6130 Sprint Parkway, Suite 400 • Overland Park, KS 66211 •
1.888.732.9406
www.fishnetsecurity.com
COURSE
CA
TALOG
Over a Decade of
Security Training Excellence!
Helping Security Professionals Become Security Experts.
FishNet Security Training Services has been delivering intense,
focused training to the market since 1998. We specialize in
delivering real-world, relevant, expert instruction to our clients.
We have seen the security landscape change and take pride
in our ability to constantly adapt our training offerings and
instructional techniques to match real world demands.
Our trainers deliver flexible, customizable training courses
that fulfill you and your organization’s security training needs.
FishNet Security trainers don’t teach straight from the book;
they have the ability to adjust training delivery in real time to
fit your organization’s security paradigm.
SECURITY
Course Catalog
www
.fishnetsecurity
.com
3
ID# 12SK0002 Last Modified 4.13.2012
CLASSROOM TRAINING
World-Class Security Training
The education and training courses provided by FishNet Security are unmatched
in the industry. The FishNet Security training team uses effective and cutting-edge
methods to ensure a true transfer of knowledge through lecture, hands-on labs,
and in-depth demonstrations. FishNet Security offers the highest value for your
training dollar.
Students walk away with tools and techniques that can be applied immediately and
provide results. They gain a detailed understanding of the intricacies of security
strategy, design, implementation, operation, and governance. Classroom Training
courses are held in our Authorized Training Centers distributed across the country.
eLEARNING
A Library of Security Based Online Courses
eLearning Courses are security-focused flash courses that contain tracking
elements. Our high-impact content can include animation, graphs, charts,
knowledge checks, interactivity, quizzes, and in-depth exams. Each eLearning
program is split into segments from 10 to 30 minutes long. A program can include
many different courses. All of our content can be configured to function within
your environment or hosted on the FishNet-provided Learning Management
System.
Custom Content
The eLearning team has experience creating high impact custom courses that
range from five minutes to five days of content. We have access to a diverse
pool of FishNet Security Subject Matter Experts and consultants and can direct
them to create content specific to your security policies and standards.
REMOTE LIVE TRAINING
On-Demand Instructor Led Training
FishNet Security’s Remote Live Training features the same instructors who teach
our traditional Classroom Training courses.
Students who take a Remote Live Training course will interact with a dedicated
live instructor through two-way AV communications and online chat.
Every question you ask will be answered, and you will be able to communicate
with other students in your course. Group discussion, hands-on lab experience,
and tailored instruction take place during Remote Live Training.
Course Catalog
www
.fishnetsecurity
.com
4
Onsite Training format. That means you receive all of the benefits of FishNet
Security Training classes but at your organization’s campus.
When you schedule an Onsite Training class, you receive instruction tailored
specifically to your work environment. Instructors will help you solve the
unique problems that are hindering your organization. All course lab equipment
is available and can be configured to teach on equipment mapped to your
organization’s unique topology.
ADDITIONAL COURSE INFO
Student provided laptop required.
Additional course specific supplies provided. Please contact your Inside Sales Representative or Account Executive for payment.
Ways to pay: Purchase Order, Wire Transfer, or Credit Card: American Express, Visa, MasterCard.
Student must be quoted before registering for class.
Student must register for the class at: www.fishnetsecurity.com before attending the class.
If unable to attend student MUST cancel registration three weeks in advance to avoid variable cancelation fee.
Training Classes must be paid for prior to the first day of class.
Payment is NOT required to register
Questions?
Please call 1.888.732.9406
if...
• You do not see your desired course listed here. • Course dates/location are not effective for you. • You have more than four students to train. • You are interested in an onsite quote.
• You would like to register for a course, but it is listed as full.
TO REGISTER
Call: 1.888.732.9406
Fax: 816.421.6677
Online: www.fishnetsecurity.com
General Class Times
Classroom Training9 a.m. to 5 p.m.
Local time unless otherwise specified.
Onsite Training
Times are flexible to meet your needs; generally, we recommend 9 a.m. to 5 p.m.
Remote Live Classes
9 a.m. to 5 p.m. Central Time.
eLearning Classes
Attended at the students convenience.
Course Catalog
www
.fishnetsecurity
.com
5
ID# 12SK0002 Last Modified 4.13.2012
7Safe
Certified Security Testing Associate (CSTA) ... 8
Ethical Hacking: ... 8
Certified Security Testing Professional (CSTP) ... 9
Ethical Hacking II ... 9
Certified Application Security Tester (CAST) ... 10
Application Security Testing Training ... 10
Certified Wireless Security Analyst (CWSA) ... 11
Wireless Security ... 11
Certified ISO 27001 Implementation Practitioner (CIIP) ...12
Implementing ISO 27001 ...12
Payment Card Industry Data Security Standards (PCI DSS) Implementation ... 13
ISO 27001 Lead Auditor Training Course ... 14
Certified Forensic Investigation Practitioner (CFIP) Forensic Investigation Training Course ... 15
Certified Malware Investigator (CMI) Malware Investigation ... 16
Certified Security Incident Specialist (CSIS) Computer Security Incident Investigation ...17
Certified Mac Forensics Specialist (CMFS) Applied Mac Forensics ... 18
BlueCoat Blue Coat Certified Proxy Administrator (BCCPA) ... 19
Blue Coat Certified Proxy Professional (BCCPP) ...20
CheckPoint VSX R67 ...21
Multi-Domain Security manaagement with VSX ...22
Multi-Domain Security manaagement with Provider-1 ...23
Security Administrator (CCSA) R75 ...24
Security Expert (CCSE) R75 ...25
Security Bundle (CCSA & CCSE) R75 ...26
Comp TIA A+ ...27 Network+ ...28 Security+ ...29
OTHER INFORMATION
Who We Are ... 1Remote Live Training ... 4
eLearning ... 4
Classroom Training ... 5
OnSite Training ... 5
General Course Information ... 5
Questions ... 5
Training Locations ... 86
Disclaimer ...87
Course Catalog
www
.fishnetsecurity
.com
6
F5 BIG-IP LTM v11 ... 34 Changes in BIG-IP LTM v11 ... 35 Troubleshooting BIG-IP LTM v10 ... 36 BIG-IP GTM v11 ...37Configuring BIG-IP with iRules v10 ... 38
BIG-IP Application Security Manager v11 ... 39
BIG-IP Edge Gateway - Access Policy Manager v11 ... 40
BIG-IP Edge Gateway – WAN Optimization Module v10 ... 41
F5 BIG-IP Edge Gateway – WebAccelerator v10 ...42
FireMon FireMon Administrator ... 43
FishNet Security Training Services Certified Information Systems Security Professional (CISSP) ... 44
DOD Information Assurance Certification and Accreditation Process (DIACAP) Fundamentals ... 45
