Test2

  

http://technow.www162-254-253-232.a2hosted.com/palo-alto-firewall-essentials-fasttrack-training-class-course-pa-215/

  

Course Overview:

PA-215: Palo Alto Networks Firewall Essentials FastTrack Training Class is a five-day course that teaches students to configure and manage the entire line of Palo Alto Networks next-generation firewalls. Through hands-on training, students learn high end skills of how to integrate Palo Alto next-generation firewalls into their network infrastructure.This is not a virtualized theoretical course.  This is hands-on, real world instruction, directly relevant to the DoD and Commercial implementations of Palo Alto Networks next-generation firewalls.

Each student is issued a physical Palo Alto firewall and a Cisco layer 3 switch at their desk.  Real hardware per student for real experience and real skill development.  TechNow provides a very comprehensive client infrastructure that includes Windows, Linux, and multiple packet sniffer agents.

This course sets up the foundation for the two day course PA-222: Palo Alto Networks Panorama Essentials.

The instructor for this course has been a lead in Unix kernel development to implement firewall and intrusion detection technologies.  Additionally, the instructor has taught several security appliance products and carries several SANS, Cisco, Unix, and Windows certifications.

Attendees to the PA-215:  Palo Alto Firewall Essentials FastTrack Training Course will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration 5 days

Course Objectives:  

Students attending this foundational-level training course will gain an in-depth knowledge of how to configure and manage their Palo Alto Networks firewall, including hands-on experience in configuring the security, networking, threat prevention, logging, and reporting features of the Palo Alto Networks Operating System (PAN-OS).  

  • Day 1
    • Module 0 – Introduction & Overview
    • Module 1 – Administration & Management
      • Configuration Management
      • PAN-OS & Software Updates
      • Service Route Configuration
      • Log Forwarding
      • GUI, CLI, and API
    • Module 2 – Interface Configuration
      • L2 & L3
      • Vwire
      • Tap
      • Interface Management in Security Zones
      • VLANs
      • QoS
  • Day 2
    • Module 3 – Layer 3 Configuration
      • L3 Configuration and DHCP
      • NAT
      • DNS Proxy
      • Policy Based Forwarding in
      • Introduction to IPv6
    • Module 4 – App-ID
      • App-ID Process
      • Policy Administration
    • Module 5 – Content-ID
      • Antivirus
      • Anti-spyware
      • Vulnerability
      • URL Filtering
      • File Blocking and Wildfire
      • Data Filtering
      • DoS Protection
      • Botnet
  • Day 3
    • Module 6 – VM Firewall
      • Downlaod VM Template
      • Configure ESXi
      • Configure VM
    • Module 7 – Decryption
      • SSL Inbound and Outbound
    • Module 8 – Custom Signatures
      • Defining New Application Signatures
      • Application Override
      • Custom Threat ID
  • Day 4
    • Module 9 – User-ID
      • User-ID Agent
      • Terminal Server Agent
      • XML API
      • Captive Portal
    • Module 10 – VPN and GlobalProtect
      • Psec Tunnels
      • GlobalProtect
      • Agent
      • Portal
      • Gateway
      • HIP
  • Day 5
    • Module 11 – High Availability
      • Active/Passive
      • Active/Active
    • Module 12 – Panorama
      • Device Groups & Objects
      • Shared Policy
      • Configuration Management
      • Reporting

Prerequisites:

This course is in no way associated with Palo Alto Networks, Inc.

Comments

Latest comments from students

  

Like the class?  Then let everyone know!

TN-989: Advanced Penetration Testing, Exploits, and Ethical Hacking Course

Course Overview:

This course engages students by providing in-depth knowledge of the most prominent and powerful attack vectors and an environment to perform these attacks in numerous hands-on scenarios. This course goes far beyond simple scanning for low-hanging fruit, and shows penetration testers how to model the abilities of an advanced attacker to find significant flaws in a target environment and demonstrate the business risk associated with these flaws.

A skills focus enables the student to better absorb the subject matter and perform successfully on the job.   This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics of the attacks and the effectiveness.

Attendees to TN-989: Advanced Penetration Testing, Exploits, and Ethical Hacking course will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Course Duration: 5 days

Course Objectives:

  • Accessing the Network
  • Advanced Fuzzing Techniques
  • Advanced Stack Smashing
  • Attacking the Windows Domain – Enumeration
  • Attacking the Windows Domain – Restricted Desktops
  • Attacking the Windows Domain – The Attacks
  • Building a Metasploit Module
  • Crypto for Penetration Testers
  • Exploiting the Network
  • Fuzzing Introduction and Operation
  • Introduction to Memory and Dynamic Linux Memory
  • Introduction to Windows Exploitation
  • Manipulating the Network
  • Python and Scapy For Penetration Testers
  • Shellcode
  • Smashing the Stack
  • Windows Heap Overflow Introduction
  • Windows Overflows

Course Prerequisites:

  • GSEC or equivalent experience
  • UNIX, Windows, Networking, and Security Experience
  • This is a hands-on skill course requiring comfort with command line interaction and network communications

Comments

Latest comments from students

User: ryanv

Instructor comments: Great.

