? Home | Site Map | Search | Contacts
About Us
News
Events
Resources
Report Incidents
Incident Statistics
Security FAQS
Training
Vacancies
Links

Search NISER
? NISER > Training > Incident Response and Handling
UNIX System Administration Security Training ?|? Windows 2000 Security and Advanced Administration Training ?|? Introduction to Computer Forensics ?|? Incident Response and Handling ?|? Registration Form
(PDF) (DOC)

Details
  • Training Objectives

    This 2-day course includes a time-tested, step-by-step process for responding to computer incidents, a detailed description of how attackers undermine systems so you can prepare, detect, and respond to them, and a hands-on workshop for discovering holes before the bad guys do. The course also explores the legal issues associated with responding to computer attacks, working with law enforcement agencies, and handling evidence.

    This course is particularly well suited to individuals who lead or form a part of an incident handling team. Furthermore, general security practitioners, system administrators, and security architects will benefit by understanding how to design, build, and operate their systems to prevent, detect, and respond to attacks.

  • Who Should Attend


    1. Members and leaders of incident handling teams
    2. System administrators and security personnel
    3. IT Security Officers
    4. Incident response staffs
    5. IT Professionals seeking to learn and improve their incident response skills as well as to managers who wish to deepen their understanding of incident response issues.
    • Training Contents

Below are the topics that will be discussed in the training:

  1. Preparation
  2. Identification
  3. Containment
  4. Eradication
  5. Recovery
  6. Special Actions for Responding to Different Types of Incidents
  7. Incident Record Keeping
  8. Incident Follow-Up

The above content is subject to change

    • A Sample of Topics


  1. The step-by-step approach used by many computer attackers
  2. The latest computer attack vectors and how you can stop them
  3. Proactive and reactive defenses for each stage of a computer attack
  4. Developing an incident handling process and preparing a team for battle
  5. Legal issues in incident handling
  6. Recovering from computer attacks and restoring systems for business


Securing an infrastructure is a complex task of balancing business needs against security risks. With the discovery of new vulnerabilities almost on a daily basis, there is always the potential for an intrusion. In addition to online intrusions, physical incidents like fires, floods and crimes all require a solid methodology for incident handling to be in place, in order to get systems and services back online as quickly and securely as possible.

The course looks at the invaluable Incident Handling Step-by-Step model. Incident Handling Step-by-Step was created through a consensus process involving experienced incident handlers from corporations, government agencies, and educational institutes, and has been proven effective in hundreds of organisations. This section is designed to provide participants a complete introduction to the incident handling process, using the six steps (preparation, identification, containment, eradication, recovery and lessons learned) one needs to follow to prepare for and deal with a computer incident.

The focus of this course is to prepare the participants on how to respond in a proper way in handling security incident. It is our hope that at the end of this course, participants will have better understanding on:

      • the necessary preparation needed for incident handling
      • gathering the relevant data and information during the occurrence of an incident
      • recognising and responding appropriately to incident attacks
      • communicating an incident

The course also examines some case studies to understand what does and does not work in identifying computer attackers. This section provides valuable information on the steps a systems administrator can take to improve the chances of catching and prosecuting attackers.

Tentative Dates:

Month Incident Handling
Apr 2003 22 - 24
Jun 2003 24 - 26
Aug 2003 26 - 28
Oct 2003 21 - 23

Dates are subjected to change.

Time:
Monday - Thursday, 9.00am - 5.00pm
Morning sessions run from 9.00am until 1.00pm.
Afternoon sessions run from 2.00pm until 5.00pm

    • Venue:
      MIMOS Bhd, Technology Park Malaysia, Kuala Lumpur

Fee:
The standard charge for this training is RM 1250 per participant. However, the following groups/organizations are entitled discount as shown below:

Categories of Organizations Discount Rates
1) Corporate - 10% off for a group of 4 - 7 people
- 15% off for a group of 8 or more people
?
2) Government - 10% off for a group of 1 - 3 people
- 20% off for a group of 4 - 7 people
- 25% off for a group of 8 or more people
?
3) Non-profit Organization - 5% off for a group of 1 - 3 people
- 20% off for a group of 4 - 7 people
- 30% off for a group of 8 or more people
?
4) Students - 20% off for a group of 1 - 3 people
- 30% off for a group of 4 - 7 people
- 35% off for a group of 8 or more people
?
5) Groups other than the above categories - 10% off for a group of 4 - 7 people
- 15% off for a group of 8 or more people

All payments should be made at least one (1) week prior to the training. All payments should be payable to MIMOS Berhad, by postal order or cheque. All rates are in Ringgit Malaysia (RM).

(NOTE: Tea breaks and Lunch will be provided)

    • How To Register?
      • Email Registration:
        send email to with Subject: Introduction to Computer Forensics
      • Fax Registration:
        Get the registration form by clicking here. Save the page to your computer and fill in the form. Our fax number is (6)
      • Online Registration:
        Will be available soon.

    • Contact Details

For more information on this training program, please contact:

NISER Training
Email :
Phone :?
Fax :?



Disclaimers and copyright information
Last Update Mar 11, 2003