CL-355: Containers, Kubernetes, and Red Hat OpenShift Administration

 

Course Overview:

Through an introduction to Docker, Kubernetes, and Red Hat OpenShift Platform, this training course helps you understand one of the key tenets of the DevOps and DevSecOps Platform (DSOP) movement: continuous integration and continuous deployment. The CI/CD pipeline becomes well understood and implemented in an open architecture.  Containers have become a key technology for the configuration and deployment of applications and micro services. Kubernetes is a container orchestration platform that provides foundational services in Red Hat OpenShift Container Platform, which allows enterprises to manage container deployments and scale their applications using Kubernetes.

This training course provides an overview of the DoD Enterprise DevSecOps Platform (DSOP) Reference Design, its current state, and ties to DoD Cloud Platform One (P1). Workflows of the DoD Iron Bank container repository are introduced, along with an overview of the DoD Pipeline as represented in Big Bang.  Continuous authorization cATO via Party Bus within NIST RMF is presented. You will become aware of the Platform One (P1) integrations and relationship to Docker, Kubernetes, Istio (Red Hat OpenShift Service Mesh) and Red Hat OpenShift Platform.

In addition to gaining an understanding of these tools, you will build core administration skills through the installation, configuration, and management of an OpenShift cluster and containerized applications.

Course Objectives:

  • Learn about Containers, Docker, Kubernetes, and OpenShift architecture
  • Overview DoD Enterprise DevSecOps Platform (DSOP) Reference Design and DoD Cloud Platform One (P1)
  • Tie together awareness of various DoD Cloud offerings and their relationships
  • Create containerized services
  • Manage containers and container images
  • Deploy multi-container applications
  • Install an OpenShift cluster
  • Configure and manage masters and nodes
  • Secure OpenShift
  • Control access to resources on OpenShift
  • Monitor and collect metrics on OpenShift
  • Deploy applications on OpenShift using source-to-image (S2I)
  • Manage storage on OpenShift

Course Outline:

  • Getting started with container technology
  • Creating containerized services
  • Managing containers
  • Managing container images
  • Creating custom container images
  • Deploying containerized applications on OpenShift
  • Deploying multi-container applications
  • Troubleshooting containerized applications
  • Comprehensive Review of Introduction to Container, Kubernetes, and RedHat OpenShift
  • Introducing Red Hat OpenShift Container Platform
  • Installing OpenShift Container Platform
  • Describing and exploring OpenShift networking concepts
  • Executing commands
  • Controlling access to OpenShift resources
  • Allocating persistent storage
  • Managing application deployments
  • Installing and configuring the metrics subsystem
  • Managing and monitoring OpenShift Container Platform

Dates/Locations:

No Events

Duration: 5 Days

Prerequisites:

  • Ability to use a Linux® terminal session and issue operating system commands
  • Good foundation in Linux
  • Experience with web application architectures and their corresponding technologies

Target Audience:

  • Developers who wish to containerize software applications
  • Administrators who are new to container technology and container orchestration
  • Architects who are considering using container technologies in software architectures
  • System administrators
  • System architects
  • Architects and developers who want to install and configure OpenShift Container Platform
  • Those working in the field of DevSecOps supporting DoD Platform One (P1) and other implementations

Comments

Latest comments from students

 

Liked the class?  Then let everyone know!

TN-913: Cloud Security Fundamentals

 

Course Overview:

TechNow Cloud Security Fundamentals addresses the loss of hands-on control of system, application, and data security in the Cloud computing environment.  Security teams wrestle with the impact and liability of Cloud computing on an organization.  This course enables the security team to assist in contract language and Service Level Agreements (SLAs) when utilizing Cloud Service Providers (CSPs).

Compliance and auditing are introduced with strategies for control verification and audit analysis in the CSP environment.  Software as a Service (SaaS) to Infrastructure as a Service (IaaS) and everything in between require a compliance strategy.  Students will go in-depth into the architecture and infrastructure fundamentals for private, public, and hybrid clouds.   Topics covered include: patch and configuration management, virtualization security, application security, and change management. Policy, risk assessment, and governance within cloud environments will be covered with recommendations for both internal policies and contract provisions to consider.

TechNow has worked worldwide enterprise infrastructures for over 20 years and has developed demos and labs to exemplify the techniques required to effectively manage security in the cloud environment.

