TN-901: Linux for Security Professionals

Course Overview:

This course will be fast paced with in-depth and live demonstrations.

Date/Locations:

No Events

Duration: 1 day

Course Objectives:

AIDE
DNS Security with DNSsec
Logging and Audit Management
Linux Security Modules and SE-Linux
Linus Containers (Jailing Services and Apps)
SSH and SSL tunneling

Prerequisites:

Comments

Latest comments from students

Liked the class? Then let everyone know!

TN-575: Open Source Network Security Monitoring

Course Overview:

TN-575: Open Source Network Security Monitoring teaches students how to deploy, build, and run an NSM operation using open source software and vendor-neutral tools. No network is bullet proof and when attackers access your network, this course will show you how to build a security net to detect, contain, and control the attacker. Sensitive data can be monitored and deep packet and deep attachment analysis can be achieved. As organizations stand up a Security Operations Center (SOC) the enterprise NSM is the key ingredient to that SOC. This course not only teaches how to implement an NSM technologically, but how to effectively monitor an enterprise operationally. You will learn how to architect an NSM solution: where to deploy your NSM platforms and how to size them, stand-alone or distributed, and integration into packet analysis, interpret evidence, and integrate threat intelligence from external sources to identify sophisticated attackers. A properly implemented NSM is integral to incident response and provides the responders timely information to react to the incident. TN-575: Open Source Network Security Monitoring is a lab intensive environment with a cyber range that gives each student in-depth knowledge and practical experience monitoring live systems to include: Cisco, Windows, Linux, IoT, and Firewalls.

Attendees to TN-575: Open Source Network Security Monitoring class will receive TechNow approved course materials and expert instruction.

This Course is taught utilizing Security Onion or RockNSM as specified by the customer.

Dates/Locations:

No Events

Duration: 5 Days

Course Objective:

The focus of this course is to present a suite of Open Source security products integrated into a highly functional and scalable Network Security Monitoring solution.

Prerequisites:

Students should have a basic understanding of networks, TCP/IP and standard protocols such as DNS, HTTP, etc. Some Linux knowledge/experience is recommended, but not required

Course Outline:

Network Security Monitoring (NSM) Methodology
High Bandwidth Packet Capture Challenges
Installation of Security Onion
- Use Cases (analysis, lab, stand-alone, distributed)
- Resource Requirements
Configuration
- Setup Phase I – Network Configuration
- Setup Phase 2 – Service Configuration
- Evaluation Mode vs. Configuration Mode
- Verifying Services
Security Onion Architecture
- Configuration Files and Folders
- Network Interfaces
- Docker Environment
- Security Onion Containers
Overview of Security Onion Analyst Tools
- Kibana
- CapME
- CyberChef
- Squert
- Sguil
- NetworkMiner
Quick Review of Wireshark and Packet Analysis
- Display and Capture Filters
- Analyze and Statistics Menu Options
- Analysis for Signatures
Analyzing Alerts
- Replaying Traffic
- 3 Primary Interfaces:
  - Squert
  - Sguil
  - Kibana
- Pivoting Between Interfaces
- Pivoting to Full Packet Capture
Snort and Surricata
- Rule Syntax and Construction
- Implementing Custom Rules
- Implementing Whitelists and Blacklists
Hunting
- Using Kibana to Slice and Dice Logs
- Hunting Workflow with Kibana
Bro
- Introduction and Overview
  - Architecture, Commands
- Understanding and Examining Bro Logs
  - Using AWK, sort, uniq, and bro-cut
- Working with traces/PCAPs
- Bro Scripts Overview
  - Loading and Using Scripts
- Bro Frameworks Overview
  - Bro File Analysis Framework FAF
- Using Bro scripts to carve out more than files
RockNSM ( * If Applicable)
- Kafka
  - Installation and Configuration
  - Kafka Messaging
  - Brokers
  - Integration with Bro and FSF
- File Scanning Framework FSF
  - Custom YARA Signatures
  - JSON Trees
  - Sub-Object Recursion
  - Bro and Suricata Integration
Elastic Stack
- Adding new data sources in Logstash
- Enriching data with Logstash
- Automating with Elastalert
- Building new Kibana dashboards
Production Deployment
- Advanced Setup
- Master vs Sensor
- Node Types – Master, Forward, Heavy, Storage
- Command Line Setup with sosetup.conf
- Architectural Recommendations
- Sensor Placement
- Hardening
- Administration
- Maintenance
Tuning
- Using PulledPork to Disable Rules
- BPF’s to Filter Traffic
- Spinning up Additional Snort / Suricata / Bro Workers to Handle Higher Traffic Loads

Comments

Latest comments from students

Liked the class? Then let everyone know!

