homepage
Menu
Open menu

SEC560: Enterprise Penetration Testing™

GIAC Penetration Tester (GPEN)
GIAC Penetration Tester (GPEN)
Register Now Course Preview
  • In Person (6 days)
  • Online
36 CPEs

SEC560 prepares you to conduct successful penetration testing for entire modern enterprises, including on-prem systems, Azure, and Entra ID. The course doesn't just focus on network devices, Windows, Linux, macOS, identity systems, etc. -- instead, it focuses on the combined business risk of the entire enterprise. You will learn the methodology and techniques used by real-world penetration testers in large organizations to identify and exploit vulnerabilities at scale and show real business risk to your organization. The course material is complemented with 30+ practical lab exercises concluding with an intensive, hands-on Capture-the-Flag exercise in which you will conduct a penetration test against a target organization and demonstrate what you've learned.

Course Authors:
Jeff McJunkin
Jeff McJunkin
Principal Instructor
Jon Gorenflo
Jon Gorenflo
Principal Instructor
What You Will LearnSyllabusCertificationPrerequisitesLaptop RequirementsAuthor StatementReviewsTraining & Pricing

What You Will Learn

SEC560: Enterprise Penetration Testing, the flagship SANS course for penetration testing, equips you to assess and mitigate business risks across complex, modern enterprises. You will learn to plan, execute, and apply penetration tests using the latest tools and techniques through hands-on labs. Ideal for penetration testers, system administrators, and defenders, SEC560 strengthens your skills and understanding of the attacker mindset, enabling you to enhance organizational security immediately.

You Will Be Able To:

  • Properly plan and prepare for an enterprise penetration test
  • Perform detailed reconnaissance to aid in social engineering, phishing, targeting the right data, and demonstrating appropriate goals
  • Scan in-scope environments using best-of-breed tools to identify systems and targets that other tools and techniques may have missed -- you can't secure what you don't know about
  • Perform safe and effective password guessing to gain initial access to the target environment or move deeper into the network
  • Exploit target systems in multiple ways to gain access and measure real business risk
  • Understand the environment via efficient methods of gaining situation awareness to identify additional targets and attack paths
  • Thoroughly pillage exploited systems to gather information and move further into the network towards your goals
  • Use privilege escalation techniques to elevate access on Windows or Linux systems, or Active Directory itself
  • Execute lateral movement and pivoting to further extend access to the organization and identify risks missed by surface scans
  • Crack passwords using modern tools and techniques to extend or escalate access
  • Use Command and Control (C2, C&C) frameworks to manage and pillage compromised hosts remotely
  • Attack the Active Directory domains and forests used by most organizations
  • Execute multiple Kerberos attacks, including Kerberoasting, Golden Ticket, and Silver Ticket attacks
  • Conduct Azure reconnaissance remotely, both with and without credentials
  • Execute Entra ID password spray attacks
  • Execute commands in Azure using compromised credentials
  • Develop and deliver high-quality reports that clearly communicate the accurate business risk stemming from the discovered flaws and misconfigurations

SEC560 is designed to get you ready to conduct a full-scale, high-value penetration test, and at the end of the course you will do just that. After building your skills in comprehensive and challenging labs, the course culminates with a final real-world penetration test scenario. You will conduct an end-to-end penetration test, applying knowledge, tools, and principles from throughout the course as you discover and exploit vulnerabilities in a realistic target organization.

What You Will Receive

  • Access to the in-class Virtual Training Lab with more than 30 in-depth labs
  • SANS Slingshot Linux Penetration Testing Environment and Windows 10 Virtual Machines loaded with numerous tools used for all labs
  • Access to the recorded course audio to help hammer home important network penetration testing lessons
  • Cheat sheets with details on professional use of Metasploit, Netcat, and more
  • Worksheets to streamline the formulation of scoping and rules of engagement for professional penetration tests

Syllabus (36 CPEs)

Download PDF
  • Overview

    In this course section, you will develop the skills needed to conduct a best-of-breed, high-value penetration test. We'll go in-depth on how to build a penetration testing infrastructure that includes all the hardware, software, network infrastructure, and tools you will need to conduct great penetration tests, with specific low-cost recommendations for your arsenal. We'll then cover formulating a pen test scope and rules of engagement that will set you up for success, including a role-play exercise. We'll also dig deep into the reconnaissance portion of a penetration test, covering the latest tools and techniques. This course section features a hands-on lab exercise to learn about a target environment, the organization, network, infrastructure, and users. This course section also looks at the vital task of mapping the target environment's attack surface by creating a comprehensive inventory of machines, accounts, and potential vulnerabilities. We'll look at some of the most useful scanning tools freely available today and run them in numerous hands-on labs to help hammer home the most effective way to use each tool. We'll cover vital techniques for false-positive reduction so you can focus your findings on meaningful results and avoid the sting of a false positive. And we'll examine the best ways to conduct your scans safely and efficiently.

