30 Certified Ethical Hacker (CEH) courses delivered Live Online

Duration 5 Days 30 CPD hours This course is intended for The Certified Ethical Hacking v12 course will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure. Overview Information security controls, laws, and standards. Various types of footprinting, footprinting tools, and countermeasures. Network scanning techniques and scanning countermeasures Enumeration techniques and enumeration countermeasures Vulnerability analysis to identify security loopholes in the target organization?s network, communication infrastructure, and end systems. System hacking methodology, steganography, steganalysis attacks, and covering tracks to discover system and network vulnerabilities. Different types of malware (Trojan, Virus, worms, etc.), system auditing for malware attacks, malware analysis, and countermeasures. Packet sniffing techniques to discover network vulnerabilities and countermeasures to defend against sniffing. Social engineering techniques and how to identify theft attacks to audit human-level vulnerabilities and social engineering countermeasures. DoS/DDoS attack techniques and tools to audit a target and DoS/DDoS countermeasures. Session hijacking techniques to discover network-level session management, authentication/authorization, and cryptographic weaknesses and countermeasures. Webserver attacks and a comprehensive attack methodology to audit vulnerabilities in webserver infrastructure, and countermeasures. Web application attacks, comprehensive web application hacking methodology to audit vulnerabilities in web applications, and countermeasures. SQL injection attack techniques, injection detection tools to detect SQL injection attempts, and countermeasures. Wireless encryption, wireless hacking methodology, wireless hacking tools, and Wi-Fi security tools. Mobile platform attack vector, android vulnerability exploitations, and mobile security guidelines and tools. Firewall, IDS and honeypot evasion techniques, evasion tools and techniques to audit a network perimeter for weaknesses, and countermeasures. Cloud computing concepts (Container technology, serverless computing), the working of various threats and attacks, and security techniques and tools. Penetration testing, security audit, vulnerability assessment, and penetration testing roadmap. Threats to IoT and OT platforms and defending IoT and OT devices. Cryptography ciphers, Public Key Infrastructure (PKI), cryptography attacks, and cryptanalysis tools. CEH provides an in-depth understanding of ethical hacking phases, various attack vectors, and preventative countermeasures. It will teach you how hackers think and act maliciously so you will be better positioned to setup your security infrastructure and defend against future attacks. An understanding of system weaknesses and vulnerabilities helps organizations strengthen their system security controls to minimize the risk of an incident. CEH was built to incorporate a hands-on environment and systematic process across each ethical hacking domain and methodology, giving you the opportunity to work towards proving the required knowledge and skills needed to achieve the CEH credential. You will be exposed to an entirely different posture toward the responsibilities and measures required to be secure. Now in its 12th version, CEH continues to evolve with the latest operating systems, tools, tactics, exploits, and technologies. 1 - INTRODUCTION TO ETHICAL HACKING * Information Security Overview * Cyber Kill Chain Concepts * Hacking Concepts * Ethical Hacking Concepts * Information Security Controls * Information Security Laws and Standards 2 - 2 - FOOT-PRINTING AND RECONNAISSANCE * Footprinting Concepts * Footprinting through Search Engines * Footprinting through Web Services * Footprinting through Social Networking Sites * Website Footprinting * Email Footprinting * Who is Footprinting * DNS Footprinting * Network Footprinting * Footprinting through Social Engineering * Footprinting Tools * Footprinting Countermeasures 3 - SCANNING NETWORKS * Network Scanning Concepts * Scanning Tools * Host Discovery * Port and Service Discovery * OS Discovery (Banner Grabbing/OS Fingerprinting) * Scanning Beyond IDS and Firewall * Draw Network Diagrams 4 - ENUMERATION * Enumeration Concepts * NetBIOS Enumeration * SNMP Enumeration * LDAP Enumeration * NTP and NFS Enumeration * SMTP and DNS Enumeration * Other Enumeration Techniques * Enumeration Countermeasures 5 - VULNERABILITY ANALYSIS * Vulnerability Assessment Concepts * Vulnerability Classification and Assessment Types * Vulnerability Assessment Solutions and Tools * Vulnerability Assessment Reports 6 - SYSTEM HACKING * System Hacking Concepts * Gaining Access * Escalating Privileges * Maintaining Access * Clearing Logs 7 - MALWARE THREATS * Malware Concepts * APT Concepts * Trojan Concepts * Virus and Worm Concepts * Fileless Malware Concepts * Malware Analysis * Countermeasures * Anti-Malware Software 8 - SNIFFING * Sniffing Concepts * Sniffing Technique: MAC Attacks * Sniffing Technique: DHCP Attacks * Sniffing Technique: ARP Poisoning * Sniffing Technique: Spoofing Attacks * Sniffing Technique: DNS Poisoning * Sniffing Tools * Countermeasures * Sniffing Detection Techniques 9 - SOCIAL ENGINEERING * Social Engineering Concepts * Social Engineering Techniques * Insider Threats * Impersonation on Social Networking Sites * Identity Theft * Countermeasures 10 - DENIAL-OF-SERVICE * DoS/DDoS Concepts * DoS/DDoS Attack Techniques * BotnetsDDoS Case Study * DoS/DDoS Attack Tools * Countermeasures * DoS/DDoS Protection Tools 11 - SESSION HIJACKING * Session Hijacking Concepts * Application Level Session Hijacking * Network Level Session Hijacking * Session Hijacking Tools * Countermeasures 12 - EVADING IDS, FIREWALLS, AND HONEYPOTS * IDS, IPS, Firewall, and Honeypot Concepts * IDS, IPS, Firewall, and Honeypot Solutions * Evading IDS * Evading Firewalls * IDS/Firewall Evading Tools * Detecting Honeypots * IDS/Firewall Evasion Countermeasures 13 - HACKING WEB SERVERS * Web Server Concepts * Web Server Attacks * Web Server Attack Methodology * Web Server Attack Tools * Countermeasures * Patch Management * Web Server Security Tools 14 - HACKING WEB APPLICATIONS * Web Application Concepts * Web Application Threats * Web Application Hacking Methodology * Web API, Webhooks, and Web Shell * Web Application Security 15 - SQL INJECTION * SQL Injection Concepts * Types of SQL Injection * SQL Injection Methodology * SQL Injection Tools * Evasion Techniques * Countermeasures 16 - HACKING WIRELESS NETWORKS * Wireless Concepts * Wireless Encryption * Wireless Threats * Wireless Hacking Methodology * Wireless Hacking Tools * Bluetooth Hacking * Countermeasures * Wireless Security Tools 17 - HACKING MOBILE PLATFORMS * Mobile Platform Attack Vectors * Hacking Android OS * Hacking iOS * Mobile Device Management * Mobile Security Guidelines and Tools 18 - IOT AND OT HACKING * IoT Hacking * IoT Concepts * IoT Attacks * IoT Hacking Methodology * IoT Hacking Tools * Countermeasures * OT Hacking * OT Concepts * OT Attacks * OT Hacking Methodology * OT Hacking Tools * Countermeasures 19 - CLOUD COMPUTING * Cloud Computing Concepts * Container Technology * Serverless Computing * Cloud Computing Threats * Cloud Hacking * Cloud Security 20 - CRYPTOGRAPHY * Cryptography Concepts * Encryption Algorithms * Cryptography Tools * Public Key Infrastructure (PKI) * Email Encryption * Disk Encryption * Cryptanalysis * Countermeasures ADDITIONAL COURSE DETAILS: Nexus Humans EC-Council Certified Ethical Hacker (CEH) v.12 training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the EC-Council Certified Ethical Hacker (CEH) v.12 course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for The CHFI course will benefit: Police and other laws enforcement personnel Defense and Military personnel e-Business Security professionals Systems administrators Legal professionals Banking, Insurance and other professionals Government agencies Overview At the end of this course, you will possess the skills needed to: Understand the fundamentals of computer forensics Understand the computer forensic investigation process Describe in detail different types of hard disks and file systems Understand data acquisition and duplication Counteract anti-forensic techniques Leverage forensic skills in Windows, Linux, and Mac Investigate web attacks Understand dark web forensics Deploy forensic techniques for databases, cloud, and networks Investigate email crimes including malware Perform forensics in mobile and IoT environments Every crime leaves a digital footprint, and you need the skills to track those footprints. In this course, students will learn to unravel these pieces of evidence, decode them and report them. From decoding a hack to taking legal action against the perpetrators, they will become an active respondent in times of cyber-breaches. COMPUTER FORENSICS IN TODAY?S WORLD * 1.1. Understand the Fundamentals of Computer Forensics * 1.2. Understand Cybercrimes and their Investigation Procedures * 1.3. Understand Digital Evidence * 1.4. Understand Forensic Readiness, Incident Response and the Role of SOC (Security * Operations Center) in Computer Forensics * 1.5. Identify the Roles and Responsibilities of a Forensic Investigator * 1.6. Understand the Challenges Faced in Investigating Cybercrimes * 1.7. Understand Legal Compliance in Computer Forensics * COMPUTER FORENSICS INVESTIGATION PROCESS * 2.1. Understand the Forensic Investigation Process and its Importance * 2.2. Understand the Pre-investigation Phase * 2.3. Understand First Response * 2.4. Understand the Investigation Phase * 2.5. Understand the Post-investigation Phase * UNDERSTANDING HARD DISKS AND FILE SYSTEMS * 3.1. Describe Different Types of Disk Drives and their Characteristics * 3.2. Explain the Logical Structure of a Disk * 3.3. Understand Booting Process of Windows, Linux and Mac Operating Systems * 3.4. Understand Various File Systems of Windows, Linux and Mac Operating Systems * 3.5. Examine File System Using Autopsy and The Sleuth Kit Tools * 3.6 Understand Storage Systems * 3.7. Understand Encoding Standards and Hex Editors * 3.8. Analyze Popular File Formats Using Hex Editor * DATA ACQUISITION AND DUPLICATION * 4.1. Understand Data Acquisition Fundamentals * 4.2. Understand Data Acquisition Methodology * 4.3. Prepare an Image File for Examination * DEFEATING ANTI-FORENSICS TECHNIQUES * 5.1. Understand Anti-forensics Techniques * 5.2. Discuss Data Deletion and Recycle Bin Forensics * 5.3. Illustrate File Carving Techniques and Ways to Recover Evidence from Deleted Partitions * 5.4. Explore Password Cracking/Bypassing Techniques * 5.5. Detect Steganography, Hidden Data in File System Structures, Trail Obfuscation, and File Extension Mismatch * 5.6. Understand Techniques of Artifact Wiping, Overwritten Data/Metadata Detection, and Encryption * 5.7. Detect Program Packers and Footprint Minimizing Techniques * 5.8. Understand Anti-forensics Countermeasures * WINDOWS FORENSICS * 6.1. Collect Volatile and Non-volatile Information * 6.2. Perform Windows Memory and Registry Analysis * 6.3. Examine the Cache, Cookie and History Recorded in Web Browsers * 6.4. Examine Windows Files and Metadata * 6.5. Understand ShellBags, LNK Files, and Jump Lists * 6.6. Understand Text-based Logs and Windows Event Logs * LINUX AND MAC FORENSICS * 7.1. Understand Volatile and Non-volatile Data in Linux * 7.2. Analyze Filesystem Images Using The Sleuth Kit * 7.3. Demonstrate Memory Forensics Using Volatility & PhotoRec * 7.4. Understand Mac Forensics * * NETWORK FORENSICS * 8.1. Understand Network Forensics * 8.2. Explain Logging Fundamentals and Network Forensic Readiness * 8.3. Summarize Event Correlation Concepts * 8.4. Identify Indicators of Compromise (IoCs) from Network Logs * 8.5. Investigate Network Traffic * 8.6. Perform Incident Detection and Examination with SIEM Tools * 8.7. Monitor and Detect Wireless Network Attacks * INVESTIGATING WEB ATTACKS * 9.1. Understand Web Application Forensics * 9.2. Understand Internet Information Services (IIS) Logs * 9.3. Understand Apache Web Server Logs * 9.4. Understand the Functionality of Intrusion Detection System (IDS) * 9.5. Understand the Functionality of Web Application Firewall (WAF) * 9.6. Investigate Web Attacks on Windows-based Servers * 9.7. Detect and Investigate Various Attacks on Web Applications * DARK WEB FORENSICS * 10.1. Understand the Dark Web * 10.2. Determine How to Identify the Traces of Tor Browser during Investigation * 10.3. Perform Tor Browser Forensics * DATABASE FORENSICS * 11.1. Understand Database Forensics and its Importance * 11.2. Determine Data Storage and Database Evidence Repositories in MSSQL Server * 11.3. Collect Evidence Files on MSSQL Server * 11.4. Perform MSSQL Forensics * 11.5. Understand Internal Architecture of MySQL and Structure of Data Directory * 11.6. Understand Information Schema and List MySQL Utilities for Performing Forensic Analysis * 11.7. Perform MySQL Forensics on WordPress Web Application Database * CLOUD FORENSICS * 12.1. Understand the Basic Cloud Computing Concepts * 12.2. Understand Cloud Forensics * 12.3. Understand the Fundamentals of Amazon Web Services (AWS) * 12.4. Determine How to Investigate Security Incidents in AWS * 12.5. Understand the Fundamentals of Microsoft Azure * 12.6. Determine How to Investigate Security Incidents in Azure * 12.7. Understand Forensic Methodologies for Containers