- Training
- Training Live Events
- Training Without Travel
- Security Courses
- Security Curricula
- Certified Instructors
- Training Calendars
- SANS vLive! / SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- Coins
- SANS Onsite
- SANS SelfStudy
- SANS Summit Series
- SANS Partnership Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- List of Resources
- Top 20 List
- Top 25 Programming Errors
- 20 Coolest Jobs
- Application Security Procurement Language
- Top 10 Security Trends
- Top 5 Essential Log Reports
- Reading Room
- Webcasts
- AudioCasts
- WhatWorks
- Newsletters
- RSS Feeds
- Calendar Feeds
- Security Thought Leaders
- Security Policy Project
- Security+ Study Guide
- SANS Buyers Guide
- Security Tool Demos
- 2008 Salary Survey
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
The most trusted source for computer security training, certification and research.
Security 508: Computer Forensics, Investigation, and Response
SANS vLive! SEC508 - 201003Webcast Classroom Training
Tuesday, March 23, 2010 - Thursday, April 29, 2010
| Course Fees | Payment Deadline |
| $3,095.00 | Through Wednesday, February 17, 2010 * |
| $3,245.00 | After Wednesday, February 17, 2010 * |
| $3,495.00 | After Wednesday, February 24, 2010 |
| $499.00 | Additional For Proctored Certification † |
| $399.00 | Additional For OnDemand |
Instructor: Rob Lee
Start Date: Tuesday, March 23, 2010
End Date: Thursday, April 29, 2010
Meeting Times: 7:00 PM - 10:00 PM EDT
Meeting Days
- Tuesday, March 23
- Thursday, March 25
- Tuesday, March 30
- Thursday, April 1
- Tuesday, April 6
- Thursday, April 8
- Tuesday, April 13
- Thursday, April 15
- Tuesday, April 20
- Thursday, April 22
- Tuesday, April 27
- Thursday, April 29
World Wide Web
Secure Site Requires Login ID & Password
Bio:
Rob Lee: Rob Lee is a director for MANDIANT (www.mandiant.com), a leading provider of information security consulting services and software to Fortune 500 organizations and the U.S. government. Rob is also the curriculum lead for digital forensic training at the SANS Institute (forensics.sans.org). Rob has more than 13 years' experience in computer forensics, vulnerability and exploit discovery, intrusion detection/prevention, and incident response. Rob graduated from the U.S. Air Force Academy and served in the U.S. Air Force as a founding member of the 609th Information Warfare Squadron, the first U.S. military operational unit focused on information operations. Later, he was a member of the Air Force Office of Special Investigations where he conducted computer crime investigations, incident response, and computer forensics. Prior to joining MANDIANT, he directly worked with a variety of government agencies in the law enforcement, U.S. Department of Defense, and intelligence communities as the technical lead for a vulnerability discovery and exploit development team, lead for a cyber forensics branch, and lead for a computer forensic and security software development team. Rob also coauthored the bestselling book Know Your Enemy, 2nd Edition. Rob earned his MBA from Georgetown University in Washington DC. Finally, Rob was awarded the Digital Forensic Examiner of the Year from the Forensic 4Cast 2009 Awards.
Unpatched, unprotected computers connected to the internet are compromised in less than three days! In the commercial sector, TJ Maxx, Hannaford, and TD Ameritrade are victims of large-scale data breaches and intrusions. From these attacks, personal or account information of more than 100 million individuals has been compromised. In the government sector, cyber attacks on government agencies and contractors, originating from China, have proved difficult to suppress. In both situations, incident response and mitigation, class action lawsuits, and fines place remediation costs in the billions of dollars.
Security 508: Computer Forensics, Investigation, and Response will give you a firm understanding of computer forensics tools and techniques to investigate data breach intrusions, tech-savvy rogue employees, advanced persistent threats, and complex digital forensic cases.
Utilizing advances in spear phishing, web application attacks, and persistent malware these new sophisticated attackers advance rapidly through your network. Forensic investigators must master a variety of operating systems, investigation techniques, incident response tactics, and even legal issues in order to solve challenging cases. Security 508: Computer Forensics, Investigation, and Response will teach you critical forensic analysis techniques and tools in a hands-on setting for both Windows- and Linux-based investigations.
We will examine various investigation methodologies and techniques, discovering new places to find evidence and discover the tracks of a cyber criminal or hacker, who is trying to stay hidden inside your network.
Learning more than just how to use a forensic tool, you will be able to demonstrate how the tool functions step-by-step. You will become skilled with new tools, such as the Sleuthkit, Foremost, and the HELIX3 Pro Forensics Live CD. SANS hands-on technical course arms you with a deep understanding of the forensic methodology, tools, and techniques to solve advanced computer forensics cases.
FIGHT CRIME. UNRAVEL INCIDENTS... ONE BYTE AT A TIME. We not only teach a firm understanding of the computer forensics tools and techniques, we also teach you the legally approved forensic methodology that will result in success.
Computer Forensics Course Prerequisites
Strong recommendation: Each student should attend Security 408: Computer Forensic Essentials prior to taking this course or have equivalent digital forensic experience in the field. This course is a designed to be a perfect follow on for those that have already attended Security 408: Computer Forensic Essentials.
If you are just beginning in computer forensics or information security, then this course is not appropriate for you as the basics of computer forensics, system administration, and hacker techniques will not be covered.
You will Receive with this Course
Free SANS Investigative Forensic Toolkit (SIFT) Advanced
As a part of this course you will receive a SANS Investigative Forensic Toolkit (SIFT) Advanced, you will gain first-hand experience in collecting and analyzing evidence recovered from a system under investigation. The toolkit consists of:
- Hard Drive USB mini adapter kit for SATA/IDE hard drives 1.8"/2.5"/3.5"/5.25" (Read and Write)
- SANS VMware based Forensic Analysis Workstation
- Course DVD loaded with case examples, tools, and documentation
- Best-selling book "File System Forensic Analysis" by Brian Carrier
- New Addition! The SIFT Kit Advanced will now include a single version Helix3 Pro that will be individually licensed to each student.
- Works on Mac OS X, Windows, and Linux.
- Simplified Live Analysis with both Memory and Disk Acquisition
- Built in Memory Analysis
- Boots most Intel x86 machines including Mac OS X
SANS Computer Forensic Website - forensics.sans.org
The learning does not end when class is over. SANS Computer Forensic Website is a community-focused site offering digital forensics professionals a one-stop forensic resource to learn, discuss and share current developments in the field. It also provides information regarding SANS forensics training, GIAC certification, and upcoming events. Visit http://forensics.sans.org. New content is added regularly, so please visit often. In addition, do not forget to share this information with your fellow forensic professionals.
Full Course Description >>- © 2000-2009 The SANS™ Institute
- Web Privacy Policy | Web Contact |
- Press Room | Trademark Usage Policy