IT-113: IT Infrastructure Library (ITIL) v4 – Foundations Course

Course Overview:

ITIL Version 4 is divided into 5 areas: Continual Service Improvement; Service Strategy; Service Design; Service Transition; and Service Operation. These 5 areas support the overall focus of ITIL’s service management through the Service Life cycle. IT-113: IT Infrastructure LIbrary (ITIL)- Foundations Course provides a detailed introduction of terms, definitions, benefits, and relationships of the following function and processes as well as roles and responsibilities that supports them.

Attendees to IT-113: IT Infrastructure Library (ITIL) – Foundations Course will receive TechNow approved course materials and expert instruction.

Dates/Locations:

Date/Time	Event
12/08/2025 - 12/11/2025 08:00 -16:00	IT-113: IT Infrastructure Library (ITIL) v4 – Foundations Course TechNow, Inc, San Antonio TX

Duration: 3 Days

Course Objectives:

Service Desk
Incident Management
Problem Management
Configuration Management
Financial Management for IT
IT Service Continuity Management
Service Level Management
Change Management
Release Management
Capacity Management
Availability Management

Prerequisites:

Students should have some experience with the specification, development, installation and/or management of information technology.

Comments

Latest comments from students

Liked the class? Then let everyone know!

TN-5425: Networking with Windows Server 2016

Course Overview:

Course two of a three course series to obtain a Server 2016 MCSA certification. This 5-day course provides the fundamental networking skills required to deploy and support Windows Server 2016 in most organizations. It covers IP fundamentals, remote access technologies, and more advanced content including Software Defined Networking.

The course leads directly to preparing for the(MCSA):Windows Server 2016 exam “70-741: Installation, Storage, and Compute with Windows Server 2016”. It also maps to Microsoft’s course 20741A, and is part of the Server 2016 MCSA certification.

Attendees to TN-5425: Networking with Window Server 2016 will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

Plan and implement an IPv4 network
Implement Dynamic Host Configuration Protocol (DHCP)
Implement IPv6
Implement Domain Name System (DNS)
Implement and manage IP address management (IPAM)
Plan for remote access
Implement DirectAccess
Implement virtual private networks (VPNs)
Implement networking for branch offices
Configure advanced networking features
Implement Software Defined Networking

Prerequisites:

A basic understanding of networking fundamentals
Experience working with Windows Server 2008 or Windows Server 2012
Experience working in a Windows Server infrastructure enterprise environment
Knowledge of the Open Systems Interconnection (OSI) model
Understanding of core networking topologies and architectures such as local area networks (LANs), wide area networks (WANs) and wireless networking
Basic knowledge of the TCP/IP protocol stack, addressing and name resolution
Experience with and knowledge of Hyper-V and virtualization
Hands-on experience working with the Windows client operating systems such as Windows 8.1 or Windows 10

Liked the class? Then let everyone know!

TN-345: Python for Penetration Testers

Course Overview:

This Python for Penetration Testing course is designed to give you the skills you need for maintaining or developing Python Penetration Testing tools oriented towards offensive operations. We have a suite of courses and certifications that help understand a problem, this course prepares the student to rapidly develop prototype code to attack or defend against it.

The course concludes with a Capture the Flag event that will test both your ability to apply your new tools and coding skills in a Python Penetration Testing challenge.

This course is not intended to be an Advanced Python course, but to exemplify penetration techniques utilizing Python. The course covers Threading, Sockets, OOP, and third party modules that facilitate the offensive operator’s objective.

This course utilizes the “Violent Python” text book.

Attendees to TN-345: Python for Penetration Testers Class will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 3 Days

Course Objectives:

Python Lanuage Refress
Network Sockets
Exception Handling
Hashes and Cracking Passwords
Threading
- Concepts and Python Implementation
- Queues and Synchronization
- urlparse and httplib to probe URLs
- Crack a password protected zip file
Port Scanner
- Threading a Port Scanner
nmap integration
Deploying shellcode
Mechanize, BeautifulSoup
- HTTP Form Password Guessing
- HTTP Proxies (Burp Suite)
- HTTP Cookies Session Hijacking
  - CookieMonster
Images and Metadata
Justniffer
SQL Injection
- sqlmap
- SQLBrute
Antivirus and IDS evasion
- PyInstaller
- Metasploit
Scapy
- Deploy shellcode
- DNS Cache Poisoning
- Packety Violence