Course Overview:
This course engages students by providing in-depth knowledge of the most prominent and powerful attack vectors and an environment to perform these attacks in numerous hands-on scenarios. This course goes far beyond simple scanning for low-hanging fruit, and shows penetration testers how to model the abilities of an advanced attacker to find significant flaws in a target environment and demonstrate the business risk associated with these flaws.
Attendees to TN-919:Penetration Tester course will receive TechNow approved course materials and expert instruction.
Date/Locations:
Course Duration: 5 days
Course Objectives:
- Advanced Hash Manipulation
- Command Shell vs. Terminal Access
- Enumerating Users
- Exploitation Fundamentals
- Injection Attacks
- Legal Issues
- Metasploit
- Moving Files with Exploits
- Obtaining and Passing Password Representations
- Overview of Passwords
- Penetration Testing Foundations
- Penetration Testing Process
- Penetration Testing via the Command Line
- Profiling the Target
- Reconnaissance
- Scanning for Targets
- Using a Proxy to Attack a Web Application
- Vulnerability Scanning
- Wireless Crypto and Client Attacks
- Wireless Fundamentals
Course Prerequisites:
- GSEC or equivalent experience
- UNIX, Windows, networking, and security experience
- This is a hands-on skill course requiring comfort with command line interaction and network communications
Comments
Latest comments from students
User: kdwagoner
Instructor comments: Very knowledgeable. Kept class focused and on task
Facilities comments: Good
Liked the class? Then let everyone know!
Course Overview:
CT-395: CompTIA CySA+ Cybersecurity Analyst is for IT professionals looking to gain IT security analyst skills, and for those following the recommended skills pathway to achieve cybersecurity mastery. It provides a bridge between CompTIA Security+ (CT-325) and CompTIA Advanced Security Practitioner (CASP,CT-425), thus completing a certification path within the CompTIA family of certifications. As attackers have learned to evade traditional signature-based solutions, an analytics-based approach has become extremely important. CySA+ applies behavioral analytics to the IT security market to improve the overall state of security. The CompTIA Cybersecurity Analyst (CySA+) certification verifies that successful candidates have the knowledge and skills required to configure and use threat detection tools, perform data analysis and interpret the results to identify vulnerabilities, threats and risks to an organization, with the end goal of securing and protecting applications and systems within an organization. Let us help you bridge this gap, and leave you prepared for the certification exam (CS0-002).
TechNow is a CompTIA partner uses official CompTIA CySA+ curriculum.
Dates/Locations:
Duration: 5 Days
Course Objectives:
- Threat Management
- Vulnerability Management
- Cyber Incident Response
- Security Architecture and Tool Sets
Prerequisites:
While there is no required prerequisite, the CompTIA CySA+ certification is intended to follow CT-325: Security+ or equivalent experience. It is recommended for CompTIA CySA+ candidates to have the following:
- 3-4 years of hands-on information security or related experience
- Network+, Security+, or equivalent knowledge.
Comments
Latest comments from students
Liked the class? Then let everyone know!
Course Overview:
This course provides security professionals with the skills and knowledge to perform vulnerability and compliance scanning of supported operating systems, devices, and applications. Students will construct custom scan policies for topology discovery, network vulnerability detection, credentialed patch audits, and compliance benchmarks, and discuss the underlying technologies utilized by the Nessus scanner.
This course provides students with the necessary information to prepare for the Tenable Certified Nessus Auditor (TCNA) exam.
Date/Locations:
Duration: 5 days
Course Objectives:
- Introduction to Nessus and Vulnerability Scanning
- Nessus Installation and Administration
- Basic Nessus Scan Operation
- Nessus Scan Configuration and Policy Creation
- Vulnerability Analysis and Reporting with Nessus
- Advanced Scan Configuration and Policy Creation
- Introduction to Compliance and Auditing
- Nessus Auditing Features
- Windows System Auditing
- Unix System Auditing
- Cisco IOS Auditing
- Nessus Database Auditing
- Nessus Content Auditing
- Auditing to Industry Guidelines
- Auditing to Federal Guidelines
Prerequisites:
Students should possess a basic understanding of TCP/IP networking, operating systems security, and common client/server applications.
Comments
Latest comments from students
Liked the class? Then let everyone know!
TechNow has been involved in enterprise security architectures and education since 1990. TechNow’s training program has followed the evolution of enterprise computing into security architectures. Palo Alto Networks represents the current state of security product evolution. With next generation firewall technology, the reunification of your security architecture is possible. TechNow can present the ramifications of many centralized strategies. All courses utilize enterprise security professionals with experience as instructors and can discuss the detail of implementation and the integration into an existing infrastructure.
Palo Alto Networks Certifications: Accredited Configuration Engineer (ACE) take EDU-201; Palo Alto Networks Certified Network Security Engineer (PCNSE) take EDU-201 + EDU-205 + EDU-221
TechNow is a mobile Pearson VUE Authorized Testing Center. Palo Alto courses can be delivered on the customer site, with certificadtion testing on the last day of the course. Take the course and get certfied, without logistical effort of getting students to a training facility and the hassle of scheduling testing.
TechNow, Inc. is not associated in any way with Palo Alto Networks, Inc.
Course Overview:
Learn to protect yourself and your company against hackers, by learning their tools and techniques, and then testing your network. This course is heavily based on Kali and primarily on Metasploit. In TN-515: Implementing Cybersecurity and Information Assurance Methodologies class you will learn the step by step process that hackers use to assess your enterprise network, probe it & hack into it, utilizing a mixed-platform target environment including Windows, Linux, Solaris, and Cisco. This course is 90% hacking, but defenses for demonstrated hacks will be discussed. If you want to know the ins and outs of the hacks presented in this course, then this is the course for you.
Attendees to TN-515: Implementing Cybersecurity and Information Assurance Methodologies Class Attendees will receive TechNow approved course materials and expert instruction.
Dates/Locations:
Duration: 5 Days
Course Objectives:
- Introduction to Pen Testing using the PTES model
- Metasploit Basics
- MSFconsole, MSFcli, Armitage, MSFpayload, MSFencode, NasmShell
- Intelligence Gathering
- Nmap, Databases in Metasploit, Port Scanning with Metasploit
- Quick Intro to Ruby
- Writing a simple Ruby script to create a custom scanner
- Vulnerability Scanning
- Importing Nessus Results
- Scanning with Nessus from Within Metasploit
- Exploitation
- Using the Metasploit Framework and console to exploit
- Meterpreter
- Compromising a Windows System
- Attacking MS SQL, xp_cmdshell
- Dumping Usernames and Passwords, extracting and dumping hashes
- Pass the Hash and Token Impersonation
- Pivoting
- Railgun
- Using Meterpreter Scripts: Migrating a process, Killing AV, Persistence
- Avoiding Detection
- Creating Stand-Alone Binaries with MSFpayload
- Encoding with MSFencode and Packers (go Green Bay:)
- Exploitation Using Client Side Attacks
- Introduction to Immunity Debugger
- Using Immunity Debugger to Decipher NOP Shellcode
- Metasploit Auxiliary Modules
- Social Engineer Toolkit (SET)
- Spear-Phishing, Web Attack
- Creating a Multipronged Attack
- Creating Your Own Module
- Adapt an existing Module
- Add some PowerShell and Run the Exploit
- Meterpreter Scripting
- Capture The Flag Exercise
Prerequisites:
- This is an advanced Cybersecurity and Information Assurance Course which requires basic Windows & UNIX competency
- Certification or 2 years of experience in these operating systems is highly recommended
- An understanding of TCP/IP
Comments
Latest comments from students
Liked the class? Then let everyone know!