Facilities comments: N/A. Hotel.

User: sean.hollinger

Instructor comments: Instructor is technically knowledgeable as he has been on every course I've taken with TechNow.

Facilities comments: adequate

Liked the class?  Then let everyone know!

TN-415: Computer Hacking Forensics Investigator (CHFI)

 

 

 

 

 

 

 

Course Overview:

The Computer Hacking Forensic Investigator (CHFI) course delivers the security discipline of digital forensics from a vendor-neutral perspective. CHFI is a comprehensive course covering major forensic investigation scenarios and enabling students to acquire necessary hands-on experience with various forensic investigation techniques and standard forensic tools necessary to successfully carry out a computer forensic investigation leading to the prosecution of perpetrators.

The CHFI certification gives participants the necessary skills to perform an effective digital forensics investigation. CHRI presents a methodological approach to computer forensics including searching and seizing, chain-of-custody, acquisition, preservation, analysis and reporting of digital evidence

What’s Included:

  • 5 days of instructor-led in classroom training
  • Detailed Labs for hands-on learning experience; approximately 50% of training is dedicated to labs
  • Hundreds of investigation tools including EnCase, Access Data FTL, & ProDiscover
  • Huge cache of evidence files for analysis including RAW, .dd images, video & audio files, MS Office files, systems files, etc.
  • CHFI Courseware
  • Exam Voucher
  • CHFI onsite exam scheduling

Course Objectives:

  • Establish threat intelligence and key learning points to support pro-active profiling and scenario modeling
  • Perform anti-forensic methods detection
  • Perform post-intrusion analysis of electronic and digital media to determine the who, where, what, when, and how the intrusion occurred
  • Extract and analyze of logs from various devices like proxy, firewall, IPS, IDS, Desktop, laptop, servers, SIM tool, router firewall, switches AD server, DHCP logs, Access Control Logs & conclude as part of investigation process
  • Identify & check the possible source/ incident origin
  • Recover deleted files and partitions in Windows, MAC OS X, and Linux
  • Conduct reverse engineering for known and suspected malware files
  • Collect data using forensic technology methods in accordance with evidence handling procedures, including collection of hard copy and electronic documents

Dates/Locations:

No Events

Duration: 5 Days

Course Content:

    • Module 01. Computer Forensics in Today’s World
    • Module 02. Computer Forensics Investigation Process
    • Module 03. Understanding Hard Disks and File Systems
    • Module 04. Data Acquisition and Duplication
    • Module 05. Defeating Anti-forensics Techniques
    • Module 06. Operating System Forensics (Windows, Mac, Linux)
    • Module 07. Network Forensics
    • Module 08. Investigating Web Attacks
    • Module 09. Database Forensics
    • Module 10. Cloud Forensics
    • Module 10. Malware Forensics
    • Module 11. Investigating Email Crimes
    • Module 12. Investigating Email Crimes
    • Module 13. Mobile Forensics
    • Module 14. Forensics Report Writing and Presentation

 

Prerequisites:

      • 2+ years of proven information security work experience
      • Educational background with digital security specialization

    Target Audience:

      • Law Enforcement
      • Defense & Military
      • E-Business Security
      • Systems Administrators
      • Legal Professionals
      • Banking & Insurance professionals
      • Government Agencies
      • IT Managers

  • Comments

    Latest comments from students

    Liked the class?  Then let everyone know!

TN-855: Advanced and In-Depth ICD 503 RMF, Controls, and Assessments

Course Overview:

This course is very hands-on with respect to SP 800-53 controls as related to ICD-503, leveraging experience with DCD 6/3, and incorporating a broad array of technologies found in the field.  Assessors and Auditors have to face many technologies that are not part of the main stream.  TechNow has gone to great efforts to build a very broad, comprehensive, and complex lab to simulate many scenarios and architectures.  Technologies such as a network appliance that is not a typical infrastructure product, a radio/satellite communications device, or many other technologies that build up a weapon system.  Students learn how controls are integrated into many different devices and how they fit in the overall security architecture of monitoring, reporting, and compliance testing.

Directly discussed are overlays for different requirements i.e.: tactical, medical, network type: JWICS, SIPR; IC or AF.  TechNow has developed a funnel concept to overlays to exemplify the encapsulation of a control within different requirements.  TechNow has over 15 years experience in Trusted Solaris/Trusted Extensions and labeled security.  Cross Domain overlays are presented that fits the work flow of an assesor.  PII overlays and any overlays that an organization uses and can be made available are also presented.  

