Incident Response & Computer Forensics

Incident Response & Computer Forensics

Course Code : 102

Workshop : Training

Duration : 4 days Training Course

COURSE OUTLINE

The threat of computer crime against an organization's infrastructure has grown exponentially. Abuse, fraud and criminal activity can occur internally as well as from an outside source. Every crime leaves behind clues, and with the proper use of forensic techniques, you can uncover illicit activity and recover lost data. After completing this course, you will be able to learn the following:

· Implement a computer forensics incident response strategy

· Lead a successful investigation from the response to completion

· Recover deleted files and discover hidden information

· Reconstruct user activity from e-mail, temporary Internet files and cached data

· Assess the integrity of system memory and process architecture to reveal malicious code

· Address key aspects of forensics lab maintenance

COURSE OBJECTIVES

In this course, you gain experience in the latest Windows-based computer forensic techniques to recognize and respond to security threats. You also learn to identify and retrieve hidden information.

TARGET AUDIENCE

This course is valuable for systems administrators and those involved in responding to security incidents. Knowledge of Windows-based PCs, including hardware and operating system software.

 

 

 

 

COURSE CONTENTS

INTRODUCTION TO COMPUTER FORENSICS

· Responding to incidents

· Applying forensic analysis skills

· Distinguishing between corporate and criminal activity

·

DEVELOPING INCIDENT AWARENESS

Planning for incident response

· Communicating with site personnel

· Knowing your organization's policies

Preliminary investigation

· Minimizing impact on your organization

· Passive/active host analysis

·

CONTROLLING AN INVESTIGATION

Chain of custody

· Collecting digital evidence

· Identifying the forensics analysis team

Legal aspects of acquiring evidence

· Securing and documenting the scene

· Processing evidence

Inventory and documentation

· Creating the evidence log

· Maintaining process integrity

·

CONDUCTING DISK-BASED ANALYSIS

Forensics lab operations

· Acquiring a bit-stream image

· Establishing a baseline

· Physically protecting the media

Disk structure and recovery techniques

· Disk geometry components

· Inspecting Windows file system architectures

· Locating deleted content

Uncovering hidden information

· Evaluating alternate data streams

· Steganography tools and concepts

· Scavenging slack space

· Exploring header content and file mangling

·

SCRUTINIZING E-MAIL

Investigating the mail client

· Interpreting e-mail headers

· Recovering deleted e-mails

Probing the mail server

· Examining the information store

· Recognizing spoofed DNS

TRACING INTERNET ACCESS

Inspecting browser cache and history files

· Exploring temporary Internet files and offline content

· Researching cookie storage

· Exposing hidden browser activity

Reconstructing Web server activity

· Verifying IIS and FTP log files

· Uncovering file system activities in NTFS journal

·

SEARCHING MEMORY IN REAL TIME

Comparing process architectures

· Identifying user and kernel memory

· Verifying address space

· Inspecting threads

Deploying advanced process analysis methods

· Evaluating processes with Windows Management Instrumentation (WMI)

· Walking dependency trees

Auditing processes and services

· Interpreting trace logs

· Reconstructing the process table

· Discovering evidence in the Registry

· Deploying and detecting a root kit

·

Implementing covert surveillance techniques

· Logging key strokes

· Observing real-time remote desktops

· Creating workspace snapshots

·

MAINTAINING A FORENSICS LAB

Identifying hardware and software requirements

· Enabling a write blocker

· Scrubbing disks

Validating forensic tools

· Constructing a test disk

· Confirming tool integrity

E-Management for Enterprise Managers

E-Management for Enterprise Managers

Course Code : 120

Workshop : Training

Duration : 4 days Training Course

COURSE OUTLINE

Information technology has revolutionized the way organizations operate. Today's environment demands that directors, managers, sales personnel and other professionals navigate a gauntlet of technical concepts. A strong foundational knowledge of these technologies enhances the ability to make key business decisions and to effectively communicate with an IT department. After completing this course, you should be able to:

· Work confidently with information technology to gain strategic advantage

· Assess enterprise software development options

· Evaluate the financial and technical aspects of open source technology

· Take advantage of the latest networking technologies

· Recognize security options to protect your organization

· Maximize the impact of information technology to achieve organizational objectives

COURSE OBJECTIVES

In this course, you gain knowledge of the most important technologies that affect business, and learn how to assess technologies to improve productivity and optimize organizational resources.

TARGET AUDIENCE

This course is valuable for anyone who needs to better understand information technology and how it can be used to achieve business objectives and advantages.

