64 Certified Cyber Professional (CCP) courses delivered Live Online

Duration 2 Days 12 CPD hours This course is intended for The primary audience for this course is any IT, facilities or data centre professional who works in and around the data centre and who has the responsibility to achieve and improve the availability and manageability of the data centre. Overview After completion of the course the participant will be able to:? Choose an optimum site for mission-critical data centre based on current and future needs? Describe all components that are important for high availability in a data centre and how to effectively setup the data centre? Name and apply the various industry standards? Describe the various technologies for UPS, fire suppression, cooling, monitoring systems, cabling standards, etc, and to select and apply them effectively to cost-efficiently enhance the high-availability of the data centre.? Review the electrical distribution system to avoid costly downtime? Enhance cooling capabilities and efficiency in the data centre by using existing and new techniques and technologies for the increased cooling requirements of the future? Design a highly reliable and scalable network architecture and learn how to ensure installers apply proper testing techniques? Create effective maintenance contracts with equipment suppliers ensuring the best return on investment? Setup effective data centre monitoring ensuring the right people get the right message? Ensure proper security measures, both procedural and technical, are established to safeguard your company's valuable information in the data centre The course will address how to setup and improve key aspects such as power, cooling, security, cabling, safety, etc., to ensure a high available data centre. It will also address key operations and maintenance aspects. THE DATA CENTRE, IT?S IMPORTANCE AND CAUSES FOR DOWNTIME DATA CENTRE STANDARDS AND BEST PRACTICES DATA CENTRE LOCATION, BUILDING AND CONSTRUCTION * Selecting appropriate sites and buildings and how to avoid pitfalls Various components of an effective data centre and supporting facilities setup RAISED FLOOR/SUSPENDED CEILING * Uniform, concentrated and rolling load definitions Applicable standards Raised Floor guidelines Signal Reference Grid, grounding of racks Disability act and regulations Suspended ceiling usage and requirements LIGHT * Standards Light fixture types and placement Emergency lighting, Emergency Power Supply (EPS) POWER INFRASTRUCTURE * Power infrastructure layout from generation to rack level ATS and STS systems Redundancy levels and techniques Three-phase and single-phase usage Power distribution options within the computer room Power cabling versus bus bar trunking Bonding versus grounding Common Mode Noise and isolation transformers Distribution boards, form factors and IP-protection grades Power quality guidelines Real power versus apparent power How to size and calculate load in the data centre Generators Static and dynamic UPS systems, selection criteria, how they operate and energy efficiency option Battery types, correct selection and testing Thermo-graphics ELECTRO MAGNETIC FIELDS * Electrical fields and magnetic fields definitions and units of measurements Sources of EMF Effects of EMF on human health and equipment (H)EMP Standards EMF shielding solutions EQUIPMENT RACKS * Rack standards, properties and selection criteria Security considerations Power rail/strip options COOLING INFRASTRUCTURE * Temperature and humidity recommendations Cooling measurement units and conversion rates Sensible and latent heat definitions Differences between comfort and precision cooling Overview of different air conditioner technologies Raised floor versus non-raised floor cooling Placement of air conditioner units and limitations to be observed Supplemental cooling options Cold aisle/hot aisle containment WATER SUPPLY * Importance of water supply and application areas Backup water supply techniques DESIGNING A SCALABLE NETWORK INFRASTRUCTURE * The importance of a Structured Cabling System Planning considerations Copper and Fiber cable technology and standards ANSI/TIA-942 Cabling hierarchy and recommendations Testing and verification SAN storage cabling Network redundancy Building-to-building connectivity Network monitoring system requirements FIRE SUPPRESSION * Standards for fire suppression Detection systems Various total flooding fire suppression techniques and systems, their benefits and disadvantages Handheld extinguishers Signage and safety Regulatory requirements and best practices DATA CENTRE MONITORING * Data centre monitoring requirements EMS versus BMS Water leak detection systems Notification options and considerations OPERATIONAL SECURITY AND SAFETY PRACTICES * Data centre security layers Physical, infrastructure and organisational security Safety measures and essential signage LABELLING * Choosing a labelling scheme Recommended labelling practices Network labelling DOCUMENTATION * How to setup proper documentation Document management policies and procedures CLEANING * Cleaning practices for the data centre MTBF/MTTR * Standards and