    Exercises
    • Credential Stuffing to a Breach
    • Reconnaissance and OSINT
    • Masscan
    • Nmap
    • Nmap -O -sV, EyeWitness, Netcat, and NSE
    Topics
    • Penetration Test Overview
      • The Mindset of the Professional Pen Tester
      • Building a World-Class Pen Test Infrastructure
      • Miniature Engagement (Discovery, Credential Stuffing, Finding Single-Factor Authentication)
    • Reconnaissance
      • Understanding the organization structure, culture, and business goals
      • Finding the infrastructure (hostnames, DNS records, registered IPv4/IPv6 ranges, and certificate transparency)
      • Enumerating the employees, looking at breach data, roles, job requisitions, and more
    • Scanning
      • Tips for Scaling Your Scanning
      • Finding live systems and services with Masscan, even with millions of targets
      • Getting the most out of Nmap (Nmap Scripting Engine, Version Scanning, and integrations)
      • Using EyeWitness to triage web applications efficiently
  • Overview

    This course section includes password guessing attacks, which are a common way for penetration testers and malicious attackers to gain initial access and pivot through the network. This action-packed section concludes with another common way to gain initial access: exploitation. We'll discuss many ways that exploits are used to gain access or escalate privileges, then examine how these exploits are packaged in frameworks like Metasploit and its mighty Meterpreter. You'll learn in-depth how to leverage Metasploit and Meterpreter to compromise target environments. Once you've successfully exploited a target environment, penetration testing gets extra exciting as you perform post-exploitation, gathering information from compromised machines and pivoting to other systems in your scope. In this section, we'll discuss a common modern penetration test style, the Assumed Breach, where initial access is ceded to the testers for speed and efficiency. Whether the testers gain access themselves or access is provided, the testers now identify risks that are not visible on the surface. We'll examine C2 frameworks and how to select the right one for you. As part of this, we'll use Sliver and Empire and explore their capabilities for use in an effective penetration test. We'll discuss the next stage of a penetration test and situational awareness on both Windows and Linux.

    Exercises
    • Initial Access with Password Guessing and Spraying with Hydra
    • Exploitation with Metasploit and the Meterpreter Shell
    • Command and Control via Sliver and Teammates
    • Developing Payloads in Multiple C2 Frameworks
    • GhostPack's Seatbelt for Situational Awareness
    Topics
    • Gaining Initial Access
    • Password Guessing, Spraying, and Credential Stuffing
    • Exploitation and Exploit Categories
    • Exploiting Network Services and Leveraging Meterpreter
    • Command and Control Frameworks and Selecting the One for You
    • Using the Adversary Emulation and Red Team Framework, Sliver
    • Payload Generation in Metasploit and Sliver
    • Post-Exploitation
    • Assumed Breach Testing
    • Situational Awareness on Linux and Windows
    • Extracting Useful Information from a Compromised Windows Host with Seatbelt
  • Overview

    In this section, you'll learn tools and techniques to perform privilege escalation attacks to gain elevated access on compromised hosts to further pillage compromised hosts for an even more high-impact penetration test. Part of post-exploitation includes password dumping, where we'll perform cleartext password extraction with Mimikatz and password cracking. We'll also cover persistence to help you maintain access to compromised hosts that survive a reboot or a user logoff. You'll learn modern tools and techniques to perform better cracking attacks that will extend or upgrade your access in the target environment. We'll take a look at the powerful BloodHound to allow us to map attack paths to get to high-value targets. This section concludes with Responder, a tool to obtain password hashes and for relaying.

