N-415: Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR)

Course Overview:

The Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) course gives you the knowledge and skills needed to configure, troubleshoot, and manage enterprise wired and wireless networks. You’ll also learn to implement security principles, implement automation and programmability within an enterprise network, and how to overlay network design by using SD-Access and SD-WAN solutions.

Attendees to N-415: Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) will receive TechNow approved course materials, expert instruction, and prepare you to take the 350-401 Implementing Cisco® Enterprise Network Core Technologies (ENCOR) exam.

Document Flow Chart iconsm

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

  • Illustrate the hierarchical network design model and architecture using the access, distribution, and core layers
  • Compare and contrast the various hardware and software switching mechanisms and operation, while defining the Ternary Content Addressable Memory (TCAM) and Content Addressable Memory (CAM), along with process switching, fast switching, and Cisco Express Forwarding concepts
  • Troubleshoot Layer 2 connectivity using VLANs and trunking
  • Implementation of redundant switched networks using Spanning Tree Protocol
  • Troubleshooting link aggregation using Etherchannel
  • Describe the features, metrics, and path selection concepts of Enhanced Interior Gateway Routing Protocol (EIGRP)
  • Implementation and optimization of Open Shortest Path First (OSPF)v2 and OSPFv3, including adjacencies, packet types, and areas, summarization, and route filtering for IPv4 and IPv6
  • Implementing External Border Gateway Protocol (EBGP) interdomain routing, path selection, and single and dual-homed networking
  • Implementing network redundancy using protocols including Hot Standby Routing Protocol (HSRP) and Virtual Router Redundancy Protocol (VRRP)
  • Implementing internet connectivity within Enterprise using static and dynamic Network Address Translation (NAT)
  • Describe the virtualization technology of servers, switches, and the various network devices and components
  • Implementing overlay technologies such as Virtual Routing and Forwarding (VRF), Generic Routing Encapsulation (GRE), VPN, and Location Identifier Separation Protocol (LISP)
  • Describe the components and concepts of wireless networking including Radio Frequency (RF) and antenna characteristics, and define the specific wireless standards
  • Describe the various wireless deployment models available, include autonomous Access Point (AP) deployments and cloud-based designs within the centralized Cisco Wireless LAN Controller (WLC) architecture
  • Describe wireless roaming and location services
  • Describe how APs communicate with WLCs to obtain software, configurations, and centralized management
  • Configure and verify Extensible Authentication Protocol (EAP), WebAuth, and Pre-Shared Key (PSK) wireless client authentication on a WLC
  • Troubleshoot wireless client connectivity issues using various available tools
  • Troubleshooting Enterprise networks using services such as Network Time Protocol (NTP), Simple Network Management Protocol (SNMP), Cisco Internetwork Operating System (Cisco IOS®) IP Service Level Agreements (SLAs), NetFlow, and Cisco IOS Embedded Event Manager
  • Explain the use of available network analysis and troubleshooting tools, which include show and debug commands, as well as best practices in troubleshooting
  • Configure secure administrative access for Cisco IOS devices using the Command-Line Interface (CLI) access, Role-Based Access Control (RBAC), Access Control List (ACL), and Secure Shell (SSH), and explore device hardening concepts to secure devices from less secure applications, such as Telnet and HTTP
  • Implement scalable administration using Authentication, Authorization, and Accounting (AAA) and the local database, while exploring the features and benefits
  • Describe the enterprise network security architecture, including the purpose and function of VPNs, content security, logging, endpoint security, personal firewalls, and other security features
  • Explain the purpose, function, features, and workflow of Cisco DNA Center™ Assurance for Intent-Based Networking, for network visibility, proactive monitoring, and application experience
  • Describe the components and features of the Cisco SD-Access solution, including the nodes, fabric control plane, and data plane, while illustrating the purpose and function of the Virtual Extensible LAN (VXLAN) gateways
  • Define the components and features of Cisco SD-WAN solutions, including the orchestration plane, management plane, control plane, and data plane
  • Describe the concepts, purpose, and features of multicast protocols, including Internet Group Management Protocol (IGMP) v2/v3, Protocol-Independent Multicast (PIM) dense mode/sparse mode, and rendezvous points
  • Describe the concepts and features of Quality of Service (QoS), and describe the need within the enterprise network
  • Explain basic Python components and conditionals with script writing and analysis
  • Describe network programmability protocols such as Network Configuration Protocol (NETCONF) and RESTCONF
  • Describe APIs in Cisco DNA Center and vManage

