TN-979: Intrusion Analyst Course

Course Overview:

Intrusion Analyst is a hands-on course that covers intrusion detection in-depth. This includes concepts such as the use of Snort, network traffic analysis, and IDS signatures.

A skills focus enables the student to better absorb the subject matter and perform successfully on the job.   This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics of packet and intrusion analysis.

Attendees to TN-979: Intrusion Analyst will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

  • Advanced Snort Concepts
  • Analyst Toolkit
  • Domain Name System (DNS)
  • Examining Packet Crafting
  • Examining Packet Header Fields
  • Fragmentation
  • ICMP Theory
  • IDS Interoperability
  • IDS Patterns
  • IDS/IPS Management & Architecture Issues
  • Indications, Warnings & Traffic Correlation
  • IPv6
  • Microsoft Protocols
  • Network Traffic Analysis
  • NIDS Evasion, Instertion & Checksums
  • Snort Fundamentals & Configuration
  • Snort GUIs & Sensor Management
  • Snort Performance, Active Response & Tagging
  • Snort Rules
  • Stimulus Response
  • TCPdump Fundamentals
  • TCP/IP Fundamentals
  • Wireshark Fundamentals
  • Writing TCPdump Filters

Course Prerequisites:

  • GSEC or equivalent experience
  • UNIX, Windows, Networking, and Security Experience
  • This is a hands-on skill course requiring comfort with command line interaction and network communications

Comments

Latest comments from students

User: Tosha

Instructor comments: Dave was an excellent instructor. He is very informative and knowledgeable in the course and the material. I have enjoyed the class and I would take another course with him as the instructor.

Facilities comments: Very nice and clean hotel.

User: buckey26

Instructor comments: Dave was one of the best instructors I have ever had for a tech course. He broke down everything to the point where you can understand it internally.

Liked the class?  Then let everyone know!

Welcome to TechNow!

Welcome to TechNow! The Leader in Information Security Training & Computer Training.

The world of information security and computer training is ever changing.  The techniques and systems continue to evolve and we must stay current and diligent.  To do this, you can count on TechNow®…the leader in cybersecurity training and computer system training.

TechNow® has been training the leaders in the computer community for many years.  We provide training for students in a number of areas.  Our cybersecurity trainings include popular courses like D0D 8140, Security , CISM, CISSP, CEH,CCNA, and more.  With over 34 years of experience, we’re able to provide you with unmatched training and certification programs.

TechNow also provides a variety of other popular trainings for the computer professional including Cisco, EC-Council, CompTIA, Unix/Linux and more.

.

Search Our Site

Upcoming Events

  • CT-213: Cloud Essentials+
    • 10/14/2025 – 10/16/2025
    • San Antonio
  • PM-223: Introduction to Project Management
    • 10/14/2025 – 10/16/2025
    • San Antonio
  • CT-210: Project+
    • 10/27/2025 – 10/30/2025
    • San Antonio
  • CT-325: Security+
    • 10/27/2025 – 10/31/2025
    • San Antonio
  • PM-325: Project Management Professional (PMP) Exam Preparation
    • 10/27/2025 – 10/31/2025
    • San Antonio
  • all events

    • in   

    PA-215: Palo Alto Networks Firewall Essentials FastTrack

      

    Course Overview: PA-215: Palo Alto Networks Firewall Essentials FastTrack Training Class is a five-day course that teaches students to configure and manage the entire line of Palo Alto Networks next-generation firewalls. This course combines PA-213 and PA-212 and adds a half day introduction to Panorama and Troubleshooting.  Through hands-on training, students learn high end skills of how to integrate Palo Alto next-generation firewalls into their network infrastructure.  This is not a virtualized theoretical course.  This is hands-on, real world instruction, directly relevant to the DoD and Commercial implementations of Palo Alto Networks next-generation firewalls.

    Each student is issued a physical Palo Alto firewall and a Cisco layer 3 switch at their desk.  Real hardware per student for real experience and real skill development.  TechNow provides a very comprehensive client infrastructure that includes Windows, Linux, and multiple packet sniffer agents.

