TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies

 

Course Overview:

TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies is the big picture overview of a SOC, other courses provide a deep dive into the technologies that a SOC may utilize. This course addresses the internal workings of staff, skills required, required authorizations, internal agreements, and setting appropriate expectation levels of a SOC within budget constraints. A SOC is not a one size fits all, the instructor has decades of security experience and brings to the table opportunities to discuss what can work within constraints. Many organizations are coming to the realization that some level of a SOC is now required and to learn just what decisions need to be made: Out-sourced, In-sourced, budgets, capabilities and many more. Students leave with a worksheet of how to progress when they get back to their organization.

TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies – Is a course that incorporates lecture, demos, and group exercises for standing up a Security Operations Center (SOC). Students learn strategies and resources required to deploy, build, and run Network Security Monitoring (NSM) and work roles and flows for a SOC. No network is bullet proof and when attackers access your network, this course will show you options and resources to build a security net to detect, contain, and control the attacker. Examples on what it takes to architect an NSM solution to identify sophisticated attackers and a response strategy. Properly implemented detection and response technologies is integral to incident response and provides the responders timely information and tools to react to the incident. Effective demonstrations are given of Open Source technologies that build up a SOC, but any software can be used and demonstrations are provided to demonstrate technology families not push a specific solution.

TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies demonstrations utilize a cyber range that gives each student in-depth knowledge of monitoring live systems to include: Cisco, Windows, Linux, IoT, and Firewalls; and software and services to provide orchestrate Incident Response, Intelligence Analysis, and Hunt Operations.

Attendees to TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies class will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 2 Days

Course Objective:

    • To provide management an overview of what it takes to stand up a SOC.

Prerequisites:

  • Students should have an understanding of the security field.

Course Outline:

  • What threats does my organization care about?
  • What does a threat look like?
  • What does a threat look like?
  • How to present the SOC internally.
  • Communication with Stakeholders and Executives
    • Leveraging and integrating existing security measures
  • People
    • Establishing a skill matrix and work roles for SOC members
    • Establishing a training path
    • Personnel background requirementsProcesses
  • Processes
    • Alignment to standards: NIST, PCI, HIPAA, etc.
    • Risk related decision trees
    • Playbooks
    • Threat Intelligence Integration
  • Technology – Tool Suites to Support:
    • Ethical Hacking
    • Network Security Monitoring and SIEM
    • Forensics
    • Dashboards
    • Analysis and Hunting
    • Incident Management and Ticketing

 

Comments

Latest comments from students

 

Liked the class?  Then let everyone know!

Trademark Recognition

(ISC)², CBK, and CISSP are registered marks of the International Information Systems Security Certification Consortium in the United States and other countries.

Access, Excel, Hyper-V, Outlook, Microsoft, SharePoint, Silverlight, SQL Server, Visual Basic, Win32, Windows, Windows PowerShell and Windows Server are registered trademarks of Microsoft Corporation.

Adobe, Acrobat, Flash and Photoshop are registered trademarks of Adobe Systems Incorporated in the United States and/or other countries

Amazon Web Services is a trademark of Amazon.com, Inc.

Android is a trademark of Google Inc.

APMG-International Change Management, The APMG-International Change Management and Swirl Device logo, APMG-International AgilePM and The APMG-International AgilePM and Swirl Device logo are trademarks of The APM Group Limited.

Certified Ethical Hacker (CEH) is a registered trademark of EC-Council.

Cisco is a registered trademark of Cisco Systems Inc.

CMMI® is registered in the U.S. Patent and Trademark Office by Carnegie Mellon University.

IIBA®, the IIBA® logo, BABOK® and Business Analysis Body of Knowledge® are registered trademarks owned by International Institute of Business Analysis. These trademarks are used with express permission of International Institute of Business Analysis.