Prerequisites:

  • CCNA certification
  • Implementation of Enterprise LAN networks
  • Basic understanding of Enterprise routing and wireless connectivity
  • Basic understanding of Python scripting

 

Comments

Latest comments from students

User: don.seguin

Instructor comments: Tim was a great.

Facilities comments: The classroom was great.

User: jrtrussell

Instructor comments: Awesome

Facilities comments: Great

Liked the class?  Then let everyone know!

TN-911: Cyber Threat Intelligence (CTI) Analysis and 800-172 Seminar

 

Course Overview:

TechNow’s TN-911: Cyber Threat Intelligence (CTI) Analysis and 800-172 Updates Seminar, is a one day seminar that covers the objectives of TechNow’s TN-905: Cyber Threat Intelligence Analysis five day course in a one day seminar format plus some other security enhancements of 800-172.  Upon request, this seminar can be presented in multi-day format based upon the depth of knowledge required. The NIST PUB 800-172 security enhancement update to 800-171 regarding 03.11.1 Risk Assessment, introduces the security enhancements of a Threat Awareness Program, Threat Hunting, and Predictive Cyber Analytics.  TN-911 distills the TN-905 CTI five day course and aligns it to assessing compliance with 800-172.  For the seminar, selected course labs are converted to demos, and the important points and outcomes of topics are presented. The TN-911 CTI Seminar discusses the applicability of the 800-172 security enhancements to the organization being assessed, and how to think about the the appropriate strength of the controls related to the organizations criticality of the information and the risk involved for contracted work with the DoD.

TechNow’s TN-911: Cyber Threat Intelligence Analysis Seminar addresses significant changes that have been made to SP 800-172 in transitioning to Revision 3, regarding new enhanced security requirements based on (1) the latest threat intelligence and (2) empirical data from cyber-attacks.  With the intent of addressing CUI that may be associated with a critical program or a high value asset.

Those programs and assets are potential targets for advanced persistent threat (APT).  Cyber Threat Intelligence supports the required functions of NIST 800-172 of Penetration Resistant Architecture (PRA), Damage Limiting Operations (DLO) and Cyber Resiliency (CRS).

Regarding 800-172 This seminar includes:

  • 3.2.1E Awareness Training (rev 3 – Advanced Literacy and  Awareness Training)
  • 3.11.6E Supply Chain Risk Management SCRM (rev 3 withdrawn, moved to other controls)
  • 3.11.7E SCRM Planning (rev 3 withdrawn, moved to other controls)
  • 3.12.1E Penetration Testing
  • 800-172, 3.11 Risk Assessment
    • 03.11.01E Threat Awareness Program
    • 03.11.02E Threat Hunting
    • 03.11.03E Predictive Cyber Analytics.

TN-911 CTI Seminar directly discusses 3.11 topics:

    03.11.01E Threat Awareness Program:

    Share threat information, including threat events of 03.11.01E is specifically covered as:

  • Create Indicators of Compromise (IOCs) using STIX
  • Understand a solution for collecting, storing, distributing and sharing cyber security indicators and threats about cyber security incidents analysis and malware analysis.
  • How to assess an environment to validate:
    • Support for day-to-day operations to share structured threat information efficiently.
    • Confirming the presence of curated, frequently updated feeds, and the automation of enrichment   workflow
    • Contextualization of intelligence with internal data to prioritize alerts and improve detection
    • Updated threat hunting based upon inbound Threat Intelligence

    03.11.02E Threat Hunting:

    Introduction to Threat Hunting practices to effectively search for indicators of compromise and to detect, track, and disrupt threats that evade existing controls.

