TN-999: Reverse Engineering Malware Course

Course Overview:

This course is designed for professionals that are expected to do malware analysis. A skills focus enables the student to better absorb the subject matter and perform successfully on the job. This is not death by power point. The course is aligned with information assurance operators and executing hands-on labs. Lecture and labs walk the student through the knowledge required to truly understand the mechanics Reverse Engineering Malware.

Attendees to TN-999: Reverse Engineering Malware will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Duration: 5 days

Course Objectives:

Toolkit and Lab Assembly
Malware Code and Behavioral Analysis Fundamentals
Malicious Static and Dynamic Code Analysis
Collecting/Probing System and Network Activities
Analysis of Malicious Document Files
Analyzing Protected Executables
Analyzing Web-Based Malware
DLL Construction and API Hooking
Common Windows Malware Characteristics in x86 Assembly
Unpacking Protected Malware
In-Depth Analysis of Malicious Browser Scripts, Flash Programs and Office
In-Depth Analysis of Malicious Executables
Windows x86 Assembly Code Concepts for Revers-Engineering Memory Forensics for Rootkit Analysis

Prerequisites:

Strong understanding of core systems and network concepts
Exposure to programming and assembly concepts
Comfortable with command line access

Comments

Latest comments from students

User: marcus.osullivan

Instructor comments: Good stuff. I like the beginning half where there was help from an additional instructor to facilitate fixing computer errors that inevitably popped up.

Facilities comments: The baby deer were neat! I like the resort.

Liked the class? Then let everyone know!

RH-295: Linux System Administration II

Course Overview:

Linux System Administration II course is for experienced administrators ready for advanced administration topics. This course provides students with hands-on experience working with more complex and integrated administration concepts, and builds upon the Part 1 course. Students will be instructed in essential local Red Hat system administration skills including: Logical Volumes, Raid Management, and System Logging, SELinux and Virtual Machines. The Linux System Administration II course will get you started in understanding network administration topics, including monitoring, routing, Firewall with iptables, and servers such as NFS, SAMBA, DNS, SMTP, HTTP, DHCP, and Kickstart.

Attendees to RH-295: Linux System Administration II will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 days

Course Objectives:

Managing Logical Volumes and RAID
Network Routing, Filtering and Monitoring
Configuring File Sharing Across Platforms
Configuring Internet Services
Configuring Security
Configuring System Messaging
Using Name Services
Configuring Name Service Clients
Configuring Kickstart
Virtualization with KVM
Troubleshooting Boot Process

Prerequisites:

RH-245: Linux System Administration I or equivalent knowledge plus six months experience as a system administrator or one year or more administrating the Red Hat operating system.

Comments

Latest comments from students

Liked the class? Then let everyone know!

TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies

Course Overview:

TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies is the big picture overview of a SOC, other courses provide a deep dive into the technologies that a SOC may utilize. This course addresses the internal workings of staff, skills required, required authorizations, internal agreements, and setting appropriate expectation levels of a SOC within budget constraints. A SOC is not a one size fits all, the instructor has decades of security experience and brings to the table opportunities to discuss what can work within constraints. Many organizations are coming to the realization that some level of a SOC is now required and to learn just what decisions need to be made: Out-sourced, In-sourced, budgets, capabilities and many more. Students leave with a worksheet of how to progress when they get back to their organization.

TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies – Is a course that incorporates lecture, demos, and group exercises for standing up a Security Operations Center (SOC). Students learn strategies and resources required to deploy, build, and run Network Security Monitoring (NSM) and work roles and flows for a SOC. No network is bullet proof and when attackers access your network, this course will show you options and resources to build a security net to detect, contain, and control the attacker. Examples on what it takes to architect an NSM solution to identify sophisticated attackers and a response strategy. Properly implemented detection and response technologies is integral to incident response and provides the responders timely information and tools to react to the incident. Effective demonstrations are given of Open Source technologies that build up a SOC, but any software can be used and demonstrations are provided to demonstrate technology families not push a specific solution.

TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies demonstrations utilize a cyber range that gives each student in-depth knowledge of monitoring live systems to include: Cisco, Windows, Linux, IoT, and Firewalls; and software and services to provide orchestrate Incident Response, Intelligence Analysis, and Hunt Operations.

Attendees to TN-542: Establishing a Security Operations Center (SOC) People, Processes, and Technologies class will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 2 Days

Course Objective:

Prerequisites:

Students should have an understanding of the security field.

Course Outline:

What threats does my organization care about?
What does a threat look like?
What does a threat look like?
How to present the SOC internally.
Communication with Stakeholders and Executives
People
- Establishing a skill matrix and work roles for SOC members
- Establishing a training path
- Personnel background requirementsProcesses
Processes
- Alignment to standards: NIST, PCI, HIPAA, etc.
- Risk related decision trees
- Playbooks
- Threat Intelligence Integration
Technology – Tool Suites to Support:
- Ethical Hacking
- Network Security Monitoring and SIEM
- Forensics
- Dashboards
- Analysis and Hunting
- Incident Management and Ticketing

Comments

Latest comments from students

Liked the class? Then let everyone know!

N-455: Securing Networks with ASA Fundamentals (SNAF)

Course Overview:

In this course, you will gain the knowledge and skills needed to configure, maintain, and operate Cisco ASA 5500 Series Adaptive Security Appliance.

Attendees to N-455: Securing Networks with ASA Fundamentals (SNAF) will receive TechNow approved course materials and expert instruction.

Dates/Locations:

No Events

Duration: 5 Days

Course Objectives:

Introducing Cisco Security Appliance Technology and Features
Cisco Adaptive Security Appliance and PIX Security Appliance Families
Getting Started with Cisco Security Appliances
Essential Security Appliance Configuration
Configuring Translations and Connection Limits
Using ACLS and Content Filtering
Configuring Object Grouping
Switching and Routing on Security Appliances
Configuring AAA for Cut-Through Proxy
Configuring the Cisco Modular Policy Framework
Configuring Advanced Protocol Handling
Configuring Threat Detection
Configuring Site-to-Site VPNS Using PreShared Keys
Configuring Security Appliance Remote Access VPNs
Configuring Cisco Security Appliance for SSL VPN
Configuring Transparent Firewalls Mode
Configuring Security Contexts
Configuring Failover
Managing Security Appliances

Prerequisites:

CCNA certification

Comments

Latest comments from students

Liked the class? Then let everyone know!

Linux

Here are our Linux course offerings: