Self Registration
Register & Pay online!
TAKEDOWNCON| Academy
Recognizing the growing demand for information security education and training, we have put together some of the most sought after technical training & certification classes offered by top training companies and led by well-respected instructors.
Make Huntsville your next destination to obtain quality information security knowledge and cutting edge skills, and let TAKEDOWNCON | Academy be the platform to make your learning and training an enjoyable experience.
Benefits
What you get when you sign up for any of the training at the TAKEDOWNCON Academy:
Official Courseware (For EC-Council and CAST training)
1 Complimentary Exam voucher (For EC-Council certification training only)
Certificate of attendance
Lunch and coffee breaks throughout the duration of the training
Complimentary Pass to the Rocket City TAKEDOWNCON- Huntsville conference
Certified Ethical Hacker (CEH) v7
Ethical Hacking and CountermeasurersThe CEH Program certifies individuals in the specific network security discipline of Ethical Hacking from a vendor-neutral perspective.The Certified Ethical Hacker certification will fortify the application knowledge of security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure. A Certified Ethical Hacker is a skilled professional who understands and knows how to look for the weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker.
Module 01: Introduction to Ethical Hacking
Module 02: Footprinting and Reconnaissance
Module 03: Scanning Networks
Module 04: Enumeration
Module 05: System Hacking
Module 06: Trojans and Backdoors
Module 07: Viruses and Worms
Module 08: Sniffers
Module 09: Social Engineering
Module 10: Denial of Service
Module 11: Session Hijacking
Module 12: Hijacking Webservers
Module 13: Hacking Web Applications
Module 14: SQL Injection
Module 15: Hacking Wireless Networks
Module 16: Evading IDS, Firewalls, and Honeypots
Module 17: Buffer Overflow
Module 18: Cryptography
Module 19: Penetration Testing
Dates
July 11th – 14th, 2013
Pricing
Register and pay by June 15, 2013: $2,499
Register and pay After June 15, 2013: $2,999
Class Capacity
25
Course Includes:
Official Courseware.
1 Complimentary Prometric Prime Exam voucher
Certificate of Attendance
Complimentary Pass to TAKEDOWNCON conference.
Lunch and coffee breaks throughout the duration of the training.
Computer Hacking Forensic Investigator (CHFI) v8
EC-Council releases the most advanced Computer Hacking Forensic Investigator program in the world. CHFIv8 presents detailed methodological approach to computer forensics and evidence analysis. It is a comprehensive course covering major forensic investigation scenarios that enables students to acquire necessary hands-on experience on various forensic investigation techniques and standard forensic tools necessary to successfully carryout a computer forensic investigation leading to prosecution of perpetrators. Battles between corporations, governments, and countries are no longer fought using physical force. Cyber war has begun and we can also see the consequences in our daily lives. With the onset of sophisticated cyber-attacks, the need for advanced cyber security and investigation training is a mandate in present day. If you or your organization requires the knowledge or skills to identify, track, and prosecute the cybercriminal, then this is the course for you. This course helps forensic investigators to excel in incident handling and investigate various types of security incidents such as data breaches, latest persistent security issues, insider employee threats and intricate digital forensic circumstances and cases.
Module 01: Computer Forensics in Today’s World
Module 02: Computer Forensics Investigation Process
Module 03: Searching and Seizing of Computers
Module 04: Digital Evidence
Module 05: First Responder Procedures
Module 06: Computer Forensics Lab
Module 07: Understanding Hard Disks and File Systems
Module 08: Windows Forensics
Module 09: Data Acquisition and Duplication
Module 10: Recovering Deleted Files and Deleted Partitions
Module 11: Forensics Investigation using AccessData FTK
Module 12: Forensics Investigations Using Encase
Module 13: Steganography and Image File Forensics
Module 14: Application Password Crackers
Module 15: Log Capturing and Event Correlation
Module 16: Network Forensics, Investigating Logs and Investigating Network Traffic
Module 17: Investigating Wireless Attacks
Module 18: Investigating Web Attacks
Module 19: Tracking Emails and Investigating Email Crimes
Module 20: Mobile Forensics
Module 21: Investigative Reports
Module 22: Becoming an Expert Witness
Dates
July 11th – 14th, 2013
Pricing
Register and pay by June 15, 2013: $2,499
Register and pay After June 15, 2013: $2,999
Class Capacity
25
Course Includes:
Official Courseware.
