TN-825: Certified Information Security Manager (CISM) Seminar

Course Overview:

The Certified Information Security Manager (CISM) certification program is developed specifically for experienced information security managers & those who have information security management responsibilities. The CISM certification is for the individual who manages, designs, oversees and/or assesses an enterprise’s information security (IS). The CISM certification promotes international practices & provides executive management with assurance that those earning the designation have the required experience & knowledge to provide effective security management & consulting services. Individuals earning the CISM certification become part of an elite peer network, attaining a one-of-a-kind credential. The CISM job practice also defines a global job description for the information security manager & a method to measure existing staff or compare prospective new hires.

This course is designed to assist in your exam preparation for the CISM exam.

Attendees to TN-825: Certified Information Security Manager (CISM) Seminar will receive TechNow approved course materials and expert instruction.

Document Flow Chart iconsm

Dates/Locations:

Date/Time Event
11/17/2025 - 11/21/2025
08:00 -16:00 		TN-825: Certified Information Security Manager (CISM) Seminar
TechNow, Inc, San Antonio TX

Duration: 5 Days

Course Objectives:

  • Information Security Governance (24%)
  • Establish and/or maintain an information security governance framework and supporting processes to ensure that the information security strategy is aligned with organizational goals and objectives
  • Information Risk Management (30%)
  • Manage information risk to an acceptable level based on risk appetite to meet organizational goals and objectives
  • Information Security Program Development and Management (27%)
  • Develop and maintain an information security program that identifies, manages and protects the organization’s assets while aligning to information security strategy and business goals, thereby supporting an effective security posture
  • Information Security Incident Management (19%)
  • Plan, establish and manage the capability to detect, investigate, respond to and recover from information security incidents to minimize business impact

Prerequisites:

A minimum of five years of information security work experience, with a minimum of three years of information security management work experience in three or more of the job practice analysis areas.

Comments

Latest comments from students

User: tracycampbell

Instructor comments: Dave had great command of the class and the flow of information. The lessons seem relevant to the exam and the course material should assist greatly with passing. As a bonus, his breakdown of PKI helped with my current job requirements.

Facilities comments: The Home2Suites by Hilton was FANTASTIC!

Liked the class?  Then let everyone know!

cheddarcon-powershell-threat-hunting-registration

After you press "Request Registration" near the bottom of this form, within 30 seconds, status will be provided at the bottom of the form, you will also be contacted by phone for credit card information.

Tech Now is pleased to have the opportunity to provide you training for "Windows Security Automation and Threat Hunting with PowerShell” at CheddarCon 2018!

Scroll down to see the course description.

First Name*
Last Name*
Your Email*
Your Organization*
Phone*

Questions:

After you press "Request Registration" on this form, within 30 seconds, status will be provided at the bottom of the form, you will also be contacted by phone for credit card information.

Windows Security Automation and Threat Hunting with PowerShell Seminar

Location: 400 W Wisconsin Ave, Milwaukee, WI 53203, USA

Date: October 10, 2018 8:00am – 4:00pm

Duration: 8 hours

Audience: Cyber Security professionals and Windows administrators

Attendees Environment: Laptops not required, but suggested to have better hands-on absorption of subject matter.

Description:
PowerShell is both a command-line shell and scripting language. Fight fires quickly using existing or custom PowerShell commands or scripts at the shell. PowerShell is made for Security Operations (SecOps) automation on Windows. This seminar does not require prior programming skills. The seminar focuses on PowerShell programming, giving a beginner skills to be productive in windows scripting to automate tasks and also remediate problems.

Cyber Security is the objective of this seminar, and the PowerShell examples will demonstrate PowerShell capabilities that help lock down a Windows system and also report security status.

Objectives:

PowerShell Overview

  • Getting started running commands
  • Security cmdlets
  • Using and updating the built-in help
  • Execution policies
  • Fun tricks with the ISE graphical editor
  • Piping .NET and COM objects, not text
  • Using properties and methods of objects
  • Helping Linux admins feel more at home
  • Aliases, cmdlets, functions, modules, etc.

