23- 24 September 2019, Yerevan, Armenia
Closed workshop for participants from EaP countries (Armenia, Azerbaijan, Belarus, Georgia, Moldova, Ukraine).
TRANSITS-I courses are aimed at new or potential computer security incident response team (CSIRT) personnel who wish to gain a good grounding in the main aspects of working in sucha a team. They cover basic incident handling and response techniques, operational policies, organisational and legal issues.
Trainer: Dr. Melanie Rieback (Radically Open Security B.V.)
During the training will be covered:
- Organisation - how CSIRTs fit within their organisations and includes planning the team, defining its constituency, determining which services to offer, staffing, communicating with external parties, funding, and obtaining management authority;
- Technical - how intruders attack systems and their motivations, how network protocols can be abused, vulnerabilities of operating systems and services, denial-of-service attacks, hiding traces, information-gathering techniques, and includes several practical exercises;
- Operational - the incident handling process from initial reports, through triage, investigation, resolution, closure, to post-analysis, and includes practical exercises and a survey of useful tools;
- Legal - covers areas of European legislation likely to affect CSIRTs in their work that operatives should be familiar with, including data protection, computer misuse, network monitoring, collection of evidence, and working with law enforcement agencies.
- Other topics such as PGP keys and relevant RFCs.