37 Courses in Edinburgh

Learners will be introduced to the design, installation, commissioning, and maintenance of Access Control systems.

Learners will be introduced to the design, installation, commissioning, and maintenance of Access Control systems.

This course provides the basic requirements for auditing I&HAS to PD 6662, EN 50131, BS 8243, and access control / CCTV systems to certification bodies' standards. The course enables certified contractors to conduct objective auditing of their own systems.

It is a requirement within codes of practice e.g., BS 5839-1, and within legislation e.g., Health & Safety at Work Act 1974, that duties are placed upon employers and employees regarding health & safety and in particular electrical safety.

SECURING UNIX SYSTEMS TRAINING COURSE DESCRIPTION This course teaches you everything you need to know to build a safe Linux environment. The first section handles cryptography and authentication with certificates, openssl, mod_ssl, DNSSEC and filesystem encryption. Then Host security and hardening is covered with intrusion detection, and also user management and authentication. Filesystem Access control is then covered. Finally network security is covered with network hardening, packet filtering and VPNs. WHAT WILL YOU LEARN * Secure UNIX accounts. * Secure UNIX file systems. * Secure UNIX access through the network. SECURING UNIX SYSTEMS COURSE DETAILS * Who will benefit: Linux technical staff needing to secure their systems. * Prerequisites: Linux system administration (LPIC-1) * Duration 5 days SECURING UNIX SYSTEMS COURSE CONTENTS * Cryptography * Certificates and Public Key Infrastructures X.509 certificates, lifecycle, fields and certificate extensions. Trust chains and PKI. openssl. Public and private keys. Certification authority. Manage server and client certificates. Revoke certificates and CAs. * Encryption, signing and authentication SSL, TLS, protocol versions. Transport layer security threats, e.g. MITM. Apache HTTPD with mod_ssl for HTTPS service, including SNI and HSTS. HTTPD with mod_ssl to authenticate users using certificates. HTTPD with mod_ssl to provide OCSP stapling. Use OpenSSL for SSL/TLS client and server tests. * Encrypted File Systems Block device and file system encryption. dm-crypt with LUKS to encrypt block devices. eCryptfs to encrypt file systems, including home directories and, PAM integration, plain dm-crypt and EncFS. * DNS and cryptography DNSSEC and DANE. BIND as an authoritative name server serving DNSSEC secured zones. BIND as an recursive name server that performs DNSSEC validation, KSK, ZSK, Key Tag, Key generation, key storage, key management and key rollover, Maintenance and resigning of zones, Use DANE. TSIG. * Host Security * Host Hardening BIOS and boot loader (GRUB 2) security. Disable useless software and services, sysctl for security related kernel configuration, particularly ASLR, Exec-Shield and IP / ICMP configuration, Exec-Shield and IP / ICMP configuration, Limit resource usage. Work with chroot environments, Security advantages of virtualization. * Host Intrusion Detection The Linux Audit system, chkrootkit, rkhunter, including updates, Linux Malware Detect, Automate host scans using cron, AIDE, including rule management, OpenSCAP. * User Management and Authentication NSS and PAM, Enforce password policies. Lock accounts automatically after failed login attempts, SSSD, Configure NSS and PAM for use with SSSD, SSSD authentication against Active Directory, IPA, LDAP, Kerberos and local domains, Kerberos and local domains, Kerberos tickets. * FreeIPA Installation and Samba Integration FreeIPA, architecture and components. Install and manage a FreeIPA server and domain, Active Directory replication and Kerberos cross-realm trusts, sudo, autofs, SSH and SELinux integration in FreeIPA. * Access Control * Discretionary Access Control File ownership and permissions, SUID, SGID. Access control lists, extended attributes and attribute classes. * Mandatory Access Control TE, RBAC, MAC, DAC. SELinux, AppArmor and Smack. * etwork File Systems NFSv4 security issues and improvements, NFSv4 server and clients, NFSv4 authentication mechanisms (LIPKEY, SPKM, Kerberos), NFSv4 pseudo file system, NFSv4 ACLs. CIFS clients, CIFS Unix Extensions, CIFS security modes (NTLM, Kerberos), mapping and handling of CIFS ACLs and SIDs in a Linux system. * Network Security * Network Hardening FreeRADIUS, nmap, scan methods. Wireshark, filters and statistics. Rogue router advertisements and DHCP messages. * Network Intrusion Detection ntop, Cacti, bandwidth usage monitoring, Snort, rule management, OpenVAS, NASL. * Packet Filtering Firewall architectures, DMZ, netfilter, iptables and ip6tables, standard modules, tests and targets. IPv4 and IPv6 packet filtering. Connection tracking, NAT. IP sets and netfilter rules, nftables and nft. ebtables. conntrackd * Virtual Private Networks OpenVPN server and clients for both bridged and routed VPN networks. IPsec server and clients for routed VPN networks using IPsec-Tools / racoon. L2TP.

