TN-315: Complete Hack and Defend

Course Overview:

Learn to protect yourself and your company against hackers, by learning their tools and techniques, and then testing your network. This course is heavily based on Kali and primarily on Metasploit. In TN-315: Complete Hack and Defend class you will learn the step by step process that hackers use to assess your enterprise network, probe it & hack into it in mixed-platform environment including Windows, Linux, Solaris, and Cisco. This course is 90% hacking, but defenses for demonstrated hacks will be discussed. If you want to know the ins and outs of the hacks presented in this course, then this is the course for you.

Attendees to TN-315: Complete Hack & Defend Class Attendees will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

Introduction to Pen Testing using the PTES model
Metasploit Basics
- MSFconsole, MSFcli, Armitage, MSFpayload, MSFencode, NasmShell
Intelligence Gathering
- Nmap, Databases in Metasploit, Port Scanning with Metasploit
Quick Intro to Ruby
- Writing a simple Ruby script to create a custom scanner
Vulnerability Scanning
- Importing Nessus Results
- Scanning with Nessus from Within Metasploit
Exploitation
- Using the Metasploit Framework and console to exploit
Meterpreter
- Compromising a Windows System
- Attacking MS SQL, xp_cmdshell
- Dumping Usernames and Passwords, extracting and dumping hashes
- Pass the Hash and Token Impersonation
- Pivoting
- Railgun
- Using Meterpreter Scripts: Migrating a process, Killing AV, Persistence
Avoiding Detection
- Creating Stand-Alone Binaries with MSFpayload
- Encoding with MSFencode and Packers (go Green Bay:)
Exploitation Using Client Side Attacks
- Introduction to Immunity Debugger
- Using Immunity Debugger to Decipher NOP Shellcode
Metasploit Auxiliary Modules
Social Engineer Toolkit (SET)
- Spear-Phishing, Web Attack
- Creating a Multipronged Attack
Creating Your Own Module
- Adapt an existing Module
- Add some PowerShell and Run the Exploit
Meterpreter Scripting
Capture The Flag Exercise

Prerequisites:

This is an advanced Information Security Course which requires basic Windows & UNIX competency
Certification or 2 years of experience in these operating systems is highly recommended
An understanding of TCP/IP

Comments

Latest comments from students

User: dhonore

Instructor comments: Dave's presentation style is engaging and lively.

Facilities comments: The room was adequate for the needs of the class.

User: phouck

Instructor comments: David was very good. Although he went very fast at times.

Facilities comments: The room was ok. it was bit dark.

Liked the class? Then let everyone know!

TN-515: Implementing Cybersecurity and Information Assurance Methodologies

Course Overview:

Learn to protect yourself and your company against hackers, by learning their tools and techniques, and then testing your network. This course is heavily based on Kali and primarily on Metasploit. In TN-515: Implementing Cybersecurity and Information Assurance Methodologies class you will learn the step by step process that hackers use to assess your enterprise network, probe it & hack into it, utilizing a mixed-platform target environment including Windows, Linux, Solaris, and Cisco. This course is 90% hacking, but defenses for demonstrated hacks will be discussed. If you want to know the ins and outs of the hacks presented in this course, then this is the course for you.

Attendees to TN-515: Implementing Cybersecurity and Information Assurance Methodologies Class Attendees will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

Introduction to Pen Testing using the PTES model
Metasploit Basics
- MSFconsole, MSFcli, Armitage, MSFpayload, MSFencode, NasmShell
Intelligence Gathering
- Nmap, Databases in Metasploit, Port Scanning with Metasploit
Quick Intro to Ruby
- Writing a simple Ruby script to create a custom scanner
Vulnerability Scanning
- Importing Nessus Results
- Scanning with Nessus from Within Metasploit
Exploitation
- Using the Metasploit Framework and console to exploit
Meterpreter
- Compromising a Windows System
- Attacking MS SQL, xp_cmdshell
- Dumping Usernames and Passwords, extracting and dumping hashes
- Pass the Hash and Token Impersonation
- Pivoting
- Railgun
- Using Meterpreter Scripts: Migrating a process, Killing AV, Persistence
Avoiding Detection
- Creating Stand-Alone Binaries with MSFpayload
- Encoding with MSFencode and Packers (go Green Bay:)
Exploitation Using Client Side Attacks
- Introduction to Immunity Debugger
- Using Immunity Debugger to Decipher NOP Shellcode
Metasploit Auxiliary Modules
Social Engineer Toolkit (SET)
- Spear-Phishing, Web Attack
- Creating a Multipronged Attack
Creating Your Own Module
- Adapt an existing Module
- Add some PowerShell and Run the Exploit
Meterpreter Scripting
Capture The Flag Exercise

Prerequisites:

This is an advanced Cybersecurity and Information Assurance Course which requires basic Windows & UNIX competency
Certification or 2 years of experience in these operating systems is highly recommended
An understanding of TCP/IP

Comments

Latest comments from students

Liked the class? Then let everyone know!

