340 Audit courses in Birmingham delivered Live Online

Duration 5 Days 30 CPD hours This course is intended for The CCSP is ideal for IT and information security leaders responsible for applying best practices to cloud security architecture, design, operations and service orchestration. Overview Upon completing this course, the participants will gain valuable knowledge and skills including the ability to: - Successfully pass the CCSP exam. - Understand the fundamentals of the cloud computing architecture framework. - Understand security challenges associated with different types of cloud services. - Identify and evaluate security risks for their organization?s cloud environments. - Select and implement appropriate controls to ensure secure implementation of cloud services. - Thoroughly understand the 6 essential core domains of the CCSP common body of knowledge: 1. Architectural Concepts & Design Requirements 2. Cloud Data Security 3. Cloud Platform & Infrastructure Security 4. Cloud Application Security 5. Operations 6. Legal & Compliance The goal of the course is to prepare professionals for the challenging CCSP exam by covering the objectives of the exam based on the six domains as defined in the (ISC)2 CCSP common body of knowledge. 1 - Architectural Concepts and Design Requirements Cloud Computing Concepts Cloud Reference Architecture Cloud Computing Security Concepts Design Principles of Secure Cloud Computing Trusted Cloud Services 2 - Cloud Data Security CSA (Cloud Security Alliance) Cloud Data Lifecycle Cloud Data Storage Architectures Data Security Strategies Data Discovery and Classification Technologies Protecting Privacy and PII (Personally Identifiable Information) Data Rights Management Data Retention, Deletion, and Archiving Policies Auditability, Traceability, and Accountability of Data Events 3 - Cloud Platform and Infrastructure Security Cloud Infrastructure Components Cloud Infrastructure Risks Designing and Planning Security Controls Disaster Recovery and Business Continuity Management 4 - Cloud Application Security The Need for Security Awareness and Training in application Security Cloud Software Assurance and Validation Verified Secure Software SDLC (Software Development Life Cycle) Process Secure SDLC Specifics of Cloud Application Architecture Secure IAM (Identity and Access Management) Solutions 5 - Operations Planning Process for the Data Center Design Installation and Configuration of Physical Infrastructure for Cloud Environment Running Physical Infrastructure for Cloud Environment Managing Physical Infrastructure for Cloud Environment Installation and Configuration of Logical Infrastructure for Cloud Environment Running Logical Infrastructure for Cloud Environment Managing Logical Infrastructure for Cloud Environment Compliance with Regulations and Controls Risk Assessment for Logical and Physical Infrastructure Collection, Acquisition, and Preservation of Digital Evidence Managing Communication with Stakeholders 6 - Legal and Compliance Legal Requirements and Unique Risks within the Cloud Environment Relevant Privacy and PII Laws and Regulations Audit Process, Methodologies, and Required Adaptions for a Cloud Environment Implications of Cloud to Enterprise Risk Management Outsourcing and Cloud Contract Design Vendor Management

Duration 1 Days 6 CPD hours This course is intended for The audience for this course is looking to familiarize themselves with the fundamentals of security, compliance, and identity (SCI) across cloud-based and related Microsoft services. The content for this course aligns to the SC-900 exam objective domain. Candidates should be familiar with Microsoft Azure and Microsoft 365 and understand how Microsoft security, compliance, and identity solutions can span across these solution areas to provide a holistic and end-to-end solution. Before attending this course, students must have: General understanding of networking and cloud computing concepts. General IT knowledge or any general experience working in an IT environment. General understanding of Microsoft Azure and Microsoft 365. This course provides foundational level knowledge on security, compliance, and identity concepts and related cloud-based Microsoft solutions. Prerequisites General understanding of networking and cloud computing concepts. General IT knowledge or any general experience working in an IT environment. General understanding of Microsoft Azure and Microsoft 365. 