TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies

 

Course Overview:

TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies is the big picture overview of a SOC, other courses provide a deep dive into the technologies that a SOC may utilize. This course addresses the internal workings of staff, skills required, required authorizations, internal agreements, and setting appropriate expectation levels of a SOC within budget constraints. A SOC is not a one size fits all, the instructor has decades of security experience and brings to the table opportunities to discuss what can work within constraints. Many organizations are coming to the realization that some level of a SOC is now required and to learn just what decisions need to be made: Out-sourced, In-sourced, budgets, capabilities and many more. Students leave with a worksheet of how to progress when they get back to their organization.

TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies – Is a course that incorporates lecture, demos, and group exercises for standing up a Security Operations Center (SOC). Students learn strategies and resources required to deploy, build, and run Network Security Monitoring (NSM) and work roles and flows for a SOC. No network is bullet proof and when attackers access your network, this course will show you options and resources to build a security net to detect, contain, and control the attacker. Examples on what it takes to architect an NSM solution to identify sophisticated attackers and a response strategy. Properly implemented detection and response technologies is integral to incident response and provides the responders timely information and tools to react to the incident. Effective demonstrations are given of Open Source technologies that build up a SOC, but any software can be used and demonstrations are provided to demonstrate technology families not push a specific solution.

TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies demonstrations utilize a cyber range that gives each student in-depth knowledge of monitoring live systems to include: Cisco, Windows, Linux, IoT, and Firewalls; and software and services to provide orchestrate Incident Response, Intelligence Analysis, and Hunt Operations.

Attendees to TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies class will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 2 Days

Course Objective:

    • To provide management an overview of what it takes to stand up a SOC.

Prerequisites:

  • Students should have an understanding of the security field.

Course Outline:

  • What threats does my organization care about?
  • What does a threat look like?
  • What does a threat look like?
  • How to present the SOC internally.
  • Communication with Stakeholders and Executives
    • Leveraging and integrating existing security measures
  • People
    • Establishing a skill matrix and work roles for SOC members
    • Establishing a training path
    • Personnel background requirementsProcesses
  • Processes
    • Alignment to standards: NIST, PCI, HIPAA, etc.
    • Risk related decision trees
    • Playbooks
    • Threat Intelligence Integration
  • Technology – Tool Suites to Support:
    • Ethical Hacking
    • Network Security Monitoring and SIEM
    • Forensics
    • Dashboards
    • Analysis and Hunting
    • Incident Management and Ticketing

 

Comments

Latest comments from students

 

Liked the class?  Then let everyone know!

TN-929: Security Essentials Training Course

Course Overview:

What a great course that is slightly misnamed!  This course may be labeled Security Essentials, but covers much of the subject matter of CISSP!  This course does more than just cover the basics.  TechNow takes the time to give the student hands on labs to exemplify an objective.  Security Essentials Prep Training Course sets the foundation for your security career and sets the expectation of comprehension with more detail than Security+ and more on par with CISSP.

This course provides students skills to take courses that prepare for higher level certifications.

Attendees to TN-929: Security Essentials  Training Course will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Duration: 9 days

Course Objectives:

  • 802.11 Suite of Protocols
  • Access Control Theory
  • Alternate Network Mapping Techniques
  • Authentication and Password Management
  • Contingency Planning
  • Crypto Concepts
  • Crypto Fundamentals
  • Defense-in-Depth
  • DNS
  • Firewall Subversion
  • Firewalls
  • HIDS Overview
  • Honeypots
  • ICMP
  • IDS Overview
  • Incident Handling Fundamentals
  • Information Warfare
  • Introduction to OPSEC
  • IP Packets
  • IPS Overview
  • IPv6
  • Legal Aspects of Incident Handling
  • Linux/Unix Configuration Fundamentals
  • Linux/Unix Logging and Log Management
  • Linux/Unix OS Security Tools and Utilities
  • Linux/Unix Overview
  • Linux/Unix Patch Management
  • Linux/Unix Process and Service Management
  • Mitnick-Shimomura
  • Network Addressing
  • Network Design
  • Network Hardware
  • Network Mapping and Scanning
  • Network Plumbing
  • Network Protocol
  • NIDS
  • OverviewPhysical Security
  • Policy Framework
  • Protecting Data at Rest
  • Public Key Infrastructure
  • PKI
  • Reading Packets
  • Risk Management
  • Safety Threats
  • Securing Windows Server Services
  • Steganography
  • OverviewTCPUDP
  • Virtual Machines
  • Virtual Private Networks VPNs
  • Viruses and Malicious Code
  • VoIP
  • Vulnerability Management Overview
  • Vulnerability Scanning
  • Web Application Security
  • Windows Auditing
  • Windows Automation and Configuration
  • Windows Family of Products
  • Windows Network Security Overview
  • Windows Permissions & User Rights
  • Windows Security Templates & Group Policy
  • Windows Service Packs, Hotfixes and Backups
  • Windows Workgroups, Active Directory and Group Policy Overview
  • Wireless Overview

Prerequisites:

 

Comments

Latest comments from students

User: sjsmith2262

Instructor comments: without question, Dave Askey knows his material!!! great instructor that gave a personalized approach.

Facilities comments: class was taught in a hotel reception area, very nice, quiet and convenient for all people

User: synistry

Instructor comments: Dave was great! (as always). Wealth of knowledge and a master at customizing course content to match the education level of his students. The class kept entirely in pace with where we were at as a group overall on a day to day basis.

Facilities comments: Facilities were overall really nice. The only complaint is that the hotel / conference center had us move rooms on one occasion, and kicked us out early on two others. I would assume this is due to the last minute location change, so I don't think there is anything anyone could have done better in the situation.

