TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies

 

Course Overview:

TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies is the big picture overview of a SOC, other courses provide a deep dive into the technologies that a SOC may utilize. This course addresses the internal workings of staff, skills required, required authorizations, internal agreements, and setting appropriate expectation levels of a SOC within budget constraints. A SOC is not a one size fits all, the instructor has decades of security experience and brings to the table opportunities to discuss what can work within constraints. Many organizations are coming to the realization that some level of a SOC is now required and to learn just what decisions need to be made: Out-sourced, In-sourced, budgets, capabilities and many more. Students leave with a worksheet of how to progress when they get back to their organization.

TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies – Is a course that incorporates lecture, demos, and group exercises for standing up a Security Operations Center (SOC). Students learn strategies and resources required to deploy, build, and run Network Security Monitoring (NSM) and work roles and flows for a SOC. No network is bullet proof and when attackers access your network, this course will show you options and resources to build a security net to detect, contain, and control the attacker. Examples on what it takes to architect an NSM solution to identify sophisticated attackers and a response strategy. Properly implemented detection and response technologies is integral to incident response and provides the responders timely information and tools to react to the incident. Effective demonstrations are given of Open Source technologies that build up a SOC, but any software can be used and demonstrations are provided to demonstrate technology families not push a specific solution.

TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies demonstrations utilize a cyber range that gives each student in-depth knowledge of monitoring live systems to include: Cisco, Windows, Linux, IoT, and Firewalls; and software and services to provide orchestrate Incident Response, Intelligence Analysis, and Hunt Operations.

Attendees to TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies class will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 2 Days

Course Objective:

    • To provide management an overview of what it takes to stand up a SOC.

Prerequisites:

  • Students should have an understanding of the security field.

Course Outline:

  • What threats does my organization care about?
  • What does a threat look like?
  • What does a threat look like?
  • How to present the SOC internally.
  • Communication with Stakeholders and Executives
    • Leveraging and integrating existing security measures
  • People
    • Establishing a skill matrix and work roles for SOC members
    • Establishing a training path
    • Personnel background requirementsProcesses
  • Processes
    • Alignment to standards: NIST, PCI, HIPAA, etc.
    • Risk related decision trees
    • Playbooks
    • Threat Intelligence Integration
  • Technology – Tool Suites to Support:
    • Ethical Hacking
    • Network Security Monitoring and SIEM
    • Forensics
    • Dashboards
    • Analysis and Hunting
    • Incident Management and Ticketing

 

Comments

Latest comments from students

 

Liked the class?  Then let everyone know!

VM-325: VMware View: Install, Configure and Manage

Course Overview:

This hands-on training course builds your skills in the VMware ViewTM suite of products: VMware View Manager, VMware View Composer, and VMware® ThinAppTM.  Based on customer specification, this course can be based on View 4.x or 5.x, and ThinApp 4.x or 5.x releases.

Attendees to VM-325: VMware View: Install, Configure and Manage will receive TechNow approved course materials and expert instruction.

At the end of this course, you should understand the features and operations of View and be able to:

  • Install and configure View components
  • Create and manage dedicated and floating desktop pools
  • Deploy and manage linked-clone virtual desktops
  • Configure and manage desktops that run in local mode
  • Configure secure access to desktops through a public network
  • Use ThinApp to package applications

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

  • Module 1: Course Introduction
  • Module 2: Introduction to VMware View
  • Module 3: View Connection Server
  • Module 4: View Desktops
  • Module 5: View Client Options
  • Module 6: View Administratory
  • Module 7: Configuring and Managing Linked Clones
  • Module 8: Local-Mode Desktops
  • Module 9: Command-Line Tools and Backup Options
  • Module 10: Managing VMware View Security
  • Module 11: View Manager Performance and Scalability
  • Module 12: VMware® ThinAppTM

Prerequisites:

  • VM-315: VMware Infrastructure: Install, Configure and Manage
  • Experience in Microsoft Windows Active Directory Administration
  • Experience with VMware vSphereTM
  • Before attending the course, students must be able to perform the following tasks:
    • Create a template in VMware vCenterTM Server and deploy a virtual machine from it
    • Modify a template customization file
    • Open a virtual machine console in vCenter Server and access the guest operating system
    • Configure Active Directory services

 

Comments

Latest comments from students

Liked the class?  Then let everyone know!

