Cyber Network Defense Bootcamp // One Day Course (March 14)
The Cyber Network Defense Bootcamp is a full frontal immersion into all aspects of network defense. We all know that Cyber Network Defense is a critical and evolving requirement for organizations large and small in the 21st century. There are a number of component courses available for various disciplines in the realm of CND; however, there are very few options for a CND crash-course bootcamp that covers topics relevant to the overarching mission of defending the home enterprise. While many courses teach the fundamentals of incident response utilities, malware analysis, and reverse engineering, this course aims to rapidly introduce the student to the processes, machinations, and most important the mindset of being a network defender.
This course is a condensed version of the two-day course which teaches a holistic approach to CND, beginning with intelligence ingestion and easing into network anomaly detection and advanced network forensics. Following the understanding of the network layer, the course will introduce key concepts of incident analysis by providing an in-depth introduction into incident response device forensics using freely available and commercially licensed tools of the trade. With incident analysis and network forensics under their belts, students will then immerse themselves in an indepth static and dynamic reverse engineering section to include topics like manual unpacking and deobfuscation of command and control protocols. To round out the training, students will be given a short training in incident reporting and will learn how to present technical findings to managerial and executive level personnel in a clear and concise manner. This course will be rich with hands on activities and exercises to practice intelligence collection, network forensics, disk forensics, and reverse engineering of malware.
- Open Source Intelligence Methods and Commercial Intelligence Options
- Network Forensics and Analysis
- Advanced Network Detection Techniques
- Device Forensics Tools
- Device Forensics Methodologies
- Dynamic Malware Analysis
- Static Malware Analysis
- Dynamic Memory Analysis
- Incident Reporting
- Talking to the C-Level
Students should have a working understanding of how computer networking functions. This class will require math skills to understand decimal, hexadecimal, and binary. Understanding of the various components of a computer and how they functions (RAM/Disk/CPU). This class will demonstrate low-level programming language components so an understanding of what is assembly is preferred - though we will cover some basics.
What to Bring:
Laptop with a windows XP/7 virtual machine. (VMWare is preferred as some students have had issues using Virtual Box)
What you get:
- Book of materials
- Course disc
Adam Meyers is a Senior Principal with the Products and Offerings Division of SRA International. Mr. Meyers serves as a senior subject matter expert for cyber threat and cyber security matters for a variety of SRA projects. Mr. Meyers provides both technical expertise at the tactical level and strategic guidance on overall security program objectives. Mr. Meyers has extensive experience in Penetration Testing, Security Engineering and Architecture, Wireless Communication, and Reverse Code Engineering. Mr. Meyers is a recognized speaker who has presented on topics ranging from high level business solutions to deep technical training including industry conferences such as RSA and CSI. He currently supports the Department of State Bureau of Diplomatic Security leading a reverse engineering and cyber threat analysis team charged with investigation and mitigation.
Ends January 6
Ends February 29
Ends March 15