TN-989: Advanced Penetration Testing, Exploits, and Ethical Hacking Course

Course Overview:

This course engages students by providing in-depth knowledge of the most prominent and powerful attack vectors and an environment to perform these attacks in numerous hands-on scenarios. This course goes far beyond simple scanning for low-hanging fruit, and shows penetration testers how to model the abilities of an advanced attacker to find significant flaws in a target environment and demonstrate the business risk associated with these flaws.

A skills focus enables the student to better absorb the subject matter and perform successfully on the job. This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics of the attacks and the effectiveness.

Attendees to TN-989: Advanced Penetration Testing, Exploits, and Ethical Hacking course will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Course Duration: 5 days

Course Objectives:

Accessing the Network
Advanced Fuzzing Techniques
Advanced Stack Smashing
Attacking the Windows Domain – Enumeration
Attacking the Windows Domain – Restricted Desktops
Attacking the Windows Domain – The Attacks
Building a Metasploit Module
Crypto for Penetration Testers
Exploiting the Network
Fuzzing Introduction and Operation
Introduction to Memory and Dynamic Linux Memory
Introduction to Windows Exploitation
Manipulating the Network
Python and Scapy For Penetration Testers
Shellcode
Smashing the Stack
Windows Heap Overflow Introduction
Windows Overflows

Course Prerequisites:

GSEC or equivalent experience
UNIX, Windows, Networking, and Security Experience
This is a hands-on skill course requiring comfort with command line interaction and network communications

Comments

Latest comments from students

User: ryanv

Instructor comments: Great.

Facilities comments: N/A. Hotel.

User: sean.hollinger

Instructor comments: Instructor is technically knowledgeable as he has been on every course I've taken with TechNow.

Facilities comments: adequate

Liked the class? Then let everyone know!

TN-8150: CISSP Certification Preparation Seminar

Course Overview:

TechNow's CISSP Certification Preparation Seminar is an accelerated course designed to meet the high demands of the information security industry by preparing students for the industry standard Certified Information Systems Security Professional exam. The exam covers (ISC)²'s 8 Domains from the Common Body of Knowledge, which encompass the whole of information security.

This course is an intense 10 day program that ensures the student passes the CISSP exam on the first try. We encourage our students to take the exam within a week after course completion. The goal for this course is a pass rate of one and done. Our high pass rate reflects the dedication of TechNow's students and our commitment to a ten day program that many in the industry do in 5 days. TechNow has a proven CISSP track record that you can depend on.

Attendees to TN-815: CISSP Certification Preparation Seminar will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 10 Days

Course Objectives:

Our CISSP Professional training program covers the 8 Domains of the CBK in-depth with an emphasis on rigorous exam preparation.

Security and Risk Management (Security, Risk, Compliance, Law, Regulations, Business Continuity)
Asset Security (Protecting Security of Assets)
Security Engineering (Engineering and Management of Security)
Communications and Network Security (Designing and Protecting Network Security)
Identity and Access Management (Controlling Access and Managing Identity)
Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing)
Security Operations (Foundational Concepts, Investigations, Incident Management, Disaster Recovery)
Software Development Security (Understanding, Applying, and Enforcing Software Security)

Prerequisites:

To qualify for this CISSP training program you must first qualify for the CISSP exam, which requires:

4 years of experience in the information security field
or 3 years experience & a college degree

Contact TechNow to verify that you qualify.

Comments

Latest comments from students

Facilities comments:

User: pulliamp

Instructor comments:

Liked the class? Then let everyone know!

