N-595: VoIP Security Analysis and Design

Course Overview:

As VoIP (Voice-over IP) is integrated into the operations of many missions, it is imperative to understand its security ramifications.  In the N-595: VoIP Security Analysis and Design class the objectives are designed for those who are chartered with the responsibility of securing networks and application environments that incorporate VoIP.   Topics include how VoIP works, its interactions with the network, its vulnerabilities and mitigations.  Focus is on leading open source and proprietary technologies utilizing Asterisk and Cisco and the protocols SIP, H.323, RTP, MGCP, and Skinny.  Other protocols such as Nortel's UNIStim will be addressed.  As for Cisco, security pieces in the VoIP CallManager servers, Catalyst switches, IOS-based routers, and ASA firewalls, amounts to several different platforms, each with its own management interface and lockdown procedures.   Various open source tools including those in BackTrack are used for VoIP attacks.  A task list of actions for securing enterprise VoIP is carried out in hands-on labs, performed on Cisco phones, routers, switches, and ASA firewalls.

Attendees to N-595: VoIP Security Analysis and Design will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

  • VoIP Architecture
  • VoIP Signaling and media protocols
  • Common VoIP authentication mechanisms
  • Common VoIP encryption techniques
  • VoIP protocol analysis with Wireshark
  • Maintaining QoS while mitigating DoS
  • VoXML, XML, and application integration security
  • Converged network security design and implementation
  • Impact of NAT and firewalls
  • SIP, H.323, and MGCP vulnerabilities
  • VPN, IPsec and SRTP to secure VoIP services
  • Penetration testing with open source tools
  • Attacks for Eavesdropping, call redirection, and DoS
  • Design of hacked firmware virtualization layer
  • Concise lockdown steps for network hardware and VoIP

Prerequisites:

  • This is an advanced Information Security Course which requires basic Windows & UNIX competency
  • Certification or 2 years of experience in these operating systems is highly recommended
  • As well as an understanding of TCP/IP

Comments

Latest comments from students

Liked the class?  Then let everyone know!

CT-215: Cloud+

 

Course Overview:

This course covers the knowledge and skills required to understand standard Cloud terminologies/methodologies, to implement, maintain, and deliver cloud technologies and infrastructures (e.g. server, network, storage, and virtualization technologies), and to understand aspects of IT security and use of industry best practices related to cloud implementations and the application of virtualization.

TechNow has worked worldwide enterprise infrastructures for over 20 years and has developed demos and labs to exemplify the techniques required to demonstrate cloud technologies and to effectively manage security in the cloud environment.

TechNow is a CompTIA partner and uses official CompTIA Cloud+ curriculum.

Attendees to CT-215: Cloud+ will receive TechNow approved course materials and expert instruction.

Date/Locations:

Date/Time Event
11/03/2025 - 11/07/2025
08:00 -16:00 		CT-215: Cloud+
TechNow, Inc, San Antonio TX

Course Duration: 5 days

Course Objectives:

  • Prepare to deploy cloud solutions
  • Deploy a pilot project
  • Test a pilot project deployment
  • Design a secure network for cloud deployment
  • Determine CPU and memory sizing for cloud deployments
  • Plan Identity and Access Management for cloud deployments
  • Analyze workload characteristics to ensure successful migration to the cloud
  • Secure systems to meet access requirements
  • Maintain cloud systems
  • Implement backup, restore, and business continuity measures
  • Analyze cloud systems for required performance
  • Analyze cloud systems for anomalies and growth forecasting
  • Troubleshoot deployment, capacity, automation, and orchestration issues
  • Troubleshoot connectivity issues
  • Troubleshoot security issues

Course Prerequisites:

  • Security+, Network+, CASP or equivalent experience
  • Managing or administering at least one of UNIX, Windows, Databases, networking, or security

Comments

Latest comments from students

 

Liked the class?  Then let everyone know!

TN-822: Certified Information Systems Auditor (CISA) Seminar

Course Overview:

The mark of excellence for a professional certification program is the value and recognition it bestows on the individual who achieves it.  The technical skills & practices the CISA promotes and evaluates are the building blocks of success in the field. Possessing the CISA designation demonstrates proficiency and is the basis for measurement in the profession.  With a growing demand for professionals possessing IS audit, control and security skills, CISA has become a preferred certification program by individuals and organizations around the world.  CISA certification signifies commitment to serving an organization and the IS audit, control and security industry with distinction.  This course will help the student prepare to obtain this credential.

Attendees to TN-822: Certified Information Systmes Auditor (CISA) Seminar will receive TechNow approved course materials and expert instruction.

Document Flow Chart iconsm

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

  • Information Systems Auditing Process (18%)
    • Providing industry-standard audit services to assist organizations in protecting and controlling information systems, Domain-1 affirms your credibility to offer conclusions on the state of an organization’s IS/IT security, risk and control solutions.
  • Governance & Management of IT (18%)
    • This domain confirms to stakeholders your abilities to identify critical issues and recommend enterprise-specific practices to support and safeguard the governance of information and related technologies.
  • Information Systems Acquisition, Development & Implementation  (12%)
    • Domains 3 and 4 offer proof not only of your competency in IT controls, but also your understanding of how IT relates to business.
  • Information Systems Operation & Business Resilience (26%)
    • Domains 3 and 4 offer proof not only of your competency in IT controls, but also your understanding of how IT relates to business.s.
  • Protection of Information Assets  (26%)
    • Cybersecurity now touches virtually every information systems role, and understanding its principles, best practices and pitfalls is a major focus within Domain 5.

