ＨｉｄｅＺｅｒｏＯｎｅ

SEC504 helps you develop the skills to conduct incident response investigations. You will learn how to apply a dynamic incident response process to evolving cyber threats, and how to develop threat intelligence to mount effective defense strategies for cloud and on-premises platforms. You’ll examine the latest threats to organizations, from watering hole attacks to business email compromise, getting you into the mindset of attackers and anticipating their moves. SEC504 gives you the skills you need to understand how attackers scan, exploit, pivot, and establish persistence in cloud and conventional systems. To reinforce these skills, and to help you retain the course material, 50% of class time is spent on hands-on exercises, using visual association tools to break down complex topics. This course prepares you to conduct cyber investigations and will boost your career by helping you develop these in-demand skills. 33 full labs, 18 Lightning Labs, and an immersive capture the flag event.

Whether you are new to information security or a seasoned practitioner with a specialized focus, SEC401 will provide the essential information security skills and techniques you need to protect and secure your critical information and technology assets, whether on-premise or in the cloud. SEC401 will also show you how to directly apply the concept learned into a winning defensive strategy, all in the terms of the modern adversary. This is how we fight; this is how we win! 18 Hands-On Labs

SANS Foundations is the best course available to learn the core knowledge and develop practical skills in computers, technology, and security foundations that are needed to kickstart a career in cybersecurity. The course features a comprehensive variety of innovative, hands-on labs, and practical exercises that go far beyond what is offered in any other foundational course in cybersecurity. These labs are developed by leading subject-matter experts, drawing on the latest technology, techniques, and concepts in cybersecurity.

Performing IT security audits at the enterprise level can be an overwhelming task. It is difficult to know where to start and which controls should be audited first. Audits often focus on things that are not as important, wasting precious time and resources. Management is left in the dark about the real risk to the organization’s mission. Operations staff can’t use the audit report to reproduce or remediate findings. AUD507 gives the student the tools, techniques and thought processes required to perform meaningful risk assessments and audits. Learn to use risk assessments to recommend which controls should be used and where they should be placed. Know which tools will help you focus your efforts and learn how to automate those tools for maximum effectiveness. 20 Hands-On Exercises

AUD507.1: Audit in the Enterprise and Cloud
AUD507.2: PowerShell, Windows System, and Domain Auditing
AUD507.3: Auditing Linux
AUD507.4: Auditing Cloud Infrastructure
AUD507.5: Auditing Web Applications
AUD507.6: Audit Wars

AUD507: Auditing Systems, Applications, and the Cloud

FOR528: Ransomware and Cyber Extortion provides the hands-on training required for those who may need to respond to ransomware and/or cyber extortion incidents. The term “Ransomware” no longer refers to a simple encryptor that locks down resources. The advent of Human-Operated Ransomware (HumOR) along with the evolution of Ransomware-as-a-Service (RaaS) have created an entire ecosystem that thrives on hands-on the keyboard, well-planned attack campaigns. Furthermore, some cyber extortion actors carry out the full attack lifecycle yet skip the encryption phase. How do you deal with these threats? Our course uses deftly devised, real-world attacks and their subsequent forensic artifacts to provide you, the analyst, with everything you need to respond when either threat becomes a reality. 13 labs + Final day CTF

FOR528.1: Ransomware Incident Response Fundamentals
FOR528.2: Ransomware Modus Operandi
FOR528.3: Advanced Ransomware Concepts
FOR528.4: Ransomware Incident Response Challenge

FOR528: Ransomware and Cyber Extortion

FOR518 is the first non-vendor-based Mac and iOS incident response and forensics course that focuses students on the raw data, in-depth detailed analysis, and how to get the most out of their Mac and iOS cases. The intense hands-on forensic analysis and incident response skills taught in the course will enable analysts to broaden their capabilities and gain the confidence and knowledge to comfortably analyze any Mac or iOS device.