The High Technology Crime Investigation Association (HTCIA) is designed to encourage, promote, aid and effect the voluntary interchange of data, information, experience, ideas and knowledge about methods, processes, and techniques relating to investigations and security in advanced technologies among its membership.
2011 April 13 Chapter Presentation: "SANS FORENSICS TRAINING TOPICS"
-
PRESENTATION DATE/TIME: 4/13/2011 0930 - 1030 PST
-
SPEAKER: Mark Gonyea, Forensic Examiner , Regional Forensics Lab
-
TOPIC: "SANS FORENSICS TR AINING TOPICS"
-
MEETING LOCATION:
ITT Training Institute
9680 Granite Ridge Dr
San Diego, CA 92123-2662
- PRESENTATION:
There are six forensic courses taught at SANS, and four of them are available at the SANS Security West 2011 conference next month (May 3-12, 2011, https://www.sans.org/security-west-2011). All courses are taught within a VM framework provided by SANS on a CD. The books that accompany the CD are detailed and rich with references to current websites and free tools. A laptop is needed to perform the hands on training. 4 - 7 from the same organization registering at the same time: 5% *off registration. Additional discount codes available - try locallaw50 (for 50% discount), or call SANS Registration.
Course summaries can be viewed online at
http://computer-forensics.sans.org/courses
Security408: Computer Forensic Essentials (GCFE)
6 day course, $4350
Solid understanding of Windows forensics
• One Tableau T35es Write Blocker (Read-Only)
• IDE Cable/Adapters
• SATA Cable/Adapters
• FireWire and USB Cable Adapters
• Forensic Notebook Adapters (IDE/SATA)
• HELIX Incident Response & Computer Forensics Live CD
• SANS Windows 7 Forensic Analysis VMware Workstation (must bring own License to class)
• Fully functioning tools that include working with Access Data’s Forensic Toolkit (FTK)
(limited to 4 months after course, after that license expires and can use Demo mode)
• Course DVD: Loaded with case examples, tools, and documentation
Forensics 508: Computer Forensic Investigations and Incident Response (GCFA)
6 days course, $4350
Advance course after 408, multiple operating systems
• HELIX Incident Response & Computer Forensics Live CD
• SANS SIFT (Ubuntu Linux) Forensic Analysis VMware Workstation
• Course DVD: Loaded with case examples, tools, and documentation
Forensics 558 Network Forensics
5 day course, $4025
Linux environment and Windows environment
Compliments 508 class taking everything to the network level to track phishing, hacking, and data exfiltration incidents.
Security 610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques (GREM)
5 day course, $3695
• Remnux (Ubuntu Linux) Malware Analysis VMware Workstation
Practical approach to examining malware
Includes the use of the ollyDbg tool to run malware and analyze its behavior step by step
Includes PDF's and Office malware
SANS May 2011 Security West Conf:
https://www.sans.org/security-west-2011/
SANS Course Summaries: http://computer-forensics.sans.org/courses
SANS Two page details of each course.