4 Days Left to Save $400 on SANS Security East 2015, New Orleans

Sydney 2014

Sydney, Australia | Mon, Nov 10 - Sat, Nov 22, 2014
 

SEC480: Top 4 Mitigation Strategies: Implementing & Auditing

Over the past three years, there has been an ever-increasing focus on preventing targeted cyber intrusions around the world. The Australian Signals Directorate (ASD) in Australia responded to the sharp increase in observed intrusion activity with the 'Strategies to Mitigate Targeted Cyber Intrusions'. This is a list of 35 strategies ranked in order of effectiveness that organisations can implement to reduce the likelihood of a successful targeted cyber intrusion.

There has been a significant push for public and private sector organisations to implement the 'Top 4 Mitigation Strategies' which are:

  1. Application Whitelisting;
  2. Patch Applications;
  3. Patch Operating System;
  4. Minimise Administrative Privileges.

The Cyber Security Operations Centre in ASD has stated that at least 85% of the cyber intrusions it responds to would be mitigated had agencies implemented these Top 4 strategies.

For security professionals, this course enables you to practically implement these strategies in in your existing network using a variety of technologies and methods.

For auditors, CIOs and risk officers this course is the best way to understand how to measure if the Top 4 mitigation strategies have been effectively implemented in an organisation.

After attending this hands-on course, individuals will be able to effectively implement and audit the Top 4 mitigation strategies in their own environments to achieve a significant level of security.

This course closely aligns with the ASD Top 4 mitigation strategies which can be found here: http://www.asd.gov.au/publications/Mitigation_Strategies_2014.pdf

You will learn:

  • Understand the techniques attackers use in targeted cyber intrusions
  • Learn the importance of the Top 4 mitigation strategies including their effectiveness
  • Gain a sound understanding of the strategies, their objectives and compliance requirements
  • Obtain practical experience installing, configuring and deploying technologies to implement the Top 4 Mitigation Strategies
  • Understand common implementation roadblocks and methods to overcome them
  • Learn implementation and business communication methods
  • Learn how to protect your systems from targeted cyber intrusions
  • Learn how to detect targeted cyber intrusions
  • Learn how to implement business processes which support the Top 4 mitigation strategies

Course Syllabus
InstructorsSchedule
Mark Hofman Mon Nov 17th, 2014
9:00 AM - 5:00 PM
Mark Hofman Tue Nov 18th, 2014
9:00 AM - 5:00 PM
Mark Hofman Wed Nov 19th, 2014
9:00 AM - 5:00 PM
Additional Information
 
  Laptop Required

Windows computer (or virtual machine running on another operating system)

  • Ethernet Port
  • VMware vSphere Client installed

If you have additional questions about the laptop specifications, please contact laptop_prep@sans.org.