1 Complimentary Prometric Prime Exam voucher
Certificate of Attendance
Complimentary Pass to TAKEDOWNCON conference.
Lunch and coffee breaks throughout the duration of the training.
Certified Security Analyst – (ECSA)
The Certified Security Analyst “pen testing” program is a computer security certification designed to teach Information Security Professionals the advanced uses of the available methodologies, tools and techniques expected from a premier ethical hacking training and are required to perform comprehensive information security pen tests. Students will learn how to design, secure and test networks to protect your organization from the threats hackers and crackers pose. By teaching the Licensed Penetration Tester, LPT methodology and ground breaking techniques for security and penetration testing, this class will help you perform the intensive assessments required to effectively identify and mitigate risks to the security of your infrastructure. As students learn to identify Information Security problems in this ethical hacking training certification course, they also learn how to avoid and eliminate them, with the class providing complete coverage of analysis and network security-testing topics.
Module 1: The Need for Security Analysis
Module 2: Advanced Googling
Module 3: TCP/IP Packet Analysis
Module 4: Advanced Sniffing Techniques
Module 5: Vulnerability Analysis with Nessus
Module 6: Advanced Wireless Testing
Module 7: Designing a DMZ
Module 8: Snort Analysis
Module 10: Advanced Exploits and Tools
Module 11: Penetration Testing Methodologies
Module 12: Customers and Legal Agreements
Module 13: Rules of Engagement
Module 14: Penetration Testing Planning and Scheduling
Module 15: Pre Penetration Testing Checklist
Module 16: Information Gathering
Module 17: Vulnerability Analysis
Module 18: External Penetration Testing
Module 19: Internal Network Penetration Testing
Module 20: Routers and Switches Penetration Testing
Module 21: Firewall Penetration Testing
Module 22: IDS Penetration Testing
Module 23: Wireless Network Penetration Testing
Module 24: Denial of Service Penetration Testing
Module 25: Password Cracking Penetration Testing
Module 26: Social Engineering Penetration Testing
Module 27: Stolen Laptop, PDAs and Cell phones Penetration Testing
Module 28: Application Penetration Testing
Module 29: Physical Security Penetration Testing
Module 30: Database Penetration testing
Module 31: VoIP Penetration Testing
Module 32: VPN Penetration Testing
Module 33: War Dialing
Module 34: Virus and Trojan Detection
Module 35: Log Management Penetration Testing
Module 36: File Integrity Checking
Module 37: Blue Tooth and Hand held Device Penetration Testing
Module 38: Telecommunication and Broadband Communication Penetration Testing
Module 39: Email Security Penetration Testing
Module 40: Security Patches Penetration Testing
Module 41: Data Leakage Penetration Testing
Module 42: Penetration Testing Deliverables and Conclusion
Module 43: Penetration Testing Report and Documentation Writing
Module 44: Penetration Testing Report Analysis
Module 45: Post Testing Actions
Module 46: Ethics of a Licensed Penetration Tester
Module 47: Standards and Compliance
Dates
July 11th – 14th, 2013
Pricing
Register and pay by June 15, 2012: $2,499
Register and pay by After June 15, 2012: $2,999
Class Capacity
25
Course Includes:
Official Courseware.
1 Complimentary Prometric Prime Exam voucher
Certificate of Attendance
Complimentary Pass to TAKEDOWNCON conference.
Lunch and coffee breaks throughout the duration of the training.
Attacking Hardened Defense Systems
Course Description
Advanced Penetration Testing provides penetration testers the training needed to perform advanced pen testing against known or unknown applications, services, and network systems which are patched and hardened with both Network and Host-based Intrusion Detection/Preventions systems (IDS/IPS) in place. The learning curve for this program is extremely steep, but the rewards are astronomical where students are presented with the opportunity of learning what it REALLY takes to hack into some of the most secure networks and applications in the world.
Views shared will include what it REALLY takes to hack and then defend some of the most secured networks and applications around today under the guidance and support of a world renowned expert in Advanced Pen Testing.
Joe McCray has over 10 years of experience in the security industry with a diverse background that includes network and web application penetration testing, forensics, training, and regulatory compliance. Having performed hundreds of penetration tests assessing well over 250,000 hosts in the DoD, Federal, Financial, Gaming, Retail, and Hospitality industries – Joe’s specialty is pentesting high security environments, and bypassing high end security systems.
