TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies

 

Course Overview:

TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies is the big picture overview of a SOC, other courses provide a deep dive into the technologies that a SOC may utilize. This course addresses the internal workings of staff, skills required, required authorizations, internal agreements, and setting appropriate expectation levels of a SOC within budget constraints. A SOC is not a one size fits all, the instructor has decades of security experience and brings to the table opportunities to discuss what can work within constraints. Many organizations are coming to the realization that some level of a SOC is now required and to learn just what decisions need to be made: Out-sourced, In-sourced, budgets, capabilities and many more. Students leave with a worksheet of how to progress when they get back to their organization.

TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies – Is a course that incorporates lecture, demos, and group exercises for standing up a Security Operations Center (SOC). Students learn strategies and resources required to deploy, build, and run Network Security Monitoring (NSM) and work roles and flows for a SOC. No network is bullet proof and when attackers access your network, this course will show you options and resources to build a security net to detect, contain, and control the attacker. Examples on what it takes to architect an NSM solution to identify sophisticated attackers and a response strategy. Properly implemented detection and response technologies is integral to incident response and provides the responders timely information and tools to react to the incident. Effective demonstrations are given of Open Source technologies that build up a SOC, but any software can be used and demonstrations are provided to demonstrate technology families not push a specific solution.

TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies demonstrations utilize a cyber range that gives each student in-depth knowledge of monitoring live systems to include: Cisco, Windows, Linux, IoT, and Firewalls; and software and services to provide orchestrate Incident Response, Intelligence Analysis, and Hunt Operations.

Attendees to TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies class will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 2 Days

Course Objective:

    • To provide management an overview of what it takes to stand up a SOC.

Prerequisites:

  • Students should have an understanding of the security field.

Course Outline:

  • What threats does my organization care about?
  • What does a threat look like?
  • What does a threat look like?
  • How to present the SOC internally.
  • Communication with Stakeholders and Executives
    • Leveraging and integrating existing security measures
  • People
    • Establishing a skill matrix and work roles for SOC members
    • Establishing a training path
    • Personnel background requirementsProcesses
  • Processes
    • Alignment to standards: NIST, PCI, HIPAA, etc.
    • Risk related decision trees
    • Playbooks
    • Threat Intelligence Integration
  • Technology – Tool Suites to Support:
    • Ethical Hacking
    • Network Security Monitoring and SIEM
    • Forensics
    • Dashboards
    • Analysis and Hunting
    • Incident Management and Ticketing

 

Comments

Latest comments from students

 

Liked the class?  Then let everyone know!

TechNow Training Voucher Program

TechNow offers training vouchers that are not locked into any particular course or student and are good for a full year from the date of purchase.  Choose from any course we have to offer! Lock in your training budget today with TechNow Training Vouchers!

Voucher

Call 800-324-2294 or use this handy link for more information.

 

in   

TN-5425: Networking with Windows Server 2016

 

Course Overview:

Course two of a three course series to obtain a Server 2016 MCSA certification. This 5-day course provides the fundamental networking skills required to deploy and support Windows Server 2016 in most organizations. It covers IP fundamentals, remote access technologies, and more advanced content including Software Defined Networking.

The course leads directly to preparing for the(MCSA):Windows Server 2016 exam “70-741: Installation, Storage, and Compute with Windows Server 2016”.  It also maps to Microsoft’s course 20741A, and is part of the Server 2016 MCSA certification. 

