CT-405: PenTest+

Course Overview:

PenTest+ is an intermediate-level certification for cybersecurity professionals who are tasked with penetration testing to identify, exploit, report, and manage vulnerabilities on a network. PenTest+ is at the same certification level as CT-395: CySA+. Depending on your course of study, PenTest+ and CySA+ can be taken in any order, but typically follow the skills learned in CT-325: Security+. PenTest+ focuses on offense through penetration testing and vulnerability assessment while CySA+ focuses on defense through incident detection and response. The most qualified cybersecurity professionals have both offensive and defensive skills. Attend Tech Now training for hands-on, instructor led course to prepare you for the CompTIA PT0-002 exam. This exam is hands-on, performance-based questions and multiple choice, to ensure each candidate possesses the skills, knowledge, and ability to perform tasks on systems.

What’s Included:

5 days of instructor led in classroom training
Labs
PenTest+ Courseware
Exam Voucher
PenTest+ onsite exam scheduling

Course Objectives:

Plan and scope penetration tests
Conduct passive reconnaissance
Perform non-technical tests to gather information
Conduct active reconnaissance
Analyze vulnerabilities
Penetrate networks
Exploit host-based vulnerabilities
Test application
Complete post-exploit tasks
Analyze and report pen test results

Dates/Locations:

No Events

Duration: 5 Days

Course Content:

- Module 01. Planning and Scoping Penetration Tests
- Module 02. Conducting Passive Reconnaissance
- Module 03. Performing Non-Technical Tests
- Module 04. Conducting Active Reconnaissance
- Module 05. Analyzing Vulnerabilities
- Module 06. Penetrating Networks
- Module 07. Exploiting Host-Based Vulnerabilities
- Module 08. Testing Applications
- Module 09. Completing Post-Exploit Tasks
- Module 10. Analyzing and Reporting Pen Test Results

Prerequisites:

- - CT-225: Network+
  - CT-325: Security+
  - 3-4 years of hands-on information security or related experience

Target Audience:

This course is designed for cybersecurity professionals tasked with penetration testing and vulnerability management.

Comments

Latest comments from students

Liked the class? Then let everyone know!

N-505: CISCO DoD Comply to Connect (C2C)

Course Overview:

Cisco DoD Comply-to-Connect (C2C) course teaches you how to implement and deploy a Department of Defense (DoD) Comply-to-Connect network architecture using Cisco Identity Services Engine (ISE). This training covers implementation of 802.1X for both wired and wireless devices and how Cisco ISE uses that information to apply policy control and enforcement. Additionally, other topics like supplicants, non-supplicants, ISE profiler, authentication, authorization, and accounting (AAA) and public key infrastructure (PKI) support, reporting and troubleshooting are covered. Finally, C2C specific use case scenarios are covered.

This training also earns you 32 Continuing Education (CE) credits toward recertification.

Dates/Locations:

No Events

Duration: 5 days

Course Outline:

Section 1: C2C Fundamentals

Comply to Connect Overview
From C2C to ZTA
Steps to Implement C2C

Section 2: Cisco Identity-Based Networking Services

Cisco IBNS Overview
AAA Role in Cisco IBNS
Compare Cisco IBNS and Cisco ISE Solutions
Explore Cisco IBNS Architecture Components

Section 3: Introducing Cisco ISE Architecture

Cisco ISE as a Network Access Policy Engine
Cisco ISE Use Cases
Cisco ISE Functions

Section 4: Introducing Cisco ISE Deployment

Cisco ISE Deployment Models
Cisco ISE Licensing and Network Requirements
Cisco ISE Context Visibility Features
New Features in Cisco ISE 3.X

Section 5: Introducing Cisco ISE Policy Enforcement Components

802.1X for Wired and Wireless Access
MAC Authentication Bypass for Wired and Wireless Access
Identity Management
Active Directory Identity Source
Additional Identity Sources
Certificate Services

Section 6: Introducing Cisco ISE Policy Configuration

Cisco ISE Policy
Cisco ISE Authentication Rules
Cisco ISE Authorization Rules

Section 7: PKI and Advanced Supplicants

Public Key Infrastructure (PKI)
TEAP in Comply to Connect (C2C)
Secure Client ISE features and Configuration for C2C

Section 8: Introducing the Cisco ISE Profiler

Web Access with Cisco ISE
ISE Profiler
Cisco ISE Probes
Profiling Policy
Custom Attributes in Profile