Attendees to TN-913: Cloud Security Fundamentals will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Course Duration: 3 days

Course Objectives:

  • Cloud computing introduction
  • Security challenges in the cloud
  • Infrastructure security in the cloud
  • Policy, risk, and governance for cloud computing
  • Compliance and legal considerations
  • Audit and assessment for the cloud
  • Data security in the cloud
  • Identity and Access Management (IAM)
  • Disaster Recovery and Business Continuity Planning (DR/BCP) in the cloud
  • Intrusion detection and incident response

Course Prerequisites:

  • GSEC, CISSP, CASP or equivalent experience in managing enterprise infrastructures
  • Managing or administering at least one of UNIX, Windows, Databases, networking, or security

Comments

Latest comments from students

User: reedrobt

Instructor comments: Dave is like an encyclopedia of technical topics...what "doesn't" he have expertise in?

Facilities comments: Home2 location was well-kept and convenient to other services.

 

Liked the class?  Then let everyone know!

PP-222: CIPM Certified Information Privacy Manager and GDPR Compliance

 

Course Overview:

Every organization has data protection needs. Every day, we access, share and manage data across companies, continents and the globe. Knowing how to implement a privacy program is an invaluable sill that will help you protect your organization’s data- and take your career to the next level. Our Principles of Privacy Program Management training is the premier course on implementing a privacy program framework, managing the privacy program operational lifecycle and structuring a privacy team. With a CIPM and CIPP/E combined you’ll be uniquely equipped to fulfill the DPO requirements of the GDPR. Here is our CIPM + CIPP/E 4 Day GDPR Ready  

What’s Included:

  • Authorized courseware
  • Exam voucher
  • IAPP membership

**GDPR Regulation Mandated May 25, 2018**

Course Objectives:

Principles of Privacy Program Management is the how-to training on implementing a privacy program framework, managing the privacy program operational lifecycle and structuring a knowledgeable, high-performing privacy team. Those taking this course will learn the skills to manage privacy in an organization through process and technology-regardless of jurisdiction or industry. The Principles of Privacy Program Management training is based on the body of knowledge for the IAPP’s ANSI accredited Certified Information Privacy Manager (CIPM) certification program.

Attendees to PP-222: CIPM Certified Information Privacy Manager and GDPR Compliance will receive TechNow approved course materials and expert instruction, and certification test voucher and certificate of course completion.

TechNow is a International Association of Privacy Professionals (IAPP) Partner, and utilizes official curriculum from International Association of Privacy Professionals (IAPP).

TechNow has taught security courses for over 20 years, before most certifications existed and has successfully moved students through certification programs associated with IAPP, SANS, EC-Council and ISC2. Our instructor maintains over a dozen security certifications and has been the director of a company with internationals sales and compliance.

 

Document Flow Chart iconsm

Dates/Locations:

No Events

Duration: 2 Days

Course Content:

  • Module 1: Introduction to Privacy Program Management
  • Module 2: Privacy Governance
  • Module 3: Applicable Laws and Regulations
  • Module 4: Data Assessments
  • Module 5: Policies
  • Module 6: Data Subjects’ Rights
  • Module 7: Training and Awareness
  • Module 8: Protecting Personal Information
  • Module 9: Data Breach Incident Plans
  • Module 10: Measuring, Monitoring and Auditing Program Performance

 

Prerequisites: None

Target Audience:

Data Protection Officers, Data Protection Managers, Auditors, Legal Compliance Officers, Security Manager, Information Managers, Anyone who uses processes and maintains personal data

Comments

Latest comments from students

Liked the class?  Then let everyone know!

TN-813: Certified in Governance, Risk and Compliance (CGRC)

 

Course Overview:

TN-813: Certified in Governance, Risk, and Compliance (CGRC) course is for the (ISC)²® Certified in Governance, Risk, and Compliance (CGRC) credential previously known as Certified Authorization Professional (CAP). This course walks the student through the Risk Management Framework following practices the NIST pubs. CGRC is an objective measure of the knowledge, skills and abilities required for personnel involved in the process of certifying and accrediting security of information systems. Specifically, this credential applies to those responsible for formalizing processes used to assess risk and establish security requirements. Their decisions will ensure that information systems possess security commensurate with the level of exposure to potential risk, as well as damage to assets or individuals.The CGRC credential is appropriate for civilian, state and local governments in the U.S., as well as commercial markets. CGRC certification applies to job functions such as authorization officials, system owners, information owners, information system security officers, and certifiers.  CGRC is crucial to the Management staff.