definitions Calculation models The ?real? value MAINTENANCE CONTRACTS/SLA/OLA EXAM: CERTIFIED DATA CENTRE PROFESSIONAL ADDITIONAL COURSE DETAILS: Nexus Humans Certified Data Centre Professional (CDCP) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Certified Data Centre Professional (CDCP) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for This course is designed for people who are seeking to launch a career in cybersecurity. Overview Assess the security posture of an enterprise environment and recommend and implement appropriate security solutions; Monitor and secure hybrid environments, including cloud, mobile, and IoT; Operate with an awareness of applicable laws and policies, including principles of governance, risk, and compliance; Identify, analyze, and respond to security events and incidents. CompTIA Security+ is a global certification that validates the baseline skills necessary to perform core security functions and is the first security certification a candidate should earn. CompTIA Security+ establishes the core knowledge required of any cybersecurity role and provides a springboard to intermediate-level cybersecurity jobs. LESSON 1: SUMMARIZE FUNDAMENTAL SECURITY CONCEPTS * Security Concepts * Security Controls LESSON 2: COMPARE THREAT TYPES * Threat Actors * Attack Surfaces * Social Engineering LESSON 3: EXPLAIN CRYPTOGRAPHIC SOLUTIONS * Cryptographic Algorithms * Public Key Infrastructure * Cryptographic Solutions LESSON 4: IMPLEMENT IDENTITY AND ACCESS MANAGEMENT * Authentication * Authorization * Identity Management LESSON 5: SECURE ENTERPRISE NETWORK ARCHITECTURE * Enterprise Network Architecture * Network Security Appliances * Secure Communications LESSON 6: SECURE CLOUD NETWORK ARCHITECTURE * Cloud Infrastructure * Embedded Systems and Zero Trust Architecture LESSON 7: EXPLAIN RESILIENCY AND SITE SECURITY CONCEPTS * Asset Management * Redundancy Strategies * Physical Security LESSON 8: EXPLAIN VULNERABILITY MANAGEMENT * Device and OS Vulnerabilities * Application and Cloud Vulnerabilities * Vulnerability Identification Methods * Vulnerability Analysis and Remediation LESSON 9: EVALUATE NETWORK SECURITY CAPABILITIES * Network Security Baselines * Network Security Capability Enhancement LESSON 10: ASSESS ENDPOINT SECURITY CAPABILITIES * Implement Endpoint Security * Mobile Device Hardening LESSON 11: ENHANCE APPLICATION SECURITY CAPABILITIES * Application Protocol Security Baselines * Cloud and Web Application Security Concepts LESSON 12: EXPLAIN INCIDENT RESPONSE AND MONITORING CONCEPTS * Incident Response * Digital Forensics * Data Sources * Alerting and Monitoring Tools LESSON 13: ANALYZE INDICATORS OF MALICIOUS ACTIVITY * Malware Attack Indicators * Physical and Network Attack Indicators * Application Attack Indicators LESSON 14: SUMMARIZE SECURITY GOVERNANCE CONCEPTS * Policies, Standards, and Procedures * Change Management * Automation and Orchestration LESSON 15: EXPLAIN RISK MANAGEMENT PROCESSES * Risk Management Processes and Concepts * Vendor Management Concepts * Audits and Assessments LESSON 16: SUMMARIZE DATA PROTECTION AND COMPLIANCE CONCEPTS * Data Classification and Compliance * Personnel Policies ADDITIONAL COURSE DETAILS: Nexus Humans CompTIA Security Plus Certification (Exam SY0-601) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the CompTIA Security Plus Certification (Exam SY0-601) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 3 Days 18 CPD hours This course is intended for This course is designed for software developers, testers, and architects who design and develop software in various programming languages and platforms, including desktop, web, cloud, and mobile, and who want to improve their ability to deliver software that is of high quality, particularly regarding security and privacy. This course is also designed for students who are seeking the CertNexus Cyber Secure Coder (CSC) Exam CSC-210 certification Overview In this course, you will employ best practices in software development to develop secure software.You will: Identify the need for security in your software projects. Eliminate vulnerabilities within software. Use a Security by Design approach to design a secure architecture for your software. Implement common protections to protect users and data. Apply various testing methods to find and correct security defects in your software. Maintain deployed software to ensure ongoing security... The stakes for software security are very high, and yet many development teams deal with software security only after the code has been developed and the software is being prepared for delivery. As with any aspect of software quality, to ensure successful implementation, security and privacy issues should be managed throughout the entire software development lifecycle. This course presents an approach for dealing with security and privacy throughout the entire software development lifecycle. You will learn about vulnerabilities that undermine security, and how to identify and remediate them in your own projects. You will learn general strategies for dealing with security defects and misconfiguration, how to design