This course allows the student to leverage years of experience in DoD DCD 6/34 for transition to the Risk Management Framework (RMF) applied to the Intelligence Community as mandated by ICD 503.  Utilizing NIST SP 800-37 to establish a baseline of RMF knowledge, the student learns how to integrate the NIST pubs to provide cohesive information assurance architectures and compliance.  ICD 503 scorecard evaluations are integral in demonstrating a successful ICD 503 compliance program.  TechNow's ICD 503 course provides students with the skill to assess security programs and evaluate ICD 503 compliance to build an improvement and sustainable program for score consistency.  TechNow's instructors have unparralleled expertise in federal compliance initiatives, and we bring this expertise instructing students on the complete life cycle of RMF.

More than a simple checklist, we instruct students not only how to validate essential security controls, programs, and metrics, but that they are operating effectively.  The student leaves the course knowing how to: identify gaps where controls, programs, or metrics are incomplete, missing or ineffective, and provide actionable findings and recommend remediation strategies.  Students learn to internalize NIST pubs to meaningul and effective IA guidelines and work with the Body of Evidence templates which include: Risk Assessment Report (RAR), Systems Security Plan (SSP), Security Assessment Report (SAR), and Plans of Action and Milestone (POAM).

TechNow training materials are aligned with the most recent set of National Institute of Standards and Technology (NIST), Committee on National Security Systems (CNSS), and Office of the Director of National Intelligence (ODNI) policies standards, processes, policies and instructions to be addressed/explained include ICD 503, ICS 503-1, ICS 500-16, ICS 500-18, ICS 500-27, ICD 502, NIST SP 800-37, NIST SP 800-30, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-137, NIST SP 800-47, CNSSP 22, CNSSI 1253, and CNSSI 4009.

A majority of time is spent on in-depth compliance review of NIST SP 800-53 controls.  Instruction discusses which method should be used to test and validate each security control and what evidence should be gathered.  This course is not theory or death by power point.  Real scenarios are presented as exercises.  A complete live cyber range simulating the IC is utilized for hands-on labs for techniques of validating and documenting compliance of NIST SP 800-53 controls as related to ICD 503.

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

  • Establish a baseline of RMF knowledge
  • Validate essential security controls, programs, and metrics
  • DoD DCD 6/3 to ICD 503 Transition
  • Lab Environtment and the Cyber Range
  • Overlays: Tactical, Medical, Network type(JWICS, SIPR; IC or AF), Cross Domain, PII
  • Risk Assessment Report (RAR)
  • Systems Security Plan (SSP)
  • Security Assessment Report (SAR)
  • Plans of Action and Milestone (POAM)

Prerequisites:

Experience in the field of auditing and assesments.

Comments

Latest comments from students

Liked the class?  Then let everyone know!

TN-979: Intrusion Analyst Course

Course Overview:

Intrusion Analyst is a hands-on course that covers intrusion detection in-depth. This includes concepts such as the use of Snort, network traffic analysis, and IDS signatures.

A skills focus enables the student to better absorb the subject matter and perform successfully on the job.   This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics of packet and intrusion analysis.

Attendees to TN-979: Intrusion Analyst will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

  • Advanced Snort Concepts
  • Analyst Toolkit
  • Domain Name System (DNS)
  • Examining Packet Crafting
  • Examining Packet Header Fields
  • Fragmentation
  • ICMP Theory
  • IDS Interoperability
  • IDS Patterns
  • IDS/IPS Management & Architecture Issues
  • Indications, Warnings & Traffic Correlation
  • IPv6
  • Microsoft Protocols
  • Network Traffic Analysis
  • NIDS Evasion, Instertion & Checksums
  • Snort Fundamentals & Configuration
  • Snort GUIs & Sensor Management
  • Snort Performance, Active Response & Tagging
  • Snort Rules
  • Stimulus Response
  • TCPdump Fundamentals
  • TCP/IP Fundamentals
  • Wireshark Fundamentals
  • Writing TCPdump Filters

Course Prerequisites:

  • GSEC or equivalent experience
  • UNIX, Windows, Networking, and Security Experience
  • This is a hands-on skill course requiring comfort with command line interaction and network communications

Comments

Latest comments from students

User: Tosha

Instructor comments: Dave was an excellent instructor. He is very informative and knowledgeable in the course and the material. I have enjoyed the class and I would take another course with him as the instructor.

Facilities comments: Very nice and clean hotel.

User: buckey26

Instructor comments: Dave was one of the best instructors I have ever had for a tech course. He broke down everything to the point where you can understand it internally.

Liked the class?  Then let everyone know!