Security

Twenty years of experience in the area of information assurance ensures that you are benefiting from a very mature and successful security training program. TechNow offers the full suite of security training courses to meet any DoD 8570 requirements.

Security Course Flow

Here is our list of security related courses.

Cisco

Are you looking for a Cisco Training Course?

Your organization needs qualified professionals who can design, implement, and operate Cisco multiprotocol internet works. With Cisco training from TechNow, you can gain the knowledge and experience your organization needs to succeed.

TechNow’s Cisco Training and Certification Career Path takes students from the fundamentals of networking through a complete line of Cisco courses designed to give students the knowledge and experience they need to master Cisco networking skills in a fast, thorough, and efficient manner.

Our Cisco training courses will prepare you for your work towards Cisco certification. With years of experience in the Cisco training environment, TechNow can lead you through a dynamic experience to prepare you for Cisco certification.

A list of our Cisco Courses.

DoD 8570

DoD 8570 Training

The Department of Defense requires that all information assurance personnel must become compliant with IT and security certification standards.

DoD 8570 training, also called Information Assurance training, is available through TechNow to provide you with the certification that is required. Your DoD 8570 training ( information assurance training ) at TechNow will provide you with all of the courses necessary to receive your DoD 8570.01-M certification.

Ongoing open enrollment through TechNow is availble for our DoD 8570.01-M courses.

Please review the full & updated DoD approved IA baseline certifications aligned to each category & level of the IA workforce:

Note: The Certifications in red are recently added to approved list as of 2/4/19

For further information or to schedule for classes, call us at 800-324-2294

N-415: Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR)

Course Overview:

The Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) course gives you the knowledge and skills needed to configure, troubleshoot, and manage enterprise wired and wireless networks. You’ll also learn to implement security principles, implement automation and programmability within an enterprise network, and how to overlay network design by using SD-Access and SD-WAN solutions.

Attendees to N-415: Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) will receive TechNow approved course materials, expert instruction, and prepare you to take the 350-401 Implementing Cisco® Enterprise Network Core Technologies (ENCOR) exam.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

Illustrate the hierarchical network design model and architecture using the access, distribution, and core layers
Compare and contrast the various hardware and software switching mechanisms and operation, while defining the Ternary Content Addressable Memory (TCAM) and Content Addressable Memory (CAM), along with process switching, fast switching, and Cisco Express Forwarding concepts
Troubleshoot Layer 2 connectivity using VLANs and trunking
Implementation of redundant switched networks using Spanning Tree Protocol
Troubleshooting link aggregation using Etherchannel
Describe the features, metrics, and path selection concepts of Enhanced Interior Gateway Routing Protocol (EIGRP)
Implementation and optimization of Open Shortest Path First (OSPF)v2 and OSPFv3, including adjacencies, packet types, and areas, summarization, and route filtering for IPv4 and IPv6
Implementing External Border Gateway Protocol (EBGP) interdomain routing, path selection, and single and dual-homed networking
Implementing network redundancy using protocols including Hot Standby Routing Protocol (HSRP) and Virtual Router Redundancy Protocol (VRRP)
Implementing internet connectivity within Enterprise using static and dynamic Network Address Translation (NAT)
Describe the virtualization technology of servers, switches, and the various network devices and components
Implementing overlay technologies such as Virtual Routing and Forwarding (VRF), Generic Routing Encapsulation (GRE), VPN, and Location Identifier Separation Protocol (LISP)
Describe the components and concepts of wireless networking including Radio Frequency (RF) and antenna characteristics, and define the specific wireless standards
Describe the various wireless deployment models available, include autonomous Access Point (AP) deployments and cloud-based designs within the centralized Cisco Wireless LAN Controller (WLC) architecture
Describe wireless roaming and location services
Describe how APs communicate with WLCs to obtain software, configurations, and centralized management
Configure and verify Extensible Authentication Protocol (EAP), WebAuth, and Pre-Shared Key (PSK) wireless client authentication on a WLC
Troubleshoot wireless client connectivity issues using various available tools
Troubleshooting Enterprise networks using services such as Network Time Protocol (NTP), Simple Network Management Protocol (SNMP), Cisco Internetwork Operating System (Cisco IOS®) IP Service Level Agreements (SLAs), NetFlow, and Cisco IOS Embedded Event Manager
Explain the use of available network analysis and troubleshooting tools, which include show and debug commands, as well as best practices in troubleshooting
Configure secure administrative access for Cisco IOS devices using the Command-Line Interface (CLI) access, Role-Based Access Control (RBAC), Access Control List (ACL), and Secure Shell (SSH), and explore device hardening concepts to secure devices from less secure applications, such as Telnet and HTTP
Implement scalable administration using Authentication, Authorization, and Accounting (AAA) and the local database, while exploring the features and benefits
Describe the enterprise network security architecture, including the purpose and function of VPNs, content security, logging, endpoint security, personal firewalls, and other security features
Explain the purpose, function, features, and workflow of Cisco DNA Center™ Assurance for Intent-Based Networking, for network visibility, proactive monitoring, and application experience
Describe the components and features of the Cisco SD-Access solution, including the nodes, fabric control plane, and data plane, while illustrating the purpose and function of the Virtual Extensible LAN (VXLAN) gateways
Define the components and features of Cisco SD-WAN solutions, including the orchestration plane, management plane, control plane, and data plane
Describe the concepts, purpose, and features of multicast protocols, including Internet Group Management Protocol (IGMP) v2/v3, Protocol-Independent Multicast (PIM) dense mode/sparse mode, and rendezvous points
Describe the concepts and features of Quality of Service (QoS), and describe the need within the enterprise network
Explain basic Python components and conditionals with script writing and analysis
Describe network programmability protocols such as Network Configuration Protocol (NETCONF) and RESTCONF
Describe APIs in Cisco DNA Center and vManage