CAPM, Certified Associate in Project Management (CAPM), PMP, Project Management Professional (PMP), PMI-ACP, PMI Agile Certified Practitioner (PMI-ACP), PMBOK, and the R.E.P. Logo are marks of Project Management Institute, Inc.

CBAP® and CCBA® are registered certification marks owned by International Institute of Business Analysis. These trademarks are used with express permission of International Institute of Business Analysis.

Certified Business Analysis Professional, Certification of Competency in Business Analysis, Endorsed Education Provider, EEP and the EEP logo are trademarks owned by International Institute of Business Analysis. These trademarks are used with express permission of International Institute of Business Analysis.

COBIT is a trademark of ISACA, registered in the U.S. and other countries.

COBIT® 5 is a trademark of the Information Systems Audit and Control Association® (ISACA®). This product includes COBIT® 5, used by permission of ISACA®. 2012© ISACA®. All rights reserved.

CompTIA A+ and CompTIA Network+ are registered trademarks of the Computing Technology Industry Association, Inc.

CompTIA CASP and CompTIA Cloud Essentials are trademarks of the Computing Technology Industry Association, Inc.

GIAC and associated certifications:  GSEC, GPEN, GXPN, GCFW, GCUX, GCWN, GCIA, GREM are registered trademarks of the SANS Institute

Hadoop is a registered trademark of the Apache Software Foundation.

Hibernate is a registered trademark and servicemark of Red Hat, Inc.

iPad, iPhone, Mac and Mac OS are trademarks of Apple Inc., registered in the U.S. and other countries.

ITIL®, PRINCE2® and MSP® are registered trademarks of AXELOS Limited.

JavaScript, JavaServer, JavaServer Pages, Enterprise JavaBeans, MySQL and PL/SQL are trademarks of Oracle Corporation.

Linux is a registered trademark of Linus Torvalds.

Java and Oracle are registered trademarks of Oracle Corporation.

 Palo Alto Networks, PAN-OS, App-ID, Content-ID, Url-ID, GlobalProtect, Wildfire, and Panorama are trademarks of Palo Alto Networks, Inc.

"Python" is a registered trademark of the Python Software Foundation, used by Learning Tree International with permission from the Foundation.

Red Hat and Red Hat Enterprise Linux are registered trademarks of Red Hat, Inc. in the United States and other countries.

Red Hat Middleware, LLC. All rights reserved.

SANS and associated certifications:  GSEC, GPEN, GXPN, GCFW, GCUX, GCWN, GCIA, GREM are registered trademarks of the SANS Institute

SAP Crystal Reports is the registered trademark of SAP AG in Germany and in several other countries.

Scrum Alliance REPSM is a service mark of Scrum Alliance, Inc. Any unauthorized use is strictly prohibited.

TechNow® is a registered trademark of TechNow Incorporated.

The CompTIA Authorized Quality Curriculum logo is a proprietary trademark of CompTIA. All rights reserved.

The Swirl logo™ is a trademark of AXELOS Limited.

Transact-SQL is a trademark of Sybase, Inc.

UNIX is a registered trademark of The Open Group.

VMware is a registered trademark of VMware, Inc. in the United States and/or other jurisdictions.

XML is a trademark of MIT, INRIA or Keio on behalf of the World Wide Web Consortium.

in   

TN-5305: Supporting and Troubleshooting Windows 11

 

Course Overview:

This five-day instructor-led course provides IT professionals with the knowledge and skills required to Support and Troubleshoot Windows 11 PCs and devices in an on-premises Windows Server Active Directory domain environment.

