Grootste online IT opleider

Beste klantenservice

Veel e-learning in prijs verlaagd

Na betaling, direct starten

Ontwikkel je van Penetration Tester tot SecOps Engineer

€ 825,00
€ 998,25 Incl. BTW

Bestellen namens een bedrijf?

Duur: 30 uur |

Taal: Engels (US) |

Online toegang: 365 dagen |

Gegevens

Ben jij zowel geïnteresseerd in IT security als IT operations? Wil jij bijdragen aan betere beveiling én betere operationele prestraties van een organisatie? Dan is een baan als SecOps Engineer misschien voor jou weggelegd! Het primaire doel van SecOps is om proces inefficiënties van traditionele enterprise security en operations teams te verminderen door ze verantwoordelijkheid, processen, tools en informatie te laten delen, wat leidt tot verbeterde beveiliging en operationele prestaties. In dit ontwikkelpad verken jij de verschillende rollen om jezelf te ontwikkelen van Penetration Tester naar SecOps Engineer.

Wanneer je kiest voor dit ontwikkelpad, krijg jij:

  • toegang tot de trainingen en LiveLabs rond de rollen van Penetration Tester, Incident Response Leader, Ethical Hacker en SecOps Engineer. Daarnaast krijg je toegang tot nog veel meer trainingen, proefexamens, bootcamps, e-books enzovoort.
  • begeleiding van ons Learning & Development team, samen met jou stellen we doelen, maken we een planning en monitoren we je voortgang.

Dit ontwikkelpad is ideaal om jouw STAP budget voor in te zetten!

Penetration Tester

In het eerste onderdeel ligt de focus op de basisprincipes van penetratietesten, beveiligingsmaatregelen, gedrag van eindgebruikers, fysieke en Wi-Fi-pen-testen, en geavanceerde pen-testtechnieken.

Incident Response Leader

Vervolgens leer je meer over respons bij incidenten, preventieve probleemoplossing, beveiliging van netwerkapparatuur, monitoring van systeemconfiguratie, patchbeheer en conformiteit met regelgeving.

Ethical Hacker

In dit onderdeel ga je aan de slag met Ethical Hacking.

SecOps Engineer

Tot slot ga je aan de slag met SecOps Engineering. Je komt meer te weten over veilig coderen, cloud en IoT beveiliging en bedreigingsbeperking.

Resultaat

Na het doorlopen van dit ontwikkelpad heb jij jezelf ontwikkeld tot SecOps Engineer.

Voorkennis

Je hebt basiskennis van penetratie testing en ethical hacking.

Doelgroep

Securityspecialist, Tester

Inhoud

Ontwikkel je van Penetration Tester tot SecOps Engineer

30 uur

Penetration Testing Fundamentals

  • Delve into the world of penetration testing and examine the

  • common types of penetration testing and the important role they
  • play in protecting your company's assets and networks from exploits
  • and attacks. Explore methods for gathering information,
  • vulnerability scanning, common exploits and vulnerabilities, and
  • methods and techniques for preventing these exploits.

Pen Testing Awareness: Results Management

Pen Testing Awareness: Results Management

Security Measures: Implementing Security Controls

Explore the use of security controls with the NIST Cybersecurity Framework. Examine the anatomy of security controls, from common to the advanced and complex. Discover how to test and monitor security controls, including some of the most basic quick win controls for several control types. In addition, control policies within the NIST Cybersecurity Framework, how security controls contribute to the ISO 27002 standard in compliance, risk management scenarios, and how security controls are enforced and implemented are also covered.

Pen Testing: End-user Behavior

Explore the limitations of penetration testing, as well as how end-user behavior affects this process. Discover how human error can cause data breaches and the importance of end-user awareness. Examine tools used to perform user behavior analytics, social engineering attacks and countermeasures, and how to create penetration testing reports.

Physical Penetration Testing

Discover the importance of physical penetration testing and the steps for performing a physical penetration test. Examine lock picking techniques and the benefits of dumpster diving. Finally, explore how to protect sensitive data, penetration testing tools and techniques, and the different types of penetration tests.

Wi-Fi Penetration Testing

Discover how to recognize the vulnerabilities in wireless networks. Examine the tests used to determine if specific vulnerabilities can be exploited in a wireless network and how test results can be used to enhance your company's security policy.

