TN-913: Cloud Security Fundamentals

 

Course Overview:

TechNow Cloud Security Fundamentals addresses the loss of hands-on control of system, application, and data security in the Cloud computing environment.  Security teams wrestle with the impact and liability of Cloud computing on an organization.  This course enables the security team to assist in contract language and Service Level Agreements (SLAs) when utilizing Cloud Service Providers (CSPs).

Compliance and auditing are introduced with strategies for control verification and audit analysis in the CSP environment.  Software as a Service (SaaS) to Infrastructure as a Service (IaaS) and everything in between require a compliance strategy.  Students will go in-depth into the architecture and infrastructure fundamentals for private, public, and hybrid clouds.   Topics covered include: patch and configuration management, virtualization security, application security, and change management. Policy, risk assessment, and governance within cloud environments will be covered with recommendations for both internal policies and contract provisions to consider.

TechNow has worked worldwide enterprise infrastructures for over 20 years and has developed demos and labs to exemplify the techniques required to effectively manage security in the cloud environment.

Attendees to TN-913: Cloud Security Fundamentals will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Course Duration: 3 days

Course Objectives:

  • Cloud computing introduction
  • Security challenges in the cloud
  • Infrastructure security in the cloud
  • Policy, risk, and governance for cloud computing
  • Compliance and legal considerations
  • Audit and assessment for the cloud
  • Data security in the cloud
  • Identity and Access Management (IAM)
  • Disaster Recovery and Business Continuity Planning (DR/BCP) in the cloud
  • Intrusion detection and incident response

Course Prerequisites:

  • GSEC, CISSP, CASP or equivalent experience in managing enterprise infrastructures
  • Managing or administering at least one of UNIX, Windows, Databases, networking, or security

Comments

Latest comments from students

User: reedrobt

Instructor comments: Dave is like an encyclopedia of technical topics...what "doesn't" he have expertise in?

Facilities comments: Home2 location was well-kept and convenient to other services.

 

Liked the class?  Then let everyone know!

cheddarcon-powershell-threat-hunting-registration

    After you press "Request Registration" near the bottom of this form, within 30 seconds, status will be provided at the bottom of the form, you will also be contacted by phone for credit card information.

    Tech Now is pleased to have the opportunity to provide you training for "Windows Security Automation and Threat Hunting with PowerShell” at CheddarCon 2018!

    Scroll down to see the course description.

    First Name*

    Last Name*

    Your Email*

    Your Organization*

    Phone*

    Questions:

    After you press "Request Registration" on this form, within 30 seconds, status will be provided at the bottom of the form, you will also be contacted by phone for credit card information.

    Windows Security Automation and Threat Hunting with PowerShell Seminar

    Location: 400 W Wisconsin Ave, Milwaukee, WI 53203, USA

    Date: October 10, 2018 8:00am – 4:00pm

    Duration: 8 hours

    Audience: Cyber Security professionals and Windows administrators

    Attendees Environment: Laptops not required, but suggested to have better hands-on absorption of subject matter.

    Description:
    PowerShell is both a command-line shell and scripting language. Fight fires quickly using existing or custom PowerShell commands or scripts at the shell. PowerShell is made for Security Operations (SecOps) automation on Windows. This seminar does not require prior programming skills. The seminar focuses on PowerShell programming, giving a beginner skills to be productive in windows scripting to automate tasks and also remediate problems.

    Cyber Security is the objective of this seminar, and the PowerShell examples will demonstrate PowerShell capabilities that help lock down a Windows system and also report security status.

    Objectives:

    PowerShell Overview

    • Getting started running commands
    • Security cmdlets
    • Using and updating the built-in help
    • Execution policies
    • Fun tricks with the ISE graphical editor
    • Piping .NET and COM objects, not text
    • Using properties and methods of objects
    • Helping Linux admins feel more at home
    • Aliases, cmdlets, functions, modules, etc.

    PowerShell Utilities and Tips

    • Customizing your profile script
    • PowerShell remote command execution
    • Security setting across the network
    • File copy via PowerShell remoting
    • Capturing the output of commands
    • Parsing text files and logs with regex patterns
    • Parsing Security Logs
    • Searching remote event logs
    • Mounting the registry as a drive
    • Security settings in the Registry
    • Exporting data to CSV, HTML and JSON files
    • Running scripts as scheduled jobs
    • Continued Security Compliance
    • Pushing out scripts through Group Policy
    • Importing modules and dot-sourcing functions
    • http://www.PowerShellGallery.com

    PowerShell Scripting

    • PowerShell Scripting to implement Security Practices
    • Writing your own functions to automate security status and settings
    • Passing arguments into your scripts
    • Function parameters and returning output
    • Flow control: if-then, foreach, that make security decisions
    • How to pipe data in/out of your scripts for security compliance and reporting

    Attendees to this seminar, Windows Security Automation and Threat Hunting with PowerShell, will receive TechNow approved course materials and expert instruction.[/wr_text][/wr_column][/wr_row]

    TN-555: Certified Ethical Hacker v13 (CEH)

    Course Overview:

    This CEH course will immerse you into a “Hacker Mindset” in order to teach you how to think like a hacker and better defend against future attacks. Students are in the driver’s seat with a hands-on training environment employing a systematic ethical hacking process. All while teaching students how to scan, test, hack, and secure target systems. CEH shows how hackers think and act maliciously so you can learn to better position your organization’s security infrastructure and defend against future attacks.

