TN-813: Certified in Governance, Risk and Compliance (CGRC)

Course Overview:

TN-813: Certified in Governance, Risk, and Compliance (CGRC) course is for the (ISC)²® Certified in Governance, Risk, and Compliance (CGRC) credential previously known as Certified Authorization Professional (CAP). This course walks the student through the Risk Management Framework following practices the NIST pubs. CGRC is an objective measure of the knowledge, skills and abilities required for personnel involved in the process of certifying and accrediting security of information systems. Specifically, this credential applies to those responsible for formalizing processes used to assess risk and establish security requirements. Their decisions will ensure that information systems possess security commensurate with the level of exposure to potential risk, as well as damage to assets or individuals.The CGRC credential is appropriate for civilian, state and local governments in the U.S., as well as commercial markets. CGRC certification applies to job functions such as authorization officials, system owners, information owners, information system security officers, and certifiers. CGRC is crucial to the Management staff.

This course is the “why” of the entire security field. It provides a logical way of allocating resources where there is greatest risk and why we make the decisions we make in the field of security. It is TechNow’s view that of all the security courses we have seen, this course genuinely puts the “big picture” of security in front of the students. Students actually come to an understanding of truly what is critical to security of an enterprise versus a bunch of nuts and bolts of security.

TechNow’s CGRC course covers all of the (ISC)²® CGRC 7 Knowledge domains:

Security and Privacy Governance, Risk Management, and Compliance Program
Scope of the System
Selection and Approval of Framework, Security, and Privacy Controls
Implementation of Security and Privacy Controls
Assessment/ Audit of Security and Privacy Controls
System Compliance
Compliance Maintenance

RMF Related Steps

Prepare – Process Initiation
Categorize Information Systems
Establish the Security Control Baseline
Apply Security Controls
Assess Security Controls
Authorize Information System
Monitor Security Controls

TechNow’s CGRC Instructors have extensive knowledge and experience in the field, and have been working with organizations to build assessor teams for over 20 years.

Attendees to TN-813: Certified in Governance, Risk, and Compliance (CGRC) will receive TechNow authorized training materials, including access to the documentation of the CGRC Exam domains, and expert instruction.

Dates/Locations:

Date/Time	Event
09/08/2025 - 09/11/2025 08:00 -16:00	TN-813: Certified in Governance, Risk and Compliance (CGRC) TechNow, Inc, San Antonio TX

Duration: 3 Days

Course Objectives:

Initiate the Preparation Phase
Perform Execution Phase
Perform Maintenance Phase
Understand the Purpose of Security Authorization

Prerequisites:

IT Security
Information Assurance
Information Risk Management certification and systems administration
1-2 years of general experience technical experience
2 years of general systems experience
1-2 years of Database/Systems Development/Network Experience
Information Security Policy Experience

Comments

Latest comments from students

Liked the class? Then let everyone know!

TN-525: Certified Penetration Testing Professional (CPENT)

Course Overview:

A rigorous Pen Testing program that, unlike contemporary Pen Testing courses, teaches you how to perform an effective penetration test across filtered networks. The course requires you to Pen Test IoT systems, OT systems, builds on your ability to write your own exploits, build your own tools, conduct advanced binaries exploitation, double pivot to access hidden networks, and various technologies.

What’s Included:

- EC-Council official E-Courseware
- EC-Council official Certificate of Attendance
- EC-Council iLabs with access for 6 months
- EC-Council CPENT Range access
- CEH Exam Voucher
Dates/Locations:

No Events

Duration: 5 days

Course Content:
- - Module 01. Introduction to Penetration Testing
  - Module 02. Penetration Testing Scoping and Engagement
  - Module 03. Open Source Intelligence (OSINT)
  - Module 04. Social Engineering Penetration Testing
  - Module 05. Network Penetration Testing – External
  - Module 06. Network Penetration Testing – Internal
  - Module 07. Network Penetration Testing – Perimeter Devices
  - Module 08. Web Application Penetration Testing
  - Module 09. Wireless Penetration Testing
  - Module 10. IoT Penetration Testing
  - Module 11. OT/SCADA Penetration Testing
  - Module 12. Cloud Penetration Testing
  - Module 13. Binary Analysis and Exploitation
  - Module 14. Report Writing and Post Testing Actions
Prerequisites:
- - - Pass the CEH exam
    - Pass the CND exam
Target Audience:

Penetration Testers, Ethical Hackers, Information Security Consultants/ Testers/ Analysts/ Engineers, Network Server Administrators, Firewall & System Administrators, Risk Assessment Professionals

Comments

Latest comments from students

Liked the class? Then let everyone know!

