TN-913: Cloud Security Fundamentals

Course Overview:

TechNow Cloud Security Fundamentals addresses the loss of hands-on control of system, application, and data security in the Cloud computing environment. Security teams wrestle with the impact and liability of Cloud computing on an organization. This course enables the security team to assist in contract language and Service Level Agreements (SLAs) when utilizing Cloud Service Providers (CSPs).

Compliance and auditing are introduced with strategies for control verification and audit analysis in the CSP environment. Software as a Service (SaaS) to Infrastructure as a Service (IaaS) and everything in between require a compliance strategy. Students will go in-depth into the architecture and infrastructure fundamentals for private, public, and hybrid clouds. Topics covered include: patch and configuration management, virtualization security, application security, and change management. Policy, risk assessment, and governance within cloud environments will be covered with recommendations for both internal policies and contract provisions to consider.

TechNow has worked worldwide enterprise infrastructures for over 20 years and has developed demos and labs to exemplify the techniques required to effectively manage security in the cloud environment.

Attendees to TN-913: Cloud Security Fundamentals will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Course Duration: 3 days

Course Objectives:

Cloud computing introduction
Security challenges in the cloud
Infrastructure security in the cloud
Policy, risk, and governance for cloud computing
Compliance and legal considerations
Audit and assessment for the cloud
Data security in the cloud
Identity and Access Management (IAM)
Disaster Recovery and Business Continuity Planning (DR/BCP) in the cloud
Intrusion detection and incident response

Course Prerequisites:

GSEC, CISSP, CASP or equivalent experience in managing enterprise infrastructures
Managing or administering at least one of UNIX, Windows, Databases, networking, or security

Comments

Latest comments from students

User: reedrobt

Instructor comments: Dave is like an encyclopedia of technical topics...what "doesn't" he have expertise in?

Facilities comments: Home2 location was well-kept and convenient to other services.

Liked the class? Then let everyone know!

TN-939: Hacker Techniques, Exploits, and Incident Handling Course

Course Overview:

A skills focus enables the student to better absorb the subject matter and perform successfully on the exam. This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics of the attacks and the effectiveness. Students then gain network experience and use sniffing to help exemplify the benefit of learning wired and wireless security configurations. The course concludes with exercising real attack strategies to demonstrate the techniques acquired throughout the course.

Attendees to TN-939: Hacker Techniques, Exploits, and Incident Handling will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Duration: 9 days

Course Objectives:

Backdoors & Trojan Horses
Buffer Overflows
Covering Tracks: Networks
Covering Tracks: Systems
Denial of Service Attacks
Exploiting Systems Using Netcat
Format String Attacks
Incident Handling Overview and Preparation
Incident Handling Phase 2: Identification
Incident Handling Phase 3: Containment
Incident Handling: Recovering and Improving Capabilities
IP Address Spoofing
Network Sniffing
Password Attacks
Reconnaissance
Rootkits
Scanning: Host Discovery
Scanning: Network and Application Vulnerability scanning and tools
Scanning: Network Devices (Firewall rules determination, fragmentation, and IDS/IPS evasion)
Scanning: Service Discovery
Session Hijacking, Tools and Defenses
Types of Incidents
Virtual Machine Attacks
Web Application Attacks
Worms, Bots & Bot-Nets

Prerequisites:

GSEC or equivalent experience
UNIX, Windows, Networking, and Security Experience
This is a hands-on skill course requiring comfort with command line interaction and network communications

Comments

Latest comments from students

User: m_jurrens

Instructor comments: Both instructors Mr. Askey and Mr. Hackney, were very good. the open learning environment was extremely productive and I felt we all learned far more that we ever would out of a structured rote memorization course.

User: natebonds

Instructor comments: Both Mr. Askey and Hackney were extremely knowledgeable. They were also extremely interested in helping each student learn. I was particularly impressed with the way they tailored the course to optimize our time since we weren't testing. I feel like I know much much more than I did when the class started.