MICROSOFT LYNC TRAINING COURSE DESCRIPTION This course teaches IT staff how to plan, design, deploy, configure, and administer a Microsoft Lync Server solution. The course emphasizes Lync Server Enterprise Unified Communications features focussing particularly on coexisting with and migrating from legacy communication services. The labs in this course create a solution that includes IM and Presence, Conferencing, and Persistent Chat. This course helps prepare for Exam 70-336. WHAT WILL YOU LEARN * Describe the Lync Server architecture. * Install and deploy Lync Server. * Use Lync Server management interfaces. * Deploy and manage clients. * Manage and administer dial-in conferencing. * Design audio and video for web conferencing. * Plan for instant message and presence Federation. * Deploy and configure persistent chat in Lync. * Configure archiving and monitoring services. * Troubleshoot Lync Server. * Describe the required daily, weekly, and monthly maintenance tasks. * Use SIP commands and analyze SIP logs. * Configure high availability features in Lync. * Design load balancing in Lync Server. * Backup and restore Lync Server data. MICROSOFT LYNC TRAINING COURSE DETAILS * Who will benefit: Technical staff working with Microsoft Lync. * Prerequisites: Supporting Windows 2008 or 2012. * Duration 5 days MICROSOFT LYNC TRAINING COURSE CONTENTS * Microsoft Lync Server architecture Lync Server architecture, Lync core capabilities, Lync design process, assessing infrastructure requirements and updating the design, planning for all Microsoft solutions framework phases. * Designing a Lync Server topology Infrastructure requirements for Lync Server, using the planning tool, using topology builder, server infrastructure, documentation. Hands on Environment preparation and Lync Server pools. * Users and rights in Microsoft Lync Server Managing Lync Server, role based access control. Hands on Using the management shell, configuring role-based access control. * Client/device deployment and management Deploy and manage clients, prepare for device deployment, IP phones. Hands on Clients. * Conferencing in Lync Server Introduction to conferencing in Lync Server, designing for audio\video and web conferencing, dial-in conferencing in Lync Server, managing and administering conferencing. Hands on Conferencing in Microsoft Lync. * Designing and deploying external access Conferencing and external capabilities of Lync Server, planning for IM and presence federation, designing edge services. Hands on Deploying Edge Server and Configuring Remote Access, Validating the Edge Server. * Deploying Lync Server persistent chat Overview of persistent chat architecture in Lync Server, designing persistent chat, deploying and persistent chat. Hands on persistent chat server. * Monitoring and archiving The archiving service, the monitoring service, configuring archiving and monitoring. Hands on Archiving and monitoring in Lync Server. * Administration and maintenance of Lync Lync Server troubleshooting tools, Lync Server operational tasks, Lync Server troubleshooting techniques. Hands on Lync administration tools, centralized logging service, analysing Lync Server logs and traces. * High Availability in Lync Server High availability in Lync Server, configuring high availability in Lync Server, planning for load balancing, designing load balancing. Hands on Configuring database mirroring, experiencing a scheduled SQL Server outage, experiencing an unscheduled SQL Server outage. * Disaster recovery in Lync Server Disaster recovery in Lync Server, tools for backing up and restoring Lync Server, critical Lync Server data to back up and restore, critical data to export and import, designing branch site resiliency. Hands on Configure pool pairing, experiencing a pool failure or outage. * Planning a migration to Lync Server Coexistence and migration, migration steps, planning for clients and devices. Designing a client migration and device migration strategy. Hands on Creating a migration plan, documenting the migration phases.