software to deal with the human element in security, and how to incorporate security into all phases of development. IDENTIFYING THE NEED FOR SECURITY IN YOUR SOFTWARE PROJECTS * Identify Security Requirements and Expectations * Identify Factors That Undermine Software Security * Find Vulnerabilities in Your Software * Gather Intelligence on Vulnerabilities and Exploits HANDLING VULNERABILITIES * Handle Vulnerabilities Due to Software Defects and Misconfiguration * Handle Vulnerabilities Due to Human Factors * Handle Vulnerabilities Due to Process Shortcomings DESIGNING FOR SECURITY * Apply General Principles for Secure Design * Design Software to Counter Specific Threats DEVELOPING SECURE CODE * Follow Best Practices for Secure Coding * Prevent Platform Vulnerabilities * Prevent Privacy Vulnerabilities IMPLEMENTING COMMON PROTECTIONS * Limit Access Using Login and User Roles * Protect Data in Transit and At Rest * Implement Error Handling and Logging * Protect Sensitive Data and Functions * Protect Database Access TESTING SOFTWARE SECURITY * Perform Security Testing * Analyze Code to find Security Problems * Use Automated Testing Tools to Find Security Problems MAINTAINING SECURITY IN DEPLOYED SOFTWARE * Monitor and Log Applications to Support Security * Maintain Security after Deployment

Duration 5 Days 30 CPD hours This course is intended for The C|CT is ideal for anyone looking to start their career in cybersecurity or add a strong foundational understanding of the cybersecurity concepts and techniques required to be effective on the job. The course is especially well suited to: Early-career IT professionals, IT managers, career changers, and career advancers Students and recent graduates Overview After completing this course, you will understand: Key concepts in cybersecurity, including information security and network security Information security threats, vulnerabilities, and attacks The different types of malware Identification, authentication, and authorization Network security controls Network security assessment techniques and tools (threat hunting, threat intelligence, vulnerability assessment, ethical hacking, penetration testing, configuration and asset management) Application security design and testing techniques Fundamentals of virtualization, cloud computing, and cloud security Wireless network fundamentals, wireless encryption, and related security measures Fundamentals of mobile, IoT, and OT devices and related security measures Cryptography and public-key infrastructure Data security controls, data backup and retention methods, and data loss prevention techniques Network troubleshooting, traffic and log monitoring, and analysis of suspicious traffic The incident handling and response process Computer forensics and digital evidence fundamentals, including the phases of a forensic investigation Concepts in business continuity and disaster recovery Risk management concepts, phases, and frameworks EC-Council?s C|CT certification immerses students in well-constructed knowledge transfer. Training is accompanied by critical thinking challenges and immersive lab experiences that allow candidates to apply their knowledge and move into the skill development phase in the class itself. Upon completing the program, C|CT-certified professionals will have a strong foundation in cybersecurity principles and techniques as well as hands-on exposure to the tasks required in real-world jobs. COURSE OUTLINE * Information Security Threats and Vulnerabilities * Information Security Attacks * Network Security Fundamentals * Identification, Authentication, and Authorization * Network Security Controls: Administrative Controls * Network Security Controls: Physical Controls * Network Security Controls: Technical Controls * Network Security Assessment Techniques and Tools * Application Security * Virtualization and Cloud Computing * Wireless Network Security * Mobile Device Security * Internet of Things (IoT) and Operational Technology (OT) Security * Cryptography * Data Security * Network Troubleshooting * Network Traffic Monitoring * Network Log Monitoring and Analysis * Incident Response * Computer Forensics * Business Continuity and Disaster Recovery * Risk Management

Duration 5 Days 30 CPD hours This course is intended for The Certified Ethical Hacking v12 course will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure. Overview Information security controls, laws, and standards. Various types of footprinting, footprinting tools, and countermeasures. Network scanning techniques and scanning countermeasures Enumeration techniques and enumeration countermeasures Vulnerability analysis to identify security loopholes in the target organization?s network, communication infrastructure, and end systems. System hacking methodology, steganography, steganalysis attacks, and covering tracks to discover system and network vulnerabilities. Different types of malware (Trojan, Virus, worms, etc.), system auditing for malware attacks, malware analysis, and countermeasures. Packet sniffing techniques to discover network vulnerabilities and countermeasures to defend against sniffing. Social