TN-575: Open Source Network Security Monitoring

Course Overview:

TN-575: Open Source Network Security Monitoring teaches students how to deploy, build, and run an NSM operation using open source software and vendor-neutral tools. No network is bullet proof and when attackers access your network, this course will show you how to build a security net to detect, contain, and control the attacker. Sensitive data can be monitored and deep packet and deep attachment analysis can be achieved. As organizations stand up a Security Operations Center (SOC) the enterprise NSM is the key ingredient to that SOC. This course not only teaches how to implement an NSM technologically, but how to effectively monitor an enterprise operationally. You will learn how to architect an NSM solution: where to deploy your NSM platforms and how to size them, stand-alone or distributed, and integration into packet analysis, interpret evidence, and integrate threat intelligence from external sources to identify sophisticated attackers. A properly implemented NSM is integral to incident response and provides the responders timely information to react to the incident. TN-575: Open Source Network Security Monitoring is a lab intensive environment with a cyber range that gives each student in-depth knowledge and practical experience monitoring live systems to include: Cisco, Windows, Linux, IoT, and Firewalls.

Attendees to TN-575: Open Source Network Security Monitoring class will receive TechNow approved course materials and expert instruction.

This Course is taught utilizing Security Onion or RockNSM as specified by the customer.

Dates/Locations:

No Events

Duration: 5 Days

Course Objective:

The focus of this course is to present a suite of Open Source security products integrated into a highly functional and scalable Network Security Monitoring solution.

Prerequisites:

Students should have a basic understanding of networks, TCP/IP and standard protocols such as DNS, HTTP, etc. Some Linux knowledge/experience is recommended, but not required

Course Outline:

Network Security Monitoring (NSM) Methodology
High Bandwidth Packet Capture Challenges
Installation of Security Onion
- Use Cases (analysis, lab, stand-alone, distributed)
- Resource Requirements
Configuration
- Setup Phase I – Network Configuration
- Setup Phase 2 – Service Configuration
- Evaluation Mode vs. Configuration Mode
- Verifying Services
Security Onion Architecture
- Configuration Files and Folders
- Network Interfaces
- Docker Environment
- Security Onion Containers
Overview of Security Onion Analyst Tools
- Kibana
- CapME
- CyberChef
- Squert
- Sguil
- NetworkMiner
Quick Review of Wireshark and Packet Analysis
- Display and Capture Filters
- Analyze and Statistics Menu Options
- Analysis for Signatures
Analyzing Alerts
- Replaying Traffic
- 3 Primary Interfaces:
  - Squert
  - Sguil
  - Kibana
- Pivoting Between Interfaces
- Pivoting to Full Packet Capture
Snort and Surricata
- Rule Syntax and Construction
- Implementing Custom Rules
- Implementing Whitelists and Blacklists
Hunting
- Using Kibana to Slice and Dice Logs
- Hunting Workflow with Kibana
Bro
- Introduction and Overview
  - Architecture, Commands
- Understanding and Examining Bro Logs
  - Using AWK, sort, uniq, and bro-cut
- Working with traces/PCAPs
- Bro Scripts Overview
  - Loading and Using Scripts
- Bro Frameworks Overview
  - Bro File Analysis Framework FAF
- Using Bro scripts to carve out more than files
RockNSM ( * If Applicable)
- Kafka
  - Installation and Configuration
  - Kafka Messaging
  - Brokers
  - Integration with Bro and FSF
- File Scanning Framework FSF
  - Custom YARA Signatures
  - JSON Trees
  - Sub-Object Recursion
  - Bro and Suricata Integration
Elastic Stack
- Adding new data sources in Logstash
- Enriching data with Logstash
- Automating with Elastalert
- Building new Kibana dashboards
Production Deployment
- Advanced Setup
- Master vs Sensor
- Node Types – Master, Forward, Heavy, Storage
- Command Line Setup with sosetup.conf
- Architectural Recommendations
- Sensor Placement
- Hardening
- Administration
- Maintenance
Tuning
- Using PulledPork to Disable Rules
- BPF’s to Filter Traffic
- Spinning up Additional Snort / Suricata / Bro Workers to Handle Higher Traffic Loads

Comments

Latest comments from students

Liked the class? Then let everyone know!

