Introduction
It costs enterprises worldwide billions of dollars annually to respond to malware, and particularly Ransomware, attacks. So it is increasingly necessary to understand how such software behaves. Ransomware spreads very quickly and is not stealthy; as soon as your data become inaccessible and your systems unstable, it is clear something is amiss. Beyond detection and response, when prevention has failed, understanding the nature of malware, its functional requirements, and how it achieves its goals is critical to being able to rapidly reduce the damage it can cause and the costs of eradicating it.
You Will Learn
- Core components of building a defensible network infrastructure and properly securing your routers, switches, and other network infrastructure
- Formal methods to perform vulnerability assessment and penetration testing to find weaknesses on your enterprise network
- Methods to detect advanced attacks against your network and indicators of compromise on deployed systems, including the forensically sound collection of artifacts and what you can learn from them
- How to respond to an incident using the six-step process of incident response: Preparation, Identification, Containment, Eradication, Recovery, and Lessons Learned
- Approaches to analyzing malware, ranging from fully automated techniques to the manual analysis of static properties, interactive behavior, and code reversing
Course Objectives of Advanced Security Essentials - Enterprise Defender
You Will Be Able To
- Identify network security threats against infrastructure and build defensible networks that minimize the impact of attacks
- Utilize tools to analyze a network to prevent attacks and detect the adversary
- Decode and analyze packets using various tools to identify anomalies and improve network defenses
- Understand how the adversary compromises systems and how to respond to attacks using the six-step incident handling process
- Perform penetration testing against an enterprise to determine vulnerabilities and points of compromise
- Use various tools to identify and remediate malware across your enterprise
Prerequisites of Advanced Security Essentials - Enterprise Defender
While not required, it is recommended that students take SANS' SEC401: Security Essentials: Network, Endpoint, and Cloud course or have the skills taught in that class. This includes a detailed understanding of networks, protocols, and operating systems.
Course Outlines for Advanced Security Essentials - Enterprise Defender
Day 1
Definsible Network Architichuer
- Security Standards and Audit
- Authentication, Authorization, and Accounting
- Defending Network Infrastructure
- Intrusion Prevention Systems and Firewalls
- Name Resolution Attacks and Defense
- Securing Private and Public Cloud Infrastructure
Day 2
Penetration Testing
- Penetration Testing Scoping and Rules of Engagement
- Online Reconnaissance
- Social Engineering
- Network Mapping and Scanning Techniques
- Enterprise Vulnerability Scanning
- Network Exploitation Tools and Techniques
- Post-Exploitation and Pivoting
- Web Application Exploitation Tools and Techniques
- Reporting and Debriefing
Day 3
Security Operation Foundation
- Network Security Monitoring
- Advanced Packet Analysis
- Network Intrusion Detection/Prevention
- Writing Signatures for Detection
- Network Forensics and More
- Event Management Introduction
- Continuous Monitoring
- Logging and Event Collection and Analysis
- SIEM and Analytics
Day 4
Digital Forensics and Incident Response
- Active Defense
- DFIR Core Concepts: Digital Forensics
- DFIR Core Concepts: Incident Response
- Modern DFIR
- Widening the Net: Scaling and Scoping
Day 5
Malware Analysis
- Introduction to Malware Analysis
- Malware Analysis Stages: Fully Automated and Static Properties Analysis
- Malware Analysis Stages: Interactive Behavior Analysis
- Malware Analysis Stages: Manual Code Reversing
About Istanbul
Few places compare to the vibrant, cosmopolitan city of Istanbul, whose enormous size straddles both Europe and Asia, forming a bridge between western and eastern cultures. Resting upon the natural harbor of the Golden Horn, the skyline of the once-Constantinople is pierced with minarets and ancient monuments that embody centuries of history. While it is brimming with historical landmarks and colorful markets, modern Istanbul is also well represented through its contemporary art scene, European-style café culture, world-class dining venues.
Things to do and places to visit in Istanbul
Istanbul is teeming with attractions and landmarks from historic sights and unique cuisine to lively markets and unmistakable culture. It is a thriving city, with a myriad of things to do that skillfully manage to blend every aspect of both the contemporary and the historical world.
On a city break in Istanbul be sure to:
- Visit a hammam, a traditional Turkish bath, whose origins date back to Roman times.
- Marvel at the Hagia Sophia, Süleymaniye Mosque and Blue Mosque, Istanbul's most spectacular monuments that dominate the skyline.
- Explore the Topkapi Palace Museum, one of Istanbul's most visited museums, home to over 80,000 artifacts.
- Walk through the Basilica Cistern, an underground marvel built in the 4th century.
- Be dazzled by the Grand Bazaar, one of the world's oldest and largest covered markets.
- Go shopping for exotic products and Turkish delights in the Spice Bazaar.
- Cross the bridge connecting Europe and Asia against the backdrop of the Bosphorus, or take a Bosphorus cruise.
- Taste the diversity and flavor of Turkish cuisine.
- Admire panoramas of the city from the Galata Tower.
- Walk through Taksim Square, the city's dynamic square that never sleeps.