Re: Training advice

[Sarah Stevens <sarah () STEVENS-TECHNOLOGIES COM>]

I also took the GCIA course (503) from SANS and highly recommend the course for anyone looking to improve their 
intrusion detection skills.  The course uses Snort as an example, but leaves you thinking a lot about other 
opportunities for intrusion detection as well.  You should have a fair background in TCP/IP prior to taking the course, 
but it sounds as though you probably have a good handle on that.  There is actually a quiz of items that you should 
know prior to taking the course.  SANS offers the course on their website in an "OnDemand" program.  Here is a link to 
the TCP/IP quiz.:  http://www.sans.org/training/tcpip_quiz.php
 
Let me know if I can help you anymore.
 
Sincerely,
 
Sarah Stevens
President 
Stevens Technologies, Inc
 

________________________________

From: Vanderbilt, Teresa [mailto:tvanderb () OZARKS EDU]
Sent: Mon 6/18/2007 1:13 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Training advice



Thanks for the response Judy. Since I'm the only security person here, I
need to learn everything eventually. I would like to learn Snort to
start with and then work my way up to forensics with time.

-----Original Message-----
From: Brad Judy [mailto:Brad.Judy () COLORADO EDU]
Sent: Monday, June 18, 2007 3:00 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Training advice

What are your goals and priorities?  There are lots of possible areas of
study and it would be helpful if you gave some more information. 

You mentioned snort, which sounds like an interest in network intrusion
detection.  Something like SANS 503 might be good for that.

What types of things do you want to work on/learn?  What is the most
important next step for improving security on your campus?

System security/hardening
Network security (access control, firewalls, VPNs, wireless sec, etc)
Incident response/forensics Risk assessment/management Secure
application development Security policy creation/management Data
security (inventory, controls, monitoring) Technical/legal interface


Unfortunately, you're probably too late for this free training option in
Little Rock starting today: http://www.sentinelproject.net/

One of our staff took it and found it useful for incident response and
technical/legal interface. 

Brad Judy

University of Colorado at Boulder


________________________________

        From: Vanderbilt, Teresa [mailto:tvanderb () OZARKS EDU]
        Sent: Monday, June 18, 2007 1:02 PM
        To: SECURITY () LISTSERV EDUCAUSE EDU
        Subject: [SECURITY] Training advice
       
       

        I recently stepped into the title of Security Manager. We're a
small school and this is a new position for us. I'd only maintained the
servers, switches and firewalls before. I have no one to mentor me and
very little budget for training. I can spend approximately $3-5K on
formal training this year. I was thinking of a good online class so all
the money goes toward training rather than hotels and travel. Until now,
everything I've learned has been mostly on my own; although I recently
attended Pentration Testing Training. What other training, both formal
and informal, would benefit me and my school the most? I've been
thinking of CCNA and I would like to learn how to use Snort since it's
free. Will CCNA be beneficial or should I buy a good beginners book on
Snort. Am I way off the mark for what I need to study? I need to get up
to speed quickly and can't afford to guess at what I need. Please help.

        Thanks in advance,
        Teresa Vanderbilt
        University of the Ozarks