TN-855: Advanced and In-Depth ICD 503 RMF, Controls, and Assessments

Course Overview:

This course is very hands-on with respect to SP 800-53 controls as related to ICD-503, leveraging experience with DCD 6/3, and incorporating a broad array of technologies found in the field.  Assessors and Auditors have to face many technologies that are not part of the main stream.  TechNow has gone to great efforts to build a very broad, comprehensive, and complex lab to simulate many scenarios and architectures.  Technologies such as a network appliance that is not a typical infrastructure product, a radio/satellite communications device, or many other technologies that build up a weapon system.  Students learn how controls are integrated into many different devices and how they fit in the overall security architecture of monitoring, reporting, and compliance testing.

Directly discussed are overlays for different requirements i.e.: tactical, medical, network type: JWICS, SIPR; IC or AF.  TechNow has developed a funnel concept to overlays to exemplify the encapsulation of a control within different requirements.  TechNow has over 15 years experience in Trusted Solaris/Trusted Extensions and labeled security.  Cross Domain overlays are presented that fits the work flow of an assesor.  PII overlays and any overlays that an organization uses and can be made available are also presented.  

This course allows the student to leverage years of experience in DoD DCD 6/34 for transition to the Risk Management Framework (RMF) applied to the Intelligence Community as mandated by ICD 503.  Utilizing NIST SP 800-37 to establish a baseline of RMF knowledge, the student learns how to integrate the NIST pubs to provide cohesive information assurance architectures and compliance.  ICD 503 scorecard evaluations are integral in demonstrating a successful ICD 503 compliance program.  TechNow's ICD 503 course provides students with the skill to assess security programs and evaluate ICD 503 compliance to build an improvement and sustainable program for score consistency.  TechNow's instructors have unparralleled expertise in federal compliance initiatives, and we bring this expertise instructing students on the complete life cycle of RMF.

More than a simple checklist, we instruct students not only how to validate essential security controls, programs, and metrics, but that they are operating effectively.  The student leaves the course knowing how to: identify gaps where controls, programs, or metrics are incomplete, missing or ineffective, and provide actionable findings and recommend remediation strategies.  Students learn to internalize NIST pubs to meaningul and effective IA guidelines and work with the Body of Evidence templates which include: Risk Assessment Report (RAR), Systems Security Plan (SSP), Security Assessment Report (SAR), and Plans of Action and Milestone (POAM).

TechNow training materials are aligned with the most recent set of National Institute of Standards and Technology (NIST), Committee on National Security Systems (CNSS), and Office of the Director of National Intelligence (ODNI) policies standards, processes, policies and instructions to be addressed/explained include ICD 503, ICS 503-1, ICS 500-16, ICS 500-18, ICS 500-27, ICD 502, NIST SP 800-37, NIST SP 800-30, NIST SP 800-53, NIST SP 800-53A, NIST SP 800-137, NIST SP 800-47, CNSSP 22, CNSSI 1253, and CNSSI 4009.

A majority of time is spent on in-depth compliance review of NIST SP 800-53 controls.  Instruction discusses which method should be used to test and validate each security control and what evidence should be gathered.  This course is not theory or death by power point.  Real scenarios are presented as exercises.  A complete live cyber range simulating the IC is utilized for hands-on labs for techniques of validating and documenting compliance of NIST SP 800-53 controls as related to ICD 503.

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

  • Establish a baseline of RMF knowledge
  • Validate essential security controls, programs, and metrics
  • DoD DCD 6/3 to ICD 503 Transition
  • Lab Environtment and the Cyber Range
  • Overlays: Tactical, Medical, Network type(JWICS, SIPR; IC or AF), Cross Domain, PII
  • Risk Assessment Report (RAR)
  • Systems Security Plan (SSP)
  • Security Assessment Report (SAR)
  • Plans of Action and Milestone (POAM)

Prerequisites:

Experience in the field of auditing and assesments.

Comments

Latest comments from students

Liked the class?  Then let everyone know!

in Uncategorized  

cheddarcon-powershell-threat-hunting-registration

After you press "Request Registration" near the bottom of this form, within 30 seconds, status will be provided at the bottom of the form, you will also be contacted by phone for credit card information.

Tech Now is pleased to have the opportunity to provide you training for "Windows Security Automation and Threat Hunting with PowerShell” at CheddarCon 2018!

Scroll down to see the course description.

First Name*
Last Name*
Your Email*
Your Organization*
Phone*

Questions:

After you press "Request Registration" on this form, within 30 seconds, status will be provided at the bottom of the form, you will also be contacted by phone for credit card information.

Windows Security Automation and Threat Hunting with PowerShell Seminar

Location: 400 W Wisconsin Ave, Milwaukee, WI 53203, USA

Date: October 10, 2018 8:00am – 4:00pm

Duration: 8 hours

Audience: Cyber Security professionals and Windows administrators

Attendees Environment: Laptops not required, but suggested to have better hands-on absorption of subject matter.

Description:
PowerShell is both a command-line shell and scripting language. Fight fires quickly using existing or custom PowerShell commands or scripts at the shell. PowerShell is made for Security Operations (SecOps) automation on Windows. This seminar does not require prior programming skills. The seminar focuses on PowerShell programming, giving a beginner skills to be productive in windows scripting to automate tasks and also remediate problems.

Cyber Security is the objective of this seminar, and the PowerShell examples will demonstrate PowerShell capabilities that help lock down a Windows system and also report security status.

