TN-979: Intrusion Analyst Course

Course Overview:

Intrusion Analyst is a hands-on course that covers intrusion detection in-depth. This includes concepts such as the use of Snort, network traffic analysis, and IDS signatures.

A skills focus enables the student to better absorb the subject matter and perform successfully on the job.   This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics of packet and intrusion analysis.

Attendees to TN-979: Intrusion Analyst will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

  • Advanced Snort Concepts
  • Analyst Toolkit
  • Domain Name System (DNS)
  • Examining Packet Crafting
  • Examining Packet Header Fields
  • Fragmentation
  • ICMP Theory
  • IDS Interoperability
  • IDS Patterns
  • IDS/IPS Management & Architecture Issues
  • Indications, Warnings & Traffic Correlation
  • IPv6
  • Microsoft Protocols
  • Network Traffic Analysis
  • NIDS Evasion, Instertion & Checksums
  • Snort Fundamentals & Configuration
  • Snort GUIs & Sensor Management
  • Snort Performance, Active Response & Tagging
  • Snort Rules
  • Stimulus Response
  • TCPdump Fundamentals
  • TCP/IP Fundamentals
  • Wireshark Fundamentals
  • Writing TCPdump Filters

Course Prerequisites:

  • GSEC or equivalent experience
  • UNIX, Windows, Networking, and Security Experience
  • This is a hands-on skill course requiring comfort with command line interaction and network communications

Comments

Latest comments from students

User: Tosha

Instructor comments: Dave was an excellent instructor. He is very informative and knowledgeable in the course and the material. I have enjoyed the class and I would take another course with him as the instructor.

Facilities comments: Very nice and clean hotel.

User: buckey26

Instructor comments: Dave was one of the best instructors I have ever had for a tech course. He broke down everything to the point where you can understand it internally.

Liked the class?  Then let everyone know!

Welcome to TechNow!

Welcome to TechNow! The Leader in Information Security Training & Computer Training.

The world of information security and computer training is ever changing.  The techniques and systems continue to evolve and we must stay current and diligent.  To do this, you can count on TechNow®…the leader in cybersecurity training and computer system training.

TechNow® has been training the leaders in the computer community for many years.  We provide training for students in a number of areas.  Our cybersecurity trainings include popular courses like D0D 8140, Security , CISM, CISSP, CEH,CCNA, and more.  With over 34 years of experience, we’re able to provide you with unmatched training and certification programs.

TechNow also provides a variety of other popular trainings for the computer professional including Cisco, EC-Council, CompTIA, Unix/Linux and more.

.

Search Our Site

Upcoming Events

  • AZ-900: Microsoft Azure Fundamentals
    • 01/20/2026 – 01/23/2026
    • San Antonio
  • IT-113: IT Infrastructure Library (ITIL) v4 – Foundations Course
    • 01/20/2026 – 01/23/2026
    • San Antonio
  • PM-223: Introduction to Project Management
    • 01/20/2026 – 01/22/2026
    • San Antonio
  • CT-205: A+ Certification Course
    • 01/26/2026 – 01/30/2026
    • San Antonio
  • TN-125: Introduction to UNIX and Linux
    • 01/26/2026 – 01/30/2026
    • San Antonio
  • all events

    • in   

    VM-315: VMware Infrastructure: Install, Configure, and Manage

    Course Overview:

    This course explores the VMware Infrastructure, which consists of VMware ESX Server & VMware Virtual Center Server.  We will look at both the design environments and operational processes of the VMware Infrastructure. This course provides IT architects with the insight needed to tackle tough issues in server virtualization such as virtual machine technologies, storage infrastructure, and designing clustered environments. Extensive hands-on labs provide for a rich student experience.

    Attendees to VM-315: VMware Infrastructure: Install, Configure, and Manage will receive TechNow approved course materials and expert instruction.

    Dates/Locations:

    Date/Time Event
    03/16/2026 - 03/20/2026
    08:00 -16:00     		VM-315: VMware Infrastructure: Install, Configure, and Manage
    TechNow, Inc, San Antonio TX
    06/22/2026 - 06/26/2026
    08:00 -16:00     		VM-315: VMware Infrastructure: Install, Configure, and Manage
    TechNow, Inc, San Antonio TX
    09/28/2026 - 10/02/2026
    08:00 -16:00     		VM-315: VMware Infrastructure: Install, Configure, and Manage
    TechNow, Inc, San Antonio TX

    Duration: 5 Days

    Course Objectives:

    • Virtual Infrastructure Overview
    • ESX and ESXi Server Installation
    • Configuration of Networking, Scalability and Security
    • Storage
    • Install and Configure vCenter Server and Components
    • Creation, Deployment, Management, and Migration of Virtual Machines
    • Utilize vCenter Server  for Resource Management
    • Utilize vCenter Server for Virtual Machine Access Control and User Managment
    • Use vCenter Server to increase scalability
    • Monitoring Your Environment
    • Data & Availability Protection Troubleshooting

    • Use VMware vCenter Update Manager to apply ESXi patches

    • Use vCenter Server to manage vMotion, HA, DRS and data protection.

    Prerequisites:

    • To ensure your success, system administration experience on Microsoft or Linux operating systems is required.

    Comments

    Latest comments from students

    User: wolfdenise

    Instructor comments: The instructor was nice and kept us entertained while providing instruction.

    Facilities comments: The facility was nice, clean and easy to get to.

    User: asteeves@aol.com

    Instructor comments: knowledgeable but can get off subject at times

    Facilities comments: good

    Like the class?  Then let everyone know!

    Observations of Instructor Led Training with Real Hardware

    TechNow has heard many students talk about virtualized/remote training that TechNow Does Not Do.  While training our most recent offering of PA-215: Palo Alto Networks Firewall Essentials FastTrack a student told his story of how he endend up in our course.  His story we have heard for other technologies like Cisco, VMware, BlueCoat and other products.

    A large percentage of training is moving to the virtualized/remote lab environments.  Students are asked to use some variant of remote access software and remote into the training company's lab environment. Our student in our Palo Alto Networks Firewall course informed us that he went to a very costly offering of that course from the vendor and was not able to perform any labs.  There were either network connectivity issues, or issues with the remote access software, or other problems.  The whole training experience was very frustrating and not productive.

    We keep our labs open to students if they would like after hours, or before hours access.  Repeatedly going through a lab engrains that knowledge for later recall.  Touching hardware is so critical in understanding the problems that arise when a cable comes loose, or a cable gets plugged in the wrong port.  There are other scenarios such as just pulling the power cable, or turning off a power strip, or accidently overwriting a configuration.  These disaster scenarious requires hands-on physical access to hardware.  Preventing and recovering from disasters is what it's all about, and that requires hands-on, instructor led, real hardware.