Carnegie Mellon University Website Home Page
 

The ISO offered the following training sessions during the Fall semester of 2009!

Horizontal Rule

Monday, October 5, 2009

12:00 - 02:00 pm

UC, McConomy
Unhacking Windows: Tips, Tools and Techniques

Speaker:    Theodore Pham, Information Security Engineer

Abstract:

Today's malware writers draw motivation from only one source: monetary profit.  Consequently, the trend of easy to clean, be fruitful and multiply viruses has been replaced by malware that hijacks complete control of the target for sinister purposes.  Once a computer is hijacked, the malware typically opens covert remote control channels back to the malicious originator; pilfers private, sensitive information (such as financial account numbers and contact lists); acts as a launch pad for further attacks (such as spam relaying); and burrows itself so deep into the target operating system that most experts recommend a scorched earth or nuke from orbit reformat and reinstall cleanup.


This talk will introduce the motivation, methods, tools, and techniques for detecting and performing surgical cleanup of malware on Microsoft Windows XP.  Included will be a discussion of the Windows boot sequence and explanations of popular auto-execution entries employed by today's malware to remain persistent across reboots.  Special treatment will be given to diagnosis and recovery from stealth rootkits (i.e. malware that specializes in remaining undetected by anti-virus, anti-spyware, and the user).

Covered cleanup methods will include both online (booted from infected operating system) and offline (booted from alternative media) techniques and tools.  The discussion of offline methods will focus on the ISO Reatogo boot cd (derived from BartPE and Windows PE).


Audience:
Open to all University affiliates

Refreshments:
Pizza and beverages will be served.

Registration:
Required. Visit the Learning and Development Seminar Registration Site and choose CE 535.
or Email Wiam Younes at wyounes@andrew.cmu.edu

Top

Wednesday, October 7, 2009

2:00 - 3:30pm

UC Connan

Electronic Stored Information Preservation and Discovery Strategies for Carnegie Mellon

Speakers:   

James Merconlini, Assistant Gernal Council

John Lerchey, ISO Incident Response Coordinator


Abstract:
As recent laws have placed new rules and regulations on institutions in the area of preserving and producing electronic stored information for legal cases, Carnegie Mellon is working to develop strategies and procedures so that we will be effective in compliance.

This talk will discuss:

  • New rules of E-discovery
  • Risks associated
  • Impact on the University
  • Challenges
  • OGC's and ISO's roles
  • Departmental/Organizational impacts
  • Individual impacts

Time will be alloted to Q&A at the end of the presentation.

Audience:
Open to all University affiliates

Refreshments:
Treats and beverages will be served.

Registration:
Required. Visit the Learning and Development Seminar Registration Site and choose CE 534.
or Email Wiam Younes at wyounes@andrew.cmu.edu

Top

Monday, October 12, 2009

10:00 - 11:30 am

UC McKenna

Security Guidelines

Instructor: Doug Markiewicz

This class is cancelled

Audience:

Open to faculty and staff.

Registration:

Required. Visit the Learning and Development Seminar Registration Site and choose CE.
or Email Wiam Younes at wyounes@andrew.cmu.edu

Top

Friday, October 16, 2009

1:30 - 3:30pm

Cyert Hall, Room 100

Introduction to Identity Finder for Windows

Speaker:    Wiam Younes, Training and  Awareness Coordinator

Abstract:
Identity Theft is a rapidly mounting concern, which means that protecting your identity and the identity and privacy of others is vitally important. In this 90-minute class, you'll get hands-on instruction in how to use the Identity Finder software to find and secure information on your Windows-based computer that could make you, or others, vulnerable. You will be surprised at how much personally identifiable information can be stored on your computer without your knowledge.

Audience:
Open to faculty and staff only

Registration:
Required. Visit the Learning and Development Seminar Registration Site and choose CE 476.
or Email Wiam Younes at wyounes@andrew.cmu.edu

Top

Tuesday, October 20, 2009

10:00 - 11:00 am

UC, McKenna
Identity Theft

Speaker:    Wiam Younes, Training and Awareness Coordinator

Abstract:

Identity theft occurs when a criminal uses another person’s personal information to assume that person’s identity.  The Identity Theft presentation will provide a detailed description of what personal information is and how criminals gain access to personal information.  The presentation will offer tips on how to protect yourself from Identity Theft at home or work, and will also outline the ISO process for responding to data breach incidents on campus.

Audience:
Open to all University affiliates

Registration:
Required. Visit the Learning and Development Seminar Registration Site and choose CE 540.
or Email Wiam Younes at wyounes@andrew.cmu.edu

Top

Tuesday, October 20, 2009

11:50 am - 1:30 pm

UC, McConomy

SANS Webcast: Changing the Way We Manage Vulnerabilities & Patching

Speaker:   Evan Wheeler, Clark University, INFOSEC Team Lead at Omgeo


Abstract:
The webcast, which is offered by the SANS Institute, will help system adminstrators to determine which security alerts are actually critical for a resource administrator environment.  The webcast will demonstrate how to develop risk critieria for severity and likelihood by analyzing some recent vulnerability notifications.  

By the end of this session, attendees will know how to analyze a new vulnerability report for the distinguishing characteristics that woudl make it a critical weakness for some, but a moderate concern for others.

Audience:
Open to faculty and staff only

Refreshments:

Pizza will be served for lunch

Registration:
Required. Visit the Learning and Development Seminar Registration Site and choose CE 571.
or Email Wiam Younes at wyounes@andrew.cmu.edu

Top

Thursday, October 22, 2009

2:00 - 3:15 pm

 UC, Connan Room
Security 101

Speaker:    Wiam Younes, Training and Awareness Coordinator
Abstract:
The end user is the last line of defense in protecting the portions of cyberspace with which they interact. The Security 101 presentation responds to questions about the end-users role in cyber security, how to protect data that they handle as employees, and securing assets used at work and home from cyber threats.
Audience:
Open to all University affiliates

Registration:
Required. Visit the Learning and Development Seminar Registration Site and choose CE 541.
or Email Wiam Younes at wyounes@andrew.cmu.edu
Top

Thursday, December 3, 2009

9:00 - 10:30 am

TBA
Security 101

Speaker:    Wiam Younes, Training and Awareness Coordinator

This class is cancelled


Abstract:
The end user is the last line of defense in protecting the portions of cyberspace with which they interact. The Security 101 presentation responds to questions about the end-users role in cyber security, how to protect data that they handle as employees, and securing assets used at work and home from cyber threats.

Audience:
Open to all University affiliates

Registration:
Required. Visit the Learning and Development Seminar Registration Site and choose CE 541, Session 2.
or Email Wiam Younes at wyounes@andrew.cmu.edu