COURSE CONTENTS

SETTING THE STAGE

  • Defining information technology
  • Demystifying technological jargon
  • Assessing the advantages of investing in technology

ENTERPRISE APPLICATIONS

Appraising software development options

  • Choosing the best solution for your organization
  • .NET
  • J2EE
  • Others
  • The make-or-buy decision

Integrating B2B operations

  • Advantages of XML in a business environment
  • Simplifying system communications using Web services
  • Adopting service-oriented architectures (SOAs)

EVALUATING OPEN SOURCE TECHNOLOGIES

Common open source solutions

  • Alternative operating systems
  • Leveraging open source productivity applications
  • Implementing open source Web platforms: Linux, Apache, MySQL and PHP

Comparing open source vs. commercial

  • Comparing features and functionality
  • Considering the financial issues
  • Addressing longevity and support concerns

MAXIMIZING NETWORKING TECHNOLOGIES

Examining network fundamentals

  • Characteristics of local and wide area networks
  • Defining essential wired network hardware components
  • Exploiting Voice over IP (VoIP) to reduce phone costs

The wireless revolution

  • Eliminating costly network infrastructures
  • Boosting employee productivity through roaming
  • Replacing your current network with Wi-Fi
  • Expanding personal area networks (PANs) using Bluetooth

PROTECTING YOUR ORGANIZATION

Economics of IT security

  • What the lack of security can cost your organization
  • Preserving your reputation, integrity and trust

Reducing business risks

  • Investigating Web security vulnerabilities
  • Connecting remotely using a virtual private network (VPN)
  • Preventing interception of your wireless data
  • Adhering to security coding and testing guidelines
  • The necessity of a corporate security policy

Controlling threats and intrusions

  • Surveying security components
  • Firewalls
  • Intrusion Detection Systems (IDS)
  • Intrusion Prevention Systems (IPS)
  • Protecting your proprietary information from phishing attacks

COMMUNICATING WITH THE IT STAFF

Making IT more effective

  • Involving IT in the budgeting process
  • Defining criteria to measure IT success

Opening the lines of communication

  • Identifying the right questions to ask
  • Differentiating the "cool factor" from your business needs
  • Defining roles and responsibilities

LEVERAGING "THE BIG PICTURE"

The impact of IT

  • Unraveling the business and economic benefits of information technology
  • Strategically aligning technology with your business objectives

The future of information technology

  • Re-evaluating technology on a periodic basis
  • Staying aware of newly developing technologies

Implementing Web Security

Implementing Web Security

Course Code : 101

Workshop : Training

Duration : 4 days Training Course

COURSE OUTLINE

The exploding use of Web technologies for corporate intranets and Internet sites has escalated information assurance risks to corporate data. It is imperative that Web professionals are trained in techniques to effectively protect their sites from internal and external threats. After completing this course, you will be able to learn the following:

· Secure Web servers, communications and browsers

· Protect your Web client to minimize risks from applets, scripts and viruses

· Exploit the features of your Web server and operating system to tighten security

· Encrypt Web traffic using Secure Sockets Layer (SSL)

· Issue and manage certificates for browser and server authentication

· Deploy proxy servers as part of a firewall to protect your Web servers and users

COURSE OBJECTIVES

In this course, you gain extensive hands-on experience securing Web communications and Web sites. You learn the common vulnerabilities of Web sites, as well as how to carry out secure communications across unsecured networks.

TARGET AUDIENCE

This course is beneficial for the professionals involved in securing Web sites, including Web developers, Webmasters, and security administrators. Experience with Web servers, plus UNIX or Windows familiarity, is useful.

 

 

 

 

COURSE CONTENTS

INTRODUCTION TO WEB SECURITY

Web technologies

· The Web client/server architecture

· What does the Web server do?

· Transferring hypertext documents with HTTP

· Dynamic content technologies

Basic information assurance issues

· Availability

· Authentication

· Privacy

· Integrity

·

SECURING THE WEB CLIENT

Threats and vulnerabilities

· Client information leakage

· How cookies work

· Assessing the threats from Java, JavaScript, VBScript and ActiveX

· Hostile applets and viruses

Protecting your Web browser

· Disabling Java applets

· Turning off cookies

· Using an online virus checker

· Obtaining browser certificates

· Enabling and disabling signing authorities

·

CONFIGURING OPERATING SYSTEM AND NETWORK SECURITY

Operating system security features

· Authenticating users

· File permissions and document roots

· Operating privileges for the server

· Audit tools

Network security

· Preventing IP address spoofing

· Securing DNS servers

· Minimizing denial-of-service threats

ENHANCING WEB SERVER SECURITY

Controlling access

· Configuring user authentication on IIS and Apache

· Restricting access based on hostname/IP address

· Enabling and configuring logging

· Dynamic configuration files

Extended site functionality

· Securing CGI script invocations

· Guidelines for secure Web programming

Securing Web communications with SSL

· Public key and private key encryption

· Storing and distributing keys

· Ensuring data integrity with message digests

· Digitally signing data and documents

· Enabling the Secure Sockets Layer (SSL)

