TN-999: Reverse Engineering Malware Course

Course Overview:

This course is designed for professionals that are expected to do malware analysis. A skills focus enables the student to better absorb the subject matter and perform successfully on the job. This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics Reverse Engineering Malware.

Attendees to TN-999: Reverse Engineering Malware will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

Toolkit and Lab Assembly
Malware Code and Behavioral Analysis Fundamentals
Malicious Static and Dynamic Code Analysis
Collecting/Probing System and Network Activities
Analysis of Malicious Document Files
Analyzing Protected Executables
Analyzing Web-Based Malware
DLL Construction and API Hooking
Common Windows Malware Characteristics in x86 Assembly
Unpacking Protected Malware
In-Depth Analysis of Malicious Browser Scripts, Flash Programs and Office
In-Depth Analysis of Malicious Executables
Windows x86 Assembly Code Concepts for Revers-Engineering Memory Forensics for Rootkit Analysis

Prerequisites:

Strong understanding of core systems and network concepts
Exposure to programming and assembly concepts
Comfortable with command line access

Comments

Latest comments from students

User: marcus.osullivan

Instructor comments: Good stuff. I like the beginning half where there was help from an additional instructor to facilitate fixing computer errors that inevitably popped up.

Facilities comments: The baby deer were neat! I like the resort.

Liked the class? Then let everyone know!

General Unix

Here are the General Unix course offerings:

PA-222: Palo Alto Networks Panorama Essentials

Course Overview:

PA-222: Palo Alto Networks Panorama Essentials Training Class is a two-day course that teaches students to configure and manage the Palo Alto Networks Panorama management server. Through hands-on training, students learn high end skills of how to integrate Palo Alto Networks next-generation firewalls into their network infrastructure and manage them with Palo Alto Networks Panorama management server.This is not a virtualized theoretical course. This is hands-on, real world in the classroom instructor led with lab assistance, directly relevant to the DoD and Commercial implementations of Palo Alto Networks next-generation firewalls and their enterprise management.

Each student is issued a physical Palo Alto firewall and a Cisco layer 3 switch at their desk. Real hardware per student for real experience and real skill development. TechNow provides a very comprehensive client infrastructure that includes Windows, Linux, and multiple packet sniffer agents.

The instructor for this course has been a lead in Unix kernel development to implement firewall and intrusion detection technologies. Additionally, the instructor has taught several security appliance products and carries several SANS, Cisco, Unix, and Windows certifications.

Attendees to the Palo Alto Networks Panorama Essentials Training Course will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration 2 days

Course Objectives:

Students attending this foundational-level training course will gain an in-depth knowledge of how to configure and manage their Palo Alto Networks Panorama management server, including hands-on experience in configuring the security, networking, threat prevention, logging, and reporting features of the Palo Alto Networks Operating System (PAN-OS) through Panorama.

Day 1
- Module 0 – Introduction & Overview
- Module 1 – Deployment Overview
  - Panorama Solution
  - Functional Overview
  - Architecture Design
- Module 2 – Interface Configuration
  - Installation
  - Design and Planning
  - Administration Roles
  - Access Control
  - Commit Options
- Module 3 – Device Groups
  - Device Groups
  - Policies
  - Objects
  - Device Group Commits
- Module 4 – Templates
  - Template Overview
  - Configure Templates
  - Commits
  - Overrides Commits

Day 2
- Module 5 – Administrative Tools
  - Logging
  - Reporting
  - Managing Devices
- Module 6 – Log Collection
  - Log Collector
  - Collector Groups
  - Distributed Data Collection
  - Installation and Configuration
- Module 7 – Deployment Recommendation
  - High Availability
  - Export Configuration
  - Tips and Tricks
  - Best Practices

Prerequisites:

Security+, Network+, Palo Alto Networks Firewall Essentials FastTrack and networking experience is recommended.

This course is in no way associated with Palo Alto Networks, Inc.

Comments

Latest comments from students

Like the class? Then let everyone know!

CT-405: PenTest+

Course Overview:

PenTest+ is an intermediate-level certification for cybersecurity professionals who are tasked with penetration testing to identify, exploit, report, and manage vulnerabilities on a network. PenTest+ is at the same certification level as CT-395: CySA+. Depending on your course of study, PenTest+ and CySA+ can be taken in any order, but typically follow the skills learned in CT-325: Security+. PenTest+ focuses on offense through penetration testing and vulnerability assessment while CySA+ focuses on defense through incident detection and response. The most qualified cybersecurity professionals have both offensive and defensive skills. Attend Tech Now training for hands-on, instructor led course to prepare you for the CompTIA PT0-002 exam. This exam is hands-on, performance-based questions and multiple choice, to ensure each candidate possesses the skills, knowledge, and ability to perform tasks on systems.

