برچسب: Security

Learn the foundations of cybersecurity defense with Foundational Security Operations and Defensive Analysis (SOC-200), a course designed for job roles such as Security Operations Center (SOC) Analysts and Threat Hunters. Learners gain hands-on experience with a SIEM, identifying and assessing a variety of live, end-to-end attacks against a number of different network architectures. Learners who complete the course and pass the exam earn the OffSec Defense Analyst (OSDA) certification, demonstrating their ability to detect and assess security incidents.

Syllabus

  • Attacker Methodology Introduction
  • Windows Endpoint Introduction
  • Windows Server Side Attacks
  • Windows Client-Side Attacks
  • Windows Privilege Escalation
  • Windows Persistence
  • Linux Endpoint Introduction
  • Linux Server Side Attacks
  • Network Detections
  • Antivirus Alerts and Evasion
  • Network Evasion and Tunneling
  • Active Directory Enumeration
  • Windows Lateral Movement
  • Active Directory Persistence
  • SIEM Part One: Intro to ELK
  • SIEM Part Two: Combining the Logs

SOC-200: Foundational Security Operations and Defensive Analysis

ادامه مطلب

The industry-leading Penetration Testing with Kali Linux (PWK/PEN-200) course introduces penetration testing methodologies, tools, and techniques in a hands-on, self-paced environment. Access PEN-200’s first Learning Module for an overview of course structure, learning approach, and what the course covers. Learners who complete the course and pass the exam will earn the OffSec Certified Professional (OSCP) certification which requires holders to successfully attack and penetrate various live machines in a safe lab environment. The OSCP is considered to be more technical than other ethical hacking certifications and is one of the few that requires evidence of practical penetration testing skills.

ادامه مطلب

This course provides in-depth coverage of Linux and Unix security issues that includes specific configuration guidance and practical, real-world examples, tips, and tricks. We examine how to mitigate or eliminate general problems that apply to all Unix-like operating systems, including vulnerabilities in the password authentication system, file system, virtual memory system, and applications that commonly run on Linux and Unix. The course will teach you the skills to use freely available tools to handle security issues, including SSH, AIDE, sudo, lsof, and many others. SANS’s practical approach uses hands-on exercises every day to ensure that you will be able to use these tools as soon as you return to work. We will also put these tools to work in a special section that covers simple forensic techniques for investigating compromised systems.

Syllabus

Hardening Linux/Unix Systems – Part 1

Hardening Linux/Unix Systems – Part 2

Hardening Linux/Unix Systems – Part 3

Application Security – Part 1

Application Security – Part 2

Digital Forensics for Linux/Unix

SEC506: Securing Linux/Unix

ادامه مطلب

SEC455 serves as an important primer to those who are unfamiliar with the architecture of an Elastic-based SIEM. Students that have taken or plan to take additional cyber defense courses may find SEC455 to be a helpful supplement to the advanced concepts they will encounter in courses such as SEC555.

Syllabus

SEC455.1: Distributed Search and Visualization
SEC455.2: Enriching and Managing Logs
ادامه مطلب

If you are worried about leading or supporting a major cyber incident, then this is the course for you. We look at all the common and major cyber incident types and explain what the key issues are and how plan a recovery. This cyber incident management training course focuses on the challenges facing leaders and incident commanders as they work to bring enterprise networks back online and get business moving again. Whilst you may have a full team of technical staff standing-by to find, understand and remove the attackers, they need information, tasking, managing, supporting, and listening to so you can maximize their utilization and effectiveness. We focus on building a team to remediate the incident, on managing that team, on distilling the critical data for briefing, and how to run that briefing. We look at communication at all levels from the hands-on team to the executives and Board, investigative journalists, and even the attackers.

Syllabus

MGT535.1: Understanding and Communicating About the Incident
MGT535.2: Scoping the Damage, Planning the Remediation, and Executing the Plan
MGT535.3: Training, Leveraging Cyber Threat Intelligence, Bug Bounties
MGT535.4: Cloud Incidents, Business Email Compromise, Credential Theft Attacks and Incident Metrics
MGT535.5: AI for Incidents, Attacker Extortion, Ransomware, and Capstone Exercise

ادامه مطلب

The challenges faced by security professionals are constantly evolving, so there is a huge demand for those who can understand a technology problem and quickly develop a solution. If you have to wait on a vendor to develop a tool to recover a forensics artifact, or to either patch or exploit that new vulnerability, then you will always be behind. It is no longer an option for employers serious about information security to operate without the ability to rapidly develop their own tools. This course will give you the skills to develop solutions so that your organization can operate at the speed of the adversary. SEC573 is an immersive, self-paced, hands-on, and lab-intensive course. After covering the essentials required for people who have never coded before, the course will present students with real-world forensics, defensive, and offensive challenges. You will develop a malware dropper for an offensive operation; learn to search your logs for the latest attacks; develop code to carve forensics artifacts from memory, hard drives, and packets; automate the interaction with an online website’s API; and write a custom packet sniffer. Through fun and engaging labs, you’ll develop useful tools and build essential skills that will make you the most valuable member of your information security team. 128 Hands-on Labs + Capture-the-Flag Challenge

Syllabus

SEC573.1: Essentials Workshop with pyWars
SEC573.2: Essentials Workshop with MORE pyWars
SEC573.3: Defensive Python
SEC573.4: Forensics Python
SEC573.5: Offensive Python
SEC573.6: Capture-the-Flag Challenge

SEC573: Automating Information Security with Python

ادامه مطلب