DOD Information Assurance Certification and Accreditation Process (DIACAP) In Depth ... 46
Federal Certification & Accreditation (C&A) Fundamentals ...47
Federal Certification & Accreditation (C&A) In Depth ... 48
Linux Security ... 49
PCI Security Awareness Package for End-Users ... 50
Security Awareness for End-Users ... 51
Web Application Security Awareness for End-Users ...52
eLearning Security Awareness: Video Training ... 53
eLearning Security Awareness: Criminal Crab ... 54
eLearning Security Awareness: Executive Review ... 55
eLearning Developer Training: OWASP Top 10 ... 56
eLearning Developer Training: Application Security ...57
eLearning Developer Training: Secure Coding ... 58
eLearning Developer Training: Linux Security ... 59
eLearning PCI Training: Introduction to PCI ... 60
eLearning PCI Training: PCI-DSS ... 61
eLearning PCI Training: PCI Scoping ...62
eLearning HIPAA Training: Introduction to HIPAA ... 63
Course Catalog
www
.fishnetsecurity
.com
7
ID# 12SK0002 Last Modified 4.13.2012
Introduction to JUNOS Operating System (IJOS) ... 65
JUNOS Routing Essentials (JRE) ... 66
JUNOS Security (JSEC) ...67
Configuring Juniper Networks Firewall / IP Sec VPN Products (CJFV) ... 68
Network and Security Manager Fundamentals (NSMF) ... 69
Advanced Juniper Networks IPSec VPN Implementations (AJVI) ...70
Integrating Juniper Networks Firewalls and VPN’s into High-Performance Networks (IFVH) ...71
Attack Prevention with Juniper Networks Firewalls (APJF) ...72
Configuring Juniper Networks Secure Access (CJSA) ...73
Advanced Juniper Networks Secure Access (AJSA) ...74
Implementing Intrusion Detection & Prevention Products (IIDP) ...75
Configuring Unified Access Control (CUAC) ...76
McAfee Sidewinder: Firewall Enterprise System Administration ...77
Palo Alto Essentials 1: Firewall Installation, Configuration and Management ...78
Essentials 2: Extended Firewall Management...79
Essentials Bundle: Firewall Installation, Configuration and Management + Extended Firewall Management ... 80
Q1 Labs Introduction to QRadar ... 81
Riverbed Steelhead Appliance Deployment & Management ...82
Websense Web Security Gateway Anywhere (WSGA) ... 83
Email Security Gateway Anywhere (ESGA) ... 84
Course Catalog
www
.fishnetsecurity
.com
8
TO REGISTER
Call:1.888.732.9406
Certified Security Testing Associate (CSTA)
Ethical Hacking:
Target Audience:
The course is ideally suited to anyone with responsibility for, or with an interest in, the security of IT systems, such as: system administrators, auditors, IT security officers, information security professionals and budding penetration testers.
Prerequisites:
Persons attending this course should have a working knowledge of networking concepts, Windows Server and/or UNIX, and experience with TCP/IP and the Internet.
Course Overview:
In this course, practical exercises reinforce theory with each delegate having access to a Windows 2008 domain (server and workstation) along with a Linux server. Although the course demonstrates current hacking techniques, this is always done with defense in mind and countermeasures are discussed throughout. The CSTA exam (theory based) is included at the end of the course.
Course Outline:
• Introduction & Networking Refresher ◦ Motivations behind hacking ◦ The hacking scene ◦ Methodology ◦ Sniffing traffic • Information Discovery
◦ Useful information
◦ Sources - websites, metadata, search engines, DNS, social engineering • Target Scanning
◦ Host discovery ◦ Port scanning techniques ◦ Banner grabbing • Vulnerability Assessment
◦ Causes of vulnerabilities ◦ The classic buffer overflow ◦ Vulnerability tracking ◦ Scanning
◦ Client-side vulnerabilities • Attacking Windows
◦ Windows enumeration
◦ Windows network authentication ◦ Access tokens
◦ Pass the hash • Attacking Linux
◦ Exploitation
◦ Web shells ◦ Pivoting the attack ◦ Online password cracking ◦ ARP Poisoning Man in the Middle ◦ Privilege escalation linux ◦ Standard streams
◦ Privilege ecalation by exploit ◦ Commercial penetration testing tools ◦ Password storage
◦ Password cracking ◦ Permission errors ◦ Sudo
◦ SUID
◦ Flawed shell scripts • Retaining Access
◦ Backdoors ◦ Trojan Horses ◦ Delivery mechanisms
Course Catalog
www
.fishnetsecurity
.com
9
TO REGISTER
Call:1.888.732.9406
Fax: 816.421.6677 Online: www.fishnetsecurity.comID# 12SK0002 Last Modified 4.13.2012
7Safe
Certified Security Testing Professional (CSTP)
Ethical Hacking II
Target Audience:
The course is ideal for system/network administrators, crime prevention / protection officers, auditors, security officers, information security professionals and penetration testers.
Prerequisites:
Ethical Hacking: Certified Security Testing Associate (CSTA), and a basic understanding of HTTP & HTML.
Course Overview:
CSTP introduces delegates to the exploitation and security auditing of web applications. It also reinforces and develops techniques from CSTA. Web application vulnerabilities can pose serious problems to an organization’s security. Many do not realize how much control an attacker can gain via a simple flaw in the security of a public-facing web application.
Course Outline:
• Infrastructure Penetration Testing ◦ Use of the Nikto web server scanner
& Nessus
◦ Remote registry hacking & silent RAT installation
◦ Understand the Metasploit
Framework, including the powerful Meterpreter payload
• Hacking Web Applications
◦ Find & assess weaknesses in PHP & ASP.NET web applications
◦ Learn how you can use SQL injection to bypass authentication & reveal confidential information
◦ Gain SYSTEM level access to a web server hosting a poorly secured web
application
◦ Learn what web application
vulnerability scanners can and can’t do to map out weaknesses in web ◦ Applications Practical injection
techniques used to glean, manipulate
& corrupt data
◦ Test and exploit web applications using HTTP request & response modification
◦ Launch attacks using an HTTP proxy ◦ Further attacks using extended stored
procedures
• Client-Side Attacks
◦ Discover the potential severity of the often underestimated XSS vulnerability
◦ Understand cross-site request forgeries
◦ Common browser & e-mail client hacking techniques used to target
Internet users
◦ Attack a Windows XP Workstation ◦ Enhance attacks through e-mail
spoofing
◦ Use XSS with session cookie theft to compromise a user’s online identity and steal confidential information ◦ Launch a web application dictionary
attack
◦ Use Metasploit’s autopwn to
automatically attack a user’s browser
Materials Covered
• Review of professional penetration testing tools
• Further exercises against Windows and UNIX targets
• The Metasploit framework
• Web application security, including: ◦ SQL Injection
◦ Cross-site scripting (XSS)
◦ Cross-site request forgeries (CSRF) • Threats to users
Remote Live Training • Classroom Training • Onsite Training
2 Day Course
Course Catalog
www
.fishnetsecurity
.com
10
TO REGISTER
Call:1.888.732.9406
Certified Application Security Tester (CAST)
Application Security Testing Training
Target Audience:
This course is ideally suited to individuals that have been working in an application testing (security assessment/administration) or developer environment for several months.