PowerShell Utilities and Tips

  • Customizing your profile script
  • PowerShell remote command execution
  • Security setting across the network
  • File copy via PowerShell remoting
  • Capturing the output of commands
  • Parsing text files and logs with regex patterns
  • Parsing Security Logs
  • Searching remote event logs
  • Mounting the registry as a drive
  • Security settings in the Registry
  • Exporting data to CSV, HTML and JSON files
  • Running scripts as scheduled jobs
  • Continued Security Compliance
  • Pushing out scripts through Group Policy
  • Importing modules and dot-sourcing functions
  • http://www.PowerShellGallery.com

PowerShell Scripting

  • PowerShell Scripting to implement Security Practices
  • Writing your own functions to automate security status and settings
  • Passing arguments into your scripts
  • Function parameters and returning output
  • Flow control: if-then, foreach, that make security decisions
  • How to pipe data in/out of your scripts for security compliance and reporting

Attendees to this seminar, Windows Security Automation and Threat Hunting with PowerShell, will receive TechNow approved course materials and expert instruction.[/wr_text][/wr_column][/wr_row]

TN-963: Windows Security Automation with PowerShell

Course Overview:

PowerShell is made for Security Operations (SecOps) automation on Windows. SecOps requires automation in order to scale out security changes and monitoring beyond a handful of hosts. For example, when a vulnerability must be remediated but there is no patch for it yet, automation is needed to quickly and consistently enact the changes necessary. PowerShell “remoting” is encrypted remote command execution of PowerShell scripts in a way that can scale to thousands of endpoints and servers.

Imagine being able to hunt for indicators of compromise across thousands of machines with just a few lines of PowerShell code. Or imagine having the local Administrator account password reset every night on thousands of endpoints in a secure way, and being able to retrieve that password securely too.

We will show you to do these tasks and more. Transcription logging for forensics, strong encryption code signing, application whitelisting of scripts, IPSec port control, and Just Enough Admin (JEA).

As more and more of our systems are moved up to the cloud, PowerShell will become even more important. Amazon Web Services, Microsoft Azure, Office 365, Hyper-V and VMware already support PowerShell administration for many tasks.

Attendees to TN-963: Windows Security Automation with PowerShell will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Duration: 3 days

Course Objectives:

Day One
PowerShell Overview and Tips

    • Getting started running commands
    • Using and updating the built-in help
    • Execution policies
    • Fun tricks with the ISE graphical editor
    • Piping .NET and COM objects, not text
    • Using properties and methods of objects
    • Helping Linux admins feel more at home
    • Aliases, cmdlets, functions, modules, etc.
    • Customizing your profile script

What Can We Do With PowerShell

    • PowerShell remote command execution
    • Fan-out remoting and security
    • File copy via PowerShell remoting
    • Capturing the output of commands
    • Parsing text files and logs with regex patterns
    • Searching remote event logs faster with XPath
    • Mounting the registry as a drive
    • Exporting data to CSV, HTML and JSON files
    • Parsing and mining nmap port scanner XML output
    • Running scripts as scheduled jobs
    • Pushing out scripts through Group Policy
    • Importing modules and dot-sourcing functions
    • http://www.PowerShellGallery.com

Write your own scripts

    • Writing your own functions
    • Passing arguments into your scripts
    • Function parameters and returning output
    • Flow control: if-then, do-while, foreach, switch
    • The .NET Framework class library: a playground
    • How to pipe data in/out of your scripts

Day Two
Continuous Secure Configuration Enforcement

    • How to use Group Policy and PowerShell together
    • Automate with INF security templates
    • How to customize INF templates
    • Microsoft Security Compliance Manager (SCM)
    • SECEDIT.EXE scripting
    • Building an in-house security repository for SecOps/DevOps
    • NSA’s Secure Host Baseline GPOs

Group Policy Precision Targeting

    • Managing Group Policy Objects (GPOs) with PowerShell
    • LSDOU, Block Inheritance, Enforced GPOs
    • Group Policy permissions for targeting changes
    • ADMX templates for mass registry editing
    • Deploying PowerShell startup and logon scripts
    • WMI item-level targeting of GPO preferences
    • GPO scheduled tasks to run PowerShell scripts
    • Remote command execution via GPO (not remoting)
    • Empowering the Hunt Team to fight back!