CT-325: Security+

 

Course Overview:

The CT-325: Security+ (SY0-701) class is the primary class you will need to take if your job responsibilities include securing network services, network devices, and network traffic. It will also help you prepare for the CompTIA Security+ examination (exam number SY0-701). In the CT-325: Security+ class you’ll build on your knowledge and professional experience with computer hardware, operating systems, and networks as you acquire the specific skills required to implement basic security services on any type of computer network.  Let us help you prepare for the CompTIA Security+ exam (SY0-701).

TechNow is a CompTIA partner and uses official CompTIA Security+ curriculum.

Attendees to CT-325: Security+ will receive TechNow approved course materials and TechNow expert instruction.

Document Flow Chart iconsm

Dates/Locations:

Date/Time Event
08/18/2025 - 08/22/2025
08:00 -16:00 		CT-325: Security+
TechNow, Inc, San Antonio TX
10/27/2025 - 10/31/2025
08:00 -20:00 		CT-325: Security+
TechNow, Inc, San Antonio TX
12/15/2025 - 12/19/2025
08:00 -16:00 		CT-325: Security+
TechNow, Inc, San Antonio TX

Duration: 5 Days

Course Objectives:

  • Compare and contrast attacks
  • Compare and contrast security controls
  • Use security assessment tools
  • Explain basic cryptography concepts
  • Implement a public key infrastructure
  • Implement identity and access management controls
  • Manage access services and accounts
  • Implement a secure network architecture
  • Install and configure security appliances
  • Install and configure wireless and physical access security
  • Deploy secure host, mobile, and embedded systems
  • Implement secure network access protocols
  • Implement secure network applications
  • Explain risk management and disaster recovery concepts
  • Describe secure application development concepts
  • Explain organizational security concepts

Prerequisites:

  • CompTIA A+ and Network+ certifications, or equivalent knowledge.
  • Windows 7/8/10 and Server 2008/2012/2016 experience required.
  • Six to nine months experience in networking, including experience in configuring & managing TCP/IP.

Comments

Latest comments from students

User: joshjepsen@hotmail.com

Instructor comments: Instructor was very knowledgeable on all the course content. There were some instances when I felt he streamlined through some of the material too quickly, such as going over how to identify types of attacks.

 

Liked the class?  Then let everyone know!

TN-335: Advanced Penetration Testing Using Open Source Tools

Course Overview:

This is an advanced course that assumes the attendee is a qualified security professional with experience using security tools and understands the concepts behind penetration testing. Courses that build up the expertise that enables a student to succeed in this course is Security+, CEH, CISSP, and any of the GIAC certifications. This course is completely hands-on and utilizes the BackTrack tool suite from backtrack-linux.org. The course covers, in detail, various attacks and tools that are contained in the BackTrack tool suite.

Attendees to TN-335: Advanced Penetration Testing Using Open Source Tools will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 days

Course Objectives:

  • Information Security and Open Source Software
  • Operating System Tools
  • Firewalls
  • Scanners
  • Vulnerability Scanners
  • Network Sniffers
  • Intrusion Detection Systems
  • Analysis and Management Tools
  • Encryption Tools
  • Wireless Tools
  • Forensic Tools
  • More on Open Source Software

Prerequisites:

  • Experience in IT Security
  • Solid basic knowledge of networks and TCP/IP
  • Experience in command line under Linux and Windows is required

 

Comments

Latest comments from students

Liked the class?  Then let everyone know!

Palo Alto Networks

TechNow has been involved in enterprise security architectures and education since 1990.  TechNow’s training program has followed the evolution of enterprise computing into security architectures.  Palo Alto Networks represents the current state of security product evolution.  With next generation firewall technology, the reunification of your security architecture is possible.  TechNow can present the ramifications of many centralized strategies.  All courses utilize enterprise security professionals with experience as instructors and can discuss the detail of implementation and the integration into an existing infrastructure.
Palo Alto Networks Certifications:  Accredited Configuration Engineer (ACE) take EDU-201; Palo Alto Networks Certified Network Security Engineer (PCNSE) take  EDU-201 + EDU-205 + EDU-221
TechNow is a mobile Pearson VUE Authorized Testing Center.  Palo Alto courses can be delivered on the customer site, with certificadtion testing on the last day of the course.  Take the course and get certfied, without  logistical effort of getting students to a training facility and the hassle of scheduling testing.
TechNow, Inc. is not associated in any way with Palo Alto Networks, Inc.
in