Course Overview: PA-242: Palo Alto Networks Firewall Manage Cyberthreats (EDU-231) Training Class is a two-day course that teaches students strategies in defense against cyberthreats. Successful completion of this course enables administrators to better understand the threat landscape. This is not a virtualized theoretical course. This is hands-on, real world instruction, directly relevant to the DoD and Commercial implementations of Palo Alto Networks next-generation firewalls.
Each student is issued a physical Palo Alto firewall and a Cisco layer 3 switch at their desk. Real hardware per student for real experience and real skill development. TechNow provides a very comprehensive client infrastructure that includes Windows, Linux, and multiple packet sniffer agents.
The instructor for this course has been a lead in Unix kernel development to implement firewall and intrusion detection technologies. Additionally, the instructor has taught several security appliance products and carries several SANS, ISC2, ISACA, Cisco, Unix, and Windows certifications.
Attendees to the PA-242: Palo Alto Networks Firewall Manaage Cyberthreats (EDU-231) Training Course will receive TechNow approved course materials and expert instruction.
Dates/Locations:
No Events
Duration: 2 days
Course Objectives: Students attending this training course will gain an understanding of cyberthreats and their characteristics. Students will learn how to manage cyberthreats using security policies, profiles, and signatures to protect their network against emerging threats.
Day 1
Mod 1: Threat Landscape
Advanced Persistent
Threats
Data Breaches and Tactics
Threat Management
Strategies
Mod 2: Integrated
Approach to Threat
Protection
Integrated Approach to
Protection
Next-Generation Firewall
Advanced Endpoint
Protection
Mod 3: Network Visibility
Zero Trust Model
SSL Decryption
Decryption Policy
Mod 4: Reducing the Attack
Surf
ection
Day 2
Mod 5: Handling Known
Threats
WildFire Analysis
Security Profiles
Mod 6: Handling Unknown
Traffic and Zero-Day Exploits
WildFire
Researching Threat Events
Identifying Unknown
Applications
Mod 7: Investigating
Breaches
Identify IOCs Using
App-Scope
Log Correlation
Finding Infected Host
Mod 8: Using Custom
Signatures
Creating Custom App-IDs
Threat Signatures
A
Prerequisites:
Students must complete the PA-213: Install, Configure, and Manage course
Understanding of network concepts, including routing, switching, and IP addressing
In-depth knowledge of port-based security and security technologies such as IPS, proxy, and content filtering
This course is in no way associated with Palo Alto Networks, Inc.
The Computer Hacking Forensic Investigator (CHFI) course delivers the security discipline of digital forensics from a vendor-neutral perspective. CHFI is a comprehensive course covering major forensic investigation scenarios and enabling students to acquire necessary hands-on experience with various forensic investigation techniques and standard forensic tools necessary to successfully carry out a computer forensic investigation leading to the prosecution of perpetrators.
The CHFI certification gives participants the necessary skills to perform an effective digital forensics investigation. CHRI presents a methodological approach to computer forensics including searching and seizing, chain-of-custody, acquisition, preservation, analysis and reporting of digital evidence
What’s Included:
5 days of instructor-led in classroom training
Detailed Labs for hands-on learning experience; approximately 50% of training is dedicated to labs
Hundreds of investigation tools including EnCase, Access Data FTL, & ProDiscover
Huge cache of evidence files for analysis including RAW, .dd images, video & audio files, MS Office files, systems files, etc.
CHFI Courseware
Exam Voucher
CHFI onsite exam scheduling
Course Objectives:
Establish threat intelligence and key learning points to support pro-active profiling and scenario modeling
Perform anti-forensic methods detection
Perform post-intrusion analysis of electronic and digital media to determine the who, where, what, when, and how the intrusion occurred
Extract and analyze of logs from various devices like proxy, firewall, IPS, IDS, Desktop, laptop, servers, SIM tool, router firewall, switches AD server, DHCP logs, Access Control Logs & conclude as part of investigation process
Identify & check the possible source/ incident origin
Recover deleted files and partitions in Windows, MAC OS X, and Linux
Conduct reverse engineering for known and suspected malware files
Collect data using forensic technology methods in accordance with evidence handling procedures, including collection of hard copy and electronic documents
This course is extremely fast paced and for students that have already had UNIX or Linux training, or have not worked with Linux in several months or years. This is NOT a course for students new to Linux and assumes the student requires a refresher before progressing through high end security courses that require dexterity on Linux. RedHat and Ubuntu, VMware Virtual Machines, and BackTrack are used for the instruction of this course. The student will acquire the skills to easily navigate the advanced VMware training environment and will be able to create scripts to manipulate and manage Linux. The ulimate goals of the skills of this course is to provide the student the ability to automate through scripting BackTrack tools for offensive security, forensics, and defense.