    Exercises
    • Privilege Escalation on Windows
    • Domain Mapping and Exploitation with BloodHound
    • Practical Persistence
    • Metasploit PsExec, Hash Dumping, and Mimikatz for Credential Harvesting
    • Password Cracking with Hashcat
    • Attacking Nearby Clients with Responder
    Topics
    • Privilege Escalation Methods and Techniques on Windows and Linux
    • Identifying Attack Paths with BloodHound
    • Persistence and Maintaining Access
    • Password Attack Tips
    • Retrieving and Manipulating Hashes from Windows, Linux, and Other Systems
    • Extracting Hashes and Passwords from Memory with Mimikatz
    • Effective Password Cracking with Hashcat
    • Poisoning Multicast Name Resolution with Responder
  • Overview

    This course section zooms in on moving through the target environment. When attackers gain access to a network, they move, so you'll learn the same techniques used by modern attackers and penetration testers. You'll start by manually executing techniques used for lateral movement, then move on to automation using the powerful toolset, Impacket, to exploit and abuse network protocols. We'll examine Windows network authentication, and you'll perform a pass-the-hash attack to move through the network without knowing the compromised account's password. We'll wrap up with a discussion on effective reporting and communication with the business.

    Exercises
    • Lateral Movement using Native Tooling from Windows
    • Lateral Movement using Native Tooling from Linux
    • The Impacket Framework
    • C2 Pivoting and Pass-the-Hash
    • Bypassing Application Control Technology By Living Off The Land With MSBuild
    Topics
    • Lateral Movement
    • Running Commands Remotely
    • Attacking and Abusing Network Protocols with Impacket
    • Anti-Virus and Evasion of Defensive Tools
    • Application Control Bypasses Using Built-In Windows Features
    • Implementing Port Forwarding Relays via SSH for Merciless Pivots
    • Pivoting through Target Environments with C2
    • Effective Reporting and Business Communication
  • Overview

    This course section focuses on typical AD lateral movement strategies. You'll gain an in-depth understanding of how Kerberos works and what the possible attack vectors are, including Kerberoasting, Golden Ticket, and Silver Ticket attacks. You'll use credentials found during the penetration test of the target environment to extract all the hashes from a compromised Domain Controller. We'll cover one of the most useful new techniques for privilege escalation due to vulnerabilities in Active Directory: Certificate Services (AD CS). With full privileges over the on-premise domain, we'll then turn our attention to the cloud and have a look at Azure principles and attack strategies. The integration of Entra ID with the on-premise domain provides interesting attack options, which will be linked to the domain dominance attacks we saw earlier during the course section.

    Exercises
    • Kerberoast Attack for Domain Privilege Escalation
    • Domain Dominance and Password Hash Extraction from a Compromised Domain Controller
    • Golden Ticket Attacks for Persistence
    • Silver Tickets for Persistence and Evasion
    • Identifying Vulnerabilities and Attacking Active Directory Certificate Services (AD CS)
    • Azure Reconnaissance and Password Spraying
    • Running Commands in Azure Using Compromised Credentials
    • Lateral Movement inside Azure
    Topics
    • Kerberos Authentication Protocol
    • Kerberoasting for Domain Privilege Escalation and Credential Compromise
    • Persistent Administrative Domain Access
    • Evaluating and Attacking AD CS
    • Obtaining NTDS.dit and Extracting Domain Hashes
    • Golden and Silver Ticket Attacks for Persistence
    • Additional Kerberos Attacks Including Skeleton Key, Over-Pass-the-Hash, and Pass-the-Ticket
    • Effective Domain Privilege Escalation
    • Azure and Entra ID Reconnaissance
    • Azure Password Attacks and Spraying
    • Understanding Azure Permissions
    • Running Commands on Azure Hosts
    • Tunneling with Ngrok
    • Lateral Movement in Azure
  • Overview

    This lively section represents the culmination of the enterprise penetration testing course. You'll apply all the skills mastered in the course in a comprehensive, hands-on exercise during which you'll conduct an actual penetration test of a sample target environment. We'll provide the scope and rules of engagement, and you'll work to achieve your goal to determine whether the target organization's Personally Identifiable Information is at risk. As a final step in preparing you for conducting penetration tests, you'll make recommendations about remediating the risks you identify.

