CL-425: AWS Security Operations and Architecture

Course Overview:

This course begins by introducing you to fundamental cloud computing and AWS security concepts including AWS access control and management, governance, logging, and encryption methods. It also covers security-related compliance protocols and risk management strategies, as well as procedures related to auditing your AWS security infrastructure.

The course continues to teach students how to efficiently use AWS security services to stay secure and compliant in the AWS cloud. The course focuses on the AWS-recommended security best practices that you can implement to enhance the security of your data and systems in the cloud. The course highlights the security features of AWS key services including compute, storage, networking, and database services. This course also refers to the common security control objectives and regulatory compliance standards and examines use cases for running regulated workloads on AWS across different verticals, globally. You will also learn how to leverage AWS services and tools for automation and continuous monitoring—taking your security operations to the next level.

Attendees to CL-425: AWS Security Operations and Architecture will receive TechNow approved course materials and expert instruction.

Duration: 5 Days

Audience:
• Security engineers
• Security architects
• Security analysts
• Security auditors
• Individuals who are responsible for governing, auditing, and testing an organization’s IT infrastructure, and ensuring conformity of the infrastructure to security, risk, and compliance guidelines

DoD 8140: Not Mandated

Course Prerequisites:

We recommend that attendees of this course have the following prerequisites:
This course assumes you have the equivalent experience or have taken the AWS operational courses that are in the TechNow AWS track.
CL-415: AWS Security Operations

The above courses encapsulate prerequisite knowledge:
• Experience with governance, risk, and compliance regulations and control objectives
• Working knowledge of IT security practices
• Working knowledge of IT infrastructure concepts
• Familiarity with cloud computing concepts

Course Objectives:

This course teaches you how to:
• Identify the security and compliance benefits of using the AWS cloud.
• Discuss the AWS Shared Responsibility Model.
• Describe the access control and access management features of AWS.
• Use AWS services for security logging and monitoring.
• Describe data encryption methods to secure sensitive data.
• Describe AWS services used to protect network security.
• Describe the basic steps to ensure strong governance of your AWS resources.
• Identify AWS services used to maintain governance of control environments.
• Use the AWS audit features.
• Explain how to audit an AWS environment.
• Explain the AWS compliance and assurance programs.
• Describe how AWS audits and attestations validate that security controls are implemented and operating effectively.
• Assimilate and leverage the AWS shared security responsibility model.
• Mange user identity and access management in the AWS cloud.
• Use AWS security services such as AWS Identity and Access Management, Amazon Virtual Private Cloud, AWS Config, AWS CloudTrail, AWS Key Management Service, AWS CloudHSM, and AWS Trusted Advisor.
• Implement better security controls for your resources in the AWS cloud.
• Manage and audit your AWS resources from a security perspective.
• Monitor and log access and usage of AWS compute, storage, networking, and database services.
• Analyze events by capturing, monitoring, processing, and analyzing logs.
• Identify AWS services and tools to help automate, monitor, and manage security operations on AWS.
• Perform security incident management in the AWS cloud.
• Perform security assessments to ensure that common vulnerabilities are patched and security best practices are applied. The assessment outline deals both with AWS specifics and also lays down the workflow of NIST, FedRAMP, and Cloud Security Alliance STAR compliance for a deployed AWS solution.

Dates/Locations: No Events

Course Outline:

Day 1
• Introduction to Cloud Computing and AWS Security
• Access Control and Management
• AWS Security: Governance, Logging, and Encryption
• Compliance and Risk Management

Day 2
• Introduction to Cloud Security Course Objectives
• Security of the AWS Cloud: Entry Points, Web Application, Communications, and Incident Response.
• Cloud Aware Governance and Compliance and related control frameworks.
• Identity and Access Management
Day 3
• Securing AWS Infrastructure Services
• Securing AWS Container Services
• Securing AWS Abstracted Services
• Using AWS Security Services
Day 4
• Data Protection in the AWS Cloud
• Managing security in a hybrid environment
• Deep dive into AWS monitoring and log analysis
• Protecting against outside threats to AWS VPC
Day 5
• How to carry out a Pentest on an AWS solution
• Security Incident Management and Automating security and incident response
• Threat detection and monitoring sensitive data
• Lets Do it! Building Compliant Workloads on AWS—Case Study