· Obtaining and installing server certificates

·

ISSUING AND MANAGING CERTIFICATES

Why certificates are used

· Preventing eavesdropping with public key encryption

· Authenticating clients and servers

· Utilizing the X.509 v3 Certificate format

Certificate authorities (CAs)

· Using a public certificate authority

· Non-authoritative certificates

· Chaining certificate authorities

· Classes of certificates

Trusting CAs in servers and browsers

· Importing CA certificates

· Running your own certificate server

· Choosing which CAs to trust

· Checking certificate revocation lists

PROTECTING DATA WITH FIREWALLS

Firewall technologies

· Components of a firewall

· What firewalls can and cannot do

· Using application proxies

Selecting firewall topology

· Providing "defense in depth"

· Siting the Web server

·

SECURITY MANAGEMENT

Responding to security violations

Keeping up to date on new threats

E-Learning Tools and Techniques

E-Learning Tools and Techniques

Course Code : 119

Workshop : Training

Duration : 4 days Training Course

COURSE OUTLINE

There are many theories of learning definition and design and a variety of best practices in development, deployment and delivery. The module aims to:

· Present the general principles and learning theories used in the definition and design processes

· Explore the problems associated with developing eLearning software pieces

· Discuss the issues surrounding deployment

· Present the best approaches to delivering the learning in a real environment

COURSE OBJECTIVES

· Produce a learning needs analysis and proposal for industrial or educational learning context clients

· Acquire knowledge and create learning designs

· Develop a working piece of eLearning using available software tools and delivery mechanisms

· Demonstrate critical awareness of issues in eLearning design and development

TARGET AUDIENCE

The target audience is anyone involved in the development, delivery, implementation, and management of e-Learning

COURSE CONTENTS

Defining an eLearning Product for People to buy

This section will develop an understanding of the relationship with the buying client, learning client and learning designer. It will look at how learning strategies fit in with business strategies and show how to present learning solutions to clients.

Setting Learning Outcomes, Learning Objectives, Learning Assessments and Content

This section will introduce the concept of outcome and objective writing, how to acquire the most appropriate material content to meet these, and how to break content down into usable eLearning materials.

Understanding the Capability of the Technical Infrastructure

This section will deal with technical and developmental issues that can have an impact on eLearning design and production.

The Fundamental Principles of Learning Design

This section will deal with the fundamental principles of learning and educational psychology theory and introduce the important principles of real-world learning design.

The Varieties of an eLearning World

This section will deal with the components of eLearning and cover definitions of different blends of learning. It focuses on profiles of eLearners, skills and abilities they need to develop, and deals with problematic issues in eLearning and its overall place in learning generally.

Design and Psychology

This section brings in an understanding of the way in which an eLearning piece is created to meet with the needs of learners, and the processes that need to occur in the conceptual design of a piece of eLearning. It considers issues such as interface, learner navigation, activity planning and assessment.

The Nature of Collaborative and Supportive Learning Environments

This section looks in to the role of collaboration in virtual learning communities and how learner activities need to be developed and supported.

Producing and Deploying a Software eLearning Piece

This section introduces the practice of activity-storyboard production and the software production and deployment stages.

Introduction to instructional design

· Defining the job scope of an instructional designer

· Using an eLearning needs checklist

· Instructional systems design - what is it?

· Conceptualising an eLearning solution

· Writing learning objectives and what you should avoid

· Preparing a framework for eLearning starters

· Mini case study

Instructional design and storyboarding strategies (behaviourist and constructivist)

  • Pedagogical strategies – behaviourism vs constructivism
  • Applying these strategies for storyboarding
  • Gagne’s 9 events of instruction
  • Bruner’s 3 principles
  • Bandura’s social learning theory
  • Carroll’s minimalist theory
  • Working with subject matter experts
  • Design guidelines prior to storyboarding
  • Designing simulations and playing elements in eLearning

How to create and design reusable information objects (RIOs) by applying Bloom’s taxonomy

  • Classification of learning domains
  • Introduction to the component display theory
  • Classifying information types using Bloom’s taxonomy
  • Designing learning objectives
  • What are RIOs?
  • Classification of RIOs and why we should classify them
  • RIO templates