93 Certified Cloud Security Professional (CCSP) courses

Duration 4 Days 24 CPD hours This course is intended for This course is open to engineers, administrators, and security-minded users of public, private, and hybrid cloud infrastructures responsible for implementing security in cloud environments: Security architects Cloud architects Security engineers Cloud engineers System engineers Cisco integrators and partners Overview After taking this course, you should be able to: Contrast the various cloud service and deployment models. Implement the Cisco Security Solution for SaaS using Cisco Cloudlock Micro Services. Deploy cloud security solutions using Cisco AMP for Endpoints, Cisco Umbrella, and Cisco Cloud Email Security. Define Cisco cloud security solutions for protection and visibility using Cisco virtual appliances and Cisco Stealthwatch Cloud. Describe the network as a sensor and enforcer using Cisco Identity Services Engine (ISE), Cisco Stealthwatch Enterprise, and Cisco TrustSec. Implement Cisco Firepower NGFW Virtual (NGFWv) and Cisco Stealthwatch Cloud to provide protection and visibility in AWS environments. Explain how to protect the cloud management infrastructure by using specific examples, defined best practices, and AWS reporting capabilities. This course shows you how to implement Cisco© cloud security solutions to secure access to the cloud, workloads in the cloud, and software as a service (SaaS) user accounts, applications, and data. This course covers usage of Cisco Cloudlock, Cisco Umbrella?, Cisco Cloud Email Security, Cisco Advanced Malware Protection (AMP) for Endpoints, Cisco Stealthwatch© Cloud and Enterprise, Cisco Firepower© NGFW (next-generation firewall), and more. Introducing the Cloud and Cloud Security Describe the Evolution of Cloud Computing Explain the Cloud Service Models Explore the Security Responsibilities Within the Infrastructure as a Service (IaaS) Service Model Explore the Security Responsibilities Within the Platform as a Service (PaaS) Service Model Explore the Security Responsibilities Within the SaaS Service Model Describe Cloud Deployment Models Describe Cloud Security Basics Implementing the Cisco Security Solution for SaaS Access Control Explore Security Challenges for Customers Using SaaS Describe User and Entity Behavior Analytics, Data Loss Prevention (DLP), and Apps Firewall Describe Cloud Access Security Broker (CASB) Describe Cisco CloudLock as the CASB Describe OAuth and OAuth Attacks Deploying Cisco Cloud-Based Security Solutions for Endpoints and Content Security Describe Cisco Cloud Security Solutions for Endpoints Describe AMP for Endpoints Architecture Describe Cisco Umbrella Describe Cisco Cloud Email Security Design Comprehensive Endpoint Security Introducing Cisco Security Solutions for Cloud Protection and Visibility Describe Network Function Virtualization (NFV) Describe Cisco Secure Architectures for Enterprises (Cisco SAFE) Describe Cisco NGFWv/Cisco Firepower Management Center Virtual Describe Cisco ASAv Describe Cisco Services Router 1000V Describe Cisco Stealthwatch Cloud Describe Cisco Tetration Cloud Zero-Trust Model Describing the Network as the Sensor and Enforcer Describe Cisco Stealthwatch Enterprise Describe Cisco ISE Functions and Personas Describe Cisco TrustSec Describe Cisco Stealthwatch and Cisco ISE Integration Describe Cisco Encrypted Traffic Analytics (ETA) Implementing Cisco Security Solutions in AWS Explain AWS Security Offerings Describe AWS Elastic Compute Cloud (EC2) and Virtual Private Cloud (VPC) Discover Cisco Security Solutions in AWS Explain Cisco Stealthwatch Cloud in AWS Describing Cloud Security Management Describe Cloud Management and APIs Explain API Protection Illustrate an API Example: Integrate to ISE Using pxGrid Identify SecDevOps Best Practices Illustrate a Cisco Cloud Security Management Tool Example: Cisco Defense Orchestrator Illustrate a Cisco Cloud Security Management Tool Example: Cisco CloudCenter? Describe Cisco Application Centric Infrastructure (ACI) Describe AWS Reporting Tools Additional course details: Nexus Humans Cisco Securing Cloud Deployments with Cisco Technologies v1.0 (SECCLD) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Cisco Securing Cloud Deployments with Cisco Technologies v1.0 (SECCLD) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 3 Days 18 CPD hours This course is intended for This course is designed for IoT practitioners who are looking to improve their skills and knowledge of IoT security and privacy. This course is also designed for students who are seeking the CertNexus Certified Internet of Things Security Practitioner (CIoTSP) certification and who want to prepare for Exam ITS-110. Overview This program will validate that the candidate has the knowledge, skills, and abilities to secure network environments for IoT devices, analyze vulnerabilities and determine reasonable controls against threats, and effectively monitor IoT devices and respond to incidents. This course is designed for practitioners who are seeking to demonstrate a vendor-neutral, cross-industry skill set that will enable them to design, implement, operate, and/or manage a secure IoT ecosystem. Managing IoT Risks Map the IoT Attack Surface Build in Security by Design Securing Web and Cloud Interfaces Identify Threats to IoT Web and Cloud Interfaces Prevent Injection Flaws Prevent Session Management Flaws Prevent Cross-Site Scripting Flaws Prevent Cross-Site Request Forgery Flaws Prevent Unvalidated Redirects and Forwards Securing Data Use Cryptography Appropriately Protect Data in Motion Protect Data at Rest Protect Data in Use Controlling Access to IoT Resources Identify the Need to Protect IoT Implement Secure Authentication Implement Secure Authorization Implement Security Monitoring on IoT Systems Securing IoT Networks Ensure the Security of IP Networks Ensure the Security of Wireless Networks Ensure the Security of Mobile Networks Ensure the Security of IoT Edge Networks Ensuring Privacy Improve Data Collection to Reduce Privacy Concerns Protect Sensitive Data Dispose of Sensitive Data Managing Software and Firmware Risks Manage General Software Risks Manage Risks Related to Software Installation and Configuration Manage Risks Related to Software Patches and Updates Manage Risks Related to IoT Device Operating Systems and Firmware Promoting Physical Security Protect Local Memory and Storage Prevent Physical Port Access