1 - Describe security and compliance concepts Describe the shared responsibility model Describe defense in depth Describe the Zero Trust model Describe governance, risk, and compliance (GRC) concepts 2 - Describe identity concepts Define authentication and authorization Define identity as the primary security perimeter Describe the role of the identity provider Describe the concept of directory services and Active Directory Describe the concept of federation 3 - Describe the function and identity types of Microsoft Entra ID Describe Microsoft Entra ID Describe types of identities Describe hybrid identity Describe external identities 4 - Describe the authentication capabilities of Microsoft Entra ID Describe authentication methods Describe multifactor authentication Describe self-service password reset Describe password protection and management capabilities 5 - Describe access management capabilities of Microsoft Entra ID Describe Conditional Access Describe Microsoft Entra roles and role-based access control (RBAC) 6 - Describe the identity protection and governance capabilities of Azure AD Describe Microsoft Entra ID Governance Describe access reviews Describe entitlement management Describe the capabilities of Privileged identity Management Describe Microsoft Entra ID Protection Describe Microsoft Entra Permissions Management Describe Microsoft Entra Verified ID 7 - Describe core infrastructure security services in Azure Describe Azure DDoS protection Describe Azure Firewall Describe Web Application Firewall Describe network segmentation in Azure Describe Azure Network Security Groups Describe Azure Bastion Describe Azure Key Vault 8 - Describe the security management capabilities in Azure Describe Microsoft Defender for Cloud Describe how security policies and initiatives improve cloud security posture Describe Cloud security posture management Describe the enhanced security of Microsoft Defender for Cloud Describe DevOps security management 9 - Describe security capabilities of Microsoft Sentinel Describe threat detection and mitigation capabilities in Microsoft Sentinel Describe Microsoft Security Copilot 10 - Describe threat protection with Microsoft Defender XDR Describe Microsoft Defender XDR services Describe Microsoft Defender for Office 365 Describe Microsoft Defender for Endpoint Describe Microsoft Defender for Cloud Apps Describe Microsoft Defender for Identity Describe Microsoft Defender Vulnerability Management Describe Microsoft Defender Threat Intelligence Describe the Microsoft Defender portal 11 - Describe Microsoft?s Service Trust portal and privacy capabilities Describe the offerings of the Service Trust portal Describe Microsoft's privacy principles Describe Microsoft Priva 12 - Describe the compliance management capabilities in Microsoft Purview Describe the Microsoft Purview compliance portal Describe Compliance Manager Describe use and benefits of compliance score 13 - Describe information protection, data lifecycle management, and data governance capabilities in Microsoft Purview Know your data, protect your data, and govern your data Describe the data classification capabilities of the compliance portal Describe sensitivity labels and policies Describe data loss prevention Describe retention policies and retention labels Describe records management Describe the Microsoft Purview unified data governance solution 14 - Describe the insider risk capabilities in Microsoft Purview Describe insider risk management Describe communication compliance 15 - Describe the eDiscovery and Audit capabilities in Microsoft Purview Describe the eDiscovery solutions in Microsoft Purview Describe the audit solutions in Microsoft Purview

Duration 5 Days 30 CPD hours This course is intended for This course is intended for Administrator, Database Administrator, Security Specialist, and Systems Administrator. Overview Upon successful completion of this course, students will be able to Enumerate Oracle auditing solutions to monitor database security requirements, Implement Oracle Audit Vault and Database Firewall, Configure Oracle Audit Vault and Database Firewall, Explain Oracle Compliance Framework, and Configure basic Compliance Framework rules. In the Oracle Database Security: Detective Controls course, students learn how they can use Oracle Database administration auditing features to meet the compliance requirements of their organization. IntroductionUsing Unified AuditUsing Fine-Grained AuditIntroduction to Oracle Audit Vault and Database Firewall (AVDF)Planning the Oracle Audit Vault and Database Firewall ImplementationInstalling the Audit Vault ServerConfiguring the Audit Vault ServerConfiguring Oracle AVDF and Deploying the Audit Vault AgentNetworking and Oracle AVDFInstalling a Database FirewallConfiguring Oracle AVDF and Deploying Database FirewallUsing Host MonitoringConfiguring High AvailabilityCreating Custom Collection Plug-insManaging the Audit Vault ServerManaging the Database FirewallsOverview of the Auditing and Reporting FeaturesPerforming Administrative TasksCreating Audit Policies for Oracle DatabasesCreating Database Firewall PoliciesOracle AVDF ReportsManaging Entitlements Additional course details: Nexus Humans Oracle Database Security - Detective Controls training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Oracle Database Security - Detective Controls course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

