Palo Alto Networks
CompTIA
Unix/Linux
Project Management
Virtualization/Cloud
Security
Cisco
Microsoft
Business
Dod 8140 Training
Programming
Specialized
Working with the TechNow lab for the PA-215: Palo Alto Networks Firewall Essentials FastTrack course has been nothing less than a techie's idea of fun. When students come in we are immediatly configuring the Cisco 3750 switches for access ports, VLANS, and trunks. We then cable the switch to the Palo Alto Networks Firewall. Each student gets their own Palo Alto Firewall Pod of hardware and software. What we find as fun is the VLAN environment, with an array of virtual machines hosted on an ESXi server that can really exercise the abilities of the Palo Alto Firewall. The DMZ VLAN hosts virtual machines that support enterprise services and also potentialy vulnerable web services. The Trust VLAN has Windows and Linux clients. The UnTrust VLAN has Web services and a VM of Kali. The hardware Firewall is additionally connected to a Management VLAN. All those VLANs are trunked into an ESXi server where the student also has a VM-Series Palo Alto Networks Firewall for High Availability.
After configuring all the trunking, VLANs, and network interfaces we learn about the firewall and configure it for the lab environment. Using Metasploitable and Kali/Metasploit nefarious penetration attempts are executed. Using packet captures, custom APP-ID's and custom signatures are generated. Custom logging and reporting are created to similate and enterprise and assist the desired Incident Response. It is always fun in a training environment to learn all about the controls available in a product, even though specific controls may not be used in the operational environment. In the end we have a good understanding of the Palo Alto Networks Firewall.
Windows Security Automation and Threat Hunting with PowerShell Seminar
Location: 400 W Wisconsin Ave, Milwaukee, WI 53203, USA
Date: October 10, 2018 8:00am – 4:00pm
Duration: 8 hours
Audience: Cyber Security professionals and Windows administrators
Attendees Environment: Laptops not required, but suggested to have better hands-on absorption of subject matter.
Description:
PowerShell is both a command-line shell and scripting language. Fight fires quickly using existing or custom PowerShell commands or scripts at the shell. PowerShell is made for Security Operations (SecOps) automation on Windows. This seminar does not require prior programming skills. The seminar focuses on PowerShell programming, giving a beginner skills to be productive in windows scripting to automate tasks and also remediate problems.
Cyber Security is the objective of this seminar, and the PowerShell examples will demonstrate PowerShell capabilities that help lock down a Windows system and also report security status.
Objectives:
PowerShell Overview
- Getting started running commands
- Security cmdlets
- Using and updating the built-in help
- Execution policies
- Fun tricks with the ISE graphical editor
- Piping .NET and COM objects, not text
- Using properties and methods of objects
- Helping Linux admins feel more at home
- Aliases, cmdlets, functions, modules, etc.
PowerShell Utilities and Tips
- Customizing your profile script
- PowerShell remote command execution
- Security setting across the network
- File copy via PowerShell remoting
- Capturing the output of commands
- Parsing text files and logs with regex patterns
- Parsing Security Logs
- Searching remote event logs
- Mounting the registry as a drive
- Security settings in the Registry
- Exporting data to CSV, HTML and JSON files
- Running scripts as scheduled jobs
- Continued Security Compliance
- Pushing out scripts through Group Policy
- Importing modules and dot-sourcing functions
- http://www.PowerShellGallery.com
PowerShell Scripting
- PowerShell Scripting to implement Security Practices
- Writing your own functions to automate security status and settings
- Passing arguments into your scripts
- Function parameters and returning output
- Flow control: if-then, foreach, that make security decisions
- How to pipe data in/out of your scripts for security compliance and reporting
Attendees to this seminar, Windows Security Automation and Threat Hunting with PowerShell, will receive TechNow approved course materials and expert instruction.[/wr_text][/wr_column][/wr_row]
TechNow is in no way associated with SANS or GIAC, but has courses that are similar in subject matter:
- TN-345: Python for Penetration Testers
- TN-865: Wireshark Network Traffic and Security Analysis
- TN-901: Linux for Security Professionals
- TN-909: Windows Forensic Analysis
- TN-913: Cloud Security Fundamentals
- TN-919: Penetration Tester Course
- TN-929: Security Essentials Training Course
- TN-939: Hacker Techniques, Exploits, and Incident Handling Course
- TN-949: Certified Firewall Analyst Course
- TN-959: UNIX Security Administrator Course
- TN-969: Windows Security Administrator Course
- TN-979: Intrusion Analyst Course
- TN-989: Advanced Penetration Testing, Exploits, and Ethical Hacking Course
- TN-999: Reverse Engineering Malware Course
Course Overview:
TechNow’s CCSP Certification Preparation Seminar is an accelerated course designed to meet the high demands of the information security industry by preparing students for the industry standard Certified Cloud Security Professional exam. The exam covers (ISC)²’s 6 Domains from the Common Body of Knowledge, which encompass the whole of cloud security.