Facilities comments: The facilities were fine. I would have preferred it be closer to Lackland.

Liked the class? Then let everyone know!

N-595: VoIP Security Analysis and Design

Course Overview:

As VoIP (Voice-over IP) is integrated into the operations of many missions, it is imperative to understand its security ramifications. In the N-595: VoIP Security Analysis and Design class the objectives are designed for those who are chartered with the responsibility of securing networks and application environments that incorporate VoIP. Topics include how VoIP works, its interactions with the network, its vulnerabilities and mitigations. Focus is on leading open source and proprietary technologies utilizing Asterisk and Cisco and the protocols SIP, H.323, RTP, MGCP, and Skinny. Other protocols such as Nortel's UNIStim will be addressed. As for Cisco, security pieces in the VoIP CallManager servers, Catalyst switches, IOS-based routers, and ASA firewalls, amounts to several different platforms, each with its own management interface and lockdown procedures. Various open source tools including those in BackTrack are used for VoIP attacks. A task list of actions for securing enterprise VoIP is carried out in hands-on labs, performed on Cisco phones, routers, switches, and ASA firewalls.

Attendees to N-595: VoIP Security Analysis and Design will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

VoIP Architecture
VoIP Signaling and media protocols
Common VoIP authentication mechanisms
Common VoIP encryption techniques
VoIP protocol analysis with Wireshark
Maintaining QoS while mitigating DoS
VoXML, XML, and application integration security
Converged network security design and implementation
Impact of NAT and firewalls
SIP, H.323, and MGCP vulnerabilities
VPN, IPsec and SRTP to secure VoIP services
Penetration testing with open source tools
Attacks for Eavesdropping, call redirection, and DoS
Design of hacked firmware virtualization layer
Concise lockdown steps for network hardware and VoIP

Prerequisites:

This is an advanced Information Security Course which requires basic Windows & UNIX competency
Certification or 2 years of experience in these operating systems is highly recommended
As well as an understanding of TCP/IP

Comments

Latest comments from students

Liked the class? Then let everyone know!

AZ-500: Microsoft Azure Security Technologies

Course Overview:

Gain the knowledge and skills needed to implement security controls, maintain the security posture, and identify and remediate vulnerabilities by using a variety of security tools. The course covers scripting and automation, virtualization, and cloud N-tier architecture.

After completing this course, students will be able to describe specialized data classifications on Azure, Identify Azure data protection mechanisms, Implement Azure data encryption methods, Secure internet protocols and how to implement them on Azure, Describe Azure security services and features.

TechNow has worked worldwide enterprise infrastructures for over 20 years and has developed demos and labs to exemplify the techniques required to demonstrate cloud technologies and to effectively manage security in the cloud environment.

Attendees to AZ-500: Microsoft Azure Security Technologies will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Course Duration: 5 days

Course Outline:

Identity and access
- Configure Azure Active Directory for Azure workloads and subscriptions
- Configure Azure AD Privileged Identity Management
- Configure security for an Azure subscription
Platform Protection
- Understand cloud security
- Build a network
- Secure network
- Implement host security
- Implement platform security
- Implement subscription security
Security Operations
- Configure security services
- Configure security policies by using Azure Security Center
- Manage security alerts
- Respond to and remediate security issues
- Create security baselines
Data and Applications
- Configure security policies to manage data
- Configure security for data infrastructure
- Configure encryption for data at rest
- Understand application security
- Implement security for application lifecycle
- Secure applications
- Configure and manage Azure Key Vault

Prerequisites :

- - AZ-900: Microsoft Azure Fundamentals
  - Students should have 1-2 years professional development experience and experience with Microsoft Azure.
  - Student must be able to program in an Azure Supported Language.

Comments

Latest comments from students

Liked the class? Then let everyone know!

CompTIA

Increase your credibility, job security, and career opportunities by reaching your goal and getting certified! TechNow offers many CompTIA bootcamp style courses in which we administer an exam on the last day of class. We have a proven testing program that will get you the results you want!