Prerequisites:
7Safe CSTA and CSTP courses, or possess equivalent knowledge and a practical understanding of backend web application technologies.
Course Overview:
Gain in-depth knowledge on how to identify security vulnerabilities and subsequently identify the real risk of these vulnerabilities by exploiting them. This course also helps prepare you for the Council of Registered Ethical Security Testers (CREST) Certified Tester (Application) qualification.
Course Outline:
• Introduction to Web Applications ◦ Authentication ◦ Authorisation ◦ Cookies ◦ HTTP protocol ◦ Overview of Google hacking • Authentication ◦ Types of authentication ◦ Clear text HTTP protocol ◦ Advanced username enumeration/brute force issues ◦ Security through obscurity • Authorization ◦ Session management issues ◦ Weak ACLs ◦ Cookie analysis • SSL Misconfigurations ◦ SSL and mand-in-the-middle attacks ◦ TLS renegotiation, %00Server exploits (bypass exclusion list etc.) ◦ Hacking with Metasploit ◦ Insecure HTTP methods ◦ WebDAV issues • Cross Site Scripting
◦ Types of XSS ◦ Identifying XSS ◦ Exploiting XSS ◦ Advanced XSS
exploitation with beef and XSS-Shell ◦ Secure cookie, HTTP-only • Advanced XSS ◦ Pitfalls in defending XSS ◦ Fixing XSS
• Cross Site Request Forgery ◦ Identifying /exploiting CSRF ◦ Complicated CSRF with POST requests ◦ CSRF in web services ◦ Impact ◦ Fixing CSRF ◦ Impact: Authentication bypass
◦ Impact: Extracting data (Blind SQL injection, UNION tricks, OOB channels) ◦ OS code execution (MS-SQL, My(MS-SQL, Oracle) ◦ SQL injection within stored procedures, parameterized statements ◦ Places whre you never
thought SQLI could occur ◦ Pitfalls in defending SQL
injections
◦ Fixing SQL injections • Malicious File Uploads
◦ File uploads
◦ ISS zero-day ◦ Hacking unprotected
application servers • Vulnerable Flash Applications
◦ Insecure cross-domain requests
◦ Flash XSS • Business Logic Bypass
Course Catalog
www
.fishnetsecurity
.com
11
TO REGISTER
Call:1.888.732.9406
Fax: 816.421.6677 Online: www.fishnetsecurity.comID# 12SK0002 Last Modified 4.13.2012
7Safe
Certified Wireless Security Analyst (CWSA)
Wireless Security
Target Audience:
Those responsible for, or with an interest in, the security of IT systems (both wired and wireless), including but not limited to: IT managers, syetems/network administrators, IT security professionals and forensic/network investigators.
Prerequisites:
Basic understanding of TCP/IP networking. Previous use of wireless networks and Linux is desirable.
Course Overview:
This wireless security training course – completely revised this year – gives delegates an understanding of:
• Different types of 802.11i networks • How hackers bypass wireless security • Implementing wireless security measures
Wireless security training is vital when considering deployment of wireless LANs. As wireless grows in popularity and more security horror stories hit the headlines, the need to secure these networks has become ever greater. The course follows the evolution of wireless security, teaching the underlying principles so that delegates leave not only with an understanding of the current scene but also better prepared as the world of wireless inevitably changes.
Course Outline:
• Wireless Network Security Introduction ◦ Overview of wireless technologies
(e.g. Bluetooth, WiFi, WiMax) ◦ Wireless components and their
functionality
◦ 802.1 1 architecture and commonly used terminology
• Wireless Vulnerabilities
◦ The dangers of using public WiFi networks
◦ Practical exercises on the equipment and tools used to gain access
◦ Unauthorized WiFi: rogue access
points
• Securing Wireless Networks ◦ How wireless networks can be
protected against attack, including WEP, TKIP, CCMP and their relative strengths and weaknesses
◦ 802.1 1i and how the standard relates to WPA and WPA2
◦ 802.1X including EAP authentication methods, key management and RADIUS
◦ Practical exercise creating digital certificates for 802.1 1i compliant network
• Testing the Level of Security
◦ “War driving” to audit WiFi networks ◦ Finding “hidden” networks
◦ Circumventing MAC Filtering ◦ Breaking WEP encryption ◦ Breaking WPA encryption
◦ Security considerations for Bluetooth, WiMax and RFID
Remote Live Training • Classroom Training • Onsite Training
2 Day Course
Course Catalog
www
.fishnetsecurity
.com
12
TO REGISTER
Call:1.888.732.9406
Certified ISO 27001 Implementation Practitioner (CIIP)
Implementing ISO 27001
Target Audience:
The course is ideal for IT, financial, HR management, computer auditors, IT security officers, information security professionals, those with an interest/responsibility for information security.
Prerequisites:
None.
Course Overview:
This course helps to give an in-depth understanding of information security and how it applies to you and your organization by explaining the mysteries of areas such as information asset inventory and risk assessment.
Course Outline:
• Course Highlights
◦ Why do you need certification to ISO 27001?
◦ What the Information Security Management System (ISMS) is and what it is trying to achieve
• Confidentiality, Integrity, Availability and
Audit
◦ Overview of the stages of the ISMS ◦ Defining an Information Security
Policy
◦ Defining the scope of the ISMS • Identifying Information Assets
◦ What are information assets? ◦ Creating an asset classification
system
• Undertaking a Risk Assessment
◦ Identifying asset values, threats and vulnerabilities
◦ Creating a usable and simple risk
• Managing Risk ◦ Risk measurement
◦ Risk reduction and acceptance techniques
◦ Practical exercise - determining control objectives
◦ Selecting control objectives and
controls
◦ Security in depth
◦ ISO 27001 control objectives and
controls
◦ The application of countermeasures ◦ Practical exercise - Creating a
workable counter measure
◦ Additional controls not in ISO 27001 ◦ Preparing a Statement for
Applicability
◦ The need to review and audit the ISMS
Course Catalog
www
.fishnetsecurity
.com
13
TO REGISTER
Call:1.888.732.9406
Fax: 816.421.6677 Online: www.fishnetsecurity.comID# 12SK0002 Last Modified 4.13.2012
7Safe
Payment Card Industry Data Security Standards (PCI DSS)
Implementation
Target Audience:
The course is intended for anyone accepting credit card payments or processing, storing or transmitting credit card data, merchants, third party service providers, acquirers, finance, internal auditors, IT, sales department staff.
Prerequisites:
None.
Course Overview:
In this introductory training course, attendees will learn how the Payment Card Industry Data Security Standard (PCI DSS) is implemented. Delegates will leave the course with a clear and knowledgeable understanding of PCI DSS and will be able to use this knowledge when assisting PCI DSS assessments..
