Course Overview:

This course engages students by providing in-depth knowledge of the most prominent and powerful attack vectors and an environment to perform these attacks in numerous hands-on scenarios. This course goes far beyond simple scanning for low-hanging fruit, and shows penetration testers how to model the abilities of an advanced attacker to find significant flaws in a target environment and demonstrate the business risk associated with these flaws.

Attendees to TN-919:Penetration Tester course will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Course Duration: 5 days

Course Objectives:

  • Advanced Hash Manipulation
  • Command Shell vs. Terminal Access
  • Enumerating Users
  • Exploitation Fundamentals
  • Injection Attacks
  • Legal Issues
  • Metasploit
  • Moving Files with Exploits
  • Obtaining and Passing Password Representations
  • Overview of Passwords
  • Penetration Testing Foundations
  • Penetration Testing Process
  • Penetration Testing via the Command Line
  • Profiling the Target
  • Reconnaissance
  • Scanning for Targets
  • Using a Proxy to Attack a Web Application
  • Vulnerability Scanning
  • Wireless Crypto and Client Attacks
  • Wireless Fundamentals

Course Prerequisites:

  • GSEC or equivalent experience
  • UNIX, Windows, networking, and security experience
  • This is a hands-on skill course requiring comfort with command line interaction and network communications

Comments

Latest comments from students



User: kdwagoner

Instructor comments: Very knowledgeable. Kept class focused and on task

Facilities comments: Good


Liked the class?  Then let everyone know!

Increase your credibility, job security, and career opportunities by reaching your goal and getting certified!  TechNow offers many CompTIA bootcamp style courses in which we administer an exam on the last day of class.  We have a proven testing program that will get you the results you want!

in   
  

Course Overview: 

Learn to protect yourself and your company against hackers, by learning their tools and techniques, and then testing your network.  This course is heavily based on Kali and primarily on Metasploit.  In TN-515: Implementing Cybersecurity and Information Assurance Methodologies class you will learn the step by step process that hackers use to assess your enterprise network, probe it & hack into it, utilizing a mixed-platform target environment including Windows, Linux, Solaris, and Cisco.  This course is 90% hacking, but  defenses for demonstrated hacks will be discussed.  If you want to know the ins and outs of the hacks presented in this course, then this is the course for you.

Attendees to TN-515: Implementing Cybersecurity and Information Assurance Methodologies Class Attendees will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

  • Introduction to Pen Testing using the PTES model
  • Metasploit Basics
    • MSFconsole, MSFcli, Armitage, MSFpayload, MSFencode, NasmShell
  • Intelligence Gathering
    • Nmap, Databases in Metasploit, Port Scanning with Metasploit
  • Quick Intro to Ruby
    • Writing a simple Ruby script to create a custom scanner
  • Vulnerability Scanning
    • Importing Nessus Results
    • Scanning with Nessus from Within Metasploit
  • Exploitation
    • Using the Metasploit Framework and console to exploit
  • Meterpreter
    • Compromising a Windows System
    • Attacking MS SQL, xp_cmdshell
    • Dumping Usernames and Passwords, extracting and dumping hashes
    • Pass the Hash and Token Impersonation
    • Pivoting
    • Railgun
    • Using Meterpreter Scripts: Migrating a process, Killing AV, Persistence
  • Avoiding Detection
    • Creating Stand-Alone Binaries with MSFpayload
    • Encoding with MSFencode and Packers (go Green Bay:)
  • Exploitation Using Client Side Attacks
    • Introduction to Immunity Debugger
    • Using Immunity Debugger to Decipher NOP Shellcode
  • Metasploit Auxiliary Modules
  • Social Engineer Toolkit (SET)
    • Spear-Phishing, Web Attack
    • Creating a Multipronged Attack
  • Creating Your Own Module
    • Adapt an existing Module
    • Add some PowerShell and Run the Exploit
  • Meterpreter Scripting
  • Capture The Flag Exercise

Prerequisites:

  • This is an advanced  Cybersecurity and Information Assurance Course which requires basic Windows & UNIX competency
  • Certification or 2 years of experience in these operating systems is highly recommended
  • An understanding of TCP/IP

Comments

Latest comments from students


  

Liked the class?  Then let everyone know!

 

Course Overview:

The HCISPP is the only certification that combines cybersecurity skills with privacy best practices and techniques. It demonstrates you have the knowledge and ability to implement, manage, and assess security and privacy controls to protect healthcare organizations using policies and procedures established by the cybersecurity experts at (ISC)2. TechNows HCISPP Certification Boot Camp is a comprehensive review of Healthcare cybersecurity with privacy best practices & industry best practices.

Attendees to TN-8155: HCISPP Certification Preparation Seminar will receive TechNow approved course materials and expert instruction..

