TN-979: Intrusion Analyst Course

Course Overview:

Intrusion Analyst is a hands-on course that covers intrusion detection in-depth. This includes concepts such as the use of Snort, network traffic analysis, and IDS signatures.

A skills focus enables the student to better absorb the subject matter and perform successfully on the job. This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics of packet and intrusion analysis.

Attendees to TN-979: Intrusion Analyst will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

Advanced Snort Concepts
Analyst Toolkit
Domain Name System (DNS)
Examining Packet Crafting
Examining Packet Header Fields
Fragmentation
ICMP Theory
IDS Interoperability
IDS Patterns
IDS/IPS Management & Architecture Issues
Indications, Warnings & Traffic Correlation
IPv6
Microsoft Protocols
Network Traffic Analysis
NIDS Evasion, Instertion & Checksums
Snort Fundamentals & Configuration
Snort GUIs & Sensor Management
Snort Performance, Active Response & Tagging
Snort Rules
Stimulus Response
TCPdump Fundamentals
TCP/IP Fundamentals
Wireshark Fundamentals
Writing TCPdump Filters

Course Prerequisites:

GSEC or equivalent experience
UNIX, Windows, Networking, and Security Experience
This is a hands-on skill course requiring comfort with command line interaction and network communications

Comments

Latest comments from students

User: Tosha

Instructor comments: Dave was an excellent instructor. He is very informative and knowledgeable in the course and the material. I have enjoyed the class and I would take another course with him as the instructor.

Facilities comments: Very nice and clean hotel.

User: buckey26

Instructor comments: Dave was one of the best instructors I have ever had for a tech course. He broke down everything to the point where you can understand it internally.

Liked the class? Then let everyone know!

TN-913: Cloud Security Fundamentals

Course Overview:

TechNow Cloud Security Fundamentals addresses the loss of hands-on control of system, application, and data security in the Cloud computing environment. Security teams wrestle with the impact and liability of Cloud computing on an organization. This course enables the security team to assist in contract language and Service Level Agreements (SLAs) when utilizing Cloud Service Providers (CSPs).

Compliance and auditing are introduced with strategies for control verification and audit analysis in the CSP environment. Software as a Service (SaaS) to Infrastructure as a Service (IaaS) and everything in between require a compliance strategy. Students will go in-depth into the architecture and infrastructure fundamentals for private, public, and hybrid clouds. Topics covered include: patch and configuration management, virtualization security, application security, and change management. Policy, risk assessment, and governance within cloud environments will be covered with recommendations for both internal policies and contract provisions to consider.

TechNow has worked worldwide enterprise infrastructures for over 20 years and has developed demos and labs to exemplify the techniques required to effectively manage security in the cloud environment.

Attendees to TN-913: Cloud Security Fundamentals will receive TechNow approved course materials and expert instruction.

Date/Locations:

Date/Time	Event
02/09/2026 - 02/12/2026 08:00 -16:00	TN-913: Cloud Security Fundamentals TechNow, Inc, San Antonio TX
05/26/2026 - 05/29/2026 08:00 -16:00	TN-913: Cloud Security Fundamentals TechNow, Inc, San Antonio TX
09/08/2026 - 09/11/2026 08:00 -16:00	TN-913: Cloud Security Fundamentals TechNow, Inc, San Antonio TX
12/07/2026 - 12/10/2026 08:00 -16:00	TN-913: Cloud Security Fundamentals TechNow, Inc, San Antonio TX

Course Duration: 3 days

Course Objectives:

Cloud computing introduction
Security challenges in the cloud
Infrastructure security in the cloud
Policy, risk, and governance for cloud computing
Compliance and legal considerations
Audit and assessment for the cloud
Data security in the cloud
Identity and Access Management (IAM)
Disaster Recovery and Business Continuity Planning (DR/BCP) in the cloud
Intrusion detection and incident response

Course Prerequisites:

GSEC, CISSP, CASP or equivalent experience in managing enterprise infrastructures
Managing or administering at least one of UNIX, Windows, Databases, networking, or security

Comments

Latest comments from students

User: reedrobt

Instructor comments: Dave is like an encyclopedia of technical topics...what "doesn't" he have expertise in?

Facilities comments: Home2 location was well-kept and convenient to other services.

Liked the class? Then let everyone know!

TN-545: Certified Network Defender

Course Overview:

This course is instructed with an instructor in the classroom with provided lab equipment and Cyber Range.

Students enrolled in the Certified Network Defender course, will gain a detailed understanding and hands on ability to function in real life situations involving network defense. They will gain the technical depth required to actively design a secure network in your organization. This program will be akin to learning math instead of just using a calculator.

This course gives you the fundamental understanding of the true construct of data transfer, network technologies, software technologies so that you understand how networks operate, understand what software is automating and how to analyze the subject material.

You will learn how to protect, detect and respond to, and predict threats on the network. This builds upon the typical knowledge and skills of Network Administrators in network components, traffic, performance and utilization, network topology, system locations, and security policies.

You will learn network defense fundamentals, the application of network security controls, protocols, perimeter appliances, secure IDS, VPN and firewall configuration. You will then learn the intricacies of network traffic signature, analysis and vulnerability scanning which will help you when you design greater network security policies and successful incident response plans. These skills will help you foster resiliency and continuity of operations during attacks.