and Microservices * INVESTIGATING EMAIL CRIMES * 13.1. Understand Email Basics * 13.2. Understand Email Crime Investigation and its Steps * 13.3. U.S. Laws Against Email Crime * MALWARE FORENSICS * 14.1. Define Malware and Identify the Common Techniques Attackers Use to Spread Malware * 14.2. Understand Malware Forensics Fundamentals and Recognize Types of Malware Analysis * 14.3. Understand and Perform Static Analysis of Malware * 14.4. Analyze Suspicious Word and PDF Documents * 14.5. Understand Dynamic Malware Analysis Fundamentals and Approaches * 14.6. Analyze Malware Behavior on System Properties in Real-time * 14.7. Analyze Malware Behavior on Network in Real-time * 14.8. Describe Fileless Malware Attacks and How they Happen * 14.9. Perform Fileless Malware Analysis - Emotet * MOBILE FORENSICS * 15.1. Understand the Importance of Mobile Device Forensics * 15.2. Illustrate Architectural Layers and Boot Processes of Android and iOS Devices * 15.3. Explain the Steps Involved in Mobile Forensics Process * 15.4. Investigate Cellular Network Data * 15.5. Understand SIM File System and its Data Acquisition Method * 15.6. Illustrate Phone Locks and Discuss Rooting of Android and Jailbreaking of iOS Devices * 15.7. Perform Logical Acquisition on Android and iOS Devices * 15.8. Perform Physical Acquisition on Android and iOS Devices * 15.9. Discuss Mobile Forensics Challenges and Prepare Investigation Report * IOT FORENSICS * 16.1. Understand IoT and IoT Security Problems * 16.2. Recognize Different Types of IoT Threats * 16.3. Understand IoT Forensics * 16.4. Perform Forensics on IoT Devices *

This is the perfect launch pad for a technical career in Cyber Security and fully prepares every delegate for the prestigious Certified Ethical Hacking (CEH) Course that comes next on the Cyber & Hacking Learning Pathways by Nemstar.

Duration 5 Days 30 CPD hours This course is intended for This course is designed for technology leaders, solution developers, project managers, organizational decision makers, and other individuals seeking to demonstrate a vendor-neutral, cross-industry understanding of ethics in emerging data-driven technologies, such as AI, robotics, IoT, and data science. This course is also designed for professionals who want to pursue the CertNexus Certification Exam CET-110: Certified Ethical Emerging Technologies. Overview In this course, you will incorporate ethics into data-driven technologies such as AI, IoT, and data science. You will: Describe general concepts, theories, and challenges related to ethics and emerging technologies. Identify ethical risks. Practice ethical reasoning. Identify and mitigate safety and security risks. Identify and mitigate privacy risks. Identify and mitigate fairness and bias risks. Identify and mitigate transparency and explainability risks. Identify and mitigate accountability risks. Build an ethical organization. Develop ethical systems in technology-focused organizations. Mutually reinforcing innovations in computing and engineering are catapulting advances in technological production. From blockchain and artificial intelligence (AI) to gene editing and the Internet of Things (IoT), these advances come with tremendous opportunities for improvement in productivity, efficiency, and human well-being. But as scandals increasingly demonstrate, these advances also introduce new and serious risks of conflict and harm.Technology professionals now face growing demands to identify and mitigate ethical risks to human rights and the environment, as well as to navigate ethical tradeoffs between qualities such as privacy and accuracy, fairness and utility, and safety and accountability. This course provides the tools to identify and manage common ethical risks in the development of emerging data-driven technologies. It distills ethical theory, public regulations, and industry best practices into concrete skills and guidelines needed for the responsible development of digital products and services. By following the course's practical, problems-based approach, learners will become adept at applying theories, principles, frameworks, and techniques in their own roles and organizations. INTRODUCTION TO ETHICS OF EMERGING TECHNOLOGIES * Topic A: What?s at Stake * Topic B: Ethics and Why It Matters * Topic C: Ethical Decision-Making in Practice * Topic D: Causes of Ethical Failures * IDENTIFYING ETHICAL RISKS * Topic A: Ethical Reasons * Topic B: Stumbling Blocks for Ethical Reasoning * Topic C: Identify Ethical