Joe is a US Air Force veteran with 5 years of US Army contracting experience in information assurance (specifically Information Assurance Network Engineering, Incident Response, Forensics, Vulnerability Assessments, and Penetration Testing). He is well versed in cyber war, cyber terrorism tactics having spent 2 years in Iraq and 1 year at US Army NetCom. He now gives advanced hacking and forensics training to the FBI, NSA, DHS, Royal Canadian Mounties, and several other entities. Joe is also a frequent trainer and presenter at security conferences such as Black Hat, Def Con, BruCON, Hacker Halted, Techno Security, Techno Forensics, and many others.
Joe was awarded the EC-Council Instructor of the Year award for 2010, and a Circle of Excellence (Instructor) recipient for 2009.
This course is intended for:
Information security professionals
Penetration Testers
IT managers
IT auditors
Government & Intelligence Agencies interested in real world attack and defense in today’s complex and highly secure IT environments
Students should be familiar with the following web technologies and languages:
HTTP
HTML
Javascript
ASP
PHP
SQL
Students should also be familiar with Metasploit, and VMWare.
NOTE: This is NOT a course for the beginners. 80% of class is hands-on hacking labs. Participants should ideally be CEH or ECSA certified, or hold relevant industry certifications, or experience.
Upon completion of this program, student should be able to understand:
What it REALLY takes to break into a highly secured organization from the outside
How to move around the network without being detected by IDS/IPS
How to mitigate or circumvent common security implementations such as Locked
Down desktops, GPOs, IDSs/IPSs/WAFs, among others.
How to Pentest “High Security environments” such as government agencies, financial institutions, and other key installations.
Students must be familiar with IT Security best practices, and have a good understanding of TCP/IP and common web technologies.
Windows administration for servers and workstations
Linux/*NIX system administration skill
Intermediate command line proficiency on both Windows and *NIX systems
Module 01: Advanced Scanning
Module 02: Attacking From the Web
Module 03: Client-Side Pentesting
Module 04: Attacking From the LAN
Module 05: Breaking out of Restricted Environments
Module 06: Bypassing Network-Based IDS/IPS
Module 07: Privilege Escalation
Module 08: Post-Exploitation
Dates
July 12th – 14th, 2013
Pricing
Register and pay by June 15, 2013: $1,999
Register and pay After June 15, 2013: $2,999
Class Capacity
25
Course Includes:
Official Courseware.
Certificate of Attendance
Complimentary Pass to TAKEDOWNCON conference.
Lunch and coffee breaks throughout the duration of the training.
Elevating Mobile Forensics & Investigation To An Art Form
Course Description
Digital Mobile Forensics is fast becoming a lucrative and constantly evolving field, this is no surprise as the mobile phone industry has been witnessing some unimaginable growth, some experts say it may even replace the Computer for those only wishing to send and receive emails.
As this area of digital forensics grow in scope and size due to the prevalence and proliferation of mobile devices and as the use of these devices grows, more evidence and information important to investigations will be found on them. To ignore examining these devices would be negligent and result in incomplete investigations. This growth has now presented new and growing career opportunities for interested practitioners in corporate, enforcement, and military settings.
Mobile forensics is certainly here to stay as every mobile device is different and different results will occur based on that device requiring unique expertise. This course was put together focusing on what today’s Mobile Forensics practitioner requires, some of the advanced areas this course will be covering are the intricacies of manual Acquisition (physical vs. logical) & advanced analysis using reverse engineering , understanding how the popular Mobile OSs are hardened to defend against common attacks and exploits.
Wayne Burke has had considerable hands-on IT Security experience consulting or lecturing, whether it was for Government Agencies, Healthcare Institutions, Financial and international companies.
His experience in the public / defense sectors is equally complemented by assignments undertaken for heavyweight world renowned corporations including Yahoo, Xerox, AT&T and Texas Instruments to name but a few. He is imminently qualified in his field in that he holds a string of professional qualifications in Networking to name a few (MCT, MCSE, Cisco, Network+) and IT Security (CIW-SA, Security+, CEH, ECSA, LPT, CHFI) besides a bachelor’s degree in science.
Wayne is currently the CSO for Sequrit CSI, responsible for the technical realm and security management, which includes consulting teams . He is a captain of a global operating group of penetration testers and security experts. Wayne and his group have delivered security assessments, Penetration Test assignments and customized training for International Corporations and many Government Agencies such as: EPA, FAA, DOJ, DOE, DOD + 8570: Air force, Army, Navy, Marines, FBI and Statewide Law Enforcement Offices in the USA.