    This CEH course covers the Five Phases of Ethical Hacking, diving into Reconnaissance, Gaining Access, Enumeration, Maintaining Access, and covering your tracks.

    This CEH course delivers in-demand ethical hacking skills while preparing you for the internationally-recognized Certified Ethical Hacker (CEH) certification exam  from EC-Council.

    This course supports a certification that is DoD approved 8570 Baseline Certificate and meets DoD 8140/8570 training requirements.

    What’s Included:

    • EC-Council official E-Courseware
    • EC-Council official iLabs code with access for 6 months
    • EC-Council official Certificate of Attendance
    • CEH Exam Voucher

     

    Security Course Flow
    Document Flow Chart iconsm

    Dates/Locations:

    Date/Time Event
    08/11/2025 - 08/15/2025
    08:00 -16:00     		TN-555: Certified Ethical Hacker v13 (CEH)
    TechNow, Inc, San Antonio TX
    11/17/2025 - 11/21/2025
    08:00 -16:00     		TN-555: Certified Ethical Hacker v13 (CEH)
    TechNow, Inc, San Antonio TX

    Duration: 5 Days

    Course Content:

    • Module 01. Introduction to Ethical Hacking
    • Module 02. Foot-printing and Reconnaissance
    • Module 03. Scanning Networks
    • Module 04. Enumeration
    • Module 05. Vulnerable Analysis
    • Module 06. System Hacking
    • Module 07. Malware Threats
    • Module 08. Sniffing
    • Module 09. Social Engineering
    • Module 10. Denial-of-Service
    • Module 11. Session Hijacking
    • Module 12. Evading IDS,Firewalls, and Honeypots
    • Module 13. Hacking Web Servers
    • Module 14. Hacking Web Applications
    • Module 15. SQL Injection
    • Module 16. Hacking Wireless Networks
    • Module 17. Hacking Mobile Platforms
    • Module 18. IoT and OT Hacking
    • Module 19. Cloud Computing
    • Module 20. Cryptography

     

    Prerequisites:

    • Windows operating system and/or Linux operating system or other Unix-based OS
    • TCP/IP protocols and implementation
    • At least 2 years of IT security experience
    • TN-325:Security+

    Target Audience:

    Information Security Analyst/Administrator, Information Assurance (IA) Security Officer, Information Security Manager/Specialist, Auditors, Security Professional, Site Admins, Penetration Testers, Red Team,Risk/Threat/Vulnerability Analyst, Individuals concerned about the integrity of network infrastructure

     

    About us:

    TechNow has taught security courses for almost 30 years, before most certifications existed and has successfully moved students through certification programs associated with IAPP, SANS, EC-Council and ISC2. Our instructor maintains over a dozen security certifications and has been the director of a company with internationals sales in security training, consulting, and compliance.

    Tech Now, Inc. is an accredited Training Center with Ec-Council.

    Comments

    Latest comments from students

    Liked the class?  Then let everyone know!

    N-595: VoIP Security Analysis and Design

    Course Overview:

    As VoIP (Voice-over IP) is integrated into the operations of many missions, it is imperative to understand its security ramifications.  In the N-595: VoIP Security Analysis and Design class the objectives are designed for those who are chartered with the responsibility of securing networks and application environments that incorporate VoIP.   Topics include how VoIP works, its interactions with the network, its vulnerabilities and mitigations.  Focus is on leading open source and proprietary technologies utilizing Asterisk and Cisco and the protocols SIP, H.323, RTP, MGCP, and Skinny.  Other protocols such as Nortel's UNIStim will be addressed.  As for Cisco, security pieces in the VoIP CallManager servers, Catalyst switches, IOS-based routers, and ASA firewalls, amounts to several different platforms, each with its own management interface and lockdown procedures.   Various open source tools including those in BackTrack are used for VoIP attacks.  A task list of actions for securing enterprise VoIP is carried out in hands-on labs, performed on Cisco phones, routers, switches, and ASA firewalls.

    Attendees to N-595: VoIP Security Analysis and Design will receive TechNow approved course materials and expert instruction.

    Dates/Locations:

    No Events

    Duration: 5 Days

    Course Objectives:

    • VoIP Architecture
    • VoIP Signaling and media protocols
    • Common VoIP authentication mechanisms
    • Common VoIP encryption techniques
    • VoIP protocol analysis with Wireshark
    • Maintaining QoS while mitigating DoS
    • VoXML, XML, and application integration security
    • Converged network security design and implementation
    • Impact of NAT and firewalls
    • SIP, H.323, and MGCP vulnerabilities
    • VPN, IPsec and SRTP to secure VoIP services
    • Penetration testing with open source tools
    • Attacks for Eavesdropping, call redirection, and DoS
    • Design of hacked firmware virtualization layer
    • Concise lockdown steps for network hardware and VoIP

    Prerequisites:

    • This is an advanced Information Security Course which requires basic Windows & UNIX competency
    • Certification or 2 years of experience in these operating systems is highly recommended
    • As well as an understanding of TCP/IP

    Comments

    Latest comments from students

    Liked the class?  Then let everyone know!

    CL-415: AWS System Operations

    Course Overview:

    AWS System Operations begins with a one day  introduction to AWS products, services, and common solutions. It provides you with fundamentals to become more proficient in identifying AWS services so that you can make informed decisions about IT solutions based on your business requirements and get started working on AWS.

    The AWS course continues to flow with teaching those in a Systems Administrator or Developer Operations (DevOps) role how to create automatable and repeatable deployments of networks and systems on the AWS platform. The course covers the specific AWS features and tools related to configuration and deployment, as well as common techniques used throughout the industry for configuring and deploying systems.

    To continue to learn more about AWS, TechNow has the following course:

    CL-425: AWS Security Operations and Architecture 

    Attendees to CL-415: AWS System Operations will receive TechNow approved course materials and expert instruction.

    Duration: 5 Days

    Audience:
    This course is intended for:
    • System Administrators
    • Software Developers, especially those in a Developer Operations (DevOps) role

    DoD 8140: Not Mandated

    Course Prerequisites:
    We recommend that attendees of this course have the following prerequisites:
    • Background in either software development or systems administration
    • Some experience with maintaining operating systems at the command line (shell scripting in Linux environments, cmd or PowerShell in Windows)
    • Basic knowledge of networking protocols (TCP/IP, HTTP)

    Course Objectives:
    This course is designed to teach you how to:
    • Understand basic data center design concepts.
    • Recognize terminology and concepts as they relate to the AWS platform and navigate the AWS Management Console.
    • Understand the foundational infrastructure services, including Amazon Virtual Private Cloud (VPC), Amazon Elastic Compute Cloud (EC2), Amazon Elastic Block Store (EBS), Amazon Simple Storage Service (S3), Auto Scaling, and Elastic Load Balancing (ELB).
    • Understand the security measures AWS provides and key concepts of AWS Identity and Access Management (IAM).
    • Understand AWS database services, including Amazon DynamoDB and Amazon Relational Database Service (RDS).
    • Understand AWS management tools, including Amazon CloudWatch and AWS Trusted Advisor.
    • Use standard AWS infrastructure features such as Amazon Virtual Private Cloud (VPC), Amazon Elastic Compute Cloud (EC2), Elastic Load Balancing, and Auto Scaling from the command line
    • Use AWS CloudFormation and other automation technologies to produce stacks of AWS resources that can be deployed in an automated, repeatable fashion
    • Build functioning virtual private networks with Amazon VPC from the ground up using the AWS Management Console
    • Deploy Amazon EC2 instances using command line calls and troubleshoot the most common problems with instances
    • Monitor the health of Amazon EC2 instances and other AWS services
    • Manage user identity, AWS permissions, and security in the cloud
    • Manage resource consumption in an AWS account using tools such as Amazon CloudWatch, tagging, and Trusted Advisor
    • Select and implement the best strategy for creating reusable Amazon EC2 instances
    • Configure a set of Amazon EC2 instances that launch behind a load balancer, with the system scaling up and down in response to demand
    • Edit and troubleshoot a basic AWS CloudFormation stack definition

    Dates/Locations:

    No Events

    Course Outline:

    Day 1

    • Introduction and History of AWS
    • AWS Infrastructure: Compute, Storage, and Networking
    • AWS Security, Identity, and Access Management
    • AWS Databases
    • AWS Management Tools

    Day 2
    • System Operations on AWS Overview
    • Networking in the Cloud
    • Computing in the Cloud
    Day 3
    • Storage and Archiving in the Cloud
    • Monitoring in the Cloud
    • Managing Resource Consumption in the Cloud
    Day 4
    • Configuration Management in the Cloud
    • Creating Scalable Deployments in the Cloud
    • Creating Automated and Repeatable Deployments
    Day 5
    Full Day Lab
    • Select the appropriate AWS service based on compute, data, or security requirements
    • Execute steps required to provision cloud resources for selected deployment
    • Identify and implement data protection, encryption, and capacity planning
    • Implement and manage security policies, access controls, and role
    • Implement Automation

     

    Next/Related Courses: