Fundamentals of Incident Handling

Location - US

Carnegie Mellon SEI

http://www.cert.org/training/

This five-day course is designed for computer security incident response team (CSIRT) technical personnel with little or no incident-handling experience. Through interactive instruction and practical exercises, the course provides insight into the type and nature of work that an incident handler typically performs.

Duration  - 5 days

Information Updated:20 Feb 2003

Advanced Incident Handling for Technical Staff

Location - US

Carnegie Mellon SEI

http://www.cert.org/training/

This five-day course is designed for computer security incident response team (CSIRT) technical personnel with several months of incident-handling experience. Building on the methods and tools discussed in the fundamentals course, this course focuses on practical exercises constructed around various incidents involving privileged compromises.

Duration  - 5 days

Information Updated:20 Feb 2003

Track 8: System Forensics, Investigations, and Response

Location - Worldwide

Sans

http://www.sans.org

Beginning with foundation concepts such as file system structures, MAC times, and basic forensic auditing, the content and difficulty level of this track advances rapidly. You'll learn how and when to use various tools such as the UNIX The Coroner's Toolkit (TCT), the Windows Incident Response Collection Report (IRCR), and then quickly move on to advanced forensic and incident response topics and techniques. Five days of intense, hands-on courses, and a deep-knowledge education into legal challenges and issues culminate with an over-the-shoulder view of an investigation performed on a real-world compromised system collected by the Honeynet Project.

Duration  - 6 days

Information Updated:25 Feb 2003

Advanced Linux Forensics

Location: US or on site

Crazytrain

http://www.crazytrain.com/advlinforensics.html

This course is geared towards those with significant Linux knowledge, experience, and understanding. If you are a strong Linux power user and you know and understand at least the very basics of Linux forensics (I.E., have used 'dd' to create images, 'grep' to search, 'loop' to mount image files, etc.) but are wondering what else can Linux do you for you then look over the content below!

Duration  - 5 Days

Information Updated:26 Apr 2003

Computer Forensics and Security Risk Course

Location : US

New Technologies Inc

http://www.forensics-intl.com/forensic.html

The course is ideal for individuals who conduct computer security reviews, computer based internal audits and computer related investigations. The participants in this course typically are employed by government agencies, law enforcement agencies, Fortune 500 corporations and computer consulting firms. They usually have extensive experience in computer operation, DOS, Windows, Windows NT, and Unix. Many of the participants have computer science degrees and advanced degrees. Because computer forensics methods and tools can be used to defeat government and corporate computer security, this training course is not open to the general public.

Duration  - 5 Days

Information Updated:6 Aug 2003

The Computer In Court

Location : US

New Technologies Inc

http://www.forensics-intl.com/expert.html

This course provides the participants with "hands-on" experience in developing and presenting computer evidence testimony in a courtroom setting. It relies upon the sanitized facts and evidence in an actual civil litigation case which involved the theft of trade secrets. In the actual case, NTI's years of experience made the difference in winning the civil case for the client law firm. Because the case scenario involves the theft of trade secrets, the fact pattern could easily pertain to a criminal prosecution. For this reason, the course is perfect for law enforcement and private sector computer forensics specialists.

Duration  - 3 Days

Information Updated:6 Aug 2003

Customized Digital Forensics Workshops

Location: CZ or on site

Risk Analysis Consultants    

http://www.rac.cz/rac/homepage.nsf/EN/ZU-EDU

We offer, as an extension to our standard set of training courses, "Hot-spot workshops" based on your relevant problems. These workshops are oriented to topical problems of digital evidence seizure, documentation, transportation, analysis and interpretation, as well as other similar problems you can run into. They are prepared "on demand" in a few days and we are ready to discuss content, place, dates and terms.

Duration  - custom

Information Updated:09 June 2006

Anti-Hacking for Trojans, Viruses, Patch Mgt & Response

Location: US

Security University, Inc.

http://www.securityuniversity.net

The impact of Zero-day viruses to are nothing compared to what trojans are doing on your networks everyday. This 3-day class is the only hands-on class where you login live to worms, viruses, and trojans without the risk of infecting your network. My Doom, NIMDA, CODE RED and others, learn what they do, work with the best in the industry. Use Confidence On-line, Symantec, NORTON, SOPHOS, MCAFEE and other virus & anti-trojan software in Hands-On labs. You'll uncover the strengths and weaknesses of current anti-virus and anti-trojan software, and become an expert at separating false alarms and website spoofing and phishing from actual incidents and identity theft.

Live patch management demos detail patch management processes, host scans and how to test to ensure the patch took. You'll examine attacks from both the enterprise and hacker points of view. You'll uncover the best tools and techniques for patching, testing and recovery. Core Impact tools for testing are used.

SU labs are designed to give you a chance to apply techniques learned in the class by actually using Windows-based trojan key loggers, worms and viruses while learning solutions for protecting internal and external users from the trojan and virus invasion. You will create a Patch Management Policies Program roadmap that works to contain and mitigate risk using PatchLink Update and establish your "network patching roadmap".

In short, you'll learn everything you need to know to evaluate, create, and implement the patch your virus & trojan incident management program to protect your uses and company and keep your organization up and running.

Duration  - 3 days

Information Updated:24 Aug 2006