TN-515: Implementing Cybersecurity and Information Assurance Methodologies

  

Course Overview: 

Learn to protect yourself and your company against hackers, by learning their tools and techniques, and then testing your network.  This course is heavily based on Kali and primarily on Metasploit.  In TN-515: Implementing Cybersecurity and Information Assurance Methodologies class you will learn the step by step process that hackers use to assess your enterprise network, probe it & hack into it, utilizing a mixed-platform target environment including Windows, Linux, Solaris, and Cisco.  This course is 90% hacking, but  defenses for demonstrated hacks will be discussed.  If you want to know the ins and outs of the hacks presented in this course, then this is the course for you.

Attendees to TN-515: Implementing Cybersecurity and Information Assurance Methodologies Class Attendees will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

  • Introduction to Pen Testing using the PTES model
  • Metasploit Basics
    • MSFconsole, MSFcli, Armitage, MSFpayload, MSFencode, NasmShell
  • Intelligence Gathering
    • Nmap, Databases in Metasploit, Port Scanning with Metasploit
  • Quick Intro to Ruby
    • Writing a simple Ruby script to create a custom scanner
  • Vulnerability Scanning
    • Importing Nessus Results
    • Scanning with Nessus from Within Metasploit
  • Exploitation
    • Using the Metasploit Framework and console to exploit
  • Meterpreter
    • Compromising a Windows System
    • Attacking MS SQL, xp_cmdshell
    • Dumping Usernames and Passwords, extracting and dumping hashes
    • Pass the Hash and Token Impersonation
    • Pivoting
    • Railgun
    • Using Meterpreter Scripts: Migrating a process, Killing AV, Persistence
  • Avoiding Detection
    • Creating Stand-Alone Binaries with MSFpayload
    • Encoding with MSFencode and Packers (go Green Bay:)
  • Exploitation Using Client Side Attacks
    • Introduction to Immunity Debugger
    • Using Immunity Debugger to Decipher NOP Shellcode
  • Metasploit Auxiliary Modules
  • Social Engineer Toolkit (SET)
    • Spear-Phishing, Web Attack
    • Creating a Multipronged Attack
  • Creating Your Own Module
    • Adapt an existing Module
    • Add some PowerShell and Run the Exploit
  • Meterpreter Scripting
  • Capture The Flag Exercise

Prerequisites:

  • This is an advanced  Cybersecurity and Information Assurance Course which requires basic Windows & UNIX competency
  • Certification or 2 years of experience in these operating systems is highly recommended
  • An understanding of TCP/IP

Comments

Latest comments from students

  

Liked the class?  Then let everyone know!

TN-949: Certified Firewall Analyst Course

Course Overview:

This is a hands-on course that covers many of the concepts of securing the perimeter of an organization. This includes concepts such as intrusion detection, packet filtering, and central logging.

A skills focus enables the student to better absorb the subject matter and perform better on the job.   This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics of Firewalls.

This course is an excellent precursor to PA-215 Palo Alto Firewall Essentials FastTrack.

Attendees to TN-949: Certified Firewall Analyst Prep will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

  • Analyzing Network and Wireless Design
  • Creating and Auditing a Rulebase
  • Firewall Assessment and Penetration Testing
  • Host-Based Detection and DLP
  • Incident Detection and Analysis
  • IOS and Router Security
  • IPv6 and ICMPv6
  • Log Collection and Analysis
  • NAT and Proxies
  • Netfilter IPtables
  • Network Access Control
  • Network-Based Intrusion Detection
  • Packet Filters and Inspection
  • Packet Fragmentation
  • Perimeter Concepts and IP Fundamentals
  • Securing Hosts and Services
  • TCP/IP Protocols
  • VPN Design and Auditing
  • VPN Implementation

Course Prerequisites:

  • GSEC or equivalent experience
  • UNIX, Windows, networking and security  experience
  • This is a hands-on skill course requiring comfort with command line interaction and network communications

Comments

Latest comments from students

Liked the class?  Then let everyone know!

TN-979: Intrusion Analyst Course

Course Overview:

Intrusion Analyst is a hands-on course that covers intrusion detection in-depth. This includes concepts such as the use of Snort, network traffic analysis, and IDS signatures.

A skills focus enables the student to better absorb the subject matter and perform successfully on the job.   This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics of packet and intrusion analysis.

