TN-919: Penetration Tester Course

Course Overview:

This course engages students by providing in-depth knowledge of the most prominent and powerful attack vectors and an environment to perform these attacks in numerous hands-on scenarios. This course goes far beyond simple scanning for low-hanging fruit, and shows penetration testers how to model the abilities of an advanced attacker to find significant flaws in a target environment and demonstrate the business risk associated with these flaws.

Attendees to TN-919:Penetration Tester course will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Course Duration: 5 days

Course Objectives:

  • Advanced Hash Manipulation
  • Command Shell vs. Terminal Access
  • Enumerating Users
  • Exploitation Fundamentals
  • Injection Attacks
  • Legal Issues
  • Metasploit
  • Moving Files with Exploits
  • Obtaining and Passing Password Representations
  • Overview of Passwords
  • Penetration Testing Foundations
  • Penetration Testing Process
  • Penetration Testing via the Command Line
  • Profiling the Target
  • Reconnaissance
  • Scanning for Targets
  • Using a Proxy to Attack a Web Application
  • Vulnerability Scanning
  • Wireless Crypto and Client Attacks
  • Wireless Fundamentals

Course Prerequisites:

  • GSEC or equivalent experience
  • UNIX, Windows, networking, and security experience
  • This is a hands-on skill course requiring comfort with command line interaction and network communications

Comments

Latest comments from students

User: kdwagoner

Instructor comments: Very knowledgeable. Kept class focused and on task

Facilities comments: Good

Liked the class?  Then let everyone know!

PP-212: CIPP/E Certified Information Privacy Professional Europe and GDPR Compliance

 

Course Overview:

Everyday, we access, share, manage and transfer data across companies, continents and the globe. Knowing the ins and outs of data protection requirements gives you the information you need to stay ahead of breaches-and help advance your career. CIPP/E training gives you comprehensive GDPR knowledge, perspective and understanding to ensure compliance and data protection success in Europe. With a CIPP/E and CIPM certification combined you’ll be uniquely equipped to fulfill the DPO requirements of the GDPR. Here is our CIPM + CIPP/E 4 Day GDPR Ready  

What’s Included:

  • Authorized courseware
  • Exam voucher
  • IAPP membership

**GDPR Regulation Mandated May 25, 2018**

Course Objectives:

Principles of Data Protection in Europe covers the essential pan-European and national data protection laws, as well as industry-standard best practices for corporate compliance with these laws. Those taking this course will gain an understanding of the European model for privacy enforcement, key privacy terminology and practical concepts concerning the protection of personal data and trans-border data flows.
The training is based on the body of knowledge for the IAPP’s ANSI accredited Certified Information Privacy Professional/Europe (CIPP/E) certification program.

Attendees to PP-212: CIPP/E Certified Information Privacy Professional Europe and GDPR Compliance will receive TechNow approved course materials and expert instruction, and certification test voucher and certificate of course completion.

TechNow is a International Association of Privacy Professionals (IAPP) Partner, and utilizes official curriculum from International Association of Privacy Professionals (IAPP).

TechNow has taught security courses for over 20 years, before most certifications existed and has successfully moved students through certification programs associated with IAPP, SANS, EC-Council and ISC2. Our instructor maintains over a dozen security certifications and has been the director of a company with internationals sales and compliance.

 

Document Flow Chart iconsm

Dates/Locations:

No Events

Duration: 2 Days

Course Content:

  • Module 1: Data Protection Laws
  • Module 2: Personal Data
  • Module 3: Controllers and Processors
  • Module 4: Processing Personal Data
  • Module 5: Information Provision
  • Module 6: Data Subjects’ Rights
  • Module 7: Security of Processing
  • Module 8: Accountability
  • Module 9: International Data Transfers
  • Module 10: Supervisions and Enforcement
  • Module 11: Compliance.

 

Prerequisites: None

Target Audience:

Data Protection Officers, Data Protection Lawyers, Records Managers, Information Officers, Compliance Officers, Human Resource Officers, Anyone who uses processes and maintains personal data

Comments

Latest comments from students

Liked the class?  Then let everyone know!

TN-515: Implementing Cybersecurity and Information Assurance Methodologies

  

Course Overview: 

Learn to protect yourself and your company against hackers, by learning their tools and techniques, and then testing your network.  This course is heavily based on Kali and primarily on Metasploit.  In TN-515: Implementing Cybersecurity and Information Assurance Methodologies class you will learn the step by step process that hackers use to assess your enterprise network, probe it & hack into it, utilizing a mixed-platform target environment including Windows, Linux, Solaris, and Cisco.  This course is 90% hacking, but  defenses for demonstrated hacks will be discussed.  If you want to know the ins and outs of the hacks presented in this course, then this is the course for you.

