Capital City 2013

Washington, DC | Tue, Sep 3 - Sun, Sep 8, 2013

SEC301: Intro to Information Security

This class is great for IT professionals looking for their first step towards security awareness. I have been in IT for 17 years and I learned a lot on this first day of class.
Paul Beninati, EMC

Great course - very informative and current.
Vickie Allen, University of Oklahama

To determine if the SANS SEC301course is right for you, ask yourself five simple questions:

  • Are you new to information security and in need of an introduction to the fundamentals?
  • Are you bombarded with complex technical security terms that you don't understand?
  • Are you a non-IT security manager who lays awake at night worrying that your company will be the next mega-breach headline story on the 6 o'clock news?
  • Do you need to be conversant in basic security concepts, principles, and terms, even if you don't need "deep in the weeds" detail?
  • Have you decided to make a career change to take advantage of the job opportunities in information security and need formal training/certification?

If you answer yes to any of these questions, the SEC301: Introduction to Information Security training course is for you. Jump-start your security knowledge by receiving insight and instruction from real-world security experts on critical introductory topics that are fundamental to information security. This completely revised five-day comprehensive course covers everything from core terminology to the basics of computer networks, security policies, incident response, passwords, and even an introduction to cryptographic principles.

This course is designed for students who have no prior knowledge of security and limited knowledge of technology. The hands-on, step-by-step teaching approach will enable you to grasp all of the information presented even if some of the topics are new to you. You will learn the fundamentals of information security that will serve as the foundation of your InfoSec skills and knowledge for years to come.

Written by a security professional with over 30 years of experience in both the public and private sectors, SEC301 provides uncompromising real-world insight from start to finish. The course prepares you for the Global Information Security Fundamentals (GISF) certification test, as well as for the next course up the line, SEC401: Security Essentials Bootcamp. It also delivers on the SANS promise: You will be able to use the knowledge and skills you learn in SEC301 as soon as you return to work.

Course Syllabus
Course Contents InstructorsSchedule
  SEC301.1: A Framework for Information Security Fred Kerby Tue Sep 3rd, 2013
9:00 AM - 5:00 PM
Overview

Every good security practitioner and every good security program begins with the same mantra: learn the fundamentals. SEC301 starts by instilling familiarity with core security terms and principles. By the time you leave the classroom after the first day, you will fully understand the Principle of Least Privilege and the Confidentiality, Integrity, and Availability (CIA) Triad, and you will see why those principles drive all security discussions. You will be conversant in the fundamentals of risk management, security policy, authentication/authorization/accountability, and security awareness training.

CPE/CMU Credits: 6

 
  SEC301.2: Securing the Infrastructure Fred Kerby Wed Sep 4th, 2013
9:00 AM - 5:00 PM
Overview

To appreciate the risks associated with being connected to the Internet one must have a basic understanding of how networks function. Day two covers the basics of networking (including a review of some sample network designs), including encapsulation, hardware and network addresses, name resolution, and address translation. We explore some typical attacks against the networking and computing infrastructure along with appropriate countermeasures.

CPE/CMU Credits: 6

 
  SEC301.3: Cryptography and Security in the Enterprise Fred Kerby Thu Sep 5th, 2013
9:00 AM - 5:00 PM
Overview

Cryptography can be used to solve a number of security problems. Cryptography and Security in the Enterprise provides an in-depth introduction to a complex tool, (cryptography) using easy to understand examples and avoiding complicated mathematics. Attendees will gain meaningful insights into the benefits of cryptography (along with the pitfalls of a poor implementation of good tools). The day continues with an overview of the security organization in a typical company. Where does security fit in the overall organizational scheme? What is its charter? What other components of the larger organization must it interact with? We conclude the day with a whirlwind overview of wireless networking technology benefits and risks, including a roadmap for reducing risks in a wireless environment.

