17 Cyber Security courses in Leeds

CYBER SECURITY TRAINING COURSE DESCRIPTION The reliance of the world on the Internet and computer systems means the protection of information systems is vitally important. This is even more important smart devices and the Internet of Things increase the number of devices. This Cyber Security provides a concise overview on the threats and attacks that can happen along with the counter measures that can be taken. WHAT WILL YOU LEARN * Recognise the different types of attack. * Describe the attacks that can be made against information systems. * Describe the counter measures available. CYBER SECURITY TRAINING COURSE DETAILS * Who will benefit: Non-technical staff working with computers. * Prerequisites: None. * Duration 1 day CYBER SECURITY TRAINING COURSE CONTENTS * What is Cyber Security? Computer security, Policies, Types of security breach, denial of service, data manipulation, data theft, data destruction, security checklists, incident response. * Attacks Physical access, Social engineering, Privilege escalation, Malware, Trojans, worms, viruses, rootkits, Backdoors, Denial of Service (DOS), Distributed DOS, Eavesdropping, Spoofing, Man the middle tampering. * Countermeasures Prevention, detection, response. Physical, user accounts, Firewalls, IDS, AAA, authentication, cryptography, encryption, data integrity. * Cyber security standards ETSI, ISO 27001, 27002, NIST, ISA/IEC 62443.

CYBER SECURITY TRAINING COURSE DESCRIPTION This cyber security course focusses on the network side of security. Technologies rather than specific products are studied focussing around the protection of networks using firewalls and VPNs. WHAT WILL YOU LEARN * Describe: - Basic security attacks - RADIUS - SSL - VPNs * Deploy firewalls and secure networks * Explain how the various technologies involved in an IP VPN work. * Describe and implement: - L2TP - IPsec - SSL - MPLS, L3, VPNs. CYBER SECURITY TRAINING COURSE DETAILS * Who will benefit: Anyone working in the security field. * Prerequisites: TCP/IP foundation for engineers * Duration 5 days CYBER SECURITY TRAINING COURSE CONTENTS * Security review Denial of service, DDOS, data manipulation, data theft, data destruction, security checklists, incident response. * Security exploits IP spoofing, SYN attacks, hijacking, reflectors and amplification, keeping up to date with new threats. Hands on port scanning, use a 'hacking' tool. * Client and Server security Windows, Linux, Log files, syslogd, accounts, data security. Hands on Server hardening. * Firewall introduction What is a firewall? Firewall benefits, concepts. HAnds on launching various attacks on a target. * Firewall types Packet filtering, SPI, Proxy, Personal. Software firewalls, hardware firewalls. Firewall products. Hands on Simple personal firewall configuration. * Packet filtering firewalls Things to filter in the IP header, stateless vs. stateful filtering. ACLs. Advantages of packet filtering. Hands on Configuring packet filtering firewalls. * Stateful packet filtering Stateful algorithms, packet-by-packet inspection, application content filtering, tracks, special handling (fragments, IP options), sessions with TCP and UDP. Firewall hacking detection: SYN attacks, SSL, SSH interception. Hands on SPI firewalls. * Proxy firewalls Circuit level, application level, SOCKS. Proxy firewall plusses and minuses. Hands on Proxy firewalls. * Firewall architectures Small office, enterprise, service provider, what is a DMZ? DMZ architectures, bastion hosts, multi DMZ. Virtual firewalls, transparent firewalls. Dual firewall design, high availability, load balancing, VRRP. Hands on Resilient firewall architecture. * Testing firewalls Configuration checklist, testing procedure, monitoring firewalls, logging, syslog. Hands on Testing firewalls. * Encryption Encryption keys, Encryption strengths, Secret key vs Public key, algorithms, systems, SSL, SSH, Public Key Infrastructures. Hands on Password cracking. * Authentication Types of authentication, Securid, Biometrics, PGP, Digital certificates, X.509 v3, Certificate authorities, CRLs, RADIUS. Hands on Using certificates. * VPN overview What is a VPN? What is an IP VPN? VPNs vs. Private Data Networks, Internet VPNs, Intranet VPNs, Remote access VPNs, Site to site VPNs, VPN benefits and disadvantages. * VPN Tunnelling VPN components, VPN tunnels, tunnel sources, tunnel end points, tunnelling topologies, tunnelling protocols, which tunnelling protocol? Requirements of tunnels. * L2TP Overview, components, how it works, security, packet authentication, L2TP/IPsec, L2TP/PPP, L2 vs L3 tunnelling. Hands on Implementing a L2TP tunnel. * IPsec AH, HMAC, ESP, transport and tunnel modes, Security Association, encryption and authentication algorithms, manual vs automated key exchange, NAT and other issues. Hands on Implementing an IPsec VPN. * SSL VPNs Layer 4 VPNs, advantages, disadvantages. SSL. TLS. TLS negotiation, TLS authentication. TLS and certificates. Hands on Implementing a SSL VPN. * MPLS VPNs Introduction to MPLS, why use MPLS, Headers, architecture, label switching, LDP, MPLS VPNs, L2 versus L3 VPNs. Point to point versus multipoint MPLS VPNs. MBGP and VRFs and their use in MPLS VPNs. Hands on Implementing a MPLS L3 VPN. * Penetration testing Hacking webservers, web applications, Wireless networks and mobile platforms. Concepts, threats, methodology. Hands on Hacking tools and countermeasures.

