Course Overview:

Intrusion Analyst is a hands-on course that covers intrusion detection in-depth. This includes concepts such as the use of Snort, network traffic analysis, and IDS signatures.

A skills focus enables the student to better absorb the subject matter and perform successfully on the job.   This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics of packet and intrusion analysis.

Attendees to TN-979: Intrusion Analyst will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

  • Advanced Snort Concepts
  • Analyst Toolkit
  • Domain Name System (DNS)
  • Examining Packet Crafting
  • Examining Packet Header Fields
  • Fragmentation
  • ICMP Theory
  • IDS Interoperability
  • IDS Patterns
  • IDS/IPS Management & Architecture Issues
  • Indications, Warnings & Traffic Correlation
  • IPv6
  • Microsoft Protocols
  • Network Traffic Analysis
  • NIDS Evasion, Instertion & Checksums
  • Snort Fundamentals & Configuration
  • Snort GUIs & Sensor Management
  • Snort Performance, Active Response & Tagging
  • Snort Rules
  • Stimulus Response
  • TCPdump Fundamentals
  • TCP/IP Fundamentals
  • Wireshark Fundamentals
  • Writing TCPdump Filters

Course Prerequisites:

  • GSEC or equivalent experience
  • UNIX, Windows, Networking, and Security Experience
  • This is a hands-on skill course requiring comfort with command line interaction and network communications

Comments

Latest comments from students


User: Tosha

Instructor comments: Dave was an excellent instructor. He is very informative and knowledgeable in the course and the material. I have enjoyed the class and I would take another course with him as the instructor.

Facilities comments: Very nice and clean hotel.


User: buckey26

Instructor comments: Dave was one of the best instructors I have ever had for a tech course. He broke down everything to the point where you can understand it internally.


Liked the class?  Then let everyone know!

Course Overview:

A skills focus enables the student to better absorb the subject matter and perform successfully on the exam.   This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics of the attacks and the effectiveness.  Students then gain network experience and use sniffing to help exemplify the benefit of learning wired and wireless security configurations. The course concludes with exercising real attack strategies to demonstrate the techniques acquired throughout the course.

Attendees to TN-939:  Hacker Techniques, Exploits, and Incident Handling will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Duration: 9 days

Course Objectives:

  • Backdoors & Trojan Horses
  • Buffer Overflows
  • Covering Tracks: Networks
  • Covering Tracks: Systems
  • Denial of Service Attacks
  • Exploiting Systems Using Netcat
  • Format String Attacks
  • Incident Handling Overview and Preparation
  • Incident Handling Phase 2: Identification
  • Incident Handling Phase 3: Containment
  • Incident Handling: Recovering and Improving Capabilities
  • IP Address Spoofing
  • Network Sniffing
  • Password Attacks
  • Reconnaissance
  • Rootkits
  • Scanning: Host Discovery
  • Scanning: Network and Application Vulnerability scanning and tools
  • Scanning: Network Devices (Firewall rules determination, fragmentation, and IDS/IPS evasion)
  • Scanning: Service Discovery
  • Session Hijacking, Tools and Defenses
  • Types of Incidents
  • Virtual Machine Attacks
  • Web Application Attacks
  • Worms, Bots & Bot-Nets

Prerequisites:

  • GSEC or equivalent experience
  • UNIX, Windows, Networking, and Security Experience
  • This is a hands-on skill course requiring comfort with command line interaction and network communications

Comments

Latest comments from students


User: m_jurrens

Instructor comments: Both instructors Mr. Askey and Mr. Hackney, were very good. the open learning environment was extremely productive and I felt we all learned far more that we ever would out of a structured rote memorization course.


User: natebonds

Instructor comments: Both Mr. Askey and Hackney were extremely knowledgeable. They were also extremely interested in helping each student learn. I was particularly impressed with the way they tailored the course to optimize our time since we weren't testing. I feel like I know much much more than I did when the class started.

Facilities comments: The facilities were fine. I would have preferred it be closer to Lackland.