Pen Testing: Advanced Pen Testing Techniques

  • Explore advanced penetration testing tools and techniques used

  • to find vulnerabilities, sniff network traffic, deal with
  • cryptography, and crack passwords. Discover the benefits of using
  • the Python programming language to build scripts and deliver tools,
  • and examine common techniques used to find weaknesses in both Linux
  • and Windows-based systems.

Final Exam: Penetration Tester

Final Exam: Penetration Tester will test your knowledge and application of the topics presented throughout the Penetration Tester track of the Skillsoft Aspire Penetration Tester to SecOps Engineer Journey.

Policy & Governance: Incident Response

  • Discover the importance of an incident response plan, including

  • how to draft the plan and engage in incident response. Explore
  • different scenarios and what roles are needed to manage an incident
  • response team. Examine the notion of the Computer Security Incident
  • Response Team and how the team effectively responds to incidents.
  • How incident response policies can provide IT governance and
  • compliance in today's cyber world and best practices for staying
  • compliant with ISO and other compliance standards is also
  • covered.

Planning Measures: Incident Response Planning

  • Explore the process of recovering from security related

  • incidents such as malware, data leakage, or stolen equipment.
  • Examine how to develop plans, policies, and procedures and how to
  • form a team with well defined roles to execute these plans.
  • Finally, examine how all these components are coordinated in
  • practice when an incident event occurs.

Preemptive Troubleshooting: Concepts & Strategies

  • Explore preemptive troubleshooting concepts and strategies and

  • how they apply to cybersecurity. Discover tools to help assist in
  • troubleshooting, such as indicators and threat hunting. Dive into
  • scenarios a SOC would typically engage in when troubleshooting
  • network issues and system compromise. Examine best practices,
  • including spotting weak passwords or hardware and software
  • vulnerabilities, and security policies and procedures to keep
  • systems secure.

Security Best Practices: Network Appliance Security

Explore security best practices, top security risks, the importance of securing network appliances, and how to secure them. Examine risks and best practices for transitioning to the cloud, traditional infrastructure deficiencies, and how to deal with de-perimeterization problems. Various security architecture models, including the Zero Trust Architecture, are also covered.

Monitoring & Securing System Configuration

In this course, you'll learn how to drive system configuration monitoring using continuous monitoring tools to keep systems secure. You'll explore the concept and importance of monitoring system configuration within an organization for incident response. Next, you'll examine tools and strategies you can use to identify common issues, such as identifying weak passwords or common devices that use default credentials. You'll explore processes for operating and maintaining monitoring systems, including the use of security controls and assessments to ensure the incident response team remains compliant. Finally, you'll discover how to identify and interpret report findings from monitoring result, how to work with a monitoring program for system configuration, and how to recognize monitoring program challenges and possible solutions for incident response.

Security Strategy: Patch Management Strategies

Discover how patch management strategies are an important part of an overall security strategy, beginning with basic patch management concepts and how to prioritize what to patch and when. Examine best practices, what to do when vendor-specific issues occur, and how to get issues patched before they become a threat. Explore various tools and techniques used to patch and harden systems and the process of implementing patches, including automating the process to make things easier for the day-to-day SecOps professional. Look at how to analyze and assess patches before implementation to prevent any unknowns or issues. Finally, how patch management fits into the Agile software development process and how to implement patches in a serverless architecture are also covered.

Regulation Conformance for Incidence Response

Cybersecurity is a growing concern for organizations, especially in government and in private sectors. Policies and regulations that need to be conformed to and practiced in the industry are also important considerations for incident response leaders. Explore regulation conformance for incident response, including how to build and apply a conformance plan in the workplace. Examine industry standards, how to apply techniques in regulation conformance, and how to handle incidents that require specific regulation conformance. Discover how to document incidents following the appropriate standards and how to provide a conformance plan that follows regulations and standards for the organization.

Incident Response Leader

Incident Response Leader Perform tasks commonly completed by Incident Response Leaders tasks such as implementing data governance, deploying software and hardware patches, and implementing monitoring, controls and backups. Then, test your skills by answering assessment questions after responding to an active threat and performing a root cause analysis on an active threat on both a Windows system and a cloud based system. This lab is part of the Incident Response Leader track of the Skillsoft Aspire Penetration Tester to SecOps Engineer journey.

