Course Overview:

A skills focus enables the student to better absorb the subject matter and perform successfully on the exam.   This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics of the attacks and the effectiveness.  Students then gain network experience and use sniffing to help exemplify the benefit of learning wired and wireless security configurations. The course concludes with exercising real attack strategies to demonstrate the techniques acquired throughout the course.

Attendees to TN-939:  Hacker Techniques, Exploits, and Incident Handling will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Duration: 9 days

Course Objectives:

  • Backdoors & Trojan Horses
  • Buffer Overflows
  • Covering Tracks: Networks
  • Covering Tracks: Systems
  • Denial of Service Attacks
  • Exploiting Systems Using Netcat
  • Format String Attacks
  • Incident Handling Overview and Preparation
  • Incident Handling Phase 2: Identification
  • Incident Handling Phase 3: Containment
  • Incident Handling: Recovering and Improving Capabilities
  • IP Address Spoofing
  • Network Sniffing
  • Password Attacks
  • Reconnaissance
  • Rootkits
  • Scanning: Host Discovery
  • Scanning: Network and Application Vulnerability scanning and tools
  • Scanning: Network Devices (Firewall rules determination, fragmentation, and IDS/IPS evasion)
  • Scanning: Service Discovery
  • Session Hijacking, Tools and Defenses
  • Types of Incidents
  • Virtual Machine Attacks
  • Web Application Attacks
  • Worms, Bots & Bot-Nets

Prerequisites:

  • GSEC or equivalent experience
  • UNIX, Windows, Networking, and Security Experience
  • This is a hands-on skill course requiring comfort with command line interaction and network communications

Comments

Latest comments from students


User: m_jurrens

Instructor comments: Both instructors Mr. Askey and Mr. Hackney, were very good. the open learning environment was extremely productive and I felt we all learned far more that we ever would out of a structured rote memorization course.


User: natebonds

Instructor comments: Both Mr. Askey and Hackney were extremely knowledgeable. They were also extremely interested in helping each student learn. I was particularly impressed with the way they tailored the course to optimize our time since we weren't testing. I feel like I know much much more than I did when the class started.

Facilities comments: The facilities were fine. I would have preferred it be closer to Lackland.


Liked the class?  Then let everyone know!

Course Overview:

A skills focus enables the student to better absorb the subject matter and perform successfully on the job.  This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs to secure Windows systems. Lecture and labs start with quick review of Active Directory and group policy to enforce security mechanisms within the Windows architecture.  Students then gain network experience and use sniffing to help exemplify the benefit of learning wired and wireless security configurations.  PowerShell is made for SecOps/DevOps automation and students will learn to write PowerShell scripts to automate security operations and Desired State Configuration (DSC).  The course concludes with exercising real attack strategies to demonstrate the effectives of properly securing your host.

Attendees to TN-969: Windows Security Administrator course will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

  • Active Directory and BloodHound
  • Security Controls
  • PKI
  • Encryption
  • Wireless & Network Security and Hardening DNS
  • 802.1x and Endpoint Protection
  • Firewalls and VPN
  • PowerShell Scripting
  • JEA, DSC, Enterprise Security with PowerShell
  • Windows Attack Strategies

Prerequisites:

  • Security+
  • Windows System Administration Skills

 

Comments

Latest comments from students


User: bbrabender

Instructor comments: Instructor was very knowledgeable and help more inexperienced users with concepts as well explaining in a way that can be understood.

Facilities comments: N/A


User: dale.r.anderson

Instructor comments: Instructor was well knowlegeable accross alot of domains.

Facilities comments: Pretty good


Liked the class?  Then let everyone know!

After you press "Request Registration" near the bottom of this form, within 30 seconds, status will be provided at the bottom of the form, you will also be contacted by phone for credit card information.

Tech Now is pleased to have the opportunity to provide you training for "Windows Security Automation and Threat Hunting with PowerShell” at CheddarCon 2018!

Scroll down to see the course description.

First Name*
Last Name*
Your Email*
Your Organization*
Phone*

Questions:

After you press "Request Registration" on this form, within 30 seconds, status will be provided at the bottom of the form, you will also be contacted by phone for credit card information.

Windows Security Automation and Threat Hunting with PowerShell Seminar

Location: 400 W Wisconsin Ave, Milwaukee, WI 53203, USA

Date: October 10, 2018 8:00am – 4:00pm

Duration: 8 hours

Audience: Cyber Security professionals and Windows administrators

Attendees Environment: Laptops not required, but suggested to have better hands-on absorption of subject matter.