This course is the “why” of the entire security field. It provides a logical way of allocating resources where there is greatest risk and why we make the decisions we make in the field of security. It is TechNow’s view that of all the security courses we have seen, this course genuinely puts the “big picture” of security in front of the students. Students actually come to an understanding of truly what is critical to security of an enterprise versus a bunch of nuts and bolts of security.

TechNow’s CGRC course covers all of the (ISC)²® CGRC 7 Knowledge domains:

  • Security and Privacy Governance, Risk Management, and Compliance Program
  • Scope of the System
  • Selection and Approval of Framework, Security, and Privacy Controls
  • Implementation of Security and Privacy Controls
  • Assessment/ Audit of Security and Privacy Controls
  • System Compliance
  • Compliance Maintenance

RMF Related Steps

  • Prepare – Process Initiation
  • Categorize Information Systems
  • Establish the Security Control Baseline
  • Apply Security Controls
  • Assess Security Controls
  • Authorize Information System
  • Monitor Security Controls

TechNow’s CGRC Instructors have extensive knowledge and experience in the field, and have been working with organizations to build assessor teams for over 20 years.

Attendees to TN-813: Certified in Governance, Risk, and Compliance (CGRC) will receive TechNow authorized training materials, including access to the documentation of the CGRC Exam domains, and expert instruction.

Dates/Locations:

Date/Time Event
01/21/2025 - 01/24/2025
08:00 -16:00 		TN-813: Certified in Governance, Risk and Compliance (CGRC)
TechNow, Inc, San Antonio TX
03/31/2025 - 04/04/2025
08:00 -16:00 		TN-813: Certified in Governance, Risk and Compliance (CGRC)
TechNow, Inc, San Antonio TX
05/28/2025 - 05/30/2025
08:00 -16:00 		TN-813: Certified in Governance, Risk and Compliance (CGRC)
TechNow, Inc, San Antonio TX
09/08/2025 - 09/11/2025
08:00 -16:00 		TN-813: Certified in Governance, Risk and Compliance (CGRC)
TechNow, Inc, San Antonio TX

Duration: 3 Days

Course Objectives:

  • Initiate the Preparation Phase
  • Perform Execution Phase
  • Perform Maintenance Phase
  • Understand the Purpose of Security Authorization

Prerequisites:

  • IT Security
  • Information Assurance
  • Information Risk Management certification and systems administration
  • 1-2 years of general experience technical experience
  • 2 years of general systems experience
  • 1-2 years of Database/Systems Development/Network Experience
  • Information Security Policy Experience

Comments

Latest comments from students

Liked the class?  Then let everyone know!

Palo Alto Networks Firewall Training Course Lab

Working with the TechNow lab for the PA-215: Palo Alto Networks Firewall Essentials FastTrack course has been nothing less than a techie's idea of fun.  When students come in we are immediatly configuring the Cisco 3750 switches for access ports, VLANS, and trunks.  We then cable the switch to the Palo Alto Networks Firewall.  Each student gets their own Palo Alto Firewall Pod of hardware and software.  What we find as fun is the VLAN environment, with an array of virtual machines hosted on an ESXi server that can really exercise the abilities of the Palo Alto Firewall.  The DMZ VLAN hosts virtual machines that support enterprise services and also potentialy vulnerable web services.  The Trust VLAN has Windows and Linux clients.  The UnTrust VLAN has Web services and a VM of Kali. The hardware Firewall is additionally connected to a Management VLAN.  All those VLANs are trunked into an ESXi server where the student also has a VM-Series Palo Alto Networks Firewall for High Availability.  

After configuring all the trunking, VLANs, and network interfaces we learn about the firewall and configure it for the lab environment.  Using Metasploitable and Kali/Metasploit nefarious penetration attempts are executed.  Using packet captures, custom APP-ID's  and custom signatures are generated.  Custom logging and reporting are created to similate and enterprise and assist the desired Incident Response.  It is always fun in a training environment to learn all about the controls available in a product, even though specific controls may not be used in the operational environment.  In the end we have a good understanding of the Palo Alto Networks Firewall.