engineering techniques and how to identify theft attacks to audit human-level vulnerabilities and social engineering countermeasures. DoS/DDoS attack techniques and tools to audit a target and DoS/DDoS countermeasures. Session hijacking techniques to discover network-level session management, authentication/authorization, and cryptographic weaknesses and countermeasures. Webserver attacks and a comprehensive attack methodology to audit vulnerabilities in webserver infrastructure, and countermeasures. Web application attacks, comprehensive web application hacking methodology to audit vulnerabilities in web applications, and countermeasures. SQL injection attack techniques, injection detection tools to detect SQL injection attempts, and countermeasures. Wireless encryption, wireless hacking methodology, wireless hacking tools, and Wi-Fi security tools. Mobile platform attack vector, android vulnerability exploitations, and mobile security guidelines and tools. Firewall, IDS and honeypot evasion techniques, evasion tools and techniques to audit a network perimeter for weaknesses, and countermeasures. Cloud computing concepts (Container technology, serverless computing), the working of various threats and attacks, and security techniques and tools. Penetration testing, security audit, vulnerability assessment, and penetration testing roadmap. Threats to IoT and OT platforms and defending IoT and OT devices. Cryptography ciphers, Public Key Infrastructure (PKI), cryptography attacks, and cryptanalysis tools. CEH provides an in-depth understanding of ethical hacking phases, various attack vectors, and preventative countermeasures. It will teach you how hackers think and act maliciously so you will be better positioned to setup your security infrastructure and defend against future attacks. An understanding of system weaknesses and vulnerabilities helps organizations strengthen their system security controls to minimize the risk of an incident. CEH was built to incorporate a hands-on environment and systematic process across each ethical hacking domain and methodology, giving you the opportunity to work towards proving the required knowledge and skills needed to achieve the CEH credential. You will be exposed to an entirely different posture toward the responsibilities and measures required to be secure. Now in its 12th version, CEH continues to evolve with the latest operating systems, tools, tactics, exploits, and technologies. 1 - INTRODUCTION TO ETHICAL HACKING * Information Security Overview * Cyber Kill Chain Concepts * Hacking Concepts * Ethical Hacking Concepts * Information Security Controls * Information Security Laws and Standards 2 - 2 - FOOT-PRINTING AND RECONNAISSANCE * Footprinting Concepts * Footprinting through Search Engines * Footprinting through Web Services * Footprinting through Social Networking Sites * Website Footprinting * Email Footprinting * Who is Footprinting * DNS Footprinting * Network Footprinting * Footprinting through Social Engineering * Footprinting Tools * Footprinting Countermeasures 3 - SCANNING NETWORKS * Network Scanning Concepts * Scanning Tools * Host Discovery * Port and Service Discovery * OS Discovery (Banner Grabbing/OS Fingerprinting) * Scanning Beyond IDS and Firewall * Draw Network Diagrams 4 - ENUMERATION * Enumeration Concepts * NetBIOS Enumeration * SNMP Enumeration * LDAP Enumeration * NTP and NFS Enumeration * SMTP and DNS Enumeration * Other Enumeration Techniques * Enumeration Countermeasures 5 - VULNERABILITY ANALYSIS * Vulnerability Assessment Concepts * Vulnerability Classification and Assessment Types * Vulnerability Assessment Solutions and Tools * Vulnerability Assessment Reports 6 - SYSTEM HACKING * System Hacking Concepts * Gaining Access * Escalating Privileges * Maintaining Access * Clearing Logs 7 - MALWARE THREATS * Malware Concepts * APT Concepts * Trojan Concepts * Virus and Worm Concepts * Fileless Malware Concepts * Malware Analysis * Countermeasures * Anti-Malware Software 8 - SNIFFING * Sniffing Concepts * Sniffing Technique: MAC Attacks * Sniffing Technique: DHCP Attacks * Sniffing Technique: ARP Poisoning * Sniffing Technique: Spoofing Attacks * Sniffing Technique: DNS Poisoning * Sniffing Tools * Countermeasures * Sniffing Detection Techniques 9 - SOCIAL ENGINEERING * Social Engineering Concepts * Social Engineering Techniques * Insider Threats * Impersonation on Social Networking Sites * Identity Theft * Countermeasures 10 - DENIAL-OF-SERVICE * DoS/DDoS Concepts * DoS/DDoS Attack Techniques * BotnetsDDoS Case Study * DoS/DDoS Attack Tools * Countermeasures * DoS/DDoS Protection Tools 11 - SESSION HIJACKING * Session Hijacking Concepts * Application Level Session Hijacking * Network Level Session Hijacking * Session Hijacking Tools * Countermeasures 12 - EVADING IDS, FIREWALLS, AND HONEYPOTS * IDS, IPS, Firewall, and Honeypot Concepts * IDS, IPS, Firewall, and Honeypot Solutions * Evading IDS * Evading Firewalls * IDS/Firewall Evading Tools * Detecting Honeypots * IDS/Firewall Evasion Countermeasures 13 - HACKING WEB SERVERS * Web Server Concepts * Web Server Attacks * Web Server Attack Methodology * Web Server Attack Tools * Countermeasures * Patch Management * Web Server Security Tools 14 - HACKING WEB APPLICATIONS * Web Application Concepts * Web Application Threats * Web Application Hacking Methodology * Web API, Webhooks, and Web Shell * Web Application Security 15 - SQL INJECTION * SQL Injection Concepts * Types of SQL Injection * SQL Injection Methodology * SQL Injection Tools * Evasion Techniques * Countermeasures 16 - HACKING WIRELESS NETWORKS * Wireless Concepts * Wireless Encryption * Wireless Threats * Wireless Hacking Methodology * Wireless Hacking Tools * Bluetooth Hacking * Countermeasures * Wireless Security Tools 17 - HACKING MOBILE PLATFORMS * Mobile Platform Attack Vectors * Hacking Android OS * Hacking iOS * Mobile Device Management * Mobile Security Guidelines and Tools 18 - IOT AND OT HACKING * IoT Hacking * IoT Concepts * IoT Attacks * IoT Hacking Methodology * IoT Hacking Tools * Countermeasures * OT Hacking * OT Concepts * OT Attacks * OT Hacking Methodology * OT Hacking Tools * Countermeasures 19 - CLOUD COMPUTING * Cloud Computing Concepts * Container Technology * Serverless Computing * Cloud Computing Threats * Cloud Hacking * Cloud Security 20 - CRYPTOGRAPHY * Cryptography Concepts * Encryption Algorithms * Cryptography Tools * Public Key Infrastructure (PKI) * Email Encryption * Disk Encryption * Cryptanalysis * Countermeasures ADDITIONAL COURSE DETAILS: Nexus Humans EC-Council Certified Ethical Hacker (CEH) v.12 training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the EC-Council Certified Ethical Hacker (CEH) v.12 course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 3 Days 18 CPD hours This course is intended for The intended audience for this course is information security and IT professionals, such as network administrators and engineers, IT managers, and IT auditors, and other individuals who want to learn more about information security, who are interested in learning in-depth information about information security management, who are looking for career advancement in IT security, or who are interested in earning the CISM certification. Overview Establish and maintain a framework to provide assurance that information security strategies are aligned with business objectives and consistent with applicable laws and regulations. Identify and manage information security risks to achieve business objectives. Create a program to implement the information security strategy. Implement an information security program. Oversee and direct information security activities to execute the information security program. Plan, develop, and manage capabilities to detect, respond to, and recover from information security incidents. In this course, students will establish processes to ensure that information security measures align with established business needs. Prerequisites Information security governance Information risk management Information security program development Information security program management Incident management and response 1 - INFORMATION SECURITY GOVERNANCE * Develop an Information Security Strategy * Align Information Security Strategy with Corporate Governance * Identify Legal and Regulatory Requirements * Justify Investment in Information Security * Identify Drivers Affecting the Organization * Obtain Senior Management Commitment to Information Security * Define Roles and Responsibilities for Information Security * Establish Reporting and Communication Channels 2 - INFORMATION RISK MANAGEMENT * Implement an Information Risk Assessment Process * Determine Information Asset Classification and Ownership * Conduct Ongoing Threat and Vulnerability Evaluations * Conduct Periodic BIAs * Identify and Evaluate Risk Mitigation Strategies * Integrate Risk Management into Business Life Cycle Processes * Report Changes in Information Risk 3 - INFORMATION SECURITY PROGRAM DEVELOPMENT * Develop Plans to Implement an Information Security Strategy * Security Technologies and Controls * Specify Information Security Program Activities * Coordinate Information Security Programs with Business Assurance Functions * Identify Resources Needed for Information Security Program Implementation * Develop Information Security Architectures * Develop Information Security Policies * Develop Information Security Awareness, Training, and Education Programs * Develop Supporting Documentation for Information Security Policies 4 - INFORMATION SECURITY PROGRAM IMPLEMENTATION * Integrate Information Security Requirements into Organizational Processes * Integrate Information Security Controls into Contracts * Create Information Security Program Evaluation Metrics 5 - INFORMATION SECURITY PROGRAM MANAGEMENT * Manage Information Security Program Resources * Enforce Policy and Standards Compliance * Enforce Contractual Information Security Controls * Enforce Information Security During Systems Development * Maintain Information Security Within an Organization * Provide Information Security Advice and Guidance * Provide Information Security Awareness and Training * Analyze the Effectiveness of Information Security Controls * Resolve Noncompliance Issues 6 - INCIDENT MANAGEMENT AND RESPONSE * Develop an Information Security Incident Response Plan * Establish an Escalation Process * Develop a Communication Process * Integrate an IRP * Develop IRTs * Test an IRP * Manage Responses to Information Security Incidents * Perform an Information Security Incident Investigation * Conduct Post-Incident Reviews