In Europe: NATO, Europol, MOD (Military of Defense UK) various EU Law Enforcement, Dutch Ministry of Defense, Ministry of Justice, local European Law Enforcement: UK, Ireland, Switzerland, Belgium, Holland, Denmark.
ASIA: Singapore Gov, Philippines’ Presidential Office, the Undersecretary, and Cyber Crime Police Specialist Unit. Jakarta, Tax Investigations Office. Various Malaysian Gov agencies. Plus Corporate and government bodies from Africa, and numerous Gulf locations to name a few. His office has become his next long haul international flight.
Wayne’s consulting and training undertakings cover specializing in Penetration Testing, Forensics, Security Expert Advisor and secure infrastructure design. His expertise include DMZ firewalls, Secure VPNs, EAP/TLS, PEAP, SSL, PKI, Smart Cards, Biometrics, IPSEC, IDS, Vulnerability Scanners, AV, Honey Pots, Audits, filtering policies, multi-layer encrypted file systems, patch management and deployments. He additionally develops customized and blended security curriculum.
Wayne is constantly engaged in helping businesses optimize their systems security vision He is acknowledged as an expert consultant and trainer serving large organizations with cutting edge IT security. His wide range of all product experience has helped to develop his overall systems security knowledge. Wayne has a passion for tracing malicious hackers in pursuit of which he has had to grapple with issues, which are inextricably entwined in meeting the everyday challenges of information systems security.
This course is intended for:
Risk Assessment Professionals
Digital Forensics Investigators
Information Security Professionals
Mobile Developers
Penetration Testers – CEH Professionals
Law Enforcement Officers and Government Agencies
Attorneys, Paralegals and First Responders
Accountants and Financial Personnel
NOTE: You will Deep Dive into all crucial practical and theoretical aspects of mobile forensics with about 80% of the course focused on practical REAL WORLD hands-on lab scenario exercises.
Upon completion of this course, students should achieve proficiency in the following:
Digital forensic fundamentals and legal practices.
Mobile Hardware Design: iPhone, BlackBerry, Android and other devices.
Mobile Software design and the typical boot process for Smart Devices.
Mobile Device Storage and Evidence Acquisition techniques.
Mobile Forensic Hardware and Software Field Kits DIY.
Forensic Software, evidence analysis and reporting.
Cryptography, Steganography, Malware and Password Recovery techniques.
Court approved Non-standard Evidence collection deviations
Final Report: Evidence Documentation.
Students should have an understanding of the fundamental principles and processes for digital forensics.
Should have knowledge of evidence acquisitions, examination analysis and final reporting
Digital Forensics experience is recommended.
CHFI certification or equivalent knowledge.
A+ certification or equivalent knowledge.
Network+ certification or equivalent knowledge.
Module 01: Mobile Hacking and Digital Forensic Challenges
Module 02: Mobile Hardware Design For iPhone, BlackBerry, Android And Other Devices
Module 03: Mobile Software Design And The Common Boot Process For Smart Devices
Module 04: Mobile Device Storage And Evidence Acquisition Techniques
Module 05: Advanced Mobile Attack Analysis
Module 06: Mobile Device Hacking Techniques and Tools
Module 07: Penetration Testing and Exploitation Vectors
Module 08: Mobile Forensic Hardware and Software Field Kits
Module 09: Forensic Software, Evidence Analysis and Reporting
Dates
July 12th – 14th, 2013
Pricing
Register and pay by June 15, 2013: $1,999
Register and pay After June 15, 2013: $2,999
Class Capacity
25
Course Includes:
Official Courseware.
Certificate of Attendance
Complimentary Pass to TAKEDOWNCON conference.
Lunch and coffee breaks throughout the duration of the training.