OVERVIEW -------------------------------------------------------------------------------- Cyber Security plays an important role in every business as it encompasses everything that relates to protecting sensitive data, personal information, intellectual property, data, and governmental and industry information systems from theft and damage attempted by criminals and adversaries. This course is designed to understand and gain practical skills to plan, deliver and monitor IT/cyber security to internal and external clients understanding a complete, knowledge in the areas of IT policies, Security-Operational-Run-Book, security/penetration testing, ethical hacking and black hat hacking including understanding the basics of Kali Operating System and its tools and techniques. It will also cover WiFi security, Website security, human factors, cyber forensics, and cyber security team management, including all other areas in relation to Cyber Security.

ABOUT THIS VIRTUAL INSTRUCTOR LED TRAINING (VILT) This 3 half-day Virtual Instructor Led Training (VILT) course will help participants grasp the idea of real-world risk management and how this relates to the cyber world. The VILT course will cover topics surrounding identifying cyber risks and vulnerabilities, guidance on applying administrative actions, and comprehensive solutions to ensure your organization is adequately secure and protected. The VILT course will guide participants on how to conduct a security risk assessment for their organization, and equip them with the skills to develop a risk compliance assessment plan as well as methods to develop risk management strategies which can improve their organization's security posture. The VILT course has at least a 30% hands-on approach through the use of Table Top Exercises. The VILT course will cover the following modules: 1. Introduction to Risk Assessments (RA) 2. Threat Actors and Their Motivations 3. Threat and Risk Assessment 4. Critical Controls Identification 5. Maturity Assessment 6. Treated Cyber Risk Profile 7. Target Cyber Risk Profile and Strategy Target Audience The VILT course is intended for professionals responsible for organizational information and security system and those involved in operating and maintenance of critical information and IT network & sotware systems. Professionals who are designated as the Single Point of Accountability (SPoA) as well as system auditors will find this course useful. Course Level * Basic or Foundation Training Methods The VILT course will be delivered online in 3 half-day sessions comprising 4 hours per day, with 2 x 10 minutes break per day, including time for lectures, discussion, quizzes and short classroom exercises. Course Duration: 3 half-day sessions, 4 hours per session (12 hours in total). This VILT course is delivered in partnership with ENGIE Laborelec. Trainer Your expert course leader is a is specialized in cybersecurity risk management. Before joining ENGIE, she worked for The National Cybersecurity Agency of France (ANSSI) based in Paris (France) and for Deloitte Belgium located in Zaventem (Belgium). She has been involved in cybersecurity projects focusing on the principle of protecting critical infrastructures. Her different experiences in Cyber Security, Anti-Money Laundering and Global Trade Compliance (including Export Control and Customs) gave her the opportunity to use methodologies tackling strategic, operational and financial control issues at all levels of an organization: people, business processes, IT applications and infrastructure, legal and regulatory compliance. She was an EBIOS Risk Manager (RM) trainer while she worked for the French government; EBIOS RM is the French method for assessing and treating digital risks. She also had the opportunity to represent France towards European institutions and other relevant stakeholders for topics related to cybersecurity risk