Server Hardening for SecOps/DevOps

    • Server Manager scripting with PowerShell
    • Adding and removing roles and feature
    • Remotely inventory roles, features, and apps
    • Why Server Nano or Server Core
    • Running PowerShell automatically after service failure
    • Service account identities, passwords, and risks
    • Tools to reset service account passwords securely

Day Three
PowerShell Desired State Configuration (DSC)

    • DSC is Configuration Management built in for free
    • Using DSC for continuous reinforcement of settings
    • Writing your own DSC configuration scripts
    • Free DSC resource modules: www.PowerShellGallery.com
    • How to push DSC configurations to many targets
    • DSC background job processing in push mode
    • Examples: sync files, install roles, manage groups
    • Auditing a remote target against a DSC MOF template
    • “ApplyAndAutoCorrect” mode for continuous enforcement

PowerShell Just Enough Admin (JEA)

    • JEA is Windows sudo, like on Linux
    • JEA is Windows setuid root, like on Linux
    • Restricting commands and arguments
    • Verbose transcription logging
    • How to set up and configure JEA
    • Privilege Access Workstations (PAWs)

PowerShell and WMI

    • Windows Management Instrumentation (WMI) service
    • What is WMI and why do hackers abuse it so much?
    • Using PowerShell to query WMI CIM classes
    • WMI authentication and traffic encryption
    • Inventory operating system versions and installed software
    • WMI remote command execution versus PowerShell remoting
    • PowerShell security best practices
    • PowerShell transcription logging to catch hackers

Prerequisites:

  • GSEC or equivalent experience
  • UNIX, Windows, Networking, and Security Experience
  • This is a hands-on skill course requiring comfort with command line interaction and network communications

Comments

Latest comments from students

Liked the class?  Then let everyone know!

TN-415: Computer Hacking Forensics Investigator (CHFI)

 

 

 

 

 

 

 

Course Overview:

The Computer Hacking Forensic Investigator (CHFI) course delivers the security discipline of digital forensics from a vendor-neutral perspective. CHFI is a comprehensive course covering major forensic investigation scenarios and enabling students to acquire necessary hands-on experience with various forensic investigation techniques and standard forensic tools necessary to successfully carry out a computer forensic investigation leading to the prosecution of perpetrators.

The CHFI certification gives participants the necessary skills to perform an effective digital forensics investigation. CHRI presents a methodological approach to computer forensics including searching and seizing, chain-of-custody, acquisition, preservation, analysis and reporting of digital evidence

What’s Included:

  • 5 days of instructor-led in classroom training
  • Detailed Labs for hands-on learning experience; approximately 50% of training is dedicated to labs
  • Hundreds of investigation tools including EnCase, Access Data FTL, & ProDiscover
  • Huge cache of evidence files for analysis including RAW, .dd images, video & audio files, MS Office files, systems files, etc.
  • CHFI Courseware
  • Exam Voucher
  • CHFI onsite exam scheduling

Course Objectives:

  • Establish threat intelligence and key learning points to support pro-active profiling and scenario modeling
  • Perform anti-forensic methods detection
  • Perform post-intrusion analysis of electronic and digital media to determine the who, where, what, when, and how the intrusion occurred
  • Extract and analyze of logs from various devices like proxy, firewall, IPS, IDS, Desktop, laptop, servers, SIM tool, router firewall, switches AD server, DHCP logs, Access Control Logs & conclude as part of investigation process
  • Identify & check the possible source/ incident origin
  • Recover deleted files and partitions in Windows, MAC OS X, and Linux
  • Conduct reverse engineering for known and suspected malware files
  • Collect data using forensic technology methods in accordance with evidence handling procedures, including collection of hard copy and electronic documents