Hardening Perimeter Defenses
Course Description
Advanced Network Defense: This is a 3 days comprehensive and fast paced course that will take the perspective of the “hacker”, and use that as a foundation of defending against future attacks. It is certainly fun being on the offense executing the actual hacking and penetration testing, but when it comes to reality most of us have to play roles requiring a solid defense. This course provides an offensive mindset first in order to then create a robust and solid defense.The course will cover how to develop a secure baseline and “harden” your enterprise architectures from the most advanced attacks. Once we have a strategy for a fortified perimeter the course moves on to defending against the sophisticated malware that is on the rise today and the importance of “live” memory analysis plus real time monitoring.You will learn how to develop a robust ingress and egress architecture plan to mitigate and reduce the impact of sophisticated malware. The course covers the advanced security features that are inherent to Active Directory which allows an enterprise to carry out isolation of servers and domains. In this course you will experience the advanced configuration of a Windows Firewall that supports advanced security features such as IPsec. In the course you will configure, implement and deploy Network Access Protection utilising various enforcement mechanisms across a forest. You will learn about the Active Directory Rights Management Services (RMS) and the implementation of a Read Only Domain Controller which can be deployed at sites where maintaining physical security is impossible.The course will cover configuring, implementing and deploying security compliance templates that establishes a “hardened” baseline for any machine joining the domain or forest. You will also see how software created certificates which are configured to not allow the export of the private key are “jailbroken” and compromised, then you will be exposed to a countermeasure for the attack using hardware based certificate with the Trusted Platform Module (TPM) chip that protects the private key from exploitation. You will then be introduced to the concept of leveraging the TPM hardware security chip to establish automatic and transparent authentication of authorized network devices, users and self-encrypting hard drives to ensure unbreakable protection of data “in the wild.”
Kevin Cardwell spent 22 years in the U.S. Navy, during this time he tested and evaluated Surveillance and Weapon system software, some of this work was on projects like the Multi-Sensor Torpedo Alertment Processor (MSTRAP), Tactical Decision Support System (TDSS), Computer Aided Dead Reckoning Tracer (CADRT), Advanced Radar Periscope Discrimination and Detection (ARPDD), and the Remote Mine Hunting System (RMHS). He has worked as both software and systems engineer on a variety of Department of Defense projects and early on was chosen as a member of the project to bring Internet access to ships at sea. Following this highly successful project he was selected to head the team that built a Network Operations Center (NOC) that provided services to the commands ashore and ships at sea in the Norwegian Sea and Atlantic Ocean . He served as the Leading Chief of Information Security at the NOC for six years prior to retiring from the U.S. Navy. During this time he was the leader of a 5 person Red Team that had a 100% success rate at compromising systems and networks.
He currently works as a free-lance consultant and provides consulting services for companies throughout the world, and as an advisor to numerous government entities within the US and UK . He is an Instructor, Technical Editor and Author for Computer Forensics, and Hacking courses. He is technical editor of the Learning Tree Course Ethical Hacking and Countermeasures and Computer Forensics. He is author of the Controlling Network Access course. He has presented at the Blackhat USA Conferences. He is a contributing author to the Computer Hacking Forensics Investigator V3 Study Guide and The Best Damn Cybercrime and Digital Forensics Book Period. He is a Certified Ethical Hacker (CEH), Certified Security analyst (E|CSA), Qualified Penetration Tester (QPT), Certified in Handheld Forensics, Computer Hacking Forensic Investigator (CHFI) and Live Computer Forensics Expert (LCFE), and holds a BS in Computer Science from National University in California and a MS in Software Engineering from the Southern Methodist University (SMU) in Texas. His current research projects are in Computer Forensic evidence collection on “live” systems, Professional Security Testing and Advanced Rootkit technologies. He developed the Strategy and Training Development Plan for the first Government CERT in the country of Oman, he servers as a professional training consultant to the Oman Information Technology Authority, and is currently developing the team to man the first Commercial Security Operations Center in the country of Oman.
This course is intended for:
Firewall administrators, system architects, system administrators, windows admin or those responsible for or interested in:
Identifying security weaknesses in computer systems or networks
Exposing weaknesses for system’s owners to fix breaches before being targets of compromise
Applying hacking and pen testing constructively to defend against various possible attacks
Analysing best practices in developing secure system and network configurations
Establishing a secure baseline in deploying machines in a protected state
Appreciating popular attack methods applied by hackers in order to fortify their systems
From practically any organization that handles important data would find this course beneficial, examples are:
Government agencies
Universities
Hospitality
Retail
Banking and Financial institutions
Brokerage and Trading firms
Insurance
Scientific institutions & research agencies
Telecommunication
Computer design firms
Consulting firms
Science and Engineering firms
Those involved with online related businesses & transactions
Card related businesses
NOTE: This is definitely not a beginner’s course; participants will be expected to possess the knowledge of attempting attacks against a variety of platforms and architectures under the supervision of an expert. Ideally, the student will be CEH, ECSA or hold equivalent industry experience
Upon completion of this program, student should be able to understand:
Executing a set of techniques that are critical to the protection of your entire enterprise against some of today’s most advanced threats
Reviewing methods of system deployments in as secure a state as possible while supporting your daily business requirements
Applying necessary techniques required for malware identification throughout the enterprise even in the case of the malware not being detectable by any of your security controls
Staging Advanced Attacks to appreciate methods of correctly eliminating or mitigating risk to an acceptable level
Students must be familiar with IT Security best practices, and have a good understanding of programming logic and common web technologies as well as binary applications
Basic Windows administration for servers and workstations
Basic Linux/NIX system administration skill
Basic command line proficiency on both Windows and NIX systems
Module 01: Firewalls
Module 02: Advancing Filtering
Module 03: Firewall Configuration
Module 04: Hardening: Establishing a Secure Baseline
Module 05: Windows Server 2008 Security
Module 06: Windows Server 2008 Security part II
Module 07: Intrusion Detection and Prevention Why Intrusion Detection?
