exercises.

Advanced Software Security (5 days)
Software vulnerability and software exploits are the root cause of a majority of computer security problems. In fact, software is the target of choice for real hackers. The key to proactive computer security thus involves getting a risk management handle on the software security problem. This comprehensive two-day course—designed by the experts who literally wrote the book on software security—encompasses software security awareness and best practices through a combination of lecture and hands-on exercises.

Introduction to Network Forensics (5 days)
This course will presents the InfoSecure CEA Forensic Methodology(tm) for a complete forensic investigation. Designed around real-life scenarios, participants will be exposed to practical techniques and hands-on experience in conducting and completing a forensics investigation. Beginning with the necessary background in computer architecture and information storage and continuing with a complete implementation of the InfoSecure CEA Forensic Methodology for seizure, collection, examination and analysis of forensic data, this course gives attendees the knowledge required to become a skilled forensics examiner.