SECURING LINUX SYSTEMS TRAINING COURSE DESCRIPTION This course teaches you everything you need to know to build a safe Linux environment. The first section handles cryptography and authentication with certificates, openssl, mod_ssl, DNSSEC and filesystem encryption. Then Host security and hardening is covered with intrusion detection, and also user management and authentication. Filesystem Access control is then covered. Finally network security is covered with network hardening, packet filtering and VPNs. WHAT WILL YOU LEARN * Secure Linux accounts. * Secure Linux file systems. * Secure Linux access through the network. SECURING LINUX SYSTEMS TRAINING COURSE DETAILS * Who will benefit: Linux technical staff needing to secure their systems. * Prerequisites: Linux system administration (LPIC-1) * Duration 5 days SECURING LINUX SYSTEMS TRAINING COURSE CONTENTS * Cryptography * Certificates and Public Key Infrastructures X.509 certificates, lifecycle, fields and certificate extensions. Trust chains and PKI. openssl. Public and private keys. Certification authority. Manage server and client certificates. Revoke certificates and CAs. * Encryption, signing and authentication SSL, TLS, protocol versions. Transport layer security threats, e.g. MITM. Apache HTTPD with mod_ssl for HTTPS service, including SNI and HSTS. HTTPD with mod_ssl to authenticate users using certificates. HTTPD with mod_ssl to provide OCSP stapling. Use OpenSSL for SSL/TLS client and server tests. * Encrypted File Systems Block device and file system encryption. dm-crypt with LUKS to encrypt block devices. eCryptfs to encrypt file systems, including home directories and, PAM integration, plain dm-crypt and EncFS. * DNS and cryptography DNSSEC and DANE. BIND as an authoritative name server serving DNSSEC secured zones. BIND as an recursive name server that performs DNSSEC validation, KSK, ZSK, Key Tag, Key generation, key storage, key management and key rollover, Maintenance and resigning of zones, Use DANE. TSIG. * Host Security * Host Hardening BIOS and boot loader (GRUB 2) security. Disable useless software and services, sysctl for security related kernel configuration, particularly ASLR, Exec-Shield and IP / ICMP configuration, Exec-Shield and IP / ICMP configuration, Limit resource usage. Work with chroot environments, Security advantages of virtualization. * Host Intrusion Detection The Linux Audit system, chkrootkit, rkhunter, including updates, Linux Malware Detect, Automate host scans using cron, AIDE, including rule management, OpenSCAP. * User Management and Authentication NSS and PAM, Enforce password policies. Lock accounts automatically after failed login attempts, SSSD, Configure NSS and PAM for use with SSSD, SSSD authentication against Active Directory, IPA, LDAP, Kerberos and local domains, Kerberos and local domains, Kerberos tickets. * FreeIPA Installation and Samba Integration FreeIPA, architecture and components. Install and manage a FreeIPA server and domain, Active Directory replication and Kerberos cross-realm trusts, sudo, autofs, SSH and SELinux integration in FreeIPA. * Access Control * Discretionary Access Control File ownership and permissions, SUID, SGID. Access control lists, extended attributes and attribute classes. * Mandatory Access Control TE, RBAC, MAC, DAC. SELinux, AppArmor and Smack. * etwork File Systems NFSv4 security issues and improvements, NFSv4 server and clients, NFSv4 authentication mechanisms (LIPKEY, SPKM, Kerberos), NFSv4 pseudo file system, NFSv4 ACLs. CIFS clients, CIFS Unix Extensions, CIFS security modes (NTLM, Kerberos), mapping and handling of CIFS ACLs and SIDs in a Linux system. * Network Security * Network Hardening FreeRADIUS, nmap, scan methods. Wireshark, filters and statistics. Rogue router advertisements and DHCP messages. * Network Intrusion Detection ntop, Cacti, bandwidth usage monitoring, Snort, rule management, OpenVAS, NASL. * Packet Filtering Firewall architectures, DMZ, netfilter, iptables and ip6tables, standard modules, tests and targets. IPv4 and IPv6 packet filtering. Connection tracking, NAT. IP sets and netfilter rules, nftables and nft. ebtables. conntrackd * Virtual Private Networks OpenVPN server and clients for both bridged and routed VPN networks. IPsec server and clients for routed VPN networks using IPsec-Tools / racoon. L2TP.

