Loading...

Course Description

Short Course | 30 hours | 3 CEUs $4,695

PowerShell is a program well-known for its automation capabilities. Automation is a critical skill security professionals use for continuous monitoring, detection and security analysis. In this course, learn to use PowerShell, and PowerShell tools, to automate and improve your security defense capabilities for analysts, threat hunters and incident response.

Course Outline

  • Getting Started with PowerShell
  • PowerShell Scripting Fundamentals
  • PowerShell Remote Management Technologies and PowerShell Remoting
    • Working Remotely with PowerShell
    • Enabling PowerShell remoting
    • PowerShell Endpoints
    • PowerShell Remoting Authentication and security Considerations
    • Executing Commands using PowerShell Remoting
  • Detection – Auditing and Monitoring
    • Configuring PowerShell Event Logging
    • Analyzing Event Logs
    • Getting Starting with Logging
  • System and API Access
    • Windows Registry
    • User Rights
    • Basics of Windows API
    • Exploring .NET Framework
    • Component Object Model (COM) Hijacking
  • Active Directory – Attacks and Mitigation
  • Hacking the Cloud – Exploiting Azure Active Directory/Entra ID
  • Red Team Tasks
    • Phases of an Attack
    • PowerShell Common Red Team Tools
    • Red Team Functions (Reconnaissance, Execution, Persistence, Defense Evasion, and more)
  • Blue Team Tasks
    • Protect, detect and respond
    • PowerShell Common Blue Team Tools
    • Red Team Functions (System Hardening, checking for installed or missing updates, inspecting the event log, isolating a compromised system, checking permissions, displaying or enabling a service, process, local account, or domain account and more)
  • PowerShell and Just Enough Administration (JEA)
    • Understanding JEA
    • JEAnalyzer
    • Logging within JEA sessions

Prerequisites

A basic understanding of PowerShell, cybersecurity fundamentals, and scripting is a must. For some parts a basic understanding of active directory, C++/C#, and assembly can be beneficial.

Duration

30 Hours | 5 Days or 10 Nights
Loading...
Enroll Now - Select a section to enroll in
Section Title
PowerShell Automation and Scripting for Cyber Defense
Type
Instructor-Led
Days
M, W
Time (Central Time)
5:30PM to 8:30PM
Dates
Oct 28, 2024 to Nov 20, 2024
Type
Instructor-Led
Days
M, T
Time (Central Time)
5:30PM to 8:30PM
Dates
Nov 25, 2024 to Nov 26, 2024
Schedule and Location
# of Course Hours
30.0
Delivery Option
Course Fee(s)
Rate non-credit $4,695.00
Potential Discount(s)
Required fields are indicated by .
*Academic Unit eligibility to be determined by college/university in which you are enrolled in a degree seeking program.