Prerequisites:

CCNA certification
Implementation of Enterprise LAN networks
Basic understanding of Enterprise routing and wireless connectivity
Basic understanding of Python scripting

Comments

Latest comments from students

User: don.seguin

Instructor comments: Tim was a great.

Facilities comments: The classroom was great.

User: jrtrussell

Instructor comments: Awesome

Facilities comments: Great

Liked the class? Then let everyone know!

TN-911: Cyber Threat Intelligence (CTI) Analysis and 800-172 Seminar

Course Overview:

TechNow’s TN-911: Cyber Threat Intelligence (CTI) Analysis and 800-172 Updates Seminar, is a one day seminar that covers the objectives of TechNow’s TN-905: Cyber Threat Intelligence Analysis five day course in a one day seminar format plus some other security enhancements of 800-172. Upon request, this seminar can be presented in multi-day format based upon the depth of knowledge required. The NIST PUB 800-172 security enhancement update to 800-171 regarding 03.11.1 Risk Assessment, introduces the security enhancements of a Threat Awareness Program, Threat Hunting, and Predictive Cyber Analytics. TN-911 distills the TN-905 CTI five day course and aligns it to assessing compliance with 800-172. For the seminar, selected course labs are converted to demos, and the important points and outcomes of topics are presented. The TN-911 CTI Seminar discusses the applicability of the 800-172 security enhancements to the organization being assessed, and how to think about the the appropriate strength of the controls related to the organizations criticality of the information and the risk involved for contracted work with the DoD.

TechNow’s TN-911: Cyber Threat Intelligence Analysis Seminar addresses significant changes that have been made to SP 800-172 in transitioning to Revision 3, regarding new enhanced security requirements based on (1) the latest threat intelligence and (2) empirical data from cyber-attacks. With the intent of addressing CUI that may be associated with a critical program or a high value asset.

Those programs and assets are potential targets for advanced persistent threat (APT). Cyber Threat Intelligence supports the required functions of NIST 800-172 of Penetration Resistant Architecture (PRA), Damage Limiting Operations (DLO) and Cyber Resiliency (CRS).

