- Training
- Training Live Events
- Training Without Travel
- Security Courses
- Security Curricula
- Certified Instructors
- Training Calendars
- SANS vLive!
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- Coins
- SANS Onsite
- SANS SelfStudy
- SANS Summit Series
- SANS Partnership Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- List of Resources
- Top Security Risks
- Top 25 Programming Errors
- 20 Coolest Jobs
- Application Security Procurement Language
- Top 10 Security Trends
- Top 5 Essential Log Reports
- Reading Room
- Webcasts
- AudioCasts
- WhatWorks
- Newsletters
- RSS Feeds
- Calendar Feeds
- Security Thought Leaders
- Security Policy Project
- Security+ Study Guide
- SANS Buyers Guide
- Security Tool Demos
- 2008 Salary Survey
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
The most trusted source for computer security training, certification and research.
SANS delivers the best training I have seen in the industry.
-Brian Hughes, Idaho State University
NOTE: Mentor sessions run for 10 weeks, one evening a week for two hours unless otherwise noted below.
Security 503: Intrusion Detection In-Depth
Brownstown, PA 17508
Tuesday, February 3, 2009 - Tuesday, April 7, 2009
Course Fee: $2,995.00
| $499.00 | Additional For Proctored Certification † |
| $399.00 | Additional For OnDemand |
* Payment must be RECEIVED by the deadline to receive the posted rate.
Mentor: jerry shenk
Dates:
Tuesday, February 3, 2009 - Tuesday, April 7, 2009
Meeting Time:
7:00 PM - 9:00 PM
Where:
D&E CommunicationsMentor Bio:
4139 oregon pike
Brownstown, PA 17508
jerry shenk: Jerry Shenk has been involved in the computer industry since the late 70s. He has been involved in small office networks, regional WANs and international WANs. Jerry is currently employed as a security consultant assisting clients in enhancing the security of their networks through design, configuration, troubleshooting, auditing and penetration testing. Security has been a major focus for him since 2000 including obtaining 5 GIAC Gold certifications, all with honors. He also has a CISSP certification and a number of vendor specific certifications. He has done a number of technical training sessions and webinars and looks forward to helping others build on their skills to secure their networks.
This course prepares you for the GCIA certification ( http://www.giac.org/certifications/security/gcia.php ) which meets the requirement of the DoD 8570 IAT Level III.
Learn practical hands-on intrusion detection and traffic analysis, through SANS Local Mentor Program. This advanced program is newly updated to reflect the latest attack patterns, jam packed with network traces and analysis tips.
This course is not a comparison or demonstration of multiple NIDS. Instead, the knowledge and information provided, allows students to better understand the elements that go into a sound NIDS and the whys behind them. The emphasis of this training is to increase students understanding of the workings of TCP/IP, methods of network traffic analysis and one specific network intrusion detection system Snort. Students will learn from hundreds of examples of detections that were captured in the real world and be able to apply these examples to the analysis of intrusion patterns within their own organizations. The goal of this course - better equip students to make a wise selection for their sites particular needs and put the training they receive into practice the day they get back to the office.
The challenging hands-on exercises are specially designed to be valuable for all experience levels. Students must possess a working knowledge of TCP/IP & Hex and we strongly recommend you spend some time getting familiar with TCPdump, WINdump or another network analyzer output before coming to class. To test your knowledge, please see our TCP/IP & Hex Quizzes at: www.sans.org/conference/tcpip_quiz.php.
SANS Intrusion Detection In-Depth Local Mentor-led course runs for 10 weeks and is divided into seven sections:
- Introduction to SANS and GIAC Certification Orientation
- TCP/IP for Intrusion Detection
- Network Traffic Analysis Using TCPdump - Part 1
- Network Traffic Analysis Using TCPdump - Part 2
- Intrusion Detection Snort Style
- IDS Signatures and Analysis - Part 1
- IDS Signatures and Analysis - Part 2
A frequent question is whether this is a self study or a live course led by a Local Mentor? The answer is "both".
Students study SANS Intrusion Detection In-Depth course books at their own pace. Once a week, you and other professionals in your area, meet with SANS Local Mentor, who will lead class discussions, provide hands-on demonstrations, point out the most salient features, and answer questions. The Mentor's goal is to help you grasp the more difficult material, master the exercises, and prepare you for GCIA certification.
Course Materials:
- Hardcopy SANS Intrusion Detection In-Depth Course Books and CDs
- Local Mentor Program study materials
- Ten Weekly 2-hour Mentor led sessions
Group Discounts:
SANS Local Mentor Program is pleased to offer two (2) or more Students who work at the same organization, a Group Discount tuition fee. To obtain the Group Discount fee and Registration Code offered for this course, contact tuition@sans.org PRIOR to registering and provide the names and e-mail addresses of all the students registering within your organization.
LMP Exclusive Offer:
SANS makes every effort to help you obtain certification. SANS Local Mentor Program extends an exclusive offer to Students who previously attended SANS Intrusion Detection In-Depth after January 1, 2001, but did not complete their GCIA certification.
For details on this special offer, please contact at registration@sans.org with the date and location you attended SANS Intrusion Detection In-Depth course, along with your momgate login ID and e-mail address.
- © 2000-2010 The SANS™ Institute
- Web Privacy Policy | Web Contact |
- Press Room | Trademark Usage Policy