Attendees to L-395: Accelerated Linux Administration and Utilities will receive TechNow approved course materials and expert instruction.
Date/Locations:
No Events
Duration: 5 days
Course Objectives:
Day 1 and 2: Unix Review and Unix Utilities
Linux File System Archictecure and In-Depth discussion of Hard and Soft Links
Linux File, Directory, and Permissions Management
Linux archives using tar and zip
Interacting with BASH
Review of Common Linux commands
Sorting files by line or field
Regular Expressions (meta character) with grep commands to locate specific lines in files
Grep, egrep extended metacharacters, combinations-lab advanced combinations- lab Sed
Performing non-interactive editing tasks with the sed command
Writing simple sed scripts to perform complex editing tasks
Using awk variables & arrays to sort data
Employing awk programs to manipulate numeric & textual data
Performing formatted printing in awk
Writing simple awk programs to write reports from data files
Using built-in awk functions & defining new functions
Write awk programs that make decisions based on numeric or string comparisons (branches & loops)
Day 3 – Intro to Programming / Shell Scripting
Shell Review
Shell Interpretation of Quotes & Backslash
The Bash Shell
Shell's combined with UNIX utilities
Programming Basics
Data Constructs
Programming Looping
Your Environment
More on Parameters
Day 4 and 5 – Security Fundamentals, Linux Administration
System Configuration / Kernel overview
System Maintenance / Disk and file admin
Using utilities for process control, locating files & automating maintenance tasks
System Startup / Boot Process – LILO & GRUB Configuration
Managing the Linux file system
Customization of setup files
Run Levels
Network Services / Configuration
User Management Monitoring, accessing & restricting root system access
Administration Tools
Process Control
Client side components of NFS, Samba, NTP, NIS
Server side components such as DHCP, Samba, NIS, LDAP, inet, telnet, ftp, DNS, etc.
Prerequisites:
Prior UNIX/Linux experience or training
Comments
Latest comments from students
User: mikenaya
Instructor comments: As usual, Dave was excellent and the content was very relevant to our line of work.
Facilities comments: The hotel facilities met our basic needs but it was awkward having a bathroom so close. I can't wait for the new facility to open.
User: fquinene
Instructor comments: Instructor was super knowledgeable and helped me tie in a lot of information from other OS and processes.
AWS System Operations begins with a one day introduction to AWS products, services, and common solutions. It provides you with fundamentals to become more proficient in identifying AWS services so that you can make informed decisions about IT solutions based on your business requirements and get started working on AWS.
The AWS course continues to flow with teaching those in a Systems Administrator or Developer Operations (DevOps) role how to create automatable and repeatable deployments of networks and systems on the AWS platform. The course covers the specific AWS features and tools related to configuration and deployment, as well as common techniques used throughout the industry for configuring and deploying systems.
To continue to learn more about AWS, TechNow has the following course:
Attendees to CL-415: AWS System Operations will receive TechNow approved course materials and expert instruction.
Duration: 5 Days
Audience:
This course is intended for:
• System Administrators
• Software Developers, especially those in a Developer Operations (DevOps) role
DoD 8140: Not Mandated
Course Prerequisites:
We recommend that attendees of this course have the following prerequisites:
• Background in either software development or systems administration
• Some experience with maintaining operating systems at the command line (shell scripting in Linux environments, cmd or PowerShell in Windows)
• Basic knowledge of networking protocols (TCP/IP, HTTP)
Course Objectives:
This course is designed to teach you how to:
• Understand basic data center design concepts.
• Recognize terminology and concepts as they relate to the AWS platform and navigate the AWS Management Console.
