Washington State HTCIA: Events and Meetings

Unless otherwise noted, all meetings and training events are held at the Edmonds Community College main campus, Snohomish Hall room 110, the second Friday of each month from 10AM - Noon. Attendees can park in any space not marked as STAFF ONLY or otherwise posted as being reserved.

Meetings and training events are open to HTCIA members in good standing from any HTCIA chapter, unless otherwise noted in the meeting or training event description(s). If you are a member of another HTCIA chapter and wish to attend a training event, please contact the Chapter President to reserve a seat. All training events will consist of hands-on labs and exercises. All members are welcome and encouraged to participate in giving presentations - Contact the Chapter President with your ideas and suggestions!

Please be aware that dates, topics, and instructors are subject to change based on instructor availability and the needs of Edmonds Community College. Changes and new information will be reflected on this page as well as passed via the member listserve.

A reminder to all of our members. HTCIA is a private organization that draws its membership from many different business sectors. All meetings are private and should only be attended if you are a current member, member of the law enforcement community, or have received pre-approval to sit-in on a meeting from an HTCIA officer. If you are not a member of the law enforcement community or have not yet been approved for membership by HTCIA, you will need to get approval before attending our meetings. Due to the nature of the topics we discuss, members are reminded that no unauthorized recording of any type is permitted. If you have questions or need further clarification, please contact one of the HTCIA Officers.



	MARCH 24 - 28 2008

	APRIL 11 2008

	DATES TBD

Washington State HTCIA Meeting Schedule
Date/Time	Topics
Feb 8 2008 10AM - NOON	Regular WA HTCIA Meeting Topic: Data Lifecycle Security Instructor/Speaker: Ernie Hayden CISSP CEH, Information Security Officer, Group Health Cooperative An information security officer's "To Do" list is not only long but it is getting longer every day. We have different lists or categories to consider during our day-to-day efforts to protect our organizations. These lists can include such things as: 1) ISC2 - CISSP 10 Domains of Information Security 2) ISO 17799 or ISO 27001 Categories for Information Security 3) NIST Security Standards As a result of some of these frustrations, Ernie Hayden has started building a model called "Data Centric Security" that looks at data from birth to death and to all the events that occur in between.
March 14 2008 10AM - NOON	Regular WA HTCIA Meeting Topic: Windows Registry Forensic Analysis Instructor/Speaker: Steve Hailey Overview of common places to look for artifacts in the NTUSER.DAT, SAM, and SYSTEM registry files. Use of Registry Viewer as well as open source tools will be covered. This will be a hands on presentation - please RSVP to Steve.
April 11 2008 10AM - NOON	Regular WA HTCIA Meeting Topic: Introduction to Packet Analysis Instructor/Speaker: Steve Hailey Overview of TCP, UDP, and ICMP based communications. Will include hands-on exercises with Wireshark.
May 11 2008 10AM - NOON	Regular WA HTCIA Meeting Topic: TBD
June 13 2008 10AM - NOON Note: Snohomish Hall Room 105	Regular WA HTCIA Meeting Topic: Using Change Logs and Restore Points for Digital Forensic Exams Instructor/Speaker: Mike Andrew, CSFA / C\|EH –Vice President of CyberSecurity Institute, Digital Forensics Examiner and Educator – Secretary, Washington State High Technology Crime Investigation Association, EdCC Digital Forensics Committee As Mike will be talking about an ongoing case, details will not be listed here. Please see the email sent regarding this meeting This is one you do not want to miss!

Washington State HTCIA Training Schedule
Date/Time	Class Description/Information
March 24 -28 2008	TRAINING Title: Federal Law Enforcement Training Center Internet Investigations Training Program Law Enforcement Cost: $800.00
April 11 2008 12:30PM - 3:30PM	TRAINING Title: Introduction to Packet Analysis Instructor/Speaker: Steve Hailey Continuation of morning session. Will include tracing communications when using chat clients, and methods to obtain IP addresses of suspect computers when a proxy server is being used.