Risks in Product Development * Topic D: Tools for Identifying Ethical Risks * Topic E: Use Regulations, Standards, and Human Rights to Identify Ethical Risks * ETHICAL REASONING IN PRACTICE * Topic A: Ethical Theories * Topic B: Use Ethical Decision-Making Frameworks * Topic C: Select Options for Action * Topic D: Avoid Problems in Ethical Decision-Making * IDENTIFYING AND MITIGATING SECURITY RISKS * Topic A: What Is Security? * Topic B: Identify Security Risks * Topic C: Security Tradeoffs * Topic D: Mitigate Security Risks * IDENTIFYING AND MITIGATING PRIVACY RISKS * Topic A: What Is Privacy? * Topic B: Identify Privacy Risks * Topic C: Privacy Tradeoffs * Topic D: Mitigate Privacy Risks * IDENTIFYING AND MITIGATING FAIRNESS AND BIAS RISKS * Topic A: What Are Fairness and Bias? * Topic B: Identify Bias Risks * Topic C: Fairness Tradeoffs * Topic D: Mitigate Bias Risks * IDENTIFYING AND MITIGATING TRANSPARENCY AND EXPLAINABILITY RISKS * Topic A: What Are Transparency and Explainability? * Topic B: Identify Transparency and Explainability Risks * Topic C: Transparency and Explainability Tradeoffs * Topic D: Mitigate Transparency and Explainability Risks * IDENTIFYING AND MITIGATING ACCOUNTABILITY RISKS * Topic A: What Is Accountability? * Topic B: Identify Accountability Risks * Topic C: Accountability Tradeoffs * Topic D: Mitigate Accountability Risks * BUILDING AN ETHICAL ORGANIZATION * Topic A: What Are Ethical Organizations? * Topic B: Organizational Purpose * Topic C: Ethics Awareness * Topic D: Develop Professional Ethics within Organizations * DEVELOPING ETHICAL SYSTEMS IN TECHNOLOGY-FOCUSED ORGANIZATIONS * Topic A: Policy and Compliance * Topic B: Metrics and Monitoring * Topic C: Communication and Stakeholder Engagement * Topic D: Ethical Leadership *

Duration 3 Days 18 CPD hours This course is intended for Security analyst, threat hunters, or incident responders Security professionals who work with enterprise and endpoint security tools Overview By the end of the course, you should be able to meet the following objectives: Describe the architecture of a Carbon Black EDR implementation Perform the installation, upgrade, and configuration of the Carbon Black EDR server Describe the purpose and use of multiple datastores in the server Perform live queries across endpoints to gather additional data Perform effective searches across the dataset to find security artifacts related to the endpoints Manage Threat Intelligence Feeds and Watchlists Describe connectors in Carbon Black EDR Troubleshoot server and sensor problems Analyze data found in the Heads-Up Display Manage investigations to group and summarize security incidents and artifacts Perform the different response capabilities available to users in Carbon Black EDR Use the Carbon Black EDR API to automate tasks This three-day, hands-on training course provides you with the knowledge, skills, and tools to achieve competency in installing, configuring, and managing the VMware Carbon Black© EDR? environment. This course introduces you to product features, capabilities, and workflows for managing endpoint security. Hands-on labs enable learners to reinforce topics by performing operations and tasks within the product in a training environment. COURSE INTRODUCTION * Introductions and course logistics * Course objectives PLANNING AND ARCHITECTURE * Describe the architecture and components of Carbon Black EDR * Identify the communication requirements for Carbon Black EDR SERVER INSTALLATION, UPGRADE, AND ADMINISTRATION * Install the Carbon Black EDR server * Describe the options during the installation process * Install a Carbon Black EDR sensor * Confirm data ingestion in the Carbon Black EDR server * Identify built-in administration tools * Manage sensor groups * Manage users and teams SERVER DATASTORES * Describe the datastores used in Carbon Black EDR * Interact with the available datastores LIVE QUERY * Describe live query capabilities * Perform queries across endpoints SEARCHING AND BEST PRACTICES * Describe the capabilities and data available in the process search * Perform process searches to find specific endpoint activity * Describe the capabilities and data available in the binary search * Perform binary searches to find application data * Describe the query syntax and advanced use cases * Perform advanced queries across the dataset THREAT INTELLIGENCE FEEDS AND WATCHLISTS * Define Threat Intelligence Feeds * Manage the available Threat Intelligence Feeds * Describe the