1296 Network & Security courses

This CompTIA Advanced Security Practitioner (CASP) Online Training Diploma establishes knowledgeable professionals in the field of advanced security practices. At first you will learn about the enterprise security architecture, security technology and resource technology. Then you will learn security design and solutions, application security design, managing risk, security policies, security procedures and enterprise security integration. Finally, you will learn about security research and analysis, disaster recovery and business continuity, managing risk in projects, legal issues and judgment and decision-making. It involves applying critical thinking and judgment across a broad spectrum of security disciplines to propose and implement solutions that map to enterprise drivers. This course will prepare you to pass the exam CompTIA Advanced Security Practitioner (CASP). So, if you are interested to get this course don't delay to join now. COURSE HIGHLIGHTS * The price is for the whole course including final exam - no hidden fees * Accredited Certificate upon successful completion * Efficient exam system with instant results * Track progress within own personal learning portal * 24/7 customer support via live chat This valuable course is suitable for anyone interested in working in this sector or who simply wants to learn more about the topic. If you're an individual looking to excel within this field then CompTIA Advanced Security Practitioner (CASP) Online Training Diploma is for you. We've taken this comprehensive course and broken it down into several manageable modules which we believe will assist you to easily grasp each concept - from the fundamental to the most advanced aspects of the course. It really is a sure pathway to success. All our courses offer 12 months access and are designed to be studied at your own pace so you can take as much or as little time as you need to complete and gain the accredited qualification. We pride ourselves on having friendly and experienced instructors who provide full weekday support and are ready to help with any of your queries. So, if you need help, just drop them an email and await a speedy response. Furthermore, you can check the validity of your qualification and verify your certification on our website at anytime. So, why not improve your chances of gaining professional skills and better earning potential. ASSESSMENT AND CERTIFICATION At the end of the course, you will be required to sit an online multiple-choice test. Your test will be assessed automatically and immediately so that you will instantly know whether you have been successful. After you have successfully passed the final exam, you will be able to order an Accredited Certificate of Achievement at an additional cost of £19 for a PDF copy and £29 for an original print copy sent to you by post or for both £39. CAREER PATH Not only does our accredited course look good on your CV, setting you apart from the competition, it can be used as a stepping stone to greater things. Further advance your learning, launch a new career or reinvigorate an existing one. On successful completion of this course, you have the potential to achieve an estimated salary of £50,700. The sky really is the limit. COURSE CURRICULUM The Enterprise Security Architecture The Basics of Enterprise Security 01:00:00 Secure the Design of the Enterprise Infrastructure 00:10:00 Enterprise Security Requirements 00:09:00 The Enterprise Security Technology Common Network Security Components and Technologies 00:55:00 Communications and Collaboration Security 00:40:00 Cryptographic Tools and Techniques 00:56:00 Advanced Authentication 00:14:00 Enterprise Resource Technology Enterprise Storage Security Issues 01:18:00 Distributed, Shared, and Virtualized Computing 00:26:00 Cloud Computing and Security 00:10:00 Security Design and Solutions Network Security Design 02:22:00 Conduct a Security Assessment 00:55:00 Host Security 01:19:00 Managing Risk in Projects Create a Risk Management Plan 01:15:00 Identify Risks and Their Causes 00:11:00 Analyze Risks 00:19:00 Develop a Risk Response Plan 00:07:00 Integrating Advanced Authentication and Authorization Techniques Implement Authentication 00:19:00 Implement Advanced 00:07:00 Implementing Cryptographic Techniques Describe Cryptographic Concepts 00:19:00 Choose Cryptographic Techniques 00:21:00 Choose Cryptographic Implementation 00:07:00 Integrating Hosts, Storage, Networks, and Apps in a Secure Enterprise Architecture Implement Security Standards in the Enterprise 00:13:00 Select Technical Deployment Models 00:28:00 Secure the Design of the Enterprise Infrastructure 00:10:00 Secure Enterprise Application Integration Enablers 00:21:00 Security Research and Analysis Perform an Industry Trends and Impact Analysis 00:41:00 Perform an Enterprise Security Analysis 00:26:00 Disaster Recovery and Business Continuity BCP Fundamentals 00:21:00 BCP Implementation 00:10:00 DRP Fundamentals 00:18:00 Advanced Security Course 10 Topic D DRP Implementation 00:03:00 Responding to and Recovering from Incidents Design Systems to Facilitate Incident Response 00:14:00 Conduct Incident and Emergency Responses 00:20:00 Legal Issues Computer Crime Laws and Regulations 00:16:00 Computer Crime Incident Response 00:17:00 Judgment and Decision-Making Develop Critical Thinking Skills 00:12:00 Determine the Root of a Problem 00:06:00 Use Judgment to Make Sound Decisions 00:18:00 Mock Exam Final Exam

This CompTIA Advanced Security Practitioner (CASP) Online Training Diploma establishes knowledgeable professionals in the field of advanced security practices. At first you will learn about the enterprise security architecture, security technology and resource technology. Then you will learn security design and solutions, application security design, managing risk, security policies, security procedures and enterprise security integration. Finally, you will learn about security research and analysis, disaster recovery and business continuity, managing risk in projects, legal issues and judgment and decision-making. It involves applying critical thinking and judgment across a broad spectrum of security disciplines to propose and implement solutions that map to enterprise drivers. This course will prepare you to pass the exam CompTIA Advanced Security Practitioner (CASP). So, if you are interested to get this course don't delay to join now. COURSE HIGHLIGHTS * The price is for the whole course including final exam - no hidden fees * Accredited Certificate upon successful completion * Efficient exam system with instant results * Track progress within own personal learning portal * 24/7 customer support via live chat This valuable course is suitable for anyone interested in working in this sector or who simply wants to learn more about the topic. If you're an individual looking to excel within this field then CompTIA Advanced Security Practitioner (CASP) Online Training Diploma is for you. We've taken this comprehensive course and broken it down into several manageable modules which we believe will assist you to easily grasp each concept - from the fundamental to the most advanced aspects of the course. It really is a sure pathway to success. All our courses offer 12 months access and are designed to be studied at your own pace so you can take as much or as little time as you need to complete and gain the accredited qualification. We pride ourselves on having friendly and experienced instructors who provide full weekday support and are ready to help with any of your queries. So, if you need help, just drop them an email and await a speedy response. Furthermore, you can check the validity of your qualification and verify your certification on our website at anytime. So, why not improve your chances of gaining professional skills and better earning potential. ASSESSMENT AND CERTIFICATION At the end of the course, you will be required to sit an online multiple-choice test. Your test will be assessed automatically and immediately so that you will instantly know whether you have been successful. After you have successfully passed the final exam, you will be able to order an Accredited Certificate of Achievement at an additional cost of £19 for a PDF copy and £29 for an original print copy sent to you by post or for both £39. CAREER PATH Not only does our accredited course look good on your CV, setting you apart from the competition, it can be used as a stepping stone to greater things. Further advance your learning, launch a new career or reinvigorate an existing one. On successful completion of this course, you have the potential to achieve an estimated salary of £50,700. The sky really is the limit. COURSE CURRICULUM The Enterprise Security Architecture The Basics of Enterprise Security 01:00:00 Secure the Design of the Enterprise Infrastructure 00:10:00 Enterprise Security Requirements 00:09:00 The Enterprise Security Technology Common Network Security Components and Technologies 00:55:00 Communications and Collaboration Security 00:40:00 Cryptographic Tools and Techniques 00:56:00 Advanced Authentication 00:14:00 Enterprise Resource Technology Enterprise Storage Security Issues 01:18:00 Distributed, Shared, and Virtualized Computing 00:26:00 Cloud Computing and Security 00:10:00 Security Design and Solutions Network Security Design 02:22:00 Conduct a Security Assessment 00:55:00 Host Security 01:19:00 Managing Risk in Projects Create a Risk Management Plan 01:15:00 Identify Risks and Their Causes 00:11:00 Analyze Risks 00:19:00 Develop a Risk Response Plan 00:07:00 Integrating Advanced Authentication and Authorization Techniques Implement Authentication 00:19:00 Implement Advanced 00:07:00 Implementing Cryptographic Techniques Describe Cryptographic Concepts 00:19:00 Choose Cryptographic Techniques 00:21:00 Choose Cryptographic Implementation 00:07:00 Integrating Hosts, Storage, Networks, and Apps in a Secure Enterprise Architecture Implement Security Standards in the Enterprise 00:13:00 Select Technical Deployment Models 00:28:00 Secure the Design of the Enterprise Infrastructure 00:10:00 Secure Enterprise Application Integration Enablers 00:21:00 Security Research and Analysis Perform an Industry Trends and Impact Analysis 00:41:00 Perform an Enterprise Security Analysis 00:26:00 Disaster Recovery and Business Continuity BCP Fundamentals 00:21:00 BCP Implementation 00:10:00 DRP Fundamentals 00:18:00 Advanced Security Course 10 Topic D DRP Implementation 00:03:00 Responding to and Recovering from Incidents Design Systems to Facilitate Incident Response 00:14:00 Conduct Incident and Emergency Responses 00:20:00 Legal Issues Computer Crime Laws and Regulations 00:16:00 Computer Crime Incident Response 00:17:00 Judgment and Decision-Making Develop Critical Thinking Skills 00:12:00 Determine the Root of a Problem 00:06:00 Use Judgment to Make Sound Decisions 00:18:00 Mock Exam Final Exam

Duration 3 Days 18 CPD hours This course is intended for Security professionals. This module is intended for everyone who is involved in the implementation, evaluation and reporting of an information security program, such as an Information Security Manager (ISM), Information Security Officer (ISO) or a Line Manager, Process Manager or Project Manager with security responsibilities. Basic knowledge of Information Security is recommended, for instance through the EXIN Information Security Foundation based on ISO/IEC 27001 certification. Overview The module Information Security Management Professional based on ISO/IEC 27001 (ISMP.EN) tests understanding of the organizational and managerial aspects of information security.The subjects of this module are: Information security perspectives: business, customer, service provider/supplier Risk Management: analysis, controls, remaining risks Information security controls: organizational, technical, physical. Information security is the preservation of confidentiality, integrity and availability of information (ISO/IEC 27000 definition). Information security is gaining importance in the Information Technology (IT) world. Globalization of the economy is leading to an ever-increasing exchange of information between organizations (their staff, customers and suppliers) and an explosion in the use of networked computers and computing devices. The core activities of many companies completely rely on IT. Enterprise resource planning (ERP) management systems, the control systems that govern how a building runs or a manufacturing machine functions, day-to-day communications - everything - runs on computers. The vast majority of information - the most valuable commodity in the world - passes through IT. Information is crucial for the continuity and proper functioning of both individual organizations and the economies they fuel; this information must be protected against access by unauthorized people, protected against accidental or malicious modification or destruction and must be available when it is needed. Companies and individual users of technology are also beginning to understand how important security is and are beginning to make choices based on the security of the technology or service. INFORMATION SECURITY PERSPECTIVES * The candidate understands the business interest of information security * The canidate understands the customer perspective on governance * The candidate understands the supplierïs responsibilities in security assurance RISK MANGEMENT * The candidate understands the principles of risk management * The candidate knows how to control risks * The candidate knows how to deal with remaining risks INFORMATION SECURITY CONTROLS * The candidate has knowledge of organizational controls * The candidate has knowledge of technical controls * The candidate has knowledge of physical, employment-related and continuity controls

Duration 4 Days 24 CPD hours This course is intended for Risk professionals Business analysts Project managers Compliance professionals IT professionals Anyone whose work includes evaluating and mitigating risk Overview This boot camp prepares you to pass the ISACA CGEIT exam, which covers four domain areas designed to reflect the work performed by individuals who have a significant management, advisory or assurance role relating to the governance of IT. Domain 1: Governance of enterprise IT Domain 2: IT resources Domain 3: Benefits realization Domain 4: Risk optimization This CGEIT Boot Camp is designed for experienced IT governance personnel and those who have responsibilities for the stewardship of IT resources. You will learn how to effectively implement and manage governance across all areas of technology ? as well as align that technology with strategic enterprise goals. This training also explains the CGEIT examination process and helpsprepare you for your CGEIT exam by providing guidance and testing your exam readiness through sample questions. You?ll leave fully prepared to earn your CGEIT certification. COURSE OUTLINE * Domain 1: Governance of enterprise IT * Domain 2: IT resources * Domain 3: Benefits realization * Domain 4: Risk optimization

Duration 4 Days 24 CPD hours This course is intended for Security-operations (SecOps), or security, orchestration, automation, and response (SOAR) engineers, managed security service providers (MSSPs), service delivery partners, system integrators, and professional services engineers Overview This training is designed to enable a SOC, CERT, CSIRT, or SOAR engineer to start working with Cortex XSOAR integrations, playbooks, incident-page layouts, and other system features to facilitate resource orchestration, process automation, case management, and analyst workflow. The course includes coverage of a complete playbook-development process for automating a typical analyst workflow to address phishing incidents. This end-to-end view of the development process provides a framework for more focused discussions of individual topics that are covered in the course. The Cortex? XSOAR 6.8: Automation and Orchestration (EDU-380) course is four days of instructor-led training that will help you: Configure integrations, create tasks, and develop playbooks Build incident layouts that enable analysts to triage and investigate incidents efficiently Identify how to categorize event information and map that information to display fields Develop automations, manage content, indicator data, and artifact stores, schedule jobs, organize users and user roles, oversee case management, and foster collaboration This class is powered by Cloud Harmonics. COURSE OUTLINE * Module 1 - Core Functionality and Feature Sets * Module 2 - Enabling and Configuring Integrations * Module 3 - Playbook Development * Module 4 - Classification and Mapping * Module 5 - Layout Builder * Module 6 - Solution Architecture * Module 7 - Docker * Module 8 - Automation Development and Debugging * Module 9 - The Marketplace and Content Management * Module 10 - Indicators and Threat Intelligence Management * Module 11 - Jobs and Job Scheduling * Module 12 - Users and Role-Based Access Controls (RBAC) * Module 13 - Integration Development ADDITIONAL COURSE DETAILS: Nexus Humans Palo Alto Networks: Cortex XSOAR 6.8: Automation and Orchestration(EDU-380) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Palo Alto Networks: Cortex XSOAR 6.8: Automation and Orchestration(EDU-380) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

OVERVIEW By enroling in CompTIA Network+ Certification (N10-007), you can kickstart your vibrant career and strengthen your profound knowledge. You can learn everything you need to know about the topic. The CompTIA Network+ Certification (N10-007) course includes all of the most recent information to keep you abreast of the employment market and prepare you for your future. The curriculum for this excellent CompTIA Network+ Certification (N10-007) course includes modules at all skill levels, from beginner to expert. You will have the productivity necessary to succeed in your organisation once you have completed our CompTIA Network+ Certification (N10-007) Program. So enrol in our CompTIA Network+ Certification (N10-007) course right away if you're keen to envision yourself in a rewarding career. DESCRIPTION Enroling in this CompTIA Network+ Certification (N10-007) course can improve your CompTIA Network+ Certification (N10-007) perspective, regardless of your skill levels in the CompTIA Network+ Certification (N10-007) topics you want to master. If you're already a CompTIA Network+ Certification (N10-007) expert, this peek under the hood will provide you with suggestions for accelerating your learning, including advanced CompTIA Network+ Certification (N10-007) insights that will help you make the most of your time. This CompTIA Network+ Certification (N10-007) course will act as a guide for you if you've ever wished to excel at CompTIA Network+ Certification (N10-007). WHY CHOOSE US? * This course is accredited by the CPD Quality Standards. * Lifetime access to the whole collection of the learning materials. * Online test with immediate results. * Enroling in the course has no additional cost. * You can study and complete the course at your own pace. * Study for the course using any internet-connected device, such as a computer, tablet, or mobile device. CERTIFICATE OF ACHIEVEMENT Upon successful completion, you will qualify for the UK and internationally-recognised CPD certificate and you can choose to make your achievement formal by obtaining your PDF Certificate at a cost of £4.99 and Hardcopy Certificate for £9.99. WHO IS THIS COURSE FOR? This CompTIA Network+ Certification (N10-007) course is a great place to start if you're looking to start a new career in CompTIA Network+ Certification (N10-007) field. This training is for anyone interested in gaining in-demand CompTIA Network+ Certification (N10-007) proficiency to help launch a career or their business aptitude.  REQUIREMENTS The CompTIA Network+ Certification (N10-007) course requires no prior degree or experience. All you require is English proficiency, numeracy literacy and a gadget with stable internet connection. Learn and train for a prosperous career in the thriving and fast-growing industry of CompTIA Network+ Certification (N10-007), without any fuss. CAREER PATH This CompTIA Network+ Certification (N10-007) training will assist you develop your CompTIA Network+ Certification (N10-007) ability, establish a personal brand, and present a portfolio of relevant talents. It will help you articulate a  CompTIA Network+ Certification (N10-007) professional story and personalise your path to a new career. Furthermore, developing this CompTIA Network+ Certification (N10-007) skillset can lead to numerous opportunities for high-paying jobs in a variety of fields. ORDER YOUR CERTIFICATE To order CPD Quality Standard Certificate, we kindly invite you to visit the following link: COURSE CURRICULUM Section 01: Introduction Introduction 00:03:00 Section 02: Network Models What is a Model? 00:02:00 OSI vs. TCP/IP Model 00:07:00 Walking Through OSI and TCP/IP 00:12:00 Meet the Frame 00:06:00 The MAC Address 00:07:00 Broadcast vs. Unicast 00:04:00 Introduction to IP Addressing 00:08:00 Packets and Ports 00:05:00 Section 03: Cabling And Topology Network Topologies 00:10:00 Coaxial Cabling 00:05:00 Twisted Pair Cabling 00:06:00 Cat Ratings 00:06:00 Fiber Optic Cabling 00:09:00 Fire Ratings 00:05:00 Legacy Network Connections 00:07:00 Section 04: Ethernet Basics What is Ethernet? 