    Exercises
    • A Comprehensive Lab Applying What You Have Learned Throughout the Course
    • Modeling a Penetration Test Against a Target Environment
    Topics
    • Applying Penetration Testing Practices End-to-End
    • Detailed Scanning to Find Vulnerabilities and Avenues to Entry
    • Exploitation to Gain Control of Target Systems
    • Post-Exploitation to Determine Business Risk
    • Merciless Pivoting
    • Analyzing Results to Understand Business Risk and Devise Corrective Actions

GIAC Penetration Tester

The GIAC Penetration Tester (GPEN) certification validates a practitioner's ability to properly conduct a penetration test using best-practice techniques and methodologies. GPEN certification holders have the knowledge and skills to conduct exploits, engage in detailed environmental reconnaissance, and utilize a process-oriented approach to penetration testing projects

  • Comprehensive Pen Test Planning, Scoping, and Recon
  • In-Depth Scanning and Exploitation, Post-Exploitation, and Pivoting
  • Azure Overview, Integration, and Attacks, and In-Depth Password Attacks
More Certification Details

Prerequisites

SEC560 is the flagship penetration test course offered by the SANS Institute. Attendees are expected to have a working knowledge of networking basics and a basic knowledge of the Windows and Linux command lines before they come to class. While SEC560 has in-depth information, it is important to note that programming knowledge is NOT required for the course.

Courses that lead in to SEC560:

Courses that are good follow-ups to SEC560:

Laptop Requirements

Important! Bring your own system configured according to these instructions.

To get the most value out of this course, students are required to bring their own laptop so they can connect directly to the workshop network we will create. It is the students' responsibility to make sure the system is properly configured with all drivers necessary to connect to an Ethernet network.

Some of the course exercises are based on Windows, while others focus on Linux. VMware Workstation Player is required for the class. If you plan to use a Mac, please make sure you bring VMware Fusion. Note: Apple systems using the M1 processor cannot perform the necessary virtualization at this time and cannot be used for this course.

Disc Space Requirements

The course includes two VMware image files: a Windows 10 Virtual Machine (VM) and Slingshot Linux. You will need at least 60GB free on your system for these VMs.

VMware

You will use VMware to run Windows 10 and Slingshot Linux VMs simultaneously when performing exercises during the course. The VMs come with all the tools you need to complete the lab exercises.

We will give you a USB full of attack tools to experiment with during the course and to keep for later analysis. We will also provide a Linux image with all our tools pre-installed that runs within VMware.

Windows and Native Linux Users: You must have either the free or commercial VMware Workstation Player 16 or later installed on your system before coming to class. You can download VMware Workstation Player for free here.

Mac users: You will need VMware Fusion 12 (or later) or the free VMware Fusion Player 12 or later installed on your Mac prior to class. You can download the free VMware Fusion Player here.

Virtualbox and other virtualization products: While this may work in the course, it is not officially supported. If you choose to use this software, you will be responsible for configuring the virtual machines to work on the target range. Also, installation of both VMware and Virtualbox can sometimes cause network issues. We recommend only installing one virtualization technology.

Mandatory Laptop Hardware Requirements

  • x64-compatible 2.0 GHz CPU minimum or higher
  • 8 GB RAM minimum with 16 GB or higher recommended
  • 50 GB available hard-drive space
  • Any patch level is acceptable for Windows 10

During the Capture-the-Flag exercise, you will be connecting to one of the most hostile networks on Earth! Your laptop might be attacked. Do not have any sensitive data stored on the system. SANS is not responsible for your system if someone in the course attacks it in the workshop.

By bringing the right equipment and preparing in advance, you can maximize what you will see and learn, as well as have a lot of fun.

If you have additional questions about the laptop specifications, please contact customer service.

Author Statement

"All security professionals need to understand how companies are being breached, from modern attack tactics and including the underlying principles. As a defender, incident responder, or forensic analyst, it is important to understand the latest attacks and the mindset of the attacker. In this course, penetration testers, red teamers, and other offensive security professionals will learn tools and techniques to increase the impact and effectiveness of their work. As the lead author for this course, I'm proud to bring my years of security experience (both offensive and defensive) as well as network/system administration experience to the course. We aim to provide a valuable, high-impact penetration testing course designed to teach experienced pen testers new tips, help prepare new penetration testers, and provide background to anyone dealing with penetration testers, red teams, or even malicious attackers. I personally enjoy teaching this course and sharing my experience and real-life examples with you."

Jeff McJunkin

Ways to Learn

  • OnDemand

Cybersecurity learning – at YOUR pace! OnDemand provides unlimited access to your training wherever, whenever. All labs, exercises, and live support from SANS subject matter experts included.

Register Now
  • Live Online

The full SANS experience live at home! Get the ultimate in virtual, interactive SANS courses with leading SANS instructors via live stream. Following class, plan to kick back and enjoy a keynote from the couch.

