Новости Листа

MASTERCLASS
Managing and Defending Against Current Threats

10-14 December 2018
Duration: 5 days
Location: Semos Education, Skopje
Language: English
Price: 999 EUR

Apply Now

This is a deep dive course on security operations: vulnerability management, anomalies detection, discovery of industry attacks and threats, understanding how compromised system or solution looks like, defining the indicators of the attack, incident handling.

On completion of this course you will be able to:

  • Analyze emerging trends in attacks
  • Identify areas of vulnerability within your organization
  • Prepare a risk assessment for your organization
  • Report and recommend countermeasures
  • Develop a threat management plan for your organization

Prerequisites:

To attend this training, you should have a good hands-on experience in administering Windows infrastructure. At least 8 years in the field is recommended.

Target audience

Enterprise administrators, infrastructure architects, security professionals, systems engineers, network administrators, IT professionals, security consultants and other people responsible for implementing network and perimeter security.

Materials

Author’s unique tools, over 200 pages of exercises, presentation slides with notes.

AGENDA:

Module 1: Identifying Areas of Vulnerability (Day 1)

  • Defining the assets which your company needs to protect
  • Defining the other sensitive information that needs to be protected

Module 2: Modern Attack Techniques (Day 1)

  • OS platform threats and attacks
  • Web based threats and attacks
  • E-mail threats and attacks
  • Physical access threats and attacks
  • Social threats and attacks
  • Wireless threats and attacks

Module 3: Identity Attacks (Day 1)

  • Performing the identity attacks
  • Cached logons (credentials)
  • Data Protection API (DPAPI) for user’s secrets protection
  • Credential Guard in details
  • Performing the LSA Secrets dump and implementing prevention
  • Active Directory and Azure AD security
  • Authentication Mechanism Assurance
  • Using virtual smart cards
  • Multi-factor Authentication

Module 4: Malicious Software Techniques (Day 2)

  • Types of the attacks
  • Points of entry
  • Persistence methods
  • Hiding traces
  • Case study: ransomware examples

Module 5: Discovery and Analysis of the Modern Attacks (Day 3)

  • Defining Critical Security Controls
  • Incident response checklist
  • Suspicious Activities Time Line
  • Filtering Suspicious Activities Network traffic inspection
  • Malware analysis tools
  • Host, Port and Service Discovery
  • Vulnerability Scanning
  • Monitoring Patching, Applications, Service Logs
  • Detecting the most common attacks:
  • Using Sysmon in the advanced monitoring configuration
  • Log Collection
  • Scripting and Automation
  • PowerShell for extraction and information gathering
  • Industry Best Practices

Module 6: Designing and Implementing Endpoint Security (Day 4)

  • Strategy for protecting Internet facing systems
  • Strategy for protecting internal systems
  • Strategy for protecting users’ workstation
  • Strategy for protecting (against) BYOD devices
  • Implementing automation and access control (Just Enough Administration, Desired State Configuration)
  • Application whitelisting (AppLocker, Device Guard etc.)
  • Configuring firewalls
  • Privileged accounts
  • Securing authentication
  • Storage and full disk encryption
  • Control Folder Access
  • Application Guard

Module 7: Securing the Communication Channel Approach (Day 5)

  • Implementing tunneling
  • Designing secure access
  • Sniffing the network techniques
  • The meaning of partitioning the network
  • Ensuring confidentiality with encryption
  • Searching for rogue servers
  • Securing networking services
  • Limiting the impact of common attacks

About Paula

Paula Januszkiewicz is the IT Security Auditor and Penetration Tester, Enterprise Security MVP and trainer (MCT) and Microsoft Security Trusted Advisor. She is also a top speaker at many well-known conferences including Microsoft Ignite, TechEd North America, TechEd Europe, TechEd Middle East, RSA, TechDays, CyberCrime, etc.
Paula has conducted hundreds of IT security audits and penetration tests, including those for governmental organizations. Her distinct specialization is definitely on security solutions, in which she holds multiple certifications, besides being familiar with and possessing certifications in other related technologies. Paula is passionate about sharing her knowledge with others.