The most trusted source for computer security training, certification and research.

Global Information Assurance Certification

I have attended several of SANS rivals and SANS blew them away!
-Alton Thompson, US Marines

AUDIT 410

IT Security Audit and Control Essentials

6 CPE Credits per day
This hands-on course will help you get started in the field of information technology and security auditing. During the week we will examine or work with tools ranging from such things as URLScan (a part of Microsoft's IIS Security Wizard) and various CIS Scoring Tools to HFNetCheck (hfnetchk.exe) and Unix syslog, helping the student to see how each of these can be applied in security and audit validation. In the SANS Audit Essentials course, we feel that we have put together a very strong audit training program, giving both audit theory and strong technical details. It covers the essentials of security, compliance and IT auditing, everything you need, nothing you don't. As each topic is discussed in the class, the course will strive to first teach the underlying theories and then explain how and what about these topics require the attention of an auditor or compliance officer. The course is presented hands-on so that students can receive the most benefit by actually trying what is described in the lectures!
Author Statement

In the information assurance and validation field, there is a real need for qualified auditors. Without professionals who can help us to see how well were performing security tasks, we create blind spots in our security vision, believing that we are perhaps more secure than we are. The trouble is finding a source of comprehensive information security information as it applies to auditing. This class was created to address this specific need and allows an attendee to leave with all of the key security principles and concepts from security essentials coupled with a clear understanding of how to apply them to information assurance and auditing.
- David Hoelzer