 |
 |
 |
2008 Agenda
|
CIScon General
Conference Session Descriptions
|
|
Selling Information Security to Management -
Tom
Peltier
|
As
trained and certified network and security professionals we are
ready to implement solutions to solve the security problems of our
organization. If only we could get management to listen.
To begin being successful it will be
important to understand what management really wants to accomplish.
In this session we will examine the steps needed to ensure that you
and the program you develop meets the expectations of management and
will examine methods to be used to prepare your message. |
|
Electronic Discovery and Personally
Identifiable Information: Challenges and Opportunities
-
Lynette Hornung-Kobes |
Recently privacy and security
have become more tightly intersected with OMB privacy guidance,
which requires agencies to make sure they are adequately
safeguarding PII. Electronic Discovery has provided another
opportunity for security and privacy professionals to work together
to protect PII. This session will address some of the challenges
and opportunities with electronic discovery and personally
identifiable information. |
|
Being a Successful
Information Security Professional
-
Tom Peltier
|
My father once
told me that before you can change the world, you must first have a
plan. As a security professional we often spend most of our time on
the defensive because we are not prepared (we don’t have a plan).
To have a
successful information security program, you must first visualize
the successful program. We will discuss establishing a short-term
goal, achieving it, reviewing the results, and setting the next
objective. We will then examine how to use short-term objectives to
develop a long-term plan and how to adjust the plan after each
incremental objective is met to ensure the greatest possibility of
success. |
|
A Picture's Worth: Digital Photo Forensics
-
Dr. Neal Krawetz
|
Digital cameras
and video software have made it easier than ever to create high
quality pictures and movies. Services such as MySpace, Google Video,
and Flickr make it trivial to distribute pictures, and many are
picked up by the mass media. However, there is a problem: how can
you tell if a video or picture is showing something real? Is it
computer generated or modified? In a world where pictures are more
influence than words, being able to distinguish fact from fiction in
a systematic way becomes essential. This talk covers some common and
not-so-common forensic methods for extracting information from
digital images. You will not only be able to distinguish real images
from computer generated ones, but also identify how they were
created. |
|
Closing the DCE Vulnerabilities -
Justin
Peltier and
Brad Smith
|
This session is designed to
help those who participated in or observed the evening DCE
competition understand the network vulnerabilities involved and
learn how to keep the same attacks from happening to their systems. |
|
Hardening Linux -
Michael Unquera |
This session
will walk attendees through hardening a Linux system, using either
CentOS or Fedora as the Linux distribution for this demonstration.
You will learn:
• Bastille Linux and how it will help you secure a Linux
system
• Basics of SELinux
• Which services are ok to run
• Which services should be disabled and why
• Advantages of Cron and how it will help you with security
• Aide and configuring it
• Yum and configuring automatic updates
• Iptables
• How to securely configure SSH
Attendees will
receive a handout of which packages to install on a Linux system. |
|
Vista
Security Revealed -
Brad Smith |
Vista has been
out for several years and most people still have no idea on how it
works. In this session you'll learn why Vista is a major improvement
in security and how that can benefit you or your company.
You'll also learn how to make your legacy programs behave and the
plethora of diagnostic tools that make Vista a network administrator's best
choice for enterprise OS! PS: bring your Vista problems,
rumors, myths and complaints and we'll solve them here! |
|
What to
do when You're Hacked: A Real Life Story -
Justin
Peltier |
What do you do
when your web site is hacked? Learn from a security expert who
had this happen to him and follow his journey for justice. This session
will help you understand the steps needed in dealing with law
enforcement, lawyers and laws when you get hacked. It's
now not IF you get hacked it's WHEN you get hacked. Attend
this session and be ready for the worst! |
|
Group Policy and other Changes to Windows
Server 2008 -
Allen Kent |
There
are many new changes in functionality and security for Windows
Server 2008. If you haven’t seen the changes, or even if you have,
come preview the various platforms at this session to help you begin
planning for your migration. |
|
Firewalls: Time to Throw Them into Mount Doom
-
Justin Peltier |
Firewalls are quickly becoming
a problem instead of a help. Failure to update, failure to stop
0-day attacks, ease of bypass, and high cost now make
firewalls a less than optimum security control. Attend this
session and learn the new way of defending your network, without the
problems of firewalls. |
|
Virtualization Security -
Dr. Dennis Moreau |
Virtual systems
with highly dynamic configurations must be demonstrably compliant,
not just in an intended configuration audit state, but in any state
into which such a system may be driven. Each layer of virtualization
technology must be compliant with internal and external regulations
and policies, while also realizing an operationally plausible
application stack. Mitigation and remediation of virtualized assets
will be constrained by limitations in the configuration of the
underlying shared infrastructure and resources. Configuration policy
consistency and configuration coherence across the application,
server, and storage virtualization layers are key assessment issues.
The adoption of
virtualization makes it more difficult for systems to remain
compliant. The session will address how to a effectively manage the
complexities of virtualization security while taking full advantage
of the benefits that virtualization promises. |
|
Open Source Intelligence Gathering: Cyber
Espionage 101
-
Jeremy
Martin |
This
presentation will cover gathering information on a target through
open sources and using that information to gain an advantage during
a ethical hack or defend yourself from cyber thieves and terrorists.
The attendee
will walk away with an understanding of how sensitive information
can be found and how to defend against such attacks.
*
Prerequisite: Basic knowledge of the Internet |
|
Principles of Enterprise Business Security
Architecture -
Jason Kobes |
Have you
ever wondered how to draw a picture of a secure IT future that
management will endorse? Have you struggled to incorporate
regulations, requirements, and security into your business IT
solutions? Do you have the mission to reduce resources and increase
services? In this session you will learn the fundamentals of how you
can build a plan to take your organization from where you are today
to a new secure future. We will show you a proven methodology that
you can use to solve your IT efficiency and security problems. Best
of all, we will do it in a way which communicates to all sectors of
your organization. |
|
Optional Post
Conference Session Descriptions |
|
How to
Complete a Risk Assessment in 5 Days or Less
-
Tom Peltier
Thursday 8:30 am - 5:00 pm & Friday 8:30 am - 5:00 pm |
Risk assessment is viewed by many
organizations as a long and complicated process. This two day
session will dispel that myth and provide the attendees the tools
required to complete a quality risk assessment, using an industry
standard process, in five days or less.
During the training, the students
learn the components of the risk assessment process and how they can
be effectively used within each organization. The pros and cons of
creating a threat list by brainstorming, checklists or other means
are discussed and then are examined as to how they can be modified
to meet the students’ specific needs.
Various control lists which address
these identified issues are presented to the organization daily are
also examined. The focus of the class is to review the current laws
and standards (NIST, OMB, FISCAM, ISO 17799, ISO 27002, GLBA, HIPAA,
SOX, ITIL, PCI and others) and then learn how to map them to the
student’s own organizational requirements.
At the end of the training, the
attendees will take away a thorough understanding of the risk
assessment process, the tools they need to perform the task at their
own organization, examples of threat lists, sample control lists and
a management summary letter template and other valuable tools.
Course
Completion
Upon the
completion of this course, students will have:
1. The knowledge to design, manage and oversee an
organization’s risk management process.
2.
Knowledge of the
key elements to complete risk assessment projects in five days or
less
through the use of the
Facilitated Risk Analysis and Assessment Process (FRAAP):
* Risk Management basics
* Project Impact Analysis: the due diligence portion of project
management
* Risk Assessment: Documentation of how management meets its fiduciary
* Risk mitigation: Using key concepts to reduce identified risk to an
acceptable level
* Compliance checking and vulnerability assessment
3. The required knowledge and ability to provide
effective risk management and consulting for their organization.
Course Benefits
The Risk Assessment course offers students
outstanding benefits, including:
*
Demystification of the risk assessment process
* Tools needed to complete risk assessments
* A case study to test the process
* Introduction to the pre-screening process for Risk Assessment and
Business Impact Analysis
* Sample management summary reports
Prerequisites
An open mind and a desire to find a process that works. |
|
Cyber
Warfare: Red Team Penetration Testing Exercise -
Jeremy Martin
Thursday 8:30 am - 5:00 pm & Friday 8:30 am - 5:00 pm |
Presentation
Synopsis:
This hands on exercise will cover Red Team penetration testing from
the initial groundwork to the final report. Attendees will gain
first hand knowledge of victim foot printing, network exploitation,
website data mining, and WiFi cracking.
Presentation
Takeaways:
Bring your laptops and prepare to have some fun. This two day
session will give the audience first hand experience by walking
through a basic Red Team penetration test using open source tools
commonly found on the Internet.
Items covered
in this session will include adding users, privilege escalation,
buffer overflows, and more. Students will be provided with a copy
of Backtrack and will have the opportunity to compete against each
other in a capture the flag competition held at the end of the
session. At the end of the session, the attendees should walk
away with:
- A
strategic understanding of network penetration testing and
exploitation.
- Hands on
experience with several open source network attack tools.
- Free live
Linux distribution of Backtrack CD.
- Tactical
knowledge of protection methods and detection schemes used to
secure your network.
Course Requirement: bring
your own laptop computer. |
|
Certified Ethical Hacker (CEH) Review -
Justin Peltier
Thursday 8:30 am - 5:00 pm & Friday 8:30 am - 5:00 pm |
This two day course will focus on
material for the student to take the Certified Ethical Hacker exam.
The course will focus on sample test questions, examples, and
demonstrations. While not a substitute for hands-on hacking or
penetration testing courses, this class will help refine the skills
for the real world of security testing while helping the student be
successful on the exam. Additional material to further post-course
self study will be provided. |
|
|
 |
|
|
