Steve Armstrong to Teach SANS SEC 464

The latest course from SANS, Security 464: "Hacker Detection for Systems Administrators with Continuing Education Program"

This course was written by Senior SANS Instructor John Strand, a long SANS standing instructor who is an excpetionally skilled and dilligent penetration tester.  

What makes this 2 day course stand out is the additional quarterly updates and tool brioefings that are included in the course fees; this ensures the administrators are kept informed and aware of the latest developments in this fast moving area.

For further details and to register for this or any of the other courses at the London Conferece go the the event website. 

From the SANS Website:

Hacker Detection for Systems Administrators - Introductory Two-Day Class

Systems administrators are at the front line of any security architecture. They also know the systems that they manage on a daily basis better than anyone else. However, most systems administrators are NOT security professionals. Making the assumption that they are often leads to many of the security related issues organizations face today.

This course is not designed to make a system administrator into a security geek. But rather, it will help them better understand what is required by security teams and auditors and turn them into the human sensors for malicious activity. The course also focuses strongly on developing the tools and techniques that a systems administrator would need to meet audit and security requirements in as efficient a manner as possible.

This class provides the tools and techniques to bridge the gap and help systems administrator teams meet the needs of security and audit teams - and still do their day jobs.

Topics Covered

• Why bad things happen to good systems administrators: 5 common mis-configurations and mistakes that lead to a system being compromised
• Security methodology and thought process in daily systems administration activities
• A sysadmin's view of what matters in systems architectures
• Security Monitoring: Not knowing makes the auditors and hackers happy
• The hard part - knowing what is normal for Windows and Unix systems
• The harder part - knowing what is abnormal for Windows and Unix systems
• Hardening Windows and Unix systems is easier than you thought
• Command line kung fu for Unix and Windows
• Understanding network traffic for systems administrators
• Malware: Why it is still effective in your environment

Hacker Detection for Systems Administrators - Quarterly Threat & Tool Briefings

Our contributing customers have told us that good training needs to be continuous and needs to build upon the core learning objectives from the introductory two-ay class so that students can leverage and apply what they have learned to real-life situations as they arise. Therefore the introductory two-day class will be followed by a minimum of four Quarterly Threat & Tool Briefings which are included in the initial training fee.

SANS has always promised that what you learn in class today can be applied in your job tomorrow. With this continuous education approach, our instructors will actually show students how to apply the key learning objectives at a minimum of once every three months. This is hands-on training that is fresh and relevant. These updates will be delivered via live Webcast by course author John Strand. It is highly recommended that students utilize this continuing education option to ensure their knowledge is constantly updated to the latest threat vectors.

Students who have entered the Human Sensor Program will have the option to continue the Quarterly Threat & Tool Briefings through payment of an annual fee once they have completed their first four quarterly briefings.