Working with the TechNow lab for the PA-215: Palo Alto Networks Firewall Essentials FastTrack course has been nothing less than a techie's idea of fun. When students come in we are immediatly configuring the Cisco 3750 switches for access ports, VLANS, and trunks. We then cable the switch to the Palo Alto Networks Firewall. Each student gets their own Palo Alto Firewall Pod of hardware and software. What we find as fun is the VLAN environment, with an array of virtual machines hosted on an ESXi server that can really exercise the abilities of the Palo Alto Firewall. The DMZ VLAN hosts virtual machines that support enterprise services and also potentialy vulnerable web services. The Trust VLAN has Windows and Linux clients. The UnTrust VLAN has Web services and a VM of Kali. The hardware Firewall is additionally connected to a Management VLAN. All those VLANs are trunked into an ESXi server where the student also has a VM-Series Palo Alto Networks Firewall for High Availability.
After configuring all the trunking, VLANs, and network interfaces we learn about the firewall and configure it for the lab environment. Using Metasploitable and Kali/Metasploit nefarious penetration attempts are executed. Using packet captures, custom APP-ID's and custom signatures are generated. Custom logging and reporting are created to similate and enterprise and assist the desired Incident Response. It is always fun in a training environment to learn all about the controls available in a product, even though specific controls may not be used in the operational environment. In the end we have a good understanding of the Palo Alto Networks Firewall.
Course Overview:
TechNow has worked worldwide enterprise infrastructures for over 30 years and has developed demos and labs to exemplify the techniques required to demonstrate technologies that effectively support CTI. This course integrates well with our courses TN-575: Open Source Network Security Monitoring and TN-865: Wireshark Network Traffic and Security Analysis .
TechNow develops Cyber Ranges and makes them available for conferences in support of annual meetings for Cyber Threat Response Teams. Developing scenarios and reacting to them appropriately is a big part of the value in understanding the contexts required to comprehend valuable CTI. As with many advanced TechNow security courses, there is a large hands-on ratio. This course helps Cyber Protection Teams (CPT), Defensive Cyber Operations (DCO), and Mission Defense Teams (MDT) to collect, analyze and apply targeted cyber intelligence to defensive operations in order to proactively act on and tune response to attacks by cyber adversaries. CPT, DCO, and MDT can take preemptive action by utilizing CTI, understanding CTI tools, techniques and procedures (TTPs) needed to generate and consume timely and relevant intelligence to improve resilience and prevention.
This course focuses on the collection, classification, and exploitation of knowledge about adversaries and their TTPs. . MDT puts us close the mission and helps define the internal context to be analyzed against the CTI. TechNow pushes the student to truly understand how to think about and use CTI to make a difference.
Attendees to TN-905: Cyber Threat Intelligence Analysis will receive TechNow approved course materials and expert instruction.
Date/Locations:
No Events
Course Duration: 5 days
Course Objectives:
- Learn to comprehend and develop complex scenarios
- Identify and create intelligence requirements through practices such as threat modeling
- Utilize threat modeling to drive intelligence handling and practices
- Breakdown tactical, operational, and strategic-level threat intelligence
- Generate threat intelligence to detect, respond to, and defeat focused and targeted threats
- How to collect adversary information creating better value CTI
- How to filter and qualify external sources, mitigating low integrity intelligence
- Create Indicators of Compromise (IOCs) in formats such as YARA, OpenIOC, and STIX
- Move security maturity past IOCs into understanding and countering the behavioral tradecraft of threats
- Breaking down threats mapped against their tradecraft to tweak IOCs
- Establish structured analytical techniques to be successful in any security role
- Learn and apply structured principles in support of CTI and how to communicate that to any security role.
Course Prerequisites:
Comments
Latest comments from students
Liked the class? Then let everyone know!
TechNow offers many courses that also have a related certification exam. As an Authorized Peason VUE testing center, we offer exams for many certifications. Pearson VUE offers exams for a wide array of certifications that includes the IT certs of Cisco, EC-Council, CompTIA, and SANS.
Course Overview:
This course identifies how business analysts can elicit Agile requirements by writing user stories from use cases and personas of customer profiles. This leads to the processes of confirming the validity and usability for quality of the product development. An Agile Business Analyst has become a new recognized role within the other Agile Framework roles.
Attendees to PM-242:Defining Agile Requirements with User Stories will receive TechNow approved course materials and expert instruction.
Dates/Locations:
No Events
Duration: 2 Days
Course Objectives: At the conclusion of this course, students will be able to:
- Understand the Scrum Flow, the core components of the Scrum framework
- Understand the scope of the Product Owner role in detail
- Understand the scope of the Agile Business Analysis role in coordination with the Product Owner, Scrum Master and Development Team
- Understand the scope of the Scrum Master role at a high level
- Understand the scope of the Scrum Development Team roles
- Document the interactions between the user of a system and the system itself
- Dive into understanding the Agile principles for requirements using user stories in a card, conversation, and confirmation format
Target Student:
- Designed specifically for Agile project team members, product owners, project leaders and business analysts or anyone wanting to understand the Agile Framework.
Comments
Latest comments from students
Liked the class? Then let everyone know!
Course Overview:
CT-395: CompTIA CySA+ Cybersecurity Analyst is for IT professionals looking to gain IT security analyst skills, and for those following the recommended skills pathway to achieve cybersecurity mastery. It provides a bridge between CompTIA Security+ (CT-325) and CompTIA Advanced Security Practitioner (CASP,CT-425), thus completing a certification path within the CompTIA family of certifications. As attackers have learned to evade traditional signature-based solutions, an analytics-based approach has become extremely important. CySA+ applies behavioral analytics to the IT security market to improve the overall state of security. The CompTIA Cybersecurity Analyst (CySA+) certification verifies that successful candidates have the knowledge and skills required to configure and use threat detection tools, perform data analysis and interpret the results to identify vulnerabilities, threats and risks to an organization, with the end goal of securing and protecting applications and systems within an organization. Let us help you bridge this gap, and leave you prepared for the certification exam (CS0-002).
TechNow is a CompTIA partner uses official CompTIA CySA+ curriculum.
Dates/Locations:
Duration: 5 Days
Course Objectives:
- Threat Management
- Vulnerability Management
- Cyber Incident Response
- Security Architecture and Tool Sets
Prerequisites:
While there is no required prerequisite, the CompTIA CySA+ certification is intended to follow CT-325: Security+ or equivalent experience. It is recommended for CompTIA CySA+ candidates to have the following:
- 3-4 years of hands-on information security or related experience
- Network+, Security+, or equivalent knowledge.
Comments
Latest comments from students
Liked the class? Then let everyone know!
