TN-979: Intrusion Analyst Course

Course Overview:

Intrusion Analyst is a hands-on course that covers intrusion detection in-depth. This includes concepts such as the use of Snort, network traffic analysis, and IDS signatures.

A skills focus enables the student to better absorb the subject matter and perform successfully on the job. This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics of packet and intrusion analysis.

Attendees to TN-979: Intrusion Analyst will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

Advanced Snort Concepts
Analyst Toolkit
Domain Name System (DNS)
Examining Packet Crafting
Examining Packet Header Fields
Fragmentation
ICMP Theory
IDS Interoperability
IDS Patterns
IDS/IPS Management & Architecture Issues
Indications, Warnings & Traffic Correlation
IPv6
Microsoft Protocols
Network Traffic Analysis
NIDS Evasion, Instertion & Checksums
Snort Fundamentals & Configuration
Snort GUIs & Sensor Management
Snort Performance, Active Response & Tagging
Snort Rules
Stimulus Response
TCPdump Fundamentals
TCP/IP Fundamentals
Wireshark Fundamentals
Writing TCPdump Filters

Course Prerequisites:

GSEC or equivalent experience
UNIX, Windows, Networking, and Security Experience
This is a hands-on skill course requiring comfort with command line interaction and network communications

Comments

Latest comments from students

User: Tosha

Instructor comments: Dave was an excellent instructor. He is very informative and knowledgeable in the course and the material. I have enjoyed the class and I would take another course with him as the instructor.

Facilities comments: Very nice and clean hotel.

User: buckey26

Instructor comments: Dave was one of the best instructors I have ever had for a tech course. He broke down everything to the point where you can understand it internally.

Liked the class? Then let everyone know!

TN-425: Certified Offensive AI Security Professional (C|OASP)

Certified Offensive AI Security Professional (COASP) validates the competencies required for practitioners who need to demonstrate offensive AI security skills, emulating adversaries, validating defenses, and leading red-team/blue-team exercises to keep AI resilient, reliable, and auditable

The Certified Offensive AI Security Professional (COASP) equips you to identify and neutralize AI-specific threats before attackers do. And Bridges security, engineering, and data science so controls exist across the full AI life cycle.

Participants will gain hands-on experience to perform end-to-end adversarial testing and deliver defensive validation evidence including the ability to simulate adversarial AI kill chains, Harden AI architectures by secure system prompts, context windows, tool integrations, RAG pipelines, and agent memory, Conducting AI security assessments aligned to MITRE ATLAS, OWASP LLM/ML Top 10, NIST AI RMF, and DoD Test & Evaluation practices , This course covers how to build SOC-ready capabilities for AI-focused detection logic, incident playbooks, and forensic procedures , & how to execute prompt injection, adversarial prompting , Assess AI supply-chain risk , Implement defensive engineering controls and Produce assurance and compliance artifacts.

By the end of the course, learners will be well-prepared to take the Certified Offensive AI Security Professional (COASP) exam and demonstrate the ability to exploit vulnerabilities in LLMs and agents, and build defense that survive real world attacks, learners will master offensive techniques that break AI before the attackers do.

Course Outline:

01. Offensive AI and AI System Hacking Methodology

02. AI Reconnaissance and Attack Surface Mapping

03. AI Vulnerability Scanning and Fuzzing

04. Prompt Injection and LLM Application Attacks

05. Adversarial Machine Learning and Model Privacy Attacks

06. Data and Training Pipeline Attacks

07. Agentic AI and Model-to-Model Attacks

08. AI Infrastructure and Supply Chain Attacks

09. AI Security Testing, Evaluation, and Hardening

10. AI Incident Response and Forensics

Prerequisites:

TN-412: Artificial Intelligence Essentials (AI|E)

Dates/Locations:

No Events

DO-375: Automation with Ansible and Ansible Tower

Course Overview:

Through hands-on labs, you will learn to automate system administration tasks on managed hosts with Ansible, learn how to write Ansible playbooks to standardize task execution, and manage encryption for Ansible with Ansible Vault. This course will also teach you how to deploy and use Red Hat® Ansible Tower to centrally manage existing Ansible projects, playbooks, and roles; perform basic maintenance and administration of the Ansible Tower installation; and configure users and teams and use them to control access to systems, projects, and other resources through role-based access controls. You will learn to use Ansible Tower’s visual dashboard to launch, control, and monitor Ansible jobs; use the Ansible Tower application programming interface (API) to launch jobs from existing templates; automatically schedule Ansible jobs; and dynamically update host inventories.

