Registration Open for SEC433 Mac OS X Security Essentials Interactive Video Conferencing at Univeristy of Virginia, July 31 - August 1, 2008

["Peterman, Martin (mdp4s)" <mdp4s () ESERVICES VIRGINIA EDU>]

Class: SEC433 Mac OS X Security Essentials

Date: July 31 - August 1, 2008

Time: 9am EDT - 5pm EDT

Location: Interactive Video Conf. (IVC) hosted at VA Tech (UVa site - Zehmer Hall)

Instructor: David Hoelzer

List Price: $2,014

EDU/State/Local Price: $500 (save 75%)



Registration site:  https://www.sans.org/registration/ivc.php?lid=13113  Check the University of Virginia button to 
attend the event at UVa.



Course overview site: http://www.sans.org/training/description.php?tid=2277



David Hoelzer's Bio:

Since 1985, David has had almost any position that you can imagine in the information technology field, ranging from 
programmer analyst up to chief information security officer. He has been teaching for SANS since 1999, managing and 
authoring the majority of the audit related materials for SANS in addition to some of the secure coding courses from 
SANS-SSI. David currently serves as the Chief Information Officer for Enclave Forensics and the Director of Consulting 
for Cyber-Defense, a subsidiary of Enclave Forensics. He is a research fellow with the Internet Forensics Lab and an 
adjunct research associate with the UNLV Center for Cybersecurity Research.



Additional info by way of SANS:


Q. Apple has released a new publication a 240-page Security Guide - "MacOS X Security Configuration for Version 10.5 
Leopard:"
(http://images.apple.com/server/macosx/docs/Leopard_Security_Config_20080530.pdf)
My question is, does this class incorporate this content -- and in a minor or major way? I would want to know what 
percentage of the content focuses on alignment with NIST standards (FIPS 199, FIPS 200, SP 800-53), that we are 
increasingly having to comply with, especially related to research with ".gov" organization (VA, NIH, FDA). Is he is 
planning to spend a significant amount of time on Leopard (what percent of that content will be based on the new Mac OS 
X Security Configuration for Version 10.5 that was developed by Apple with assistance from NIST? Are the 'security 
essentials' that will be proposed/promoted in the class are in alignment with NIST 'Recommended Security Controls' (SP 
800-53) - and/or the new Apple MacOS X Security Configuration?

A. Charles Edge, the author of SANS SEC433 course, wrote that since the Security Guide was released 2 weeks ago (early 
June) and he'll reference that guide throughout his courseware.  Much of the course is actually on the underlying 
differences from a security perspective between the Mac and other operating systems.  Many of the concepts discussed in 
the Security Guide are covered but aspects like defining PKI and the checklists aren't (although checklists are a great 
idea).  However, many aspects are covered (some in more detail than in the Guide) like LDAP, POSIX vs. ACLs, System 
Preferences, FileVault, Mail Security (we cover Entourage and Mail.app instead of just Entourage), SSH, Antivirus, etc. 
The class focuses on all aspects of OS X security and David Hoelzer, the instructor, is planning to spend a significant 
amount of time on Leopard specifically. David added that he is planning to supplement the course with lots of examples 
and guidance drawn directly from the recently released Leopard security guide released by Apple and which is aligned 
with the NIST recommended controls. There is a little Tiger in there but it's mostly Leopard.


Marty Peterman, CISSP
IT Security and Policy Office
University of Virginia
108 Cresap Road
PO Box 400217
Charlottesville, VA 22904
434.243.4909