management. POST TRAINING COACHING SUPPORT (OPTIONAL) To further optimise your learning experience from our courses, we also offer individualized 'One to One' coaching support for 2 hours post training. We can help improve your competence in your chosen area of interest, based on your learning needs and available hours. This is a great opportunity to improve your capability and confidence in a particular area of expertise. It will be delivered over a secure video conference call by one of our senior trainers. They will work with you to create a tailor-made coaching program that will help you achieve your goals faster. Request for further information about post training coaching support and fees applicable for this. Accreditions And Affliations

PENETRATION TESTING TRAINING COURSE DESCRIPTION An advanced technical hands on course focusing on hacking and counter hacking. The course revolves around a series of exercises based on "hacking" into a network (pen testing the network) and then defending against the hacks. WHAT WILL YOU LEARN * Perform penetration tests. * Explain the technical workings of various penetration tests. * Produce reports on results of penetration tests. * Defend against hackers. PENETRATION TESTING TRAINING COURSE DETAILS * Who will benefit: Technical support staff, auditors and security professionals. Staff who are responsible for network infrastructure integrity. * Prerequisites: IP Security IP VPNs * Duration 5 days PENETRATION TESTING TRAINING COURSE CONTENTS * Introduction Hacking concepts, phases, types of attacks, 'White hacking', What is penetration testing? Why use pen testing, black box vs. white box testing, equipment and tools, security lifecycles, counter hacking, pen testing reports, methodologies, legal issues. * Physical security and social engineering Testing access controls, perimeter reviews, location reviews, alarm response testing. Request testing, guided suggestions, trust testing. Social engineering concepts, techniques, counter measures, Identity theft, Impersonation on social media, Footprints through social engineering * Reconnaissance (discovery) Footprinting methodologies, concepts, threats and countermeasures, WHOIS footprinting, Gaining contacts and addresses, DNS queries, NIC queries, ICMP ping sweeping, system and server trails from the target network, information leaks, competitive intelligence. Scanning pen testing. * Gaining access Getting past passwords, password grinding, spoofed tokens, replays, remaining anonymous. * Scanning (enumeration) Gaining OS info, platform info, open port info, application info. Routes used, proxies, firewalking, Port scanning, stealth port scanning, vulnerability scanning, FIN scanning, Xmas tree scanning, Null scanning, spoofed scanning, Scanning beyond IDS. Enumeration concepts, counter measures and enumeration pen testing. * Hacking Hacking webservers, web applications, Wireless networks and mobile platforms. Concepts, threats, methodology, hacking tools and countermeasures. * Trojan, Backdoors, Sniffers, Viruses and Worms Detection, concepts, countermeasures, Pen testing Trojans, backdoors, sniffers and viruses. MAC attacks, DHCP attacks, ARP poisoning, DNS poisoning Anti-Trojan software, Malware analysis Sniffing tools. * Exploiting (testing) vulnerabilities Buffer overflows,, simple exploits, brute force methods, UNIX based, Windows based, specific application vulnerabilities. * DoS/DDoS Concepts, techniques, attack tools, Botnet, countermeasures, protection tools, DoS attack pen testing. * SQL Injection Types and testing, Blind SQL Injection, Injection tools, evasion and countermeasures. * Securing networks 'Hurdles', firewalls, DMZ, stopping port scans, IDS, Honeypots, Router testing, firewall testing, IDS testing, Buffer Overflow. * Cryptography PKI, Encryption algorithms, tools, Email and Disk Encryption. * Information security Document grinding, privacy.

