TN-565: Nessus Vulnerability & Compliance Auditing

Course Overview:

This course provides security professionals with the skills and knowledge to perform vulnerability and compliance scanning of supported operating systems, devices, and applications. Students will construct custom scan policies for topology discovery, network vulnerability detection, credentialed patch audits, and compliance benchmarks, and discuss the underlying technologies utilized by the Nessus scanner.

This course provides students with the necessary information to prepare for the Tenable Certified Nessus Auditor (TCNA) exam.

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

  • Introduction to Nessus and Vulnerability Scanning
  • Nessus Installation and Administration
  • Basic Nessus Scan Operation
  • Nessus Scan Configuration and Policy Creation
  • Vulnerability Analysis and Reporting with Nessus
  • Advanced Scan Configuration and Policy Creation
  • Introduction to Compliance and Auditing
  • Nessus Auditing Features
  • Windows System Auditing
  • Unix System Auditing
  • Cisco IOS Auditing
  • Nessus Database Auditing
  • Nessus Content Auditing
  • Auditing to Industry Guidelines
  • Auditing to Federal Guidelines

Prerequisites:

Students should possess a basic understanding of TCP/IP networking, operating systems security, and common client/server applications.

Comments

Latest comments from students

Liked the class?  Then let everyone know!

TN-345: Python for Penetration Testers

 

Course Overview:

 

This Python for Penetration Testing course is designed to give you the skills you need for maintaining or developing Python Penetration Testing tools oriented towards offensive operations.  We have a suite of courses and certifications that help  understand a problem, this course prepares the student to rapidly develop prototype code to attack or defend against it.

The course concludes with a Capture the Flag event that will test both your ability to apply your new tools and coding skills in a Python Penetration Testing challenge.

This course is not intended to be an Advanced Python course, but to exemplify penetration techniques utilizing Python.  The course covers Threading, Sockets, OOP, and third party modules that facilitate the offensive operator’s objective.

This course utilizes the “Violent Python” text book.

Attendees to TN-345: Python for Penetration Testers Class will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 3 Days

Course Objectives:

  • Python Lanuage Refress
  • Network Sockets
  • Exception Handling
  • Hashes and Cracking Passwords
  • Threading
    • Concepts and Python Implementation
    • Queues and Synchronization
    • urlparse and httplib to probe URLs
    • Crack a password protected zip file
  • Port Scanner
    • Threading a Port Scanner
  • nmap integration
  • Deploying shellcode
  • Mechanize, BeautifulSoup
    • HTTP Form Password Guessing
    • HTTP Proxies (Burp Suite)
    • HTTP Cookies Session Hijacking
      • CookieMonster
  • Images and Metadata
  • Justniffer
  • SQL Injection
    • sqlmap
    • SQLBrute
  • Antivirus and IDS evasion
    • PyInstaller
    • Metasploit
  • Scapy
    • Deploy shellcode
    • DNS Cache Poisoning
    • Packety Violence

Prerequisites:

Comments

Latest comments from students

  

Liked the class?  Then let everyone know!

PA-243: Palo Alto Networks Firewall Debug and Troubleshoot (EDU-311)

  

 

Course Overview: PA-243: Palo Alto Networks Firewall Debug and Troubleshoot is a three-day course on how to troubleshoot the full line of Palo Alto Networks next-generation firewalls. Students will receive hands-on experience troubleshooting the security, networking, threat prevention, logging, and reporting features of the Palo Alto Networks PAN-OS® operating system. Upon completion of this class, students will have an in-depth knowledge of how to troubleshoot visibility and control over applications, users, and content. This is not a virtualized theoretical course.  This is hands-on, real world instruction, directly relevant to the DoD and Commercial implementations of Palo Alto Networks next-generation firewalls.

Each student is issued a physical Palo Alto firewall and a Cisco layer 3 switch at their desk.  Real hardware per student for real experience and real skill development.  TechNow provides a very comprehensive client infrastructure that includes Windows, Linux, and multiple packet sniffer agents.

The instructor for this course has been a lead in Unix kernel development to implement firewall and intrusion detection technologies. Additionally, the instructor has taught several security appliance products and carries several SANS, ISC2, ISACA, Cisco, Unix, and Windows certifications.

Attendees to the PA-243: Palo Alto Networks Firewall Debug and Troubleshoot (EDU-311) Training Course will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 3 days

Course Objectives:   Students attending this foundational-level training course will gain an in-depth knowledge of how to configure and manage their Palo Alto Networks firewall, including hands-on experience in configuring the security, networking, threat prevention, logging, and reporting features of the Palo Alto Networks Operating System (PAN-OS).

Day 1

  • Module 0 – Introduction & Overview
  • Module 1: Troubleshooting
    • Methodology
  • Module 2: Platform
    • Comparisons When
    • Troubleshooting
  • Module 3: Flow Logic
  • Module 4: Administration
    • Troubleshooting

 

 

Day 2

  • Mod 5: Layer 3
    • Troubleshooting
  • Mod 6: Policy
    • Troubleshooting
  • Mod 7: User-ID™
    • Troubleshooting

Day 3

  • Mod 8: VPN
    • Troubleshooting
  • Mod 9: GlobalProtect™
    • Troubleshooting
  • Mod 10: Performance
    • Troubleshooting

 

Prerequisites:

This course is in no way associated with Palo Alto Networks, Inc.

Comments

Latest comments from students

Like the class?  Then let everyone know!