Course Outline:
• PCI Security Council objectives and documentation
• Specific terminology and its application to existing situations
• How the Standard applies to everyone involved with cardholder information
• How the implementation of the Standard is validated, dependent on levels of activity • Cardholder data that can/cannot be held
• The relevance of different system components • Detailed requirements of the Standard
• How compliance is assessed and whether compensating controls are acceptable • Compilation of the Report on Compliance (ROC)
• Special considerations for hosting
Remote Live Training • Classroom Training • Onsite Training
1 Day Course
Course Catalog
www
.fishnetsecurity
.com
14
TO REGISTER
Call:1.888.732.9406
ISO 27001 Lead Auditor Training Course
Target Audience:
The course is intended for those who wish to undertake and eventually lead audits of Information Security Management Systems (ISMS). It is also useful for those interested in implementation of ISO 27001.
Prerequisites:
None.
Course Overview:
This training course for becoming a ISO 27001 Lead Auditor finishes with an examination for the ISO 27001 Lead Auditor qualification.
Over five days, this intensive course prepares delegates for the qualification process for ISO 27001 and trains them on how to conduct audits for Certification Bodies. It also empowers them to give practical help and information to those who are working towards compliance and certification.
This course is the first to be accredited by the International Register of Certified Auditors (IRCA) in association with ISO 27001 auditors Bureau Veritas.
Course Outline:
• Aims and Objectives
◦ To enable attendees to undertake external audits and lead audits of Information Security Management Systems
◦ To explain to the attendees the purpose and planning procedure of making systems
secure
◦ To ensure attendees understand the importance of organizing and reporting their audit findings
• Highlights
◦ Appreciate the importance of controlling Information Security in all types of business ◦ State the requirements and scope ISO 27100
◦ Identify the documented management systems required to control Information Security ◦ Evaluate risk assessments for Information Security
◦ Effectively plan and undertake an audit
Course Catalog
www
.fishnetsecurity
.com
15
TO REGISTER
Call:1.888.732.9406
Fax: 816.421.6677 Online: www.fishnetsecurity.comID# 12SK0002 Last Modified 4.13.2012
7Safe
Certified Forensic Investigation Practitioner (CFIP) Forensic
Investigation Training Course
Target Audience:
The course is ideal for forensic and network investigators, IT security officers, law enforcement officials and crime prevention officers.
Prerequisites:
Experience with Microsoft Windows. General appreciation of forensic principles, practices and software desirable.
Course Overview:
This course guides students through the process of conducting a forensic investigation and will learn the principles surrounding the collection of evidence, together with the forensic tools associated with forensic analysis..
Course Outline:
• Electronic Data
◦ Learn how data is stored to electronic devices ◦ Analyze the functionality of a computer file system • Hardware and Software
◦ Addressing hardware employed during a forensic investigation ◦ Familiarization with forensic software
• Investigation Windows Artefacts
◦ Function, structure and operation of the Windows registry ◦ Internet history
◦ Encryption
◦ Recycle bins
Remote Live Training • Classroom Training • Onsite Training
3 Day Course
Course Catalog
www
.fishnetsecurity
.com
16
TO REGISTER
Call:1.888.732.9406
Certified Malware Investigator (CMI) Malware Investigation
Target Audience:
The course is ideal forensic and network investigators, information security professionals, IT security officers, law enforcement officials, computer auditors, crime prevention officers.
Prerequisites:
CFIP recommended but not essential. Principles and general guidelines surrounding forensic investigation, preliminary case considerations to evaluate when beginning a forensic investigation, and sound experience with Microsoft Windows. A basic understanding of TCP/ IP networking concepts is advantageous.
Course Overview:
On this 3 day practical training course, extend your knowledge beyond conventional static computer forensics analysis. You will be guided through the process of conducting malware analysis, from the principles surrounding the different analysis environments and 7Safe’s malware investigation methodology to investigating network activity stemming from malicious software infection.
Course Outline:
• Malicious Software
◦ How malicious software impacts computer users
◦ The operation of viruses, worms, Trojan horses, backdoors and rootkits ◦ How to examine for signs of infection
◦ How Trojan payloads can be used to bypass anti-virus software, personal and corporate firewalls
• Windows Registry
◦ Function, structure and operation of windows registry
◦ Investigation of malicous software locations in the registry and file system • Case Scenarios
◦ Gain a practical understanding of modern malware beyond the often quoted traditional
principles
◦ Mount forensic images for analysis ◦ Build virtual machines for analysis
Course Catalog
www
.fishnetsecurity
.com
17
TO REGISTER
Call:1.888.732.9406
Fax: 816.421.6677 Online: www.fishnetsecurity.comID# 12SK0002 Last Modified 4.13.2012
7Safe
Certified Security Incident Specialist (CSIS)
Computer Security Incident Investigation
Target Audience:
Those responsible or eager to become responsible for computer forensic investigation, including forensic and network investigators, IT security officers, information security professionals, law enforcement officials, crime prevention officers.
Prerequisites:
7Safe CSTA and CSTP ethical hacking courses, 7Safe CFIP and CMI forensic investigation courses or equivalent relevant experience, sound experience with Microsoft Windows, and basic understanding of TCP/IP network concepts.
Course Overview:
This 4 day technical, highly practical course is designed to equip information security specialists with the knowledge and skills to deal effectively with incident response situations. It also gives investigators valuable insight into forensic acquisition under difficult circumstances. Delegates will be guided through a real-world style scenario featuring extensive “hands-on” learning throughout.
Course Outline:
• Forensic Acquisition
◦ Deal with systems that cannot be shut down for a variety of reasons, including encryption, business criticality and lack of physical access
◦ Acquire images of live Windows and Linux servers across networks utilizing a variety of tools
◦ Harvest data from firewalls and routers, where traditional imaging often fails • Vulnerability Scanning
◦ Communication protocols, hacking methodologies and techniques
◦ Advanced hacking techniques, including hacking web applications and client side attacks
◦ Commonly used vulnerability scanning and penetration testing tools • Advanced Data Analysis
◦ Conduct analysis of acquired data, live data, log files, database structures,
and source code
◦ Utilize a variety of tools to extract relevant data quickly and effectively from complex technical sources
• Containing the Incident
◦ Applying newly acquired techniques to contain and risk manage the incident ◦ Balance the containment of an incident with the forensic recovery of the
associated data
Remote Live Training • Classroom Training • Onsite Training
4 Day Course
Course Catalog
www
.fishnetsecurity
.com
18
TO REGISTER
Call:1.888.732.9406
Certified Mac Forensics Specialist (CMFS)
Applied Mac Forensics
Target Audience:
Forensic investigators who have gained experience dealing largely with Windows based systems and are now finding themselves in the situation where they increasingly need to understand the data structures and evidence potential in Mac OS X environments.
Prerequisites:
Principles and general guidelines surrounding forensic investigation. Preliminary case considerations to evaluate when beginning a forensic investigation.
Course Overview:
In this intense course, detailed presentations will alternate with hands-on practical exercises, covering many relevant aspects of the Mac OS X operating systems. These are some of the key topics we will cover :
Key differences between the original Mac OS operating systems and Mac OS X. As Mac OS became a Unixvariant, it introduced a whole new way of thinking about file ownership and permissions.
