TN-913: Cloud Security Fundamentals

 

Course Overview:

TechNow Cloud Security Fundamentals addresses the loss of hands-on control of system, application, and data security in the Cloud computing environment.  Security teams wrestle with the impact and liability of Cloud computing on an organization.  This course enables the security team to assist in contract language and Service Level Agreements (SLAs) when utilizing Cloud Service Providers (CSPs).

Compliance and auditing are introduced with strategies for control verification and audit analysis in the CSP environment.  Software as a Service (SaaS) to Infrastructure as a Service (IaaS) and everything in between require a compliance strategy.  Students will go in-depth into the architecture and infrastructure fundamentals for private, public, and hybrid clouds.   Topics covered include: patch and configuration management, virtualization security, application security, and change management. Policy, risk assessment, and governance within cloud environments will be covered with recommendations for both internal policies and contract provisions to consider.

TechNow has worked worldwide enterprise infrastructures for over 20 years and has developed demos and labs to exemplify the techniques required to effectively manage security in the cloud environment.

Attendees to TN-913: Cloud Security Fundamentals will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Course Duration: 3 days

Course Objectives:

  • Cloud computing introduction
  • Security challenges in the cloud
  • Infrastructure security in the cloud
  • Policy, risk, and governance for cloud computing
  • Compliance and legal considerations
  • Audit and assessment for the cloud
  • Data security in the cloud
  • Identity and Access Management (IAM)
  • Disaster Recovery and Business Continuity Planning (DR/BCP) in the cloud
  • Intrusion detection and incident response

Course Prerequisites:

  • GSEC, CISSP, CASP or equivalent experience in managing enterprise infrastructures
  • Managing or administering at least one of UNIX, Windows, Databases, networking, or security

Comments

Latest comments from students

User: reedrobt

Instructor comments: Dave is like an encyclopedia of technical topics...what "doesn't" he have expertise in?

Facilities comments: Home2 location was well-kept and convenient to other services.

 

Liked the class?  Then let everyone know!

TN-225: Network+ Skills Class

 

Course Overview:

TN-225: Network+ Skills Class is a five-day course that teaches students the fundamentals of networking. Through hands-on training, students learn the vendor-independent networking skills & concepts that affect all aspects of networking, such as installing & configuring the TCP/IP client. 

Attendees to the TN-225: Network+ Skills Class will receive TechNow approved course materials and expert instruction.

Please Note:  This course is designed with a focus on skills and is not a preparation course for certification.

Dates/Locations:

No Events

Duration 5 days

Course Objectives:

  • Introduction Defining Networking
  • Building a Network with OSI
  • Hardware Concepts
  • Ethernet Basics
  • Modern Ethernet
  • Non-Ethernet Networks
  • Installing a Physical Network
  • Wireless Networking
  • Protocols
  • TCP/IP
  • Network Operating Systems
  • Sharing Resources
  • Going Large with TCP/IP
  • TCP/IP & the Internet
  • Remote Connectivity
  • Protecting Your Network
  • Interconnecting Network Operating Systems
  • The Perfect Server
  • Zen & the Art of Network Support

Prerequisites:

Comments

Latest comments from students

User: dsm

Instructor comments: great presentation

Facilities comments: too cold

User: fillyok

Instructor comments: He has an excellent way of explaining things on the level that anyone can understand easily. I wasn't looking forward to this class at all but I'm really glad I attended now. I have a much clearer understanding of networking fundamentals that I never would've received via CBTs. I'd heard really good things about Tim Burkard's teaching skills and now I know they're true. I wouldn't mind taking other classes that he teaches,

Facilities comments: The facilities are really nice and there weren't any problems as far as I could tell. The hotel staff is very nice.

 

Like the class?  Then let everyone know!

CL-355: Containers, Kubernetes, and Red Hat OpenShift Administration

 

Course Overview:

Through an introduction to Docker, Kubernetes, and Red Hat OpenShift Platform, this training course helps you understand one of the key tenets of the DevOps and DevSecOps Platform (DSOP) movement: continuous integration and continuous deployment. The CI/CD pipeline becomes well understood and implemented in an open architecture.  Containers have become a key technology for the configuration and deployment of applications and micro services. Kubernetes is a container orchestration platform that provides foundational services in Red Hat OpenShift Container Platform, which allows enterprises to manage container deployments and scale their applications using Kubernetes.

This training course provides an overview of the DoD Enterprise DevSecOps Platform (DSOP) Reference Design, its current state, and ties to DoD Cloud Platform One (P1). Workflows of the DoD Iron Bank container repository are introduced, along with an overview of the DoD Pipeline as represented in Big Bang.  Continuous authorization cATO via Party Bus within NIST RMF is presented. You will become aware of the Platform One (P1) integrations and relationship to Docker, Kubernetes, Istio (Red Hat OpenShift Service Mesh) and Red Hat OpenShift Platform.

In addition to gaining an understanding of these tools, you will build core administration skills through the installation, configuration, and management of an OpenShift cluster and containerized applications.

