The most trusted source for computer security training, certification and research.

select a course
Tysons Corner, VA - March 12 - 18, 2007
Global Information Assurance Certification

SANS delivers the best training I have seen in the industry.
-Brian Hughes, Idaho State University

SECURITY 309

Intro to Information Security

Monday, March 12, 2007 - Saturday, March 17, 2007
Rick Smith, SAIC
6 CPE Credits per day
SANS is the MIT of Information Security and this introduction certification track is the fastest possible way to get up to speed on the terminology and concepts of information security. Understand the threats and risks to information resources and identify generally accepted best practices. Master risk management, security management, access controls, attacks and counter measures, secrecy and privacy, along with auditing concepts.

We then move to the basics of computers and networking as we discuss the Internet Protocol, routing, Domain Name Service, and network devices along with a plethora of security considerations. After covering the basics of cryptography, we look at policy as a tool to effect change in their organizations. In the last two days of the course, put it all together with defense in-depth style.

If you're a freshman in the field of information security, this is the course for you! You will develop the skills to bridge the gap that often exists between managers and system administrators and communicate effectively with personnel in all departments and at all levels within your organization.

This is the track SANS offers for the professional just starting out in security. If you have experience in the field, please consider our more advanced offerings such as Security Essentials, SEC 401.
  • Who Should Attend
    • Professionals who need to hit the ground running and need an overview of information assurance
    • Managers, Information Security Officers and System Administrators who need an overview of risk management and defense in depth techniques
    • Anyone who writes, implements, or must adhere to policy, disaster recovery or business continuity
  • Sampling of Topics
    • Understanding the Concepts
    • Fundamental Principles and Strategies
    • Physical Security
    • Rounding out the ISO Stack
    • Digital Signatures
    • Steganography
    • Public Key Infrastructure
    • Making Security Possible
    • Dealing with Technology
    • Security Awareness
    • The Site Security Plan
    • Introduction to the Hypothetical Organization
    • Developing Security Policies and Procedures

Wow! It's an incident handler's Christmas morning, tools, tools, tools. Very Applicable!
-Todd Davis, Symantec

Author Statement

A good friend of mine once said, "A little security is better than no security." If your organization is in either situation (little or no security) and you want to make a difference in a positive way, this track is a great place to start. If your organization has already made an investment in security, this is a great opportunity to compare notes with others and identify how to maximize the return on your investment. Written and taught by battle-scarred security veterans, the track covers a broad spectrum of security topics and is liberally sprinkled with real life examples. A balanced mix of technical and managerial issues makes this track attractive and beneficial to a wide range of attendees.

Ten years ago I accepted the position of "number one spear catcher" (the head security guy) for our organization. I asked about training and my predecessor told me that the agency would provide training, but suggested that I work for six months to get some "real world experience to compare against the theory." It was a long and frustrating six months and the training was less than helpful. Eight years later when SANS offered to let me help write and teach this track, I literally jumped at the opportunity. Every time I teach it, I'm excited and I enjoy it as much as the attendees. Its been very gratifying.

- Fred Kerby