Final Exam: Incident Response Leader

Final Exam: Incident Response Leader will test your knowledge and application of the topics presented throughout the Incident Response Leader track of the Skillsoft Aspire Penetration Tester to SecOps Engineer Journey.

Ethical Hacker: Risk Assessment

  • Ultimately, ethical hacking is about testing the risk level an

  • organization has. In order to perform effective, professional
  • ethical hacking, a knowledge of risk is essential. Explore risk
  • assessment concepts, including risk calculations, responses, and
  • models. Discover how to use the Common Vulnerability Scoring System
  • and how to apply risk management concepts and evaluate risk in
  • accordance with common standards.

Ethical Hacker: Incident Response

  • Ethical hacking is a means to avoid incidents and to discover

  • them before they are realized. Often, ethical hacking is part of
  • the response to an incident, so an understanding of incident
  • handling is important for the ethical hacker. Explore the
  • foundational concepts of incident response, including incident
  • classification, recovery and remediation, and after action
  • review.

Ethical Hacker: Security Standards

Ethical hacking is not just random hacking attempts. It is a systematic testing of the target's security. For that reason, an understanding of security standards and formal testing methodologies is critical. Examine key security standards including penetration testing standards.

Ethical Hacker: Secure Technology & Applications

  • Security devices and software are the technical aspect of

  • security. An ethical hacker must be familiar with security
  • technology in order to effectively conduct tests of the target
  • organization's network. Explore security device and software
  • concepts, firewall types and usage, SIEM systems, IDS/IPS,
  • antivirus strategies, Windows Firewall, and how to implement
  • Snort.

Ethical Hacker: Account Creation

Account management and access control are fundamental to security, and it's vital to understand these technologies as an ethical hacker. Explore account creation concepts, standard access control models, attribute-based access control, and how to design account and access control.

Ethical Hacker: Scanning

One of the early stages in ethical hacking is reconnaissance of the target. Explore various scanning tools and techniques used in ethical hacking, including NMAP, OWASP ZAP, Vega, Shodan, and specialized Google searches.

Ethical Hacker: Hacking Techniques

Ultimately, ethical hacking is about hacking, so the ethical hacker must have some hands-on hacking skills. Explore fundamental hacking techniques, including SQL injection, cross-site scripting, malware, using viruses, DoS attacks, steganography, using Metasploit, and Windows hacking.

Ethical Hacker

  • Perform tasks commonly completed by Ethical Hackers such as disaster recovery configuration and testing, digital forensics, and data exfiltration. Then, test your skills by answering assessment questions after scanning websites and conducting SQL injections, as well as employing common hacking techniques to gain access to Windows and Linux machines.
  • This lab provides access to tools typically used by Ethical Hackers, including:
  • - ownCloud
  • - Wireshark
  • - Autopsy
  • - Vega
  • - Nikto
  • This lab is part of the Ethical Hacker track of the Skillsoft Aspire Penetration Tester to SecOps Engineer Journey.

Final Exam: Ethical Hacker

Final Exam: Ethical Hacker will test your knowledge and application of the topics presented throughout the Ethical Hacker track of the Skillsoft Aspire Penetration Tester to SecOps Engineer Journey.

SecOps Engineer: System Infrastructure Security

  • Explore SecOps engineering concepts, including why you should

  • harden your infrastructure and operating systems to mitigate
  • threats. Discover how to analyze Windows 10 issues, use security
  • devices, and implement intrusion detection and prevention systems.
  • In addition, Windows Server hardening, proper firewall placement,
  • and using and deploying honeypots effectively is covered.

SecOps Engineer: Secure Coding

  • Discover how to protect your software by applying secure coding

  • practices. Explore key concepts, including filtering, validation,
  • and the CERT Top 10 Secure Coding Practices. Examine methods for
  • securing software deployment and continuous delivery, as well as
  • secure software metrics and secure coding with C#, Python, and
  • Java.

SecOps Engineer: Security Engineering

Explore cybersecurity engineering concepts, including security modeling techniques and the Security Modeling Language. Discover how to analyze and use security metrics, analyze failures, integrate systems engineering into cybersecurity operations, and apply security requirements engineering techniques.

SecOps Engineer: Cloud & IoT security

Explore cloud and IoT security concepts, including common threats. Examine cloud architecture, types, and uses, as well as how to apply cloud security methods and techniques. Discover how to implement IoT security for a wide range of IoT devices.

