Security West 2018
San Diego, CA | Fri, May 11 - Fri, May 18, 2018
Due to high demand for Security training at SANS Security West 2018, the following courses will take place at the Marriott Marquis San Diego Marina: SEC503, SEC505, SEC542, MGT414, MGT512, and MGT517. The hotel neighbors the Manchester Grand Hyatt and is accessible from both Harbor Drive and the Bayfront. Courseware Distribution and Event Check-In for these six courses will take place at the Marriott Marquis San Diego on: Thursday, May 10 from 5:00 p.m. to 7:00 p.m. and Friday, May 11 from 7:00 a.m. to 9:00 a.m. Badge and Courseware Distribution for these classes will only be available at the Marriott Marquis San Diego Marina. We are hosting the "Welcome to SANS Talk" on the morning of Friday, May 11 at each venue but all additional SANS@Night presentations will take place at the Manchester Grand Hyatt. Please check the schedule tab for the bonus sessions. We thank you in advance for your understanding.
MGT512: SANS Security Leadership Essentials For Managers with Knowledge Compression™
Fri, May 11 - Tue, May 15, 2018
This course is highly useful for giving me a sound baseline of technical and general skills to help me manage an effective team.
Was able to merge management skills and techical materials in one a simple format.
This completely updated course is designed to empower advancing managers who want to get up to speed quickly on information security issues and terminology. You won't just learn about security, you will learn how to manage security. Lecture sections are intense; the most common student comment is that it's like drinking from a fire hose. The diligent manager will gain vital, up-to-date knowledge and skills required to supervise the security component of any information technology project. Additionally, the course has been engineered to incorporate the NIST Special Publication 800 (series) guidance so that it can be particularly useful to US government managers and supporting contractors.
Essential security topics covered in this management track include: network fundamentals and applications, power, cooling and safety, architectural approaches to defense in depth, cyber attacks, vulnerability assessment and management, security policies, contingency and continuity planning, awareness management, risk management analysis, incident handling, Web application security, offensive and defensive information warfare, culminating with our management practicum. The material uses Knowledge Compression™, special charts, and other proprietary SANS techniques to help convey the key points of critical slides and keep the information flow rate at a pace senior executives demand every teaching hour of the course. The course has been evaluated and approved by CompTIA's CAQC program for Security + 2008 to ensure that managers and their direct reports have a common baseline for security terminology and concepts. You will be able to put what you learn into practice the day you get back into the office.
- Establish a minimum standard for IT security knowledge, skills, and abilities. In a nutshell, this course covers all of the non-operating system topics that are in SANS Security Essentials, though not to the same depth. The goal is to enable managers and auditors to speak the same language as system, security, and network administrators.
- Establish a minimum standard for IT management knowledge, skills, and abilities. I keep running into managers that don't know TCP/IP, and that is OK; but then they don't know how to calculate total cost of ownership (TCO), leaving me quietly wondering what they do know.
- Save the up-and-coming generation of senior and rapidly advancing managers a world of pain by sharing the things we wish someone had shared with us. As the saying goes, it is OK to make mistakes, just make new ones.
Notice:
Please note that some course material for SEC401 and MGT512 may overlap. We recommend SEC401 for those interested in a more technical course of study, and MGT512 for those primarily interested in a leadership-oriented but less technical learning experience.
This course prepares you for the GSLC certification which meets the requirement of the DoD 8570 IAM Level 1, 2, 3.
This course features Knowledge Compression™
Course Syllabus
MGT512.1: Managing the Enterprise, Planning, Network, and Physical Plant
G. Mark Hardy
Fri May 11th, 2018
9:00 AM - 6:00 PM
Overview
The course starts with a whirlwind tour of the information an effective IT security manager must know to function in today's environment. We will cover safety, physical security, and how networks and the related protocols like TCP/IP work and equip you to review network designs for performance, security, vulnerability scanning, and return on investment. Learn more about secure IT operations in a single day than you ever thought possible.
CPE/CMU Credits: 7
Topics
Topics
- Budget Awareness and Project Management
- The Network Infrastructure; Computer and Network Addressing
- IP Terminology and Concepts
- Vulnerability Management
- Managing Physical Safety, Security & the Procurement Process
MGT512.2: IP Concepts, Attacks Against the Enterprise and Defense-in-Depth
G. Mark Hardy
Sat May 12th, 2018
9:00 AM - 6:00 PM
Overview
Learn information assurance foundations, which are presented in the context of both current and historical computer security threats, and how they have impacted confidentiality, integrity, and availability. You will learn the methods of attack and the importance of managing attack surface.
CPE/CMU Credits: 7
Topics
Topics:
- Attacks Against the Enterprise
- Defense in Depth
- Managing Security Policy
- Access Control and Password Management
MGT512.3: Secure Communications
G. Mark Hardy
Sun May 13th, 2018
9:00 AM - 6:00 PM
Overview
Examine various cryptographic tools and technologies and how they can be used to secure a company's assets. A related area called steganography, or information hiding, is also covered. Learn how malware and viruses often employ cryptographic techniques in an attempt to evade detection. We will learn about managing privacy issues in communications, and investigate Web application security.