 

PA-212: Palo Alto Networks Firewall Configure Extended Features (EDU-205)

  

 

Course Overview: PA-212: Palo Alto Networks Firewall Configure Extended Features (EDU-205) Training Class is a two-day course that teaches students to configure and manage the entire line of Palo Alto Networks next-generation firewalls. Students also will be instructed on the basics of implementing and managing GlobalProtect™ and active/ active high availability. Students will gain an in-depth knowledge of how to optimize their visibility and control of applications, users, and content.  This course prepares the student for Palo Alto Networks Certified Network Security Engineer (PCNSE).  Through hands-on training, students learn high end skills of how to integrate Palo Alto next-generation firewalls into their network infrastructure.  This is not a virtualized theoretical course.  This is hands-on, real world instruction, directly relevant to the DoD and Commercial implementations of Palo Alto Networks next-generation firewalls.

Each student is issued a physical Palo Alto firewall and a Cisco layer 3 switch at their desk.  Real hardware per student for real experience and real skill development.  TechNow provides a very comprehensive client infrastructure that includes Windows, Linux, and multiple packet sniffer agents.

This course sets up the foundation for the three day course PA-243: Palo Alto Networks Firewall Debug and Troubleshoot (EDU-311). The instructor for this course has been a lead in Unix kernel development to implement firewall and intrusion detection technologies.  Additionally, the instructor has taught several security appliance products and carries several SANS, ISC2, ISACA, Cisco, Unix, and Windows certifications.  Attendees to the PA-212: Palo Alto Networks Firewall Configure Extended Features (EDU-205) Training Course will receive TechNow approved course materials and expert instruction.

 

Dates/Locations: No Events

Duration: 2 days

Course Objectives:   Students attending this foundational-level training course will gain an in-depth knowledge of how to configure and manage their Palo Alto Networks firewall.  Students also will be instructed on the basics of implementing and managing GlobalProtect™ and active/ active high availability. Students will gain an in-depth knowledge of how to optimize their visibility and control of applications, users, and content.

Day 1

  • Module 0 – Introduction & Overview
  • Mod 1: Advanced Interface
    • Configuration
    • Advanced NAT
    • Policy-Based
    • Forwarding
    • Routing Protocols (OSPF)
  • Mod 2: App-ID™ –
    • Custom Applications
    • Defining New Application Signatures
    • Application Override
  • Mod 3: Advanced Content-ID™
    • Custom Threat Signatures
    • Data Filtering
    • DoS Protection
    • Botnet Report
  • Mod 4: Advanced User-ID™
    • Terminal Server Agent
    • Captive Portal
    • XML API

Day 2

  • Mod 5: Quality of Service
    • Configuring Quality of Service
  • Mod 6: GlobalProtect™
    • Implementation of GlobalProtect
    • Install and Configure Portal, Gateway, and Agents
  • Mod 7: Monitoring and Reporting
    • Log Forwarding
    • SNMP
    • Reporting
  • Mod 8: Active/Active High Availability
    • Configuring Active/Active HA

 

Prerequisites:

This course is in no way associated with Palo Alto Networks, Inc.

Comments

Latest comments from students

Like the class?  Then let everyone know!

TN-305: Designing, Implementing, Administering and Securing Wireless Local Area Networks (LANs)

Course Overview:

This course, TN-305: Designing, Implementing, Administering and Securing Wireless Local Area Networks (LANs), covers the two main objectives for those entering the wireless world, understanding the technology & addressing its security.  TN-305: Designing, Implementing, Administering and Securing Wireless Local Area Networks (LANs) takes advantage of the student’s existing expertise to provide a challenging introductory course. Covering a broad range of wireless networking topics & an introduction on how to secure a wireless LAN from hackers. To insure wireless availability you need to understand proper design choices & administration practices. To protect valuable information on your network you need to know how attacks occur & techniques used to secure your wireless network.

Attendees to TN-305: Designing, Implementing, Administering and Securing Wireless Local Area Networks (LANs) will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

  • Radio Frequency (RF) Fundamentals
  • Spread Spectrum Technologies
  • 802.11 Network Architecture
  • Physical & MAC Layers
  • Hardware Installation, Configuration, & Management
  • Antennas & Accessories
  • Wireless Network Management
  • Troubleshooting Wireless LANs
  • Site Surveying
  • Wireless LAN Security
  • Organizations & Standards

Prerequisites:

Attendees should have network administration skills.  These skills can be obtained through TechNow’s N-205N-305: CCNA/ICND Training program or our highly respected cross platform TN-385: TCP/IP Analysis & Implementation course.