CWSP TRAINING COURSE DESCRIPTION A hands-on training course concentrating solely on WiFi security with an emphasis on the delegates learning the necessary knowledge and skills to pass the CWSP exam. The course progresses from simple authentication, encryption and key management onto in depth coverage of 802.X and EAP along with many other security solutions such as access control, intrusion prevention and secure roaming. WHAT WILL YOU LEARN * Demonstrate the threats to WiFi networks. * Secure WiFi networks. * Configure: WPA2 RADIUS 802.1x EAP * Pass the CWSP exam. CWSP TRAINING COURSE DETAILS * Who will benefit: Technical network staff. Technical security staff. * Prerequisites: Certified Wireless Network Associate. * Duration 5 days CWSP TRAINING COURSE CONTENTS * WLAN Security overview Standards, security basics, AAA, 802.11 security history. Hands on WLAN connectivity. * Legacy 802.11 security Authentication: Open system, shared key. WEP. VPNs. MAC filters. SSID segmentation, SSID cloaking. Hands on Analysing 802.11 frame exchanges, viewing hidden SSIDs. * Encryption Basics, AES, TKIP, CCMP, WPA, WPA2. Hands on Decrypting 802.11 data frames. * 802.11 layer 2 authentication 802.1X: Supplicant, Authenticator, Authentication server. Credentials. Legacy authentication. EAP, Weak EAP protocols, Strong EAP protocols: EAP -PEAP, EAP-TTLS, EAP-TLS, EAP-FAST. Hands on Analysing 802.1X/EAP frames. * 802.11 layer 2 dynamic key generation Robust Security Network. Hands on Authentication and key management. * SOHO 802.11 security WPA/WPA2 personal, Preshared Keys, WiFi Protected Setup (WPS). Hands on PSK mapping. * WLAN security infrastructure DS, Autonomous APs, WLAN controllers, split MAC, mesh, bridging, location based access control. Resilience. Wireless network management system. RADIUS/LDAP servers, PKI, RBAC. Hands on 802.1X/EAP configuration. RADIUS configuration. * 802.11 Fast secure roaming History, RSNA, OKC, Fast BSS transition, 802.11k. Hands on Roaming. * Wireless security risks Rogue devices, rogue prevention. Eavesdropping, DOS attacks. Public access and hotspots. Hands on Backtrack. * WiFi security auditing Layer 1 audit, layer 2 audit, pen testing. WLAN security auditing tools. * WiFi security monitoring Wireless Intrusion Detection and Prevention Systems. Device classification, WIDS/WIPS analysis. Monitoring. 802.11w. Hands on Laptop spectrum analysers. * VPNs, remote access, guest access Role of VPNs in 802.11, remote access, hotspots, captive portal. * Wireless security policies General policy, functional policy, recommendations.

SECURING LINUX SYSTEMS TRAINING COURSE DESCRIPTION This course teaches you everything you need to know to build a safe Linux environment. The first section handles cryptography and authentication with certificates, openssl, mod_ssl, DNSSEC and filesystem encryption. Then Host security and hardening is covered with intrusion detection, and also user management and authentication. Filesystem Access control is then covered. Finally network security is covered with network hardening, packet filtering and VPNs. WHAT WILL YOU LEARN * Secure Linux accounts. * Secure Linux file systems. * Secure Linux access through the network. SECURING LINUX SYSTEMS TRAINING COURSE DETAILS * Who will benefit: Linux technical staff needing to secure their systems. * Prerequisites: Linux system administration (LPIC-1) * Duration 5 days SECURING LINUX SYSTEMS TRAINING COURSE CONTENTS * Cryptography * Certificates and Public Key Infrastructures X.509 certificates, lifecycle, fields and certificate extensions. Trust chains and PKI. openssl. Public and private keys. Certification authority. Manage server and client certificates. Revoke certificates and CAs. * Encryption, signing and authentication SSL, TLS, protocol versions. Transport layer security threats, e.g. MITM. Apache HTTPD with mod_ssl for HTTPS service, including SNI and HSTS. HTTPD with mod_ssl to authenticate users using certificates. HTTPD with mod_ssl to provide OCSP stapling. Use OpenSSL for SSL/TLS client and server tests. * Encrypted File Systems Block device and file system encryption. dm-crypt with LUKS to encrypt block devices. eCryptfs to encrypt file systems, including home directories and, PAM integration, plain dm-crypt and EncFS. * DNS and cryptography DNSSEC and DANE. BIND as an authoritative name server serving DNSSEC secured zones. BIND as an recursive name server that performs DNSSEC validation, KSK, ZSK, Key Tag, Key generation, key storage, key management and key rollover, Maintenance and resigning of zones, Use DANE. TSIG. * Host Security * Host Hardening BIOS and boot loader (GRUB 2) security. Disable useless software and services, sysctl for security related kernel configuration, particularly ASLR, Exec-Shield and IP / ICMP configuration, Exec-Shield and IP / ICMP configuration, Limit resource usage. Work with chroot environments, Security