View Available Dates & Time Zones
  • In Person (6 days)

Did someone say ALL-ACCESS? On-site immersion via in-classroom course sessions led by world-class SANS instructors fill your day, while bonus receptions and workshops fill your evenings.

View Available Dates & Locations

Who Should Attend SEC560?

  • Security personnel whose job involves assessing networks and systems to find and remediate vulnerabilities
  • Penetration testers
  • Ethical hackers
  • Defenders who want to better understand offensive methodologies, tools, and techniques
  • Auditors who need to build deeper technical skills
  • Red Team members
  • Blue Team members
  • Forensics specialists who want to better understand offensive tactics
  • Incident responders who want to understand the mindset of an attacker

NICE Framework Work Roles:

  • Security Control Assessor (OPM 612)
  • System Testing and Evaluation Specialist (OPM 671)
  • Vulnerability Assessment Analyst (OPM 541)
  • Pen Tester (OPM 541)
  • Exploitation Analyst (OPM 121)
  • Mission Assessment Specialist (OPM 112)
  • Target Developer (OPM 131)
  • Cyber Ops Planner (OPM 332)
  • Cyber Operator (OPM 321)
See prerequisites

Need to justify a training request to your manager?

Use this justification letter template to share the key details of this training and certification opportunity with your boss.

Download the Letter

Related Programs

DoDD 8140
DoDD 8140 (Vulernability Assessment Analyst)
See how this and other SANS Courses and GIAC Certifications align with the Department of Defense Directive 8140.
Masters Program
Masters Program
This course and certification can be applied to a master's degree program at the SANS Technology Institute.

