From: The SANS Institute (sanssans.org)
Date: Wed Dec 03 2003 - 19:00:49 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SANS Training and GIAC Certification Update
Edition 16 - December 3, 2003

As SANS and GIAC continue to grow we write these updates so that you
can remain aware of our new products and changes in the way we do
business. If you can take five minutes to read this update, it will
help you get the most out of SANS and GIAC. S.N.

Table of Contents:
1. Plan Ahead for Two New Training Tracks
2. SANS Security Leadership Update
3. SANS Newest Legal Course: Legal Issues in Computer Security
4. CIS Gold Standard Training
5. Oracle Course Coming Soon
6. Honeypots: Tracking Hackers
7. Hacker Refresher Courses in 2004
8. Instructor Led Online Training Sessions begin in January
9. Online PDF and MP3 Courseware Are Included in Tuition
10. New Step by Step Guides: Solaris, Business Law & Computer Security
11. GIAC Prep Teaching Kits for SANS Track 9
12. Passing GIAC Exams
13. How to Tell if Someone is Really Certified
14. GIAC Study Hall Premieres at CDI East
15. Finishing School offers Course Review and GIAC Exams
16. Final Announcement: National Information Assurance Leadership (NIAL)
    Briefings
17. Final Call For Papers: SANS2004 - Disneyworld, Orlando April 1 - 7, 2004
18. Stephen's Picks for Small Class Sizes

************************************************************************

1. Plan Ahead for Two New SANS Training Tracks

We want you to know in advance that we are expanding our training
program with two new six-day tracks for you to consider in planning next
year's training agenda.

a) Track 13: SANS Consulting Class. Designed for security
professionals who have acquired experience and technical expertise,
Consulting Class will prepare you to re-enter the Information Security
field as consultants. A short version of this track has already been
tested, and the full track will debut at SANS2004 in Orlando. Please
note that this course is designed for the diligent, highly motivated
student. It includes take home "labs" to be completed each evening to
master the business of security.

b) Track 14: SANS CISSP 10 Domains +S. This course is expanding to
a full six-day SANS training track in time for the annual SANS2004
conference in April, but you can still take it as a four-day track in
Tysons Corner, Virginia on December 15-18, 2003.
http://www.sans.org/cissp_tysons03/

2. SANS Security Leadership Update

Management in Information Technology is extremely difficult if you want
to pursue excellence. You have to master the technical material,
understand its application and also all the standard management skills.
As I have shared with you before, I have worked for some pretty clueless
managers and those painful memories drive me to make T12 the best
possible Information Security Leader's course. Track 12 sold out in New
Orleans and we had to offer a second seating. I read all of the student
comments each night and we are close to the right balance between
technical skills and IT management skills.

  "Outstanding in every respect, covers all areas applicable to managers
    with regards to IT security!" Chris Andrieu, LA Supreme Court

T12 will empower you as a manager to understand the technology and then
understand how to apply that knowledge of technology in your
organization. SANS Security Leadership gives you a special opportunity
when you get back in the office to assess the implementation and state
of practice of your IT operations. You also have an opportunity to
assess the capabilities of your IT audit staff. If they do not know the
terminology and concepts you have learned, they are not able to perform
their tasks. This would mean that your organization is running at a high
level of risk since auditors ensure controls exist and are sufficient
for the protection of your assets.

Educated managers make educated decisions. Send your boss to SANS! I
am still writing and improving the course so it will be totally up to
date! And talk about the boondoggle of the century, the next offering
is at a beachfront hotel on Kauai, February 9 - 13, 2004 and includes
a luau and aloha shirt. However, in the classroom it is strictly
business. When they come back and say the training was like drinking
from a firehose, they will not be kidding.
http://www.sans.org/kauai04/

3. SANS Newest Legal Course: Legal Issues in Computer Security

System, security and network administrators want to know the legal
implications of their jobs and it is easy to understand why in our
increasingly regulated environment. This is a fast paced survey of the
primary cyber legal issues in U.S. law. The course description is
available here:
http://www.sans.org/timessquare03/legalissues.php
It's not too late to register for the New York training which takes
place December 15, 2003!
http://www.sans.org/timessquare03/

4. CIS Gold Standard Training

SANS supports the work the Center for Internet Security, NSA, GSA, DISA
and NIST are doing to develop security standards. We develop courseware
using the CIS Benchmarks and now offer three Gold Standard courses, for
Windows 2000, Apache, and Solaris. Securing Solaris Using the CIS
Benchmarks, a one-day course, is offered January 23, 2004 in Tysons
Corner, Virginia.
http://www.sans.org/sg_tysons04/

5. Oracle Course Coming Soon

We don't usually announce a course until it is at least 50% complete,
but the lead author Pete Finnegan is the author of our Securing Oracle
book, available from the SANS Store. This track is focused on how to
secure an Oracle database. Early reviewers are telling us this will be
the best Oracle security course in the market. Expect the first run
sometime in mid-2004.
https://store.sans.org//store_item.php?item=80