Attendees to TN-5425: Networking with Window Server 2016 will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

  • Plan and implement an IPv4 network
  • Implement Dynamic Host Configuration Protocol (DHCP)
  • Implement IPv6
  • Implement Domain Name System (DNS)
  • Implement and manage IP address management (IPAM)
  • Plan for remote access
  • Implement DirectAccess
  • Implement virtual private networks (VPNs)
  • Implement networking for branch offices
  • Configure advanced networking features
  • Implement Software Defined Networking

Prerequisites: 

  • A basic understanding of networking fundamentals
  • Experience working with Windows Server 2008 or Windows Server 2012
  • Experience working in a Windows Server infrastructure enterprise environment
  • Knowledge of the Open Systems Interconnection (OSI) model
  • Understanding of core networking topologies and architectures such as local area networks (LANs), wide area networks (WANs) and wireless networking
  • Basic knowledge of the TCP/IP protocol stack, addressing and name resolution
  • Experience with and knowledge of Hyper-V and virtualization
  • Hands-on experience working with the Windows client operating systems such as Windows 8.1 or Windows 10
  

Liked the class?  Then let everyone know!

CT-405: PenTest+

 

 

 

 

 

 

Course Overview:

PenTest+ is an intermediate-level certification for cybersecurity professionals who are tasked with penetration testing to identify, exploit, report, and manage vulnerabilities on a network. PenTest+ is at the same certification level as CT-395: CySA+. Depending on your course of study, PenTest+ and CySA+ can be taken in any order, but typically follow the skills learned in CT-325: Security+. PenTest+ focuses on offense through penetration testing and vulnerability assessment while CySA+ focuses on defense through incident detection and response. The most qualified cybersecurity professionals have both offensive and defensive skills. Attend Tech Now training for hands-on, instructor led course to prepare you for the CompTIA PT0-002 exam. This exam is hands-on, performance-based questions and multiple choice, to ensure each candidate possesses the skills, knowledge, and ability to perform tasks on systems.

 

 

 

 

What’s Included:

  • 5 days of instructor led in classroom training
  • Labs
  • PenTest+ Courseware
  • Exam Voucher
  • PenTest+ onsite exam scheduling

Course Objectives:

  • Plan and scope penetration tests
  • Conduct passive reconnaissance
  • Perform non-technical tests to gather information
  • Conduct active reconnaissance
  • Analyze vulnerabilities
  • Penetrate networks
  • Exploit host-based vulnerabilities
  • Test application
  • Complete post-exploit tasks
  • Analyze and report pen test results

Dates/Locations:

No Events

Duration: 5 Days

Course Content:

    • Module 01. Planning and Scoping Penetration Tests
    • Module 02. Conducting Passive Reconnaissance
    • Module 03. Performing Non-Technical Tests
    • Module 04. Conducting Active Reconnaissance
    • Module 05. Analyzing Vulnerabilities
    • Module 06. Penetrating Networks
    • Module 07. Exploiting Host-Based Vulnerabilities
    • Module 08. Testing Applications
    • Module 09. Completing Post-Exploit Tasks
    • Module 10. Analyzing and Reporting Pen Test Results

 

Prerequisites:

Target Audience:

This course is designed for cybersecurity professionals tasked with penetration testing and vulnerability management.

Comments

Latest comments from students

Liked the class?  Then let everyone know!

RH-355: RHCSA Rapid Track Course

Course Overview:

The RHCSA Rapid Track Course  is designed for experienced Linux® system administrators who want to expand their technical skill sets and become accredited with the Red Hat® Certified System Administration (RHCSA) certification. To successfully navigate this course, students should have experience with the Linux command line—including the necessary skills to execute common commands, such as cp, grep, sort, mkdir, tar, mkfs, ssh, and dnf—and be familiar with accessing man pages for help. At the completion of the course, students will be adequately prepared to take the RHCSA exam (EX200) .

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

  • Introduce Linux and the Red Hat Enterprise Linux ecosystem.
  • Run commands and view shell environments.
  • Manage, organize, and secure files.
  • Manage users, groups and user security policies.
  • Control and monitor systemd services.
  • Configure remote access using the web console and SSH.
  • Configure network interfaces and settings.
  • Manage software using DNF
  • Access security files, file systems, and networks
  • Execute shell scripting and automation techniques
  • Manage storage devices, logical volumes, and file systems
  • Manage security and system access
  • Control the boot process and system services
  • Running containers

Prerequisites:

Experience in the field system administration.

Comments

Latest comments from students

Liked the class?  Then let everyone know!