It still kept the original Mac way of thinking in terms of storage of Metadata: Lots of it! We will have a look at what information Mac OS X stores about files and at HFS+, the new file system OS X needed to actually facilitate all that. We will also ask and answer the one file system question that is more Mac than any other: What, exactly, is a resource fork?
Mac OS X adopted the GUID Partition Table scheme for its partition layout on the hard drive. Unlike Vista, which also supports GPT but does not generally use it, OS X will prefer this partitioning scheme. We will delve into par tition setup using GPT – you will be interested in case your forensic tool of choice does not like GPT and does not successfully search for HFS+ partitions, either.
Since Mac OS X Leopard (v10.5, October 2007), the operating system comes with a new feature forensic investigators will be interested in: Time Machine. As the operating system notoriously suggests to the user to use Time Machine to automatically create backups at fixed intervals, many Mac users will have backups created that might contain data of relevance even if the current system does not. As Apple puts it: Set it, then forget it. The user just might have, but we should not!
Course Catalog
www
.fishnetsecurity
.com
19
TO REGISTER
Call:1.888.732.9406
Fax: 816.421.6677 Online: www.fishnetsecurity.comID# 12SK0002 Last Modified 4.13.2012
Blue Coat
Blue Coat Certified Proxy Administrator (BCCPA)
Target Audience:
IT network or security professionals who wish to master the fundamentals of Blue Coat products with a focus on network security and who have not taken any previous Blue Coat training courses.
Prerequisites:
Students should be familiar with networking essentials, such as LAN, Internet, security, and IP protocols. Basic knowledge of authentication methods is also a plus.
Course Overview:
The Blue Coat Certified ProxySG Administrator (BCCPA) course is intended for IT professionals who wish to master the fundamentals of the Blue Coat ProxySG. After completing this course, you will understand:
• Key concepts of network security and wide-area network (WAN) optimization • The major functions of the ProxySG, how they work, and how to administer them • How the ProxySG interfaces with other Blue Coat products
• How to get service and support from Blue Coat
CERT
Upon completing this course and passing an online exam (included in the cost of the course), students will become Blue Coat Certified Proxy Administrators.
Course Outline:
• Blue Coat Family of Products • Understanding Proxy Servers • ProxySG Deployment • ProxySG Licensing • ProxySG Initial Setup
• ProxySG Management Console • Services
• Hypertext Transfer Protocol • Policy Management
• WebPulse
• Authentication Introduction • Authentication using LDAP • Creating Notifications • Creating Exceptions • Access Logging
• WAN Optimization Features • Service and Support
Classroom Training • Onsite Training • Remote Live Training
2 Day Course
8 Hour Sessions
Course Catalog
www
.fishnetsecurity
.com
20
TO REGISTER
Call:1.888.732.9406
Blue Coat Certified Proxy Professional (BCCPP)
Target Audience:
IT network or security professionals who have practical experience with the ProxySG in the field and wish to master the advanced network security capabilities of Blue Coat products.
Prerequisites:
Blue Coat Certified ProxySG Administrator (BCCPA) certification, or waiver exam, plus practical experience with the ProxySG in the field. Additionally, students should possess advanced knowledge of networking, security, and authentication.
Course Overview:
The Blue Coat Certified ProxySG Professional (BCCPP) Course is intended for IT professionals who wish to master the advance features of the Blue Coat ProxySG. After completing this course, you will understand:
• The architecture of the ProxySG
• How to use Content Policy Language and trace policy execution • Authentication realms and how to configure them on the ProxySG • How to use the ProxySG for forwarding and failover
• Streaming media and bandwidth management
• How the ProxySG works with the ProxyAV to perform anti-virus scanning • How Blue Coat Director can be used to manage multiple ProxySG appliances
CERT
Upon completing this course and passing an online exam (included in the cost of the course), students will become Blue Coat Certified Proxy Professionals.
Course Outline:
The Blue Coat Certified ProxySG Professional (BCCPP) Course includes more complex and technical concepts and extensive hands-on practice. It covers:
• System Architecture • Caching Architecture • Services – Advanced Topics • Content Policy Language (CPL) • Regular Expressions
• Managing downloads and apparent data
types
• SSL Proxy
• Policy Tracing • Forwarding
• Reverse Proxy Implementation • Two-Way URL Rewrite • Blue Coat Director • Failover
Course Catalog
www
.fishnetsecurity
.com
21
TO REGISTER
Call:1.888.732.9406
Fax: 816.421.6677 Online: www.fishnetsecurity.comID# 12SK0002 Last Modified 4.13.2012
Check Point
VSX R67
Target Audience:
Students who are systems administrators, security managers, or network engineers implementing VSX in an enterprise environment.
Prerequisites:
• Advanced networking knowledge • Windows Server and/or UNIX skills • Internet and TCP/IP experience
• CCSE and CCMSE or equivalent experience
Course Overview:
This 2-day course covers everything you need to design, install, configure and manage a virtualized security gateway based on Check Point VSX.
Course Outline:
• VSX R67 Architecture and Deployment • VSX R67 Management
• VSX Gateway Installation and Configuration • VSX R67 and Layer 2 Communications • VSX R67 and VLAN Tagging
• Deploying Virtual Systems in a Bridged Configuration • VSX Gateway Clustering
Classroom Training • Onsite Training
2 Day Course
8 Hour Sessions
Course Catalog
www
.fishnetsecurity
.com
22
TO REGISTER
Call:1.888.732.9406
Multi-Domain Security manaagement with VSX
Target Audience:
Technical persons who support, install, deploy or administer Check Point Software Blades should attend this course. This could include system administrators, system engineers, security managers and network engineers.
Prerequisites:
Persons attending this course should have advanced knowledge of networking, Windows Server and/or UNIX skills, Internet and TCP/IP experience CCSE and CCMSE or equivalent experience.
Course Overview:
This course covers everything you need to design, install, configure and manage a virtualized security gateway based on Check Point VSX..
Learn How To:
• Design and install a VSX network
• Install and configure Provider-1 to manage your VSX network
• Consolidate hundreds of security gateways onto a single hardware platform • Centralize the security management of your virtual and physical environment
How You Will Benefit:
• Configure security policies for virtual systems • Easily add and extend your virtual system
• Plan network configurations for optimal load balancing • Use VSX R67 to separate network traffic
Course Catalog
www
.fishnetsecurity
.com
23
TO REGISTER
Call:1.888.732.9406
Fax: 816.421.6677 Online: www.fishnetsecurity.comID# 12SK0002 Last Modified 4.13.2012
Check Point
Multi-Domain Security manaagement with Provider-1
Target Audience:
Technical persons who support, install, deploy or administer Check Point Software Blades should attend this course. This could include system administrators, system engineers, security managers and network engineers.
Prerequisites:
CCSE R71 or equivalent knowledge and experience.
Course Overview:
This advanced course teaches how to implement and configure Check Point Multi-Domain Security Management (MDSM) with Provider-1 for enterprise environments. Add VSX training and certification to earn Check Point Certified Managed Security Expert.