Section 9: Introducing Cisco ISE Endpoint Compliance Services

Endpoint Compliance Services Overview

Section 10: Configuring Client Posture Services and Compliance

Client Posture Services and Provisioning Configuration

Section 11: Introducing Profiling Best Practices and Reporting

Profiling Best Practices

Section 12: C2C Use Cases

Cisco CX ISE Reporting Tool
ISE Reporting
ISE Hardening
Profiling Best Practices for C2C

Section 13: C2C Third-Party Integrations-Tenable

Tenable Use Case
Tenable Overview and Capabilities
Tenable Integration Prerequisites
Tenable Integration Configuration
Policy Design
Policy Enforcement
Enforcement Verification

Section 14: C2C Third-Party Integrations-MECM

MECM Use Case
MECM Overview and Capabilities
MECM Integration Prerequisites
MECM Integration Configuration
Policy Design
Policy Enforcement
Enforcement Verification

Section 15: C2C Third-Party Integrations-Trellix

Trellix Use Case
Trellix Overview and Capabilities
Trellix Integration Prerequisites
Trellix Integration Configuration
Policy Enforcement
Enforcement Verification

Section 16: Troubleshooting Cisco ISE Policy and Third-Party NAD

Cisco ISE Third-Party Network Access Device Support
Troubleshooting Cisco ISE Policy Configuration

Section 17: Exploring Cisco TrustSec

Cisco TrustSec Overview
Cisco TrustSec Enhancements
Cisco TrustSec Configuration

Section 18: Working with Network Access Devices

Reviewing AAA
Cisco ISE TACACS+ Device Administration
Configuring TACACS+ Device Administration
TACACS+ Device Administration Guidelines and Best Practices

Course Prerequisites:

There are no prerequisites for this training. However, the knowledge and skills you are recommended to have before attending this training are:

Familiarity with 802.1X
Familiarity with Microsoft Windows Operating Systems
Familiarity with Cisco IOS CLI for wired and wireless network devices
Familiarity with Cisco Identity Service Engine

TN-565: Nessus Vulnerability & Compliance Auditing

Course Overview:

This course provides security professionals with the skills and knowledge to perform vulnerability and compliance scanning of supported operating systems, devices, and applications. Students will construct custom scan policies for topology discovery, network vulnerability detection, credentialed patch audits, and compliance benchmarks, and discuss the underlying technologies utilized by the Nessus scanner.

This course provides students with the necessary information to prepare for the Tenable Certified Nessus Auditor (TCNA) exam.

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

Introduction to Nessus and Vulnerability Scanning
Nessus Installation and Administration
Basic Nessus Scan Operation
Nessus Scan Configuration and Policy Creation
Vulnerability Analysis and Reporting with Nessus
Advanced Scan Configuration and Policy Creation
Introduction to Compliance and Auditing
Nessus Auditing Features
Windows System Auditing
Unix System Auditing
Cisco IOS Auditing
Nessus Database Auditing
Nessus Content Auditing
Auditing to Industry Guidelines
Auditing to Federal Guidelines

Prerequisites:

Students should possess a basic understanding of TCP/IP networking, operating systems security, and common client/server applications.

Comments

Latest comments from students

Liked the class? Then let everyone know!

DoD 8570

DoD 8570 Training

The Department of Defense requires that all information assurance personnel must become compliant with IT and security certification standards.

DoD 8570 training, also called Information Assurance training, is available through TechNow to provide you with the certification that is required. Your DoD 8570 training ( information assurance training ) at TechNow will provide you with all of the courses necessary to receive your DoD 8570.01-M certification.

Ongoing open enrollment through TechNow is availble for our DoD 8570.01-M courses.

Please review the full & updated DoD approved IA baseline certifications aligned to each category & level of the IA workforce:

Note: The Certifications in red are recently added to approved list as of 2/4/19

For further information or to schedule for classes, call us at 800-324-2294

TN-335: Advanced Penetration Testing Using Open Source Tools

Course Overview:

This is an advanced course that assumes the attendee is a qualified security professional with experience using security tools and understands the concepts behind penetration testing. Courses that build up the expertise that enables a student to succeed in this course is Security+, CEH, CISSP, and any of the GIAC certifications. This course is completely hands-on and utilizes the BackTrack tool suite from backtrack-linux.org. The course covers, in detail, various attacks and tools that are contained in the BackTrack tool suite.

Attendees to TN-335: Advanced Penetration Testing Using Open Source Tools will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 days

Course Objectives:

Information Security and Open Source Software
Operating System Tools
Firewalls
Scanners
Vulnerability Scanners
Network Sniffers
Intrusion Detection Systems
Analysis and Management Tools
Encryption Tools
Wireless Tools
Forensic Tools
More on Open Source Software