  ISO 37001 Foundation training enables you to learn the basic elements to implement and manage an Anti-bribery Management System (ABMS) as specified in ISO 37001. About This Course   During this training course, you will be able to understand the different modules of an ABMS, including ABMS policy, procedures, performance measurements, management commitment, internal audit, management review and continual improvement.   After completing this course, you can sit for the exam and gain "Certified ISO 37001 Foundation' credential. An IECB Foundation Certificate shows that you have understood the fundamental methodologies, requirements, framework and management approach.   Learning objectives   Understand the elements and operations of an Anti-bribery Management System and its principal processes Acknowledge the correlation between ISO 37001 and other standards and regulatory frameworks Understand the approaches, methods and techniques used for the implementation and management of an ABMS   Educational approach   Lecture sessions are illustrated with practical questions and examples Practical exercises include examples and discussions Practice tests are similar to the Certification Exam Prerequisites   There are no prerequisites for this course. What's Included?   Refreshments & Lunch (Classroom courses only) Course Slide Deck Official Study Guides The Exam fees Who Should Attend?   Individuals concerned about Anti-bribery Management Individuals seeking to gain knowledge about the main processes of Anti-bribery Management Systems (ABMS) Individuals interested to pursue a career in Anti-bribery Management Accreditation Assessment   The examination consists of 40 multiple choice questions stemming from the course materials. The exam should be completed within 60 minutes, with a 70% pass mark. Exam results are provided within 24 hours. Provided by   This course is accredited by NACS and Administered by the IECB

Securing UNIX systems training course description This course teaches you everything you need to know to build a safe Linux environment. The first section handles cryptography and authentication with certificates, openssl, mod_ssl, DNSSEC and filesystem encryption. Then Host security and hardening is covered with intrusion detection, and also user management and authentication. Filesystem Access control is then covered. Finally network security is covered with network hardening, packet filtering and VPNs. What will you learn Secure UNIX accounts. Secure UNIX file systems. Secure UNIX access through the network. Securing UNIX systems course details Who will benefit: Linux technical staff needing to secure their systems. Prerequisites: Linux system administration (LPIC-1) Duration 5 days Securing UNIX systems course contents Cryptography Certificates and Public Key Infrastructures X.509 certificates, lifecycle, fields and certificate extensions. Trust chains and PKI. openssl. Public and private keys. Certification authority. Manage server and client certificates. Revoke certificates and CAs. Encryption, signing and authentication SSL, TLS, protocol versions. Transport layer security threats, e.g. MITM. Apache HTTPD with mod_ssl for HTTPS service, including SNI and HSTS. HTTPD with mod_ssl to authenticate users using certificates. HTTPD with mod_ssl to provide OCSP stapling. Use OpenSSL for SSL/TLS client and server tests. Encrypted File Systems Block device and file system encryption. dm-crypt with LUKS to encrypt block devices. eCryptfs to encrypt file systems, including home directories and, PAM integration, plain dm-crypt and EncFS. DNS and cryptography DNSSEC and DANE. BIND as an authoritative name server serving DNSSEC secured zones. BIND as an recursive name server that performs DNSSEC validation, KSK, ZSK, Key Tag, Key generation, key storage, key management and key rollover, Maintenance and resigning of zones, Use DANE. TSIG. Host Security Host Hardening BIOS and boot loader (GRUB 2) security. Disable useless software and services, sysctl for security related kernel configuration, particularly ASLR, Exec-Shield and IP / ICMP configuration, Exec-Shield and IP / ICMP configuration, Limit resource usage. Work with chroot environments, Security advantages of virtualization. Host Intrusion Detection The Linux Audit system, chkrootkit, rkhunter, including