Palo Alto Networks
CompTIA
Unix/Linux
Project Management
Virtualization/Cloud
Security
Cisco
Microsoft
Business
Dod 8140 Training
Programming
Specialized
Course Overview:
Learn to protect yourself and your company against hackers, by learning their tools and techniques, and then testing your network. This course is heavily based on Kali and primarily on Metasploit. In TN-315: Complete Hack and Defend class you will learn the step by step process that hackers use to assess your enterprise network, probe it & hack into it in mixed-platform environment including Windows, Linux, Solaris, and Cisco. This course is 90% hacking, but defenses for demonstrated hacks will be discussed. If you want to know the ins and outs of the hacks presented in this course, then this is the course for you.
Attendees to TN-315: Complete Hack & Defend Class Attendees will receive TechNow approved course materials and expert instruction.
Dates/Locations:
Duration: 5 Days
Course Objectives:
- Introduction to Pen Testing using the PTES model
- Metasploit Basics
- MSFconsole, MSFcli, Armitage, MSFpayload, MSFencode, NasmShell
- Intelligence Gathering
- Nmap, Databases in Metasploit, Port Scanning with Metasploit
- Quick Intro to Ruby
- Writing a simple Ruby script to create a custom scanner
- Vulnerability Scanning
- Importing Nessus Results
- Scanning with Nessus from Within Metasploit
- Exploitation
- Using the Metasploit Framework and console to exploit
- Meterpreter
- Compromising a Windows System
- Attacking MS SQL, xp_cmdshell
- Dumping Usernames and Passwords, extracting and dumping hashes
- Pass the Hash and Token Impersonation
- Pivoting
- Railgun
- Using Meterpreter Scripts: Migrating a process, Killing AV, Persistence
- Avoiding Detection
- Creating Stand-Alone Binaries with MSFpayload
- Encoding with MSFencode and Packers (go Green Bay:)
- Exploitation Using Client Side Attacks
- Introduction to Immunity Debugger
- Using Immunity Debugger to Decipher NOP Shellcode
- Metasploit Auxiliary Modules
- Social Engineer Toolkit (SET)
- Spear-Phishing, Web Attack
- Creating a Multipronged Attack
- Creating Your Own Module
- Adapt an existing Module
- Add some PowerShell and Run the Exploit
- Meterpreter Scripting
- Capture The Flag Exercise
Prerequisites:
- This is an advanced Information Security Course which requires basic Windows & UNIX competency
- Certification or 2 years of experience in these operating systems is highly recommended
- An understanding of TCP/IP
Comments
Latest comments from students
User: dhonore
Instructor comments: Dave's presentation style is engaging and lively.
Facilities comments: The room was adequate for the needs of the class.
User: phouck
Instructor comments: David was very good. Although he went very fast at times.
Facilities comments: The room was ok. it was bit dark.
Liked the class? Then let everyone know!
Course Overview:
This course engages students by providing in-depth knowledge of the most prominent and powerful attack vectors and an environment to perform these attacks in numerous hands-on scenarios. This course goes far beyond simple scanning for low-hanging fruit, and shows penetration testers how to model the abilities of an advanced attacker to find significant flaws in a target environment and demonstrate the business risk associated with these flaws.
A skills focus enables the student to better absorb the subject matter and perform successfully on the job. This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics of the attacks and the effectiveness.
Attendees to TN-989: Advanced Penetration Testing, Exploits, and Ethical Hacking course will receive TechNow approved course materials and expert instruction.
Date/Locations:
Course Duration: 5 days
Course Objectives:
- Accessing the Network
- Advanced Fuzzing Techniques
- Advanced Stack Smashing
- Attacking the Windows Domain – Enumeration
- Attacking the Windows Domain – Restricted Desktops
- Attacking the Windows Domain – The Attacks
- Building a Metasploit Module
- Crypto for Penetration Testers
- Exploiting the Network
- Fuzzing Introduction and Operation
- Introduction to Memory and Dynamic Linux Memory
- Introduction to Windows Exploitation
- Manipulating the Network
- Python and Scapy For Penetration Testers
- Shellcode
- Smashing the Stack
- Windows Heap Overflow Introduction
- Windows Overflows
Course Prerequisites:
- GSEC or equivalent experience
- UNIX, Windows, Networking, and Security Experience
- This is a hands-on skill course requiring comfort with command line interaction and network communications
Comments
Latest comments from students
User: ryanv Instructor comments: Great. Facilities comments: N/A. Hotel. User: sean.hollinger Instructor comments: Instructor is technically knowledgeable as he has been on every course I've taken with TechNow. Facilities comments: adequate
Liked the class? Then let everyone know!
Course Overview:
Cisco DoD Comply-to-Connect (C2C) course teaches you how to implement and deploy a Department of Defense (DoD) Comply-to-Connect network architecture using Cisco Identity Services Engine (ISE). This training covers implementation of 802.1X for both wired and wireless devices and how Cisco ISE uses that information to apply policy control and enforcement. Additionally, other topics like supplicants, non-supplicants, ISE profiler, authentication, authorization, and accounting (AAA) and public key infrastructure (PKI) support, reporting and troubleshooting are covered. Finally, C2C specific use case scenarios are covered.
