Seminar Details

Masterclass: Super-Combo-Hacking-Class mit Paula & Mike (SUPER)

ETC
SUPER
Interesse vormerken
Hersteller-ID:
Prüfungs ID:
Dauer: 5 Tage
Treuepunkte: 5000
Preis: € 3.950.- exkl.MwST
Wissensgarantie: hier nicht automatisch anwendbar – bitte kontaktieren Sie Ihren Betreuer für Details

Info: Dieses Seminar wird in ENGLISCH gehalten!
Ihre Trainer: Paula Januszkiewicz und Mike Jankowski-Lorek
Die Hacking und Securing Windows Infrastructure Masterclass aus der ETC Lighthouse Series

Diese Super-Combo-Hacking-Class kombiniert 2 fantastische Hacking Kurse:
  • Managing and Defending Against Current Threats
  • Hacking and Hardening Hybrid Environment
Lassen Sie sich diese einmalige Chance nicht entgehen! Lernen Sie Tipps und Tricks von gleich 2 international bekannte Sicherheitsexperten bei ETC Wien kennen. Nutzen Sie die Gelegenheit von den Besten zu lernen.

Nach Abschluss dieses Seminars haben die Teilnehmer Wissen zu folgenden Themen:
  • Analysieren aufkommender Hacker-Trends
  • Identifizieren von Schwachstellen in Ihrer Organisation und erstellen von Risikobewertungen
  • Empfehlen von Gegenmaßnahmen
  • Entwickeln eines Threat Management Plans
  • Kennenlernen von Sicherheitslösungen, Angriffe auf Identität, Schadensminderung und Faktoren zur Risikoeinschätzung
  • Sicherheit in der Cloud und benutzerfreundliche Lösungen, Implementierung in die aktuelle Umgebung und Überwachungstools
  • Von der einfachen Netzwerk-Schüffelei bis hin zur fortgeschrittenen Netzwerküberwachung
  • Diskussion über Lösungen und Implementierung mit höchster Priorität

Kursmaterial:
  • 200 Seiten mit Übungsbeispielen & Anleitungen
  • Präsentationsslides mit Notizen der Experten


Zur Videobeschreibung
Alle Details einblenden

Zielgruppe

Dieses Seminar richtet sich an:
  • Netzwerkadministratoren, Infrastrukturarchitekten, Sicherheitsexperten, Systemingenieure, IT Professionals, Sicherheitsberater und Personen, die für die Implementierung der Netzwerk und Perimetersicherheit verantwortlich sind.

Vorkenntnisse

Für dieses Seminar werden folgende Kenntnisse empfohlen:
  • Mehrjährige Praxis in der Verwaltung von Windows Infrastrukturen

