Internal Network and System Security

November 3/4, 2021, Bern (in German)

Learning objectives

The participants know the most prevalent security issues in typical company networks. They learn about the most important IT security principles, attacker tools and methodologies and are able to gain hands-on experience and train their skills in realistic attack scenarios. The participants understand how attackers proceed, what tricks they use and which vulnerabilities are commonly exploited.  They are able to check their company independently for weak spots and can introduce and apply the corresponding countermeasures. In this course, network and system administrators learn how to protect and defend their infrastructure against realistic attacks according to current standards and best practices.

Highlights

  • Information Gathering (Google, Website, whois, Subdomain Enumeration, Certifcate Transparency, DNS)
  • Network Discovery with nmap (host and service discovery)
  • Network sniffing (tcpdump, Wireshark)
  • Vulnerability scanning (Nessus)
  • Exploitation (shells, metasploit, ExploitDB)
  • Privilege escalation in Windows and Linux (PowerSploit, LinEnum, Mimikatz)
  • Lateral movement (Pass the Hash, Responder, NTLM Relay)
  • Active Directory security (BloodHound, PingCastle)
  • Command and Control Frameworks

Demarcation: This course primarily treats attacks on the network and system levels. The attacks on web applications are covered in the Web Application Security courses. Analysis and monitoring of logs will be treated in the courses on forensics and APT analysis.

The exercises will be done on www.hacking-lab.com as well as in a local lab environment. Following the course, the Hacking-Lab environment is available to the participants for 30 days more.

Target group

  • Security Officers
  • Network Administrators/Engineers
  • System Administrators (Unix/Linux/Windows)
  • Firewall Administrators/Engineers
  • Active Directory Engineers

Prerequisite

  • Familiarity with command lines (Windows PowerShell, Linux Bash)
  • Basic knowledge of network protocols (TCP/IP)

Important Note 

The course is conducted in the German language.

Course Fees

CHF 2'300.00 plus MwSt.
CHF 1'950.00 plus MwSt. for members of ISSS

Location and  Course Hours

Kongresszentrum Allresto Bern
Effingerstrasse 20
3008 Bern

Our courses last form 9.15 to 17.15 with lunch from 12.15 to 13.30 and additional breaks.

Course Administration

Please contact +41 44 455 64 14 or team.csch@compass-security.com