Reviews

I think if you genuinely want to learn how exploitation techniques work and how to properly think like a hacker, it would be silly not to attend SEC560.
Marc Hamilton
McAfee
SEC560 introduces the whole process of penetration testing from the start of engagement to the end.
Barry Tsang
Deloitte
Thank you for an amazing week of training in SEC560! My favorite parts were lateral movement, password cracking, and web exploits!
Robert Adams
Microsoft
    Africa/Abidjan
    Africa/Accra
    Africa/Addis Ababa
    Africa/Algiers
    Africa/Asmara
    Africa/Asmera
    Africa/Bamako
    Africa/Bangui
    Africa/Banjul
    Africa/Bissau
    Africa/Blantyre
    Africa/Brazzaville
    Africa/Bujumbura
    Africa/Cairo
    Africa/Casablanca
    Africa/Ceuta
    Africa/Conakry
    Africa/Dakar
    Africa/Dar es Salaam
    Africa/Djibouti
    Africa/Douala
    Africa/El Aaiun
    Africa/Freetown
    Africa/Gaborone
    Africa/Harare
    Africa/Johannesburg
    Africa/Juba
    Africa/Kampala
    Africa/Khartoum
    Africa/Kigali
    Africa/Kinshasa
    Africa/Lagos
    Africa/Libreville
    Africa/Lome
    Africa/Luanda
    Africa/Lubumbashi
    Africa/Lusaka
    Africa/Malabo
    Africa/Maputo
    Africa/Maseru
    Africa/Mbabane
    Africa/Mogadishu
    Africa/Monrovia
    Africa/Nairobi
    Africa/Ndjamena
    Africa/Niamey
    Africa/Nouakchott
    Africa/Ouagadougou
    Africa/Porto-Novo
    Africa/Sao Tome
    Africa/Timbuktu
    Africa/Tripoli
    Africa/Tunis
    Africa/Windhoek
    America/Adak
    America/Anchorage
    America/Anguilla
    America/Antigua
    America/Araguaina
    America/Argentina/Buenos Aires
    America/Argentina/Catamarca
    America/Argentina/ComodRivadavia
    America/Argentina/Cordoba
    America/Argentina/Jujuy
    America/Argentina/La Rioja
    America/Argentina/Mendoza
    America/Argentina/Rio Gallegos
    America/Argentina/Salta
    America/Argentina/San Juan
    America/Argentina/San Luis
    America/Argentina/Tucuman
    America/Argentina/Ushuaia
    America/Aruba
    America/Asuncion
    America/Atikokan
    America/Atka
    America/Bahia
    America/Bahia Banderas
    America/Barbados
    America/Belem
    America/Belize
    America/Blanc-Sablon
    America/Boa Vista
    America/Bogota
    America/Boise
    America/Buenos Aires
    America/Cambridge Bay
    America/Campo Grande
    America/Cancun
    America/Caracas
    America/Catamarca
    America/Cayenne
    America/Cayman
    America/Chicago
    America/Chihuahua
    America/Ciudad Juarez
    America/Coral Harbour
    America/Cordoba
    America/Costa Rica
    America/Creston
    America/Cuiaba
    America/Curacao
    America/Danmarkshavn
    America/Dawson
    America/Dawson Creek
    America/Denver
    America/Detroit
    America/Dominica
    America/Edmonton
    America/Eirunepe
    America/El Salvador
    America/Ensenada
    America/Fort Nelson
    America/Fort Wayne
    America/Fortaleza
    America/Glace Bay
    America/Godthab
    America/Goose Bay
    America/Grand Turk
    America/Grenada
    America/Guadeloupe
    America/Guatemala
    America/Guayaquil
    America/Guyana
    America/Halifax
    America/Havana
    America/Hermosillo
    America/Indiana/Indianapolis
    America/Indiana/Knox
    America/Indiana/Marengo
    America/Indiana/Petersburg
    America/Indiana/Tell City
    America/Indiana/Vevay
    America/Indiana/Vincennes
    America/Indiana/Winamac
    America/Indianapolis
    America/Inuvik
    America/Iqaluit
    America/Jamaica
    America/Jujuy
    America/Juneau
    America/Kentucky/Louisville
    America/Kentucky/Monticello
    America/Knox IN
    America/Kralendijk
    America/La Paz
    America/Lima
    America/Los Angeles
    America/Louisville
    America/Lower Princes
    America/Maceio
    America/Managua
    America/Manaus
    America/Marigot
    America/Martinique
    America/Matamoros
    America/Mazatlan
    America/Mendoza
    America/Menominee
    America/Merida
    America/Metlakatla
    America/Mexico City
    America/Miquelon
    America/Moncton
    America/Monterrey