00:07:00 Ethernet Frames 00:07:00 Early Ethernet 00:08:00 The Daddy of Ethernet, 10BaseT 00:03:00 Terminating Twisted Pair 00:14:00 Hubs vs. Switches 00:13:00 Section 05: Modern Ethernet 100BaseT 00:05:00 Connecting Switches 00:05:00 Gigabit Ethernet and 10-Gigabit Ethernet 00:05:00 Transceivers 00:07:00 Connecting Ethernet Scenarios 00:14:00 Section 06: Installing A Physical Network Introduction to Structured Cabling 00:04:00 Terminating Structured Cabling 00:08:00 Equipment Room 00:07:00 Alternative Distribution Panels 00:04:00 Testing Cable 00:09:00 Troubleshooting Structured Cabling, Part 1 00:05:00 Troubleshooting Structured Cabling, Part 2 00:05:00 Using a Toner and Probe 00:03:00 Wired Connection Scenarios 00:10:00 Section 07: TCP/IP Basics Introduction to IP Addressing and Binary 00:13:00 Introduction to ARP 00:04:00 Classful Addressing 00:10:00 Subnet Masks 00:12:00 Subnetting with CIDR 00:10:00 More CIDR Subnetting Practice 00:10:00 Dynamic and Static IP Addressing 00:18:00 Rogue DHCP Servers 00:07:00 Special IP Addresses 00:07:00 IP Addressing Scenarios 00:15:00 Section 08: Routing Introducing Routers 00:15:00 Understanding Ports 00:05:00 Network Address Translation 00:06:00 Implementing NAT 00:03:00 Forwarding Ports 00:18:00 Tour of a SOHO Router 00:12:00 SOHO vs. Enterprise 00:09:00 Static Routes 00:13:00 Dynamic Routing 00:11:00 RIP 00:04:00 OSPF 00:04:00 BGP 00:06:00 Section 09: TCP/IP Applications TCP and UDP 00:07:00 ICMP and IGMP 00:00:00 Handy Tools 00:07:00 Introduction to Wireshark 00:11:00 Introduction to netstat 00:09:00 Web Servers 00:12:00 FTP 00:12:00 E-mail Servers and Clients 00:09:00 Securing E-mail 00:06:00 Telnet and SSH 00:09:00 Network Time Protocol 00:02:00 Network Service Scenarios 00:10:00 Section 10: Network Naming Understanding DNS 00:12:00 Applying DNS 00:19:00 The Hosts File 00:04:00 Net Command 00:08:00 Windows Name Resolution 00:11:00 Dynamic DNS 00:05:00 DNS Troubleshooting 00:13:00 Section 11: Securing TCP/IP Making TCP/IP Secure 00:04:00 Symmetric Encryption 00:06:00 Asymmetric Encryption 00:03:00 Cryptographic Hashes 00:05:00 Identification 00:12:00 Access Control 00:04:00 AAA 00:05:00 Kerberos/EAP 00:08:00 Single Sign-On 00:10:00 Certificates and Trust 00:14:00 Certificate Error Scenarios 00:08:00 Section 12: Advanced Networking Devices Understanding IP Tunneling 00:06:00 Virtual Private Networks 00:13:00 Introduction to VLANs 00:12:00 InterVLAN Routing 00:03:00 Interfacing with Managed Switches 00:11:00 Switch Port Protection 00:07:00 Port Bonding 00:07:00 Port Mirroring 00:04:00 Quality of Service 00:05:00 IDS vs. IPS 00:04:00 Proxy Servers 00:13:00 Load Balancing 00:09:00 Device Placement Scenarios 00:13:00 Section 13: IPv6 Introduction to IPv6 00:13:00 IPv6 Addressing 00:15:00 IPv6 in Action 00:13:00 IPv4 and IPv6 Tunneling 00:05:00 Section 14: Remote Connectivity Telephony Technologies 00:09:00 Optical Carriers 00:03:00 Packet Switching 00:05:00 Connecting with Dial-up 00:05:00 Digital Subscriber Line (DSL) 00:05:00 Connecting with Cable Modems 00:04:00 Connecting with Satellites 00:03:00 ISDN and BPL 00:04:00 Remote Desktop Connectivity 00:05:00 Advanced Remote Control Systems 00:09:00 Section 15: Wireless Networking Introduction to 802.11 00:12:00 802.11 Standards 00:12:00 Power over Ethernet (PoE) 00:04:00 Antennas 00:09:00 Wireless Security Standards 00:16:00 Implementing Wireless Security 00:07:00 Threats to Your Wireless Network 00:07:00 Retro Threats 00:05:00 Wi-Fi Protected Setup (WPS) 00:05:00 Enterprise Wireless 00:06:00 Installing a Wireless Network 00:15:00 Wireless Scenarios 00:07:00 More Wireless Scenarios 00:09:00 Section 16: Virtualization And Cloud Computing Virtualization Basics 00:07:00 Cloud Ownership 00:03:00 Cloud Implementation 00:12:00 Your First Virtual Machine 00:09:00 NAS and SAN 00:16:00 Platform as a Service (PaaS) 00:09:00 Software as a Service (SaaS) 00:03:00 Infrastructure as a Service (IaaS) 00:10:00 Section 17: Mobile Networking Cellular Technologies 00:05:00 Mobile Connectivity 00:07:00 Deploying Mobile Devices 00:05:00 Mobile Access Control 00:06:00 Section 18: Building A Real-World Network Network Types 00:04:00 Network Design 00:10:00 Power Management 00:06:00 Unified Communications 00:11:00 Network Documentation 00:07:00 Contingency Planning 00:10:00 Predicting Hardware Failure 00:05:00 Backups 00:08:00 Section 19: Managing Risk What is Risk Management? 00:06:00 Security Policies 00:08:00 Change Management 00:07:00 User Training 00:03:00 Standard Business Documentation 00:05:00 Mitigating Network Threats 00:05:00 High Availability 00:05:00 Section 20: Protecting Your Network Denial of Service 00:09:00 Malware 00:10:00 Social Engineering 00:04:00 Access Control 00:08:00 Man-in-the-Middle 00:22:00 Introduction to Firewalls 00:05:00 Firewalls 00:10:00 DMZ 00:06:00 Hardening Devices 00:14:00 Physical Security Controls 00:09:00 Testing Network Security 00:08:00 Network Protection Scenarios 00:14:00 Section 21: Network Monitoring SNMP 00:15:00 Documenting Logs 00:09:00 System Monitoring 00:08:00 SIEM (Security Information and Event Management) 00:07:00 Section 22: Network Troubleshooting Network Troubleshooting Theory 00:05:00 Order Your Certificate Order Your Certificate 00:00:00