• Understand the foundational infrastructure services, including Amazon Virtual Private Cloud (VPC), Amazon Elastic Compute Cloud (EC2), Amazon Elastic Block Store (EBS), Amazon Simple Storage Service (S3), Auto Scaling, and Elastic Load Balancing (ELB).
• Understand the security measures AWS provides and key concepts of AWS Identity and Access Management (IAM).
• Understand AWS database services, including Amazon DynamoDB and Amazon Relational Database Service (RDS).
• Understand AWS management tools, including Amazon CloudWatch and AWS Trusted Advisor.
• Use standard AWS infrastructure features such as Amazon Virtual Private Cloud (VPC), Amazon Elastic Compute Cloud (EC2), Elastic Load Balancing, and Auto Scaling from the command line
• Use AWS CloudFormation and other automation technologies to produce stacks of AWS resources that can be deployed in an automated, repeatable fashion
• Build functioning virtual private networks with Amazon VPC from the ground up using the AWS Management Console
• Deploy Amazon EC2 instances using command line calls and troubleshoot the most common problems with instances
• Monitor the health of Amazon EC2 instances and other AWS services
• Manage user identity, AWS permissions, and security in the cloud
• Manage resource consumption in an AWS account using tools such as Amazon CloudWatch, tagging, and Trusted Advisor
• Select and implement the best strategy for creating reusable Amazon EC2 instances
• Configure a set of Amazon EC2 instances that launch behind a load balancer, with the system scaling up and down in response to demand
• Edit and troubleshoot a basic AWS CloudFormation stack definition
Dates/Locations:
No Events
Course Outline:
Day 1
• Introduction and History of AWS
• AWS Infrastructure: Compute, Storage, and Networking
• AWS Security, Identity, and Access Management
• AWS Databases
• AWS Management Tools
Day 2
• System Operations on AWS Overview
• Networking in the Cloud
• Computing in the Cloud Day 3
• Storage and Archiving in the Cloud
• Monitoring in the Cloud
• Managing Resource Consumption in the Cloud Day 4
• Configuration Management in the Cloud
• Creating Scalable Deployments in the Cloud
• Creating Automated and Repeatable Deployments Day 5 Full Day Lab
• Select the appropriate AWS service based on compute, data, or security requirements
• Execute steps required to provision cloud resources for selected deployment
• Identify and implement data protection, encryption, and capacity planning
• Implement and manage security policies, access controls, and role
• Implement Automation
Course one of a three course series to obtain a Server 2016 MCSA certification. This five-day course is designed primarily for IT professionals who have some experience with Windows Server. It is designed for professionals who will be responsible for managing storage and compute by using Windows Server 2016, and who need to understand the scenarios, requirements, and storage and compute options that are available and applicable to Windows Server 2016.
The course leads directly to preparing for the(MCSA):Windows Server 2016 exam “70-740: Installation, Storage, and Compute with Windows Server 2016”. It also maps to Microsoft’s course 20740A, and is part of the Server 2016 MCSA certification.
Attendees to TN-5415: Installation, Storage, and Compute with Window Server 2016 will receive TechNow approved course materials and expert instruction.
Dates/Locations:
No Events
Duration: 5 Days
Course Objectives:
Prepare and install Nano Server, a Server Core installation, and plan a server upgrade and migration strategy
Describe the various storage options, including partition table formats, basic and dynamic disks, file systems, virtual hard disks, and drive hardware, and explain how to manage disks and volumes
Describe enterprise storage solutions, and select the appropriate solution for a given situation
Implement and manage Storage Spaces and Data Deduplication
Install and configure, and manage Windows and Hyper-V containers
Describe the high availability and disaster recovery technologies in Windows Server 2016
Plan, create, and manage a failover cluster
Implement failover clustering for Hyper-V virtual machines
Configure a Network Load Balancing (NLB) cluster, and plan for an NLB implementation
Create and manage deployment images
Manage, monitor, and maintain virtual machine installations
Prerequisites:
A basic understanding of networking fundamentals
An awareness and understanding of security best practices
An understanding of basic AD DS concepts
Basic knowledge of server hardware
Experience supporting and configuring Windows client operating systems such as Windows 10