updates, Linux Malware Detect, Automate host scans using cron, AIDE, including rule management, OpenSCAP. User Management and Authentication NSS and PAM, Enforce password policies. Lock accounts automatically after failed login attempts, SSSD, Configure NSS and PAM for use with SSSD, SSSD authentication against Active Directory, IPA, LDAP, Kerberos and local domains, Kerberos and local domains, Kerberos tickets. FreeIPA Installation and Samba Integration FreeIPA, architecture and components. Install and manage a FreeIPA server and domain, Active Directory replication and Kerberos cross-realm trusts, sudo, autofs, SSH and SELinux integration in FreeIPA. Access Control Discretionary Access Control File ownership and permissions, SUID, SGID. Access control lists, extended attributes and attribute classes. Mandatory Access Control TE, RBAC, MAC, DAC. SELinux, AppArmor and Smack. etwork File Systems NFSv4 security issues and improvements, NFSv4 server and clients, NFSv4 authentication mechanisms (LIPKEY, SPKM, Kerberos), NFSv4 pseudo file system, NFSv4 ACLs. CIFS clients, CIFS Unix Extensions, CIFS security modes (NTLM, Kerberos), mapping and handling of CIFS ACLs and SIDs in a Linux system. Network Security Network Hardening FreeRADIUS, nmap, scan methods. Wireshark, filters and statistics. Rogue router advertisements and DHCP messages. Network Intrusion Detection ntop, Cacti, bandwidth usage monitoring, Snort, rule management, OpenVAS, NASL. Packet Filtering Firewall architectures, DMZ, netfilter, iptables and ip6tables, standard modules, tests and targets. IPv4 and IPv6 packet filtering. Connection tracking, NAT. IP sets and netfilter rules, nftables and nft. ebtables. conntrackd Virtual Private Networks OpenVPN server and clients for both bridged and routed VPN networks. IPsec server and clients for routed VPN networks using IPsec-Tools / racoon. L2TP.

Our Sponsor Licence Compliance Training will give you all the tools and knowledge you need to ensure your company remains compliant when hiring foreign workers. View our HR Sponsor Licence and Compliance training course dates below, delivered via Microsoft Teams. Course Overview:   Our HR Sponsor Licence and Compliance Training Course is designed to equip HR professionals, managers, and directors with the essential tools and knowledge to ensure their companies remain compliant when hiring foreign workers. In today’s ever-changing landscape of hiring foreign workers, it is crucial to have a solid understanding of the necessary processes and regulations to avoid penalties and maintain a valid Sponsor Licence. Our comprehensive training course has been meticulously crafted to inform, advise, and train companies on maintaining compliance when employing foreign workers. With the Home Office increasing its scrutiny and penalising companies without proper processes in place, it is essential to stay ahead of the game. Non-compliance can have severe consequences, including the suspension or revocation of your licence, which not only affects your company’s operations but also impacts the workers you sponsor. It is paramount to ensure that your company adheres to all the necessary regulations and requirements. This comprehensive course is your one-stop shop for Sponsor Management and Compliance Training. Don’t forget to check out our Home Office Audit Training Course which is designed to train HR professionals, employers and businesses with the knowledge and skills to excel during audit visits and follows on directly from our HR Sponsor Licence and Compliance course.   Course joining links, materials and instructions are sent out 24hours before the course starts. Why choose IAS' Immigration Training Courses? Immigration Advice Service has been providing professional immigration services for over 10 years in the public, private and corporate sectors. The Home Office is penalising more companies than ever for not having the correct processes in place when sponsoring workers. Being non-compliant can lead to your licence being suspended or revoked, which can have serious consequences for the company and workers. This training course is not to be missed by HR Management/Directors.   How is this course structured? Our “Sponsor Licence – HR, Compliance & Right to Work Training” course will include; An overview of Sponsor Licences & The Skilled Worker Visa. How to perform correct Right to Work checks HR processes you need to have in place Sponsor Management System (SMS) Assigning of Key Roles Updating information Renewal of your licence Q&A   Join over 92% of satisfied customers who found their training with IAS useful and beneficial to their role. You will also be provided with training material to keep after completing the course.