6. Honeypots: Tracking Hackers

For the advanced security practitioner, honeypots are one of the most
effective methods to understand attacker techniques and detect new
malicious code. SANS is pleased to offer a three-day hands-on track that
will give you a full understanding of what honeypots are, how they work,
their value, the different types of honeypots, and which ones are best
for your organization. If you can, come to Washington January 28-30 for
this cutting edge training under the leadership of Marcus Ranum.
http://www.sans.org/hp_washingtondc04/

7. Hacker Refresher Courses in 2004

If you completed a hands-on, multiple-day hacking course such as SANS
Hacking Techniques, Exploits and Incident Handling (Track 4), Hacking
Exposed, or Ultimate Hacking over a year ago, then this course is
designed for you. It is a one-day refresher, not an introduction to the
fundamentals, so please only sign up if you are qualified. You will
learn the latest attack vectors and how to stop them, plus pick up the
newest tools. Here is a preliminary schedule of Hacker Refresher
courses:

February 1 San Diego CA
February 15 Atlanta GA
February 20 Tysons Corner VA
March 9 Portland OR
March 21 San Jose CA
April 1 Orlando FL
May 15 Baltimore MD
June 11 Denver CO
July 1 Minneapolis
July 12 Monterey CA

More cities coming soon, be sure to watch www.sans.org for the latest
updates.

8. Instructor Led Online Training Sessions begin in January

Two new ILOT sessions will be starting January 26 and January 27, taught
by top-rated SANS instructors Eric Cole and Dave Hoelzer. This is a
wonderful opportunity to receive the same world-class training that
conference students get, without travel expenses or time off from work
and for $500 less in tuition fees. Choose either SANS Security
Essentials and the CISSP 10 Domains (Track 1) or Intrusion Detection
In-Depth (Track 3). If you wish we offered a different track as ILOT
training, you can fill out an interest form.
http://www.sans.org/onlinetraining/ilot/

9. Online PDF and MP3 Courseware Are Included in Tuition

When you return home from a SANS conference, the learning opportunity
doesn't stop. Students are often surprised (though pleasantly) when we
tell them that online access to the courseware and practice quizzes is
included with the price of conference tuition for all track students,
whether or not you signed up for GIAC certification. You have six months
of access to online PDFs and MP3 audio files of the course material,
and access to practice quizzes you can use to test your understanding.
The quiz grades are not recorded and you can take them as many times as
you like. They are written by the same authors who write the
certification exam questions so if you signed up for certification, they
are an excellent resource to help you prepare for the certification
exams.
TIP: If you are a commuter, copy the .mp3 sound files to CD and listen
to them on your way to and from work.

10. New Step by Step Guides: Solaris, Business Law & Computer Security

a) Business Law and Computer Security, written by Ben Wright, is
a timely book that leads you through the process taught in our first
cyber legal issues course, SANS Business Law and Computer Security. This
book is designed to help navigate the tricky world of electronic records
management and other similar business issues.
https://store.sans.org//store_item.php?item=104

b) We also have a new Solaris guide, Securing Solaris 8 & 9 Using
the Center for Internet Security Benchmark. This book replaces our
original Solaris guide, which will be available for ten days as a free
.pdf download for those who benefit from access to the older version.
To get the free download, go to the SANS Store:
https://store.sans.org//

After ten days, it will be available from the website of its primary
author, Hal Pomeranz: http://www.deer-run.com/

11. GIAC Prep Teaching Kits for SANS Track 9

People write us all the time to ask if we license our courseware. Our
new GIAC Prep teaching kits for are available for universities and
professional training centers that want to teach the SANS Intro to
Information Security track. Our teaching kits include books and access
to the online training, practice quizzes, practical assignments, and
GISF exams, plus a PDF of the slides for the instructor if this is
taught classroom style.
https://store.sans.org/store_item.php?item=88

12. Passing GIAC Exams

Most GIAC certifications require first passing a practical assignment
and then taking two multiple-choice timed exams. We have found that it
is better not to take the two exams back to back -- giving yourself a
substantial break between tests pays off. Many students have asked for
practice exams, so they know better what to expect, and we now offer
them for both the GIAC Information Security Fundamentals certification
(GISF - Track 9) and the GIAC Security Essentials Certification (GSEC
- - Track 1) in the SANS Store. Keep a close eye on the options, we hope
to have practice exams available for all certifications within the next
90 days.
https://store.sans.org/store_category.php?category=tests

13. How to Tell if Someone is Really Certified

Recently we have been seeing cases where people claim to be certified
and they are not. One individual even claimed to hold a GSE, our most
prestigious certification. Worse, we had two cases where people billed
their employers for fake training expenses. So how do you tell if
someone is really GIAC certified? Answer: Go to the GIAC website. At
www.giac.org we list the names of all people who have earned
certification, along with their exam scores, a link to their practical,
and their certification expiration date. There is also a search feature
on the top left of every GIAC page that can be utilized to help track
down the student. Names and practical assignments of newly certified
students are posted within a few weeks of passing the certification
exams. To look someone up, you need the name, the type of certification,
and it helps if you know approximately when that person earned their
certification. If you cannot find a name on the site, you can write to
infogiac.org with the student's name and type of certification, and
GIAC staff will follow up with the inquiry.
http://www.giac.org/cert.php

Please do the entire community a favor and copy this one section of the
status report and mail it to your HR and training department. There is
no substitute for awareness and we should not allow fraud within our
ranks!

