|
SROC Course
PMWiki HowTo
Instructor Link
edit SideBar
|
Course Agenda
April 14, 2009 (0900 - 1830) - Room 211
| Time | Title | Material |
|---|
| 0900 - 0930 | Welcome & Introductions | (PDF) |
| 0930 - 1030 | Block 1: Introduction to Course Architecture | (PDF) |
| | Hands-on: Course Architecture Exercises | (TXT) |
| 1030 - 1100 | Coffee Break |
| 1100 - 1300 | Block 2: Secure Operations Framework | (PDF) |
| | Block 3: Cyber Attack Scenario Overview | (PDF) |
| 1300 - 1345 | Lunch |
| 1345 - 1530 | Block 4: Baseline, Monitor, Detect, Analyze, Respond, Recover Parts 1 & 2 | (PDF) |
| | Slides: Cisco configuration elements | (PDF) |
| | Slides: Log management | (PDF) |
| | Hands-on: Log management | (TXT) |
| | Hands-on: IOS logging configuration | (TXT) |
| | Hands-on: Portscan ACL logging | (TXT) |
| | Hands-on: Log management with SWATCH | (TXT) |
| | Hands-on: Zone transfer monitoring | (TXT) |
| 1530 - 1600 | Tea Break |
| 1800 - 1830 | End of Day Wrap Up & Questions |
April 15, 2009 (0900 - 1830) - Room 211
| Time | Title | Material |
|---|
| 0900 - 1015 | Block 5: Baseline, Monitor, Detect, Analyze, Respond, Recover Part 3 | (PDF) |
| | Hands-on: SSH access monitoring | (TXT) |
| | Hands-on: Secure SSH Configuration | (TXT) |
| 1015 - 1030 | Coffee Break |
| 1030 - 1300 | NAGIOS Monitoring Framework | (PDF) |
| | Hands-on: Nagios configuration | (TXT) |
| SKIPPPED | Block 6: Baseline, Monitor, Detect, Analyze, Response, Recover Part 4 | (PDF) |
| 1300 - 1400 | Lunch |
| 1400 - 1600 | Block 7: Baseline, Monitor, Detect, Analyze, Response, Recover Parts 5 & 6 | (PDF) |
| | Presentation: RANCID | (PDF) |
| | Hands-on: RANCID | (TXT) |
| | Presentation: SmokePing | (PDF) |
| | Presentation: NetFlow | (PDF) |
| | Hands-on: netflow config | (TXT) |
| | Hands-on: nfsen exercise | (TXT) |
| 1600 - 1630 | Tea Break |
| 1630 - 1800 | Block 8: Mitigation Strategies | (PDF) |
| 1800 - 1830 | Block 9: Closing, Questions, & Critique | (PDF) |
|