Duration 5 Days 30 CPD hours This course is intended for This course is designed primarily for cybersecurity practitioners preparing for or who currently perform job functions related to protecting information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation. It is ideal for those roles within federal contracting companies and private sector firms whose mission or strategic objectives require the execution of Defensive Cyber Operations (DCO) or DoD Information Network (DoDIN) operation and incident handling. This course focuses on the knowledge, ability, and skills necessary to provide for the defense of those information systems in a cybersecurity context, including protection, detection, analysis, investigation, and response processes. Overview In this course, you will identify, assess, respond to, and protect against security threats and operate a system and network security analysis platform. You will: Assess cybersecurity risks to the organization. Analyze the threat landscape. Analyze various reconnaissance threats to computing and network environments. Analyze various attacks on computing and network environments. Analyze various post-attack techniques. Assess the organization's security posture through auditing, vulnerability management, and penetration testing. Collect cybersecurity intelligence from various network-based and host-based sources. Analyze log data to reveal evidence of threats and incidents. Perform active asset and network analysis to detect incidents. Respond to cybersecurity incidents using containment, mitigation, and recovery tactics. Investigate cybersecurity incidents using forensic analysis techniques. This course covers network defense and incident response methods, tactics, and procedures that are in alignment with industry frameworks such as NIST 800-61r2 (Computer Security Incident Handling Guide), US-CERT's National Cyber Incident Response Plan (NCIRP), and Presidential Policy Directive (PPD)-41 on Cyber Incident Coordination. It is ideal for candidates who have been tasked with the responsibility of monitoring and detecting security incidents in information systems and networks, and for executing standardized responses to such incidents. The course introduces tools, tactics, and procedures to manage cybersecurity risks, defend cybersecurity assets, identify various types of common threats, evaluate the organization's security, collect and analyze cybersecurity intelligence, and remediate and report incidents as they occur. This course provides a comprehensive methodology for individuals responsible for defending the cybersecurity of their organization. This course is designed to assist students in preparing for the CertNexus CyberSec First Responder (Exam CFR-410) certification examination. What you learn and practice in this course can be a significant part of your preparation. In addition, this course and subsequent certification (CFR-410) meet all requirements for personnel requiring DoD directive 8570.01-M position certification baselines: CSSP Analyst CSSP Infrastructure Support CSSP Incident Responder CSSP Auditor The course and certification also meet all criteria for the following Cybersecurity Maturity Model Certification (CMMC) domains: Incident Response (IR) Audit and Accountability (AU) Risk Management (RM) LESSON 1: ASSESSING CYBERSECURITY RISK * Topic A: Identify the Importance of Risk Management * Topic B: Assess Risk * Topic C: Mitigate Risk * Topic D: Integrate Documentation into Risk Management LESSON 2: ANALYZING THE THREAT LANDSCAPE * Topic A: Classify Threats * Topic B: Analyze Trends Affecting Security Posture LESSON 3: ANALYZING RECONNAISSANCE THREATS TO COMPUTING AND NETWORK ENVIRONMENTS * Topic A: Implement Threat Modeling * Topic B: Assess the Impact of Reconnaissance * Topic C: Assess the Impact of Social Engineering LESSON 4: ANALYZING ATTACKS ON COMPUTING AND NETWORK ENVIRONMENTS * Topic A: Assess the Impact of System Hacking Attacks * Topic B: Assess the Impact of Web-Based Attacks * Topic C: Assess the Impact of Malware * Topic D: Assess the Impact of Hijacking and Impersonation Attacks * Topic E: Assess the Impact of DoS Incidents * Topic F: Assess the Impact of Threats to Mobile Security * Topic G: Assess the Impact of Threats to Cloud Security LESSON 5: ANALYZING POST-ATTACK TECHNIQUES * Topic A: Assess Command and Control Techniques * Topic B: Assess Persistence Techniques * Topic C: Assess Lateral Movement and Pivoting Techniques * Topic D: Assess Data Exfiltration Techniques * Topic E: Assess Anti-Forensics Techniques LESSON 6: ASSESSING THE ORGANIZATION'S SECURITY POSTURE * Topic A: Implement Cybersecurity Auditing * Topic B: Implement a Vulnerability Management Plan * Topic C: Assess Vulnerabilities * Topic D: Conduct Penetration Testing