TN-515: Implementing Cybersecurity and Information Assurance Methodologies

Course Overview:

Learn to protect yourself and your company against hackers, by learning their tools and techniques, and then testing your network. This course is heavily based on Kali and primarily on Metasploit. In TN-515: Implementing Cybersecurity and Information Assurance Methodologies class you will learn the step by step process that hackers use to assess your enterprise network, probe it & hack into it, utilizing a mixed-platform target environment including Windows, Linux, Solaris, and Cisco. This course is 90% hacking, but defenses for demonstrated hacks will be discussed. If you want to know the ins and outs of the hacks presented in this course, then this is the course for you.

Attendees to TN-515: Implementing Cybersecurity and Information Assurance Methodologies Class Attendees will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

Introduction to Pen Testing using the PTES model
Metasploit Basics
- MSFconsole, MSFcli, Armitage, MSFpayload, MSFencode, NasmShell
Intelligence Gathering
- Nmap, Databases in Metasploit, Port Scanning with Metasploit
Quick Intro to Ruby
- Writing a simple Ruby script to create a custom scanner
Vulnerability Scanning
- Importing Nessus Results
- Scanning with Nessus from Within Metasploit
Exploitation
- Using the Metasploit Framework and console to exploit
Meterpreter
- Compromising a Windows System
- Attacking MS SQL, xp_cmdshell
- Dumping Usernames and Passwords, extracting and dumping hashes
- Pass the Hash and Token Impersonation
- Pivoting
- Railgun
- Using Meterpreter Scripts: Migrating a process, Killing AV, Persistence
Avoiding Detection
- Creating Stand-Alone Binaries with MSFpayload
- Encoding with MSFencode and Packers (go Green Bay:)
Exploitation Using Client Side Attacks
- Introduction to Immunity Debugger
- Using Immunity Debugger to Decipher NOP Shellcode
Metasploit Auxiliary Modules
Social Engineer Toolkit (SET)
- Spear-Phishing, Web Attack
- Creating a Multipronged Attack
Creating Your Own Module
- Adapt an existing Module
- Add some PowerShell and Run the Exploit
Meterpreter Scripting
Capture The Flag Exercise

Prerequisites:

This is an advanced Cybersecurity and Information Assurance Course which requires basic Windows & UNIX competency
Certification or 2 years of experience in these operating systems is highly recommended
An understanding of TCP/IP

Comments

Latest comments from students

Liked the class? Then let everyone know!

Courses Similar to SANS

TechNow is in no way associated with SANS or GIAC, but has courses that are similar in subject matter:

MS-10231: Designing a Microsoft SharePoint 2010 and 2013 Infrastructure

Course Overview:

This course is intended for IT Professionals who use Microsoft SharePoint 2010 in a team-based, medium-sized to large environment. While they may have implemented a SharePoint deployment, they have limited experience in designing a SharePoint infrastructure. They likely work as a senior administrator who acts as a technical lead over a team of administrators. Members of this audience should have at least 6 months experience with SharePoint 2010 (including pre-released versions of the product).

Attendees to MS-10231: Designing a Microsoft SharePoint 2010/2013 Infrastructure will receive TechNow approved course materials and expert instruction.

Date/Location:

No Events

Duration: 5 days

Course Objectives:

Designing a Logical Architecture
Planning Service Application Architecture
Planning for Performance and Capacity
Designing a Physical Architecture
Designing a Security Plan
Planning Authentication
Planning Managed Metadata
Planning Social Computing
Designing Enterprise Search Strategy
Planning Enterprise Content Management
Developing a Plan for Governance
Designing a Maintenance and Monitoring Plan

Prerequisites:

At least 2 years experience administering, deploying, managing, monitoring, upgrading, migrating, and designing SharePoint servers
At least one year’s experience of mapping business requirements to logical and physical technical design
Working knowledge of network design, including network security

Comments

Latest comments from students

Liked the class? Then let others know!

TN-835: Certified in Risk and Information Systems Control (CRISC) Preparation Seminar

Course Overview:

Certified in Risk and Information Systems Control (CRISC), is for professionals responsible for an organization's risk management program. Students looking to acquire CRISC qualify themselves as IT security analyst, security engineer architect, information assurance program manager and senior IT auditor. CRISC certified professionals manage risk, design and oversee response measures, monitor systems for risk, and ensure the organization's risk management strategies are met.

The CRISC exam will primarily align with the terminology and concepts described in The Risk IT Framework, The Risk IT Practioner Guide, and COBIT 5. This will include applications in the evaluation and monitoring of IT-based risk, as well as the design and implementation of IS controls.

The CRISC exam covers four domains that are periodically updated to reflect the changing needs of the profession:

Domain 1: Risk Identification
Domain 2: Risk Assessment
Domain 3: Risk Response and Mitigation
Domain 4: Risk and Control Monitoring and Reporting

This course is designed to assist in your exam preparation for the CRISC exam.

Attendees to TN-835: Certified in Risk and Information Systems Control (CRISC) Seminar will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

Risk IT Framework—Purpose and Principles
Essentials of Risk Governance, Evaluation, and Response
Risk and Opportunity Management Using CobiT, Val IT and Risk IT
The Risk IT Framework Process Model Overview
Managing Risk in Practice—The Practitioner Guide Overview
Overview of the Risk IT Framework Process Model
The Risk IT Framework

Prerequisites:

A minimum of at least three (3) years of cumulative work experience performing the tasks of a CRISC professional across at least three (3) CRISC domains is required for certification. There are no substitutions or experience waivers.

Comments

Latest comments from students

User: tracycampbell

Instructor comments: Dave had great command of the class and the flow of information. The lessons seem relevant to the exam and the course material should assist greatly with passing. As a bonus, his breakdown of PKI helped with my current job requirements.

Facilities comments: The Home2Suites by Hilton was FANTASTIC!

Liked the class? Then let everyone know!

TN-512: Essential Business Analysis Course

Course Overview:

This course covers the key elements required to understand and apply business analysis techniques in an IT-centric business environment. It identifies key best practices to deal with the challenges of eliciting, analyzing, and specifying project requirements. The key material in each section of this course is reinforced with a student driven lab scenario allowing each participant hands-on practice with the key business analysis concepts that are introduced in this course. At the end of the focused sections on business analysis techniques, the students will engage in a student-driven business analysis case study blending all the learned techniques into a finished product. This course is approximately 60% lecture and 40% lab time.

Attendees to TN-512: Essential Business Analysis Course will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

Overview of Business Analysis Workshop
Eliciting Project Workshop
Case Study
Analyzing Requirements and Writing Case Studies
Case Study