advantages of virtualization. * Host Intrusion Detection The Linux Audit system, chkrootkit, rkhunter, including updates, Linux Malware Detect, Automate host scans using cron, AIDE, including rule management, OpenSCAP. * User Management and Authentication NSS and PAM, Enforce password policies. Lock accounts automatically after failed login attempts, SSSD, Configure NSS and PAM for use with SSSD, SSSD authentication against Active Directory, IPA, LDAP, Kerberos and local domains, Kerberos and local domains, Kerberos tickets. * FreeIPA Installation and Samba Integration FreeIPA, architecture and components. Install and manage a FreeIPA server and domain, Active Directory replication and Kerberos cross-realm trusts, sudo, autofs, SSH and SELinux integration in FreeIPA. * Access Control * Discretionary Access Control File ownership and permissions, SUID, SGID. Access control lists, extended attributes and attribute classes. * Mandatory Access Control TE, RBAC, MAC, DAC. SELinux, AppArmor and Smack. * etwork File Systems NFSv4 security issues and improvements, NFSv4 server and clients, NFSv4 authentication mechanisms (LIPKEY, SPKM, Kerberos), NFSv4 pseudo file system, NFSv4 ACLs. CIFS clients, CIFS Unix Extensions, CIFS security modes (NTLM, Kerberos), mapping and handling of CIFS ACLs and SIDs in a Linux system. * Network Security * Network Hardening FreeRADIUS, nmap, scan methods. Wireshark, filters and statistics. Rogue router advertisements and DHCP messages. * Network Intrusion Detection ntop, Cacti, bandwidth usage monitoring, Snort, rule management, OpenVAS, NASL. * Packet Filtering Firewall architectures, DMZ, netfilter, iptables and ip6tables, standard modules, tests and targets. IPv4 and IPv6 packet filtering. Connection tracking, NAT. IP sets and netfilter rules, nftables and nft. ebtables. conntrackd * Virtual Private Networks OpenVPN server and clients for both bridged and routed VPN networks. IPsec server and clients for routed VPN networks using IPsec-Tools / racoon. L2TP.

SECURITY+ TRAINING COURSE DESCRIPTION A hands on course aimed at getting delegates successfully through the CompTia Security+ examination. WHAT WILL YOU LEARN * Explain general security concepts. * Describe the security concepts in communications. * Describe how to secure an infrastructure. * Recognise the role of cryptography. * Describe operational/organisational security. SECURITY+ TRAINING COURSE DETAILS * Who will benefit: Those wishing to pass the Security+ exam. * Prerequisites: TCP/IP foundation for engineers * Duration 5 days SECURITY+ TRAINING COURSE CONTENTS * General security concepts Non-essential services and protocols. Access control: MAC, DAC, RBAC. Security attacks: DOS, DDOS, back doors, spoofing, man in the middle, replay, hijacking, weak keys, social engineering, mathematical, password guessing, brute force, dictionary, software exploitation. Authentication: Kerberos, CHAP, certificates, usernames/ passwords, tokens, biometrics. Malicious code: Viruses, trojan horses, logic bombs, worms. Auditing, logging, scanning. * Communication security Remote access: 802.1x, VPNs, L2TP, PPTP, IPsec, RADIUS, TACACS, SSH. Email: S/MIME, PGP, spam, hoaxes. Internet: SSL, TLS, HTTPS, IM, packet sniffing, privacy, Javascript, ActiveX, buffer overflows, cookies, signed applets, CGI, SMTP relay. LDAP. sftp, anon ftp, file sharing, sniffing, 8.3 names. Wireless: WTLS, 802.11, 802.11x, WEP/WAP. * Infrastructure security Firewalls, routers, switches, wireless, modems, RAS, PBX, VPN, IDS, networking monitoring, workstations, servers, mobile devices. Media security: Coax, UTP, STP, fibre. Removable media. Topologies: Security zones, DMZ, Intranet, Extranet, VLANs, NAT, Tunnelling. IDS: Active/ passive, network/host based, honey pots, incident response. Security baselines: Hardening OS/NOS, networks and applications. * Cryptography basics Integrity, confidentiality, access control, authentication, non-repudiation. Standards and protocols. Hashing, symmetric, asymmetric. PKI: Certificates, policies, practice statements, revocation, trust models. Key management and certificate lifecycles. Storage: h/w, s/w, private key protection. Escrow, expiration, revocation, suspension, recovery, destruction, key usage. * Operational/Organisation security Physical security: Access control, social engineering, environment. Disaster recovery: Backups, secure disaster recovery plans. Business continuity: Utilities, high availability, backups. Security policies: AU, due care, privacy, separation of duties, need to know, password management, SLAs, disposal, destruction, HR policies. Incident response policy. Privilege management: Users, groups, roles, single sign on, centralised/decentralised. Auditing. Forensics: Chain of custody, preserving and collecting evidence. Identifying risks: Assets, risks, threats, vulnerabilities. Role of education/training. Security documentation.