Course Objectives:

  • Learn about Containers, Docker, Kubernetes, and OpenShift architecture
  • Overview DoD Enterprise DevSecOps Platform (DSOP) Reference Design and DoD Cloud Platform One (P1)
  • Tie together awareness of various DoD Cloud offerings and their relationships
  • Create containerized services
  • Manage containers and container images
  • Deploy multi-container applications
  • Install an OpenShift cluster
  • Configure and manage masters and nodes
  • Secure OpenShift
  • Control access to resources on OpenShift
  • Monitor and collect metrics on OpenShift
  • Deploy applications on OpenShift using source-to-image (S2I)
  • Manage storage on OpenShift

Course Outline:

  • Getting started with container technology
  • Creating containerized services
  • Managing containers
  • Managing container images
  • Creating custom container images
  • Deploying containerized applications on OpenShift
  • Deploying multi-container applications
  • Troubleshooting containerized applications
  • Comprehensive Review of Introduction to Container, Kubernetes, and RedHat OpenShift
  • Introducing Red Hat OpenShift Container Platform
  • Installing OpenShift Container Platform
  • Describing and exploring OpenShift networking concepts
  • Executing commands
  • Controlling access to OpenShift resources
  • Allocating persistent storage
  • Managing application deployments
  • Installing and configuring the metrics subsystem
  • Managing and monitoring OpenShift Container Platform

Dates/Locations:

No Events

Duration: 5 Days

Prerequisites:

  • Ability to use a Linux® terminal session and issue operating system commands
  • Good foundation in Linux
  • Experience with web application architectures and their corresponding technologies

Target Audience:

  • Developers who wish to containerize software applications
  • Administrators who are new to container technology and container orchestration
  • Architects who are considering using container technologies in software architectures
  • System administrators
  • System architects
  • Architects and developers who want to install and configure OpenShift Container Platform
  • Those working in the field of DevSecOps supporting DoD Platform One (P1) and other implementations

Comments

Latest comments from students

 

Liked the class?  Then let everyone know!

Security Course Flow

We are often asked what is the recommended sequence of classes.  Here is our recommended sequence of classes for The Security Field.

Certified Information Security Manager (CISM)

CT-325 CompTIA Security+ Arrowright TN-825 Certified Information Security Manager

Certified Information Systems Auditor(CISA)

CT-325 CompTIA Security+ Arrowright TN-425 Certified Ethical Hacker Arrowright TN-822: Certified Information Systems Auditor (CISA)

Certified Information Systems Security Professional(CISSP)

CT-325 CompTIA Security+ Arrowright TN-425 Certified Ethical Hacker Arrowright TN-815 CISSP Certification Prep Seminar

 

N-485: In-Depth Securing Networks with Cisco Firepower Threat Defense NGFW

Course Overview:

An in-depth course on how to use and configure Cisco Firepower Threat Defense technology,  from device setup and configuration and including routing, high availability, Firepower Threat Defense migration, traffic control, and Network Address Translation (NAT).  Students implement advanced Next Generation Firewall (NGFW) and Next Generation Intrusion Prevention System (NGIPS) features, including network intelligence, file type detection, network based malware detection, and deep packet inspection.
Students will also learn how to configure site to site VPN, remote access VPN, and SSL decryption before moving on to detailed analysis, system administration, and troubleshooting.  This course combines lecture materials and hands on labs throughout to make sure that students are able to successfully deploy and manage the Cisco Firepower system.

It is a five-day instructor-led course that is aimed at providing network security engineers with the knowledge and skills that are needed to implement and maintain perimeter solutions that are based on Cisco Firepower security appliances. At the end of the course, students will be able to reduce risk to their IT infrastructure and applications using Cisco Firepower security appliance features, and provide detailed operations support for the Firepower appliance.

Attendees to N-485: In-Depth Securing Networks with Cisco Firepower Threat Defense NGFW will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

  • Understand Sourcefire, Firepower 6.2, FireAMP, and Firepower Threat Defense (FTD)
  • Configure the Firepower Management Center (FMC)
  • Raise you confidence managing the Firepower Manager and Firepower tThreat Defense (FTD)
  • Describe the Cisco Firepower Systems infrastructure
  • Navigate the user interface and administrative features of the Cisco Firepower 6.2 system, including advanced analysis and reporting functionality to properly assess threats
  • Describe the System Configuration and Health policies and implement them
  • Describe the role Network Discovery (Firepower) technology plays in the Cisco devices
  • Describe, create, and implement objects for use in Access Control policies
  • Create DNS and URL policies and configure Sinkholes
  • Configure FTD policies such as Platform, Routing, Interface, Zones, PreFilter, QoS, NAT and Flex Config!
  • Describe advanced policy configuration and Firepower system configuration options
  • Configure Malware Policies to find and stop Malware
  • Understand Security Intelligence, and how to configure SI to stop attacks NOW!
  • Configure policies to find and stop Ransomware
  • Understand how to fine tune IPS policies
  • Understand how to find tun Snort Preprocessor policies (NAP)
  • Configure Correlation events, white rules, traffic profiles and create respective events and remediate them
  • Analyze events
  • Create reporting templates and schedule them
  • Configure backups, rule updates, Firepower Recommendations, URL updates, and more to run every week automatically
  • Set up external authentication for users using LDAP/Realms
  • Configuring system integration, realms, and identity sources
  • Configure FMC domains and implement them
  • Configure FTD HA with two FTD devices
  • SSL Policy – decrypt your traffic
  • AnyConnect and Site-to-Site VPN
  • Understand network and host based AMP.  Configure and analyze host based AMP
  • Understand Cisco Identity Services Engine (ISE)
  • Configure ISE and integrate with Cisco FMC identity policy using PxGrid

Prerequisites:

Comments

Latest comments from students

Liked the class?  Then let everyone know!