PP-222: CIPM Certified Information Privacy Manager and GDPR Compliance

Course Overview:

Every organization has data protection needs. Every day, we access, share and manage data across companies, continents and the globe. Knowing how to implement a privacy program is an invaluable sill that will help you protect your organization’s data- and take your career to the next level. Our Principles of Privacy Program Management training is the premier course on implementing a privacy program framework, managing the privacy program operational lifecycle and structuring a privacy team. With a CIPM and CIPP/E combined you’ll be uniquely equipped to fulfill the DPO requirements of the GDPR. Here is our CIPM + CIPP/E 4 Day GDPR Ready

What’s Included:

Authorized courseware
Exam voucher
IAPP membership

**GDPR Regulation Mandated May 25, 2018**

Course Objectives:

Principles of Privacy Program Management is the how-to training on implementing a privacy program framework, managing the privacy program operational lifecycle and structuring a knowledgeable, high-performing privacy team. Those taking this course will learn the skills to manage privacy in an organization through process and technology-regardless of jurisdiction or industry. The Principles of Privacy Program Management training is based on the body of knowledge for the IAPP’s ANSI accredited Certified Information Privacy Manager (CIPM) certification program.

Attendees to PP-222: CIPM Certified Information Privacy Manager and GDPR Compliance will receive TechNow approved course materials and expert instruction, and certification test voucher and certificate of course completion.

TechNow is a International Association of Privacy Professionals (IAPP) Partner, and utilizes official curriculum from International Association of Privacy Professionals (IAPP).

TechNow has taught security courses for over 20 years, before most certifications existed and has successfully moved students through certification programs associated with IAPP, SANS, EC-Council and ISC2. Our instructor maintains over a dozen security certifications and has been the director of a company with internationals sales and compliance.

Dates/Locations:

No Events

Duration: 2 Days

Course Content:

Module 1: Introduction to Privacy Program Management
Module 2: Privacy Governance
Module 3: Applicable Laws and Regulations
Module 4: Data Assessments
Module 5: Policies
Module 6: Data Subjects’ Rights
Module 7: Training and Awareness
Module 8: Protecting Personal Information
Module 9: Data Breach Incident Plans
Module 10: Measuring, Monitoring and Auditing Program Performance

Prerequisites: None

Target Audience:

Data Protection Officers, Data Protection Managers, Auditors, Legal Compliance Officers, Security Manager, Information Managers, Anyone who uses processes and maintains personal data

Comments

Latest comments from students

Liked the class? Then let everyone know!

N-405: ROUTE-Implementing Cisco IP Routing

Course Overview:

In this course, administrators of medium-to-large network sites will learn to use advanced routing to provide scalability for Cisco routers that are connected to LANs and WANs. Networking professionals will learn to dramatically increase the number of routers and sites using these techniques instead of redesigning the network when additional sites or wiring configurations are added. Hands-on labs ensure you thoroughly understand how to implement advanced routing within your network.

Attendees to N-405: ROUTE-Implementing Cisco IP Routing will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 days

Course Objectives:

Planning Routing Services to Requirements
Implementing an EIGRP-Based Solution
Implementing a Scalable Multiarea Network
OSPF-Based Solution
Implement an IPv4- Based Redistribution Solution
Implementing Path Control Connection of an Enterprise Network to an ISP Network

Prerequisites:

None

Comments

Latest comments from students

User: jrtrussell

Instructor comments: Awesome

Facilities comments: Awesome

Liked the class? Then let everyone know!

TN-905: Cyber Threat Intelligence Analysis

Course Overview:

TechNow has worked worldwide enterprise infrastructures for over 30 years and has developed demos and labs to exemplify the techniques required to demonstrate technologies that effectively support CTI. This course integrates well with our courses TN-575: Open Source Network Security Monitoring and TN-865: Wireshark Network Traffic and Security Analysis .

TechNow develops Cyber Ranges and makes them available for conferences in support of annual meetings for Cyber Threat Response Teams. Developing scenarios and reacting to them appropriately is a big part of the value in understanding the contexts required to comprehend valuable CTI. As with many advanced TechNow security courses, there is a large hands-on ratio. This course helps Cyber Protection Teams (CPT), Defensive Cyber Operations (DCO), and Mission Defense Teams (MDT) to collect, analyze and apply targeted cyber intelligence to defensive operations in order to proactively act on and tune response to attacks by cyber adversaries. CPT, DCO, and MDT can take preemptive action by utilizing CTI, understanding CTI tools, techniques and procedures (TTPs) needed to generate and consume timely and relevant intelligence to improve resilience and prevention.

This course focuses on the collection, classification, and exploitation of knowledge about adversaries and their TTPs. . MDT puts us close the mission and helps define the internal context to be analyzed against the CTI. TechNow pushes the student to truly understand how to think about and use CTI to make a difference.

Attendees to TN-905: Cyber Threat Intelligence Analysis will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Course Duration: 5 days

Course Objectives:

Learn to comprehend and develop complex scenarios
Identify and create intelligence requirements through practices such as threat modeling
Utilize threat modeling to drive intelligence handling and practices
Breakdown tactical, operational, and strategic-level threat intelligence
Generate threat intelligence to detect, respond to, and defeat focused and targeted threats
How to collect adversary information creating better value CTI
How to filter and qualify external sources, mitigating low integrity intelligence
Create Indicators of Compromise (IOCs) in formats such as YARA, OpenIOC, and STIX
Move security maturity past IOCs into understanding and countering the behavioral tradecraft of threats
Breaking down threats mapped against their tradecraft to tweak IOCs
Establish structured analytical techniques to be successful in any security role
Learn and apply structured principles in support of CTI and how to communicate that to any security role.