KERBEROS FOR ENGINEERS TRAINING COURSE DESCRIPTION This hands on course covers the details of Kerberos, from installation and administration through to how it all works including the protocols. WHAT WILL YOU LEARN * Describe what Kerberos is. * Explain how Kerberos works. * Install Kerberos. * Configure Kerberos. * Troubleshoot Kerberos. KERBEROS FOR ENGINEERS TRAINING COURSE DETAILS * Who will benefit: Engineers interested in security. * Prerequisites: TCP/IP foundation for engineers * Duration 2 days KERBEROS FOR ENGINEERS TRAINING COURSE CONTENTS * What is Kerberos? Single Sign On, The protocol, the standard, history, v4, v5, RFCs, Linux, Windows. * Kerberos concepts and technology AAA, Authentication, Authorization, Accounting. Kerberos vs LDAP and directories. Privacy, integrity. Kerberos realms, principles, instances. Keys, salts, passwords. Key Distribution Centre, Authentication server, ticket granting server. Tickets. * Installation and administration of Kerberos Installing Kerberos, creating realms, testing. DNS and Kerberos, Kerberos clients. Hands on Windows and Linux Kerberos. * Kerberos protocols The Needham-Schroeder protocol, Kerberos v4. Authentication server, ticket granting server, Kerberos v5, encryption options, ticket options, other protocol features and extensions. Related protocols: GSSAPI, SPNEGO. Hands on Using Wireshark to 'see' Kerberos. * Troubleshooting Kerberos Approach, debugging tools, errors and solutions. Hands on Kerberos troubleshooting. * Kerberos security concerns Kerberos attacks, protocol security issues. Dictionary attacks, brute force attacks, replay attacks, MITM attacks, security solutions, protecting the KDC, firewalls, NAT and Kerberos. Hands on Kerberos logging. * Software which uses Kerberos Kerberos logins, Kerberos and web based applications, Directory services. * Advanced Kerberos issues Cross realm authentication, Windows issues, Windows and UNIX interoperability, Hands on Using a Windows DC for UNIX clients.

OPENSSL FOR ENGINEERS TRAINING COURSE DESCRIPTION A hands on course covering OpenSSL. The course focusses on the use of OpenSSL from the command line as opposed to using its extensive libraries. Certificate authorities are configured along with key generation, HTTPS and a SSL VPN. WHAT WILL YOU LEARN * Describe OpenSSL. * Use OpenSSL. * Describe and implement: * Explain how the various technologies involved in an OpenSSL work. OPENSSL FOR ENGINEERS TRAINING COURSE DETAILS * Who will benefit: Network personnel. * Prerequisites: IP security foundation for engineers * Duration 2 days OPENSSL FOR ENGINEERS TRAINING COURSE CONTENTS * What is OpenSSL? What is SSL? SSL versions, TLS, TLS negotiation, TLS authentication, What is OpenSSL, Command line tool, SSL library. OpenSSH, OpenVPN. Hands on TLS packet analysis. * Getting started with OpenSSL Downloading, source code, packages, installing, versions, configuration, openssl command. Cipher suite selection. Hands on Encrypting a file with openssl. * Public and private keys Algorithms, creating keys, public keys, private keys, encrypting the private key. Hands on Encrypting a file with keys. * Digital signatures Creating signatures, checking validity of signatures, Self signing SSL certificates. Viewing certificates. Certificate files. Converting between formats. Hands on Securing a web server with HTTPS. * Simple PKI with OpenSSL Root CA, signing CA, configuration files, Certificate signing requests. Email certificates, TLS server certificates. Hands on Implementing a simple PKI with OpenSSL.