Objectives:

PowerShell Overview

  • Getting started running commands
  • Security cmdlets
  • Using and updating the built-in help
  • Execution policies
  • Fun tricks with the ISE graphical editor
  • Piping .NET and COM objects, not text
  • Using properties and methods of objects
  • Helping Linux admins feel more at home
  • Aliases, cmdlets, functions, modules, etc.

PowerShell Utilities and Tips

  • Customizing your profile script
  • PowerShell remote command execution
  • Security setting across the network
  • File copy via PowerShell remoting
  • Capturing the output of commands
  • Parsing text files and logs with regex patterns
  • Parsing Security Logs
  • Searching remote event logs
  • Mounting the registry as a drive
  • Security settings in the Registry
  • Exporting data to CSV, HTML and JSON files
  • Running scripts as scheduled jobs
  • Continued Security Compliance
  • Pushing out scripts through Group Policy
  • Importing modules and dot-sourcing functions
  • http://www.PowerShellGallery.com

PowerShell Scripting

  • PowerShell Scripting to implement Security Practices
  • Writing your own functions to automate security status and settings
  • Passing arguments into your scripts
  • Function parameters and returning output
  • Flow control: if-then, foreach, that make security decisions
  • How to pipe data in/out of your scripts for security compliance and reporting

Attendees to this seminar, Windows Security Automation and Threat Hunting with PowerShell, will receive TechNow approved course materials and expert instruction.[/wr_text][/wr_column][/wr_row]

in Uncategorized  

TN-335: Advanced Penetration Testing Using Open Source Tools

Course Overview:

This is an advanced course that assumes the attendee is a qualified security professional with experience using security tools and understands the concepts behind penetration testing. Courses that build up the expertise that enables a student to succeed in this course is Security+, CEH, CISSP, and any of the GIAC certifications. This course is completely hands-on and utilizes the BackTrack tool suite from backtrack-linux.org. The course covers, in detail, various attacks and tools that are contained in the BackTrack tool suite.

Attendees to TN-335: Advanced Penetration Testing Using Open Source Tools will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 days

Course Objectives:

  • Information Security and Open Source Software
  • Operating System Tools
  • Firewalls
  • Scanners
  • Vulnerability Scanners
  • Network Sniffers
  • Intrusion Detection Systems
  • Analysis and Management Tools
  • Encryption Tools
  • Wireless Tools
  • Forensic Tools
  • More on Open Source Software

Prerequisites:

  • Experience in IT Security
  • Solid basic knowledge of networks and TCP/IP
  • Experience in command line under Linux and Windows is required

 

Comments

Latest comments from students

Liked the class?  Then let everyone know!

in Uncategorized  

TN-5202: Microsoft SharePoint 2010 and 2013: Workflows and Designing InfoPath Forms

Course Overview:

SharePoint is the Premier Office Collaboration Server Suite.  Two of the most requested features to implement in any SharePoint Server environment is building custom workflows and incorporating InfoPath forms into the site.  This course aims to build the average user’s body of knowledge and skill set to allow them to take on some of this responsibility.  Students will learn the SharePoint Designer software, a free product, to do these tasks.

Over the course of the two days the users will work on a live SharePoint Server environments making changes to pages, adding pages and making Workflows.  They will learn how to build InfoPath forms and migrate them to the SharePoint environment.

Attendees to TN-5202: Microsoft SharePoint 2010/2013: Workflows and Designing InfoPath Forms will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Duration: 2 days

Course Objectives:

  • Identify the basic features of the SharePoint Designer environment.
  • Create a new subsite.
  • Add content to a web page.
  • Use Cascading Style Sheets to format a SharePoint site.
  • Link web pages.
  • Add SharePoint components to the site.
  • Automate business processes with workflows.
  • Create InfoPath forms.
  • Import and export forms.
  • Customize a form layout.
  • Distribute forms.
  • Work with a database.

Prerequisites:

  • Knowledge of HTML not required, but helpful
  • Basic Computer Skills

Comments

Latest comments from students

User: golf123

Instructor comments: Mr. Moore knew and presented the course very well. I would definitely take future courses with TechNow.

Liked the class?  Then let everyone know!

in Uncategorized  

TN-565: Nessus Vulnerability & Compliance Auditing

Course Overview:

This course provides security professionals with the skills and knowledge to perform vulnerability and compliance scanning of supported operating systems, devices, and applications. Students will construct custom scan policies for topology discovery, network vulnerability detection, credentialed patch audits, and compliance benchmarks, and discuss the underlying technologies utilized by the Nessus scanner.

This course provides students with the necessary information to prepare for the Tenable Certified Nessus Auditor (TCNA) exam.

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

  • Introduction to Nessus and Vulnerability Scanning
  • Nessus Installation and Administration
  • Basic Nessus Scan Operation
  • Nessus Scan Configuration and Policy Creation
  • Vulnerability Analysis and Reporting with Nessus
  • Advanced Scan Configuration and Policy Creation
  • Introduction to Compliance and Auditing
  • Nessus Auditing Features
  • Windows System Auditing
  • Unix System Auditing
  • Cisco IOS Auditing
  • Nessus Database Auditing
  • Nessus Content Auditing
  • Auditing to Industry Guidelines
  • Auditing to Federal Guidelines

Prerequisites:

Students should possess a basic understanding of TCP/IP networking, operating systems security, and common client/server applications.

Comments

Latest comments from students

Liked the class?  Then let everyone know!

in Uncategorized