Module 08: Protecting Web Applications
Module 09: Memory Analysis
Module 10: Endpoint Protection
Module 11: Securing Wireless
Dates
July 12th – 14th, 2013
Pricing
Register and pay by June 15, 2013: $1,999
Register and pay After June 15, 2013: $2,999
Class Capacity
25
Course Includes:
Official Courseware.
Certificate of Attendance
Complimentary Pass to TAKEDOWNCON conference.
Lunch and coffee breaks throughout the duration of the training.
An In-Depth Analysis of Cryptography
Course Description
Hacking “Secure” Encryption and Countermeasures: This is an in depth examination of the field of cryptography. All modern security, at some level, depends on cryptography. Whether it is using SSL to secure bank transactions, encrypting e-commerce purchases, or encrypting a hard drive, encryption is key to security.
This course explores, in depth, the science of cryptography teaching students the history of cryptography, modern cryptographic methods, and how to use techniques like cryptanalysis to break cryptography. The course also covers closely related topics such as hashing and digital certificates.
This course is appropriate for security professionals who want to understand encryption on a deep level, and for those who may need to learn techniques to break encryption.
Chuck Easttom is the author of 13 computer science books including 2 computer security textbooks used at universities around the globe and translated into several languages. He also holds a host of IT certifications including MCP, MCSA, MCSE, MCAD, MCTS (Windows 7, Windows Server 2008, SQL Server 2008, and Visual Studio 2010), MCITP (Windows 7 and SQL Server 2008), MCDBA, MCT, A+, Network+, Linux+,iNet+, Server+, CEH, CHFI, ECSA, and CISSP. He currently has 7 provisional patents, all related to computer science and 4 related to computer security. One of those patents regards a new method of steganography, another regards a new approach to detecting spyware, and yet another involves the invention of a new, more stable file system.
Mr. Easttom is also the inventor of a method for quantifying network security that is being taught at several universities, and most recently has developed a new approach to creating ghost drives. He has taught various security related courses for several years and has over 10 years of teaching experience. He is also a frequent consultant on various computer related court cases including both criminal and patent cases. While Mr. Easttom has a broad range of security expertise, his passion has always been cryptography.
This course is intended for:
Network administrators, technical support personnel, and other technical personnel with an interest in cryptography. A basic knowledge of the essentials of cryptography is required.
Note: This is an advanced course. Every existing security certification (CISSP, CEH, CompTIA Security+) all simply asks the person to identify encryption. For example many tests ask a person what is the most common asymmetric encryption algorithm (it is RSA) but they don’t ask the person how RSA works. They ask the person how long a DES key is (it is 56 bits) or the whether it is a block cipher or stream cipher, but that is as deep as it goes. No current training or certification asks the attendee to go any deeper than that. What this course does is take the person to a much deeper understanding of encryption. And that is important for many practical reasons including:
Selecting the correct cryptography for a given situation
Being able to crack a given encryption as part of a penetration test
This course has several objectives. At the end of this course students should:
Understand the history of cryptography
Understand modern cryptographic methods, including the mathematics behind those methods.
Understand symmetric key encryption
Understand asymmetric key encryption
Understand just enough number theory to apply it to cryptography
Understand cryptanalysis and decrypting.
Students should have a basic familiarity with what encryption is.
They should know the difference between asymmetric and symmetric encryption, they should know what a digital certificate is, they should know what SSL is.
What we will teach them is how these things work, and how they can sometimes be compromised. It is also assumed the student has basic math skills such as algebra. We will be introducing some basic number theory but we do not assume the student has an extensive prior math background.
Module 1: History and Introduction
Module 2: Number Theory and Discrete Mathematics
Module 3: Symmetric Algorithms
Module 4: Asymmetric Algorithms
Module 5: Cryptanalysis
Module 6: Steganography
Module 7: Additional Topics
Dates
July 12th – 14th, 2013
Pricing
Register and pay by June 15, 2013: $1,999
Register and pay After June 15, 2013: $2,999
Class Capacity
25
Course Includes:
Official Courseware.
Certificate of Attendance
Complimentary Pass to TAKEDOWNCON conference.
Lunch and coffee breaks throughout the duration of the training.
[/tab]
Securing Windows Infrastructure
Course Description
The CAST 616: Securing Windows Infrastructure is designed with the single purpose of providing Info-Sec professionals with complete knowledge and practical skills necessary to secure their network infrastructure which is fast becoming if already not a top priority plus a major tech challenge for most security conscious organizations.
This 3 day training deep dives into the key aspects of solving infrastructure-related problems by appreciating the key elements of how Windows Internal Security mechanisms actually work and how it can be further optimized without jeopardizing or easing an organization’s IT Environment configuration settings which becomes common as time passes. Some of the highlights of this course are techniques used in Kernel Debugging, Malware hunting, deep diving into BitLocker and the automation of the whole hardening process.
Paula Januszkiewicz is an IT Security Auditor and Penetration Tester, Enterprise Security Most Valuable Professional, Microsoft Certified Trainer and Microsoft Security Trusted Advisor. She is a familiar face at international events and conferences such as TechEd North America, TechEd Middle East and TechEd Europe, RSA worldwide, CyberCrime and others worldwide. Her passion for Windows & IT Security allows her to spread her expertise via her trainings and consulting services focusing on areas such as Infrastructure Security & Design, Penetration Testing, IT Security Audits, Networking Security, Windows Internals and Forensics and through her writing regarding Windows Security. Her distinct specialization is definitely on Microsoft security solutions in which she holds multiple Microsoft certifications (MCITP, MCTS, MCSE, MCDBA etc.) besides being familiar and possessing certifications with other related technologies. She proudly holds the role of the Security Architect in iDESIGN and has conducted hundreds IT security audits and penetration tests. When she’s not driving her own company CQURE, she enjoys researching new related technologies, which she converts to authored trainings and describes them on her blog. She is also a co-author of the Microsoft Forefront Threat Management Gateway 2010 book and is currently working on her new book under the same subject.
Passionate IT Professionals, including:
This course has several objectives. During the course, students will:
Unit 1: Windows 7 & 8 Hardening
Unit 2: Windows Server 2008 R2 / Windows Server 8 Hardening
Unit 3: Hardening Microsoft Network Roles
Unit 4: Windows High Availability
Unit 5: Data and Application Security
Unit 6: Monitoring, Troubleshooting and Auditing Windows
Unit 7: Automating Windows hardening
Unit 8: Organizational Security
Dates
July 12th – 14th, 2013
Pricing
Register and pay by June 5th, 2013: $1999
Register and pay by After June 5th, 2013: $2,499
Class Capacity
25
Course Includes:
Official Courseware.
Certificate of Attendance
Complimentary Pass to TAKEDOWNCON conference.
Lunch and coffee breaks throughout the duration of the training.
CISSP®
Course Description
Globally recognized, CISSP is a leading certification for professionals developing policies and procedures in information security. The CISSP certification is an objective measure of excellence as well as a universally acknowledged standard of achievement.
CISSP® certification is a globally recognized standard of achievement that confirms an individual’s knowledge in the field of information security. CISSPs are information assurance professionals who define the architecture, design, management and/or controls that assure the security of business environments.
Learn how to build a successful security infrastructure by understanding the 10 domains of security which includes all areas of the Common Body of Knowledge. Students will learn security policy creation, secure software architecture and design, business continuity and disaster recovery planning, the fundamentals of forensics, network vulnerabilities, laws and regulations and much more.
