Introduction
It costs enterprises worldwide billions of dollars annually to respond to malware, and particularly Ransomware, attacks. So it is increasingly necessary to understand how such software behaves. Ransomware spreads very quickly and is not stealthy; as soon as your data become inaccessible and your systems unstable, it is clear something is amiss. Beyond detection and response, when prevention has failed, understanding the nature of malware, its functional requirements, and how it achieves its goals is critical to being able to rapidly reduce the damage it can cause and the costs of eradicating it.
You Will Learn
- Core components of building a defensible network infrastructure and properly securing your routers, switches, and other network infrastructure
- Formal methods to perform vulnerability assessment and penetration testing to find weaknesses on your enterprise network
- Methods to detect advanced attacks against your network and indicators of compromise on deployed systems, including the forensically sound collection of artifacts and what you can learn from them
- How to respond to an incident using the six-step process of incident response: Preparation, Identification, Containment, Eradication, Recovery, and Lessons Learned
- Approaches to analyzing malware, ranging from fully automated techniques to the manual analysis of static properties, interactive behavior, and code reversing
Course Objectives of Advanced Security Essentials - Enterprise Defender
You Will Be Able To
- Identify network security threats against infrastructure and build defensible networks that minimize the impact of attacks
- Utilize tools to analyze a network to prevent attacks and detect the adversary
- Decode and analyze packets using various tools to identify anomalies and improve network defenses
- Understand how the adversary compromises systems and how to respond to attacks using the six-step incident handling process
- Perform penetration testing against an enterprise to determine vulnerabilities and points of compromise
- Use various tools to identify and remediate malware across your enterprise
Prerequisites of Advanced Security Essentials - Enterprise Defender
While not required, it is recommended that students take SANS' SEC401: Security Essentials: Network, Endpoint, and Cloud course or have the skills taught in that class. This includes a detailed understanding of networks, protocols, and operating systems.
Course Outlines for Advanced Security Essentials - Enterprise Defender
Day 1
Definsible Network Architichuer
- Security Standards and Audit
- Authentication, Authorization, and Accounting
- Defending Network Infrastructure
- Intrusion Prevention Systems and Firewalls
- Name Resolution Attacks and Defense
- Securing Private and Public Cloud Infrastructure
Day 2
Penetration Testing
- Penetration Testing Scoping and Rules of Engagement
- Online Reconnaissance
- Social Engineering
- Network Mapping and Scanning Techniques
- Enterprise Vulnerability Scanning
- Network Exploitation Tools and Techniques
- Post-Exploitation and Pivoting
- Web Application Exploitation Tools and Techniques
- Reporting and Debriefing
Day 3
Security Operation Foundation
- Network Security Monitoring
- Advanced Packet Analysis
- Network Intrusion Detection/Prevention
- Writing Signatures for Detection
- Network Forensics and More
- Event Management Introduction
- Continuous Monitoring
- Logging and Event Collection and Analysis
- SIEM and Analytics
Day 4
Digital Forensics and Incident Response
- Active Defense
- DFIR Core Concepts: Digital Forensics
- DFIR Core Concepts: Incident Response
- Modern DFIR
- Widening the Net: Scaling and Scoping
Day 5
Malware Analysis
- Introduction to Malware Analysis
- Malware Analysis Stages: Fully Automated and Static Properties Analysis
- Malware Analysis Stages: Interactive Behavior Analysis
- Malware Analysis Stages: Manual Code Reversing
About Rome
As cosmopolitan and diverse as it is rooted in its own history, Rome is one of the premier tourist destinations in the world. Featuring some of the best restaurants on the continent, some of the most iconic historic sites in Europe, the city is widely regarded as one of the most exciting and dynamic places to visit anywhere. The center of the Renaissance, the city houses some of the most famous works of art in the world and remains an important cultural hub to this day. Famous for art, fashion, it's delicious local cuisine, and superbly preserved monuments, Rome truly offers something for everyone.
Things to do and places to visit in Rome
When disembarking, the first thing that can prove pleasantly challenging is deciding on what to do first! An exceptional array of hotels and inns are available to any weary traveler, as are a superb range of restaurants for those wanting to relax surrounded by the hustle and bustle of Rome in the evening. You can spend the day walking streets steeped in history, visiting galleries that contain works by Caravaggio and Michelangelo or exploring the awe-inspiring Colosseum. The city contains many beautifully maintained parks and gardens, as well as a vast collection of beautiful churches and cathedrals, ensuring that a trip to Rome will be a memorable experience for anyone.
Things to do when taking flights to Rome include:
- Standing inside the magnificent Colosseum.
- Gazing in awe at the stunning Castel Sant'Angelo.
- Visiting the incredible Pantheon, one of the best-maintained buildings from the Roman era.
- Stopping at the center of the Piazza del Popolo, one of the most beautiful squares in Europe.
- Walking the beautiful gardens of Villa Borghese.
- Admiring the vast, intricately carved Column of Marcus Aurelius.
- Wandering the Forum Romanum, ruins from the Ancient Roman period.
- Exploring some of the greatest art collections in Europe.
- Crossing the river on the remarkably-constructed Bridge of Angels.
- Sampling the world famous local cuisine.