Course
Summary
The following course descriptions can be used to gather
basic information about each of Outbreak's course
offerings. To download a detailed (PDF) description of any
of the courses, click on the desired course title.
Creating
a Computer Security Incident Response Team (1
day)
This course is designed for managers and
project leaders who have been tasked with implementing a
computer security incident response team (CSIRT). and
provides a high level overview of the key issues and
decisions that must be addressed in establishing a CSIRT.
As part of the course, attendees will develop an action
plan that can be used as a starting point in planning and
implementing their own CSIRT.
Managing
Computer Security Incident Response Teams (3
days)
This course is designed for managers
and project leaders responsible for coordinating CSIRT
operations and provides insight into the type and nature of
the work that CSIRT staff may be expected to handle. The
course also provides prospective or current managers with
an overview of the incident handling process and the types
of tools available to incident handlers.
Fundamentals
of Incident Handling (5 days)
This course provides a basic introduction to
the main incident handling tasks and critical thinking
skills that will help an incident handler perform their
daily work. It is recommended to those new to incident
handling work. It is designed to provide insight into the
type and nature of work that an incident handler may
perform. It will provide an overview of the incident
handling arena, including CSIRT services, intruder threats,
and the nature of incident response activities.
Advanced
Incident Handling for Technical Staff (5
days)
This course is designed for experienced CSIRT
technical personnel to addresses techniques employed in
detecting and responding to current and emerging computer
security threats and attacks that are targeted against a
variety of operating systems and architectures.
Participants work as a team throughout the week to handle a
series of escalating incidents that are presented as part
of an ongoing scenario. Work includes team analysis of
information and presentation of findings and response
strategies. Participants also review broader aspects of
CSIRT work such as artifact analysis; vulnerability
handling; and the development of advisories, alerts, and
management briefings.
Information
Security for Technical Staff (5
days)
This course provides participants with
practical techniques for protecting the security of an
organization's information assets and resources, beginning
with concepts and proceeding on to technical
implementations. To illustrate important concepts and
security technologies, demonstrations and multiple hands-on
exercises will include implementations applicable to Linux
and Windows systems as well as Cisco networking equipment.
Advanced
Information Security for Technical Staff (5
days)
This course increases the depth of knowledge
and skills of technical staff charged with administering
and securing information systems and networks. Developed
around a scenario in which a production network has failed
an information security audit, students will implement
numerous technical security solutions to bring the network
into compliance. Participants will work in teams to
integrate these solutions throughout the enterprise. Each
student will have the use of a dual-boot laptop for the
duration of the course, as well as direct administrative
access to a wide variety of networked systems.
Introduction
to Software Security (2 days)
The key to proactive computer security thus
involves getting a risk management handle on the software
security problem. This comprehensive two-day
course—designed by the experts who literally wrote the book
on software security—encompasses software security
awareness and best practices through a combination of
lecture and hands-on exercises.
Advanced Software
Security (5 days)
Software
vulnerability and software exploits are the root cause
of a majority of computer security problems. In fact,
software is the target of choice for real hackers. The
key to proactive computer security thus involves getting
a risk management handle on the software security
problem. This comprehensive two-day course—designed by
the experts who literally wrote the book on software
security—encompasses software security awareness and
best practices through a combination of lecture and
hands-on exercises.
Introduction
to Network Forensics (5 days)
This course will presents the InfoSecure CEA
Forensic Methodology(tm) for a complete forensic
investigation. Designed around real-life scenarios,
participants will be exposed to practical techniques and
hands-on experience in conducting and completing a
forensics investigation. Beginning with the necessary
background in computer architecture and information storage
and continuing with a complete implementation of the
InfoSecure CEA Forensic Methodology for seizure,
collection, examination and analysis of forensic data, this
course gives attendees the knowledge required to become a
skilled forensics examiner.