CWSP TRAINING COURSE DESCRIPTION A hands-on training course concentrating solely on WiFi security with an emphasis on the delegates learning the necessary knowledge and skills to pass the CWSP exam. The course progresses from simple authentication, encryption and key management onto in depth coverage of 802.X and EAP along with many other security solutions such as access control, intrusion prevention and secure roaming. WHAT WILL YOU LEARN * Demonstrate the threats to WiFi networks. * Secure WiFi networks. * Configure: WPA2 RADIUS 802.1x EAP * Pass the CWSP exam. CWSP TRAINING COURSE DETAILS * Who will benefit: Technical network staff. Technical security staff. * Prerequisites: Certified Wireless Network Associate. * Duration 5 days CWSP TRAINING COURSE CONTENTS * WLAN Security overview Standards, security basics, AAA, 802.11 security history. Hands on WLAN connectivity. * Legacy 802.11 security Authentication: Open system, shared key. WEP. VPNs. MAC filters. SSID segmentation, SSID cloaking. Hands on Analysing 802.11 frame exchanges, viewing hidden SSIDs. * Encryption Basics, AES, TKIP, CCMP, WPA, WPA2. Hands on Decrypting 802.11 data frames. * 802.11 layer 2 authentication 802.1X: Supplicant, Authenticator, Authentication server. Credentials. Legacy authentication. EAP, Weak EAP protocols, Strong EAP protocols: EAP -PEAP, EAP-TTLS, EAP-TLS, EAP-FAST. Hands on Analysing 802.1X/EAP frames. * 802.11 layer 2 dynamic key generation Robust Security Network. Hands on Authentication and key management. * SOHO 802.11 security WPA/WPA2 personal, Preshared Keys, WiFi Protected Setup (WPS). Hands on PSK mapping. * WLAN security infrastructure DS, Autonomous APs, WLAN controllers, split MAC, mesh, bridging, location based access control. Resilience. Wireless network management system. RADIUS/LDAP servers, PKI, RBAC. Hands on 802.1X/EAP configuration. RADIUS configuration. * 802.11 Fast secure roaming History, RSNA, OKC, Fast BSS transition, 802.11k. Hands on Roaming. * Wireless security risks Rogue devices, rogue prevention. Eavesdropping, DOS attacks. Public access and hotspots. Hands on Backtrack. * WiFi security auditing Layer 1 audit, layer 2 audit, pen testing. WLAN security auditing tools. * WiFi security monitoring Wireless Intrusion Detection and Prevention Systems. Device classification, WIDS/WIPS analysis. Monitoring. 802.11w. Hands on Laptop spectrum analysers. * VPNs, remote access, guest access Role of VPNs in 802.11, remote access, hotspots, captive portal. * Wireless security policies General policy, functional policy, recommendations.

