SANS Experience
My SANS experience.
I was told SANS training was very good. I honestly think that’s an understatement. I was lucky enough to have one of the 504-course author as my instructor – John Strand. John is the owner of Black Hills Security one of the top Pen testing and security companies in the world. His passion for Information Security and teaching left me truly inspired to be in this industry. The SANS@Night courses allowed me to meet several of the other SANS instructors who share his passion for both teaching and information security.
Day 1 Preparation, Identification, Containment, Eradication, Recovery
Securing our infrastructure is not an easy task. We have to balance business needs against security risk. With new vulnerabilities releases daily there is always the potential for an intrusion. The first part of day 1 we looked at a step by step incident handling model. This was model was created by the most experienced incident handlers from various corporations and government agencies. This model has been proven effective in each of their organizations. The second part of day I was examining from the trenches. This section gave me valuable information on steps we can take to improve our chances of catching and prosecuting an attacker.
Day 2 Reconnaissance, Scanning and how ‘attackers’ can try to evade Intrusion Detection Systems.
Our networks could reveal a large amount of data and information to an attacker. Attackers could perform detailed scans of our systems by looking for openings in our defenses. Examples would be weak DMZ systems and firewalls or even wireless LAN attacks. I now have a better understanding of the first two critical phases of an attack. If we are unaware of these attacks phases we will not be able to protect our network.
Day 3 Network-Level Attacks
Attackers use a large variety of strategies to take over or (own) a system from the network level and up. This day covered detailed instructions on how many of these techniques are employed at very in-depth level. Examples would be buffer overflow, format string attacks (which really made my brain hurt ) , sessions hijacking etc. As a Security Engineer, I really need to know the nitty-gritty of these attacks and more importantly the associated defenses against said attacks. Day 3 really drove home the various tools and hardening techniques we can use to better equip us against these type of attacks.
Day 4 Password Cracking, Web Application Attacks, Denial of Service Attacks
This day covered more attacking techniques. We analyzed worm and super worm developments, web applications attacks such as cross-site scripting, SQL injection, session cloning just to name a few. Day 4 also dug into the taxonomy of resources attacks such as DOS, DDOS, Pulse Zombies as well as how to prevent these attack attempts. After this course I really feel armed with a better understanding of how to defend against these type of attacks.
Day 5 Maintaining Access, Covering Tracks
Day 5 focused on two other attack phases. Maintaining access and covering tracks. Attackers can install backdoors, Rootkits and sometimes even manipulate the kernel itself. Each of these types of attacks requires specialized defenses to protect our systems. Attackers can also cover their tracks by hiding files, sniffers used to prevent investigations. Day 5 focused on the tools and techniques I need to respond to these activities. This was one of my favorite labs – In this lab, we were also able to analyze scenarios based on real-world attacks again driving home the tools and techniques we learned.
Day 6 Hands-on Analysis
Over the years the security industry has become smarter unfortunately so have attackers. One of the most effective methods of stopping an attacker is to ‘attack’ your environment with the same tools and tactics they might be using. Day 6 was a CTF event (Capture the Flag) This workshop let me put everything I learned over the past week into practice. We put our VMs into one of the most hostile networks on earth (simulated of course) and the network allowed me to attack live SANS networks. We progressed through their network by capturing virtual flags In doing so we discovered subtle flaws and weakness in the SANS networks.
More SANS
Each day also had several labs. The labs do a great job at reinforcing what you learned in that section. What’s great I am able to use these labs at any time to keep my mind fresh on the material. I’ve already gone back and started doing some of the labs again – they are honestly quite fun.
SANs@Night
Each night after class we also had a 2-hour talk. This made for a very long day. However, the talks were so good – I could not pass them up.
Bottom line – save all your training budget and attend SANS. I plan to do everything humanly possible to continue attending SANS.
**Tip – Bring room for books or ship them back. You’ll be getting a large book for each day.
** Tip – 5 day and 6 days class – from what I understand to get into Netwars for free.
I was told SANS training was very good. I honestly think that’s an understatement. I was lucky enough to have one of the 504-course author as my instructor – John Strand. John is the owner of Black Hills Security one of the top Pen testing and security companies in the world. His passion for Information Security and teaching left me truly inspired to be in this industry. The SANS@Night courses allowed me to meet several of the other SANS instructors who share his passion for both teaching and information security.
