I have taken many information security courses from a variety of vendors and SANS is by far my favorite. Their course are jam packed with useful information that even experienced professionals will be able to immediately apply and 508 maybe one of the most densely packed courses in the SANS curriculum.
Here's a list of some of the items covered:
- NTFS, FAT32/16 and Ext2/3 file systems in depth
- Acquisition and analysis of memory for responding to live systems
- Acquisition of disk images, local and across the network
- Timeline acquisition and analysis
- A look at the different layers of information on a disk drive
- Registry analysis
- Application footprinting
- A review of legal aspects relating to forensics and investigations
- A comprehensive framework of the forensics process
- And of course, much more
It's a great course. You're sure to learn loads of useful techniques and meet other info sec professionals from your area. Covering the material over 10 weeks gives you a great chance to digest the material over time. If you're interested, I encourage you to head over to the SANS web site and register. If you have any questions, please don't hesitate to contact me. And if you are interested, but can't take the course, check out the blog (see below) and join the community.
As for myself, I've been conducting incident response and forensic investigations for more than five years. I'm a regular contributor to and editor of the SANS Forensics Blog. I've taught this course before and received high marks from the students. I'll bend over backwards to make myself available outside of class time and invite all students to contact me with questions any time, even after the course is over. I want you to be successful, to learn and to have fun and I won't be satisfied unless those objectives are met.
No comments:
Post a Comment