use of Watchlists * Manage Watchlists in the environment CONNECTORS IN CARBON BLACK EDR * Configure connectors in Carbon Black EDR * Troubleshoot connectors TROUBLESHOOTING * Identify the available troubleshooting scripts in the Carbon Black EDR server * Run troubleshooting scripts to identify problems * Generate a sensor log bundle * Identify the location of sensor registry keys HEAD-UP DISPLAY * Identify panels relating to endpoint data * Analyze endpoint data provided by the panels * Identify panels relating to operations data * Analyze operations data provided by the panels * Identify panels relating to server data * Analyze server data provided by the panels * Define alert generation in Carbon Black EDR * Manage alerts INVESTIGATIONS * Describe investigations * Explore data used in an investigation * Manage investigations * Manage investigation events RESPONDING TO ENDPOINT INCIDENTS * Describe isolation in Carbon Black EDR * Manage isolating endpoints * Describe live response capabilities * Manage live response sessions * Describe hash banning * Manage banned hashes OVERVIEW OF POSTMAN AND THE CARBON BLACK EDR API * Explain the use of the API * Differentiate the APIs available for Carbon Black EDR * Explain the purpose of API tokens * Create an API token * Explain the API URL * Create a valid API request * Import a collection to Postman * Initiate an API request from Postman * Perform operations manually using Postman * Analyze the use cases for Postman * Show basic automation tasks using the API and curl * Compare the usage of curl with Postman ADDITIONAL COURSE DETAILS: Notes Delivery by TDSynex, Exit Certified and New Horizons an VMware Authorised Training Centre (VATC) Nexus Humans VMware Carbon Black EDR: Install, Configure, Manage [V7.x] training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the VMware Carbon Black EDR: Install, Configure, Manage [V7.x] course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 1 Days 6 CPD hours This course is intended for System administrators and security operations personnel, including analysts and managers Overview By the end of the course, you should be able to meet the following objectives: Describe the components and capabilities of VMware Carbon Black Cloud Endpoint Standard Identify the architecture and data flows for Carbon Black Cloud Endpoint Standard communication Perform searches across endpoint data to discover suspicious behavior Manage the Carbon Black Cloud Endpoint Standard rules based on organizational requirements Configure rules to address common threats Evaluate the impact of rules on endpoints Process and respond to alerts Describe the different response capabilities available from VMware Carbon Black CloudTM This course teaches you how to use the VMware Carbon Black Cloud Endpoint? Standard product and leverage the capabilities to configure and maintain the system according to your organization?s security posture and policies. This course provides an in-depth, technical understanding of the product through comprehensive coursework and hands-on scenario-based labs. COURSE INTRODUCTION * Introductions and course logistics * Course objectives DATA FLOWS AND COMMUNICATION * Hardware and software requirements * Architecture * Data flows SEARCHING DATA * Creating searches * Analyzing events * Search operators * Advanced queries POLICY COMPONENTS * Rules * Local scanner * Sensor capabilities PREVENTION CAPABILITIES USING RULES * Rule types * Rule creation * Reputation priority * Configuring rules * Evaluating rule impact PROCESSING ALERTS * Alert triage * Alert actions RESPONSE CAPABILITIES * Using quarantine * Using live response * Hash banning

Duration 1 Days 6 CPD hours This course is intended for System administrators and security operations personnel, including analysts and managers Overview By the end of the course, you should be able to meet the following objectives: Describe the components and capabilities of the Carbon Black EDR server Identify the architecture and data flows for Carbon Black EDR communication Describe the Carbon Black EDR server installation process Manage and configure the Carbon Black EDR sever based on organizational requirements Perform searches across process and binary information Implement threat intelligence feeds and create watchlists for automated notifications Describe the different response capabilities available from the Carbon Black EDR server Use investigations to correlate data between multiple processes This course teaches you