N-595: VoIP Security Analysis and Design

Course Overview:

As VoIP (Voice-over IP) is integrated into the operations of many missions, it is imperative to understand its security ramifications. In the N-595: VoIP Security Analysis and Design class the objectives are designed for those who are chartered with the responsibility of securing networks and application environments that incorporate VoIP. Topics include how VoIP works, its interactions with the network, its vulnerabilities and mitigations. Focus is on leading open source and proprietary technologies utilizing Asterisk and Cisco and the protocols SIP, H.323, RTP, MGCP, and Skinny. Other protocols such as Nortel's UNIStim will be addressed. As for Cisco, security pieces in the VoIP CallManager servers, Catalyst switches, IOS-based routers, and ASA firewalls, amounts to several different platforms, each with its own management interface and lockdown procedures. Various open source tools including those in BackTrack are used for VoIP attacks. A task list of actions for securing enterprise VoIP is carried out in hands-on labs, performed on Cisco phones, routers, switches, and ASA firewalls.

Attendees to N-595: VoIP Security Analysis and Design will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

VoIP Architecture
VoIP Signaling and media protocols
Common VoIP authentication mechanisms
Common VoIP encryption techniques
VoIP protocol analysis with Wireshark
Maintaining QoS while mitigating DoS
VoXML, XML, and application integration security
Converged network security design and implementation
Impact of NAT and firewalls
SIP, H.323, and MGCP vulnerabilities
VPN, IPsec and SRTP to secure VoIP services
Penetration testing with open source tools
Attacks for Eavesdropping, call redirection, and DoS
Design of hacked firmware virtualization layer
Concise lockdown steps for network hardware and VoIP

Prerequisites:

This is an advanced Information Security Course which requires basic Windows & UNIX competency
Certification or 2 years of experience in these operating systems is highly recommended
As well as an understanding of TCP/IP

Comments

Latest comments from students

Liked the class? Then let everyone know!

PP-222: CIPM Certified Information Privacy Manager and GDPR Compliance

Course Overview:

Every organization has data protection needs. Every day, we access, share and manage data across companies, continents and the globe. Knowing how to implement a privacy program is an invaluable sill that will help you protect your organization’s data- and take your career to the next level. Our Principles of Privacy Program Management training is the premier course on implementing a privacy program framework, managing the privacy program operational lifecycle and structuring a privacy team. With a CIPM and CIPP/E combined you’ll be uniquely equipped to fulfill the DPO requirements of the GDPR. Here is our CIPM + CIPP/E 4 Day GDPR Ready

What’s Included:

Authorized courseware
Exam voucher
IAPP membership

**GDPR Regulation Mandated May 25, 2018**

Course Objectives:

Principles of Privacy Program Management is the how-to training on implementing a privacy program framework, managing the privacy program operational lifecycle and structuring a knowledgeable, high-performing privacy team. Those taking this course will learn the skills to manage privacy in an organization through process and technology-regardless of jurisdiction or industry. The Principles of Privacy Program Management training is based on the body of knowledge for the IAPP’s ANSI accredited Certified Information Privacy Manager (CIPM) certification program.

Attendees to PP-222: CIPM Certified Information Privacy Manager and GDPR Compliance will receive TechNow approved course materials and expert instruction, and certification test voucher and certificate of course completion.

TechNow is a International Association of Privacy Professionals (IAPP) Partner, and utilizes official curriculum from International Association of Privacy Professionals (IAPP).

TechNow has taught security courses for over 20 years, before most certifications existed and has successfully moved students through certification programs associated with IAPP, SANS, EC-Council and ISC2. Our instructor maintains over a dozen security certifications and has been the director of a company with internationals sales and compliance.

Dates/Locations:

No Events

Duration: 2 Days

Course Content:

Module 1: Introduction to Privacy Program Management
Module 2: Privacy Governance
Module 3: Applicable Laws and Regulations
Module 4: Data Assessments
Module 5: Policies
Module 6: Data Subjects’ Rights
Module 7: Training and Awareness
Module 8: Protecting Personal Information
Module 9: Data Breach Incident Plans
Module 10: Measuring, Monitoring and Auditing Program Performance

Prerequisites: None

Target Audience:

Data Protection Officers, Data Protection Managers, Auditors, Legal Compliance Officers, Security Manager, Information Managers, Anyone who uses processes and maintains personal data

Comments

Latest comments from students