TN-515: Implementing Cybersecurity and Information Assurance Methodologies

  

Course Overview: 

Learn to protect yourself and your company against hackers, by learning their tools and techniques, and then testing your network.  This course is heavily based on Kali and primarily on Metasploit.  In TN-515: Implementing Cybersecurity and Information Assurance Methodologies class you will learn the step by step process that hackers use to assess your enterprise network, probe it & hack into it, utilizing a mixed-platform target environment including Windows, Linux, Solaris, and Cisco.  This course is 90% hacking, but  defenses for demonstrated hacks will be discussed.  If you want to know the ins and outs of the hacks presented in this course, then this is the course for you.

Attendees to TN-515: Implementing Cybersecurity and Information Assurance Methodologies Class Attendees will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

  • Introduction to Pen Testing using the PTES model
  • Metasploit Basics
    • MSFconsole, MSFcli, Armitage, MSFpayload, MSFencode, NasmShell
  • Intelligence Gathering
    • Nmap, Databases in Metasploit, Port Scanning with Metasploit
  • Quick Intro to Ruby
    • Writing a simple Ruby script to create a custom scanner
  • Vulnerability Scanning
    • Importing Nessus Results
    • Scanning with Nessus from Within Metasploit
  • Exploitation
    • Using the Metasploit Framework and console to exploit
  • Meterpreter
    • Compromising a Windows System
    • Attacking MS SQL, xp_cmdshell
    • Dumping Usernames and Passwords, extracting and dumping hashes
    • Pass the Hash and Token Impersonation
    • Pivoting
    • Railgun
    • Using Meterpreter Scripts: Migrating a process, Killing AV, Persistence
  • Avoiding Detection
    • Creating Stand-Alone Binaries with MSFpayload
    • Encoding with MSFencode and Packers (go Green Bay:)
  • Exploitation Using Client Side Attacks
    • Introduction to Immunity Debugger
    • Using Immunity Debugger to Decipher NOP Shellcode
  • Metasploit Auxiliary Modules
  • Social Engineer Toolkit (SET)
    • Spear-Phishing, Web Attack
    • Creating a Multipronged Attack
  • Creating Your Own Module
    • Adapt an existing Module
    • Add some PowerShell and Run the Exploit
  • Meterpreter Scripting
  • Capture The Flag Exercise

Prerequisites:

  • This is an advanced  Cybersecurity and Information Assurance Course which requires basic Windows & UNIX competency
  • Certification or 2 years of experience in these operating systems is highly recommended
  • An understanding of TCP/IP

Comments

Latest comments from students

  

Liked the class?  Then let everyone know!

RH-355: RHCSA Rapid Track Course

Course Overview:

The RHCSA Rapid Track Course  is designed for experienced Linux® system administrators who want to expand their technical skill sets and become accredited with the Red Hat® Certified System Administration (RHCSA) certification. To successfully navigate this course, students should have experience with the Linux command line—including the necessary skills to execute common commands, such as cp, grep, sort, mkdir, tar, mkfs, ssh, and dnf—and be familiar with accessing man pages for help. At the completion of the course, students will be adequately prepared to take the RHCSA exam (EX200) .

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

  • Introduce Linux and the Red Hat Enterprise Linux ecosystem.
  • Run commands and view shell environments.
  • Manage, organize, and secure files.
  • Manage users, groups and user security policies.
  • Control and monitor systemd services.
  • Configure remote access using the web console and SSH.
  • Configure network interfaces and settings.
  • Manage software using DNF
  • Access security files, file systems, and networks
  • Execute shell scripting and automation techniques
  • Manage storage devices, logical volumes, and file systems
  • Manage security and system access
  • Control the boot process and system services
  • Running containers

Prerequisites:

Experience in the field system administration.

Comments

Latest comments from students

Liked the class?  Then let everyone know!

CT-405: PenTest+

 

 

 

 

 

 

Course Overview:

PenTest+ is an intermediate-level certification for cybersecurity professionals who are tasked with penetration testing to identify, exploit, report, and manage vulnerabilities on a network. PenTest+ is at the same certification level as CT-395: CySA+. Depending on your course of study, PenTest+ and CySA+ can be taken in any order, but typically follow the skills learned in CT-325: Security+. PenTest+ focuses on offense through penetration testing and vulnerability assessment while CySA+ focuses on defense through incident detection and response. The most qualified cybersecurity professionals have both offensive and defensive skills. Attend Tech Now training for hands-on, instructor led course to prepare you for the CompTIA PT0-002 exam. This exam is hands-on, performance-based questions and multiple choice, to ensure each candidate possesses the skills, knowledge, and ability to perform tasks on systems.

 

 

 

 

What’s Included:

  • 5 days of instructor led in classroom training
  • Labs
  • PenTest+ Courseware
  • Exam Voucher
  • PenTest+ onsite exam scheduling

Course Objectives:

  • Plan and scope penetration tests
  • Conduct passive reconnaissance
  • Perform non-technical tests to gather information
  • Conduct active reconnaissance
  • Analyze vulnerabilities
  • Penetrate networks
  • Exploit host-based vulnerabilities
  • Test application
  • Complete post-exploit tasks
  • Analyze and report pen test results

Dates/Locations:

No Events

Duration: 5 Days

Course Content:

    • Module 01. Planning and Scoping Penetration Tests
    • Module 02. Conducting Passive Reconnaissance
    • Module 03. Performing Non-Technical Tests
    • Module 04. Conducting Active Reconnaissance
    • Module 05. Analyzing Vulnerabilities
    • Module 06. Penetrating Networks
    • Module 07. Exploiting Host-Based Vulnerabilities
    • Module 08. Testing Applications
    • Module 09. Completing Post-Exploit Tasks
    • Module 10. Analyzing and Reporting Pen Test Results

 

Prerequisites:

Target Audience:

This course is designed for cybersecurity professionals tasked with penetration testing and vulnerability management.