    America/Montevideo
    America/Montreal
    America/Montserrat
    America/Nassau
    America/New York
    America/Nipigon
    America/Nome
    America/Noronha
    America/North Dakota/Beulah
    America/North Dakota/Center
    America/North Dakota/New Salem
    America/Nuuk
    America/Ojinaga
    America/Panama
    America/Pangnirtung
    America/Paramaribo
    America/Phoenix
    America/Port-au-Prince
    America/Port of Spain
    America/Porto Acre
    America/Porto Velho
    America/Puerto Rico
    America/Punta Arenas
    America/Rainy River
    America/Rankin Inlet
    America/Recife
    America/Regina
    America/Resolute
    America/Rio Branco
    America/Rosario
    America/Santa Isabel
    America/Santarem
    America/Santiago
    America/Santo Domingo
    America/Sao Paulo
    America/Scoresbysund
    America/Shiprock
    America/Sitka
    America/St Barthelemy
    America/St Johns
    America/St Kitts
    America/St Lucia
    America/St Thomas
    America/St Vincent
    America/Swift Current
    America/Tegucigalpa
    America/Thule
    America/Thunder Bay
    America/Tijuana
    America/Toronto
    America/Tortola
    America/Vancouver
    America/Virgin
    America/Whitehorse
    America/Winnipeg
    America/Yakutat
    America/Yellowknife
    Antarctica/Casey
    Antarctica/Davis
    Antarctica/DumontDUrville
    Antarctica/Macquarie
    Antarctica/Mawson
    Antarctica/McMurdo
    Antarctica/Palmer
    Antarctica/Rothera
    Antarctica/South Pole
    Antarctica/Syowa
    Antarctica/Troll
    Antarctica/Vostok
    Arctic/Longyearbyen
    Asia/Aden
    Asia/Almaty
    Asia/Amman
    Asia/Anadyr
    Asia/Aqtau
    Asia/Aqtobe
    Asia/Ashgabat
    Asia/Ashkhabad
    Asia/Atyrau
    Asia/Baghdad
    Asia/Bahrain
    Asia/Baku
    Asia/Bangkok
    Asia/Barnaul
    Asia/Beirut
    Asia/Bishkek
    Asia/Brunei
    Asia/Calcutta
    Asia/Chita
    Asia/Choibalsan
    Asia/Chongqing
    Asia/Chungking
    Asia/Colombo
    Asia/Dacca
    Asia/Damascus
    Asia/Dhaka
    Asia/Dili
    Asia/Dubai
    Asia/Dushanbe
    Asia/Famagusta
    Asia/Gaza
    Asia/Harbin
    Asia/Hebron
    Asia/Ho Chi Minh
    Asia/Hong Kong
    Asia/Hovd
    Asia/Irkutsk
    Asia/Istanbul
    Asia/Jakarta
    Asia/Jayapura
    Asia/Jerusalem
    Asia/Kabul
    Asia/Kamchatka
    Asia/Karachi
    Asia/Kashgar
    Asia/Kathmandu
    Asia/Katmandu
    Asia/Khandyga
    Asia/Kolkata
    Asia/Krasnoyarsk
    Asia/Kuala Lumpur
    Asia/Kuching
    Asia/Kuwait
    Asia/Macao
    Asia/Macau
    Asia/Magadan
    Asia/Makassar
    Asia/Manila
    Asia/Muscat
    Asia/Nicosia
    Asia/Novokuznetsk
    Asia/Novosibirsk
    Asia/Omsk
    Asia/Oral
    Asia/Phnom Penh
    Asia/Pontianak
    Asia/Pyongyang
    Asia/Qatar
    Asia/Qostanay
    Asia/Qyzylorda
    Asia/Rangoon
    Asia/Riyadh
    Asia/Saigon
    Asia/Sakhalin
    Asia/Samarkand
    Asia/Seoul
    Asia/Shanghai
    Asia/Singapore
    Asia/Srednekolymsk
    Asia/Taipei
    Asia/Tashkent
    Asia/Tbilisi
    Asia/Tehran
    Asia/Tel Aviv
    Asia/Thimbu
    Asia/Thimphu
    Asia/Tokyo
    Asia/Tomsk
    Asia/Ujung Pandang
    Asia/Ulaanbaatar
    Asia/Ulan Bator
    Asia/Urumqi
    Asia/Ust-Nera
    Asia/Vientiane
    Asia/Vladivostok
    Asia/Yakutsk
    Asia/Yangon
    Asia/Yekaterinburg
    Asia/Yerevan
    Atlantic/Azores
    Atlantic/Bermuda
    Atlantic/Canary
    Atlantic/Cape Verde
    Atlantic/Faeroe
    Atlantic/Faroe
    Atlantic/Jan Mayen
    Atlantic/Madeira
    Atlantic/Reykjavik
    Atlantic/South Georgia
    Atlantic/St Helena
    Atlantic/Stanley
    Australia/ACT
    Australia/Adelaide
    Australia/Brisbane
    Australia/Broken Hill
    Australia/Canberra
    Australia/Currie
    Australia/Darwin
    Australia/Eucla
    Australia/Hobart
    Australia/LHI
    Australia/Lindeman
    Australia/Lord Howe
    Australia/Melbourne
    Australia/NSW
    Australia/North
    Australia/Perth
    Australia/Queensland
    Australia/South
    Australia/Sydney
    Australia/Tasmania
    Australia/Victoria
    Australia/West
    Australia/Yancowinna