how to use the VMware Carbon Black© EDR? product and leverage the capabilities to configure and maintain the system according to your organization?s security posture and policies. This course provides an in-depth, technical understanding of the Carbon Black EDR product through comprehensive coursework and hands-on scenario-based labs. COURSE INTRODUCTION * Introductions and course logistics * Course objectives PLANNING AND INSTALLATION * Hardware and software requirements * Architecture * Data flows * Server installation review * Installing sensors * SERVER ADMINISTRATION * Configuration and settings * Carbon Black EDR users and groups PROCESS SEARCH AND ANALYSIS * Filtering options * Creating searches * Process analysis and events BINARY SEARCH AND BANNING BINARIES * Filtering options * Creating searches * Hash banning SEARCH BEST PRACTICES * Search operators * Advanced queries THREAT INTELLIGENCE * Enabling alliance feeds * Threat reports details * Use and functionality WATCHLISTS * Creating watchlists * Use and functionality ALERTS / INVESTIGATIONS / RESPONSE * Using the HUD * Alerts workflow * Using network isolation * Using live response

Duration 1 Days 6 CPD hours This course is intended for Security operations personnel, including analysts and incident responders Overview By the end of the course, you should be able to meet the following objectives: Utilize Carbon Black EDR throughout an incident Implement a baseline configuration for Carbon Black EDR Determine if an alert is a true or false positive Fully scope out an attack from moment of compromise Describe Carbon Black EDR capabilities available to respond to an incident Create addition detection controls to increase security This course teaches you how to use the VMware Carbon Black© EDR? product during incident response. Using the SANS PICERL framework, you will configure the server and perform an investigation on a possible incident. This course provides guidance on using Carbon Black EDR capabilities throughout an incident with an in-depth, hands-on, scenariobased lab. COURSE INTRODUCTION * Introductions and course logistics * Course objectives VMWARE CARBON BLACK EDR & INCIDENT RESPONSE * Framework identification and process PREPARATION * Implement the Carbon Black EDR instance according to organizational requirements IDENTIFICATION * Use initial detection mechanisms * Process alerts * Proactive threat hunting * Incident determination CONTAINMENT * Incident scoping * Artifact collection * Investigation ERADICATION * Hash banning * Removing artifacts * Continuous monitoring RECOVERY * Rebuilding endpoints * Getting to a more secure state LESSONS LEARNED * Tuning Carbon Black EDR * Incident close out

Duration 1 Days 6 CPD hours This course is intended for System administrators and security operations personnel, including analysts and managers Overview By the end of the course, you should be able to meet the following objectives: Describe the components and capabilities of the Carbon Black EDR server Identify the architecture and data flows for Carbon Black EDR communication Identify the architecture for a cluster configuration and Carbon Black EDR cluster communication Describe the Carbon Black EDR server data types and data locations Use the API to interact with the Carbon Black EDR server without using the UI Create custom threat feeds for use in the Carbon Black EDR server Perform the integration with a syslog server Use different server-side scripts for troubleshooting Troubleshoot sensor-side configurations and communication This course teaches you how to use the advanced features of the VMware Carbon Black© EDR? product. This usage includes gaining access to the Linux server for management and troubleshooting in addition to configuring integrations and using the API. This course provides an in-depth, technical understanding of the Carbon Black EDR product through comprehensive coursework and hands-on scenario-based labs. This class focuses exclusively on advanced technical topics related to the technical back-end configuration and maintenance COURSE INTRODUCTION * Introductions and course logistics * Course objectives * ARCHITECTURE * Data flows and channels * Sizing considerations * Communication channels and ports SERVER DATASTORES * SOLR database * Storage configurations and data aging * Partition states * Postgres * Modulestore EDR API * CBAPI overview * Viewing API calls in the browser * Utilizing the API to access data * THREAT INTELLIGENCE FEEDS * Feed structure * Report indicator types * Custom threat feed creation and addition SYSLOG INTEGRATION * SIEM support * Configuration TROUBLESHOOTING * Server-side scripts * Server logs * Sensor operations ADDITIONAL COURSE DETAILS: Notes Delivery by TDSynex, Exit Certified and New Horizons an VMware Authorised Training Centre (VATC) Nexus Humans VMware Carbon Black EDR Advanced Administrator training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the VMware Carbon Black EDR Advanced Administrator course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for System administrators, IT security administrators, IT security engineers, and other professionals responsible for designing, implementing, maintaining, and managing the security of Red Hat Enterprise Linux systems and ensuring their compliance with the organization's security policies. Be a Red Hat Certified Engineer (RHCE©), or demonstrate equivalent Red Hat Enterprise Linux knowledge and experience. Overview Students that complete this course should be able to demonstrate these skills: - Analyze and remediate system compliance using OpenSCAP and SCAP Workbench, employing and customizing baseline policy content provided with Red Hat Enterprise Linux. - Monitor security-relevant activity on your systems with the kernel's audit infrastructure. - Explain and implement advanced SELinux techniques to restrict access by users, processes, and virtual machines. - Confirm the integrity of files and their permissions with AIDE. - Prevent unauthorized USB devices from being used with USBGuard. - Protect data at rest but provide secure automatic decryption at boot using NBDE. - Proactively identify risks and misconfigurations of systems and remediate them with Red Hat Insights. - Analyze and remediate compliance at scale with OpenSCAP, Red Hat Insights, Red Hat Satellite, and Red Hat Ansible Tower. This course is ideal for security administrators and system administrators who need to manage the secure operation of servers running Red Hat© Enterprise Linux©, whether deployed on physical hardware, as virtual machines, or as cloud instances. Maintaining security of computing systems is a process of managing risk through the implementation of processes and standards backed by technologies and tools. In this course, you will discover and understand the resources that can be used to help you implement and comply with your security requirements. This course is based on Red Hat Enterprise Linux 7.5, Red Hat Satellite 6.3, Red Hat Ansible© Engine 2.5, Red Hat Ansible Tower 3.2, and Red Hat Insights. 1 - MANAGE SECURITY AND RISK * Define strategies to manage security on Red Hat Enterprise Linux servers. 2 - AUTOMATE CONFIGURATION AND REMEDIATION WITH ANSIBLE * Remediate configuration and security issues with Ansible Playbooks. 3 - PROTECT DATA WITH LUKS AND NBDE * Encrypt data on storage devices with LUKS and use NBDE to manage automatic decryption when servers are booted. 4 - RESTRICT USB DEVICE ACCESS * Protect system from rogue USB device access with USBGuard. 5 - CONTROL AUTHENTICATION WITH PAM * Manage authentication, authorization, session settings, and password controls by configuring pluggable authentication modules (PAMs). 6 - RECORD SYSTEM EVENTS WITH AUDIT * Record and inspect system events relevant to security, using the Linux kernel's audit subsystem and supporting tools. 7 - MONITOR FILE SYSTEM CHANGES * Detect and analyze changes to a server's file systems and their contents using AIDE. 8 - MITIGATE RISK WITH SELINUX * Improve security and confinement between processes by using SELinux and advanced SELinux techniques and analyses. 9 - MANAGE COMPLIANCE WITH OPENSCAP * Evaluate and remediate a server's compliance with security policies by using OpenSCAP. 10 - AUTOMATE COMPLIANCE WITH RED HAT SATELLITE * Automate and scale your ability to perform OpenSCAP checks and remediate compliance issues using Red Hat Satellite. 11 - ANALYZE AND REMEDIATE ISSUES WITH RED HAT INSIGHTS * Identify, detect, and correct common issues and security vulnerabilities with Red Hat Enterprise Linux systems by using Red Hat Insights. 12 - PERFORM A COMPREHENSIVE REVIEW * Review the content covered in this course by completing hands-on review exercises. ADDITIONAL COURSE DETAILS: Nexus Humans Red Hat Security - Linux in Physical, Virtual, and Cloud (RH415) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Red Hat Security - Linux in Physical, Virtual, and Cloud (RH415) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.