CPE/CMU Credits: 6

 
  SEC301.4: Information Security Policy Fred Kerby Fri Sep 6th, 2013
9:00 AM - 5:00 PM
Overview

Day four will empower those with the responsibility for creating, assessing, approving, or implementing security policy with the tools and techniques to develop effective, enforceable, policy. Information Security Policy demonstrates how to bring policy alive by using tools and techniques such as the formidable OODA (Orient, Observe, Decide, Act) model. We also explore risk assessment and management guidelines and sample policies, as well as examples of policy and perimeter assessments.

CPE/CMU Credits: 6

 
  SEC301.5: Defense In-Depth: Lessons Learned Fred Kerby Sat Sep 7th, 2013
9:00 AM - 5:00 PM
Overview

The goal of day five is to enable managers, administrators, and those in the middle to strike a balance between "security" and "getting the job done." We'll explore how risk management deals with more than security and how the ISO-OSI model may have an eighth layer (political) impacting communications and transmission. It is replete with war stories from the trenches that illustrate the TSP protocol (the Tie to Sandal Protocol) used by successful security professionals worldwide.

CPE/CMU Credits: 6

 
Additional Information
 
  Testimonial

Here's what recent attendees had to say about this course:

"This class is great for IT professionals looking for their first step towards security awareness. I have been in IT for 17 years and I learned a lot on this first day of class." - Paul Beninati, EMC

"Good basic information for someone just coming into the field." - Bryce Richert, SUH

"It's a very good course if you need the basic foundation. It's a very helpful class to take because it expands on some basic concepts." - Shruti Iyer, DCS Corporation

 
  Laptop Required

Laptop

  • Windows 7 (or later) operating system. (Exercises have been developed on W7 Home Premium; expect that they will work on Windows 8 (and likely Windows XP), but not tested)
  • Optical drive for reading the CD
  • Local administrator account (with the capability to create local accounts on the computer)
  • Wireless network capability
  • NOTE: Do not bring a regular production laptop for this class! When installing software, there is always a chance of breaking something else on the system. Students should assume that all data could be lost
  • External drive-The attendees will need an external drive (e.g., USB thumb drive or USB hard drive) with a capacity of at least 1 GB.

If you have additional questions about the laptop specifications, please contact laptop_prep@sans.org.

 
  Who Should Attend
  • Persons new to Information Technology (IT) who need to understand the basics of information assurance, computer networking, cryptography, and risk evaluation
  • Managers and Information Security Officers who need a basic understanding of risk management and the tradeoffs between confidentiality, integrity, and availability
  • Managers, administrators, and auditors who need to draft, update, implement, or enforce policy
 
  Why Take This Course?

Which Course Is Right For You?

This is the track SANS offers for the professional just starting out in security. If you have experience in the field, please consider our more advanced offerings such as Security Essentials, SEC 401.

 
  You Will Be Able To
  • Discuss and understand risk as a product of vulnerability, threat, and impact to an organization
  • Understand and apply basic principles of information assurance (e.g., least privilege, separation of risk, defense in depth, etc.)
  • Explain the fundamentals of networking (link layer communications, addressing, basic routing, masquerading)
  • Describe the predominant forms of malware and the various delivery mechanisms that can place organizations at risk
  • Understand the capabilities and limitations of cryptography
  • Evaluate policy and recommend improvements
  • Identify and implement meaningful security metrics
  • Identify and understand the basic attack vectors used by intruders

 

Author Statement

A good friend of mine once said, "A little security is better than no security." If your organization is in either situation (little or no security) and you want to make a difference in a positive way, this course is a great place to start. If your organization has already made an investment in security, this is a great opportunity to compare notes with others and identify how to maximize the return on your investment. In 1995, I agreed to fill the position of "number one spear catcher" (the head security guy) for our organization. I asked about training and my predecessor told me that the agency would provide training, but suggested that I work for six months to get some "real-world experience to compare against the theory." It was a long and frustrating six months and the training was less than helpful. A few years later when SANS offered to let me help write and teach this course, I literally jumped at the opportunity. Every time I teach it, I'm excited and I enjoy it as much as the attendees. It's been very gratifying.

- Fred Kerby