- Training
- Training Live Events
- Training Without Travel
- Security Courses
- Security Curricula
- Certified Instructors
- Training Calendars
- SANS vLive! / SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- Coins
- SANS Onsite
- SANS SelfStudy
- SANS Summit Series
- SANS Partnership Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- List of Resources
- Top 20 List
- Top 25 Programming Errors
- 20 Coolest Jobs
- Application Security Procurement Language
- Top 10 Security Trends
- Top 5 Essential Log Reports
- Reading Room
- Webcasts
- AudioCasts
- WhatWorks
- Newsletters
- RSS Feeds
- Calendar Feeds
- Security Thought Leaders
- Security Policy Project
- Security+ Study Guide
- SANS Buyers Guide
- Security Tool Demos
- 2008 Salary Survey
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
The most trusted source for computer security training, certification and research.
The instructor changed the way I, a network engineer, thought about questions.
-Mike Dye, PTG
NOTE: Mentor sessions run for 10 weeks, one evening a week for two hours unless otherwise noted below.
Security 503: Intrusion Detection In-Depth
Stafford, TX 77477
Tuesday, July 28, 2009 - Tuesday, September 29, 2009
Course Fee: $2,995.00
| $499.00 | Additional For Proctored Certification † |
| $399.00 | Additional For OnDemand |
* Payment must be RECEIVED by the deadline to receive the posted rate.
Mentor: Mark Stingley
Date:
Tuesday, July 28, 2009
Meeting Time:
6:30 PM - 8:30 PM
Where:
La Quinta Inn & SuitesMentor Bio:
12727 Southwest Freeway
Stafford, TX 77477
Mark Stingley: Mark Stingley has been an information security and technology professional since 1981 when he worked as an operations specialist in the US Navy. Since those days, he has participated all phases of IT from desktop support to relational database application programming, Windows and Unix/Linux systems administration, to begin specializing in network security in 2003.
Mark has the unique ability to weave information security technology, investigative prowess, and military tactics into an exciting tapestry of cutting edge cyber defense.
He currently holds the SANS GCIA, GCIH and GPEN certifications. Mark is currently the senior network security analyst at the University of Texas Health Science Center Houston.
This course prepares you for the GCIA certification ( http://www.giac.org/certifications/security/gcia.php ) which meets the requirement of the DoD 8570 IAT Level III.
Learn practical hands-on intrusion detection and traffic analysis, through SANS Local Mentor Program. This advanced program is newly updated to reflect the latest attack patterns, jam packed with network traces and analysis tips.
This course is not a comparison or demonstration of multiple NIDS. Instead, the knowledge and information provided, allows students to better understand the elements that go into a sound NIDS and the whys behind them. The emphasis of this training is to increase students understanding of the workings of TCP/IP, methods of network traffic analysis and one specific network intrusion detection system Snort. Students will learn from hundreds of examples of detections that were captured in the real world and be able to apply these examples to the analysis of intrusion patterns within their own organizations. The goal of this course - better equip students to make a wise selection for their sites particular needs and put the training they receive into practice the day they get back to the office.
The challenging hands-on exercises are specially designed to be valuable for all experience levels. Students must possess a working knowledge of TCP/IP & Hex and we strongly recommend you spend some time getting familiar with TCPdump, WINdump or another network analyzer output before coming to class. To test your knowledge, please see our TCP/IP & Hex Quizzes at: www.sans.org/conference/tcpip_quiz.php.
SANS Intrusion Detection In-Depth Local Mentor-led course runs for 10 weeks and is divided into seven sections:
- Introduction to SANS and GIAC Certification Orientation
- TCP/IP for Intrusion Detection
- Network Traffic Analysis Using TCPdump - Part 1
- Network Traffic Analysis Using TCPdump - Part 2
- Intrusion Detection Snort Style
- IDS Signatures and Analysis - Part 1
- IDS Signatures and Analysis - Part 2
A frequent question is whether this is a self study or a live course led by a Local Mentor? The answer is "both".
Students study SANS Intrusion Detection In-Depth course books at their own pace. Once a week, you and other professionals in your area, meet with SANS Local Mentor, who will lead class discussions, provide hands-on demonstrations, point out the most salient features, and answer questions. The Mentor's goal is to help you grasp the more difficult material, master the exercises, and prepare you for GCIA certification.
Course Materials:
- Hardcopy SANS Intrusion Detection In-Depth Course Books and CDs
- Local Mentor Program study materials
- Ten Weekly 2-hour Mentor led sessions
Group Discounts:
SANS Local Mentor Program is pleased to offer two (2) or more Students who work at the same organization, a Group Discount tuition fee. To obtain the Group Discount fee and Registration Code offered for this course, contact tuition@sans.org PRIOR to registering and provide the names and e-mail addresses of all the students registering within your organization.
LMP Exclusive Offer:
SANS makes every effort to help you obtain certification. SANS Local Mentor Program extends an exclusive offer to Students who previously attended SANS Intrusion Detection In-Depth after January 1, 2001, but did not complete their GCIA certification.
For details on this special offer, please contact at registration@sans.org with the date and location you attended SANS Intrusion Detection In-Depth course, along with your momgate login ID and e-mail address.
- © 2000-2009 The SANS™ Institute
- Web Privacy Policy | Web Contact |
- Press Room | Trademark Usage Policy