This course has been cancelled.
One of the most significant obstacles facing many auditors today is how exactly to go about auditing the security of an enterprise. What systems really matter? How should the firewall and routers be configured? What settings should be checked on the various systems under scrutiny? Is there a set of processes that can be put into place to allow an auditor to focus on the business processes rather than the security settings? All of these questions and more will be answered by the material covered in this course.
This track is organized specifically to provide a risk driven method for tackling the enormous task of designing an enterprise security validation program. After covering a variety of high level audit issues and general audit best practice, the students will have the opportunity to dive deep into the technical how to for determining the key controls that can be used to provide a level of assurance to an organization. Tips on how to repeatedly verify these controls and techniques for continuous monitoring and automatic compliance validation will be given from real world examples.
One of the struggles that IT auditors face today is assisting management to understand the relationship between the technical controls and the risks to the business that these affect. In this course these threats and vulnerabilities are explained based on validated information from real world situations. The instructor will take the time to explain how this can be used to raise the awareness of management and others within the organization to build an understanding of why these controls specifically and auditing in general is important. From these threats and vulnerabilities, we will explain how to build the ongoing compliance monitoring systems and how to automatically validate defenses through instrumentation and automation of audit checklists.
March 10, 2014
Auditing 507.1; Day 1
Effective Auditing, Risk Assessment, Reporting & Cloud Computing
March 11, 2014
Auditing 507.2; Day 2
Auditing the Perimeter
March 12, 2014
Auditing 507.3; Day 3
Web Application Auditing
March 13, 2014
Auditing 507.4; Day 4
Advanced Windows Auditing
March 14, 2014
Auditing 507.5; Day 5
Auditing Unix Systems
March 15, 2014
Auditing 507.6; Day 6
Audit the Flag: A NetWars Experience
Who should attend?
- Auditors seeking to identify key controls in IT systems
- Audit professionals looking for technical details on auditing
- Managers responsible for overseeing the work of an audit or security team
- Security professionals newly tasked with Audit responsibilities
- System and Network Administrators looking to better understand what an auditor is trying to achieve, how they think and how to better prepare for an audit
- System and Network Administrators seeking to create strong change control management and detection systems for the enterprise
Tanya Baccam is a SANS senior instructor, as well as a SANS courseware author. With more than 10 years of information security experience, Tanya has consulted with a variety of clients about their security architecture in areas such as perimeter security, network infrastructure design, system audits, Web server security, and database security. Currently, Tanya provides a variety of security consulting services for clients, including system audits, vulnerability and risk assessments, database assessments, Web application assessments, and penetration testing. She has previously worked as the director of assurance services for a security services consulting firm and served as the manager of infrastructure security for a healthcare organization. She also served as a manager at Deloitte & Touche in the Security Services practice. Tanya has played an integral role in developing multiple business applications and currently holds the CPA, GIAC GCFW, GIAC GCIH, CISSP, CISM, CISA, CCNA, and OCP DBA certifications. Tanya completed a Bachelor of Arts degree with majors in accounting, business administration and management information systems.
If you wish to receive additional information about this program, please contact Randy Marchany, IT Security Lab, Virginia Tech by e-mail at firstname.lastname@example.org.