Here are the CompTIA Security course offerings:
Course Overview:
TechNow has worked worldwide enterprise infrastructures for over 30 years and has developed demos and labs to exemplify the techniques required to demonstrate technologies that effectively support CTI. This course integrates well with our courses TN-575: Open Source Network Security Monitoring and TN-865: Wireshark Network Traffic and Security Analysis .
TechNow develops Cyber Ranges and makes them available for conferences in support of annual meetings for Cyber Threat Response Teams. Developing scenarios and reacting to them appropriately is a big part of the value in understanding the contexts required to comprehend valuable CTI. As with many advanced TechNow security courses, there is a large hands-on ratio. This course helps Cyber Protection Teams (CPT), Defensive Cyber Operations (DCO), and Mission Defense Teams (MDT) to collect, analyze and apply targeted cyber intelligence to defensive operations in order to proactively act on and tune response to attacks by cyber adversaries. CPT, DCO, and MDT can take preemptive action by utilizing CTI, understanding CTI tools, techniques and procedures (TTPs) needed to generate and consume timely and relevant intelligence to improve resilience and prevention.
This course focuses on the collection, classification, and exploitation of knowledge about adversaries and their TTPs. . MDT puts us close the mission and helps define the internal context to be analyzed against the CTI. TechNow pushes the student to truly understand how to think about and use CTI to make a difference.
Attendees to TN-905: Cyber Threat Intelligence Analysis will receive TechNow approved course materials and expert instruction.
Date/Locations:
No Events
Course Duration: 5 days
Course Objectives:
- Learn to comprehend and develop complex scenarios
- Identify and create intelligence requirements through practices such as threat modeling
- Utilize threat modeling to drive intelligence handling and practices
- Breakdown tactical, operational, and strategic-level threat intelligence
- Generate threat intelligence to detect, respond to, and defeat focused and targeted threats
- How to collect adversary information creating better value CTI
- How to filter and qualify external sources, mitigating low integrity intelligence
- Create Indicators of Compromise (IOCs) in formats such as YARA, OpenIOC, and STIX
- Move security maturity past IOCs into understanding and countering the behavioral tradecraft of threats
- Breaking down threats mapped against their tradecraft to tweak IOCs
- Establish structured analytical techniques to be successful in any security role
- Learn and apply structured principles in support of CTI and how to communicate that to any security role.
Course Prerequisites:
- Security+, or equivalent experience
Comments
Latest comments from students
Liked the class? Then let everyone know!
Over twenty years experience in the area of Solaris, Linux, and Unix ensures that you are benefiting from a very mature and successful Solaris, Linux, and Unix training program. TechNow offers the full suite of Solaris, Linux, and Unix courses utilizing real hardware. This is not virtualized Solaris on Intel processors, or remote connection to a distant system. The student learns to deal with real hardware taking advantage of Sparc T series processors. Solaris 10 and Solaris 11 is taught hands-on with data center skills as the focus. We also offer Solaris 10 migration courses to Solaris 10 or Solaris 11.
The following is a list of our Unix/Linux training courses:
- CT-245: Linux+
- L-245: Linux System Administration I
- L-295: Linux System Administration II
- L-395: Accelerated Linux Administration and Utilities
- RH-245: Linux System Administration I
- RH-295: Linux System Administration II
- RH-345: Red Hat JBoss Application Administration I
- RH-355: RHCSA Rapid Track Course
- TN-125: Introduction to UNIX and Linux
- TN-215: Shell Programming
- TN-223: Advanced Shell Programming
- TN-430: Elasticsearch Engineer (ELK)
- TN-901: Linux for Security Professionals
- TN-959: UNIX Security Administrator Course
Working with the TechNow lab for the PA-215: Palo Alto Networks Firewall Essentials FastTrack course has been nothing less than a techie's idea of fun. When students come in we are immediatly configuring the Cisco 3750 switches for access ports, VLANS, and trunks. We then cable the switch to the Palo Alto Networks Firewall. Each student gets their own Palo Alto Firewall Pod of hardware and software. What we find as fun is the VLAN environment, with an array of virtual machines hosted on an ESXi server that can really exercise the abilities of the Palo Alto Firewall. The DMZ VLAN hosts virtual machines that support enterprise services and also potentialy vulnerable web services. The Trust VLAN has Windows and Linux clients. The UnTrust VLAN has Web services and a VM of Kali. The hardware Firewall is additionally connected to a Management VLAN. All those VLANs are trunked into an ESXi server where the student also has a VM-Series Palo Alto Networks Firewall for High Availability.
After configuring all the trunking, VLANs, and network interfaces we learn about the firewall and configure it for the lab environment. Using Metasploitable and Kali/Metasploit nefarious penetration attempts are executed. Using packet captures, custom APP-ID's and custom signatures are generated. Custom logging and reporting are created to similate and enterprise and assist the desired Incident Response. It is always fun in a training environment to learn all about the controls available in a product, even though specific controls may not be used in the operational environment. In the end we have a good understanding of the Palo Alto Networks Firewall.
Course Overview:
Intrusion Analyst is a hands-on course that covers intrusion detection in-depth. This includes concepts such as the use of Snort, network traffic analysis, and IDS signatures.
A skills focus enables the student to better absorb the subject matter and perform successfully on the job. This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics of packet and intrusion analysis.
Attendees to TN-979: Intrusion Analyst will receive TechNow approved course materials and expert instruction.
Date/Locations:
No Events
Duration: 5 days
Course Objectives:
- Advanced Snort Concepts
- Analyst Toolkit
- Domain Name System (DNS)
- Examining Packet Crafting
- Examining Packet Header Fields
- Fragmentation
- ICMP Theory
- IDS Interoperability
- IDS Patterns
- IDS/IPS Management & Architecture Issues
- Indications, Warnings & Traffic Correlation
- IPv6
- Microsoft Protocols
- Network Traffic Analysis
- NIDS Evasion, Instertion & Checksums
- Snort Fundamentals & Configuration
- Snort GUIs & Sensor Management
- Snort Performance, Active Response & Tagging
- Snort Rules
- Stimulus Response
- TCPdump Fundamentals
- TCP/IP Fundamentals
- Wireshark Fundamentals
- Writing TCPdump Filters
Course Prerequisites:
- GSEC or equivalent experience
- UNIX, Windows, Networking, and Security Experience
- This is a hands-on skill course requiring comfort with command line interaction and network communications
Comments
Latest comments from students
User: Tosha
Instructor comments: Dave was an excellent instructor. He is very informative and knowledgeable in the course and the material. I have enjoyed the class and I would take another course with him as the instructor.
Facilities comments: Very nice and clean hotel.
User: buckey26
Instructor comments: Dave was one of the best instructors I have ever had for a tech course. He broke down everything to the point where you can understand it internally.