  • How to assess an environment to validate:
  • A formalized process is being followed for Threat Hunting
    • Phases of trigger (incident or CTI), SIEM utilization, and response
  • Integration of machine learning to provide proactive, automated, and scalable Threat Hunting
  • Leveraging threat intelligence for proactive threat hunting by querying historical logs for indicators of compromise (IOCs) from feeds to identify:
  •  Dormant threats
  •  Advance Persistent Threats (APT)

    03.11.03E Predictive Cyber Analytics

    Introduction leveraging data, machine learning, and real-time analysis with automation to anticipate threats before they occur.

  • How to assess an environment to validate:
    • Data aggregation from network logs, user activities, system logs, and external threat intelligence feeds into a centralized platform like a SIEM
  • Use of machine learning algorithms to identify patterns, uncover correlations, and spot anomalies in real-time
  • Integration with incident response workflows
  • Staff skill competency level and integration into Predictive Cyber Analytics to mitigate advanced adversarial techniques against machine learning such as:
    • Attacks of Evasion, Poisoning, and Model Tampering
    • Utilization of exercises or Red Teaming to validate practices and effectiveness of Predictive Cyber Analytics.

    3.2.1E Awareness Training (rev 3 – Advanced Literacy and  Awareness Training)

  •       Validate that training addresses APT

    3.11.6E Supply Chain Risk Management SCRM (rev 3 withdrawn, moved to other controls)

      Validate cybersecurity supply chain risk management C-SCRM:

  • Cross-functional team responsible for supply chain risk management (SCRM) and C-SCRM
  • Validating standard risk management with respect to supply chain
    • FARM (Frame, Assess, Respond, and Monitor)
    • Tasks outlined in NIST Pub 800-161

    3.11.7E SCRM Planning (rev 3 withdrawn, moved to other controls)

  • This is discussed in topic 3.11.6E

    3.12.1E Penetration Testing

        Validate the organization is progressing through standardized Penetration Testing Protocols.

  • Evaluate Penetration Test reports for completeness and scope.

Attendees to TN-911: Cyber Threat Intelligence (CTI) Analysis and 800-172 Seminar will receive TechNow approved course materials and expert instruction.

Seminar Duration: 1 day (more upon request)

Seminar Objectives:

  • Learn to comprehend and develop complex scenarios
  • Identify and create intelligence requirements through practices such as threat modeling
  • Utilize threat modeling to drive intelligence handling and practices 
  • Breakdown tactical, operational, and strategic-level threat intelligence
  • Generate threat intelligence to detect, respond to, and defeat focused and targeted threats
  • How to collect adversary information creating better value CTI
  • How to filter and qualify external sources, mitigating low integrity intelligence
  • Create Indicators of Compromise (IOCs) in STIX
  • Move security maturity past IOCs into understanding and countering the behavioral tradecraft of threats
  • Breaking down threats mapped against their tradecraft to tweak IOCs
  • Establish structured analytical techniques to be successful in any security role
  • Learn and apply structured principles in support of CTI and how to communicate that to any security role.

Seminar Prerequisites:

 

TN-223: Advanced Shell Programming

 

Course Overview:

The course teaches students to use the sort, grep, sed, & awk utilities within Unix. Systems administrators, Unix users, & programmers benefit from the course showing them how to use the command line applications of sort, grep, sed, & awk commands as well as using sed & awk scripts that develop the users skills with the full power of these utilities.

Attendees to TN-223: Advanced Shell Programming will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 3 Days

Course Objectives:

  • Sorting files by line or field
  • Regular Expressions (meta character) with grep commands to locate specific lines in files
  • Performing non-interactive editing tasks with the sed command
  • Writing simple sed scripts to perform complex editing tasks
  • Using awk variables & arrays to sort data
  • Employing awk programs to manipulate numeric & textual data
  • Performing formatted printing in awk
  • Writing simple awk programs to write reports from data files
  • Using built-in awk functions & defining new functions
  • Write awk programs that make decisions based on numeric or string comparisons (branches & loops)
  • Grep, egrep extended metacharacters, combinations-lab advanced combinations- lab Sed
  • Basic commands- Lab, Advanced commands- Lab, Advanced scripting -Lab
  • Miscellaneous commands Tr, sort, cut, paste, pr -Lab

Prerequisites:

  • TN-125: Introduction to UNIX & Linux
  • TN 215: Shell Programming.
  • Students should have a basic knowledge of UNIX commands including rm, cp, man, cat, & mkdir. Navigating directory structure using commands such as ls, cp, & pwd. Creating and editing files with the vi editor or text editor. Use of basic programming constructs, & commands such as variables & loops & how to write a simple program in a programming language.