SecOps Engineer: Threat Mitigation

Discover how to recognize and analyze common threats, such as malware, denial of service, social engineering, phishing, and insecure protocols. Examine how to integrate your analysis into mitigating these types threats and how to effectively use cyberthreat intelligence resources.

SecOps Engineer

  • Perform tasks commonly completed by SecOps Engineers such as configuring intrusion detection and prevention, Windows and network hardening, and creating and monitoring a honeypot. Then, test your skills by answering assessment questions after configuring items to protect against ransomware and denial of service attacks, configure auditing to detect insider threats, and impllement controls to protect insecure and legacy systems.
  • This lab provides access to tools typically used by SecOps Engineers, including:
  • - OPN SEnse
  • - SPLUNK SIEM platform
  • - ownCloud
  • - FastNetMon DdoS Mitigation
  • - Wazuh
  • This lab is part of the SecOps Engineer track of the Skillsoft Aspire Penetration Tester to SecOps Engineer Journey.

Final Exam: SecOps Engineer

Final Exam: SecOps Engineer will test your knowledge and application of the topics presented throughout the SecOps Engineer track of the Skillsoft Aspire Penetration Tester to SecOps Engineer Journey.

Opties bij cursus

Wij bieden, naast de training, in sommige gevallen ook diverse extra leermiddelen aan. Wanneer u zich gaat voorbereiden op een officieel examen dan raden wij aan om ook de extra leermiddelen te gebruiken die beschikbaar zijn bij deze training. Het kan voorkomen dat bij sommige cursussen alleen een examentraining en/of LiveLab beschikbaar is.

Examentraining (proefexamens)

In aanvulling op deze training kunt u een speciale examentraining aanschaffen. De examentraining bevat verschillende proefexamens die het echte examen dicht benaderen. Zowel qua vorm als qua inhoud. Dit is de ultieme manier om te testen of u klaar bent voor het examen. 

LiveLab

Als extra mogelijkheid bij deze training kunt u een LiveLab toevoegen. U voert de opdrachten uit op de echte hardware en/of software die van toepassing zijn op uw Lab. De LiveLabs worden volledig door ons gehost in de cloud. U heeft zelf dus alleen een browser nodig om gebruik te maken van de LiveLabs. In de LiveLab omgeving vindt u de opdrachten waarmee u direct kunt starten. De labomgevingen bestaan uit complete netwerken met bijvoorbeeld clients, servers, routers etc. Dit is de ultieme manier om uitgebreide praktijkervaring op te doen.

Waarom Icttrainingen.nl?

Via ons opleidingsconcept bespaar je tot 80% op trainingen

Start met leren wanneer je wilt. Je bepaalt zelf het gewenste tempo

Spar met medecursisten en profileer je als autoriteit in je vakgebied.

Ontvang na succesvolle afronding van je cursus het certificaat van deelname van Icttrainingen.nl

Krijg inzicht in uitgebreide voortgangsinformatie van jezelf of je medewerkers

Kennis opdoen met interactieve e-learning en uitgebreide praktijkopdrachten door gecertificeerde docenten

Bestelproces

Zodra wij uw order en betaling hebben verwerkt, zetten wij uw trainingen klaar en kunt u aan de slag. Heeft u toch nog vragen over ons orderproces kunt u onderstaande button raadplegen.

lees meer over het orderproces

hoe werkt aanvragen met STAP

Wat is inbegrepen?

Certificaat van deelname ja
Voortgangsbewaking ja
Award Winning E-learning ja
Geschikt voor mobiel ja
Kennis delen Onbeperkte toegang tot onze community met IT professionals
Studieadvies Onze consultants zijn beschikbaar om je te voorzien van studieadvies
Studiemateriaal Gecertificeerde docenten met uitgebreide kennis over de onderwerpen
Service Service via chat, telefoon, e-mail (razendsnel)

Platform

Na bestelling van je training krijg je toegang tot ons innovatieve leerplatform. Hier vind je al je gekochte (of gevolgde) trainingen, kan je eventueel cursisten aanmaken en krijg je toegang tot uitgebreide voortgangsinformatie.

Life Long Learning

Meerdere cursussen volgen? Misschien is ons Life Long Learning concept wel wat voor u

lees meer

Neem contact op

Studieadvies nodig? Neem contact op!


Contact