Course Overview:
This course provides security professionals with the skills and knowledge to perform vulnerability and compliance scanning of supported operating systems, devices, and applications. Students will construct custom scan policies for topology discovery, network vulnerability detection, credentialed patch audits, and compliance benchmarks, and discuss the underlying technologies utilized by the Nessus scanner.
This course provides students with the necessary information to prepare for the Tenable Certified Nessus Auditor (TCNA) exam.
Date/Locations:
Duration: 5 days
Course Objectives:
- Introduction to Nessus and Vulnerability Scanning
- Nessus Installation and Administration
- Basic Nessus Scan Operation
- Nessus Scan Configuration and Policy Creation
- Vulnerability Analysis and Reporting with Nessus
- Advanced Scan Configuration and Policy Creation
- Introduction to Compliance and Auditing
- Nessus Auditing Features
- Windows System Auditing
- Unix System Auditing
- Cisco IOS Auditing
- Nessus Database Auditing
- Nessus Content Auditing
- Auditing to Industry Guidelines
- Auditing to Federal Guidelines
Prerequisites:
Students should possess a basic understanding of TCP/IP networking, operating systems security, and common client/server applications.
Comments
Latest comments from students
Liked the class? Then let everyone know!
TechNow has heard many students talk about virtualized/remote training that TechNow Does Not Do. While training our most recent offering of PA-215: Palo Alto Networks Firewall Essentials FastTrack a student told his story of how he endend up in our course. His story we have heard for other technologies like Cisco, VMware, BlueCoat and other products.
A large percentage of training is moving to the virtualized/remote lab environments. Students are asked to use some variant of remote access software and remote into the training company's lab environment. Our student in our Palo Alto Networks Firewall course informed us that he went to a very costly offering of that course from the vendor and was not able to perform any labs. There were either network connectivity issues, or issues with the remote access software, or other problems. The whole training experience was very frustrating and not productive.
We keep our labs open to students if they would like after hours, or before hours access. Repeatedly going through a lab engrains that knowledge for later recall. Touching hardware is so critical in understanding the problems that arise when a cable comes loose, or a cable gets plugged in the wrong port. There are other scenarios such as just pulling the power cable, or turning off a power strip, or accidently overwriting a configuration. These disaster scenarious requires hands-on physical access to hardware. Preventing and recovering from disasters is what it's all about, and that requires hands-on, instructor led, real hardware.
Course Overview:
This course engages students by providing in-depth knowledge of the most prominent and powerful attack vectors and an environment to perform these attacks in numerous hands-on scenarios. This course goes far beyond simple scanning for low-hanging fruit, and shows penetration testers how to model the abilities of an advanced attacker to find significant flaws in a target environment and demonstrate the business risk associated with these flaws.
A skills focus enables the student to better absorb the subject matter and perform successfully on the job. This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics of the attacks and the effectiveness.
Attendees to TN-989: Advanced Penetration Testing, Exploits, and Ethical Hacking course will receive TechNow approved course materials and expert instruction.
Date/Locations:
Course Duration: 5 days
Course Objectives:
- Accessing the Network
- Advanced Fuzzing Techniques
- Advanced Stack Smashing
- Attacking the Windows Domain – Enumeration
- Attacking the Windows Domain – Restricted Desktops
- Attacking the Windows Domain – The Attacks
- Building a Metasploit Module
- Crypto for Penetration Testers
- Exploiting the Network
- Fuzzing Introduction and Operation
- Introduction to Memory and Dynamic Linux Memory
- Introduction to Windows Exploitation
- Manipulating the Network
- Python and Scapy For Penetration Testers
- Shellcode
- Smashing the Stack
- Windows Heap Overflow Introduction
- Windows Overflows
Course Prerequisites:
- GSEC or equivalent experience
- UNIX, Windows, Networking, and Security Experience
- This is a hands-on skill course requiring comfort with command line interaction and network communications
Comments
Latest comments from students
User: ryanv
Instructor comments: Great.
Facilities comments: N/A. Hotel.
User: sean.hollinger
Instructor comments: Instructor is technically knowledgeable as he has been on every course I've taken with TechNow.
Facilities comments: adequate
Liked the class? Then let everyone know!
TechNow has 26 years of courseware deveopment with a huge library of course material. If our standard courses are just not quite right for what you require, we can provide customized training to meet your needs! We have serviced many request for training that is aligned to customer business operations. Additionally, our security related courses can provide concise direction on how to build security programs and/or address gaps in your existing security programs. TechNow strives for 100% customer satisfaction, and customized classes is one method that TechNow uses to achieve that goal.
Together, our Classroom in a Box service and the customized class service can provide highly targeted training to your team at your location.
If you are interested in more information regarding our customized training, contact us at 800-324-2294