Dates/Locations:

Date/Time Event
07/14/2025 - 07/18/2025
08:00 -16:00 		TN-415: Computer Hacking Forensics Investigator (CHFI)
TechNow, Inc, San Antonio TX

Duration: 5 Days

Course Content:

    • Module 01. Computer Forensics in Today’s World
    • Module 02. Computer Forensics Investigation Process
    • Module 03. Understanding Hard Disks and File Systems
    • Module 04. Data Acquisition and Duplication
    • Module 05. Defeating Anti-forensics Techniques
    • Module 06. Operating System Forensics (Windows, Mac, Linux)
    • Module 07. Network Forensics
    • Module 08. Investigating Web Attacks
    • Module 09. Database Forensics
    • Module 10. Cloud Forensics
    • Module 10. Malware Forensics
    • Module 11. Investigating Email Crimes
    • Module 12. Investigating Email Crimes
    • Module 13. Mobile Forensics
    • Module 14. Forensics Report Writing and Presentation

 

Prerequisites:

      • 2+ years of proven information security work experience
      • Educational background with digital security specialization

    Target Audience:

      • Law Enforcement
      • Defense & Military
      • E-Business Security
      • Systems Administrators
      • Legal Professionals
      • Banking & Insurance professionals
      • Government Agencies
      • IT Managers

  • Comments

    Latest comments from students

    Liked the class?  Then let everyone know!

TN-905: Cyber Threat Intelligence Analysis

 

Course Overview:

TechNow has worked worldwide enterprise infrastructures for over 30 years and has developed demos and labs to exemplify the techniques required to demonstrate technologies that effectively support CTI.  This course integrates well with our courses TN-575: Open Source Network Security Monitoring and TN-865: Wireshark Network Traffic and Security Analysis .

TechNow develops Cyber Ranges and makes them available for conferences in support of annual meetings for Cyber Threat Response Teams.  Developing scenarios and reacting to them appropriately is a big part of the value in understanding the contexts required to comprehend valuable CTI.   As with many advanced TechNow security courses, there is a large hands-on ratio.  This course helps Cyber Protection Teams (CPT), Defensive Cyber Operations (DCO), and Mission Defense Teams (MDT) to collect, analyze and apply targeted cyber intelligence to defensive operations in order to proactively act on and tune response to attacks by cyber adversaries.  CPT, DCO, and MDT can take preemptive action by utilizing CTI, understanding CTI tools, techniques and procedures (TTPs) needed to generate and consume timely and relevant intelligence to improve resilience and prevention.

This course focuses on the collection, classification, and exploitation of knowledge about adversaries and their TTPs. .  MDT puts us close the mission and helps define the internal context to be analyzed against the CTI.  TechNow pushes the student to truly understand how to think about and use CTI to make a difference.

Attendees to TN-905: Cyber Threat Intelligence Analysis will receive TechNow approved course materials and expert instruction.

Date/Locations:

No Events

Course Duration: 5 days

Course Objectives:

  • Learn to comprehend and develop complex scenarios
  • Identify and create intelligence requirements through practices such as threat modeling
  • Utilize threat modeling to drive intelligence handling and practices 
  • Breakdown tactical, operational, and strategic-level threat intelligence
  • Generate threat intelligence to detect, respond to, and defeat focused and targeted threats
  • How to collect adversary information creating better value CTI
  • How to filter and qualify external sources, mitigating low integrity intelligence
  • Create Indicators of Compromise (IOCs) in formats such as YARA, OpenIOC, and STIX
  • Move security maturity past IOCs into understanding and countering the behavioral tradecraft of threats
  • Breaking down threats mapped against their tradecraft to tweak IOCs
  • Establish structured analytical techniques to be successful in any security role
  • Learn and apply structured principles in support of CTI and how to communicate that to any security role.

Course Prerequisites:

Comments

Latest comments from students

 

Liked the class?  Then let everyone know!