CanSecWest: Security Masters Dojo Vancouver
| Next Session Dates: | March 24-25 2008 |
| Venue: |
Mariott Renaissance Harbourside Vancouver, Canada |
| Duration: |
Two Day Course. Sessions begin at 10:00 a.m. and go to 6 p.m. |
|
Registration Maximum: |
18 Students per course session. |
| Price: |
CAD$2000 Two day course |
| Please note: | The registration system will allow you to add another course, but you should not as this is our only two day dojo course... all the others are in conflict. |
Course: Defend the Flag
Instructor
Microsoft
Register For This Course
Description
Defend The Flag (DTF) is a unique two day hands-on training course designed to take the traditionally dry Windows security training workshop and make it interactive, personal, and visceral for each attendee. Students will gain the understanding of modern exploitation tools and techniques, in order to better learn how to protect their Windows systems. Practical implementations of Windows host hardening will demonstrate the effectiveness of defense in depth, especially in environments where patching is delayed for testing or just not possible for application compatibility reasons.
Students will hear from experts in Attack and Defense. Day One is a hands-on lab tutorial on both securing and attacking Windows. Half the day will be spent learning about network attacks, modern sophisticated attack tools, and understanding the attackers' mindset. The other half of the day will be spent on Windows hardening, basic intrusion detection, forensics, and incident response while under attack.
On Day Two, the students will form teams to compete against each other. Each student will have a chance to play both roles of attacker and defender throughout the day. Defenders (Blue Cell) will be responsible for keeping critical Windows servers and desktops up and running on a simulated corporate network. Meanwhile, the attackers (Red Cell) will attempt to penetrate other teams' systems and shut off critical services, steal passwords and data, and generally disrupt network communications.
The winning team will have the best Windows hardening skills and uptime for their systems and services throughout the day. May the best defenders win!
Day One
Attacking Windows
- The attacker mindset - what are they thinking?
- Techniques and methodology of attack.
- Mapping target networks and identifying vulnerable systems.
- Labs on using an exploit framework - so easy your grandmother might already be doing it.
Defending Windows
- Preparing for an attack
- Hardening Network protocols, system services, DCOM
- Setting ACLs on file objects and on the registry
- Security-relevant registry settings
- User rights assignments
- Audit and event logs
- Account and password policies
- Group Policy Settings
- During the attack
- How to find out that a system is under attack or has been compromised
- How to stop the attack
- After the attack
- Basic forensics
- How to prevent recurrence
PREREQUISITE WARNING Each class has prerequisites for software loads and a laptop is mandatory. These individual class guides will list material the students are expected have knowledge about coming in and software tools that need to be pre-installed before attending so you get the maximum benefit from the focused intermediate or advanced level course. Please pay particular attention to the prerequisites, as the material listed there will not be reviewed in the courses, and will be necessary to get the maximum benefit out of these educational programs.
Day Two
- All-day melee-style competition, where each team has both attackers to disrupt the other teams, and defenders to try to keep their own systems up.
Prerequisite working knowledge
- Basic Windows administration for servers and workstations
- No previous hands-on attack experience necessary
Equipment
- Laptops will be provided for the students pre-configured for the class
