Masterclass: Implementing Enhanced Securing Operations

NY, USA
January 25th – 26th 2018

Inquire Now

Why are we doing this?

The secure infrastructure configuration should be the most important line of defense in every organization. Unfortunately, people, the most valuable resource, are not always aware of the level of security in their companies, possible points of entry, how operating systems are attacked, and how to protect the infrastructure from successful attacks which are sometimes caused by configuration mistakes. Understanding internal OS protection mechanisms and services/roles completely provides a huge impact on the whole infrastructure security level. Unfortunately, the problem is… rarely anyone has this impact!

Course Syllabus

Click here to browse the modules:

Module 1

Introduction to Incident Response and Handling

  • Types of Computer Security Incidents
  • Examples of Computer Security Incidents
  • Signs of an Incident
  • Incident Prioritization, Response and Handling

Module 2

System and Network Security Mechanisms

  • Anti-malware & Firewalls
  • Application Whitelisting, Application Virtualization
  • Whole Disk Encryption
  • Privileges, permissions and rights
  • Passwords security (techniques for getting and cracking passwords)
  • Network Infrastructure – Routers, Switches, DHCP, DNS

Module 3

Incident Response and Handling Steps

  • How to Identify an Incident
  • Handling Incidents Techniques
  • Incident Response Team Services
  • Defining the Relationship between Incident Response, Incident Handling, and Incident Management
  • Incident Response Best Practices, Policy and Plan Checklist

Module 4

Handling Network Security Incidents

  • Denial-of-Service Incidents
  • Unauthorized Access Incident
  • Inappropriate Usage Incidents
  • Multiple Component Incidents
  • Network Traffic Monitoring Tools

Module 5

Handling Malicious Code Incidents

  • Virus, Worms, Trojans and Spywares
  • Incident Handling Preparation and Prevention
  • Detection of Malicious Code
  • Evidence Gathering and Handling
  • Eradication and Recovery

Module 6

Securing Monitoring Operations

  • Industry Best Practices
  • Vulnerability Scanning
  • Monitoring Patching, Applications, Service Logs
  • Configuring Centralized Windows Event Log Collection
  • Scripting and Automation

Module 7

 Forensics Basics

  • Computer Forensics
  • Types of Computer Forensics
  • Computer Forensic Process
  • Forensic Analysis Guidelines and Tools
  • Finding data and activities in memory

 

Prerequisites

Experience

You should have good hands-on experience in administering Windows infrastructure with at least 8 years in the field.

Knowledge

You should have good understanding of how operating system works.

Learning

Ideally you should have read “Windows Internals” by Mark Russinovich book.