Attendees to TN-515: Implementing Cybersecurity and Information Assurance Methodologies Class Attendees will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

  • Introduction to Pen Testing using the PTES model
  • Metasploit Basics
    • MSFconsole, MSFcli, Armitage, MSFpayload, MSFencode, NasmShell
  • Intelligence Gathering
    • Nmap, Databases in Metasploit, Port Scanning with Metasploit
  • Quick Intro to Ruby
    • Writing a simple Ruby script to create a custom scanner
  • Vulnerability Scanning
    • Importing Nessus Results
    • Scanning with Nessus from Within Metasploit
  • Exploitation
    • Using the Metasploit Framework and console to exploit
  • Meterpreter
    • Compromising a Windows System
    • Attacking MS SQL, xp_cmdshell
    • Dumping Usernames and Passwords, extracting and dumping hashes
    • Pass the Hash and Token Impersonation
    • Pivoting
    • Railgun
    • Using Meterpreter Scripts: Migrating a process, Killing AV, Persistence
  • Avoiding Detection
    • Creating Stand-Alone Binaries with MSFpayload
    • Encoding with MSFencode and Packers (go Green Bay:)
  • Exploitation Using Client Side Attacks
    • Introduction to Immunity Debugger
    • Using Immunity Debugger to Decipher NOP Shellcode
  • Metasploit Auxiliary Modules
  • Social Engineer Toolkit (SET)
    • Spear-Phishing, Web Attack
    • Creating a Multipronged Attack
  • Creating Your Own Module
    • Adapt an existing Module
    • Add some PowerShell and Run the Exploit
  • Meterpreter Scripting
  • Capture The Flag Exercise

Prerequisites:

  • This is an advanced  Cybersecurity and Information Assurance Course which requires basic Windows & UNIX competency
  • Certification or 2 years of experience in these operating systems is highly recommended
  • An understanding of TCP/IP

Comments

Latest comments from students

  

Liked the class?  Then let everyone know!

TN-425: Certified Offensive AI Security Professional (C|OASP)

Certified Offensive AI Security Professional (COASP) validates the competencies required for practitioners who need to demonstrate offensive AI security skills, emulating adversaries, validating defenses, and leading red-team/blue-team exercises to keep AI resilient, reliable, and auditable

The Certified Offensive AI Security Professional (COASP) equips you to identify and neutralize AI-specific threats before attackers do. And Bridges security, engineering, and data science so controls exist across the full AI life cycle.

Participants will gain hands-on experience to perform end-to-end adversarial testing and deliver defensive validation evidence including the ability to simulate adversarial AI kill chains, Harden AI architectures by secure system prompts, context windows, tool integrations, RAG pipelines, and agent memory, Conducting AI security assessments aligned to MITRE ATLAS, OWASP LLM/ML Top 10, NIST AI RMF, and DoD Test & Evaluation practices , This course covers how to build SOC-ready capabilities for AI-focused detection logic, incident playbooks, and forensic procedures , & how to execute prompt injection, adversarial prompting , Assess AI supply-chain risk , Implement defensive engineering controls and Produce assurance and compliance artifacts.

By the end of the course, learners will be well-prepared to take the Certified Offensive AI Security Professional (COASP) exam and demonstrate the ability to exploit vulnerabilities in LLMs and agents, and build defense that survive real world attacks, learners will master offensive techniques that break AI before the attackers do.

 

Course Outline: 

01. Offensive AI and AI System Hacking Methodology

02. AI Reconnaissance and Attack Surface Mapping

03. AI Vulnerability Scanning and Fuzzing

04. Prompt Injection and LLM Application Attacks

05. Adversarial Machine Learning and Model Privacy Attacks

06. Data and Training Pipeline Attacks

07. Agentic AI and Model-to-Model Attacks

08. AI Infrastructure and Supply Chain Attacks

09. AI Security Testing, Evaluation, and Hardening

10. AI Incident Response and Forensics 

 

Prerequisites: 

TN-412: Artificial Intelligence Essentials (AI|E) 

 

Dates/Locations:

No Events

MS-10231: Designing a Microsoft SharePoint 2010 and 2013 Infrastructure

 

Course Overview:

This course is intended for IT Professionals who use Microsoft SharePoint 2010 in a team-based, medium-sized to large environment. While they may have implemented a SharePoint deployment, they have limited experience in designing a SharePoint infrastructure. They likely work as a senior administrator who acts as a technical lead over a team of administrators. Members of this audience should have at least 6 months experience with SharePoint 2010 (including pre-released versions of the product).

Attendees to MS-10231: Designing a Microsoft SharePoint 2010/2013 Infrastructure will receive TechNow approved course materials and expert instruction.

Date/Location:

No Events

Duration: 5 days

Course Objectives:

  • Designing a Logical Architecture
  • Planning Service Application Architecture
  • Planning for Performance and Capacity
  • Designing a Physical Architecture
  • Designing a Security Plan
  • Planning Authentication
  • Planning Managed Metadata
  • Planning Social Computing
  • Designing Enterprise Search Strategy
  • Planning Enterprise Content Management
  • Developing a Plan for Governance
  • Designing a Maintenance and Monitoring Plan

Prerequisites:

  • At least 2 years experience administering, deploying, managing, monitoring, upgrading, migrating, and designing SharePoint servers
  • At least one year’s experience of mapping business requirements to logical and physical technical design
  • Working knowledge of network design, including network security

Comments

Latest comments from students

 

Liked the class?  Then let others know!