CPE/CMU Credits: 7
Topics
Topics:
- Cryptography
- Wireless Network Security
- Steganography
- Managing Privacy
- Web Communications and Security
- Operations Security, Defensive and Offensive Methods
MGT512.4: The Value of Information
G. Mark Hardy
Mon May 14th, 2018
9:00 AM - 6:00 PM
Overview
On this day, we consider the most valuable resource an organization has - its information. You will learn about intellectual property, incident handling, and how to identify and better protect the information that is the real value of your organization. We will then formally consider how to apply everything we have learned as well as practice briefing management on our risk architecture.
CPE/CMU Credits: 7
Topics
Topics:
- Managing Intellectual Property
- Incident Handling Foundations
- Information Warfare
- Disaster Recovery/Contingency Planning
- Managing Ethics
- IT Risk Management
MGT512.5: Management Practicum
G. Mark Hardy
Tue May 15th, 2018
9:00 AM - 4:00 PM
Overview
In the fifth and final day, we pull it all together and apply the technical knowledge to the art of management. The management practicum covers a number of specific applications and topics concerning information security. We'll explore proven techniques for successful and effective management, empowering managers to immediately apply what you've been taught your first day back at the office.
CPE/CMU Credits: 5
Topics
Topics:
- The Mission
- Globalization
- IT Business and Program Growth
- Security and Organizational Structure
- The Total Cost of Ownership
- Negotiations
- Fraud
- Legal Liability
- Technical People
Additional Information
Testimonial
"Thanks for a great class in Las Vegas! After taking your class I have been able to start the following projects:
- Two-Factor authorization for remote users.
- Web Filtering.
- Intrusion detection systems for our internet facing offices.
- Security awareness program. "
Jerry Farnstrom, Information Security Manager, Long Term Care Group Inc.
Laptop Required
This course leverages the SANS Learning On Demand Lab Platform in which all labs will be browser-based. The following are key requirements for optimal lab experience:
Operating System
Students must bring a laptop to class running any of the following OS families:
- Windows 7, 8.1 or 10
- MacOS Mavericks, Yosemite, El Capitan, Sierra or High Sierra
- For troubleshooting purposes, we recommended that you have local administrator rights on your laptop
- If using a touchscreen device without a built-in mouse, an external mouse is required
Browser
The following browsers are supported:
- Microsoft Edge
- Google Chrome
- Mozilla Firefox
- Internet Explorer 11 (recommended for non-US keyboards)
VPN
If using a corporate VPN, you must disable it for the duration of this course. Corporate VPNs will prevent you from connecting to the in-class lab platform.
DNS
You must use the DNS server supplied by the in-class lab platform's DHCP server. Using alternative DNS servers like Google's Public DNS (8.8.8.8) or OpenDNS (208.67.222.222) will prevent you from connecting to the in-class lab platform.
Hardware
- x86-compatible or x64-compatible 2.0 GHz CPU minimum or higher
- 4 GB RAM minimum with 8 GB or higher recommended
- 802.11N or 802.11AC WiFi Adapter
During the course, you will be connecting to a network filled with security experts! As a best practice, do not have any sensitive data stored on the system. SANS is not responsible for your system if someone in the class attacks it during the course.
By bringing the right equipment and preparing in advance, you can maximize what you will see and learn, as well as have a lot of fun.
If you have additional questions about the laptop specifications, please contact laptop_prep@sans.org.
Who Should Attend
- All newly-appointed information security officers
- Technically-skilled administrators that have recently been given leadership responsibilities
- Seasoned managers who want to understand what your technical people are telling you
Course Preparation
This course is taught MBA style and students are expected to be ready to work on the in-class exercises by preparing prior to the first day of instruction. When you enroll in MGT512, we suggest you review the following items before the course begins:
What You Will Receive
In this course, you will receive the following:
- MP3 audio files of the complete course lecture
You Will Be Able To
- Establish a minimum standard for IT security knowledge, skills, and abilities. In a nutshell, this course covers all of the non-operating system topics that are in SANS Security Essentials, though not to the same depth. The goal is to enable managers and auditors to speak the same language as system, security, and network administrators.
- Establish a minimum standard for IT management knowledge, skills and abilities. I keep running into managers that do not know TCP/IP, and that is okay; but then they do not know how to calculate total cost of ownership (TCO), leaving me quietly wondering what they do know.
- Save the up-and-coming generation of senior and rapidly advancing managers a world of pain by sharing the things we wish someone had shared with us. As the saying goes, it is okay to make mistakes, just make new ones.
Author Statement
When SANS designed the Security Leadership for Managers course, we chose to emulate the format utilized by many executive MBA programs. While core source material is derived from our highly regarded SANS Security Essentials program, we decided to focus this program on the big picture of securing the enterprise: network fundamentals, security technologies, using cryptography, defense-in-depth, policy development, and management practicum. This course includes executive briefings designed to present a distilled summary of vitally important information security topics like operating system security and security threat forecasts. Ultimately, the goal of this program is to ensure that managers charged with the responsibility for information security can make informed choices and decisions that will improve their organization's security.