C++ TRAINING COURSE DESCRIPTION A hands on introduction to programming in the C++ language. The course concentrates on aspects that will be new to experienced C programmers and so is not suitable for those without C knowledge. WHAT WILL YOU LEARN * Write C++ programs * Debug C++ programs. * Examine existing code and determine its function. * Use classes, function overloading, operator overloading, inheritance and virtual functions within C++ programs. C++ TRAINING COURSE DETAILS * Who will benefit: Programmers needing to write C++ code. Programmers needing to maintain C++ code. * Prerequisites: C programming foundation. * Duration 5 days C++ TRAINING COURSE CONTENTS * The origins of C++ C++ as a better C, C++ and Object Oriented Programming, encapsulation, polymorphism, inheritance. C++ standards. * Getting started Simple C++ programs. * Classes Basics, constructor and destructor functions, member and friend functions. Using objects. Default, copy and conversion constructors. * A better C Arrays, pointers and references, new and delete. Improved safety with smart pointers, Resource Acquisition in Initialization (RAII). * Functions in C++ Function overloading, default arguments, inline functions, Lambda functions. * Templates Template classes and functions. * Standard Library Containers, Iterators, algorithms, function objects. * Operator overloading Basics, binary operators, the this pointer, relational operators, unary operators. Members versus friends. * Inheritance Base class access control, protected members, multiple inheritance, virtual base classes. * More I/O Manipulators, customising inserters, extractors. File I/O. * Virtual functions Pointers to derived classes, run time polymorphism. * Exception handling Throwing errors, trying code and catching errors.

SUPPORTING MICROSOFT IIS TRAINING COURSE DESCRIPTION This course provides students with the fundamental knowledge and skills to configure and manage Internet Information Services. This course is intended to help provide pre-requisite skills supporting a broad range of Internet web applications, security, and knowledge to help support other products that use IIS such as Exchange and SharePoint. WHAT WILL YOU LEARN * Install IIS. * Configure IIS. * Secure websites. * Maintain IIS. SUPPORTING MICROSOFT IIS TRAINING COURSE DETAILS * Who will benefit: Technical staff working with Microsoft IIS. * Prerequisites: TCP/IP foundation for engineerss Supporting Windows ( XP or 2000 or 2003) * Duration 5 days SUPPORTING MICROSOFT IIS COURSE CONTENTS * Overview and Installing IIS Web Server infrastructure, installing IIS. Hands on Default install of IIS, verify and test.. * Configuring the default website Default website, IIS Manager, default IIS file structure, configuring DNS records for a website, creating virtual directories and Applications. Hands on Configuring the Default website for public access. Creating Virtual Directories and Applications. * Application Pools Application Pool Architecture, Application Pool recycling. Hands on Creating and managing Application Pools. * Creating additional websites Multiple websites on a single server, website bindings. Hands on Creating new websites. * Website and Web application support Configuring Common features, adding support for web applications. Hands on Adding support for web applications. * Securing Websites and applications Access control, sites, applications, authentication and permissions. URL authorization rules. Hands on Configuring Authentication and permissions. * Securing Data Transmissions with SSL Certificates and SSL, creating certificates for a web server, adding a certificate to a website. Hands on Certificates and HTTPS. * Using the Central Certificate Store The Central Certificate Store. Hands on Install and configure the Central Certificate Store. * Configuring Remote Administration Installing and Configuring the Management Service. Connecting to remote web servers and websites. Delegating Management Access. Hands on Remote administration. * Implementing FTP Implementing FTP, configuring an FTP site. Hands on Install and configure a secured FTP site. * Monitoring IIS IMonitoring IIS logs with Log Parser. Hands on Analyze a set of IIS log files for possible issues using Log Parser. Analyze performance data for performance related problems using PerfMon. * Backing up and Restoring IIS The IIS environment. Hands on Performing a backup and restore of a website. * Building Load-Balanced Web Farms Load-balancing mechanisms, building a Load-Balanced Web Farm using ARR, sharing content to a Web Farm using a network share, Sharing content to a Web Farm using DFS-R, Sharing IIS Configurations in a Web Farm. Hands on Installing and configuring ARR, sharing content to a Web Farm using network share and DFS-R, sharing IIS Configurations in a Web Farm.