Liked the class?  Then let everyone know!

TN-979: Intrusion Analyst Course

Course Overview:

Intrusion Analyst is a hands-on course that covers intrusion detection in-depth. This includes concepts such as the use of Snort, network traffic analysis, and IDS signatures.

A skills focus enables the student to better absorb the subject matter and perform successfully on the job.   This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics of packet and intrusion analysis.

Attendees to TN-979: Intrusion Analyst will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

  • Advanced Snort Concepts
  • Analyst Toolkit
  • Domain Name System (DNS)
  • Examining Packet Crafting
  • Examining Packet Header Fields
  • Fragmentation
  • ICMP Theory
  • IDS Interoperability
  • IDS Patterns
  • IDS/IPS Management & Architecture Issues
  • Indications, Warnings & Traffic Correlation
  • IPv6
  • Microsoft Protocols
  • Network Traffic Analysis
  • NIDS Evasion, Instertion & Checksums
  • Snort Fundamentals & Configuration
  • Snort GUIs & Sensor Management
  • Snort Performance, Active Response & Tagging
  • Snort Rules
  • Stimulus Response
  • TCPdump Fundamentals
  • TCP/IP Fundamentals
  • Wireshark Fundamentals
  • Writing TCPdump Filters

Course Prerequisites:

  • GSEC or equivalent experience
  • UNIX, Windows, Networking, and Security Experience
  • This is a hands-on skill course requiring comfort with command line interaction and network communications

Comments

Latest comments from students

User: Tosha

Instructor comments: Dave was an excellent instructor. He is very informative and knowledgeable in the course and the material. I have enjoyed the class and I would take another course with him as the instructor.

Facilities comments: Very nice and clean hotel.

User: buckey26

Instructor comments: Dave was one of the best instructors I have ever had for a tech course. He broke down everything to the point where you can understand it internally.

Liked the class?  Then let everyone know!

CT-425: CompTIA SecurityX

Course Overview:

SecurityX®  (formerly known as CASP+)  course prepares you for the CompTIA SecurityX® certification exam (CVO-005) and demonstrates your knowledge and skills in enterprise security, risk management, research and analysis, and the integration of computing, communications, and business disciplines. This course will prepare students for the objectives covered in the CompTIA SecurityX certification exam (CVO-005).

Attendees to CT-425: CompTIA SecurityX will receive TechNow approved course materials and expert instruction.

Date/Locations:

Date/Time Event
09/15/2025 - 09/19/2025
09:00 -17:00 		CT-425: CompTIA Advanced Security Practitioner (CASP+)
TechNow, Inc, San Antonio TX
12/08/2025 - 12/12/2025
09:00 -17:00 		CT-425: CompTIA Advanced Security Practitioner (CASP+)
TechNow, Inc, San Antonio TX

Duration: 5 days

Course Objectives:

  • Support IT governance in the enterprise with an emphasis on managing risk
  • Leverage collaboration tools and technology to support enterprise security
  • Use research and analysis to secure the enterprise
  • Integrate advanced authentication and authorization techniques
  • Implement cryptographic techniques
  • Implement security controls for hosts
  • Implement security controls for mobile devices
  • Implement network security
  • Implement security in the systems and software development lifecycle
  • Integrate hosts, storage, networks, applications, virtual environments, and cloud technologies in a secure enterprise architecture
  • Conduct security assessments
  • Respond to and recover from security incidents

Prerequisites:

Completion of the following or equivalent knowledge:

Minimum of 10 years general hands on IT experience

5 years being hands-on security

CompTIA Certification: Network+

CompTIA Certification: Security+

CompTIA Certification: CySA+

OR equivalent knowledge

Comments

Latest comments from students

User: clbrack

Instructor comments: I expect to pass, another great class from technow!

User: christopher0470

Instructor comments: Alan takes the time to cover the material so that you understand the concepts and applications of the information presented.

Facilities comments: I like the location. It was quiet and very conducive to learning.

Liked the class?  Then let everyone know!

TN-8155: HCISPP Preparation Seminar

 

Course Overview:

The HCISPP is the only certification that combines cybersecurity skills with privacy best practices and techniques. It demonstrates you have the knowledge and ability to implement, manage, and assess security and privacy controls to protect healthcare organizations using policies and procedures established by the cybersecurity experts at (ISC)2. TechNows HCISPP Certification Boot Camp is a comprehensive review of Healthcare cybersecurity with privacy best practices & industry best practices.

Attendees to TN-8155: HCISPP Certification Preparation Seminar will receive TechNow approved course materials and expert instruction..

Date/Locations:

No Events

Course Duration: 5 days

Course Objectives:

  • Strategically focus your preparation for HCISPP Certification
  • Cover a broad spectrum of topics in the 7 domains of the HCISPP Common Body of Knowledge (CBK)
  • Gain knowledge on the Healthcare industry including third party relationships and health data management concepts
  • Identify applicable regulations, compliance frameworks, privacy principles and policies to protect information security
  • Develop risk management methodology and identify control assessment procedures

Audience:

  • The HCISPP certification is ideal for security professionals responsible for safeguarding protected health information (PHI). Take this HCISPP training course to prepare to manage and implement security controls for healthcare information. HCISPPs are instrumental to a variety of job functions: Compliance Officer, Information Security Manager, Privacy Officer, Compliance Auditor, Risk Analyst, Medical Records Supervisor, IT Manager, Privacy & Security Consultants, and Health Information Manager.

Comments

Latest comments from students

 

Liked the class?  Then let everyone know!