Duration 3 Days 18 CPD hours This course is intended for This class is intended for the following job roles: [Cloud] information security analysts, architects, and engineers Information security/cybersecurity specialists Cloud infrastructure architects Additionally, the course is intended for Google and partner field personnel who work with customers in those job roles. The course should also be useful to developers of cloud applications Overview This course teaches participants the following skills: Understanding the Google approach to security Managing administrative identities using Cloud Identity. Implementing least privilege administrative access using Google Cloud Resource Manager, Cloud IAM. Implementing IP traffic controls using VPC firewalls and Cloud Armor Implementing Identity Aware Proxy Analyzing changes to the configuration or metadata of resources with GCP audit logs Scanning for and redact sensitive data with the Data Loss Prevention API Scanning a GCP deployment with Forseti Remediating important types of vulnerabilities, especially in public access to data and VMs This course gives participants broad study of security controls and techniques on Google Cloud Platform. Through lectures, demonstrations, and hands-on labs, participants explore and deploy the components of a secure Google Cloud solution. Participants also learn mitigation techniques for attacks at many points in a Google Cloud-based infrastructure, including Distributed Denial-of-Service attacks, phishing attacks, and threats involving content classification and use. FOUNDATIONS OF GCP SECURITY * Google Cloud's approach to security * The shared security responsibility model * Threats mitigated by Google and by GCP * Access Transparency CLOUD IDENTITY * Cloud Identity * Syncing with Microsoft Active Directory * Choosing between Google authentication and SAML-based SSO * GCP best practices IDENTITY AND ACCESS MANAGEMENT * GCP Resource Manager: projects, folders, and organizations * GCP IAM roles, including custom roles * GCP IAM policies, including organization policies * GCP IAM best practices CONFIGURING GOOGLE VIRTUAL PRIVATE CLOUD FOR ISOLATION AND SECURITY * Configuring VPC firewalls (both ingress and egress rules) * Load balancing and SSL policies * Private Google API access * SSL proxy use * Best practices for structuring VPC networks * Best security practices for VPNs * Security considerations for interconnect and peering options * Available security products from partners MONITORING, LOGGING, AUDITING, AND SCANNING * Stackdriver monitoring and logging * VPC flow logs * Cloud audit logging * Deploying and Using Forseti SECURING COMPUTE ENGINE: TECHNIQUES AND BEST PRACTICES * Compute Engine service accounts, default and customer-defined * IAM roles for VMs * API scopes for VMs * Managing SSH keys for Linux VMs * Managing RDP logins for Windows VMs * Organization policy controls: trusted images, public IP address, disabling serial port * Encrypting VM images with customer-managed encryption keys and with customer-supplied encryption keys * Finding and remediating public access to VMs * VM best practices * Encrypting VM disks with customer-supplied encryption keys SECURING CLOUD DATA: TECHNIQUES AND BEST PRACTICES * Cloud Storage and IAM permissions * Cloud Storage and ACLs * Auditing cloud data, including finding and remediating publicly accessible data * Signed Cloud Storage URLs * Signed policy documents * Encrypting Cloud Storage objects with customer-managed encryption keys and with customer-supplied encryption keys * Best practices, including deleting archived versions of objects after key rotation * BigQuery authorized views * BigQuery IAM roles * Best practices, including preferring IAM permissions over ACLs PROTECTING AGAINST DISTRIBUTED DENIAL OF SERVICE ATTACKS: TECHNIQUES AND BEST PRACTICES * How DDoS attacks work * Mitigations: GCLB, Cloud CDN, autoscaling, VPC ingress and egress firewalls, Cloud Armor * Types of complementary partner products APPLICATION SECURITY: TECHNIQUES AND BEST PRACTICES * Types of application security vulnerabilities * DoS protections in App Engine and Cloud Functions * Cloud Security Scanner * Threat: Identity and Oauth phishing * Identity Aware Proxy CONTENT-RELATED VULNERABILITIES: TECHNIQUES AND BEST PRACTICES * Threat: Ransomware * Mitigations: Backups, IAM, Data Loss Prevention API * Threats: Data misuse, privacy violations, sensitive/restricted/unacceptable content * Mitigations: Classifying content using Cloud ML APIs; scanning and redacting data using Data Loss Prevention API ADDITIONAL COURSE DETAILS: Nexus Humans Security in Google Cloud training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Security in Google Cloud course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for The intended audience for this comprehensive course on Information Assurance and STIGs includes professionals with roles such as: IT professionals - System administrators, network engineers, and security analysts who are responsible for maintaining and securing IT infrastructure and web applications. Developers - Software engineers and web developers who design, implement, and maintain web applications, and need to integrate security best practices throughout the development process. Project teams - Cross-functional teams that collaborate on application development projects, including members from development, testing, and deployment teams. Technical leads - Senior software engineers or architects who oversee technical aspects of projects and ensure the implementation of secure design and coding practices. Project managers - Professionals responsible for planning, executing, and closing projects, ensuring that security requirements are met throughout the project lifecycle. Overview Working in an interactive learning environment, guided by our application security expert, you'll explore: The concepts and terminology behind defensive coding Threat Modeling as a tool in identifying software vulnerabilities based on realistic threats against meaningful assets The entire spectrum of threats and attacks that take place against software applications in today's world The role that static code reviews and dynamic application testing to uncover vulnerabilities in