Description:
PowerShell is both a command-line shell and scripting language. Fight fires quickly using existing or custom PowerShell commands or scripts at the shell. PowerShell is made for Security Operations (SecOps) automation on Windows. This seminar does not require prior programming skills. The seminar focuses on PowerShell programming, giving a beginner skills to be productive in windows scripting to automate tasks and also remediate problems.

Cyber Security is the objective of this seminar, and the PowerShell examples will demonstrate PowerShell capabilities that help lock down a Windows system and also report security status.

Objectives:

PowerShell Overview

  • Getting started running commands
  • Security cmdlets
  • Using and updating the built-in help
  • Execution policies
  • Fun tricks with the ISE graphical editor
  • Piping .NET and COM objects, not text
  • Using properties and methods of objects
  • Helping Linux admins feel more at home
  • Aliases, cmdlets, functions, modules, etc.

PowerShell Utilities and Tips

  • Customizing your profile script
  • PowerShell remote command execution
  • Security setting across the network
  • File copy via PowerShell remoting
  • Capturing the output of commands
  • Parsing text files and logs with regex patterns
  • Parsing Security Logs
  • Searching remote event logs
  • Mounting the registry as a drive
  • Security settings in the Registry
  • Exporting data to CSV, HTML and JSON files
  • Running scripts as scheduled jobs
  • Continued Security Compliance
  • Pushing out scripts through Group Policy
  • Importing modules and dot-sourcing functions
  • http://www.PowerShellGallery.com

PowerShell Scripting

  • PowerShell Scripting to implement Security Practices
  • Writing your own functions to automate security status and settings
  • Passing arguments into your scripts
  • Function parameters and returning output
  • Flow control: if-then, foreach, that make security decisions
  • How to pipe data in/out of your scripts for security compliance and reporting

Attendees to this seminar, Windows Security Automation and Threat Hunting with PowerShell, will receive TechNow approved course materials and expert instruction.[/wr_text][/wr_column][/wr_row]

Course Overview:

This course is designed for professionals that are expected to do malware analysis. A skills focus enables the student to better absorb the subject matter and perform successfully on the job.   This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics Reverse Engineering Malware.

Attendees to TN-999: Reverse Engineering Malware will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

  • Toolkit and Lab Assembly
  • Malware Code and Behavioral Analysis Fundamentals
  • Malicious Static and Dynamic Code Analysis
  • Collecting/Probing System and Network Activities
  • Analysis of Malicious Document Files
  • Analyzing Protected Executables
  • Analyzing Web-Based Malware
  • DLL Construction and API Hooking
  • Common Windows Malware Characteristics in x86 Assembly
  • Unpacking Protected Malware
  • In-Depth Analysis of Malicious Browser Scripts, Flash Programs and Office
  • In-Depth Analysis of Malicious Executables
  • Windows x86 Assembly Code Concepts for Revers-Engineering Memory Forensics for Rootkit Analysis

Prerequisites:

  • Strong understanding of core systems and network concepts
  • Exposure to programming and assembly concepts
  • Comfortable with command line access

Comments

Latest comments from students



User: marcus.osullivan

Instructor comments: Good stuff. I like the beginning half where there was help from an additional instructor to facilitate fixing computer errors that inevitably popped up.

Facilities comments: The baby deer were neat! I like the resort.


Liked the class?  Then let everyone know!

Course Overview:

This is a hands-on course that covers many of the concepts of securing the perimeter of an organization. This includes concepts such as intrusion detection, packet filtering, and central logging.

A skills focus enables the student to better absorb the subject matter and perform better on the job.   This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics of Firewalls.

This course is an excellent precursor to PA-215 Palo Alto Firewall Essentials FastTrack.

Attendees to TN-949: Certified Firewall Analyst Prep will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

  • Analyzing Network and Wireless Design
  • Creating and Auditing a Rulebase
  • Firewall Assessment and Penetration Testing
  • Host-Based Detection and DLP
  • Incident Detection and Analysis
  • IOS and Router Security
  • IPv6 and ICMPv6
  • Log Collection and Analysis
  • NAT and Proxies
  • Netfilter IPtables
  • Network Access Control
  • Network-Based Intrusion Detection
  • Packet Filters and Inspection
  • Packet Fragmentation
  • Perimeter Concepts and IP Fundamentals
  • Securing Hosts and Services
  • TCP/IP Protocols
  • VPN Design and Auditing
  • VPN Implementation

Course Prerequisites:

  • GSEC or equivalent experience
  • UNIX, Windows, networking and security  experience
  • This is a hands-on skill course requiring comfort with command line interaction and network communications

Comments

Latest comments from students


Liked the class?  Then let everyone know!