    Brazil/Acre
    Brazil/DeNoronha
    Brazil/East
    Brazil/West
    CET
    CST6CDT
    Canada/Atlantic
    Canada/Central
    Canada/Eastern
    Canada/Mountain
    Canada/Newfoundland
    Canada/Pacific
    Canada/Saskatchewan
    Canada/Yukon
    Chile/Continental
    Chile/EasterIsland
    Cuba
    EET
    EST
    EST5EDT
    Egypt
    Eire
    Etc/GMT
    Etc/GMT+0
    Etc/GMT+1
    Etc/GMT+10
    Etc/GMT+11
    Etc/GMT+12
    Etc/GMT+2
    Etc/GMT+3
    Etc/GMT+4
    Etc/GMT+5
    Etc/GMT+6
    Etc/GMT+7
    Etc/GMT+8
    Etc/GMT+9
    Etc/GMT-0
    Etc/GMT-1
    Etc/GMT-10
    Etc/GMT-11
    Etc/GMT-12
    Etc/GMT-13
    Etc/GMT-14
    Etc/GMT-2
    Etc/GMT-3
    Etc/GMT-4
    Etc/GMT-5
    Etc/GMT-6
    Etc/GMT-7
    Etc/GMT-8
    Etc/GMT-9
    Etc/GMT0
    Etc/Greenwich
    Etc/UCT
    Etc/UTC
    Etc/Universal
    Etc/Zulu
    Europe/Amsterdam
    Europe/Andorra
    Europe/Astrakhan
    Europe/Athens
    Europe/Belfast
    Europe/Belgrade
    Europe/Berlin
    Europe/Bratislava
    Europe/Brussels
    Europe/Bucharest
    Europe/Budapest
    Europe/Busingen
    Europe/Chisinau
    Europe/Copenhagen
    Europe/Dublin
    Europe/Gibraltar
    Europe/Guernsey
    Europe/Helsinki
    Europe/Isle of Man
    Europe/Istanbul
    Europe/Jersey
    Europe/Kaliningrad
    Europe/Kiev
    Europe/Kirov
    Europe/Kyiv
    Europe/Lisbon
    Europe/Ljubljana
    Europe/London
    Europe/Luxembourg
    Europe/Madrid
    Europe/Malta
    Europe/Mariehamn
    Europe/Minsk
    Europe/Monaco
    Europe/Moscow
    Europe/Nicosia
    Europe/Oslo
    Europe/Paris
    Europe/Podgorica
    Europe/Prague
    Europe/Riga
    Europe/Rome
    Europe/Samara
    Europe/San Marino
    Europe/Sarajevo
    Europe/Saratov
    Europe/Simferopol
    Europe/Skopje
    Europe/Sofia
    Europe/Stockholm
    Europe/Tallinn
    Europe/Tirane
    Europe/Tiraspol
    Europe/Ulyanovsk
    Europe/Uzhgorod
    Europe/Vaduz
    Europe/Vatican
    Europe/Vienna
    Europe/Vilnius
    Europe/Volgograd
    Europe/Warsaw
    Europe/Zagreb
    Europe/Zaporozhye
    Europe/Zurich
    GB
    GB-Eire
    GMT
    GMT+0
    GMT-0
    GMT0
    Greenwich
    HST
    Hongkong
    Iceland
    Indian/Antananarivo
    Indian/Chagos
    Indian/Christmas
    Indian/Cocos
    Indian/Comoro
    Indian/Kerguelen
    Indian/Mahe
    Indian/Maldives
    Indian/Mauritius
    Indian/Mayotte
    Indian/Reunion
    Iran
    Israel
    Jamaica
    Japan
    Kwajalein
    Libya
    MET
    MST
    MST7MDT
    Mexico/BajaNorte
    Mexico/BajaSur
    Mexico/General
    NZ
    NZ-CHAT
    Navajo
    PRC
    PST8PDT
    Pacific/Apia
    Pacific/Auckland
    Pacific/Bougainville
    Pacific/Chatham
    Pacific/Chuuk
    Pacific/Easter
    Pacific/Efate
    Pacific/Enderbury
    Pacific/Fakaofo
    Pacific/Fiji
    Pacific/Funafuti
    Pacific/Galapagos
    Pacific/Gambier
    Pacific/Guadalcanal
    Pacific/Guam
    Pacific/Honolulu
    Pacific/Johnston
    Pacific/Kanton
    Pacific/Kiritimati
    Pacific/Kosrae
    Pacific/Kwajalein
    Pacific/Majuro
    Pacific/Marquesas
    Pacific/Midway
    Pacific/Nauru
    Pacific/Niue
    Pacific/Norfolk
    Pacific/Noumea
    Pacific/Pago Pago
    Pacific/Palau
    Pacific/Pitcairn
    Pacific/Pohnpei
    Pacific/Ponape
    Pacific/Port Moresby
    Pacific/Rarotonga
    Pacific/Saipan
    Pacific/Samoa
    Pacific/Tahiti
    Pacific/Tarawa
    Pacific/Tongatapu
    Pacific/Truk
    Pacific/Wake
    Pacific/Wallis
    Pacific/Yap
    Poland
    Portugal
    ROC
    ROK
    Singapore
    Turkey
    UCT
    US/Alaska
    US/Aleutian
    US/Arizona
    US/Central
    US/East-Indiana
    US/Eastern
    US/Hawaii
    US/Indiana-Starke
    US/Michigan
    US/Mountain
    US/Pacific
    US/Samoa
    UTC
    Universal
    W-SU
    WET
    Zulu
    Filters:
    Training Formats
          Location
          Dates

          Register for SEC560

          Learn about Group Pricing

          Prices below exclude applicable taxes and shipping costs. If applicable, these will be shown on the last page of checkout.

          Loading...