applications The vulnerabilities of programming languages as well as how to harden installations The basics of Cryptography and Encryption and where they fit in the overall security picture The requirements and best practices for program management as specified in the STIGS The processes and measures associated with the Secure Software Development (SSD) The basics of security testing and planning Understand the concepts and terminology behind defensive coding Understand Threat Modeling as a tool in identifying software vulnerabilities based on realistic threats against meaningful assets Learn the entire spectrum of threats and attacks that take place against software applications in today's world Discuss the role that static code reviews and dynamic application testing to uncover vulnerabilities in applications Understand the vulnerabilities of programming language as well as how to harden installations Understand the basics of Cryptography and Encryption and where they fit in the overall security picture Understand the fundamentals of XML Digital Signature and XML Encryption as well as how they are used within the web services arena Understand the requirements and best practices for program management as specified in the STIGS Understand the processes and measures associated with the Secure Software Development (SSD) Understand the basics of security testing and planning The Information Assurance (STIG) Overview is a comprehensive two-day course that delves into the realm of Information Assurance, empowering you to enhance your cybersecurity skills, understand the essentials of STIGs, and discover cutting-edge web application security practices. This immersive experience is tailored for IT professionals, developers, project teams, technical leads, project managers, testing/QA personnel, and other key stakeholders who seek to expand their knowledge and expertise in the evolving cybersecurity landscape. The course focuses on the intricacies of best practices for design, implementation, and deployment, inspired by the diverse and powerful STIGs, ultimately helping participants become more proficient in application security.The first half of the course covers the foundations of DISA's Security Technical Implementation Guides (STIGs) and learn the ethical approach to bug hunting, while exploring the language of cybersecurity and dissecting real-life case studies. Our expert instrtors will guide you through the importance of respecting privacy, working with bug bounty programs, and avoiding common mistakes in the field.The next half delves into the core principles of information security and application protection, as you learn how to identify and mitigate authentication failures, SQL injections, and cryptographic vulnerabilities. You?ll gain experience with STIG walkthroughs and discover the crucial steps for securing web applications.Throughout the course, you'll also explore the fundamentals of application security and development, including checklists, common practices, and secure development lifecycle (SDL) processes. You?ll learn from recent incidents and acquire actionable strategies to strengthen your project teams and IT organizations. You'll also have the opportunity to explore asset analysis and design review methodologies to ensure your organization is prepared to face future cybersecurity challenges. DISA'S SECURITY TECHNICAL IMPLEMENTATION GUIDES (STIGS) * The motivations behind STIGs * Requirements that the various software development roles must meet * Implementing STIG requirements and guidelines WHY HUNT BUGS? * The Language of CyberSecurity * The Changing Cybersecurity Landscape * AppSec Dissection of SolarWinds * The Human Perimeter * Interpreting the 2021 Verizon Data Breach Investigation Report * First Axiom in Web Application Security Analysis * First Axiom in Addressing ALL Security Concerns * Lab: Case Study in Failure SAFE AND APPROPRIATE BUG HUNTING/HACKING * Working Ethically * Respecting Privacy * Bug/Defect Notification * Bug Bounty Programs * Bug Hunting Mistakes to Avoid PRINCIPLES OF INFORMATION SECURITY * Secuity Is a Lifecycle Issue * Minimize Attack Surface Area * Layers of Defense: Tenacious D * Compartmentalize * Consider All Application States * Do NOT Trust the Untrusted IDENTIFICATION AND AUTHENTICATION FAILURES * Applicable STIGs * Quality and Protection of Authentication Data * Proper hashing of passwords * Handling Passwords on Server Side * Session Management * HttpOnly and Security Headers * Lab: STIG Walk-Throughs INJECTION * Applicable STIGs * Injection Flaws * SQL Injection Attacks Evolve * Drill Down on Stored Procedures * Other Forms of Server-Side Injection * Minimizing Injection Flaws * Client-side Injection: XSS * Persistent, Reflective, and DOM-Based XSS * Best Practices for Untrusted Data * Lab: STIG Walk-Throughs APPLICATIONS: WHAT NEXT? * Common Vulnerabilities and Exposures * CWE/SANS Top 25 Most Dangerous SW Errors * Strength Training: Project Teams/Developers * Strength Training: IT Organizations CRYPTOGRAPHIC FAILURES * Applicable STIGs * Identifying Protection Needs * Evolving Privacy Considerations * Options for Protecting Data * Transport/Message Level Security * Weak Cryptographic Processing * Keys and Key Management * Threats of Quantum Computing * Steal Now, Crack Later Threat * Lab: STIG Walk-Throughs APPLICATION SECURITY AND DEVELOPMENT CHECKLISTS * Checklist Overview, Conventions, and Best Practices * Leveraging Common AppSec Practices and Control * Actionable Application Security * Additional Tools for the Toolbox * Strength Training: Project Teams/Developers * Strength Training: IT Organizations * Lab: Recent Incidents SDL OVERVIEW * Attack Phases: Offensive Actions and Defensive Controls * Secure Software Development Processes * Shifting Left * Actionable Items Moving Forward * Lab: Design Study Review ASSET ANALYSIS * Asset Analysis Process * Types of Application-Related Assets * Adding Risk Escalators * Discovery and Recon DESIGN REVIEW * Asset Inventory and Design * Assets, Dataflows, and Trust Boundaries * Risk Escalators in Designs * Risk Mitigation Options