Comments

Latest comments from students

User: TMPRIESTLEY

Instructor comments: The instructor was very well versed on the topic and knew how to apply it to real-life examples. He led the labs and was very excited about the topic which kept the interest of myself and other class members. Sometimes his volume level was a little high- however the room the class was in was very small. Too small for a big personality!

Facilities comments: I was unaware of the facility changes, but that was at no fault of anyone since I was a drop-in for the course. They were very helpful and quick to mediate the issue.

Liked the class?  Then let everyone know!

TN-765: Automating Administration with Windows Powershell

 

Course Overview:

This course provides students with the fundamental knowledge and skills to use PowerShell for administering and automating administration of Windows servers. This course provides students the skills to identify and build the command they require to perform a specific task. In addition, students learn how to build scripts to accomplish advanced tasks such as automating repetitive tasks and generating reports. This course provides prerequisite skills supporting a broad range of Microsoft products, including Windows Server, Windows Client, Microsoft Azure, and Microsoft 365. In keeping with that goal, this course will not focus on any one of those products, although Windows Server, which is the common platform for all of those products, will serve as the example for the techniques this course teaches.

Attendees to TN-765: Automating Administration with Windows Powershell will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Course Duration: 5 days

Course Objectives:

 

  • Describe the functionality of Windows PowerShell and use it to run and find basic commands
  • Identify and run cmdlets for server administration
  • Work with Windows PowerShell pipeline
  • Describe the techniques Windows PowerShell pipeline uses
  • Use PSProviders and PSDrives to work with other forms of storage
  • Query system information by using WMI and CIM
  • Work with variables, arrays, and hash tables
  • Write basic scripts in Windows PowerShell
  • Write advanced scripts in Windows PowerShell
  • Administer remote computers
  • Use background jobs and scheduled jobs
  • Use advanced Windows PowerShell techniques

 

Course Prerequisites:

 

  • Experience with Windows networking technologies and implementation.
  • Experience with Windows Server administration, maintenance, and troubleshooting.

 

Comments

Latest comments from students

 

Liked the class?  Then let everyone know!

TN-979: Intrusion Analyst Course

Course Overview:

Intrusion Analyst is a hands-on course that covers intrusion detection in-depth. This includes concepts such as the use of Snort, network traffic analysis, and IDS signatures.

A skills focus enables the student to better absorb the subject matter and perform successfully on the job.   This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics of packet and intrusion analysis.

Attendees to TN-979: Intrusion Analyst will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

  • Advanced Snort Concepts
  • Analyst Toolkit
  • Domain Name System (DNS)
  • Examining Packet Crafting
  • Examining Packet Header Fields
  • Fragmentation
  • ICMP Theory
  • IDS Interoperability
  • IDS Patterns
  • IDS/IPS Management & Architecture Issues
  • Indications, Warnings & Traffic Correlation
  • IPv6
  • Microsoft Protocols
  • Network Traffic Analysis
  • NIDS Evasion, Instertion & Checksums
  • Snort Fundamentals & Configuration
  • Snort GUIs & Sensor Management
  • Snort Performance, Active Response & Tagging
  • Snort Rules
  • Stimulus Response
  • TCPdump Fundamentals
  • TCP/IP Fundamentals
  • Wireshark Fundamentals
  • Writing TCPdump Filters

Course Prerequisites:

  • GSEC or equivalent experience
  • UNIX, Windows, Networking, and Security Experience
  • This is a hands-on skill course requiring comfort with command line interaction and network communications

Comments

Latest comments from students

User: Tosha

Instructor comments: Dave was an excellent instructor. He is very informative and knowledgeable in the course and the material. I have enjoyed the class and I would take another course with him as the instructor.

Facilities comments: Very nice and clean hotel.

User: buckey26

Instructor comments: Dave was one of the best instructors I have ever had for a tech course. He broke down everything to the point where you can understand it internally.

Liked the class?  Then let everyone know!