You will enjoy it! This course teaches infrastructure security concepts, including the techniques how to attack and how to respond with an appropriate countermeasure implementation.
This 3 day course will be presented by one of Paula Januszkiewicz's team members or her self. Paula Januszkiewicz is IT Security Auditor and Penetration Tester, Enterprise Security MVP, trainer (MCT) and Microsoft Security Trusted Advisor. She is also a top speaker at many international conferences (incl. TechEd North America, TechEd Middle East and TechEd Europe, RSA China, Cybercrime Forum and other) and writes articles on Windows Security. The trainings she conducts usually cover Security, Windows operating system topics and Virtualization. Paula is passionate about sharing her knowledge with others. She conducted many IT security audits and penetration tests – these are her everyday tasks.
We go far beyond simply presenting how to 'break into operating systems'. This course has been developed around professional penetration testing and security awareness in the business and IT fields. To make sure that all participants will gain the necessary infrastructure security knowledge this class has intensive hands-on format. All labs are constantly updated and have 3 levels of difficulty and can be easily adjustable to the overall level of the group. Every exercise is supported with the lab instructions and multiple tools, traditional and specialized.
COURSE OBJECTIVE:
English:
Students will learn how to:
• Identify security profile of the target
• Perform the testing activities
• Figure out protection oportunities
• Optimize security controls to reduce risks
TARGET AUDIENCE:
Security Analysts, Risk Managers, Security Officers, System Managers, Architects, Penetration Testers.
COURSE PREREQUISITES:
• Sound knowledge of TCP/IP
• Operating systems architecture (Windows, Linux)
COURSE CONTENT:
Evolution of Hacking
• Operating System Services Security Overview
• Operating System Internal Security
• Databases Security
• Google Hacking
• HTTP Request Building
• Reconnaissance and Target Profiling
• Information Leakage and Error Handling
• Session Manipulation
• Tampering with Communication (Wired and Wireless)
• Exploiting a Lack of Access Controls
• Malicious Files Execution
• Legal Issues
Methods described in the training are demonstrated during live penetration tests and IT security audits. Our real live experience has allowed to work out the applicable testing methodology that requires a solid understanding of the security profile of the target. We are proud to say that this course is equally important for those who need to test, defend or perform a risk assessment of their infrastructure. Let us infect you with technology PASSION!
FOLLOW ON COURSES:
Not available. Please contact.