SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling

SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling
Sat, April 13 - Thu, April 18, 2019
Contents | Additional Info
Instructor: Chris Dale
 7,210 USD
GCIH Certification
Affiliate Pricing
37 CPEs
Laptop Required
Masters Program
DoDD 8140
(IAT Level III)
Cyber Guardian

SEC504 was my first SANS class. I did not expect to learn as much as I did during the last 6 days.

A. Zaman, Verizon
The hands-on labs and the technical background about how attacks work in SEC504 are very insightful and shows us how hackers operate.

Christopher Miller, Global Payments Inc.

The Internet is full of powerful hacking tools and bad guys using them extensively. If your organization has an Internet connection or one or two disgruntled employees (and whose doesn't!), your computer systems will get attacked. From the five, ten, or even one hundred daily probes against your Internet infrastructure to the malicious insider slowly creeping through your most vital information assets, attackers are targeting your systems with increasing viciousness and stealth. As defenders, it is essential we understand these hacking tools and techniques.

By helping you understand attackers' tactics and strategies in detail, giving you hands-on experience in finding vulnerabilities and discovering intrusions, and equipping you with a comprehensive incident handling plan, this course helps you turn the tables on computer attackers. It addresses the latest cutting-edge insidious attack vectors, the "oldie-but-goodie" attacks that are still prevalent, and everything in between. Instead of merely teaching a few hack attack tricks, this course provides a time-tested, step-by-step process for responding to computer incidents, and a detailed description of how attackers undermine systems so you can prepare, detect, and respond to them. In addition, the course explores the legal issues associated with responding to computer attacks, including employee monitoring, working with law enforcement, and handling evidence. Finally, students will participate in a hands-on workshop that focuses on scanning for, exploiting, and defending systems. It will enable you to discover the holes in your system before the bad guys do!

The course is particularly well-suited to individuals who lead or are a part of an incident handling team. General security practitioners, system administrators, and security architects will benefit by understanding how to design, build, and operate their systems to prevent, detect, and respond to attacks.

You Will Learn:

• How best to prepare for an eventual breach
• The step-by-step approach used by many computer attackers
• Proactive and reactive defenses for each stage of a computer attack
• How to identify active attacks and compromises
• The latest computer attack vectors and how you can stop them
• How to properly contain attacks
• How to ensure that attackers do not return
• How to recover from computer attacks and restore systems for business
• How to understand and use hacking tools and techniques
• Strategies and tools for detecting each type of attack
• Attacks and defenses for Windows, Unix, switches, routers, and other systems
• Application-level vulnerabilities, attacks, and defenses
• How to develop an incident handling process and prepare a team for battle
• Legal issues in incident handling

If you are unfamiliar with Linux, please view this short Intro to Linux video above to help get you started.

SEC504 vs. SEC560 FAQ: https://www.sans.org/media/security-training/sec504vsec560.php

Notice:

It is imperative that you get written permission from the proper authority in your organization before using these tools and techniques on your company's system and also that you advise your network and computer operations teams of your testing.

Course Syllabus
  SEC504.1: Incident Handling Step-by-Step and Computer Crime Investigation
  SEC504.2: Computer and Network Hacker Exploits - Part 1
  SEC504.3: Computer and Network Hacker Exploits - Part 2
  SEC504.4: Computer and Network Hacker Exploits - Part 3
  SEC504.5: Computer and Network Hacker Exploits - Part 4
  SEC504.6: Hacker Tools Workshop
 
Author Statement
One of my greatest joys in life is helping people understand the complex landscape of security so that they can implement really effective defenses. It may be difficult to fully grasp what truly impacts the security of your organization versus what is simply product marketing hype. This class is the nexus between attacks and defenses, chock full of vital information for thwarting today's nastiest attacks. Ed Skoudis and I continuously refine this class on the foundation of the multitude of penetration tests we conduct and incidents we handle regularly. We strive to keep the material relevant, interesting, and directly applicable to the job of infosec professionals. And I personally live for the moments when the light goes on within a 504 student and they finally see through the noise, and they begin to understand what is important from a threat and vulnerability perspective.

-John Strand