This training also earns you 32 Continuing Education (CE) credits toward recertification.
Dates/Locations:
Duration: 5 days
Course Outline:
Section 1: C2C Fundamentals
- Comply to Connect Overview
- From C2C to ZTA
- Steps to Implement C2C
Section 2: Cisco Identity-Based Networking Services
- Cisco IBNS Overview
- AAA Role in Cisco IBNS
- Compare Cisco IBNS and Cisco ISE Solutions
- Explore Cisco IBNS Architecture Components
Section 3: Introducing Cisco ISE Architecture
- Cisco ISE as a Network Access Policy Engine
- Cisco ISE Use Cases
- Cisco ISE Functions
Section 4: Introducing Cisco ISE Deployment
- Cisco ISE Deployment Models
- Cisco ISE Licensing and Network Requirements
- Cisco ISE Context Visibility Features
- New Features in Cisco ISE 3.X
Section 5: Introducing Cisco ISE Policy Enforcement Components
- 802.1X for Wired and Wireless Access
- MAC Authentication Bypass for Wired and Wireless Access
- Identity Management
- Active Directory Identity Source
- Additional Identity Sources
- Certificate Services
Section 6: Introducing Cisco ISE Policy Configuration
- Cisco ISE Policy
- Cisco ISE Authentication Rules
- Cisco ISE Authorization Rules
Section 7: PKI and Advanced Supplicants
- Public Key Infrastructure (PKI)
- TEAP in Comply to Connect (C2C)
- Secure Client ISE features and Configuration for C2C
Section 8: Introducing the Cisco ISE Profiler
- Web Access with Cisco ISE
- ISE Profiler
- Cisco ISE Probes
- Profiling Policy
- Custom Attributes in Profile
Section 9: Introducing Cisco ISE Endpoint Compliance Services
- Endpoint Compliance Services Overview
Section 10: Configuring Client Posture Services and Compliance
- Client Posture Services and Provisioning Configuration
Section 11: Introducing Profiling Best Practices and Reporting
- Profiling Best Practices
Section 12: C2C Use Cases
- Cisco CX ISE Reporting Tool
- ISE Reporting
- ISE Hardening
- Profiling Best Practices for C2C
Section 13: C2C Third-Party Integrations-Tenable
- Tenable Use Case
- Tenable Overview and Capabilities
- Tenable Integration Prerequisites
- Tenable Integration Configuration
- Policy Design
- Policy Enforcement
- Enforcement Verification
Section 14: C2C Third-Party Integrations-MECM
- MECM Use Case
- MECM Overview and Capabilities
- MECM Integration Prerequisites
- MECM Integration Configuration
- Policy Design
- Policy Enforcement
- Enforcement Verification
Section 15: C2C Third-Party Integrations-Trellix
- Trellix Use Case
- Trellix Overview and Capabilities
- Trellix Integration Prerequisites
- Trellix Integration Configuration
- Policy Enforcement
- Enforcement Verification
Section 16: Troubleshooting Cisco ISE Policy and Third-Party NAD
- Cisco ISE Third-Party Network Access Device Support
- Troubleshooting Cisco ISE Policy Configuration
Section 17: Exploring Cisco TrustSec
- Cisco TrustSec Overview
- Cisco TrustSec Enhancements
- Cisco TrustSec Configuration
Section 18: Working with Network Access Devices
- Reviewing AAA
- Cisco ISE TACACS+ Device Administration
- Configuring TACACS+ Device Administration
- TACACS+ Device Administration Guidelines and Best Practices
Course Prerequisites:
There are no prerequisites for this training. However, the knowledge and skills you are recommended to have before attending this training are:
- Familiarity with 802.1X
- Familiarity with Microsoft Windows Operating Systems
- Familiarity with Cisco IOS CLI for wired and wireless network devices
- Familiarity with Cisco Identity Service Engine
Course Overview:
A skills focus enables the student to better absorb the subject matter and perform successfully on the job. This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs to secure Windows systems. Lecture and labs start with quick review of Active Directory and group policy to enforce security mechanisms within the Windows architecture. Students then gain network experience and use sniffing to help exemplify the benefit of learning wired and wireless security configurations. PowerShell is made for SecOps/DevOps automation and students will learn to write PowerShell scripts to automate security operations and Desired State Configuration (DSC). The course concludes with exercising real attack strategies to demonstrate the effectives of properly securing your host.
Attendees to TN-969: Windows Security Administrator course will receive TechNow approved course materials and expert instruction.
Date/Locations:
Duration: 5 days
Course Objectives:
- Active Directory and BloodHound
- Security Controls
- PKI
- Encryption
- Wireless & Network Security and Hardening DNS
- 802.1x and Endpoint Protection
- Firewalls and VPN
- PowerShell Scripting
- JEA, DSC, Enterprise Security with PowerShell
- Windows Attack Strategies
Prerequisites:
- Security+
- Windows System Administration Skills
Comments
Latest comments from students
User: bbrabender
Instructor comments: Instructor was very knowledgeable and help more inexperienced users with concepts as well explaining in a way that can be understood.
Facilities comments: N/A
User: dale.r.anderson
Instructor comments: Instructor was well knowlegeable accross alot of domains.
Facilities comments: Pretty good