Attendees to TN-5320: Supporting and Troubleshooting Windows 11 will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

  • Describe the processes involved in planning and using a troubleshooting methodology for Windows 11
  • Troubleshoot startup issues and operating system services on a Windows 11 PC
  • Perform system recovery
  • Resolve issues related to hardware devices and device drivers
  • Administer Windows 11 devices
  • Troubleshoot issues related to network connectivity
  • Configure Windows 11 devices by using Group Policy
  • Configure and troubleshoot user settings
  • Configure and troubleshoot resource access
  • Implement remote connectivity
  • Deploy and troubleshoot applications
  • Maintain Windows 11 devices

 

 Prerequisites: 

  • Networking fundamentals, including Transmission Control Protocol /Internet Protocol (TCP/IP), User Datagram Protocol (UDP), and Domain Name System (DNS).
  • Microsoft Active Directory Domain Services (AD DS) principles.
  • Understanding of the Public Key Infrastructure (PKI) components.
  • Windows Server fundamentals.

Comments

Latest comments from students

 

Liked the class?  Then let everyone know!

TN-959: UNIX Security Administrator Course

Course Overview:

The  UNIX Security Administrator Prep is a hands-on course that covers how to secure and audit UNIX and Linux operating systems. This includes concepts such as Rootkits, Buffer overflows, and monitoring UNIX/Linux systems.

Attendees to TN-959: Unix Security Administratorwill receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

  • AIDE
  • Apache
  • Best Practices for Kernel Tuning and Warning Banners
  • Boot Services
  • Chroot()
  • DNS- BIND
  • DNSSec
  • Evidence Collection and Preservation
  • Forensic Analysis
  • Forensic Preparation and Incident Handling
  • Host Based Firewalls – iptables
  • Intro to Forensics
  • OS Install and Patching
  • Physical, User Account, and Password Access Control
  • Se Linux
  • Sendmail
  • SSH
  • Stack Smashing
  • Sudo
  • Syslog-NG
  • UNIX Logging

Course Prerequisites:

  • GSEC or equivalent experience
  • UNIX, Windows, networking, and security experience
  • This is a hands-on skill course requiring comfort with command line interaction and network communications

 

Comments

Latest comments from students

User: wbcarter

Instructor comments: Good Stuff. Thanks!

User: ryuhas

Instructor comments: Very Good Instructor

Facilities comments: Facilities was great. Location had a lot to be desired. To much traffic and accidents trying to get here.

Liked the class?  Then let everyone know!

CT-425: CompTIA SecurityX

Course Overview:

SecurityX®  (formerly known as CASP+)  course prepares you for the CompTIA SecurityX® certification exam (CVO-005) and demonstrates your knowledge and skills in enterprise security, risk management, research and analysis, and the integration of computing, communications, and business disciplines. This course will prepare students for the objectives covered in the CompTIA SecurityX certification exam (CVO-005).

Attendees to CT-425: CompTIA SecurityX will receive TechNow approved course materials and expert instruction.

Date/Locations:

Date/Time Event
12/08/2025 - 12/12/2025
09:00 -17:00 		CT-425: CompTIA Advanced Security Practitioner (CASP+)
TechNow, Inc, San Antonio TX

Duration: 5 days

Course Objectives:

  • Support IT governance in the enterprise with an emphasis on managing risk
  • Leverage collaboration tools and technology to support enterprise security
  • Use research and analysis to secure the enterprise
  • Integrate advanced authentication and authorization techniques
  • Implement cryptographic techniques
  • Implement security controls for hosts
  • Implement security controls for mobile devices
  • Implement network security
  • Implement security in the systems and software development lifecycle
  • Integrate hosts, storage, networks, applications, virtual environments, and cloud technologies in a secure enterprise architecture
  • Conduct security assessments
  • Respond to and recover from security incidents

Prerequisites:

Completion of the following or equivalent knowledge:

Minimum of 10 years general hands on IT experience

5 years being hands-on security

CompTIA Certification: Network+

CompTIA Certification: Security+

CompTIA Certification: CySA+

OR equivalent knowledge

Comments

Latest comments from students

User: clbrack

Instructor comments: I expect to pass, another great class from technow!

User: christopher0470

Instructor comments: Alan takes the time to cover the material so that you understand the concepts and applications of the information presented.

Facilities comments: I like the location. It was quiet and very conducive to learning.

Liked the class?  Then let everyone know!