N-455: Securing Networks with ASA Fundamentals (SNAF)

Course Overview:

In this course, you will gain the knowledge and skills needed to configure, maintain, and operate Cisco ASA 5500 Series Adaptive Security Appliance.

Attendees to N-455: Securing Networks with ASA Fundamentals (SNAF) will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

  • Introducing Cisco Security Appliance Technology and Features
  • Cisco Adaptive Security Appliance and PIX Security Appliance Families
  • Getting Started with Cisco Security Appliances
  • Essential Security Appliance Configuration
  • Configuring Translations and Connection Limits
  • Using ACLS and Content Filtering
  • Configuring Object Grouping
  • Switching and Routing on Security Appliances
  • Configuring AAA for Cut-Through Proxy
  • Configuring the Cisco Modular Policy Framework
  • Configuring Advanced Protocol Handling
  • Configuring Threat Detection
  • Configuring Site-to-Site VPNS Using PreShared Keys
  • Configuring Security Appliance Remote Access VPNs
  • Configuring Cisco Security Appliance for SSL VPN
  • Configuring Transparent Firewalls Mode
  • Configuring Security Contexts
  • Configuring Failover
  • Managing Security Appliances

Prerequisites:

 

Comments

Latest comments from students

Liked the class?  Then let everyone know!

N-595: VoIP Security Analysis and Design

Course Overview:

As VoIP (Voice-over IP) is integrated into the operations of many missions, it is imperative to understand its security ramifications.  In the N-595: VoIP Security Analysis and Design class the objectives are designed for those who are chartered with the responsibility of securing networks and application environments that incorporate VoIP.   Topics include how VoIP works, its interactions with the network, its vulnerabilities and mitigations.  Focus is on leading open source and proprietary technologies utilizing Asterisk and Cisco and the protocols SIP, H.323, RTP, MGCP, and Skinny.  Other protocols such as Nortel's UNIStim will be addressed.  As for Cisco, security pieces in the VoIP CallManager servers, Catalyst switches, IOS-based routers, and ASA firewalls, amounts to several different platforms, each with its own management interface and lockdown procedures.   Various open source tools including those in BackTrack are used for VoIP attacks.  A task list of actions for securing enterprise VoIP is carried out in hands-on labs, performed on Cisco phones, routers, switches, and ASA firewalls.

Attendees to N-595: VoIP Security Analysis and Design will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

  • VoIP Architecture
  • VoIP Signaling and media protocols
  • Common VoIP authentication mechanisms
  • Common VoIP encryption techniques
  • VoIP protocol analysis with Wireshark
  • Maintaining QoS while mitigating DoS
  • VoXML, XML, and application integration security
  • Converged network security design and implementation
  • Impact of NAT and firewalls
  • SIP, H.323, and MGCP vulnerabilities
  • VPN, IPsec and SRTP to secure VoIP services
  • Penetration testing with open source tools
  • Attacks for Eavesdropping, call redirection, and DoS
  • Design of hacked firmware virtualization layer
  • Concise lockdown steps for network hardware and VoIP

Prerequisites:

  • This is an advanced Information Security Course which requires basic Windows & UNIX competency
  • Certification or 2 years of experience in these operating systems is highly recommended
  • As well as an understanding of TCP/IP

Comments

Latest comments from students

Liked the class?  Then let everyone know!

PA-242: Palo Alto Networks Firewall Manage Cyberthreats (EDU-231)

  

 

Course Overview:  PA-242: Palo Alto Networks Firewall Manage Cyberthreats (EDU-231) Training Class is a two-day course that teaches students strategies in defense against cyberthreats.  Successful completion of this course enables administrators to better understand the threat landscape.  This is not a virtualized theoretical course.  This is hands-on, real world instruction, directly relevant to the DoD and Commercial implementations of Palo Alto Networks next-generation firewalls.

Each student is issued a physical Palo Alto firewall and a Cisco layer 3 switch at their desk.  Real hardware per student for real experience and real skill development.  TechNow provides a very comprehensive client infrastructure that includes Windows, Linux, and multiple packet sniffer agents.

The instructor for this course has been a lead in Unix kernel development to implement firewall and intrusion detection technologies.  Additionally, the instructor has taught several security appliance products and carries several SANS, ISC2, ISACA, Cisco, Unix, and Windows certifications.

Attendees to the PA-242: Palo Alto Networks Firewall Manaage Cyberthreats  (EDU-231) Training Course will receive TechNow approved course materials and expert instruction.

Dates/Locations: No Events

Duration: 2 days

Course Objectives:   Students attending this training course will gain an understanding of cyberthreats and their characteristics.  Students will learn how to manage cyberthreats using security policies, profiles, and signatures to protect their network against emerging threats.

Day 1

  • Mod 1: Threat Landscape
    • Advanced Persistent
    • Threats
    • Data Breaches and Tactics
    • Threat Management
    • Strategies
  • Mod 2: Integrated
    • Approach to Threat
    • Protection
    • Integrated Approach to
    • Protection
    • Next-Generation Firewall
    • Advanced Endpoint
    • Protection
  • Mod 3: Network Visibility
    • Zero Trust Model
    • SSL Decryption
    • Decryption Policy
  • Mod 4: Reducing the Attack
    • Surf
    • ection

 

Day 2

  • Mod 5: Handling Known
    • Threats
    • WildFire Analysis
    • Security Profiles
  • Mod 6: Handling Unknown
    • Traffic and Zero-Day Exploits
    • WildFire
    • Researching Threat Events
    • Identifying Unknown
    • Applications
  • Mod 7: Investigating
    • Breaches
    • Identify IOCs Using
    • App-Scope
    • Log Correlation
    • Finding Infected Host
  • Mod 8: Using Custom
    • Signatures
    • Creating Custom App-IDs
    • Threat Signatures

A

Prerequisites:

  • Students must complete the PA-213: Install, Configure, and Manage course
  • Understanding of network concepts, including routing, switching, and IP addressing
  • In-depth knowledge of port-based security and security technologies such as IPS, proxy, and content filtering

This course is in no way associated with Palo Alto Networks, Inc.

Comments

Latest comments from students

Like the class?  Then let everyone know!

VM-335: VMware Cloud Essentials and vCloud – Architecting the VMware Cloud FastTrack

 

Course Overview:

This FastTrack course combines combines two VMware courses (VMware Cloud Essentials and vCloud Architecting the VMware Cloud) into a single week course that adds extra exercises and labs to exemplify the techniques presented.  The course begins with how to adopt, operate, and govern the cloud. The course enables participants to successfully complete the associated CompTIA Cloud Essentials™ Exam to become a Cloud Essentials™ Professional(CEP). This course also covers the subject matter specified by the VCP-Cloud certification.

This course is designed to guide students through the decision points and policy choices available for designing and implementing a VMware vCloud environment. Detailed labs and exercises for VMware vSphere™, VMware vCloud Director, VMware vCenter™ Chargeback, and the VMware® vShield Edge capability that is included with vCloud Director. A comprehensive VMware cloud design is demonstrated and discussed.

Attendees to VM-335:  VMware Cloud Essentials and vCloud – Architecting the VMware Cloud FastTrack will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Course Duration: 5 days

Course Objectives:

  • Understand the common terms and definitions of cloud computing.
  • Understand the business benefits and business considerations of cloud computing.
  • Understand cloud computing from a technical perspective and recognize the various techniques, methods, challenges, and types of clouds.
  • Understand the impact and changes of cloud computing on IT service management.
  • Explain typical steps that lead to the successful adoption of cloud computing and understand the implications for organizations.
  • Recognize the compliance, risk, and regulatory consequences of cloud computing and its financial and strategic impact on an organization.
  • Evaluate and design a multitenant environment to address both private cloud and public cloud customer needs.
  • Configure vCloud providers that can accommodate heterogeneous server, storage, and network resources
  • Design a network infrastructure optimized for vCloud.
  • Integrate vCloud Director security with existing LDAP systems and design appropriate security hierarchies with security rolesnderstand the common terms and definitions of cloud computing.
  • Understand the business benefits and business considerations of cloud computing.
  • Understand cloud computing from a technical perspective and recognize the various techniques, methods, challenges, and types of clouds.
  • Understand the impact and changes of cloud computing on IT service management.
  • Explain typical steps that lead to the successful adoption of cloud computing and understand the implications for organizations.
  • Recognize the compliance, risk, and regulatory consequences of cloud computing and its financial and strategic impact on an organization.
  • Evaluate and design a multitenant environment to address both private cloud and public cloud customer needs.
  • Configure vCloud providers that can accommodate heterogeneous server, storage, and network resources.
  • Design a network infrastructure optimized for vCloud.
  • Integrate vCloud Director security with existing LDAP systems and design appropriate security hierarchies with security roles.
  • Design a vCenter Chargeback implementation.

Course Prerequisites:

  • VM-315  or equivalent experience.
  • Managing or administering at least one of UNIX, Windows, databases, networking, or security.

Comments

Latest comments from students

 

Liked the class?  Then let everyone know!

 

 

PA-212: Palo Alto Networks Firewall Configure Extended Features (EDU-205)

  

 

Course Overview: PA-212: Palo Alto Networks Firewall Configure Extended Features (EDU-205) Training Class is a two-day course that teaches students to configure and manage the entire line of Palo Alto Networks next-generation firewalls. Students also will be instructed on the basics of implementing and managing GlobalProtect™ and active/ active high availability. Students will gain an in-depth knowledge of how to optimize their visibility and control of applications, users, and content.  This course prepares the student for Palo Alto Networks Certified Network Security Engineer (PCNSE).  Through hands-on training, students learn high end skills of how to integrate Palo Alto next-generation firewalls into their network infrastructure.  This is not a virtualized theoretical course.  This is hands-on, real world instruction, directly relevant to the DoD and Commercial implementations of Palo Alto Networks next-generation firewalls.

Each student is issued a physical Palo Alto firewall and a Cisco layer 3 switch at their desk.  Real hardware per student for real experience and real skill development.  TechNow provides a very comprehensive client infrastructure that includes Windows, Linux, and multiple packet sniffer agents.

This course sets up the foundation for the three day course PA-243: Palo Alto Networks Firewall Debug and Troubleshoot (EDU-311). The instructor for this course has been a lead in Unix kernel development to implement firewall and intrusion detection technologies.  Additionally, the instructor has taught several security appliance products and carries several SANS, ISC2, ISACA, Cisco, Unix, and Windows certifications.  Attendees to the PA-212: Palo Alto Networks Firewall Configure Extended Features (EDU-205) Training Course will receive TechNow approved course materials and expert instruction.

 

Dates/Locations: No Events

Duration: 2 days

Course Objectives:   Students attending this foundational-level training course will gain an in-depth knowledge of how to configure and manage their Palo Alto Networks firewall.  Students also will be instructed on the basics of implementing and managing GlobalProtect™ and active/ active high availability. Students will gain an in-depth knowledge of how to optimize their visibility and control of applications, users, and content.

Day 1

  • Module 0 – Introduction & Overview
  • Mod 1: Advanced Interface
    • Configuration
    • Advanced NAT
    • Policy-Based
    • Forwarding
    • Routing Protocols (OSPF)
  • Mod 2: App-ID™ –
    • Custom Applications
    • Defining New Application Signatures
    • Application Override
  • Mod 3: Advanced Content-ID™
    • Custom Threat Signatures
    • Data Filtering
    • DoS Protection
    • Botnet Report
  • Mod 4: Advanced User-ID™
    • Terminal Server Agent
    • Captive Portal
    • XML API

Day 2

  • Mod 5: Quality of Service
    • Configuring Quality of Service
  • Mod 6: GlobalProtect™
    • Implementation of GlobalProtect
    • Install and Configure Portal, Gateway, and Agents
  • Mod 7: Monitoring and Reporting
    • Log Forwarding
    • SNMP
    • Reporting
  • Mod 8: Active/Active High Availability
    • Configuring Active/Active HA

 

Prerequisites:

This course is in no way associated with Palo Alto Networks, Inc.

Comments

Latest comments from students

Like the class?  Then let everyone know!