This course supports a certification that is DoD approved 8570 Baseline Certificate and meets DoD 8140/8570 training requirements.

What’s Included:

EC-Council official E-Courseware
EC-Council iLabs access included for 6 months
EC-Council official Certificate of Attendance
CND Exam Voucher with 1 FREE RETAKE VOUCHER

Security Course Flow

Dates/Locations:

Date/Time	Event
02/02/2026 - 02/06/2026 08:00 -16:00	TN-545: Certified Network Defender TechNow, Inc, San Antonio TX
04/27/2026 - 05/01/2026 08:00 -16:00	TN-545: Certified Network Defender TechNow, Inc, San Antonio TX
07/20/2026 - 07/24/2026 08:00 -16:00	TN-545: Certified Network Defender TechNow, Inc, San Antonio TX
10/26/2026 - 10/30/2026 08:00 -16:00	TN-545: Certified Network Defender TechNow, Inc, San Antonio TX

Duration: 5 Days

Course Content:

Module 01. Network and Defense Strategies
Module 02. Administrative Network Security
Module 03. Technical Network Security
Module 04. Network Perimeter Security
Module 05. Endpoint Security-Windows Systems
Module 06. Endpoint Security- Linux Systems
Module 07. Endpoint Security- Mobile Devices
Module 08. Endpoint Security- IoT Devices
Module 09. Administrative Application Security
Module 10. Data Security
Module 11. Enterprise Virtual Network Security
Module 12. Enterprise Cloud Network Security
Module 13. Enterprise Wireless Network Security
Module 14. Network Traffic Monitoring and Analysis
Module 15. Network Logs Monitoring and Analysis
Module 16. Incident Response and Forensic Investigation
Module 17. Business Continuity and Disaster Recovery
Module 18. Risk Anticipation with Risk Management
Module 19. Threat Assessment with Attack Surface Analysis
Module 20. Threat Prediction with Cyber Threat Intelligence

Prerequisites:

Basic network and host operations knowledge
Experience commensurate with one to five years of network, host, or application administration
TN-325:Security+ or equivalent

Courses to follow:

Target Audience:

Network Administrators, Network Security Administrators, Network Security Engineer, Network Defense Technicians, Network Analyst, Security Analyst, Security Operator, and anyone involved in network operations

About us:

TechNow has taught security courses for almost 30 years, before most certifications existed and has successfully moved students through certification programs associated with IAPP, SANS, EC-Council and ISC2. Our instructor maintains over a dozen security certifications and has been the director of a company with internationals sales in security training, consulting, and compliance.

Tech Now, Inc. is an accredited Training Center with Ec-Council.

Comments

Latest comments from students

Liked the class? Then let everyone know!

TN-999: Reverse Engineering Malware Course

Course Overview:

This course is designed for professionals that are expected to do malware analysis. A skills focus enables the student to better absorb the subject matter and perform successfully on the job. This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics Reverse Engineering Malware.

Attendees to TN-999: Reverse Engineering Malware will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

Toolkit and Lab Assembly
Malware Code and Behavioral Analysis Fundamentals
Malicious Static and Dynamic Code Analysis
Collecting/Probing System and Network Activities
Analysis of Malicious Document Files
Analyzing Protected Executables
Analyzing Web-Based Malware
DLL Construction and API Hooking
Common Windows Malware Characteristics in x86 Assembly
Unpacking Protected Malware
In-Depth Analysis of Malicious Browser Scripts, Flash Programs and Office
In-Depth Analysis of Malicious Executables
Windows x86 Assembly Code Concepts for Revers-Engineering Memory Forensics for Rootkit Analysis

Prerequisites:

Strong understanding of core systems and network concepts
Exposure to programming and assembly concepts
Comfortable with command line access

Comments

Latest comments from students

User: marcus.osullivan

Instructor comments: Good stuff. I like the beginning half where there was help from an additional instructor to facilitate fixing computer errors that inevitably popped up.

Facilities comments: The baby deer were neat! I like the resort.

Liked the class? Then let everyone know!

RH-355: RHCSA Rapid Track Course

Course Overview:

The RHCSA Rapid Track Course is designed for experienced Linux® system administrators who want to expand their technical skill sets and become accredited with the Red Hat® Certified System Administration (RHCSA) certification. To successfully navigate this course, students should have experience with the Linux command line—including the necessary skills to execute common commands, such as cp, grep, sort, mkdir, tar, mkfs, ssh, and dnf—and be familiar with accessing man pages for help. At the completion of the course, students will be adequately prepared to take the RHCSA exam (EX200) .

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

Introduce Linux and the Red Hat Enterprise Linux ecosystem.
Run commands and view shell environments.
Manage, organize, and secure files.
Manage users, groups and user security policies.
Control and monitor systemd services.
Configure remote access using the web console and SSH.
Configure network interfaces and settings.
Manage software using DNF
Access security files, file systems, and networks
Execute shell scripting and automation techniques
Manage storage devices, logical volumes, and file systems
Manage security and system access
Control the boot process and system services
Running containers