Diese Super-Combo-Hacking-Class kombiniert 2 fantastische Hacking Kurse:
Managing and Defending Against Current Threats
Hacking and Hardening Hybrid Environment
Lassen Sie sich diese einmalige Chance nicht entgehen! Lernen Sie Tipps und Tricks von gleich 2 international bekannte Sicherheitsexperten bei ETC Wien kennen. Nutzen Sie die Gelegenheit von den Besten zu lernen.
Nach Abschluss dieses Seminars haben die Teilnehmer Wissen zu folgenden Themen:
Analysieren aufkommender Hacker-Trends
Identifizieren von Schwachstellen in Ihrer Organisation und erstellen von Risikobewertungen
Empfehlen von Gegenmaßnahmen
Entwickeln eines Threat Management Plans
Kennenlernen von Sicherheitslösungen, Angriffe auf Identität, Schadensminderung und Faktoren zur Risikoeinschätzung
Sicherheit in der Cloud und benutzerfreundliche Lösungen, Implementierung in die aktuelle Umgebung und Überwachungstools
Von der einfachen Netzwerk-Schüffelei bis hin zur fortgeschrittenen Netzwerküberwachung
Diskussion über Lösungen und Implementierung mit höchster Priorität
Dieses Seminar wird in ENGLISCH gehalten! Ihre Trainer: Paula Januszkiewicz und Mike Jankowski-Lorek
expand_morechevron_right
Zielgruppe
Dieses Seminar richtet sich an:
Netzwerkadministratoren, Infrastrukturarchitekten, Sicherheitsexperten, Systemingenieure, IT Professionals, Sicherheitsberater und Personen, die für die Implementierung der Netzwerk und Perimetersicherheit verantwortlich sind.
expand_morechevron_right
Vorkenntnisse
Für dieses Seminar werden folgende Kenntnisse empfohlen:
Mehrjährige Praxis in der Verwaltung von Windows Infrastrukturen
expand_morechevron_right
Detail-Inhalte
On premise security: Windows 10 / Windows Server 2016 solutions. This module introduces security solutions built-in the operating system.
Detecting unnecessary services
Misusing service accounts
Services architecture
Implementing rights, permissions and privileges
Integrity Levels
Usage of privileged accounts
Browser security
Access tokens
Information gathering tools
PowerShell v5 as a hacking tool
Security management automation
Security in hybrid environments
Containers
Nano Server for Windows Server 2016
Identifying Areas of Vulnerability. This part introduces the new cybersecurity challenges and trends, emphasizing on data security and integration through and into the cloud and the challenges of the coordination of the cloud and on-premise security solutions. Security is a business enabler, and it is only when it is viewed from a business perspective that we can truly make the right decisions. You will learn how to define values of your company which needs to be protected or restricted. You will know how to find obvious and not so obvious sensitive information which can be monetized by adversaries. Having that scope defined and knowing your resources you will know where the biggest gaps in your security posture are.
Defining the assets which your company needs to protect
Defining the other sensitive information that needs to be protected
Modern Attack Techniques. In this world where most of the things happen online, hacking provides wider opportunities for the hackers to gain unauthorized access to the unclassified information like credit card details, email account details, and other personal information. So, it is also important to know some of the hacking techniques that are commonly used to get your personal information in an unauthorized way. In this module you will become familiar with the modern hacking techniques.
OS platform threats and attacks
Web based threats and attacks
E-mail threats and attacks
Physical access threats and attacks
Social threats and attacks
Wireless threats and attacks
Malicious activities: attacks on Identity and malware. This module involves various attacks on identity, mitigations and risk assessment factors. You will learn techniques used by modern malware. Especially for ransomware the launch process itself has changed over years to reach its final form – it is important to know how to prevent it.
Extracting hashes from SAM and NTDS.dit databases
Meaning of SYSTEM and SECURITY registry hives
Kerberos and NTLMv2 issues
Performing the Pass-The-Hash attack
Cached logons (credentials)
Data Protection API (DPAPI) case for cached logons
Performing the LSA Secrets dump and implementing prevention
Implementing account scoping
Good practices for implementing Local Admin Password Solution
Windows Defender Advanced Threat Protection
Cloud based monitoring
Authentication Mechanism Assurance
Using virtual smart cards
Multi-factor Authentication
Identity Attacks. There are many methods widely in use today to steal personal information. These attacks on confidential data can be extremely high-tech, involving the latest technologies and most recent security exploits. Many of the attack methods, however, are very low-tech, involving little or no technology at all. By taking a detailed look at the various types of attacks, you will become familiar with the techniques used by cybercriminals.
Performing the identity attacks
Cached logons (credentials)
Data Protection API (DPAPI) for user’s secrets protection
Credential Guard in details
Performing the LSA Secrets dump and implementing prevention
Active Directory and Azure AD security
Authentication Mechanism Assurance
Using virtual smart cards
Multi-factor Authentication
Malicious Software Techniques. The hacker can run a malicious program which the user believes to be authentic. This way, after installing the malicious program, the hacker gets unprivileged access. Techniques are becoming more sophisticated than ever. In this module you will learn how modern malware works and what are the ways to discover its operations.
Types of the attacks
Points of entry
Persistence methods
Hiding traces
Case study: ransomware examples
Discovery and Analysis of the Modern Attacks. Most computer vulnerabilities can be exploited in a variety of ways. Hacker attacks may use a single specific exploit, several exploits at the same time, a misconfiguration in one of the system components or even a backdoor from an earlier attack. Due to this, detecting hacker attacks is not an easy task. This module gives a few basic guidelines to help you figure out either if your machine is under attack or if the security of your system has been compromised.
Using Sysmon in the advanced monitoring configuration
Log Collection
Scripting and Automation
PowerShell for extraction and information gathering
Industry Best Practices
In cloud and hybrid security: managing hybrid environments. In this module you will become familiar with important aspects of cloud security including easy to use solutions, integration with the current environment and monitoring tools.
Shielded VMs
Storage Encryption
Just Enough Administration
Desired State Configuration
Azure Information Protection
Microsoft Operations Management Suite
Active Directory and Azure AD security
Multi Factor Authentication with Azure
Designing and Implementing Endpoint Security. In Enterprise level organizations IT landscape is divided into smaller parts based on their primary function or localization in IT environment. Sometimes you cannot implement security controls globally and you will need a deep understanding of current security posture of each element to wisely put additional layers of security. Having full environment divided into functional parts is also a better approach from financial point of view. Getting internal sponsor acceptance is easier if the benefit is delivered quicker.
Strategy for protecting Internet facing systems
Strategy for protecting internal systems
Strategy for protecting users’ workstation
Strategy for protecting (against) BYOD devices
Implementing automation and access control (Just Enough Administration, Desired State Configuration)
Attacking and Securing Windows Network Solutions. Starting from simple network sniffing, ending up with advanced network monitoring to the size of the buffers written. Several techniques used during the training.
Monitoring network usage by processes
Port scanning techniques
Vulnerability scanning
Network Protocols
Name Resolution Attacks
SMB Relay attack and enabling SMB signatures
Implementing IPSec and DNSSec
Detecting attacks with Machine Learning
Internet Information Server Security
Advanced Threat Analytics
Windows Security Summary. This Module covers discussion about solutions and implementations with top priorities
Securing the Communication Channel Approach. In some organizations there is no strict architecture design defined. Especially in modern approach where most of the services are Cloud-based. This module will focus on systems communication channel rather than systems placement or role in the organization. This method is best for smaller companies as well as organizations which are in the transition phase or are changing significantly its structure