Courses Available Using the SANS NetWars Training Platform:
SEC561: Hands-on Penetration Testing for the InfoSec Pro
Today, many information security practitioners are expected to leverage cross-disciplinary skills in complex areas. Analysts are no longer able to specialize in just a single skill area, such as vulnerability assessment, network penetration testing, or web app assessment. To face todays threats, organizations need employees that add value to the team across varying focus areas, contributing to both operations and security teams.
Few practitioners have the time to build broad skills across many different security areas. The best way to pick up new skills quickly is to practice them in hands-on, real-world scenarios designed to challenge and guide a participant. The Hands-On Security Practitioner course creates a learning environment where participants can quickly build and reinforce skills in multiple focus areas, including:
- Network security assessment, identifying architecture weaknesses in network deployments
- Host-based security assessment, protecting against privilege escalation attacks
- Web application penetration testing, exploiting common flaws in complex systems
- Advanced system attacks, leveraging pivoting and tunneling techniques to identify exposure areas deep within an organization
SEC562: CyberCity Hands-on Kinetic Cyber Range Exercise
Computers, networks, and programmable logic controllers operate most of the physical infrastructure of our modern world, ranging from electrical power grids, water systems, and traffic systems all the way down to HVAC systems and industrial automation. Increasingly, security professionals need the skills to assess and defend these important infrastructures. In this innovative and cutting-edge course based on the SANS CyberCity kinetic range, you will learn how to analyze and assess the security of control systems and related infrastructures, finding vulnerabilities that could result in significant kinetic impact.
You Will Learn:
- How to analyze cyber infrastructures that control and impact kinetic infrastructures.
- How to manipulate a variety of key industrial protocols, including Modbus, CIP, DNP3, Profinet, and other SCADA-related protocols.
- How to rapidly prototype computer attack tools against specific vulnerabilities
- How to discover security flaws in a variety of SCADA and Industrial Control Systems (ICSs) and thwart attacks against them.
- How to conduct penetration tests and assessments associated with kinetic infrastructures.
SEC575: Mobile Device Security and Ethical Hacking
Mobile phones and tablets have become essential to enterprise and government networks, from small organizations to Fortune 500 companies and large-scale agencies. Often, mobile phone deployments grow organically, adopted by multitudes of end-users for convenient email access as well as managers and executives who need access to sensitive organizational resources from their favored personal mobile devices. In other cases, mobile phones and tablets have become critical systems for a wide variety of production applications from ERP to project management. With increased reliance on these devices, organizations are quickly recognizing that mobile phones and tablets need greater security implementations than a simple screen protector and clever password.
From practical policy development to network architecture design and deployment, and mobile code analysis to penetration testing and ethical hacking, this course will help you build the critical skills necessary to support the secure deployment and use of mobile phones and tablets in your organization.
FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques
The course culminates with a series of capture-the-flag style challenges using the hugely popular SANS NetWars tournament platform. These challenges are designed to reinforce the techniques learned in class and to provide additional opportunities for learning practical, hands-on malware analysis skills. By applying the techniques learned earlier in the course, students solidify their knowledge and can shore up skill areas where they feel they need additional practice.
AUD507: Auditing Networks, Perimeters, and Systems
One of the most significant obstacles facing many auditors today is how exactly to go about auditing the security of an enterprise. What systems really matter? How should the firewall and routers be configured? What settings should be checked on the various systems under scrutiny? Is there a set of processes that can be put into place to allow an auditor to focus on the business processes rather than the security settings? All of these questions and more will be answered by the material covered in this course.
Leveraging the well known NetWars engine, students have the opportunity to connect to a simulated enterprise network environment. Building on the tools and techniques learned throughout the week, each student is challenged to answer a series of questions about the enterprise network, working through various technologies explored during the course.