Course Objectives:

Install and troubleshoot Ansible on central nodes and managed hosts
Automate administration tasks with Ansible playbooks and ad hoc commands
Write effective Ansible playbooks
Protect sensitive data used by tasks with Ansible Vault.
Install and configure Ansible Tower for enterprise Ansible management
Use Ansible Tower to control access to inventories and machine credentials by users and teams
Create job templates in Ansible Tower to standardize playbook execution.
Centrally launch playbooks and monitor and review job results with Ansible Tower

Course Outline:

Introduce Ansible
Deploy Ansible
Implement playbooks
Manage variables and inclusions
Implement task control
Implement Jinja2 templates
Implement roles
Configure complex playbooks
Implement Ansible Vault
Troubleshoot Ansible
Install Ansible Tower and describe Ansible Tower’s architecture
Create users and teams for role-based access control
Create and manage inventories and credentials
Manage projects for provisioning with Ansible Tower
Construct advanced job workflows
Update inventories dynamically and compare inventory members
Maintenance and administration of Ansible Tower

Dates/Locations:

No Events

Duration: 5 Days

Prerequisites:

Become a Red Hat Certified System Administrator, or demonstrate equivalent experience

Target Audience:

This course is designed for Linux system administrators, cloud administrators, and network administrators needing to automate configuration management, application deployment, and intraservice orchestration at an enterprise scale.

TN-865: Wireshark Network Traffic and Security Analysis

Course Overview:

This course delivers the technical knowledge, insight, and hands-on training to receive in-depth knowledge on Wireshark® and TCP/IP communications analysis. You will learn to use Wireshark to identify the most common causes of performance problems in TCP/IP communications. You will learn about the underlying theory of TCP/IP and the most used application protocols, so that you can intelligently examine network traffic for performance issues or possible Indicators of Compromise (IoC).

Duration: 5 Days

Audience:

Anyone interested in learning to troubleshoot and optimize TCP/IP networks and analyze network traffic with Wireshark, especially network engineers, information technology specialists, and security analysts.

Course Prerequisites:

We recommend that attendees of this course have the following prerequisite:
• Network+

Dates/Locations:

No Events

Course Outline:

DAY ONE

Course Set Up and Analyzer Testing

Network Analysis Overview
Wireshark Functionality Overview
Capturing Wired and Wireless Traffic
Define Global and Personal Preferences for Faster Analysis
Defined Time Values and Interpret Summaries
Interpret Basic Trace File Statistics to Identify Trends
Create and Apply Display Filters for Efficient Analysis

DAY TWO

Follow Streams and Reassemble Data
Use Wireshark’s Expert System to Identify Anomalies
TCP/IP Analysis Overview
Analyze Common TCP/IP Traffic Patterns

DAY THREE

Graph I/O Rates and TCP Trends
802.11 (WLAN) Analysis Fundamentals
Voice over IP (VoIP) Analysis Fundamentals
Network Forensics Fundamentals

DAY FOUR

Detect Scanning and Discovery Processes
Analyze Suspect Traffic

DAY FIVE

Use Command‐Line Tools

TN-565: Nessus Vulnerability & Compliance Auditing

Course Overview:

This course provides security professionals with the skills and knowledge to perform vulnerability and compliance scanning of supported operating systems, devices, and applications. Students will construct custom scan policies for topology discovery, network vulnerability detection, credentialed patch audits, and compliance benchmarks, and discuss the underlying technologies utilized by the Nessus scanner.

This course provides students with the necessary information to prepare for the Tenable Certified Nessus Auditor (TCNA) exam.

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

Introduction to Nessus and Vulnerability Scanning
Nessus Installation and Administration
Basic Nessus Scan Operation
Nessus Scan Configuration and Policy Creation
Vulnerability Analysis and Reporting with Nessus
Advanced Scan Configuration and Policy Creation
Introduction to Compliance and Auditing
Nessus Auditing Features
Windows System Auditing
Unix System Auditing
Cisco IOS Auditing
Nessus Database Auditing
Nessus Content Auditing
Auditing to Industry Guidelines
Auditing to Federal Guidelines

Prerequisites:

Students should possess a basic understanding of TCP/IP networking, operating systems security, and common client/server applications.

Comments

Latest comments from students