دسته: دوره ها

SANS Training Program for CISSP Certification is an accelerated review course designed to prepare you to pass the exam. The course takes into account the 2015 updates to the CISSP exam and prepares students to navigate all types of questions included on the new version of the exam.

Syllabus 

MGT414.1: Introduction; Security and Risk Management
MGT414.2: Asset Security and Security Engineering (Part 1)
MGT414.3: Security Engineering (Part 2); Communication and Network Security
MGT414.4: Identity and Access Management
MGT414.5: Security Assessment and Testing; Security Operations
MGT414.6: Software Development Security

MGT414: SANS Training Program for CISSP® Certification

ادامه مطلب

FOR608: Enterprise-Class Incident Response & Threat Hunting focuses on identifying and responding to incidents too large to focus on individual machines. By using example tools built to operate at enterprise-class scale, students learn the techniques to collect focused data for incident response and threat hunting, and dig into analysis methodologies to learn multiple approaches to understand attacker movement and activity across hosts of varying functions and operating systems by using an array of analysis techniques.

ادامه مطلب

SEC642 will teach you the advanced skills and techniques required to test modern web applications and next-generation technologies. In this course, you will learn through a combination of lectures, real-world experiences, and hands-on exercises that will teach you the techniques to test the security of tried-and-true internal enterprise web technologies, as well as cutting-edge Internet-facing applications. On the final day of the course, you will apply the knowledge you have acquired in a Capture-the-Flag competition, a fun environment based on real-world technologies.

Syllabus

SEC642.1: Advanced Attacks
SEC642.2: Web Cryptography
SEC642.3: Alternative Interfaces and XML
SEC642.4: Modern Web Frameworks, Part 1
SEC642.5: Modern Web Frameworks, Part II
SEC642.6: Capture-the-Flag Challenge

SEC642: Advanced Web App Penetration Testing, Ethical Hacking, and Exploitation Techniques

ادامه مطلب

SEC564 will provide students with the skills to plan and manage Red Team Exercises. Students will understand the tactics, techniques, and procedures (TTPs) used by the adversary to create an adversary emulation plan leveraging MITRE ATT&CK (Adversary Tactics, Techniques, and Common Knowledge). Students will emulate an adversary

Syllabus

SEC564.1: Introduction and Planning of Red Team Exercises
SEC564.2: Red Team Exercise Execution and Closure

 SEC564: Red Team Operations and Threat Emulation

ادامه مطلب

SEC460 will help you build your technical vulnerability assessment skills and techniques using time-tested, practical approaches to ensure true value across the enterprise. Throughout the course you will use real industry-standard security tools for vulnerability assessment, management, and mitigation; learn a holistic vulnerability assessment methodology while focusing on challenges faced in a large enterprise; and practice on a full-scale enterprise range chock-full of target machines representative of an enterprise environment, leveraging production-ready tools and a proven testing methodology. SEC460 takes you beyond the checklist and gives you a tour of attackers’ perspectives that is crucial to discovering where they will strike.

Syllabus

SEC460.1: Vulnerability Management and Assessment

SEC460.2: Network and Cloud Asset Discovery and Classification

SEC460.3: Enterprise and Cloud Vulnerability Scanning

SEC460.4: Vulnerability Validation, Triage, and Mass Data Management

SEC460.5: Remediation and Reporting

SEC460.6: Vulnerability Assessment Hands-on Challenge

SEC460: Enterprise and Cloud | Threat and Vulnerability Assessment

ادامه مطلب

SEC583 is a one-day, lab-heavy course designed to teach the powerful skill of how to craft and manipulate packets through the use of many hands-on activities. This skill can be used to test policies, behaviors, and configurations and will also provide deeper understanding of TCP/IP and application protocols.

Syllabus

SEC583.1: Crafting packets

SEC583: Crafting Packets

ادامه مطلب