Advanced Persistent Threats: Targeted Attacks & Defenses
Virtual ClassroomLearning Style
4 DaysCourse Duration
About Individual Course:
To prevent a cyber attack from accessing sensitive data, organizations need to develop effective mitigation plans and countermeasures. In this training course, you gain the skills to identify comprehensive attacks, leverage defense methodologies, mitigate the risk of targeted attacks and cyber espionage, and assess inherent vulnerabilities that expose your organization to advanced persistent threats.
- Proactively identify organizational weaknesses in order to mitigate the risk of Advanced Persistent Threats (APTs) and targeted attacks
- Assess and defend against the risk of cyber espionage
- Identify attack vectors and methods used by sophisticated attackers
- Expose and prevent the unauthorized exfiltration of critical organizational data.
- Working knowledge of vulnerabilities and exploits, and social engineering
- Experience at the level of:
- Course 537, Penetration Testing: Tools & Techniques
- Course 2010, Defending the Perimeter from Cyber Attacks
- Course 2011, Endpoint Security & Network Access Control
- Course 2012, Targeted Human Threats: Social Engineering Deceptions, Exploits & Defenses
- Course 2055, Digital Forensics Tools & Techniques
Virtual Instructed-Led Outline
- Defining the Advanced Persistent Threat (APT)
- Reviewing the history of targeted attacks
- Identifying the threat actors
- Investigating case studies
- Assessing the components of an APT attack
Performing Initial Reconnaissance
Conducting passive recon
- Leveraging Google Hacking and Maltego
- Harvesting useful information
Executing technical probes
- Mapping the DMZ infrastructure and application architecture
- Assesing vulnerabilities in the security posture
Deploying defenses against information leaks
- Implementing shunning and dropping routes
- Protecting unclassified information through good OPSEC practices
Exploring the "Initial Compromise"
Executing technical vulnerabilities
- Performing advanced SQL injection and cross-site scripting
- Hijacking sessions and privileged processes
Exploiting human weaknesses
- Devising USB/portable media attacks
- Creating and delivering effective payloads
Defending against exfiltration and remote attacks
- Deploying data loss prevention agents
- Mitigating web application attacks
Developing Internal Systems Intelligence
Evaluating private subnets
- Utilizing the Metasploit auxiliary modules
- Exposing internal attack vectors
Enumerating critical assets
- Identifying addresses, services and device types
- Investigating SCADA weaknesses
Detecting rogue activity
- Locating promiscuous nodes
- Analyzing suspicious traffic
Pivoting to New Targets
Routing attack sessions
- Identifying prerequisites for pivoting
- Comparing and contrasting lateral attack techniques
Rooting new victims
- Selecting an attack vector
- Establishing covert communications
Proactively identifying vulnerabilities
- Conducting a scan for vulnerabilities
- Evaluating traffic and protocol anomalies
- Bypassing User Account Control (UAC)
- Rooting with process migration
- Performing "timestomping"
- Covering your tracks with log tampering and slack wiping
Mitigating exploitation and abuse
- Defending against process migration and escalation
- Monitoring and verifying file system integrity
Exfiltrating Confidential Information
Searching for valuable data
- Finding high-value information
- Locating linked resources
Discovering various exfiltration methods
- Preparing data to be stolen
- Selecting a tunneling method
Implementing exfiltration defenses
- Deploying and testing data loss prevention
- Performing log and traffic analysis
Creating a Defensive Plan
- Establishing a secure baseline
- Whitelisting applications
- Implementing continuous diagnostics and remediation
- Employing digital forensics to discover threats
- Deploying internal honeypots
- Enumerating a security checklist
|Learning Style||Virtual Classroom|
|Course Duration||4 Days|
Frequently Asked Questions About Virtual Instructor-Led Courses
I can't connect to my class, what are my options?
The link to the class is available upon logging in to your dashboard. If you are unable to see it, please contact our support team at 1-855-800-8240 and they will be happy to provide you the direct link via email or the dial in number.
I can't make it to attend to class. Can I reschedule?
Yes, you can reschedule your class. Please contact your Sales representative and they will arrange this for you. If you forgot his/her name, feel free to contact our support team at firstname.lastname@example.org or 1-855-800-8240.
Will I get my certificate upon completion?
Yes. Upon completion of the course, it will be available on your course as a Trophy Icon for you to download. If you do not see this, you will need to contact email@example.com with the following details so they can email you the certificate: Class Name, Class Date, Account Rep, and Your Email.
I cannot connect to my lab. Help!
Your Lab is accessible on the bottom part of your course. You will see a button that says "LAB". Just click it to launch the lab. Please note that some classes don’t need/require a LAB. You can verify with our support team by calling them at 1-855-800-8240 or by email at firstname.lastname@example.org. You can also check with your Instructor or the Associate Instructor if your class includes one.
What is my access code for Skillpipe?
A. Not all of the classes have or require Skillpipe. If your class includes one, please check your email as you should have received one from email@example.com. In case you do not find it in your inbox, please check the Spam / Junk folder. For any further assistance, you can call the support at 1-855-800-8240 or contact them via email at firstname.lastname@example.org.
I don't have audio. I can't hear the instructor.
Make sure you are using a compatible headset for your laptop or computer. If you don’t have a headset, you can use the built-in speaker of your laptop. Otherwise, you can use the dial in option by calling the dial in number provided in the class joining email. You may also contact support team for the dial in numbers associated for your training at 1-855-800-8240 or contact them via email at email@example.com.
How can I reach student support?
Support can be reach via phone at 1855-800-8240; via email at firstname.lastname@example.org or via chat support through the chat button on our website. Please note that support office hours will be from 8am-5pm CST Monday to Friday. Any concerns after office hours will be attended the following business day.
Have Questions? Ask Us.
Turn Training Into A Personalized Learning Experience
- Problem Solving through ExpertConnect & Peer-To-Peer Learning
- Find The Quickest Path To Learn With Career Paths
- Access All Courses With Master Subscription
- Manage Your Team With Learning Analytics
- Virtual Classroom Training & Self-Paced Learning
- Integrate With Your LMS Through API's