Termín: 30. 9. 2015
Přednášející: Paula Januszkiewicz
Paula’s Business Profile
Paula Januszkiewicz is the IT Security Auditor
and Penetration Tester, Enterprise Security MVP and trainer (MCT) and Microsoft
Security Trusted Advisor. She is also a top speaker at many well-known
conferences including TechEd North America, TechEd Europe, TechEd Middle East,
RSA, TechDays, CyberCrime, etc., and is often rated as number-one speaker. Paula
is engaged as a keynote speaker for security related events and she writes
articles on Windows Security. She drives her own company CQURE, working on
security related issues and projects. Paula has conducted hundreds of IT
security audits and penetration tests, including those for governmental
organizations. Her distinct specialization is definitely on Microsoft security
solutions, in which she holds multiple Microsoft certifications, besides being
familiar with and possessing certifications in other related technologies. Paula
is passionate about sharing her knowledge with others. In private, she enjoys
researching new technologies, which she converts to authored trainings. She
wrote a book about Threat Management Gateway 2010, and is working on her next
book. She has access to a source code of Windows! Every year she makes over 200
flights (2013 – 248) to gain more and more experience, provides penetration
tests and consults Customers about how to secure their infrastructures.
Last and interesting conference engagements:
- Planned: Hacker Halted 2015, Atlanta Keynote Speaker
- Microsoft Ignite 2015, Chicago
- ExpertDay 2015, Zurich
- TechFuse 2015, Minnesota
- Microsoft Technology Summit
- IT Camp 2015
- UTMessan 2015, Iceland
- Nordic Infrastructure Conference 2015
- Management Summit 2014 – Minnesota
- Microsoft TechNet Conference 2014
- Microsoft Summit 2014 in Romania
- Hacker Halted 2014, Atlanta Keynote Speaker
- Hackerfest 2014 – GOPAS Prague
- TechEd 2014 Europe
- TechEd 2014, USA
- Microsoft NT Konferenca 2014, Slovenia
- Microsoft WinDays14, Croatia
- UTmessan 2014, Iceland …
Audience:
Network administrators, infrastructure
architects, security professionals, systems engineers, network administrators,
IT professionals, security consultants and other people responsible for
implementing network and perimeter security.
Materials:
Author’s unique tools, presentations slides
with notes, workshop instructions.
Agenda:
Module 1: Information gathering about the
target
- Detecting unnecessary services
- Practical walkthrough through tools
- Using tools against scenarios
Module 2: Password management – prevention and scale of operation
- Performing PTH attack and implementing prevention
- Performing the LSA Secrets dump and implementing prevention
- DPAPI Analysis – usage of the Cached Credentials
- Implementing prevention for PTH attack and password management
Module 3: Physical Access
- Misusing USB and other ports
- Offline Access techniques
Module 4: Malformed Communication
- Communicating through firewalls
- Misusing Remote Access
- DNS based attacks
- Detecting unsafe servers
- Hacking HTTPS
- Distributed Denial of Service attacks vs. scaling the server
Module 5: Malware under the hood
- Techniques used by modern malware
- Advanced Persistent Threats
- Fooling common protection mechanisms
- Ransomware analysis
Module 6: Data in-Security
- File format attacks for Microsoft Office, PDF and other file types
- Using incorrect file servers’ configuration
- Basic SQL Server attacks
- Analyzing the disk drive and memory
KDE: Počítačová škola Gopas
Kodaňská 1441/46
101 00 Praha 10
Cena: 8 890,- Kč bez DPH
Cena zahrnuje oběd, slané a
sladké občerstvení, nealko nápoje. Na akci se nevztahují žádné slevy, cena 8
890,- Kč bez DPH je konečná.
Program:
08:30 - 09:00 Registration
09:00 - 10:00
Module 1: Information gathering about the target
10:00 -
10:15 Coffee break (drinks & snack)
10:15 - 11:15 Module 2:
Password management – prevention and scale of operation
11:15 -
12:15 Lunch
12:15 - 13:15 Module 3: Physical Access
13:15
- 13:30 Coffee break (drinks)
13:30 - 14:30 Module 4: Malformed
Communication
14:30 - 14:45 Coffee break (drinks & snack)
14:45 - 15:45 Module 5: Malware under the hood
15:45 -
16:00 Coffee break (drinks)
16:00 - 17:00 Module 6: Data
in-Security