Educause Security Discussion mailing list archives
Re: Training advice
From: Sarah Stevens <sarah () STEVENS-TECHNOLOGIES COM>
Date: Mon, 18 Jun 2007 13:29:02 -0700
I also took the GCIA course (503) from SANS and highly recommend the course for anyone looking to improve their intrusion detection skills. The course uses Snort as an example, but leaves you thinking a lot about other opportunities for intrusion detection as well. You should have a fair background in TCP/IP prior to taking the course, but it sounds as though you probably have a good handle on that. There is actually a quiz of items that you should know prior to taking the course. SANS offers the course on their website in an "OnDemand" program. Here is a link to the TCP/IP quiz.: http://www.sans.org/training/tcpip_quiz.php Let me know if I can help you anymore. Sincerely, Sarah Stevens President Stevens Technologies, Inc ________________________________ From: Vanderbilt, Teresa [mailto:tvanderb () OZARKS EDU] Sent: Mon 6/18/2007 1:13 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Training advice Thanks for the response Judy. Since I'm the only security person here, I need to learn everything eventually. I would like to learn Snort to start with and then work my way up to forensics with time. -----Original Message----- From: Brad Judy [mailto:Brad.Judy () COLORADO EDU] Sent: Monday, June 18, 2007 3:00 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Training advice What are your goals and priorities? There are lots of possible areas of study and it would be helpful if you gave some more information. You mentioned snort, which sounds like an interest in network intrusion detection. Something like SANS 503 might be good for that. What types of things do you want to work on/learn? What is the most important next step for improving security on your campus? System security/hardening Network security (access control, firewalls, VPNs, wireless sec, etc) Incident response/forensics Risk assessment/management Secure application development Security policy creation/management Data security (inventory, controls, monitoring) Technical/legal interface Unfortunately, you're probably too late for this free training option in Little Rock starting today: http://www.sentinelproject.net/ One of our staff took it and found it useful for incident response and technical/legal interface. Brad Judy University of Colorado at Boulder ________________________________ From: Vanderbilt, Teresa [mailto:tvanderb () OZARKS EDU] Sent: Monday, June 18, 2007 1:02 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Training advice I recently stepped into the title of Security Manager. We're a small school and this is a new position for us. I'd only maintained the servers, switches and firewalls before. I have no one to mentor me and very little budget for training. I can spend approximately $3-5K on formal training this year. I was thinking of a good online class so all the money goes toward training rather than hotels and travel. Until now, everything I've learned has been mostly on my own; although I recently attended Pentration Testing Training. What other training, both formal and informal, would benefit me and my school the most? I've been thinking of CCNA and I would like to learn how to use Snort since it's free. Will CCNA be beneficial or should I buy a good beginners book on Snort. Am I way off the mark for what I need to study? I need to get up to speed quickly and can't afford to guess at what I need. Please help. Thanks in advance, Teresa Vanderbilt University of the Ozarks
Current thread:
- Training advice Vanderbilt, Teresa (Jun 18)
- <Possible follow-ups>
- Re: Training advice Ken Connelly (Jun 18)
- Re: Training advice John Piercy (Jun 18)
- Re: Training advice Vanderbilt, Teresa (Jun 18)
- Re: Training advice Brad Judy (Jun 18)
- Re: Training advice Vanderbilt, Teresa (Jun 18)
- Re: Training advice Jim Dillon (Jun 18)
- Re: Training advice Sarah Stevens (Jun 18)
- Re: Training advice Vanderbilt, Teresa (Jun 18)
- Re: Training advice David Lundy (Jun 18)
- Re: Training advice Pat Wilson (Jun 18)
- Re: Training advice Paul Keser (Jun 18)
- Re: Training advice Vanderbilt, Teresa (Jun 18)
- Re: Training advice Bob Ono (Jun 21)
- Re: Training advice Paul Keser (Jun 21)
- Re: Training advice David Lundy (Jun 21)
- Re: Training advice Theresa Semmens (Jun 21)
- Re: Training advice Bob Ono (Jun 21)
(Thread continues...)