Get a clear strategy for bouncing back after a poor Ofsted inspection outcome; develop your DfE action plan; know what to expect from a progress monitoring inspection.

Securing Linux systems training course description This course teaches you everything you need to know to build a safe Linux environment. The first section handles cryptography and authentication with certificates, openssl, mod_ssl, DNSSEC and filesystem encryption. Then Host security and hardening is covered with intrusion detection, and also user management and authentication. Filesystem Access control is then covered. Finally network security is covered with network hardening, packet filtering and VPNs. What will you learn Secure Linux accounts. Secure Linux file systems. Secure Linux access through the network. Securing Linux systems training course details Who will benefit: Linux technical staff needing to secure their systems. Prerequisites: Linux system administration (LPIC-1) Duration 5 days Securing Linux systems training course contents Cryptography Certificates and Public Key Infrastructures X.509 certificates, lifecycle, fields and certificate extensions. Trust chains and PKI. openssl. Public and private keys. Certification authority. Manage server and client certificates. Revoke certificates and CAs. Encryption, signing and authentication SSL, TLS, protocol versions. Transport layer security threats, e.g. MITM. Apache HTTPD with mod_ssl for HTTPS service, including SNI and HSTS. HTTPD with mod_ssl to authenticate users using certificates. HTTPD with mod_ssl to provide OCSP stapling. Use OpenSSL for SSL/TLS client and server tests. Encrypted File Systems Block device and file system encryption. dm-crypt with LUKS to encrypt block devices. eCryptfs to encrypt file systems, including home directories and, PAM integration, plain dm-crypt and EncFS. DNS and cryptography DNSSEC and DANE. BIND as an authoritative name server serving DNSSEC secured zones. BIND as an recursive name server that performs DNSSEC validation, KSK, ZSK, Key Tag, Key generation, key storage, key management and key rollover, Maintenance and resigning of zones, Use DANE. TSIG. Host Security Host Hardening BIOS and boot loader (GRUB 2) security. Disable useless software and services, sysctl for security related kernel configuration, particularly ASLR, Exec-Shield and IP / ICMP configuration, Exec-Shield and IP / ICMP configuration, Limit resource usage. Work with chroot environments, Security advantages of virtualization. Host Intrusion Detection The Linux Audit system, chkrootkit, rkhunter, including updates, Linux Malware Detect, Automate host scans using cron, AIDE, including rule management, OpenSCAP. User Management and Authentication NSS and PAM, Enforce password policies. Lock accounts automatically after failed login attempts, SSSD, Configure NSS and PAM for use with SSSD, SSSD authentication against Active Directory, IPA, LDAP, Kerberos and local domains, Kerberos and local domains, Kerberos tickets. FreeIPA Installation and Samba Integration FreeIPA, architecture and components. Install and manage a FreeIPA server and domain, Active Directory replication and Kerberos cross-realm trusts, sudo, autofs, SSH and SELinux integration in FreeIPA. Access Control Discretionary Access Control File ownership and permissions, SUID, SGID. Access control lists, extended attributes and attribute classes. Mandatory Access Control TE, RBAC, MAC, DAC. SELinux, AppArmor and Smack. etwork File Systems NFSv4 security issues and improvements, NFSv4 server and clients, NFSv4 authentication mechanisms (LIPKEY, SPKM, Kerberos), NFSv4 pseudo file system, NFSv4 ACLs. CIFS clients, CIFS Unix Extensions, CIFS security modes (NTLM, Kerberos), mapping and handling of CIFS ACLs and SIDs in a Linux system. Network Security Network Hardening FreeRADIUS, nmap, scan methods. Wireshark, filters and statistics. Rogue router advertisements and DHCP messages. Network Intrusion Detection ntop, Cacti, bandwidth usage monitoring, Snort, rule management, OpenVAS, NASL. Packet Filtering Firewall architectures, DMZ, netfilter, iptables and ip6tables, standard modules, tests and targets. IPv4 and IPv6 packet filtering. Connection tracking, NAT. IP sets and netfilter rules, nftables and nft. ebtables. conntrackd Virtual Private Networks OpenVPN server and clients for both bridged and routed VPN networks. IPsec server and clients for routed VPN networks using IPsec-Tools / racoon. L2TP.