    This course sets up the foundation for the two day course PA-232: Palo Alto Networks Panorama Manage Multiple Firewalls. The instructor for this course has been a lead in Unix kernel development to implement firewall and intrusion detection technologies.  Additionally, the instructor has taught several security appliance products and carries several SANS, Cisco, Unix, and Windows certifications. Attendees to the PA-215:  Palo Alto Firewall Essentials FastTrack Training Course will receive TechNow approved course materials and expert instruction.

    Dates/Locations:

    No Events

    Duration 5 days

    Course Objectives:   Students attending this foundational-level training course will gain an in-depth knowledge of how to configure and manage their Palo Alto Networks firewall, including hands-on experience in configuring the security, networking, threat prevention, logging, and reporting features of the Palo Alto Networks Operating System (PAN-OS).  Additionally Panorama and Troubleshooting are addressed.

    • Day 1
      • Module 0 – Introduction & Overview
      • Module 1 – Administration & Management
        • Configuration Management
        • PAN-OS & Software Updates
        • Service Route Configuration
        • Log Forwarding
        • GUI, CLI, and API
      • Module 2 – Interface Configuration
        • L2 & L3
        • Vwire
        • Tap
        • Interface Management in Security Zones
        • VLANs
        • QoS
    • Day 2
      • Module 3 – Layer 3 Configuration
        • L3 Configuration and DHCP
        • NAT
        • DNS Proxy
        • Policy Based Forwarding in
        • Introduction to IPv6
      • Module 4 – App-ID
        • App-ID Process
        • Policy Administration
      • Module 5 – Content-ID
        • Antivirus
        • Anti-spyware
        • Vulnerability
        • URL Filtering
        • File Blocking and Wildfire
        • Data Filtering
        • DoS Protection
        • Botnet
    • Day 3
      • Module 6 – VM Firewall
        • Downlaod VM Template
        • Configure ESXi
        • Configure VM
      • Module 7 – Decryption
        • SSL Inbound and Outbound
      • Module 8 – Custom Signatures
        • Defining New Application Signatures
        • Application Override
        • Custom Threat ID
    • Day 4
      • Module 9 – User-ID
        • User-ID Agent
        • Terminal Server Agent
        • XML API
        • Captive Portal
      • Module 10 – VPN and GlobalProtect
        • Psec Tunnels
        • GlobalProtect
        • Agent
        • Portal
        • Gateway
        • HIP
    • Day 5
      • Module 11 – High Availability
        • Active/Passive
        • Active/Active
      • Module 12 – Panorama
        • Device Groups & Objects
        • Shared Policy
        • Configuration Management
        • Reporting

    Prerequisites:

    This course is in no way associated with Palo Alto Networks, Inc.

    Comments

    Latest comments from students

    User: rod3535@gmail.com

    Instructor comments: Instructor was great, he explained everything and made sure we understood the process's/product. He also took time out of his own schedule to help set up a VM environment on our personal pc's.

    Facilities comments: Facility was great, enjoyed feeding the deers!

    Like the class?  Then let everyone know!

    TN-715: Systems Security Certified Practitioner (SSCP)

    Course Overview:

    Looking to move up in the information security field? If you have at least one year of security experience, you qualify for the Systems Security Certified Practitioner (SSCP) certification, which offers junior security professionals a way to validate their experience and demonstrate competence with (ISC²)®’s seven domains.

    Attendees to TN-715: Systems Security Certified Practitioner (SSCP) will receive TechNow approved course materials and expert instruction.

    Dates/Locations:

    No Events

    Duration: 5 Days

    Course Objectives:

    • Access Controls
    • Security Operations and Administration
    • Analysis and Monitoring
    • Cryptography
    • Networks and Telecommunications
    • Malicious Code/Malware
    • Risk, Response, and Recovery

    Prerequisites:

    • One year security experience
    • Some knowledge of the (ISC²)®’s seven domains

    Comments

    Latest comments from students

    User: boyleb15

    Instructor comments: Instructor was very knowledgeable on most items covered during this course. There were some topics he did lack the answer to. Instructor would also get sidetracked easily

    User: keginth

    Instructor comments: he was phenomenal with test prep and knew the book well

    Facilities comments: adequate

    Like the class?  Then let everyone know!

    Courses Similar to SANS

    TechNow is in no way associated with SANS or GIAC, but has courses that are similar in subject matter:

    in