This course is an intense 5 day program. TechNow has a proven training and certification track record that you can depend on. CCSP test is 125 questions that typically require more comprehension than CISSP questions. The instructor takes time to walk through scenarios that assume comprehensive knowledge of enterprise infrastructures.
Attendees to CL-315: CCSP Certification Preparation Seminar will receive TechNow approved course materials and expert instruction.
The 6 domains of the CCSP CBK:
- Architectural Concepts & Design Requirements
- Cloud Data Security
- Cloud Platform & Infrastructure Security
- Cloud Application Security
- Operations
- Legal & Compliance
Duration: 5 days
Audience: Mid-level to advanced professionals involved with IT architecture, web and cloud security engineering, information security, governance, risk and compliance, and even IT auditing. CCSPs will be responsible for cloud security architecture, design, operations, and/or service orchestration.
DoD 8140: Not Mandated
Course Prerequisites: IT professional with 5 years of experience, 3 years of security experience, and at least 1 year of cloud security experience. GSEC, CISSP, CASP or equivalent experience in managing enterprise infrastructures. CCSP test is 125 questions that typically require more comprehension than CISSP questions. This course is for those who are already qualified at the enterprise level for IT infrastructures, have Cloud experience, and are looking for a Cloud Security certification.
Course Objectives:
Domain 1: Architectural Concepts and Design Requirements
- Module 1: Understand cloud computing concepts
- Module 2: Describe cloud reference architecture
- Module 3: Understand security concepts relevant to cloud computing
- Module 4: Understand design principles of secure cloud computing
- Module 5: Identify trusted cloud services
Domain 2: Cloud Data Security
- Module 1: Understand Cloud Data Life Cycle
- Module 2: Design and Implement Cloud Data Storage Architectures
- Module 3: Understand and implement Data Discovery and Classification Technologies
- Module 4: Design and Implement Relevant Jurisdictional Data Protection for Personally Identifiable Information (PII)
- Module 5: Design and implement Data Rights Management
- Module 6: Plan and Implement Data Retention, Deletion, and Archival policies
- Module 7: Design and Implement Auditability, Traceability, and Accountability of Data Events
Domain 3: Cloud Platform Infrastructure Security
- Module 1: Comprehend Cloud Infrastructure Comp
- Module 2: Analyze Risks Associated to Cloud Infrastructure
- Module 3: Design and Plan Security Controls
- Module 4: Plans Disaster Recovery & Business Continuity Management
Domain 4: Cloud Application Security
- Module 1: Recognize Need for Training and Awareness in Application Security
- Module 2: Understand Cloud Software Assurance and Validation
- Module 3: Use Verified Secure Software
- Module 4: Comprehend the Software Development Life Cycle (SDLC) Process
- Module 5: Apply the Secure Software Development Life Cycle
- Module 6: Comprehend the Specifics of Cloud Application Architecture
- Module 7: Design Appropriate Identity and Access Management (IAM) Solutions
Domain 5: Operations
- Module 1: Support the Planning Process for the Data Center Design
- Module 2: Implement and Build Physical Infrastructure for Cloud Environment
- Module 3: Run Physical Infrastructure for Cloud Environment
- Module 4: Manage Physical Infrastructure for Cloud Environment
- Module 5: Build Logical Infrastructure for Cloud Environment
- Module 6: Run Logical Infrastructure for Cloud Environment
- Module 7: Manage Logical Infrastructure for Cloud Environment
- Module 8: Ensure Compliance with Regulations and Controls
- Module 9: Conduct Risk Assessment to Logical and Physical Infrastructure
- Module 10: Understand the Collection and Preservation of Digital Evidence
- Module 11: Manage Communications with Relevant Parties
Domain 6: Legal and Compliance
- Module 1: Understand Legal Requirements and Unique Risks Within the Cloud Environment
- Module 2: Understand Privacy Issues, Including Jurisdictional Variances
- Module 3: Understand Audit Process, Methodologies, and Required Adaptions for a Cloud Environment
- Module 4: Understand Implication of Cloud to Enterprise Risk Management
- Module 5: Understand Outsourcing and Cloud Contract Design
- Module 6: Execute Vendor Management
Dates/Locations:
No Events