Day 1 Preparation, Identification, Containment, Eradication, Recovery
Securing our infrastructure is not an easy task. We have to balance business needs against security risk. With new vulnerabilities releases daily there is always the potential for an intrusion. The first part of day 1 we looked at a step by step incident handling model. This was model was created by the most experienced incident handlers from various corporations and government agencies. This model has been proven effective in each of their organizations. The second part of day I was examining from the trenches. This section gave me valuable information on steps we can take to improve our chances of catching and prosecuting an attacker.
Day 2 Reconnaissance, Scanning and how ‘attackers’ can try to evade Intrusion Detection Systems.
Our networks could reveal a large amount of data and information to an attacker. Attackers could perform detailed scans of our systems by looking for openings in our defenses. Examples would be weak DMZ systems and firewalls or even wireless LAN attacks. I now have a better understanding of the first two critical phases of an attack. If we are unaware of these attacks phases we will not be able to protect our network.
Day 3 Network-Level Attacks
Attackers use a large variety of strategies to take over or (own) a system from the network level and up. This day covered detailed instructions on how many of these techniques are employed at very in-depth level. Examples would be buffer overflow, format string attacks (which really made my brain hurt ) , sessions hijacking etc. As a Security Engineer, I really need to know the nitty-gritty of these attacks and more importantly the associated defenses against said attacks. Day 3 really drove home the various tools and hardening techniques we can use to better equip us against these type of attacks.
Day 4 Password Cracking, Web Application Attacks, Denial of Service Attacks
This day covered more attacking techniques. We analyzed worm and super worm developments, web applications attacks such as cross-site scripting, SQL injection, session cloning just to name a few. Day 4 also dug into the taxonomy of resources attacks such as DOS, DDOS, Pulse Zombies as well as how to prevent these attack attempts. After this course I really feel armed with a better understanding of how to defend against these type of attacks.
Day 5 Maintaining Access, Covering Tracks
Day 5 focused on two other attack phases. Maintaining access and covering tracks. Attackers can install backdoors, Rootkits and sometimes even manipulate the kernel itself. Each of these types of attacks requires specialized defenses to protect our systems. Attackers can also cover their tracks by hiding files, sniffers used to prevent investigations. Day 5 focused on the tools and techniques I need to respond to these activities. This was one of my favorite labs – In this lab, we were also able to analyze scenarios based on real-world attacks again driving home the tools and techniques we learned.
Day 6 Hands-on Analysis
Over the years the security industry has become smarter unfortunately so have attackers. One of the most effective methods of stopping an attacker is to ‘attack’ your environment with the same tools and tactics they might be using. Day 6 was a CTF event (Capture the Flag) This workshop let me put everything I learned over the past week into practice. We put our VMs into one of the most hostile networks on earth (simulated of course) and the network allowed me to attack live SANS networks. We progressed through their network by capturing virtual flags In doing so we discovered subtle flaws and weakness in the SANS networks.
More SANS
Each day also had several labs. The labs do a great job at reinforcing what you learned in that section. What’s great I am able to use these labs at any time to keep my mind fresh on the material. I’ve already gone back and started doing some of the labs again – they are honestly quite fun.
SANs@Night
Each night after class we also had a 2-hour talk. This made for a very long day. However, the talks were so good – I could not pass them up.
Bottom line – save all your training budget and attend SANS. I plan to do everything humanly possible to continue attending SANS.
**Tip – Bring room for books or ship them back. You’ll be getting a large book for each day.
** Tip – 5 day and 6 days class – from what I understand to get into Netwars for free.
The casino casino hotel at Harrah's and the LINQ - Air Jordan
ReplyDeleteThe air jordan 18 stockx from us casino hotel at Harrah's and the LINQ Hotel in Las Vegas is the most beautiful place to be if where can i find air jordan 18 retro yellow you're going 스포츠토토 배당률 계산 샤오미 to visit the air jordan 18 retro red sports action air jordan 18 retro men good website at the
The King Casino - Atlantic City, NJ | Jancasino
ReplyDeleteCome on in the King Casino deccasino for fun, 토토 사이트 코드 no wagering requirements, delicious dining, and enjoyable casino gaming https://jancasino.com/review/merit-casino/ all at the heart of Atlantic kadangpintar City. wooricasinos.info