Duration 5 Days 30 CPD hours This course is intended for Sr. Systems Administrator Cloud Engineer Systems Engineer Sr. Network Administrator Sr. Network Engineer Cloud Specialist Cloud Project Manager Overview After completion of this course you will be able to describe: Cloud architecture and design Security within the cloud Automation and virtualization Troubleshooting and Disaster recovery High availability  This course covers in depth the skills and abilities needed to operate in the cloud, validating that candidates have the technical experience needed to deploy, secure, and automate environments regardless of the vendor solution. UNDERSTANDING CLOUD CONCEPTS * Topic 1A: Recognize Cloud Concepts * Topic 1B: Recognize Cloud Terms * Topic 1C: Understand the Troubleshooting Methodology * * PLANNING AND DESIGNING A CLOUD ENVIRONMENT * Topic 2A: Meet Cloud Business Requirements * Topic 2B: Design Capacity Planning and Requirements ADMINISTERING CLOUD RESOURCES * Topic 3A: Manage Cloud Administration * Topic 3B: Manage Compute Resources in the Cloud * Topic 3C: Manage Memory Resources MANAGING CLOUD STORAGE * Topic 4A: Understand Cloud Storage Types * Topic 4B: Configure Cloud Storage Solutions * Topic 4C: Configure Cloud Storage Protocols and RAID MANAGING NETWORKS IN THE CLOUD * Topic 5A: Deploying Cloud Network Services * Topic 5B: Identify Cloud Network Infrastructure Components * SECURING AND TROUBLESHOOTING NETWORKS IN THE CLOUD * Topic 6A: Secure a Network in a Cloud Environment * Topic 6B: Troubleshooting Cloud Connectivity MANAGING CLOUD MIGRATIONS AND TROUBLESHOOTING CLOUD DEPLOYMENTS * Topic 7A: Manage Cloud Migrations * Topic 7B: Troubleshoot Cloud Deployment and Migration Issues MANAGING CLOUD AUTOMATION AND ORCHESTRATION * Topic 8A: Understand Cloud Automation and Orchestration Techniques * Topic 8B: Troubleshoot Automation and Orchestration in the Cloud UNDERSTANDING CLOUD SECURITY CONCEPTS * Topic 9A: Administer Identity and Access Management in the Cloud * Topic 9B: Manage Cloud Operating System and * Application Security * Topic 9C: Manage Data Security and Compliance in the Cloud MANAGING CLOUD SECURITY * Topic 10A: Implement Security Measures in the Cloud Domain * Topic 10B: Troubleshoot Cloud Security MANAGING CLOUD PERFORMANCE * Topic 11A: Operate Efficiently in the Cloud * Topic 11B: Accomplish Cloud Operations Tasks * Topic 11C: Optimize Cloud Resources * Topic 11D: Troubleshoot Common Cloud Performance Problems MANAGING MAINTENANCE IN THE CLOUD * Topic 12A: Configure Logs, Monitoring, and Alerting for Cloud Services * Topic 12B: Manage Backup and Restore in the Cloud IMPLEMENTING HIGH AVAILABILITY AND DISASTER RECOVERY IN THE CLOUD * Topic 13A: Understand High Availability and Scaling in the Cloud * Topic 13B: Manage Disaster Recovery in the Cloud * Topic 13C: Incident Response ADDITIONAL COURSE DETAILS: Nexus Humans Cloud Fundamentals training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Cloud Fundamentals course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 4 Days 24 CPD hours This course is intended for Information Assurance Managers/Auditors System Implementors/administrators IT Administrators Auditors/Auditees Federal Agencies/Contractors Security Vendors and Consulting Groups Overview Upon completion, the IS20 Security Controls candidate will be able to not only competently take the IS20 Controls exam but will also have an understanding of how to implement the top 20 most critical controls in the work place. IS20 controls are the Top Twenty Most Critical Security Controls in Information Technology.ÿ This 4 day training course covers proven tools and methodologies needed to execute and analyze the Top Twenty Most Critical Security Controls. Nearly all organizations that maintain sensitive information are adopting these Security Controls. These controls were chosen by leading government and private organizations who are experts on how attacks work and what can be done to prevent them from happening. The controls were selected as the best way to block known attacks as well as help search for and alleviate any damage from the attacks that are successful. This course allows the security professional to see how to implement controls in an existing network through highly effective and economical automation. For management, this training is the best way to distinguish how you will assess whether these security controls are effectively being administered. INTRODUCTION * Critical Control 1 * Critical Control 2 * Critical Control 3 * Critical Control 4 * Critical Control 5 * Critical Control 6 * Critical Control 7 * Critical Control 8 * Critical Control 9 * Critical Control 10 * Critical Control 11 * Critical Control 12 * Critical Control 13 * Critical Control 14 * Critical Control 15 * Critical Control 16 * Critical Control 17 * Critical Control 18 * Critical Control 19 * Critical Control 20