The most trusted source for computer security training, certification and research.

Global Information Assurance Certification

SANS provides an unbiased view of the technical issues we face today.
-Mark Towers, Nokia

NOTE: Mentor sessions run for 10 weeks, one evening a week for two hours unless otherwise noted below.
Security 504: Hacker Techniques, Exploits and Incident Handling

Mentor SANS in Cork at Trend Micro - SEC 504

Wednesday, October 24, 2007 - Wednesday, December 12, 2007, Cork, IE

CLOSED

Course Fee: €2,495.00

€400.00 Additional For Proctored Certification †

* Payment must be RECEIVED by the deadline to receive the posted rate.

Mentor: Robert McArdle
Dates:  Wednesday, October 24, 2007 - Wednesday, December 12, 2007
Meeting Time:  6:30 PM - 9:30 PM
Where:

Trend Micro, Business and Technology Park
Model Farm Road
Cork, Ireland
Mentor Bio:
 Robert McArdle: Robert McArdle is currently working as an AntiVirus Engineer for Trend Micro Trendlabs, where he is involved in analyzing the latest malware threats, in addition to researching the future threat landscape. Prior to this Robert worked as part of Symantecs Security Response department, where he gave many press presentations on Mobile Device Malware. He is a graduate of Trinity College Dublin and Dublin City University where he completed a M.Sc in Security and Forensics Computing. He holds both GCIH and GREM qualifications from SANS and serves on the SANS Advisory Board. He is very interested in the current phenomenon of Web Threats in addition to Malware which targets mobile devices.

This course prepares you for the GCIH certification ( http://www.giac.org/certifications/security/gcih.php ) which meets the requirement of the DoD 8570 IAT Level III.

No organization can fight back against cyber attacks if their security and system administration staff does not know how the most current attacks are launched and the technical details that allow the attacks to be blocked.

That's why SANS Security 504, Hacker Techniques, Exploits and Incident Handling is SANS second most popular course. What is not well known, SANS Hacker Techniques course is *much* better than courses offered by other organizations, because SANS teaches you not only how to use the attack tools (as others do), but also how to stop the attacks (as others fail to do). By helping you understand attackers' tactics and strategies in detail, giving you hands-on experience in finding vulnerabilities and discovering intrusions, and equipping you with a comprehensive incident handling plan, the in-depth information in Security 504 helps you turn the tables on computer attackers.

This course addresses the latest cutting-edge insidious attack vectors and the oldie-but-goodie attacks that are still so prevalent, and everything in between. Instead of merely teaching a few hack-attack tricks, this course includes a time-tested, step-by-step process for responding to computer incidents, a detailed description of how attackers undermine systems so you can prepare, detect, and respond to them, and a hands-on workshop for discovering holes before the bad guys do. Additionally, the course explores the legal issues associated with responding to computer attacks, including employee monitoring, working with law enforcement, and handling evidence.

The SANS Hacker Techniques, Exploits and Incident Handling course runs for 10 weeks and is divided into 7 sections:

  • Introduction to SANS and GIAC Certification Orientation
  • Incident Handling Step-by-Step Computer Crime Investigation
  • Computer and Network Hacker Exploits, Part 1
  • Computer and Network Hacker Exploits, Part 2
  • Computer and Network Hacker Exploits, Part 3
  • Computer and Network Hacker Exploits, Part 4
  • Part 6: Hacker Tools Workshop
This challenging course is particularly well suited to individuals who lead or are a part of an incident handling team. Furthermore, general security practitioners, system administrators, and security architects will benefit by understanding how to design, build, and operate their systems to prevent, detect, and respond to attacks. Security 504 will prepare you for the GIAC Certified Incident Handler (GCIH) certification.

A frequent question is whether this is a self study or a live course led by a Local Mentor? The answer is "both".

Students study SANS Hacker Techniques, Exploits and Incident Handling course books at their own pace. Each week, students meet with other professionals in the area and SANS Local Mentor, who will lead class discussions, provide hands-on demonstrations, point out the most salient features, and answer questions. The Mentor's goal is to help you grasp the more difficult material, master the exercises, and prepare you for the GCIH certification.

Course Materials:

  • Hardcopy SANS Hacker Techniques, Exploits and Incident Handling course books
  • Local Mentor Program study materials
  • Ten Weekly 2-hour Mentor led sessions
All Students will receive 4 months access to their online study materials at the start of their 2nd Class session.

Group Discounts:
SANS Local Mentor Program is pleased to offer two (2) or more Students who work at the same organization, a Group Discount tuition fee. To obtain the Group Discount fee and Registration Code offered for this course, contact tuition@sans.org PRIOR to registering and provide the names and e-mail addresses of all the students registering within your organization.

LMP Exclusive Offer:
SANS makes every effort to help you obtain certification. SANS Local Mentor Program extends an exclusive offer to Students who previously attended SANS Security 504, Hacker Techniques, Exploits and Incident Handling after January 1, 2001, but did not complete their GCIH certification.

For details on this special offer, please contact at registration@sans.org with the date and location you attended SANS Hacker Techniques course, along with your momgate login ID and e-mail address.