  In this training course, you will learn about the various aspects of a CMS, including the compliance policy, compliance culture, compliance risk assessment, operational controls, performance measurements, leadership and commitment, internal audit, management review, and continual improvement. After completing the training course, you can sit for the exam. If you successfully pass the exam, you can gain the 'Certified ISO 37301 Foundation' credential. By gaining this Credential, you can demonstrate that you have the necessary professional capabilities to be part of an ISO 37301 CMS implementation project About This Course   By participating in this training course, you will: Understand the basic compliance management concepts, definitions, and approaches Get acquainted with the ISO 37301 requirements for a compliance management system Develop a general understanding of how an organization can meet the requirements of ISO 37301   Course Agenda   Day 1: Introduction to compliance concepts, CMS, and clauses 4-6 of ISO 37301 Day 2: Clauses 7-10 of ISO 37301 and certification exam Assessment     Delegates sit a combined exam, consisting of in-course quizzes and exercises, as well as a final 40 question, multiple choice type exam on Day 2 of the course. The overall passing score is 70%, to be achieved within the 60 minute time allowance. Exam results are provided within 24 hours, with both a Certificate and a digital badge provided as proof of success.   What's Included?   Certification fees are included in the exam price. Training material containing over 200 pages of information and practical examples will be given to each participant. An attestation of course completion worth 14 CPD (Continuing Professional Development) credits will be issued to participants who have attended the training course. In case participant(s) fail to pass the exam, they can retake the exam once for free within 12 months of the initial exam date. Prerequisites   There are no prerequisites to participate in this training course. Accreditation Provided by   This course is Accredited by NACS and Administered by the IECB.

  ISO 13485 Foundation training enables you to learn the basic elements to implement and manage a Medical Devices Quality Management System (MDQMS) as specified in ISO 13485. During this training course, you will be able to understand the different modules of a MDQMS, including MDQMS policy, procedures, performance measurements, management commitment, internal audit, management review and continual improvement. After completing this course, you can sit for the exam and gain "Certified ISO 13485 Foundation' Certification. This Certificate shows that you have understood the fundamental methodologies, requirements, framework and management approach.  About This Course   Learning Objectives Understand the elements and operations of a Medical Devices Quality Management System (MDQMS) Acknowledge the correlation between ISO 13485 and other standards and regulatory frameworks Understand the approaches, methods and techniques used for the implementation and management of a MDQMS   Course Agenda Day 1: Introduction to Medical Devices Quality Management System (MDQMS) concepts as required by ISO 13485 Day 2: Medical Devices Quality Management System requirements and Certification Exam   Assessment     Delegates sit a combined exam, consisting of in-course quizzes and exercises, as well as a final 40 question, multiple choice exam on Day 2 of the course. The overall passing score is 70%, to be achieved within the 60 minute time allowance. Exam results are provided within 24 hours, with both a Certificate and a digital badge provided as proof of success.   Prerequisites   None What's Included?   Certification fees are included on the exam price Training material containing over 200 pages of information and practical examples will be distributed An attestation of course completion worth 14 CPD (Continuing Professional Development) credits will be issued to the participants who have attended the training course. Who Should Attend?   Individuals involved in Medical Devices Quality Management Individuals seeking to gain knowledge about the main processes of Medical Devices Quality Management Systems (MDQMS) Individuals interested to pursue a career in Medical Devices Quality Management Accreditation Provided by   This course is Accredited by NACS and Administered by the IECB