14. GIAC Study Hall Premieres at CDI East

As always, we want our students to succeed in the certification process.
We have found that procrastination is the leading cause for failure to
certify, so we are introducing GIAC Study Hall. This is a pilot program
for conference attendees who want to jumpstart their certification
attempt. GIAC Study Hall is not a presentation, but a quiet room where
attendees can start work on their practical assignment. The room will
be monitored by GIAC Advisory Board members, certified professionals
who completed their GIAC certification with honors. They will try to
answer students' questions and guide them in the right direction. There
will be wireless Internet access available so students can start
researching. Check out the first GIAC Study Hall at CDI East in
Washington DC, December 8-13, 2003.
http://www.sans.org/cdieast03/

15. SANS Finishing School offers Course Review and GIAC Exams

Have you taken a SANS training track in the past and would now like the
credentials and proof of mastery that comes from GIAC certification?
Then consider signing up for SANS Finishing School. In this special
pilot project, you can register for the Local Mentor-led version of the
course you originally took and fully participate in the classes plus
take the GIAC exams for only $750. For details and registration
instructions, please contact Scott Weil, sweilsans.org.

16. Final Announcement: National Information Assurance Leadership (NIAL)
    Briefings

NIAL is designed to help you stay up to speed with the minimum time out
of the office. These briefings are primarily given by SANS faculty such
as Ed Skoudis, Stephen Northcutt, David Rice, Jennifer Kolde and David
Rice and are always cutting edge. We run these in two tracks so you
should always find something of interest, and we provide you with a book
that holds all the briefings. NIAL Briefings have been successful in
the past, but I am going to be candid, attendance is down for the
Washington DC show. It takes a lot of our time to put these together
and fly out to deliver them. If you have looked at the program and
decided not to go, please drop me a note (stephensans.org) and let me
know what you were looking for that we are not offering and I will try
to wire that into the next program.

NIAL VI Washington DC, December 4, 5, 2003
http://www.sans.org/cdieast03/nial6.php

NIAL VII San Diego CA, February 2, 2004
http://www.sans.org/cdiwest04/nial7.php

17. Final Call For Papers: SANS 04 - Disneyworld, Orlando April 1 - 7, 2004

Most employees can no longer get permission to attend technical
conferences. Management does not feel technical conferences are worth
the investment and they are often right. A lot of technical conferences
feature vendor papers that masquerade as technical papers and the
presentations are full of grammatical and technical errors. SANS is
pleased to announce an evening technical conference where every
presentation has been exhaustively reviewed and the presenters have
practiced their talks.

Admission is free if you are part of SANS 04. We have accepted ten
submissions and are working with these authors to develop their talks.
It is getting late in the game, but it might be possible to add one or
two more papers if the author is motivated to work hard. Presenting a
paper at a prestigious conference is one of the best ways to persuade
management to allow you to attend. SANS 04, located right on the Disney
property, will be the biggest information security event in history by
far, with over 600 hours of advanced technical training. We are
primarily seeking two hour - 60 slide, technical presentations so please
only write if you are serious and willing to work. If your presentation
concept is accepted you will be assigned to a development editor to help
you though the outlining and writing process. If you are interested:
http://www.sans.org/sans2004/

18. Stephen's Picks for Small Class Sizes

Big conferences like NS2003 held this fall in New Orleans are a lot of
fun, but being big means large classrooms and lots of people. Some of
you write that you would prefer smaller classes. Based on registration
to date, here are two venues that I think you should consider if a
smaller class size is a priority for you.

CDI East, Washington DC, December 8-13, 2003
Track 1 and Track 5 are sold out, but consider one of the other 4 tracks:
        Firewalls, Perimeter Protection & VPNS (Track 2)
        Intrusion Detection In-Depth (Track 3)
        Hacking Techniques, Exploits, and Incident Handling (Track 4)
        Securing Unix (Track 6)
http://www.sans.org/cdieast03/

SANS Biscayne Bay, Miami, FL, January 12-17, 2004
        SANS Security Essentials and the CISSP 10 Domains (Track 1)
        Firewalls, Perimeter Protection & VPNS (Track 2)
        Auditing Networks, Perimeters, and Systems (Track 7)
http://www.sans.org/biscaynebay04/

************************************************************************

To change your subscription, address, or other information, visit
http://portal.sans.org

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (Darwin)

iD8DBQE/zkRN+LUG5KFpTkYRAjMhAJ9Dc26WKtLNYJOlTNfz0z15KRSbGwCeMA7e
C0SH9c7vMPmQDTu1aksWMzQ=
=4mfT
-----END PGP SIGNATURE-----

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]