TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies

 

Course Overview:

TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies is the big picture overview of a SOC, other courses provide a deep dive into the technologies that a SOC may utilize. This course addresses the internal workings of staff, skills required, required authorizations, internal agreements, and setting appropriate expectation levels of a SOC within budget constraints. A SOC is not a one size fits all, the instructor has decades of security experience and brings to the table opportunities to discuss what can work within constraints. Many organizations are coming to the realization that some level of a SOC is now required and to learn just what decisions need to be made: Out-sourced, In-sourced, budgets, capabilities and many more. Students leave with a worksheet of how to progress when they get back to their organization.

TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies – Is a course that incorporates lecture, demos, and group exercises for standing up a Security Operations Center (SOC). Students learn strategies and resources required to deploy, build, and run Network Security Monitoring (NSM) and work roles and flows for a SOC. No network is bullet proof and when attackers access your network, this course will show you options and resources to build a security net to detect, contain, and control the attacker. Examples on what it takes to architect an NSM solution to identify sophisticated attackers and a response strategy. Properly implemented detection and response technologies is integral to incident response and provides the responders timely information and tools to react to the incident. Effective demonstrations are given of Open Source technologies that build up a SOC, but any software can be used and demonstrations are provided to demonstrate technology families not push a specific solution.

TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies demonstrations utilize a cyber range that gives each student in-depth knowledge of monitoring live systems to include: Cisco, Windows, Linux, IoT, and Firewalls; and software and services to provide orchestrate Incident Response, Intelligence Analysis, and Hunt Operations.

Attendees to TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies class will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 2 Days

Course Objective:

    • To provide management an overview of what it takes to stand up a SOC.

Prerequisites:

  • Students should have an understanding of the security field.

Course Outline:

  • What threats does my organization care about?
  • What does a threat look like?
  • What does a threat look like?
  • How to present the SOC internally.
  • Communication with Stakeholders and Executives
    • Leveraging and integrating existing security measures
  • People
    • Establishing a skill matrix and work roles for SOC members
    • Establishing a training path
    • Personnel background requirementsProcesses
  • Processes
    • Alignment to standards: NIST, PCI, HIPAA, etc.
    • Risk related decision trees
    • Playbooks
    • Threat Intelligence Integration
  • Technology – Tool Suites to Support:
    • Ethical Hacking
    • Network Security Monitoring and SIEM
    • Forensics
    • Dashboards
    • Analysis and Hunting
    • Incident Management and Ticketing

 

Comments

Latest comments from students

 

Liked the class?  Then let everyone know!

Welcome to TechNow!

Welcome to TechNow! The Leader in Information Security Training & Computer Training.

The world of information security and computer training is ever changing.  The techniques and systems continue to evolve and we must stay current and diligent.  To do this, you can count on TechNow®…the leader in cybersecurity training and computer system training.

TechNow® has been training the leaders in the computer community for many years.  We provide training for students in a number of areas.  Our cybersecurity trainings include popular courses like D0D 8140, Security , CISM, CISSP, CEH,CCNA, and more.  With over 34 years of experience, we’re able to provide you with unmatched training and certification programs.

TechNow also provides a variety of other popular trainings for the computer professional including Cisco, EC-Council, CompTIA, Unix/Linux and more.

.

Search Our Site

Upcoming Events

  • PM-224: PMI Agile Certified Practitioner (PMI-ACP)® Prep Course
    • 05/26/2026 – 05/29/2026
    • San Antonio
  • TN-813: Certified in Governance, Risk and Compliance (CGRC)</a>
    • 05/26/2026 – 05/29/2026
    • San Antonio
  • TN-913: Cloud Security Fundamentals
    • 05/27/2026 – 05/29/2026
    • San Antonio
  • CT-395: CySA+ Cybersecurity Analyst
    • 06/01/2026 – 06/05/2026
    • San Antonio
  • RH-245: Linux System Administration I
    • 06/01/2026 – 06/05/2026
    • San Antonio
  • all events

    • in   

    PA-232: Palo Alto Networks Panorama Manage Multiple Firewalls (EDU-221)

      

     

    Course Overview:  PA-232: Palo Alto Networks Panorama Manage Multiple Firewalls (EDU-221) Training Class is a two-day course.  Students attending this course will gain an in-depth knowledge of how to configure and manage their Palo Alto Networks Panorama Management Server.  Upon completion of this course, administrators will understand the Panorama server’s role in managing and securing their overall network.  Network professionals will learn to use Panorama’s aggregated reporting to provide them with a holistic view of a network of Palo Alto Networks next-generation firewalls.  This is not a virtualized theoretical course.  This is hands-on, real world instruction, directly relevant to the DoD and Commercial implementations of Palo Alto Networks next-generation firewalls.

    Each student is issued a physical Palo Alto firewall and a Cisco layer 3 switch at their desk.  Real hardware per student for real experience and real skill development.

    TechNow provides a very comprehensive client infrastructure that includes Windows, Linux, and multiple packet sniffer agents.  The instructor for this course has been a lead in Unix kernel development to implement firewall and intrusion detection technologies.  Additionally, the instructor has taught several security appliance products and carries several SANS, ISC2, ISACA, Cisco, Unix, and Windows certifications.