Learn How To:
• Install, configure and troubleshoot Multi-Domain Security Managment • Apply advanced logging and MDS features
• Manage multiple sites with a single interface
How You Will Benefit:
• Learn to consolidate multiple firewalls onto a single management platform • Plan and implement a large-scale security deployment
• Use advanced migration tools to quickly migrate existing configurations • Implement Global Policies, IPS and VPNs
• Activate advanced troubleshooting tools to resolve system level issues
Classroom Training • Onsite Training • Remote Live Training
2 Day Course
8 Hour Sessions
Course Catalog
www
.fishnetsecurity
.com
24
TO REGISTER
Call:1.888.732.9406
Security Administrator (CCSA) R75
Target Audience:
Technical persons who support, install, deploy or administer Check Point Software Blades should attend this course. This could include system administrators, system engineers, security managers and network engineers.
Prerequisites:
Persons attending this course should have basic knowledge of networking, Windows Server and/or UNIX skills, Internet and TCP/IP experience.
Course Overview:
Check Point Security Administrator provides an understanding of the basic concepts and skills necessary to configure Check Point Security Gateway and Management Software Blades. During this course you will configure a Security Policy and learn about managing and monitoring a secure network.
Learn How To:
• Secure communications across the internet • Defend against network threats
• Configure security policies
• Protect email and messaging content • Manage user access to corporate LANs
How You Will Benefit:
• Perform seamless product upgrades • Back-up and restore networks
• Monitor suspicious network activities and analyze attacks • Troubleshoot network connections
• Implement Identity Awareness for more granular access levels • Configure permanent tunnels for remote access to corporate resources
Course Catalog
www
.fishnetsecurity
.com
25
TO REGISTER
Call:1.888.732.9406
Fax: 816.421.6677 Online: www.fishnetsecurity.comID# 12SK0002 Last Modified 4.13.2012
Check Point
Security Expert (CCSE) R75
Target Audience:
Technical persons who support, install, deploy or administer Check Point Software Blades should attend this course. This could include system administrators, system engineers, security managers and network engineers.
Prerequisites:
Technical persons who support, install, deploy or administer Check Point Software Blades should attend this course. This could include system administrators, system engineers, security managers, network engineers.
Course Overview:
Check Point Security Expert is an advanced course for Check Point’s Security Gateway and Management Systems. This 3-day course provides hands-on training to achieve advanced skills necessary to manage and troubleshoot R75 Check Point Software Blades including advanced firewall, advanced user management and clustering, advanced IPsec and VPN and remote access. During this course, students will perform debugs on firewall processes and optimize VPN performance.
Course Outline:
Classroom Training • Onsite Training • Remote Live Training
3 Day Course
8 Hour Sessions
• Perform debugs on firewall processes using your knowledge of Security Gateway infrastructures including chain modules, packet flow and kernel tables
• Perform a backup of a Security Gateway and Management Server using the differences between backups, snapshots and
upgrade-exports
• Upgrade and troubleshoot a Management Server using a database migration
• Upgrade and troubleshoot a clustered Security Gateway deployment
• Configure SmartDirectory to incorporate user information for authentication services on the network
• Manage internal and external user access to resources for Remote Access of across a VPN • Troubleshoot user access issues found when
implementing Identity Awareness
• Build, test and troubleshoot a ClusterXL Load Sharing deployment on an enterprise network
• Build, test and troubleshoot a ClusterXL High Availability deployment on an enterprise network
• Build, test and troubleshoot a management HA deployment on an enterprise network • Configure, maintain and troubleshoot
SecureXL and CoreXL acceleration solutions on the corporate network traffic to ensure noted performance enhancement on the firewall
• Troubleshoot a site-site or certificate-based VPN on a corporate gateway using IKEView, VPN log files and command-line debug tools • Optimize VPN performance and availability
by using Link Selection and Multiple Entry
Point solutions
• Manage and test corporate VPN tunnels to allow for greater monitoring and scalability with multiple tunnels defined in a community including other VPN providers
• Create events or use existing event definitions to generate reports on specific network traffic using SmartReporting and SmartEvent in order to provide industry compliance information to management
• Using your knowledge of SmartEvent architecture and module communication, troubleshoot report generation given command-line tools and debug0file information
Lab Exercises Include:
• Upgrading to R75
• Migrating to a clustering solution • VPNs with 3rd-party certificates • Active Directory configuration
• Remote Access with Endpoint Security VPN • SmartEvent and SmartReporter
Course Catalog
www
.fishnetsecurity
.com
26
TO REGISTER
Call:1.888.732.9406
Security Bundle (CCSA & CCSE) R75
Target Audience:
Technical persons who support, install, deploy or administer Check Point Software Blades should attend this course. This could include system administrators, system engineers, security managers and network engineers.
Prerequisites:
Persons attending this course should have basic knowledge of networking, Windows Server and/or UNIX skills, Internet and TCP/IP experience.
Course Overview:
This bundle course efficiently combines the curriculums of both Check Point Security Administrator R75 and Check Point Security Expert R75 into a five day, boot-camp style course.
Check Point Security Administrator provides an understanding of the basic concepts and skills necessary to configure Check Point Security Gateway and Management Software Blades. During this course you will configure a Security Policy and learn about managing and monitoring a secure network. In addition, you will upgrade and configure a Security Gateway to implement a virtual private network for both internal and external, remote users.
Check Point Security Expert is an advanced course for Check Point’s Security Gateway and Management Systems. This 3-day course provides hands-on training to achieve advanced skills necessary to manage and troubleshoot R75 Check Point Software Blades including advanced firewall, advanced user management and clustering, advanced IPsec and VPN and remote access. During this course, students will perform debugs on firewall processes and optimize VPN performance.
Learn How To:
• Secure communications across the internet • Defend against network threats
• Configure security policies
• Protect email and messaging content • Manage user access to corporate LANs
• Set up and administer High Availability clusters • Troubleshoot Firewall Kernel issues
• Troubleshoot IPSEC VPN issues
Course Catalog
www
.fishnetsecurity
.com
27
TO REGISTER
Call:1.888.732.9406
Fax: 816.421.6677 Online: www.fishnetsecurity.comID# 12SK0002 Last Modified 4.13.2012
CompTIA
A+
Target Audience:
Suited for those starting an IT career in maintenance, networking, installation and troubleshooting hardware.
Prerequisites:
None.