Regarding 800-172 This seminar includes:

3.2.1E Awareness Training (rev 3 – Advanced Literacy and Awareness Training)
3.11.6E Supply Chain Risk Management SCRM (rev 3 withdrawn, moved to other controls)
3.11.7E SCRM Planning (rev 3 withdrawn, moved to other controls)
3.12.1E Penetration Testing
800-172, 3.11 Risk Assessment
- 03.11.01E Threat Awareness Program
- 03.11.02E Threat Hunting
- 03.11.03E Predictive Cyber Analytics.

TN-911 CTI Seminar directly discusses 3.11 topics:

03.11.01E Threat Awareness Program:

Share threat information, including threat events of 03.11.01E is specifically covered as:

Create Indicators of Compromise (IOCs) using STIX
Understand a solution for collecting, storing, distributing and sharing cyber security indicators and threats about cyber security incidents analysis and malware analysis.
How to assess an environment to validate:
- Support for day-to-day operations to share structured threat information efficiently.
- Confirming the presence of curated, frequently updated feeds, and the automation of enrichment workflow
- Contextualization of intelligence with internal data to prioritize alerts and improve detection
- Updated threat hunting based upon inbound Threat Intelligence

03.11.02E Threat Hunting:

Introduction to Threat Hunting practices to effectively search for indicators of compromise and to detect, track, and disrupt threats that evade existing controls.

How to assess an environment to validate:
A formalized process is being followed for Threat Hunting
- Phases of trigger (incident or CTI), SIEM utilization, and response
Integration of machine learning to provide proactive, automated, and scalable Threat Hunting
Leveraging threat intelligence for proactive threat hunting by querying historical logs for indicators of compromise (IOCs) from feeds to identify:
Dormant threats
Advance Persistent Threats (APT)

03.11.03E Predictive Cyber Analytics

Introduction leveraging data, machine learning, and real-time analysis with automation to anticipate threats before they occur.

How to assess an environment to validate:
- Data aggregation from network logs, user activities, system logs, and external threat intelligence feeds into a centralized platform like a SIEM
Use of machine learning algorithms to identify patterns, uncover correlations, and spot anomalies in real-time
Integration with incident response workflows
Staff skill competency level and integration into Predictive Cyber Analytics to mitigate advanced adversarial techniques against machine learning such as:
- Attacks of Evasion, Poisoning, and Model Tampering
- Utilization of exercises or Red Teaming to validate practices and effectiveness of Predictive Cyber Analytics.

3.2.1E Awareness Training (rev 3 – Advanced Literacy and Awareness Training)

Validate that training addresses APT

3.11.6E Supply Chain Risk Management SCRM (rev 3 withdrawn, moved to other controls)

Validate cybersecurity supply chain risk management C-SCRM:

Cross-functional team responsible for supply chain risk management (SCRM) and C-SCRM
Validating standard risk management with respect to supply chain
- FARM (Frame, Assess, Respond, and Monitor)
- Tasks outlined in NIST Pub 800-161

3.11.7E SCRM Planning (rev 3 withdrawn, moved to other controls)

This is discussed in topic 3.11.6E

3.12.1E Penetration Testing

Validate the organization is progressing through standardized Penetration Testing Protocols.

Evaluate Penetration Test reports for completeness and scope.

Attendees to TN-911: Cyber Threat Intelligence (CTI) Analysis and 800-172 Seminar will receive TechNow approved course materials and expert instruction.

Seminar Duration: 1 day (more upon request)

Seminar Objectives:

Learn to comprehend and develop complex scenarios
Identify and create intelligence requirements through practices such as threat modeling
Utilize threat modeling to drive intelligence handling and practices
Breakdown tactical, operational, and strategic-level threat intelligence
Generate threat intelligence to detect, respond to, and defeat focused and targeted threats
How to collect adversary information creating better value CTI
How to filter and qualify external sources, mitigating low integrity intelligence
Create Indicators of Compromise (IOCs) in STIX
Move security maturity past IOCs into understanding and countering the behavioral tradecraft of threats
Breaking down threats mapped against their tradecraft to tweak IOCs
Establish structured analytical techniques to be successful in any security role
Learn and apply structured principles in support of CTI and how to communicate that to any security role.

Seminar Prerequisites:

Security+, or equivalent experience