    Attendees to the PA-232: Palo Alto Networks Panorama Manage Multiple Firewalls (EDU-221) Training Course will receive TechNow approved course materials and expert instruction.

     

    Dates/Locations:

    No Events

    Duration: 2 days

    Course Objectives:   Students attending this foundational-level training course will gain an in-depth knowledge of how to configure and manage their Palo Alto Networks Panorama Management Server.

    Day 1

    • Module 0 – Introduction & Overview
    • Mod 1: Overview
      • Panorama Solution
      • Deployment Design
    • Mod 2: Initial Configuration
      • Interface Configuration
      • Setup Configurations
      • Device Deployment
      • Configuration Management
    • Mod 3: Templates
      • Templates Overview
      • Common Organization
      • Strategies
      • Configuring Templates
    • Mod 4: Device Groups
      • Device Groups
      • Objects
      • Policies
      • Device Group Commit

     

    Day 2

    • Mod 5: Administration
      • Admin Roles and Access
      • Control
      • Commit Procedure
    • Mod 6: Logging and
      • Reporting
      • Logging
      • Application Command
      • Center
      • App-Scope
      • Correlation Objects
      • Reports
    • Mod 7: Log Collectors
      • Plan a Log Collection
      • Deployment
      • Distributed Data Collection
      • Log Deployment
      • Configure Dedicated Log
      • Collector
      • Managed Collector Groups
    • Mod 8: Business Continuity
      • Panorama High Availability
      • Collector Group
      • Redundancy
      • Export Configuration
      • Disk Installation

     

    Prerequisites:

    This course is in no way associated with Palo Alto Networks, Inc.

    Comments

    Latest comments from students

    Like the class?  Then let everyone know!

    CT-405: PenTest+

     

     

     

     

     

     

    Course Overview:

    PenTest+ is an intermediate-level certification for cybersecurity professionals who are tasked with penetration testing to identify, exploit, report, and manage vulnerabilities on a network. PenTest+ is at the same certification level as CT-395: CySA+. Depending on your course of study, PenTest+ and CySA+ can be taken in any order, but typically follow the skills learned in CT-325: Security+. PenTest+ focuses on offense through penetration testing and vulnerability assessment while CySA+ focuses on defense through incident detection and response. The most qualified cybersecurity professionals have both offensive and defensive skills. Attend Tech Now training for hands-on, instructor led course to prepare you for the CompTIA PT0-002 exam. This exam is hands-on, performance-based questions and multiple choice, to ensure each candidate possesses the skills, knowledge, and ability to perform tasks on systems.

     

     

     

     

    What’s Included:

    • 5 days of instructor led in classroom training
    • Labs
    • PenTest+ Courseware
    • Exam Voucher
    • PenTest+ onsite exam scheduling

    Course Objectives:

    • Plan and scope penetration tests
    • Conduct passive reconnaissance
    • Perform non-technical tests to gather information
    • Conduct active reconnaissance
    • Analyze vulnerabilities
    • Penetrate networks
    • Exploit host-based vulnerabilities
    • Test application
    • Complete post-exploit tasks
    • Analyze and report pen test results

    Dates/Locations:

    No Events

    Duration: 5 Days

    Course Content:

      • Module 01. Planning and Scoping Penetration Tests
      • Module 02. Conducting Passive Reconnaissance
      • Module 03. Performing Non-Technical Tests
      • Module 04. Conducting Active Reconnaissance
      • Module 05. Analyzing Vulnerabilities
      • Module 06. Penetrating Networks
      • Module 07. Exploiting Host-Based Vulnerabilities
      • Module 08. Testing Applications
      • Module 09. Completing Post-Exploit Tasks
      • Module 10. Analyzing and Reporting Pen Test Results

     

    Prerequisites:

    Target Audience:

    This course is designed for cybersecurity professionals tasked with penetration testing and vulnerability management.

    Comments

    Latest comments from students

    Liked the class?  Then let everyone know!

    TN-512: Essential Business Analysis Course

    Course Overview:

    This course covers the key elements required to understand and apply business analysis techniques in an IT-centric business environment.  It identifies key best practices to deal with the challenges of eliciting, analyzing, and specifying project requirements.  The key material in each section of this course is reinforced with a student driven lab scenario allowing each participant hands-on practice with the key business analysis concepts that are introduced in this course. At the end of the focused sections on business analysis techniques, the students will engage in a student-driven business analysis case study blending all the learned techniques into a finished product. This course is approximately 60% lecture and  40% lab time.

    Attendees to TN-512: Essential Business Analysis Course will receive TechNow approved course materials and expert instruction.

    Dates/Locations:

    No Events

    Duration: 5 Days

    Course Objectives:

    • Overview of Business Analysis Workshop
    • Eliciting Project Workshop
    • Case Study
    • Analyzing Requirements and Writing Case Studies
    • Case Study

    Prerequisites:

    • None

     

    Comments

    Latest comments from students

    Liked the class?  Then let everyone know!