DATE

TITLE

30-05-2011

Introduction – Welcome [pdf]

Overview of Global Information Security

Definitions, clarifications on concepts [pdf]

Setup and Role of CSIRT

What are the responsibilities of a CSIRT, services they offer, what are the steps to go through for creating a CSIRT [pdf]

CSIRT Services

Practical continuation of the previous session, with an emphasis on the different tools needed to offer those services. [pdf]

Building Trust Networks

Concept of computer networks, focusing on the security issues that can impact networked environments within CERT context.

Idea of trusted networks, how to build and manage them. [pdf]

Stages for Creating a CSIRT [pdf]

31-05-2011

Introduction "CSIRT philosophy and culture"

Be passionate, be talented, be problem solving oriented, be client oriented, be trustworthy. [pdf]

Technical overview of Information Security

Security Risk Analysis [pdf]

Security & Cryptographic Methods. Encryption is very important. [pdf]

Hands on, installation of virtual machine on participants personal laptops to be used for the coming labs.

Lab: creation of secure communication channel by using PGP [pdf not Available]

01-06-2011

Incident handling

Preparation: limit the number of incidents that will occur

Detection and analysis: security breaches, incident classification, signs of incidents

Containment, eradication, recovery: limit the spread, gather evidences, eliminate components, restore system to normal operation

Post incident activities: lessons learned, data collected

Hands on : PGP, Risk assessment: Failure Mode and Effects Analysis (FMEA) [pdf]

Some Programming Related Vulnerabilities [pdf]

02-06-2011

Information Gathering and Analysis

Forensic matters

Implication with law information [pdf]

Some CSIRT Tools [pdf]

Preparing participants to be trainer [pdf]

03-06-2011

Advance Web Security [pdf Not Available]