N-505: CISCO DoD Comply to Connect (C2C)

Course Overview:

Cisco DoD Comply-to-Connect (C2C) course teaches you how to implement and deploy a Department of Defense (DoD) Comply-to-Connect network architecture using Cisco Identity Services Engine (ISE). This training covers implementation of 802.1X for both wired and wireless devices and how Cisco ISE uses that information to apply policy control and enforcement. Additionally, other topics like supplicants, non-supplicants, ISE profiler, authentication, authorization, and accounting (AAA) and public key infrastructure (PKI) support, reporting and troubleshooting are covered. Finally, C2C specific use case scenarios are covered.

This training also earns you 32 Continuing Education (CE) credits toward recertification.

Dates/Locations:

No Events

Duration: 5 days

Course Outline:

Section 1: C2C Fundamentals

Comply to Connect Overview
From C2C to ZTA
Steps to Implement C2C

Section 2: Cisco Identity-Based Networking Services

Cisco IBNS Overview
AAA Role in Cisco IBNS
Compare Cisco IBNS and Cisco ISE Solutions
Explore Cisco IBNS Architecture Components

Section 3: Introducing Cisco ISE Architecture

Cisco ISE as a Network Access Policy Engine
Cisco ISE Use Cases
Cisco ISE Functions

Section 4: Introducing Cisco ISE Deployment

Cisco ISE Deployment Models
Cisco ISE Licensing and Network Requirements
Cisco ISE Context Visibility Features
New Features in Cisco ISE 3.X

Section 5: Introducing Cisco ISE Policy Enforcement Components

802.1X for Wired and Wireless Access
MAC Authentication Bypass for Wired and Wireless Access
Identity Management
Active Directory Identity Source
Additional Identity Sources
Certificate Services

Section 6: Introducing Cisco ISE Policy Configuration

Cisco ISE Policy
Cisco ISE Authentication Rules
Cisco ISE Authorization Rules

Section 7: PKI and Advanced Supplicants

Public Key Infrastructure (PKI)
TEAP in Comply to Connect (C2C)
Secure Client ISE features and Configuration for C2C

Section 8: Introducing the Cisco ISE Profiler

Web Access with Cisco ISE
ISE Profiler
Cisco ISE Probes
Profiling Policy
Custom Attributes in Profile

Section 9: Introducing Cisco ISE Endpoint Compliance Services

Endpoint Compliance Services Overview

Section 10: Configuring Client Posture Services and Compliance

Client Posture Services and Provisioning Configuration

Section 11: Introducing Profiling Best Practices and Reporting

Profiling Best Practices

Section 12: C2C Use Cases

Cisco CX ISE Reporting Tool
ISE Reporting
ISE Hardening
Profiling Best Practices for C2C

Section 13: C2C Third-Party Integrations-Tenable

Tenable Use Case
Tenable Overview and Capabilities
Tenable Integration Prerequisites
Tenable Integration Configuration
Policy Design
Policy Enforcement
Enforcement Verification

Section 14: C2C Third-Party Integrations-MECM

MECM Use Case
MECM Overview and Capabilities
MECM Integration Prerequisites
MECM Integration Configuration
Policy Design
Policy Enforcement
Enforcement Verification

Section 15: C2C Third-Party Integrations-Trellix

Trellix Use Case
Trellix Overview and Capabilities
Trellix Integration Prerequisites
Trellix Integration Configuration
Policy Enforcement
Enforcement Verification

Section 16: Troubleshooting Cisco ISE Policy and Third-Party NAD

Cisco ISE Third-Party Network Access Device Support
Troubleshooting Cisco ISE Policy Configuration

Section 17: Exploring Cisco TrustSec

Cisco TrustSec Overview
Cisco TrustSec Enhancements
Cisco TrustSec Configuration

Section 18: Working with Network Access Devices

Reviewing AAA
Cisco ISE TACACS+ Device Administration
Configuring TACACS+ Device Administration
TACACS+ Device Administration Guidelines and Best Practices

Course Prerequisites:

There are no prerequisites for this training. However, the knowledge and skills you are recommended to have before attending this training are:

Familiarity with 802.1X
Familiarity with Microsoft Windows Operating Systems
Familiarity with Cisco IOS CLI for wired and wireless network devices
Familiarity with Cisco Identity Service Engine

TN-901: Linux for Security Professionals

Course Overview:

This course will be fast paced with in-depth and live demonstrations.

Date/Locations:

No Events

Duration: 1 day

Course Objectives:

AIDE
DNS Security with DNSsec
Logging and Audit Management
Linux Security Modules and SE-Linux
Linus Containers (Jailing Services and Apps)
SSH and SSL tunneling

Prerequisites:

Comments

Latest comments from students

Liked the class? Then let everyone know!

L-245: Linux System Administration I

Course Overview:

In this course students will learn to install the Linux™ operating system, to administer users and software, to use vi, basic Linux security, process control, file system maintenance, backup and recovery, including some basic networking concepts. This course insures that students have the skills to configure all desktop and client side related activity.

Attendees to L-245: Linux System Administration I will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 days

Course Objectives:

Linux operating system installation
Hardware Issues
LILO & GRUB Configuration
Managing the Linux file system
Boot Process
Customization of setup files
System Startup
Run Levels
Network Services
User Management
Changing Passwords
Monitoring, accessing & restricting root system access
Administration Tools
Disk Management
Quotas
Process Control
Installing & removing software & patches
Network Configuration
Client side components of NFS, Samba, NTP, NIS
Printing
Backup and Recovery
Using utilities for process control, locating files & automating maintenance tasks

Prerequisites:

Students should have an understanding of all basic UNIX commands as well as variable substitution, wild card expansion, command pipes, permissions, the grep and find commands.
These prerequisites can be met through completion of TN-125: Introduction to UNIX & Linux and six month’s experience with Linux.

Comments

Latest comments from students

User: flores2015

Instructor comments: Very Good Instructor (Bill Peterson)

Facilities comments: Nice - Can't wait for your new facility.

Liked the class? Then let everyone know!

TN-345: Python for Penetration Testers

Course Overview:

This Python for Penetration Testing course is designed to give you the skills you need for maintaining or developing Python Penetration Testing tools oriented towards offensive operations. We have a suite of courses and certifications that help understand a problem, this course prepares the student to rapidly develop prototype code to attack or defend against it.

The course concludes with a Capture the Flag event that will test both your ability to apply your new tools and coding skills in a Python Penetration Testing challenge.

This course is not intended to be an Advanced Python course, but to exemplify penetration techniques utilizing Python. The course covers Threading, Sockets, OOP, and third party modules that facilitate the offensive operator’s objective.

This course utilizes the “Violent Python” text book.

Attendees to TN-345: Python for Penetration Testers Class will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 3 Days

Course Objectives:

Python Lanuage Refress
Network Sockets
Exception Handling
Hashes and Cracking Passwords
Threading
- Concepts and Python Implementation
- Queues and Synchronization
- urlparse and httplib to probe URLs
- Crack a password protected zip file
Port Scanner
- Threading a Port Scanner
nmap integration
Deploying shellcode
Mechanize, BeautifulSoup
- HTTP Form Password Guessing
- HTTP Proxies (Burp Suite)
- HTTP Cookies Session Hijacking
  - CookieMonster
Images and Metadata
Justniffer
SQL Injection
- sqlmap
- SQLBrute
Antivirus and IDS evasion
- PyInstaller
- Metasploit
Scapy
- Deploy shellcode
- DNS Cache Poisoning
- Packety Violence