Main Nav

Security 464: Hacker Guard: Security Baseline Training for IT Administrators and Operations with Continuing Education

SANS vLive allows you to attend SANS courses from the convenience of your home or office. Simply log in at the scheduled times and join your instructor and classmates in an interactive virtual classroom. Classes typically meet two evenings a week for five or six weeks. No other SANS training format gives you as much time with our top instructors!


Take SANS' Top Courses from SANS' Top Instructors
Classes meet online in a virtual classroom
No travel expenses or missed days of work
Classes meet two evenings a week for several weeks

SANS vLive classes are:

CONVENIENT - Most classes meet two evenings a week over several weeks, minimizing the impact upon your work and personal schedules.
ENGAGING - vLive classes are live and interactive, allowing you to ask questions and share experiences with your instructor and classmates.
COST-EFFECTIVE - You can save thousands of dollars on travel costs, making vLive an ideal solution for students with limited training budgets or travel bans.
REPEATABLE -vLive classes are recorded and placed in an online archive in case you miss a session or just wish to view the material again at a later date.
COMPLETE - You will receive the same books and course materials that conference students receive.

There are not enough well trained IT administrators and operations staff to meet the daily onslaught of cyber criminal and cyber terrorist activities. Sandia National Labs, NASA, and the State of Texas recently demonstrated that we can address this issue by leveraging the large number of IT admins within an organization to act as a hacker guards to help thwart many of these attacks. The goal is to have IT administrators in an organization serve as the first line of defense as human intrusion detectors.

This is an important challenge for organizations because perimeters are routinely being breached, and attackers often roam through networks for weeks or months on end, often without discovery. This new approach, pioneered by organizations such as Sandia Labs, NASA and the State of Texas, is a unique training program for IT operations and admins that teaches them how to:

    Discover evidence of intruder activity
    Demonstrate how to work effectively with their organization's security professionals and
    Provide tools that they can put to work immediately

It's the first security program that is tuned directly to the interests of IT administrators and establishes a clear entry career path from a system admin to security professional.

    Why bad things happen to good IT admins: 5 common mis-configurations and mistakes that lead to a system being compromised
    Security methodology and thought process in daily systems administration activities
    An IT administrator's view of what matters in systems architectures
    Security monitoring: Not knowing makes the auditors and hackers happy
    The hard part - knowing what is normal for Windows and Unix systems
    The harder part - knowing what is abnormal for Windows and Unix systems
    Hardening Windows and Unix systems is easier than you thought
    Command line kung fu for Unix and Windows
    Understanding network traffic for systems administrators
    Malware: Why it is still effective in your environment

Here is what other IT administrators and operations staff have to say about the Hacker Guard Training:

"I've been waiting for this type of course to come from SANS so I could get task-specific security training for sysadmins." - Tom Siu, Case Western Reserve University

"This course fills the gap that all other server administrative courses lack; not only how to set it up securely, but the anomalies related to the insecurities." - Richard Spanfelner, CA Franchise Tax Board

"This is an excellent course and should be a requirement for all our IT admins - not to mention at least some of our business partners and higher members of the IT food chain to influence the importance of this work." - Bob Timberlake, University of Kansas

This educational program gives IT admins the tools and techniques to illuminate evidence of potentially malicious activity on their systems and to look deeper to determine whether the problems they see are real. It allows them to become the hacker guards for malicious activity in their organization. It uses hands-on exercises to ensure they are comfortable using the tools.

Attack vectors are constantly changing and, therefore, the program does not stop with the first class. It continues with quarterly Combating Current Threats online training briefings. These show the newest attacks and how the information from the quarterly training, together with the tools and techniques learned in class and in previous quarterly briefings, might be adjusted to target these newest attacks. The introductory two-day class will be updated to reflect the changes highlighted in these quarterly briefings, so systems administrators who enter the Hacker Guard Program later will get the most up-to-date material.

Also, because attackers are increasingly focusing on database and application software, the program will include a growing library of up-to-date modules on Detecting the Wiley Hacker in specific software applications and websites.
Hacker Guard: Security Baseline Training for IT Administrators and Operations - Introductory Two-Day Class

IT operations and administrators are at the front line of any security architecture. They also know the systems that they manage on a daily basis better than anyone else. However, most systems administrators are NOT security professionals. Making the assumption that they are often leads to many of the security related issues organizations face today.

This course is not designed to turn an admin into a security geek. But rather, it will help administrators better understand what security teams and auditors require and turn them into the hacker guards for malicious activity.

The course also focuses strongly on developing the tools and techniques that an IT administrator would need to meet audit and security requirements in as efficient a manner as possible. In summary, this class provides the tools and techniques to bridge the gap and help systems administrator teams meet the needs of security and audit teams - and still do their day jobs.