Course Overview:
TechNow Cloud Security Fundamentals addresses the loss of hands-on control of system, application, and data security in the Cloud computing environment. Security teams wrestle with the impact and liability of Cloud computing on an organization. This course enables the security team to assist in contract language and Service Level Agreements (SLAs) when utilizing Cloud Service Providers (CSPs).
Compliance and auditing are introduced with strategies for control verification and audit analysis in the CSP environment. Software as a Service (SaaS) to Infrastructure as a Service (IaaS) and everything in between require a compliance strategy. Students will go in-depth into the architecture and infrastructure fundamentals for private, public, and hybrid clouds. Topics covered include: patch and configuration management, virtualization security, application security, and change management. Policy, risk assessment, and governance within cloud environments will be covered with recommendations for both internal policies and contract provisions to consider.
TechNow has worked worldwide enterprise infrastructures for over 20 years and has developed demos and labs to exemplify the techniques required to effectively manage security in the cloud environment.
Attendees to TN-913: Cloud Security Fundamentals will receive TechNow approved course materials and expert instruction.
Date/Locations:
Course Duration: 3 days
Course Objectives:
- Cloud computing introduction
- Security challenges in the cloud
- Infrastructure security in the cloud
- Policy, risk, and governance for cloud computing
- Compliance and legal considerations
- Audit and assessment for the cloud
- Data security in the cloud
- Identity and Access Management (IAM)
- Disaster Recovery and Business Continuity Planning (DR/BCP) in the cloud
- Intrusion detection and incident response
Course Prerequisites:
- GSEC, CISSP, CASP or equivalent experience in managing enterprise infrastructures
- Managing or administering at least one of UNIX, Windows, Databases, networking, or security
Comments
Latest comments from students
User: reedrobt
Instructor comments: Dave is like an encyclopedia of technical topics...what "doesn't" he have expertise in?
Facilities comments: Home2 location was well-kept and convenient to other services.
Liked the class? Then let everyone know!
We are often asked what is the recommended sequence of classes. Here is our recommended sequence of classes for The Security Field.
Certified Information Security Manager (CISM)
Certified Information Systems Auditor(CISA)
Certified Information Systems Security Professional(CISSP)
Course Overview:
Learn to protect yourself and your company against hackers, by learning their tools and techniques, and then testing your network. This course is heavily based on Kali and primarily on Metasploit. In TN-515: Implementing Cybersecurity and Information Assurance Methodologies class you will learn the step by step process that hackers use to assess your enterprise network, probe it & hack into it, utilizing a mixed-platform target environment including Windows, Linux, Solaris, and Cisco. This course is 90% hacking, but defenses for demonstrated hacks will be discussed. If you want to know the ins and outs of the hacks presented in this course, then this is the course for you.
Attendees to TN-515: Implementing Cybersecurity and Information Assurance Methodologies Class Attendees will receive TechNow approved course materials and expert instruction.
Dates/Locations:
Duration: 5 Days
Course Objectives:
- Introduction to Pen Testing using the PTES model
- Metasploit Basics
- MSFconsole, MSFcli, Armitage, MSFpayload, MSFencode, NasmShell
- Intelligence Gathering
- Nmap, Databases in Metasploit, Port Scanning with Metasploit
- Quick Intro to Ruby
- Writing a simple Ruby script to create a custom scanner
- Vulnerability Scanning
- Importing Nessus Results
- Scanning with Nessus from Within Metasploit
- Exploitation
- Using the Metasploit Framework and console to exploit
- Meterpreter
- Compromising a Windows System
- Attacking MS SQL, xp_cmdshell
- Dumping Usernames and Passwords, extracting and dumping hashes
- Pass the Hash and Token Impersonation
- Pivoting
- Railgun
- Using Meterpreter Scripts: Migrating a process, Killing AV, Persistence
- Avoiding Detection
- Creating Stand-Alone Binaries with MSFpayload
- Encoding with MSFencode and Packers (go Green Bay:)
- Exploitation Using Client Side Attacks
- Introduction to Immunity Debugger
- Using Immunity Debugger to Decipher NOP Shellcode
- Metasploit Auxiliary Modules
- Social Engineer Toolkit (SET)
- Spear-Phishing, Web Attack
- Creating a Multipronged Attack
- Creating Your Own Module
- Adapt an existing Module
- Add some PowerShell and Run the Exploit
- Meterpreter Scripting
- Capture The Flag Exercise
Prerequisites:
- This is an advanced Cybersecurity and Information Assurance Course which requires basic Windows & UNIX competency
- Certification or 2 years of experience in these operating systems is highly recommended
- An understanding of TCP/IP
Comments
Latest comments from students
Liked the class? Then let everyone know!
TechNow has 26 years of courseware deveopment with a huge library of course material. If our standard courses are just not quite right for what you require, we can provide customized training to meet your needs! We have serviced many request for training that is aligned to customer business operations. Additionally, our security related courses can provide concise direction on how to build security programs and/or address gaps in your existing security programs. TechNow strives for 100% customer satisfaction, and customized classes is one method that TechNow uses to achieve that goal.
Together, our Classroom in a Box service and the customized class service can provide highly targeted training to your team at your location.
If you are interested in more information regarding our customized training, contact us at 800-324-2294
