دسته: SANS

Have fun learning Windows security and PowerShell scripting at the same time in course SEC505 at SANS. No prior PowerShell scripting experience is required. Attendees will have fun using generative AI to help write PowerShell scripts, including a fully functional ransomware script that attendees will write and unleash in their training virtual machines in order to learn about defenses against PowerShell malware. This is a course mainly for on-premises Windows environments, such as for GOV and MIL networks, but PowerShell is popular for Azure and AWS too. The course author, Jason Fossen, is a Faculty Fellow who has taught Windows security at SANS for more than 25 years and PowerShell for more than 15 years. Jason gives away his PowerShell scripts for free at https://BlueTeamPowerShell.com.

Syllabus

SEC505.1: Learn PowerShell Scripting for Security
SEC505.2: You Don’t Know THE POWER!
SEC505.3: PowerShell for WMI and Active Directory
SEC505.4: PowerShell DevOps and AI-Generated Code
SEC505.5: Certificates and Multifactor Authentication
SEC505.6: PowerShell Ransomware and Security

SEC505: Securing Windows and PowerShell Automation

ادامه مطلب

Become an Enterprise Defender! Enhance your knowledge and skills in the specific areas of network architecture defense, penetration testing, security operations, digital forensics and incident response, and malware analysis. SEC501: Advanced Security Essentials – Enterprise Defender is an essential course for members of security teams of all sizes. That includes smaller teams where you wear several (or all) hats and need a robust understanding of many facets of cybersecurity, and larger teams where your role is more focused, and gaining skills in additional areas adds to your flexibility and opportunities. This course concentrates on showing you how to examine the traffic that is flowing on your networks, look for indications of an attack, and perform penetration testing and vulnerability analysis against your enterprise to identify problems and issues before a compromise occurs. When a compromise does occur – and it will – you’ll be able to eradicate it because you will have already scoped your adversaries activities by collecting digital artifacts of their actions and analyzing malware they have installed on your systems. That done, you can then undertake the recovery and remediation steps that would have been pointless if your adversary had persisted on your network. 26 Hands-on Labs + Capstone CTF

Syllabus

SEC501.1: Defensible Network Architecture
SEC501.2: Penetration Testing
SEC501.3: Security Operations Foundations
SEC501.4: Digital Forensics and Incident Response
SEC501.5: Malware Analysis
SEC501.6: Enterprise Defender Capstone

SEC501: Advanced Security Essentials – Enterprise Defender

ادامه مطلب

More businesses than ever are moving sensitive data and shifting mission-critical workloads to the cloud, and not just to one cloud service provider (CSP). Something that is unclear to many, is that organizations are still responsible for securing their data and mission-critical applications in the cloud. The benefits in terms of cost and speed of leveraging a multi cloud platform to develop and accelerate delivery of business applications and analyze customer data can quickly be reversed if security professionals are not properly trained to secure the organization’s cloud environment and investigate and respond to the inevitable security breaches. New technologies introduce new risks. The SEC488 cloud security course helps your organization successfully navigate both the security challenges and opportunities presented by cloud services. 20 Hands-on Labs + CloudWars Capstone Challenge.

Syllabus

SEC488.1: Identity and Access Managment (IAM)
SEC488.2: Compute and Configuration Management
SEC488.3: Data Protection and Automation
SEC488.4: Networking and Logging
SEC488.5: Compliance, Incident Response, and Penetration Testing
SEC488.6: CloudWars

SEC488: Cloud Security Essentials

ادامه مطلب

SEC575 will prepare you to effectively evaluate the security of iOS and Android mobile devices, assess and identify flaws in mobile applications, and conduct a mobile device penetration test, which are all critical skills required to protect and defend mobile device deployments. You will learn how to pen test the biggest attack surface in your organization; dive deep into evaluating mobile apps and operating systems and their associated infrastructure; and better defend your organization against the onslaught of mobile device attacks.

Syllabus

SEC575.1: iOS
SEC575.2: Android
SEC575.3: Static Application Analysis
SEC575.4: Dynamic Mobile Application Analysis and Manipulation
SEC575.5: Penetration Testing
SEC575.6: Hands-on Capture-the-Flag Event

SEC575: iOS and Android Application Security Analysis and Penetration Testing

ادامه مطلب

SEC201 provides students that have no or minimal prior knowledge, or those in need of a refresher, with an understanding of the architecture of modern computers and topics spanning how a CPU works, the addressing of memory and the hardware relationship with operating systems. SEC201 includes an introduction to both Windows and Linux, providing students with plenty of hands-on exercises to build their familiarity with the command line and move their knowledge beyond being a power user to actually understanding the underlying facets of a modern OS. SEC201 teaches logic, programming and scripting and introduces how each of these can lead to errors that allow security experts or cyber criminals to find faults and exploit them. SEC201 provides the perfect balance of hands-on labs and theory in order to ensure that students can study security effectively and put their hands on the keyboard, rather than just understanding theory.

Syllabus

  1. Computing Fundamentals
  2. Linux Fundamentals
  3. Windows Fundamentals
  4. Programming Fundamentals
  5. Security Fundamentals

 SANS SEC201: Computing & Technology Essentials

ادامه مطلب

SEC595 provides students with a crash-course introduction to practical data science, statistics, probability, and machine learning. The course is structured as a series of short discussions with extensive hands-on labs that help students to develop useful intuitive understandings of how these concepts relate and can be used to solve real-world problems. If you’ve never done anything with data science or machine learning but want to use these techniques, this is definitely the course for you! 30 Hands-on Labs

ادامه مطلب