Course Outline:
Classroom Training • Onsite Training
5 Day Course
8 Hour Sessions
• Lesson 1: Personal Computer Components ◦ Personal computer components ◦ System unit components ◦ Storage devices
◦ Personal computer connection methods • Lesson 2: Operating System Fundamentals
◦ Personal computer operating systems ◦ Windows user interface components ◦ Windows file system management ◦ Windows system management tools • Lesson 3: PC Technician Professional Best Practices
◦ Tools of the trade ◦ Electrical Safety
◦ Environmental safety and materials handling ◦ Perform preventative maintenance
◦ Diagnostics and troubleshooting ◦ Professionalism and communication • Lesson 4: Installing and Configuring Peripheral
Components
◦ Install and configure display devices ◦ Install and configure input devices ◦ Install and configure adapter cards ◦ Install and configure multimedia devices • Lesson 5: Installing and Configuring System Components
◦ Install and configure storage devices ◦ Select and install power supplies ◦ Select and install memory
◦ Select, install and configure CPUs and cooling system units
◦ Install and configure system boards
• Lesson 6: Maintaining and Troubleshooting Peripheral Components
◦ Troubleshoot display devices
◦ Maintain and troubleshoot input devices ◦ Troubleshoot adapter cards
◦ Troubleshoot multimedia devices • Lesson 7: Troubleshooting System Components
◦ Troubleshoot storage devices ◦ Troubleshoot power supplies ◦ Troubleshoot memory
◦ Troubleshoot CPUs and cooling systems ◦ Troubleshoot system boards
• Lesson 8: Installing and Configuring Operating Systems ◦ Install Microsoft Windows
◦ Upgrade Microsoft Windows ◦ Add devices to Microsoft Windows ◦ Optimize Microsoft Windows
• Lesson 9: Maintaining and Troubleshooting Microsoft Windows
◦ Operating system utilities ◦ Back up Microsoft Windows ◦ Troubleshooting Microsoft Windows ◦ Recover Microsoft Windows • Lesson 10: Network Technologies
◦ Network concepts ◦ Network communications ◦ Network connectivity ◦ Internet technologies
• Lesson 11: Installing and Managing Network Connections
◦ Create network connections ◦ Install and configure web browsers
◦ Maintain and troubleshoot network connections • Lesson 12: Supporting Laptops and Portable Computing
Devices
◦ Laptop and portable computing device components
◦ Install and configure laptops and portable computing devices
◦ Maintain and troubleshoot laptops and portable computing devices
• Lesson 13: Supporting Printers ◦ Printer technologies ◦ Printer components ◦ Printer processes
◦ Install and configure printers ◦ Maintain and troubleshoot printers • Lesson 14: Personal Computer Security Concepts
◦ Security fundamentals ◦ Security protection measures ◦ Data and physical security ◦ Wireless security
◦ Social engineering
• Lesson 15: Supporting Personal Computer Security ◦ Install and configure security measures ◦ Maintain and troubleshoot security measures
Course Catalog
www
.fishnetsecurity
.com
28
TO REGISTER
Call:1.888.732.9406
Network+
Target Audience:
Suited for established IT professionals managing, maintaining, troubleshooting, operating and configuring basic network infrastructure.
Prerequisites:
None.
Course Outline:
• Lesson 1: Network Theory◦ Networking Terminology ◦ Network Building Blocks ◦ Standard Network Models ◦ Physical Network Topologies ◦ Logical Network Topologies ◦ Network Categories
• Lesson 2: Network Communications Methods ◦ Transmission Methods
◦ Media Access Methods ◦ Signaling Methods • Lesson 3: Network Data Delivery
◦ Data Addressing and Delivery ◦ Delivery Techniques
• Lesson 4: Network Media and Hardware ◦ Bounded Network Media ◦ Unbounded Network Media ◦ Noise Control
◦ Network Connectivity Devices ◦ Wiring Distribution Components • Lesson 5: Network Implementations
◦ The OSI Model ◦ Ethernet Networks ◦ Token Ring Networks
◦ Fiber Distributed Data Interface (FDDI) Networks
◦ Wireless Technologies and Standards • Lesson 6: Networking with TCP/IP
◦ Families of Protocols ◦ The TCP/IP Protocol ◦ IP Address Basics
◦ Custom IP Addresses ◦ The IP Version 6 Protocol ◦ The TCP/IP Protocol Suite • Lesson 7: TCP/IP Services
◦ IP Address Assignment Methods ◦ Host Name Resolution
◦ WAN Transmission Technologies ◦ WAN Connectivity Methods ◦ Voice Over Data Systems • Lesson 10: Network Security
◦ Computer Security Basics ◦ Authentication
◦ Data Encryption
◦ Protect Network Traffic with IP Security (IPsec) ◦ Internet Security
◦ Local Security
◦ Common Threats
◦ Threat Mitigation Techniques ◦ Intrusion Detection and Prevention ◦ Educate Users
• Lesson 11: Remote Networking ◦ Remote Network Architectures
◦ Remote Access Networking Implementations ◦ Virtual Private Networking
◦ Remote Control Computing • Lesson 12: Disaster Recovery
◦ Examine Configuration Management Documentation
◦ Plan for Disaster Recovery ◦ Fault Tolerance Methods ◦ Data Backup
• Lesson 13: Network Data Storage ◦ Enterprise Data Storage
◦ Network-Attached Storage (NAS)
◦ Storage Area Network (SAN) Implementations ◦ Clustering
• Lesson 14: Network Operating Systems ◦ UNIX and Linux Operating Systems ◦ Apple Mac OS X
◦ Microsoft Operating Systems ◦ Novell Open Enterprise Server • Lesson 15: Network Management
◦ Monitoring Tools ◦ Network Baselining ◦ Network Optimization
Course Catalog
www
.fishnetsecurity
.com
29
TO REGISTER
Call:1.888.732.9406
Fax: 816.421.6677 Online: www.fishnetsecurity.comID# 12SK0002 Last Modified 4.13.2012
CompTIA
Security+
Target Audience:
Suited for established IT professionals in system security, network infrastructure, cryptography, assessments and audits.
Prerequisites:
None.
Course Outline:
Classroom Training • Onsite Training
5 Day Course
8 Hour Sessions
• Lesson 1: Security Fundamentals ◦ Security building blocks ◦ Authentication methods ◦ Cryptography fundamentals ◦ Security policy fundamentals • Lesson 2: Security Threats
◦ Social engineering ◦ Software-based threats ◦ Network-based threats ◦ Hardware-based threats
• Lesson 3: Hardening Internal Systems and Services ◦ Harden operating systems
◦ Harden directory services ◦ Harden DHCP servers ◦ Harden file and print servers
• Lesson 4: Hardening Internetwork Devices and Services ◦ Harden internetwork connection devices ◦ Harden DNS and BIND servers ◦ Harden web servers
◦ Harden email servers
◦ Harden conferencing and messaging servers ◦ Secure file transfers
• Lesson 5: Securing Network Communications ◦ Protect network traffic with IP security (IPsec) ◦ Secure wireless traffic
◦ Secure the network telephony infrastructure ◦ Secure the remote access channel
• Lesson 6: Securing Web Applications ◦ Prevent input validation attacks
◦ Protect systems from buffer overflow attacks ◦ Implement ActiveX and Java security ◦ Protect systems from scripting attacks ◦ Implement secure cookies
◦ Harden a web browser
• Lesson 7: Managing Public Key Infrastructure (PKI) ◦ Install a certificate authority (CA) hierarchy ◦ Harden a certificate authority
◦ Back up a CA ◦ Restore a CA
• Lesson 8: Managing Certificates ◦ Enroll certificates
◦ Secure network traffic by using certificates ◦ Renew certificates
◦ Revoke certificates
◦ Back up certificates and private keys ◦ Restore certificates and private keys • Lesson 9: Enforcing Organizational Security Policies
◦ Perform a risk assessment
◦ Enforce corporate security policy compliance ◦ Enforce legal compliance
◦ Enforce physical security compliance ◦ Educate users
◦ Plan for disaster recovery ◦ Conduct a security audit
• Lesson 10: Monitoring the Security Infrastructure ◦ Scan for vulnerabilities
◦ Monitor for security anomalies ◦ Set up a Honeypot
• Lesson 11: Managing Security Incidents ◦ Respond the security incidents ◦ Evidence administration ◦ Recover from a security incident
• Appendix A: Mapping Security+ Course Content to the Comp TIA Security+ Exam Objectives
Course Catalog
www
.fishnetsecurity
.com
30
TO REGISTER
Call:1.888.732.9406
Wireless LAN Administration (CWNA)
Prerequisites:
Basic networking knowledge, including OSI model and IP subnetting.