TBD
This course is intended for:
security consultant
security manager
IT director/manager
security auditor
security architect
security analyst
security systems engineer
chief information security officer
director of security
network architect
The 10 Domains of Security
Ways to control access to data and information systems using access control best practices
How networks are designed for security & components, protocols & services that allow telecommunications to occur in a secure manner
Principles of security management and how to manage risk as part of comprehensive information security management program
Explore applications and systems development security controls
How to perform cryptography and secure system architecture
Examine operations security & appropriate controls & best practices to keep operations secure
Tools to perform business continuity planning & physical security to protect organizational assets and resources
Explore law, investigations & ethics with respect to information systems security and computer forensics and more Demonstrates a working knowledge of information security
Confirms commitment to profession
Offers a career differentiator, with enhanced credibility and marketability
Affords you exclusive benefits as an (ISC)² member, including valuable resources such as peer networking and idea exchange
Indicates that certified information security professionals earn a worldwide average of 25% more than their non-certified counterparts, according to the Global Information Security Workforce Study
Fulfills government and organization requirements for information security certification mandates
Candidates must have a minimum of five (5) years of direct full-time professional security work experience in two or more of the ten domains of the (ISC)² CISSP CBK®. Candidates may receive a one year experience waiver with a four-year college degree or additional credential from the (ISC)² approved list, thus requiring four (4) years of direct full-time professional security work experience in two or more of the ten domains of the CISSP CBK.
Don’t have the experience? Become an Associate of (ISC)² by successfully passing the CISSP exam. You’ll have six years to earn your experience to become a CISSP. https://www.isc2.org/cissp-how-to-certify.aspx
• Access Control
• Telecommunications and Network Security
• Information Security Governance and Risk Management
• Software Development Security
• Cryptography
• Security Architecture and Design
• Operations Security
• Business Continuity and Disaster Recovery Planning
• Legal, Regulations, Investigations and Compliance
• Physical (Environmental) Security
Dates:
July 11th – 14th, 2013 NO EXAM PROCTORING; Student must purchase test and arrange testing through ISC2/Pearson Vue.
Pricing
Register and pay by June 15, 2013: $2,499
Register and pay After June 15, 2013: $2,999
Class Capacity
15
Course Includes:
CISSP Courseware
Certificate of Attendance
Complimentary Pass to TAKEDOWNCON conference.
Lunch and coffee breaks throughout the duration of the training.
Snort Fundamentals
Course Description
Snort Fundamentals is a concentrated three-day tour of the Snort intrusion detection and prevention system (IDS/IPS) with a focus towards hands-on exercises, providing students with the knowledge needed to install, configure and maintain a network of Snort sensors.
Students will perform in-depth network analysis, install Snort, extend Snort functionality with the use of Barnyard2 and Snorby, modify existing rules, write new rules, and analyze rule performance. A capstone exercise provides a real-world scenario in which students are expected to analyze network traffic in realtime as multiple attacks take place.
Aaron Soto became an instructor with AoE in September 2011. His work includes assisting with instruction of existing courses, developing new course materials, developing for mobile devices, and deploying IPv6.
Aaron’s career has spanned through the Department of Defense, starting with certification and accreditation activities at the White Sands Missile Range in New Mexico. He has worked to stay up-to-date with penetration testing and digital forensics techniques. His background in education spans one-on-one tutoring, small group instruction, and classroom-based teaching.
Aaron earned his Bachelor of Science degree in Information Technology with an emphasis in Security and Assurance from the New Mexico Institute of Mining and Technology in May 2006. He has completed A+ and CCNA certifications.
This course is intended for:
Network Administrators
Network Analysts
System Administrators
Security Analyst
Network Architect
Penetration Testers
Security Practitioners
Incident Responders
Dates:
July 12 – July 14, 2013
Pricing
$2,700.00
Class Capacity
12
Course Includes:
Snort Fundamentals Courseware
Student Guide
Lab Book
Certificate of Attendance
Complimentary Pass to TAKEDOWNCON conference.
Lunch and coffee breaks throughout the duration of the training.
Malware Analysis
Course Description
Malware is one of the greatest threats facing computer security today, but not all malware is created equal. Time spent analyzing malware means time away from conducting other mission-relevant jobs. What sets this course apart from others is that it teaches a unique method of capability analysis via pattern recognition, allowing students to rapidly determine if the malware is a threat to operations.
This course is intended for:
Exploit Developers
Government Agents
Information Security Professionals
IT Administrators
IT Architects
Network Architect
Penetration Testers
Risk Assessment Professionals
Security Analyst
Security Architect
Security Consultant
Security Practitioners
Security Systems Engineer
Dates:
July 12 – July 14, 2013
Pricing
$2,493.00
Class Capacity
12
Course Includes:
Malware Analysis Courseware
Student Guide
Lab Book
Certificate of Attendance
Complimentary Pass to TAKEDOWNCON conference.
Lunch and coffee breaks throughout the duration of the training.