Comments

Latest comments from students

Liked the class?  Then let everyone know!

PP-244:CIPM + CIPP/E 4 Day GDPR Ready

PP-244: CIPM + CIPP/E 4 Day GDPR Ready

 

Course Overview:

A combined course of CIPM + CIPP/E. Achieving a CIPM credential shows that you have a comprehensive knowledge of how data protection programs should work across an organization. Combine with a CIPP/E credential and prove that you not only can manage a data protection program, but you understand the regulations that govern them.

With a CIPM and CIPP/E combined you’ll be uniquely equipped to fulfill the DPO requirements of the GDPR. The CIPP/E relates to the knowledge a DPO must have concerning the European legal framework of the legislation, and the CIPM provides theoretical aspects necessary to lead an organization’s data protection policy.

The General Data Protection Regulation (GDPR) takes effect in 2018. Among its mandates is the requirement to appoint a knowledgeable Data Protection Officer (DPO) tasked with monitoring compliance, managing internal data protection activities, training data processing staff, conducting internal audits and more. There’s a lot to know, there’s a lot at stake and there’s a lot of opportunity for data protection professionals with the right training and education. 

What’s Included:

  • Authorized courseware
  • 2 Exam vouchers
  • IAPP membership

**GDPR Regulation Mandated May 25, 2018**

Course Objectives:

See individual courses for details: PP-212: CIPP/E Certified Information Privacy Professional Europe and GDPR Compliance

See individual courses for details: PP-222 CIPM Certified Information Privacy Manager and GDPR Compliance

Attendees to PP-244: CIPM + CIPP/E 4 Day GDPR Ready will receive TechNow approved course materials and expert instruction, and certification test vouchers and certificate of course completion.

TechNow is a International Association of Privacy Professionals (IAPP) Partner, and utilizes official curriculum from International Association of Privacy Professionals (IAPP).

TechNow has taught security courses for over 20 years, before most certifications existed and has successfully moved students through certification programs associated with IAPP, SANS, EC-Council and ISC2. Our instructor maintains over a dozen security certifications and has been the director of a company with international sales and compliance.

 

Document Flow Chart iconsm

Dates/Locations:

No Events

Duration: 4 Days

Course Content:

 

Prerequisites: None

Target Audience:

Data Protection Officers, Data Protection Managers, Auditors, Data Protection Lawyers, Records Managers, Information Officers, Legal Compliance Officers, Human Resource Officers, Security Manager, Information Manager, Anyone who uses processes and maintains personal data

Comments

Latest comments from students

Liked the class?  Then let everyone know!

TN-905: Cyber Threat Intelligence Analysis

 

Course Overview:

TechNow has worked worldwide enterprise infrastructures for over 30 years and has developed demos and labs to exemplify the techniques required to demonstrate technologies that effectively support CTI.  This course integrates well with our courses TN-575: Open Source Network Security Monitoring and TN-865: Wireshark Network Traffic and Security Analysis .

TechNow develops Cyber Ranges and makes them available for conferences in support of annual meetings for Cyber Threat Response Teams.  Developing scenarios and reacting to them appropriately is a big part of the value in understanding the contexts required to comprehend valuable CTI.   As with many advanced TechNow security courses, there is a large hands-on ratio.  This course helps Cyber Protection Teams (CPT), Defensive Cyber Operations (DCO), and Mission Defense Teams (MDT) to collect, analyze and apply targeted cyber intelligence to defensive operations in order to proactively act on and tune response to attacks by cyber adversaries.  CPT, DCO, and MDT can take preemptive action by utilizing CTI, understanding CTI tools, techniques and procedures (TTPs) needed to generate and consume timely and relevant intelligence to improve resilience and prevention.

This course focuses on the collection, classification, and exploitation of knowledge about adversaries and their TTPs. .  MDT puts us close the mission and helps define the internal context to be analyzed against the CTI.  TechNow pushes the student to truly understand how to think about and use CTI to make a difference.

Attendees to TN-905: Cyber Threat Intelligence Analysis will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Course Duration: 5 days

Course Objectives:

  • Learn to comprehend and develop complex scenarios
  • Identify and create intelligence requirements through practices such as threat modeling
  • Utilize threat modeling to drive intelligence handling and practices 
  • Breakdown tactical, operational, and strategic-level threat intelligence
  • Generate threat intelligence to detect, respond to, and defeat focused and targeted threats
  • How to collect adversary information creating better value CTI
  • How to filter and qualify external sources, mitigating low integrity intelligence
  • Create Indicators of Compromise (IOCs) in formats such as YARA, OpenIOC, and STIX
  • Move security maturity past IOCs into understanding and countering the behavioral tradecraft of threats
  • Breaking down threats mapped against their tradecraft to tweak IOCs
  • Establish structured analytical techniques to be successful in any security role
  • Learn and apply structured principles in support of CTI and how to communicate that to any security role.

Course Prerequisites:

Comments

Latest comments from students

 

Liked the class?  Then let everyone know!