LESSON 7: COLLECTING CYBERSECURITY INTELLIGENCE * Topic A: Deploy a Security Intelligence Collection and Analysis Platform * Topic B: Collect Data from Network-Based Intelligence Sources * Topic C: Collect Data from Host-Based Intelligence Sources LESSON 8: ANALYZING LOG DATA * Topic A: Use Common Tools to Analyze Logs * Topic B: Use SIEM Tools for Analysis LESSON 9: PERFORMING ACTIVE ASSET AND NETWORK ANALYSIS * Topic A: Analyze Incidents with Windows-Based Tools * Topic B: Analyze Incidents with Linux-Based Tools * Topic C: Analyze Indicators of Compromise LESSON 10: RESPONDING TO CYBERSECURITY INCIDENTS * Topic A: Deploy an Incident Handling and Response Architecture * Topic B: Mitigate Incidents * Topic C: Hand Over Incident Information to a Forensic Investigation LESSON 11: INVESTIGATING CYBERSECURITY INCIDENTS * Topic A: Apply a Forensic Investigation Plan * Topic B: Securely Collect and Analyze Electronic Evidence * Topic C: Follow Up on the Results of an Investigation ADDITIONAL COURSE DETAILS: Nexus Humans CertNexus Certified CyberSec First Responder (CFR-410) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the CertNexus Certified CyberSec First Responder (CFR-410) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 3 Days 18 CPD hours This course is intended for The primary audience for this course is anyone who works in and around IT, facilities or data centre operations and needs to understand and improve the daily operations including important processes such as lock-out/tag-out, the right process for installing/de-installing equipment, safety procedures, capacity management and much more. Overview The old believe that a fully redundant data centre facility will save the day is no longer true as many research outcomes have revealed that the majority of downtime is caused by the human factor. Policies, processes, procedures and work instructions should be carefully developed, ideally following relevant standards, to ensure an effcient and effective data centre operations which are also compliant to the required regulations. The CDFOS© (Certified Data Centre Facilities Operations Specialist) course is a three-day course which will enable participants to fully understand the requirements of running the day-to-day operations of a mission critical data centre. Participants will gain all the required competences for running the daily operations, understand which processes should be in place, and the critical elements of those processes and how to execute them. The course is fully aligned with the DCOS© (Data Centre Operations Standard). Data centre facilities operations management have proven to be the key differentiator between a data centre that is performing well or badly. SERVICE LEVEL MANAGEMENT * Service Level Management Needs analysis Capability assessment Service portfolio and catalogue Service Level Agreements Reporting - Complaint procedure Customer satisfaction Service Improvement Process (SIP) SAFETY AND CRISIS MANAGEMENT * Most common type of accidents and why they often happen The roles and responsibilities of appointed safety staff The importance of the OH&S or WHS manual Calibration of measurement and test equipment Proper lock-out/tag-out procedures Emergency response plan requirement for various potential emergencies The importance of Permit To Work PHYSICAL SECURITY * Standard Operating Procedures (SOP) for security Security risk assessment Security zones Physical inspections / security patrols Delivery of goods / holding area Entry control of individuals Badges and key management Security monitoring Security incident reporting FACILITIES MAINTENANCE * The importance of maintenance Maintenance definitions Maintenance operations procedures (MOP) Service reports Spare management Tools Housekeeping DATA CENTRE OPERATIONS * Shift handover Walk around duties Service management Release management Configuration management Floor management Equipment life cycle management MONITORING/REPORTING/CONTROL * Monitoring requirements Facilities monitoring matrix Sensor / alarm point testing and calibration Notification matrix Escalation requirements Reporting PROJECT MANAGEMENT * Project management Project organization Project manager Initiation Planning Execution Monitor and control Closing Evaluation / lessons learnt ENVIRONMENTAL SUSTAINABILITY * The importance of sustainability Environmental standards Power efficiency indicators Energy saving best practises Water management Sustainable energy usage GOVERNANCE AND COMPLIANCE * The importance of document management The siz sub-processes of document management Asset management Requirements or asset recording EXAM: CERTIFIED DATA CENTRE FACILITIES OPERATIONS SPECIALIST (CDFOS©) * Certification exams are administered at the end of the course. The exam is a 90-minute closed book exam, with 60 multiple-choice questions. The candidate requires a minimum of 42 correct answers to pass the exam. Online exam results are known immediately and paper-based exam results will be known within one week. ADDITIONAL COURSE DETAILS: Nexus Humans Certified Data Centre Facilities Operations Specialist (CDFOS) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Certified Data Centre Facilities Operations Specialist (CDFOS) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 4 Days 24 CPD hours This course is intended for This course is designed for the aspiring or sitting upper-level manager striving to advance his or her career by learning to apply their existing deep technical knowledge to business problems. In this course, students will learn in-depth content in each of the 5 CCISO Domains DOMAIN 01 - GOVERNANCE * Define, Implement, Manage, and Maintain an Information Security Governance Program * Information Security Drivers * Establishing an information security management structure * Laws/Regulations/Standards as drivers of Organizational Policy/Standards/Procedures * Managing an enterprise information security compliance program * Risk Management * Risk mitigation, risk treatment, and acceptable risk * Risk management frameworks * NIST * Other Frameworks and Guidance (ISO 31000, TARA, OCTAVE, FAIR, COBIT, and ITIL) * Risk management plan implementation * Ongoing third-party risk management * Risk management policies and processes * Conclusion DOMAIN 2 - SECURITY RISK MANAGEMENT, CONTROLS, & AUDIT MANAGEMENT * INFORMATION SECURITY CONTROLS * COMPLIANCE MANAGEMENT * GUIDELINES, GOOD AND BEST PRACTICES * AUDIT MANAGEMENT * SUMMARY DOMAIN 03 - SECURITY PROGRAM MANAGEMENT AND OPERATIONS * PROGRAM MANAGEMENT * OPERATIONS MANAGEMENT * Summary DOMAIN 04 - INFORMATION SECURITY CORE CONCEPTS * ACCESS CONTROL * PHYSICAL SECURITY * NETWORK SECURITY * ENDPOINT PROTECTION * APPLICATION SECURITY * ENCRYPTION TECHNOLOGIES * VIRTUALIZATION SECURITY * CLOUD COMPUTING SECURITY * TRANSFORMATIVE TECHNOLOGIES * Summary DOMAIN 05 - STRATEGIC PLANNING, FINANCE, PROCUREMENT AND VENDOR MANAGEMENT * STRATEGIC PLANNING * Designing, Developing, and Maintaining an Enterprise Information Security Program * Understanding the Enterprise Architecture (EA) * FINANCE * PROCUREMENT * VENDOR MANAGEMENT * Summary

Duration 5 Days 30 CPD hours This course is intended for This course is designed for IT professionals who want to develop penetration testing skills to enable them to identify information-system vulnerabilities and effective remediation techniques for those vulnerabilities. Target students who also need to offer practical recommendations for action to properly protect information systems and their contents will derive those skills from this course. This course is also designed for individuals who are preparing to take the CompTIA PenTest+ certification exam PT0-002, or who plan to use PenTest+ as the foundation for more advanced security certifications or career roles. Individuals seeking this certification should have three to four years of hands-on experience performing penetration tests, vulnerability assessments, and vulnerability management. Overview After completing this course, you will be able to plan, conduct, analyze, and report on penetration tests, including the ability to: Plan and scope penetration tests. Conduct passive reconnaissance. Perform non-technical tests to gather information. Conductive active reconnaissance. Analyze vulnerabilities. Penetrate networks. Exploit host-based vulnerabilities. Test applications. Complete post-exploit tasks. Analyze and report pen test results. Security remains one of the hottest topics in IT and other industries. It seems that each week brings news of some new breach of privacy or security. As organizations scramble to protect themselves and their customers, the ability to conduct penetration testing is an emerging skill set that is becoming ever more valuable to the organizations seeking protection, and ever more lucrative for those who possess these skills. In this course, you will be introduced to some general concepts and methodologies related to pen testing, and you will work your way through a simulated pen test for a fictitious company. 1 - OUTLINE * Lesson 1: Scoping Organization/Customer Requirements * Lesson 2: Defining the Rules of Engagement * Lesson 3: Footprinting and Gathering Intelligence * Lesson 4: Evaluating Human and Physical Vulnerabilities * Lesson 5: Preparing the Vulnerability Scan * Lesson 6: Scanning Logical Vulnerabilities * Lesson 7: Analyzing Scanning Results * Lesson 8: Avoiding Detection and Covering Tracks * Lesson 9: Exploiting the LAN and Cloud * Lesson 10: Testing Wireless Networks * Lesson 11: Targeting Mobile Devices * Lesson 12: Attacking Specialized Systems * Lesson 13: Web Application-Based Attacks * Lesson 14: Performing System Hacking * Lesson 15: Scripting and Software Development * Lesson 16: Leveraging the Attack: Pivot and Penetrate * Lesson 17: Communicating During the PenTesting Process * Lesson 18: Summarizing Report Components * Lesson 19: Recommending Remediation * Lesson 20: Performing Post-Report Delivery Activities ADDITIONAL COURSE DETAILS: Nexus Humans CompTIA Penetration Testing Certification (PenTest Plus) - (Exam PT0-002) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the CompTIA Penetration Testing Certification (PenTest Plus) - (Exam PT0-002) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.