CT-405: PenTest+

Course Overview:

PenTest+ is an intermediate-level certification for cybersecurity professionals who are tasked with penetration testing to identify, exploit, report, and manage vulnerabilities on a network. PenTest+ is at the same certification level as CT-395: CySA+. Depending on your course of study, PenTest+ and CySA+ can be taken in any order, but typically follow the skills learned in CT-325: Security+. PenTest+ focuses on offense through penetration testing and vulnerability assessment while CySA+ focuses on defense through incident detection and response. The most qualified cybersecurity professionals have both offensive and defensive skills. Attend Tech Now training for hands-on, instructor led course to prepare you for the CompTIA PT0-002 exam. This exam is hands-on, performance-based questions and multiple choice, to ensure each candidate possesses the skills, knowledge, and ability to perform tasks on systems.

What’s Included:

5 days of instructor led in classroom training
Labs
PenTest+ Courseware
Exam Voucher
PenTest+ onsite exam scheduling

Course Objectives:

Plan and scope penetration tests
Conduct passive reconnaissance
Perform non-technical tests to gather information
Conduct active reconnaissance
Analyze vulnerabilities
Penetrate networks
Exploit host-based vulnerabilities
Test application
Complete post-exploit tasks
Analyze and report pen test results

Dates/Locations:

No Events

Duration: 5 Days

Course Content:

- Module 01. Planning and Scoping Penetration Tests
- Module 02. Conducting Passive Reconnaissance
- Module 03. Performing Non-Technical Tests
- Module 04. Conducting Active Reconnaissance
- Module 05. Analyzing Vulnerabilities
- Module 06. Penetrating Networks
- Module 07. Exploiting Host-Based Vulnerabilities
- Module 08. Testing Applications
- Module 09. Completing Post-Exploit Tasks
- Module 10. Analyzing and Reporting Pen Test Results

Prerequisites:

- - CT-225: Network+
  - CT-325: Security+
  - 3-4 years of hands-on information security or related experience

Target Audience:

This course is designed for cybersecurity professionals tasked with penetration testing and vulnerability management.

Comments

Latest comments from students

Liked the class? Then let everyone know!

Microsoft

The Microsoft platform is arguably the largest component in any IT architecture, and rate of change in this arena makes training in the Microsoft platform a must. TechNow can and does teach the entire gamut of Microsoft technologies, from Servers to application development.

Here is a list of all of our Microsoft courses:

TN-913: Cloud Security Fundamentals

Course Overview:

TechNow Cloud Security Fundamentals addresses the loss of hands-on control of system, application, and data security in the Cloud computing environment. Security teams wrestle with the impact and liability of Cloud computing on an organization. This course enables the security team to assist in contract language and Service Level Agreements (SLAs) when utilizing Cloud Service Providers (CSPs).

Compliance and auditing are introduced with strategies for control verification and audit analysis in the CSP environment. Software as a Service (SaaS) to Infrastructure as a Service (IaaS) and everything in between require a compliance strategy. Students will go in-depth into the architecture and infrastructure fundamentals for private, public, and hybrid clouds. Topics covered include: patch and configuration management, virtualization security, application security, and change management. Policy, risk assessment, and governance within cloud environments will be covered with recommendations for both internal policies and contract provisions to consider.

TechNow has worked worldwide enterprise infrastructures for over 20 years and has developed demos and labs to exemplify the techniques required to effectively manage security in the cloud environment.

Attendees to TN-913: Cloud Security Fundamentals will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Course Duration: 3 days

Course Objectives:

Cloud computing introduction
Security challenges in the cloud
Infrastructure security in the cloud
Policy, risk, and governance for cloud computing
Compliance and legal considerations
Audit and assessment for the cloud
Data security in the cloud
Identity and Access Management (IAM)
Disaster Recovery and Business Continuity Planning (DR/BCP) in the cloud
Intrusion detection and incident response

Course Prerequisites:

GSEC, CISSP, CASP or equivalent experience in managing enterprise infrastructures
Managing or administering at least one of UNIX, Windows, Databases, networking, or security

Comments

Latest comments from students

User: reedrobt

Instructor comments: Dave is like an encyclopedia of technical topics...what "doesn't" he have expertise in?

Facilities comments: Home2 location was well-kept and convenient to other services.