ＨｉｄｅＺｅｒｏＯｎｅ

This course covers the law of fraud, crime, policy, contracts, liability, IT security and active
defense—all with a focus on electronically stored and transmitted records. It also teaches
investigators how to prepare credible, defensible reports, whether for cyber crimes, forensics,
incident response, human resource issues or other investigations.
Each successive day of this five-day course builds upon lessons from the earlier days in order to
comprehensively strengthen your ability to help your enterprise (public or private sector) cope
with illegal hackers, botnets, malware, phishing, unruly vendors, data leakage, industrial spies,
rogue or uncooperative employees, or bad publicity connected with IT security.
Recent updates to the course address hot topics such as legal tips on confiscating and
interrogating mobile devices, the retention of business records connected with cloud computing
and social networks like Facebook and Twitter, and analysis and response to the risks and
opportunities surrounding open-source intelligence gathering

Syllabus

SECTION 1: Fundamentals of Data Security Law and Policy

SECTION 2: E-Records, E-Discovery and Business Law

SECTION 3: Contracting for Data Security and Other Technology

SECTION 4: The Law of Data Compliance: How to Conduct Investigations

SECTION 5: Applying Law to Emerging Dangers: Cyber Defense

LEG523: Law of Data Security and Investigations

The next generation of security leadership must bridge the gap between security staff and senior leadership by strategically planning how to build and run effective security programs. Yet, creating a security strategy, executing a plan that includes sound policy coupled with top-notch leadership is hard for IT and security professionals because we spend so much time responding and reacting. We almost never do strategic planning until we get promoted to a senior position, and then we are not equipped with the skills we need to run with the pack. This information security course will provide you with the tools to build a cybersecurity strategic plan, an entire IT security policy, and lead your teams in the execution of your plan and policy. By the end of class you will have prepared an executive presentation, read 3 business case studies, responded to issues faced by 4 fictional companies, analyzed 15 case scenarios, and responded to 15 Cyber42 events.

Syllabus

MGT514.1: Strategic Planning Foundations
MGT514.2: Strategic Roadmap Development
MGT514.3: Security Policy Development and Assessment
MGT514.4: Leadership and Management Competencies
MGT514.5: Strategic Planning Workshop

MGT514: Security Strategic Planning, Policy, and Leadership

Designing and building an effective security operation center requires security managers and leaders to fit capabilities to both an organization’s culture and business requirements. Learn the distinct functional areas that every SOC should have. These areas allow organizations to create an architecture for the high-level components of security operations: command center; network security monitoring functionality; threat intelligence; incident response; forensic analysis; and ongoing self-assessment of the attack surface of the organization. With these functional areas in place and aligned with the business, you will be better positioned to thwart modern, motivated threats to your information assets. Content is based on the new SANS MGT517 course entitled “Managing Security Operations: Detection, Response, and Intelligence.” The course covers the design, build, and operation of security operations centers with a deep dive into managing incident response.

MGT517: Designing and Building a SOC

SANS Training Program for CISSP Certification is an accelerated review course designed to prepare you to pass the exam. The course takes into account the 2015 updates to the CISSP exam and prepares students to navigate all types of questions included on the new version of the exam.

Syllabus 

MGT414: SANS Training Program for CISSP® Certification

FOR608: Enterprise-Class Incident Response & Threat Hunting focuses on identifying and responding to incidents too large to focus on individual machines. By using example tools built to operate at enterprise-class scale, students learn the techniques to collect focused data for incident response and threat hunting, and dig into analysis methodologies to learn multiple approaches to understand attacker movement and activity across hosts of varying functions and operating systems by using an array of analysis techniques.