Prerequisites:

A minimum of five years of professional information systems auditing, control & security work experienced is required.  Experience must have been gained within the 10-year period preceding the application date for certification, or within five years from the date of initially passing the examination.

Comments

Latest comments from students

User: fsarisen

Instructor comments: Thank you Tim for all the great information! I am confident that I'll do well on the ICND exam.

User: storoy30

Instructor comments: The instructor, Tim Burkard, was very knowledgeable on the course material and skilled at explain more complex ideas.

Liked the class?  Then let everyone Know!

AZ-500: Microsoft Azure Security Technologies

 

Course Overview:

Gain the knowledge and skills needed to implement security controls, maintain the security posture, and identify and remediate vulnerabilities by using a variety of security tools. The course covers scripting and automation, virtualization, and cloud N-tier architecture.

After completing this course, students will be able to describe specialized data classifications on Azure, Identify Azure data protection mechanisms, Implement Azure data encryption methods, Secure internet protocols and how to implement them on Azure, Describe Azure security services and features.

TechNow has worked worldwide enterprise infrastructures for over 20 years and has developed demos and labs to exemplify the techniques required to demonstrate cloud technologies and to effectively manage security in the cloud environment.

Attendees to AZ-500: Microsoft Azure Security Technologies will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Course Duration: 5 days

Course Outline:

  • Identity and access
    • Configure Azure Active Directory for Azure workloads and subscriptions
    • Configure Azure AD Privileged Identity Management
    • Configure security for an Azure subscription
  • Platform Protection
    • Understand cloud security
    • Build a network
    • Secure network
    • Implement host security
    • Implement platform security
    • Implement subscription security
  • Security Operations
    • Configure security services
    • Configure security policies by using Azure Security Center
    • Manage security alerts
    • Respond to and remediate security issues
    • Create security baselines
  • Data and Applications
    • Configure security policies to manage data
    • Configure security for data infrastructure
    • Configure encryption for data at rest
    • Understand application security
    • Implement security for application lifecycle
    • Secure applications
    • Configure and manage Azure Key Vault

Prerequisites :

      • AZ-900: Microsoft Azure Fundamentals
      • Students should have 1-2 years professional development experience and experience with Microsoft Azure.
      • Student must be able to program in an Azure Supported Language.

Comments

Latest comments from students

 

Liked the class?  Then let everyone know!

VM-345: VMware Infrastructure Security: VMware Install, Configure, and Manage with Security Objectives

 

Course Overview:

This course explores the VMware Infrastructure and related security, which consists of VMware ESX Server & VMware Virtual Center Server. We will look at both the design environments and operational processes of the VMware Infrastructure including security. This course provides IT architects with the insight needed to tackle tough issues in server virtualization such as virtual machine technologies, storage infrastructure, and designing clustered environments with security practices included. Extensive hands-on labs provide for a rich student experience.

Hypervisors and their supporting environment require attention to security due to the aggregated risk of hosting multiple virtual servers. This course explores the security of virtualized environments. Student configure ESXi by learning to manage the security and risk between ESXi, virtual servers and security integration of ESXi to the physical network infrastructure including appropriate segregation from other sensitive networks and management networks. How to configure virtual networks when some hosts are dual or multi homed, but internally segregate between the two or more connected networks with different security levels. Appropriate integration of zero-clients and thin clients. Configuration of defensive measures on hosts, servers, hypervisors within the virtual environment and practices for those guarding it externally. Integration of Active Directory and other AAA/CIA related services relative to a virtualized environment.

Students are also walked through DoD ESXi Security Technical Implementation Guide (STIG). Introduction to the impact of Intel Trusted Execution Technology integrated with ESXi to create a trusted platform for virtual machines. Additionally the instructor walks the students through NIST Special Publication 800-125A: Security Recommendations for Hypervisor Deployment on Servers, and NIST Special Publication 800-125B: Secure Virtual Network Configuration for Virtual Machine (VM) Protection.

Attendees to “VM-345: VMware Infrastructure Security: VMware Install, Configure, and Manage with Security Objectives” will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

• Virtual Infrastructure Overview
• ESX and ESXi Server Installation
• Configuration of Networking, Scalability and Security
• Storage
• Install and Configure vCenter Server and Components
• Creation, Deployment, Management, and Migration of Virtual Machines
• Utilize vCenter Server for Resource Management
• Utilize vCenter Server for Virtual Machine Access Control and User Managment
• Use vCenter Server to increase scalability
• Monitoring Your Environment
• Data & Availability Protection Troubleshooting
• Use VMware vCenter Update Manager to apply ESXi patches
• Use vCenter Server to manage vMotion, HA, DRS and data protection.