The research leading to these results has received funding from the European Union’s Horizon 2020 research and innovation programme under Grant Agreement No. 856726 (GN4-3). We offer the security training recordings and presentations free of charge.
We offer in-house schooling as well, if the current situation permits it. Do contact us if interested in this possibility: veranstaltungen@dfn-cert.de
There is no need to stress the importance of security, and as a more recent addition: privacy, in NREN networks. But while the importance of security and privacy is widely recognized, training in these areas has often been aimed at the security personell tasked with handling incidents, while the system and network administration seems to have been neglected.
The “Operational network security” training programme has been created as a result of collating experiences and conducting discussions with security offices and network operators. Its aim is to address a number of common security risks that NRENs face in their day-to-day operations: authentication, logging, audit, privacy, 1st Hop security, DNS security and protection from Distributed Denial-of-Service attack.
Vulnerabilities, in software and sometimes even in hardware, are open gates attackers can utilize to gain access to private systems and networks. Worse, they have become a fact IT managers and administrators have to deal with, ever accompanied by the concern that a single critical vulnerability has been overlooked that will later be exploited.
"Vulnerability Management" addresses this problem with a systematic approach to make this a reliable and reoccurring process. This module gives an overview of standards, details how to distribute security advisories among your constituency and how to plan an roll out patches in your organization.
IT forensics have become a vital part in handling security incidents, and while putting the evidence together is a job for specifically trained investigators, administrators will often be left alone with detection of incidents, initiating an investigation and aiding investigators in the collection of required evidence.
Unfortunately, many administrators are not trained in their role in a forensic investigation and didn’t receive the necessary guidance before they are thrown in at the deep end. The training programme 'IT Forensics for System Administrators' addresses these shortcomings with an introduction into the basic organisational steps of incident handling and forensics from the administrator’s perspective as well as how to ascertain that all incidents have been detected and uncovered. Methods and tools to collect the various forms of evidence data are explained so that administrators are enabled to fulfil their role in a forensic investigations.
Basic administration knowledge about operating systems and networking should be present.
Please note: Clicking the sessions' recording links will take you to YouTube as the plattform's operator.