Date/Locations:

No Events

Course Duration: 5 days

Course Objectives:

  • Strategically focus your preparation for HCISPP Certification
  • Cover a broad spectrum of topics in the 7 domains of the HCISPP Common Body of Knowledge (CBK)
  • Gain knowledge on the Healthcare industry including third party relationships and health data management concepts
  • Identify applicable regulations, compliance frameworks, privacy principles and policies to protect information security
  • Develop risk management methodology and identify control assessment procedures

Audience:

  • The HCISPP certification is ideal for security professionals responsible for safeguarding protected health information (PHI). Take this HCISPP training course to prepare to manage and implement security controls for healthcare information. HCISPPs are instrumental to a variety of job functions: Compliance Officer, Information Security Manager, Privacy Officer, Compliance Auditor, Risk Analyst, Medical Records Supervisor, IT Manager, Privacy & Security Consultants, and Health Information Manager.

Comments

Latest comments from students


 

Liked the class?  Then let everyone know!

Course Overview:

AWS System Operations begins with a one day  introduction to AWS products, services, and common solutions. It provides you with fundamentals to become more proficient in identifying AWS services so that you can make informed decisions about IT solutions based on your business requirements and get started working on AWS.

The AWS course continues to flow with teaching those in a Systems Administrator or Developer Operations (DevOps) role how to create automatable and repeatable deployments of networks and systems on the AWS platform. The course covers the specific AWS features and tools related to configuration and deployment, as well as common techniques used throughout the industry for configuring and deploying systems.

To continue to learn more about AWS, TechNow has the following course:

CL-425: AWS Security Operations and Architecture 

Attendees to CL-415: AWS System Operations will receive TechNow approved course materials and expert instruction.

Duration: 5 Days

Audience:
This course is intended for:
• System Administrators
• Software Developers, especially those in a Developer Operations (DevOps) role

DoD 8140: Not Mandated

Course Prerequisites:
We recommend that attendees of this course have the following prerequisites:
• Background in either software development or systems administration
• Some experience with maintaining operating systems at the command line (shell scripting in Linux environments, cmd or PowerShell in Windows)
• Basic knowledge of networking protocols (TCP/IP, HTTP)

Course Objectives:
This course is designed to teach you how to:
• Understand basic data center design concepts.
• Recognize terminology and concepts as they relate to the AWS platform and navigate the AWS Management Console.
• Understand the foundational infrastructure services, including Amazon Virtual Private Cloud (VPC), Amazon Elastic Compute Cloud (EC2), Amazon Elastic Block Store (EBS), Amazon Simple Storage Service (S3), Auto Scaling, and Elastic Load Balancing (ELB).
• Understand the security measures AWS provides and key concepts of AWS Identity and Access Management (IAM).
• Understand AWS database services, including Amazon DynamoDB and Amazon Relational Database Service (RDS).
• Understand AWS management tools, including Amazon CloudWatch and AWS Trusted Advisor.
• Use standard AWS infrastructure features such as Amazon Virtual Private Cloud (VPC), Amazon Elastic Compute Cloud (EC2), Elastic Load Balancing, and Auto Scaling from the command line
• Use AWS CloudFormation and other automation technologies to produce stacks of AWS resources that can be deployed in an automated, repeatable fashion
• Build functioning virtual private networks with Amazon VPC from the ground up using the AWS Management Console
• Deploy Amazon EC2 instances using command line calls and troubleshoot the most common problems with instances
• Monitor the health of Amazon EC2 instances and other AWS services
• Manage user identity, AWS permissions, and security in the cloud
• Manage resource consumption in an AWS account using tools such as Amazon CloudWatch, tagging, and Trusted Advisor
• Select and implement the best strategy for creating reusable Amazon EC2 instances
• Configure a set of Amazon EC2 instances that launch behind a load balancer, with the system scaling up and down in response to demand
• Edit and troubleshoot a basic AWS CloudFormation stack definition

Dates/Locations: No Events

Course Outline:

Day 1

• Introduction and History of AWS
• AWS Infrastructure: Compute, Storage, and Networking
• AWS Security, Identity, and Access Management
• AWS Databases
• AWS Management Tools

Day 2
• System Operations on AWS Overview
• Networking in the Cloud
• Computing in the Cloud
Day 3
• Storage and Archiving in the Cloud
• Monitoring in the Cloud
• Managing Resource Consumption in the Cloud
Day 4
• Configuration Management in the Cloud
• Creating Scalable Deployments in the Cloud
• Creating Automated and Repeatable Deployments
Day 5
Full Day Lab
• Select the appropriate AWS service based on compute, data, or security requirements
• Execute steps required to provision cloud resources for selected deployment
• Identify and implement data protection, encryption, and capacity planning
• Implement and manage security policies, access controls, and role
• Implement Automation

 

Next/Related Courses: