The agenda for this event is:

Full details can be found here: SEC501: Advanced Security Essentials - Enterprise Defender course to Oslo, 2-7 November 2009.

(http://www.sans.org/info/7469)

SEC401 students usually walk into class feeling overwhelmed that security is a lost cause, but they leave class with pragmatic tools and the drive to successfully secure their organizations systems and networks. Then come the questions that we receive on a constant basis: What course should I take next? How do I continue my journey? The challenge is that many of you have positions that do not allow you to focus on one area -- you need to understand all of the key areas across security. In Security 501, SANS has decided to give you just what they have been asking for, and we have identified core foundation areas that complement SEC401 with no overlap.

In SEC501, configuring your system and network correctly is covered, but the instructor will also teach you how to identify a security breach and respond to an incident. The approach to this course is that protection and prevention is ideal; however, some attacks will be successful, and thus you need to be armed with the right skills to detect and react to these threats. Detecting and responding to incidents only enhances your knowledge in protecting your system and networks, hence the security lifecycle.