Course Overview:
This course provides security professionals with the skills and knowledge to perform vulnerability and compliance scanning of supported operating systems, devices, and applications. Students will construct custom scan policies for topology discovery, network vulnerability detection, credentialed patch audits, and compliance benchmarks, and discuss the underlying technologies utilized by the Nessus scanner.
This course provides students with the necessary information to prepare for the Tenable Certified Nessus Auditor (TCNA) exam.
Date/Locations:
No Events
Duration: 5 days
Course Objectives:
- Introduction to Nessus and Vulnerability Scanning
- Nessus Installation and Administration
- Basic Nessus Scan Operation
- Nessus Scan Configuration and Policy Creation
- Vulnerability Analysis and Reporting with Nessus
- Advanced Scan Configuration and Policy Creation
- Introduction to Compliance and Auditing
- Nessus Auditing Features
- Windows System Auditing
- Unix System Auditing
- Cisco IOS Auditing
- Nessus Database Auditing
- Nessus Content Auditing
- Auditing to Industry Guidelines
- Auditing to Federal Guidelines
Prerequisites:
Students should possess a basic understanding of TCP/IP networking, operating systems security, and common client/server applications.
Comments
Latest comments from students
Liked the class? Then let everyone know!
Increase your credibility, job security, and career opportunities by reaching your goal and getting certified! TechNow offers many CompTIA bootcamp style courses in which we administer an exam on the last day of class. We have a proven testing program that will get you the results you want!
- CL-218: Introduction to Cloud Infrastructure and Operations Bootcamp
- CT-205: A+ Certification Course
- CT-208: A+ Extended Boot Camp
- CT-210: Project+
- CT-213: Cloud Essentials+
- CT-215: Cloud+
- CT-225: Network+
- CT-245: Linux+
- CT-325: Security+
- CT-395: CySA+ Cybersecurity Analyst
- CT-405: PenTest+
- CT-425: CompTIA SecurityX
- TN-205: A+ Skills Class
- TN-225: Network+ Skills Class
Course Overview:
Learn to protect yourself and your company against hackers, by learning their tools and techniques, and then testing your network. This course is heavily based on Kali and primarily on Metasploit. In TN-315: Complete Hack and Defend class you will learn the step by step process that hackers use to assess your enterprise network, probe it & hack into it in mixed-platform environment including Windows, Linux, Solaris, and Cisco. This course is 90% hacking, but defenses for demonstrated hacks will be discussed. If you want to know the ins and outs of the hacks presented in this course, then this is the course for you.
Attendees to TN-315: Complete Hack & Defend Class Attendees will receive TechNow approved course materials and expert instruction.
Dates/Locations:
No Events
Duration: 5 Days
Course Objectives:
- Introduction to Pen Testing using the PTES model
- Metasploit Basics
- MSFconsole, MSFcli, Armitage, MSFpayload, MSFencode, NasmShell
- Intelligence Gathering
- Nmap, Databases in Metasploit, Port Scanning with Metasploit
- Quick Intro to Ruby
- Writing a simple Ruby script to create a custom scanner
- Vulnerability Scanning
- Importing Nessus Results
- Scanning with Nessus from Within Metasploit
- Exploitation
- Using the Metasploit Framework and console to exploit
- Meterpreter
- Compromising a Windows System
- Attacking MS SQL, xp_cmdshell
- Dumping Usernames and Passwords, extracting and dumping hashes
- Pass the Hash and Token Impersonation
- Pivoting
- Railgun
- Using Meterpreter Scripts: Migrating a process, Killing AV, Persistence
- Avoiding Detection
- Creating Stand-Alone Binaries with MSFpayload
- Encoding with MSFencode and Packers (go Green Bay:)
- Exploitation Using Client Side Attacks
- Introduction to Immunity Debugger
- Using Immunity Debugger to Decipher NOP Shellcode
- Metasploit Auxiliary Modules
- Social Engineer Toolkit (SET)
- Spear-Phishing, Web Attack
- Creating a Multipronged Attack
- Creating Your Own Module
- Adapt an existing Module
- Add some PowerShell and Run the Exploit
- Meterpreter Scripting
- Capture The Flag Exercise
Prerequisites:
- This is an advanced Information Security Course which requires basic Windows & UNIX competency
- Certification or 2 years of experience in these operating systems is highly recommended
- An understanding of TCP/IP
Comments
Latest comments from students
User: dhonore
Instructor comments: Dave's presentation style is engaging and lively.
Facilities comments: The room was adequate for the needs of the class.
User: phouck
Instructor comments: David was very good. Although he went very fast at times.
Facilities comments: The room was ok. it was bit dark.
Liked the class? Then let everyone know!
TechNow is in no way associated with SANS or GIAC, but has courses that are similar in subject matter:
- TN-345: Python for Penetration Testers
- TN-865: Wireshark Network Traffic and Security Analysis
- TN-901: Linux for Security Professionals
- TN-909: Windows Forensic Analysis
- TN-913: Cloud Security Fundamentals
- TN-919: Penetration Tester Course
- TN-929: Security Essentials Training Course
- TN-939: Hacker Techniques, Exploits, and Incident Handling Course
- TN-949: Certified Firewall Analyst Course
- TN-959: UNIX Security Administrator Course
- TN-969: Windows Security Administrator Course
- TN-979: Intrusion Analyst Course
- TN-989: Advanced Penetration Testing, Exploits, and Ethical Hacking Course
- TN-999: Reverse Engineering Malware Course