Liked the class?  Then let everyone know!

  

 

Course Overview:  PA-232: Palo Alto Networks Panorama Manage Multiple Firewalls (EDU-221) Training Class is a two-day course.  Students attending this course will gain an in-depth knowledge of how to configure and manage their Palo Alto Networks Panorama Management Server.  Upon completion of this course, administrators will understand the Panorama server’s role in managing and securing their overall network.  Network professionals will learn to use Panorama’s aggregated reporting to provide them with a holistic view of a network of Palo Alto Networks next-generation firewalls.  This is not a virtualized theoretical course.  This is hands-on, real world instruction, directly relevant to the DoD and Commercial implementations of Palo Alto Networks next-generation firewalls.

Each student is issued a physical Palo Alto firewall and a Cisco layer 3 switch at their desk.  Real hardware per student for real experience and real skill development.

TechNow provides a very comprehensive client infrastructure that includes Windows, Linux, and multiple packet sniffer agents.  The instructor for this course has been a lead in Unix kernel development to implement firewall and intrusion detection technologies.  Additionally, the instructor has taught several security appliance products and carries several SANS, ISC2, ISACA, Cisco, Unix, and Windows certifications.

Attendees to the PA-232: Palo Alto Networks Panorama Manage Multiple Firewalls (EDU-221) Training Course will receive TechNow approved course materials and expert instruction.

 

Dates/Locations: No Events

Duration: 2 days

Course Objectives:   Students attending this foundational-level training course will gain an in-depth knowledge of how to configure and manage their Palo Alto Networks Panorama Management Server.

Day 1

  • Module 0 – Introduction & Overview
  • Mod 1: Overview
    • Panorama Solution
    • Deployment Design
  • Mod 2: Initial Configuration
    • Interface Configuration
    • Setup Configurations
    • Device Deployment
    • Configuration Management
  • Mod 3: Templates
    • Templates Overview
    • Common Organization
    • Strategies
    • Configuring Templates
  • Mod 4: Device Groups
    • Device Groups
    • Objects
    • Policies
    • Device Group Commit

 

Day 2

  • Mod 5: Administration
    • Admin Roles and Access
    • Control
    • Commit Procedure
  • Mod 6: Logging and
    • Reporting
    • Logging
    • Application Command
    • Center
    • App-Scope
    • Correlation Objects
    • Reports
  • Mod 7: Log Collectors
    • Plan a Log Collection
    • Deployment
    • Distributed Data Collection
    • Log Deployment
    • Configure Dedicated Log
    • Collector
    • Managed Collector Groups
  • Mod 8: Business Continuity
    • Panorama High Availability
    • Collector Group
    • Redundancy
    • Export Configuration
    • Disk Installation

 

Prerequisites:

This course is in no way associated with Palo Alto Networks, Inc.

Comments

Latest comments from students


Like the class?  Then let everyone know!

We are often asked what is the recommended sequence of classes.  Here is our recommended sequence of classes for The Security Field.

Certified Information Security Manager (CISM)

CT-325 CompTIA Security+ Arrowright TN-825 Certified Information Security Manager

Certified Information Systems Auditor(CISA)

CT-325 CompTIA Security+ Arrowright TN-425 Certified Ethical Hacker Arrowright TN-822: Certified Information Systems Auditor (CISA)

Certified Information Systems Security Professional(CISSP)

CT-325 CompTIA Security+ Arrowright TN-425 Certified Ethical Hacker Arrowright TN-815 CISSP Certification Prep Seminar

 

Course Overview:

This course will be fast paced with in-depth and live demonstrations.

Date/Locations:

No Events

Duration: 1 day

Course Objectives:

  • AIDE
  • DNS Security with DNSsec
  • Logging and Audit Management
  • Linux Security Modules and SE-Linux
  • Linus Containers (Jailing Services and Apps)
  • SSH and SSL tunneling

Prerequisites:

 

Comments

Latest comments from students


Liked the class?  Then let everyone know!