Comments

Latest comments from students

 

Liked the class?  Then let everyone know!

TN-835: Certified in Risk and Information Systems Control (CRISC) Preparation Seminar

Course Overview:

Certified in Risk and Information Systems Control (CRISC), is for professionals responsible for an organization's risk management program.  Students looking to acquire CRISC qualify themselves as IT security analyst, security engineer architect, information assurance program manager and senior IT auditor.  CRISC certified professionals manage risk, design and oversee response measures, monitor systems for risk, and ensure the organization's risk management strategies are met.

The CRISC exam will primarily align with the terminology and concepts described in The Risk IT Framework, The Risk IT Practioner Guide, and COBIT 5.  This will include applications in the evaluation and monitoring of IT-based risk, as well as the design and implementation of IS controls. 

The CRISC exam covers four domains that are periodically updated to reflect the changing needs of the profession:

  • Domain 1: Risk Identification 
  • Domain 2: Risk Assessment
  • Domain 3: Risk Response and Mitigation
  • Domain 4: Risk and Control Monitoring and Reporting

This course is designed to assist in your exam preparation for the CRISC exam.

Attendees to TN-835: Certified in Risk and Information Systems Control (CRISC) Seminar will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

  • Risk IT Framework—Purpose and Principles
  • Essentials of Risk Governance, Evaluation, and Response
  • Risk and Opportunity Management Using CobiT, Val IT and Risk IT
  • The Risk IT Framework Process Model Overview
  • Managing Risk in Practice—The Practitioner Guide Overview
  • Overview of the Risk IT Framework Process Model 
  • The Risk IT Framework

Prerequisites:

A minimum of at least three (3) years of cumulative work experience performing the tasks of a CRISC professional across at least three (3) CRISC domains is required for certification. There are no substitutions or experience waivers.

Comments

Latest comments from students

User: tracycampbell

Instructor comments: Dave had great command of the class and the flow of information. The lessons seem relevant to the exam and the course material should assist greatly with passing. As a bonus, his breakdown of PKI helped with my current job requirements.

Facilities comments: The Home2Suites by Hilton was FANTASTIC!

Liked the class?  Then let everyone know!

TN-8155: HCISPP Preparation Seminar

 

Course Overview:

The HCISPP is the only certification that combines cybersecurity skills with privacy best practices and techniques. It demonstrates you have the knowledge and ability to implement, manage, and assess security and privacy controls to protect healthcare organizations using policies and procedures established by the cybersecurity experts at (ISC)2. TechNows HCISPP Certification Boot Camp is a comprehensive review of Healthcare cybersecurity with privacy best practices & industry best practices.

Attendees to TN-8155: HCISPP Certification Preparation Seminar will receive TechNow approved course materials and expert instruction..

Date/Locations:

No Events

Course Duration: 5 days

Course Objectives:

  • Strategically focus your preparation for HCISPP Certification
  • Cover a broad spectrum of topics in the 7 domains of the HCISPP Common Body of Knowledge (CBK)
  • Gain knowledge on the Healthcare industry including third party relationships and health data management concepts
  • Identify applicable regulations, compliance frameworks, privacy principles and policies to protect information security
  • Develop risk management methodology and identify control assessment procedures

Audience:

  • The HCISPP certification is ideal for security professionals responsible for safeguarding protected health information (PHI). Take this HCISPP training course to prepare to manage and implement security controls for healthcare information. HCISPPs are instrumental to a variety of job functions: Compliance Officer, Information Security Manager, Privacy Officer, Compliance Auditor, Risk Analyst, Medical Records Supervisor, IT Manager, Privacy & Security Consultants, and Health Information Manager.

Comments

Latest comments from students

 

Liked the class?  Then let everyone know!