Course Overview:
This course provides a complete foundation of knowledge for entering into or advancing in the wireless networking industry. From basic RF theory to 802.11 frame exchange processes, this course delivers hands on training that will benefit the novice as well as the experienced network professional.
Course Outline:
Labs
• Infrastructure Mode Throughput Analysis • Wireless LAN Security
• Site Surveying
Materials Covered
• Introduction to 802.11 WLANs • Radio Frequency Fundamentals • RF Math and System Operating Margin • 802.11 Service Sets
• RF Power Output Regulations • Power over Ethernet
• Wireless LAN Operation • WLAN Security
• 802.11 Analysis and Troubleshooting • Coordinating 802.11 Frame Transmissions • Antennas
Course Catalog
www
.fishnetsecurity
.com
31
TO REGISTER
Call:1.888.732.9406
Fax: 816.421.6677 Online: www.fishnetsecurity.comID# 12SK0002 Last Modified 4.13.2012
CWNP
Wireless LAN Security (CWSP)
Prerequisites:
Basic wireless LAN literacy
Course Overview:
Course consists of hands on learning using the latest enterprise wireless LAN security and auditing equipment. This course addresses in detail the most up-to-date WLAN intrusion and DOS tools and techniques, functionality of the 802.11i amendment to the 802.11 standard, the inner-workings of each EAP type used with wireless LANs today, and every class and type of WLAN security solution available on the market - from wireless intrusion prevention systems to wireless network management systems.
Course Outline:
Students who complete the course will acquire the necessary skills for implementing and managing wireless security in the enterprise by creating layer2 and layer3 hardware and software solutions with tools from the following industry leading manufacturers:
• Vernier Networks • Colubris Networks • Cisco Systems • Bluesocket • Fortress Technologies • Trapeze Networks • AirMagnet • Proxim
• Symbol Technologies • Funk Software • Microsoft • TamoSoft • LucidLink • Roving Planet • SafeNet • System Tools • Van Dyke Software
• WildPackets • AirWave • Network Chemistry • Aruba Networks
Materials Covered
• Physical Security • MAC Layer Security • MAC Layer Security • Network Layer Security
• WLAN Hardware and Software Solutions • Application Security
• Authentication, Authorization, and Accounting (AAA) Systems • Protocol Analyzers
• WLAN Intrusion
Classroom Training • Onsite Training • Remote Live Training
5 Day Course
8 Hour Sessions
Course Catalog
www
.fishnetsecurity
.com
32
TO REGISTER
Call:1.888.732.9406
Ethical Hacking and Countermeasures
Target Audience:
This course will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.
Prerequisites:
Students taking the Ethical Hacking and Countermeasures course must be 21 years or older.
Course Overview:
This class will immerse the students into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The lab intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems. Students will begin by understanding how perimeter defenses work and then be lead into scanning and attacking their own networks, no real network is harmed. Students then learn how intruders escalate privileges and what steps can be taken to secure a system. Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation. When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking. This course prepares you for EC-Council Certified Ethical Hacker exam 312-50.
CERT
This course prepares you for the EC-Council Certified Ethical Hacker exam 312-50.
Course Outline:
• Introduction to Ethical Hacking • Footprinting and Reconnaissance • Scanning Networks
• Enumeration • System Hacking • Trojans and Backdoors • Viruses and Worms • Sniffers
• Social Engineering • Denial of Service • Session Hijacking • Hijacking Webservers • Hacking Web Applications • SQL Injection
Course Catalog
www
.fishnetsecurity
.com
33
TO REGISTER
Call:1.888.732.9406
Fax: 816.421.6677 Online: www.fishnetsecurity.comID# 12SK0002 Last Modified 4.13.2012
EC Council
Computer Hacking Forensic Investigator
Target Audience:
Police and other law enforcement personnel, Defense and Military personnel, e-Business Security professionals, Systems administrators, Legal professionals, Banking, Insurance and other professionals, Government agencies, and IT managers.
Course Overview:
This course will give participants the necessary skills to identify an intruder’s footprints and to properly gather the necessary evidence to prosecute. Many of today’s top tools of the forensic trade will be taught during this course, including software, hardware and specialized techniques. The need for businesses to become more efficient and integrated with one another, as well as the home user, has given way to a new type of criminal, the “cyber-criminal.” It is no longer a matter of “will your organization be compromised (hacked)?” but, rather, “when?” Today’s battles between corporations, governments, and countries are no longer fought only in the typical arenas of boardrooms or battlefields using physical force. Now the battlefield starts in the technical realm, which ties into most every facet of modern day life. If you or your organization requires the knowledge or skills to identify, track, and prosecute the cyber-criminal, then this is the course for you.
Course Outline:
Modules
1: Computer Forensics in Today’s World 2: Law and Computer Forensics
3: Computer Investigation Process 4: First Responder Procedure 5: CSIRT
6: Computer Forensic Lab 7: Understanding File Systems
and Hard Disks
8: Understanding Digital Media Devices 9: Windows, Linux and Macintosh
Boot Processes
10: Windows Forensics 11: Linux Forensics
12: Data Acquisition and Duplication 13: Computer Forensic Tools
14: Forensics Investigations Using Encase 15: Recovering Deleted Files and
Deleted partitions 16: Image Files Forensics 17: Steganography
18: Application Password Crackers 19: Network Forensics and
Investigating Logs
20: Investigating Network Traffic 21: Investigating Wireless Attacks 22: Investigating Web Attacks
23: Router Forensics
24: Investigating DOS Attacks 25: Investigating Internet Crimes 26: Tracking E-mails and Investigating
E-mail Crimes
27: Investigating Corporate Espionage 28: Investigating Trademark and
Copyright Infringement
29: Investigating sexually harassment
incidents
30: Investigating Child Pornography 31: PDA Forensics
32: iPod Forensics 33: Blackberry Forensics 34: Investigative Reports 35: Becoming an Expert Witness