What’s Included:

5 days of instructor led in classroom training
Labs
PenTest+ Courseware
Exam Voucher
PenTest+ onsite exam scheduling

Course Objectives:

Plan and scope penetration tests
Conduct passive reconnaissance
Perform non-technical tests to gather information
Conduct active reconnaissance
Analyze vulnerabilities
Penetrate networks
Exploit host-based vulnerabilities
Test application
Complete post-exploit tasks
Analyze and report pen test results

Dates/Locations:

No Events

Duration: 5 Days

Course Content:

- Module 01. Planning and Scoping Penetration Tests
- Module 02. Conducting Passive Reconnaissance
- Module 03. Performing Non-Technical Tests
- Module 04. Conducting Active Reconnaissance
- Module 05. Analyzing Vulnerabilities
- Module 06. Penetrating Networks
- Module 07. Exploiting Host-Based Vulnerabilities
- Module 08. Testing Applications
- Module 09. Completing Post-Exploit Tasks
- Module 10. Analyzing and Reporting Pen Test Results

Prerequisites:

- - CT-225: Network+
  - CT-325: Security+
  - 3-4 years of hands-on information security or related experience

Target Audience:

This course is designed for cybersecurity professionals tasked with penetration testing and vulnerability management.

Comments

Latest comments from students

Liked the class? Then let everyone know!

CL-315: CCSP – Certified Cloud Security Professional Preparation Seminar

Course Overview:

TechNow’s CCSP Certification Preparation Seminar is an accelerated course designed to meet the high demands of the information security industry by preparing students for the industry standard Certified Cloud Security Professional exam. The exam covers (ISC)²’s 6 Domains from the Common Body of Knowledge, which encompass the whole of cloud security.

This course is an intense 5 day program. TechNow has a proven training and certification track record that you can depend on. CCSP test is 125 questions that typically require more comprehension than CISSP questions. The instructor takes time to walk through scenarios that assume comprehensive knowledge of enterprise infrastructures.

Attendees to CL-315: CCSP Certification Preparation Seminar will receive TechNow approved course materials and expert instruction.

The 6 domains of the CCSP CBK:

Architectural Concepts & Design Requirements
Cloud Data Security
Cloud Platform & Infrastructure Security
Cloud Application Security
Operations
Legal & Compliance

Duration: 5 days

Audience: Mid-level to advanced professionals involved with IT architecture, web and cloud security engineering, information security, governance, risk and compliance, and even IT auditing. CCSPs will be responsible for cloud security architecture, design, operations, and/or service orchestration.

DoD 8140: Not Mandated

Course Prerequisites: IT professional with 5 years of experience, 3 years of security experience, and at least 1 year of cloud security experience. GSEC, CISSP, CASP or equivalent experience in managing enterprise infrastructures. CCSP test is 125 questions that typically require more comprehension than CISSP questions. This course is for those who are already qualified at the enterprise level for IT infrastructures, have Cloud experience, and are looking for a Cloud Security certification.

Course Objectives:

Domain 1: Architectural Concepts and Design Requirements

Module 1: Understand cloud computing concepts
Module 2: Describe cloud reference architecture
Module 3: Understand security concepts relevant to cloud computing
Module 4: Understand design principles of secure cloud computing
Module 5: Identify trusted cloud services

Domain 2: Cloud Data Security

Module 1: Understand Cloud Data Life Cycle
Module 2: Design and Implement Cloud Data Storage Architectures
Module 3: Understand and implement Data Discovery and Classification Technologies
Module 4: Design and Implement Relevant Jurisdictional Data Protection for Personally Identifiable Information (PII)
Module 5: Design and implement Data Rights Management
Module 6: Plan and Implement Data Retention, Deletion, and Archival policies
Module 7: Design and Implement Auditability, Traceability, and Accountability of Data Events

Domain 3: Cloud Platform Infrastructure Security

Module 1: Comprehend Cloud Infrastructure Comp
Module 2: Analyze Risks Associated to Cloud Infrastructure
Module 3: Design and Plan Security Controls
Module 4: Plans Disaster Recovery & Business Continuity Management

Domain 4: Cloud Application Security

Module 1: Recognize Need for Training and Awareness in Application Security
Module 2: Understand Cloud Software Assurance and Validation
Module 3: Use Verified Secure Software
Module 4: Comprehend the Software Development Life Cycle (SDLC) Process
Module 5: Apply the Secure Software Development Life Cycle
Module 6: Comprehend the Specifics of Cloud Application Architecture
Module 7: Design Appropriate Identity and Access Management (IAM) Solutions

Domain 5: Operations

Module 1: Support the Planning Process for the Data Center Design
Module 2: Implement and Build Physical Infrastructure for Cloud Environment
Module 3: Run Physical Infrastructure for Cloud Environment
Module 4: Manage Physical Infrastructure for Cloud Environment
Module 5: Build Logical Infrastructure for Cloud Environment
Module 6: Run Logical Infrastructure for Cloud Environment
Module 7: Manage Logical Infrastructure for Cloud Environment
Module 8: Ensure Compliance with Regulations and Controls
Module 9: Conduct Risk Assessment to Logical and Physical Infrastructure
Module 10: Understand the Collection and Preservation of Digital Evidence
Module 11: Manage Communications with Relevant Parties

Domain 6: Legal and Compliance

Module 1: Understand Legal Requirements and Unique Risks Within the Cloud Environment
Module 2: Understand Privacy Issues, Including Jurisdictional Variances
Module 3: Understand Audit Process, Methodologies, and Required Adaptions for a Cloud Environment
Module 4: Understand Implication of Cloud to Enterprise Risk Management
Module 5: Understand Outsourcing and Cloud Contract Design
Module 6: Execute Vendor Management

Dates/Locations:

No Events