Attendees to TN-979: Intrusion Analyst will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

  • Advanced Snort Concepts
  • Analyst Toolkit
  • Domain Name System (DNS)
  • Examining Packet Crafting
  • Examining Packet Header Fields
  • Fragmentation
  • ICMP Theory
  • IDS Interoperability
  • IDS Patterns
  • IDS/IPS Management & Architecture Issues
  • Indications, Warnings & Traffic Correlation
  • IPv6
  • Microsoft Protocols
  • Network Traffic Analysis
  • NIDS Evasion, Instertion & Checksums
  • Snort Fundamentals & Configuration
  • Snort GUIs & Sensor Management
  • Snort Performance, Active Response & Tagging
  • Snort Rules
  • Stimulus Response
  • TCPdump Fundamentals
  • TCP/IP Fundamentals
  • Wireshark Fundamentals
  • Writing TCPdump Filters

Course Prerequisites:

  • GSEC or equivalent experience
  • UNIX, Windows, Networking, and Security Experience
  • This is a hands-on skill course requiring comfort with command line interaction and network communications

Comments

Latest comments from students

User: Tosha

Instructor comments: Dave was an excellent instructor. He is very informative and knowledgeable in the course and the material. I have enjoyed the class and I would take another course with him as the instructor.

Facilities comments: Very nice and clean hotel.

User: buckey26

Instructor comments: Dave was one of the best instructors I have ever had for a tech course. He broke down everything to the point where you can understand it internally.

Liked the class?  Then let everyone know!

N-405: ROUTE-Implementing Cisco IP Routing

Course Overview:

In this course, administrators of medium-to-large network sites will learn to use advanced routing to provide scalability for Cisco routers that are connected to LANs and WANs. Networking professionals will learn to dramatically increase the number of routers and sites using these techniques instead of redesigning the network when additional sites or wiring configurations are added. Hands-on labs ensure you thoroughly understand how to implement advanced routing within your network.

Attendees to N-405: ROUTE-Implementing Cisco IP Routing will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 days

Course Objectives:

  • Planning Routing Services to Requirements
  • Implementing an EIGRP-Based Solution
  • Implementing a Scalable Multiarea Network
  • OSPF-Based Solution
  • Implement an IPv4- Based Redistribution Solution
  • Implementing Path Control Connection of an Enterprise Network to an ISP Network

Prerequisites:

  • None

 

Comments

Latest comments from students

User: jrtrussell

Instructor comments: Awesome

Facilities comments: Awesome

Liked the class?  Then let everyone know!

PA-242: Palo Alto Networks Firewall Manage Cyberthreats (EDU-231)

  

 

Course Overview:  PA-242: Palo Alto Networks Firewall Manage Cyberthreats (EDU-231) Training Class is a two-day course that teaches students strategies in defense against cyberthreats.  Successful completion of this course enables administrators to better understand the threat landscape.  This is not a virtualized theoretical course.  This is hands-on, real world instruction, directly relevant to the DoD and Commercial implementations of Palo Alto Networks next-generation firewalls.

Each student is issued a physical Palo Alto firewall and a Cisco layer 3 switch at their desk.  Real hardware per student for real experience and real skill development.  TechNow provides a very comprehensive client infrastructure that includes Windows, Linux, and multiple packet sniffer agents.

The instructor for this course has been a lead in Unix kernel development to implement firewall and intrusion detection technologies.  Additionally, the instructor has taught several security appliance products and carries several SANS, ISC2, ISACA, Cisco, Unix, and Windows certifications.

Attendees to the PA-242: Palo Alto Networks Firewall Manaage Cyberthreats  (EDU-231) Training Course will receive TechNow approved course materials and expert instruction.

Dates/Locations: No Events

Duration: 2 days

Course Objectives:   Students attending this training course will gain an understanding of cyberthreats and their characteristics.  Students will learn how to manage cyberthreats using security policies, profiles, and signatures to protect their network against emerging threats.

Day 1

  • Mod 1: Threat Landscape
    • Advanced Persistent
    • Threats
    • Data Breaches and Tactics
    • Threat Management
    • Strategies
  • Mod 2: Integrated
    • Approach to Threat
    • Protection
    • Integrated Approach to
    • Protection
    • Next-Generation Firewall
    • Advanced Endpoint
    • Protection
  • Mod 3: Network Visibility
    • Zero Trust Model
    • SSL Decryption
    • Decryption Policy
  • Mod 4: Reducing the Attack
    • Surf
    • ection

 

Day 2

  • Mod 5: Handling Known
    • Threats
    • WildFire Analysis
    • Security Profiles
  • Mod 6: Handling Unknown
    • Traffic and Zero-Day Exploits
    • WildFire
    • Researching Threat Events
    • Identifying Unknown
    • Applications
  • Mod 7: Investigating
    • Breaches
    • Identify IOCs Using
    • App-Scope
    • Log Correlation
    • Finding Infected Host
  • Mod 8: Using Custom
    • Signatures
    • Creating Custom App-IDs
    • Threat Signatures

A

Prerequisites:

  • Students must complete the PA-213: Install, Configure, and Manage course
  • Understanding of network concepts, including routing, switching, and IP addressing
  • In-depth knowledge of port-based security and security technologies such as IPS, proxy, and content filtering

This course is in no way associated with Palo Alto Networks, Inc.

Comments

Latest comments from students

Like the class?  Then let everyone know!