Schwerpunkte

  1. On premise security: Windows 10 / Windows Server 2016 solutions. This module introduces security solutions built-in the operating system.
    1. Detecting unnecessary services
    2. Misusing service accounts
    3. Services architecture
    4. Implementing rights, permissions and privileges
    5. Integrity Levels
    6. Usage of privileged accounts
    7. Browser security
    8. Access tokens
    9. Information gathering tools
    10. PowerShell v5 as a hacking tool
    11. Security management automation
    12. Security in hybrid environments
    13. Containers
    14. Nano Server for Windows Server 2016
  2. Identifying Areas of Vulnerability. This part introduces the new cybersecurity challenges and trends, emphasizing on data security and integration through and into the cloud and the challenges of the coordination of the cloud and on-premise security solutions. Security is a business enabler, and it is only when it is viewed from a business perspective that we can truly make the right decisions. You will learn how to define values of your company which needs to be protected or restricted. You will know how to find obvious and not so obvious sensitive information which can be monetized by adversaries. Having that scope defined and knowing your resources you will know where the biggest gaps in your security posture are.
    1. Defining the assets which your company needs to protect
    2. Defining the other sensitive information that needs to be protected
  3. Modern Attack Techniques. In this world where most of the things happen online, hacking provides wider opportunities for the hackers to gain unauthorized access to the unclassified information like credit card details, email account details, and other personal information. So, it is also important to know some of the hacking techniques that are commonly used to get your personal information in an unauthorized way. In this module you will become familiar with the modern hacking techniques.
    1. OS platform threats and attacks
    2. Web based threats and attacks
    3. E-mail threats and attacks
    4. Physical access threats and attacks
    5. Social threats and attacks
    6. Wireless threats and attacks
  4. Malicious activities: attacks on Identity and malware. This module involves various attacks on identity, mitigations and risk assessment factors. You will learn techniques used by modern malware. Especially for ransomware the launch process itself has changed over years to reach its final form – it is important to know how to prevent it.
    1. Extracting hashes from SAM and NTDS.dit databases
    2. Meaning of SYSTEM and SECURITY registry hives
    3. Kerberos and NTLMv2 issues
    4. Performing the Pass-The-Hash attack
    5. Cached logons (credentials)
    6. Data Protection API (DPAPI) case for cached logons
    7. Credential Guard (Virtual Secure Mode)
    8. Application Whitelisting (AppLocker, Device Guard)
    9. Code signing techniques
    10. Cloud-based malware protection
    11. Performing the LSA Secrets dump and implementing prevention
    12. Implementing account scoping
    13. Good practices for implementing Local Admin Password Solution
    14. Windows Defender Advanced Threat Protection
    15. Cloud based monitoring
    16. Authentication Mechanism Assurance
    17. Using virtual smart cards
    18. Multi-factor Authentication
  5. Identity Attacks. There are many methods widely in use today to steal personal information. These attacks on confidential data can be extremely high-tech, involving the latest technologies and most recent security exploits. Many of the attack methods, however, are very low-tech, involving little or no technology at all. By taking a detailed look at the various types of attacks, you will become familiar with the techniques used by cybercriminals.
    1. Performing the identity attacks
    2. Cached logons (credentials)
    3. Data Protection API (DPAPI) for user’s secrets protection
    4. Credential Guard in details
    5. Performing the LSA Secrets dump and implementing prevention
    6. Active Directory and Azure AD security
    7. Authentication Mechanism Assurance
    8. Using virtual smart cards
    9. Multi-factor Authentication
  6. Malicious Software Techniques. The hacker can run a malicious program which the user believes to be authentic. This way, after installing the malicious program, the hacker gets unprivileged access. Techniques are becoming more sophisticated than ever. In this module you will learn how modern malware works and what are the ways to discover its operations.
    1. Types of the attacks
    2. Points of entry
    3. Persistence methods
    4. Hiding traces
    5. Case study: ransomware examples
  7. Discovery and Analysis of the Modern Attacks. Most computer vulnerabilities can be exploited in a variety of ways. Hacker attacks may use a single specific exploit, several exploits at the same time, a misconfiguration in one of the system components or even a backdoor from an earlier attack. Due to this, detecting hacker attacks is not an easy task. This module gives a few basic guidelines to help you figure out either if your machine is under attack or if the security of your system has been compromised.
    1. Defining Critical Security Controls
    2. Incident response checklist
    3. Suspicious Activities Time Line
    4. Filtering Suspicious Activities Network traffic inspection
    5. Malware analysis tools
    6. Host, Port and Service Discovery
    7. Vulnerability Scanning
    8. Monitoring Patching, Applications, Service Logs
    9. Detecting the most common attacks
    10. Using Sysmon in the advanced monitoring configuration
    11. Log Collection
    12. Scripting and Automation
    13. PowerShell for extraction and information gathering
    14. Industry Best Practices
  8. In cloud and hybrid security: managing hybrid environments. In this module you will become familiar with important aspects of cloud security including easy to use solutions, integration with the current environment and monitoring tools.
    1. Shielded VMs
    2. Storage Encryption
    3. Just Enough Administration
    4. Desired State Configuration
    5. Azure Information Protection
    6. Microsoft Operations Management Suite
    7. Active Directory and Azure AD security
    8. Multi Factor Authentication with Azure
  9. Designing and Implementing Endpoint Security. In Enterprise level organizations IT landscape is divided into smaller parts based on their primary function or localization in IT environment. Sometimes you cannot implement security controls globally and you will need a deep understanding of current security posture of each element to wisely put additional layers of security. Having full environment divided into functional parts is also a better approach from financial point of view. Getting internal sponsor acceptance is easier if the benefit is delivered quicker.
    1. Strategy for protecting Internet facing systems
    2. Strategy for protecting internal systems
    3. Strategy for protecting users’ workstation
    4. Strategy for protecting (against) BYOD devices
    5. Implementing automation and access control (Just Enough Administration, Desired State Configuration)
    6. Application whitelisting (AppLocker, Device Guard etc.)
    7. Configuring firewalls
    8. Privileged accounts
    9. Securing authentication
    10. Storage and full disk encryption
    11. Control Folder Access
    12. Application Guard
  10. Attacking and Securing Windows Network Solutions. Starting from simple network sniffing, ending up with advanced network monitoring to the size of the buffers written. Several techniques used during the training.
    1. Monitoring network usage by processes
    2. Port scanning techniques
    3. Vulnerability scanning
    4. Network Protocols
    5. Name Resolution Attacks
    6. SMB Relay attack and enabling SMB signatures
    7. Implementing IPSec and DNSSec
    8. Detecting attacks with Machine Learning
    9. Internet Information Server Security
    10. Advanced Threat Analytics
  11. Windows Security Summary. This Module covers discussion about solutions and implementations with top priorities
  12. Securing the Communication Channel Approach. In some organizations there is no strict architecture design defined. Especially in modern approach where most of the services are Cloud-based. This module will focus on systems communication channel rather than systems placement or role in the organization. This method is best for smaller companies as well as organizations which are in the transition phase or are changing significantly its structure
    1. Implementing tunneling
    2. Designing secure access
    3. Sniffing the network techniques
    4. The meaning of partitioning the network
    5. Ensuring confidentiality with encryption
    6. Searching for rogue servers
    7. Securing networking services
    8. Limiting the impact of common attacks
Alle Details ausblenden

Termin Anfragen

    Durch Angabe Ihrer E-Mail-Adresse und Anklicken des Buttons „Newsletter abonnieren“ erklären Sie sich damit einverstanden, dass ETC Ihnen regelmäßig Informationen zu IT Seminaren und weiteren Trainings- und Weiterbildungsthemen zusendet. Die Einwilligung kann jederzeit bei ETC widerrufen werden.

Ihre Fragen zum Seminar

CHAT mit Experten ODER Rückruf anfordern

Kein passender Termin dabei? Mehr als 5 Personen? Firmentermin gewünscht?

Rufen sie uns an +43/1/533 17 77 - 99

Bewertungen

Bisher keine Bewertungen