Course Overview:

This course is designed for professionals that are expected to do malware analysis. A skills focus enables the student to better absorb the subject matter and perform successfully on the job.   This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics Reverse Engineering Malware.

Attendees to TN-999: Reverse Engineering Malware will receive TechNow approved course materials and expert instruction.

Date/Locations:

Duration: 5 days

Course Objectives:

• Toolkit and Lab Assembly
• Malware Code and Behavioral Analysis Fundamentals
• Malicious Static and Dynamic Code Analysis
• Collecting/Probing System and Network Activities
• Analysis of Malicious Document Files
• Analyzing Protected Executables
• Analyzing Web-Based Malware
• DLL Construction and API Hooking
• Common Windows Malware Characteristics in x86 Assembly
• Unpacking Protected Malware
• In-Depth Analysis of Malicious Browser Scripts, Flash Programs and Office
• In-Depth Analysis of Malicious Executables
• Windows x86 Assembly Code Concepts for Revers-Engineering Memory Forensics for Rootkit Analysis

Prerequisites:

• Strong understanding of core systems and network concepts
• Exposure to programming and assembly concepts
• Comfortable with command line access

Comments

Latest comments from students

User: marcus.osullivan

Instructor comments: Good stuff. I like the beginning half where there was help from an additional instructor to facilitate fixing computer errors that inevitably popped up.

Facilities comments: The baby deer were neat! I like the resort.

Liked the class?  Then let everyone know!

Course Overview:

A skills focus enables the student to better absorb the subject matter and perform successfully on the job.  This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs to secure Windows systems. Lecture and labs start with quick review of Active Directory and group policy to enforce security mechanisms within the Windows architecture.  Students then gain network experience and use sniffing to help exemplify the benefit of learning wired and wireless security configurations.  PowerShell is made for SecOps/DevOps automation and students will learn to write PowerShell scripts to automate security operations and Desired State Configuration (DSC).  The course concludes with exercising real attack strategies to demonstrate the effectives of properly securing your host.

Attendees to TN-969: Windows Security Administrator course will receive TechNow approved course materials and expert instruction.

Date/Locations:

Duration: 5 days

Course Objectives:

• Active Directory and BloodHound
• Security Controls
• PKI
• Encryption
• Wireless & Network Security and Hardening DNS
• 802.1x and Endpoint Protection
• Firewalls and VPN
• PowerShell Scripting
• JEA, DSC, Enterprise Security with PowerShell
• Windows Attack Strategies

Prerequisites:

• Security+
• Windows System Administration Skills

Comments

Latest comments from students

User: bbrabender

Instructor comments: Instructor was very knowledgeable and help more inexperienced users with concepts as well explaining in a way that can be understood.

Facilities comments: N/A

User: dale.r.anderson

Instructor comments: Instructor was well knowlegeable accross alot of domains.

Facilities comments: Pretty good

Liked the class?  Then let everyone know!