Internal Network and System Security

June 3 - 5, 2024, Zurich (in German)

Learning objectives

The participants know the most prevalent security issues in typical company networks. They learn about the most important IT security principles, attacker tools and methodologies and are able to gain hands-on experience and train their skills in realistic attack scenarios. The participants understand how attackers proceed, what tricks they use and which vulnerabilities are commonly exploited.  They are able to check their company independently for weak spots and can introduce and apply the corresponding countermeasures. In this course, network and system administrators learn how to protect and defend their infrastructure against realistic attacks according to current standards and best practices.


  • Information Gathering (OSINT, Attack Surface Discovery)
  • Network Discovery (Host- and Service Discovery, nmap)
  • Vulnerability Management (Scanning, CWE, CVSS, Zero-Days)
  • Exploitation and Remote Code Execution (Shells, Metasploit, Exploit-DB)
  • Local Privilege Escalation on Windows and Linux
  • Active Directory Security (Theory, PingCastle)
  • Active Directory Privilege Escalation and Lateral Movement (BloodHound)
  • Windows Credentials (Theory, Dumping, Cracking)
  • Windows Access Tokens (Theory, Abuse)
  • NTLM Authentication (Pass the Hash, Responder, NTLM Relay)
  • Kerberos (Theory, Kerberoasting, Delegation)
  • Active Directory Certificate Services (Theory, Attacks)
  • MS SQL Server (Theory, Attacks)
  • Command and Control Frameworks

Demarcation: This course primarily treats attacks on the network and system levels. Attacks on web applications are covered in the Web Application Security courses. Analysis and monitoring of logs will be treated in the courses on forensics and APT analysis.

The exercises will be done on the online learning platform Hacking-Lab as well as in a lab environment on Azure. Following the course, the Hacking-Lab environment is available to the participants for 30 days more.

Target group

  • Security Officers
  • Network Administrators/Engineers
  • System Administrators (Unix/Linux/Windows)
  • Firewall Administrators/Engineers
  • Active Directory Engineers


  • Familiarity with command lines (Windows CMD/PowerShell, Linux Bash)
  • Basic knowledge of network protocols (TCP/IP)
  • Basic knowledge of Windows Networks/Domains

Important Note 

The course is conducted in the German language.

Course Fees

CHF 3'450.00
CHF 2'925.00 for members of ISSS

Location and  Course Hours

Compass Security Schweiz AG
Josefstrasse 53
8005 Zürich

Our courses last form 9.15 to 17.15 with lunch from 12.15 to 13.30 and additional breaks.

Course Administration

Please contact +41 58 510 36 00 or team.csch(at)


Early registration is recommended. We usually decide 2-3 weeks before the start on whether we could hold the course or not. 

Terms and Conditions, Compass Trainings (German)

Personal Details