Duration 4 Days 24 CPD hours This course is intended for Security engineers Security administrators Security architects Operations engineers Network engineers Network administrators Network or security technicians Network managers System designers Cisco integrators and partners Overview After taking this course, you should be able to: Describe and administer the Cisco Email Security Appliance (ESA) Control sender and recipient domains Control spam with Talos SenderBase and anti-spam Use anti-virus and outbreak filters Use mail policies Use content filters Use message filters to enforce email policies Prevent data loss Perform LDAP queries Authenticate Simple Mail Transfer Protocol (SMTP) sessions Authenticate email Encrypt email Use system quarantines and delivery methods Perform centralized management using clusters Test and troubleshoot This course shows you how to deploy and use Cisco© Email Security Appliance to establish protection for your email systems against phishing, business email compromise, and ransomware, and to help streamline email security policy management. This hands-on course provides you with the knowledge and skills to implement, troubleshoot, and administer Cisco Email Security Appliance, including key capabilities such as advanced malware protection, spam blocking, anti-virus protection, outbreak filtering, encryption, quarantines, and data loss prevention. This course helps you prepare to take the exam, Securing Email with Cisco Email Security Appliance (300-720 SESA). Describing the Cisco Email Security Appliance Cisco Email Security Appliance Overview Technology Use Case Cisco Email Security Appliance Data Sheet SMTP Overview Email Pipeline Overview Installation Scenarios Initial Cisco Email Security Appliance Configuration Centralizing Services on a Cisco Administering the Cisco Email Security Appliance Distributing Administrative Tasks System Administration Managing and Monitoring Using the Command Line Interface (CLI) Other Tasks in the GUI Advanced Network Configuration Using Email Security Monitor Tracking Messages Logging Controlling Sender and Recipient Domains Public and Private Listeners Configuring the Gateway to Receive Email Host Access Table Overview Recipient Access Table Overview Configuring Routing and Delivery Features Controlling Spam with Talos SenderBase and Anti-Spam SenderBase Overview Anti-Spam Managing Graymail Protecting Against Malicious or Undesirable URLs File Reputation Filtering and File Analysis Bounce Verification Using Anti-Virus and Outbreak Filters Anti-Virus Scanning Overview Sophos Anti-Virus Filtering McAfee Anti-Virus Filtering Configuring the Appliance to Scan for Viruses Outbreak Filters How the Outbreak Filters Feature Works Managing Outbreak Filters Using Mail Policies Email Security Manager Overview Mail Policies Overview Handling Incoming and Outgoing Messages Differently Matching Users to a Mail Policy Message Splintering Configuring Mail Policies Using Content Filters Content Filters Overview Content Filter Conditions Content Filter Actions Filter Messages Based on Content Text Resources Overview Using and Testing the Content Dictionaries Filter Rules Understanding Text Resources Text Resource Management Using Text Resources Using Message Filters to Enforce Email Policies Message Filters Overview Components of a Message Filter Message Filter Processing Message Filter Rules Message Filter Actions Attachment Scanning Examples of Attachment Scanning Message Filters Using the CLI to Manage Message Filters Message Filter Examples Configuring Scan Behavior Preventing Data Loss Overview of the Data Loss Prevention (DLP) Scanning Process Setting Up Data Loss Prevention Policies for Data Loss Prevention Message Actions Updating the DLP Engine and Content Matching Classifiers Using LDAP Overview of LDAP Working with LDAP Using LDAP Queries Authenticating End-Users of the Spam Quarantine Configuring External LDAP Authentication for Users Testing Servers and Queries Using LDAP for Directory Harvest Attack Prevention Spam Quarantine Alias Consolidation Queries Validating Recipients Using an SMTP Server SMTP Session Authentication Configuring AsyncOS for SMTP Authentication Authenticating SMTP Sessions Using Client Certificates Checking the Validity of a Client Certificate Authenticating User Using LDAP Directory Authenticating SMTP Connection Over Transport Layer Security (TLS) Using a Client Certificate Establishing a TLS Connection from the Appliance Updating a List of Revoked Certificates Email Authentication Email Authentication Overview Configuring DomainKeys and DomainKeys Identified Mail (DKIM) Signing Verifying Incoming Messages Using DKIM Overview of Sender Policy Framework (SPF) and SIDF Veri?cation Domain-based Message Authentication Reporting and Conformance (DMARC) Verification Forged Email Detection Email Encryption Overview of Cisco Email Encryption Encrypting Messages Determining Which Messages to Encrypt Inserting Encryption Headers into Messages Encrypting Communication with Other Message Transfer Agents (MTAs) Working with Certificates Managing Lists of Certificate Authorities Enabling TLS on a Listener?s Host Access Table (HAT) Enabling TLS and Certi?cate Verification on Delivery Secure/Multipurpose Internet Mail Extensions (S/MIME) Security Services Using System Quarantines and Delivery Methods Describing Quarantines Spam Quarantine Setting Up the Centralized Spam Quarantine Using Safelists and Blocklists to Control Email Delivery Based on Sender Configuring Spam Management Features for End Users Managing Messages in the Spam Quarantine Policy, Virus, and Outbreak Quarantines Managing Policy, Virus, and Outbreak Quarantines Working with Messages in Policy, Virus, or Outbreak Quarantines Delivery Methods Centralized Management Using Clusters Overview of Centralized Management Using Clusters Cluster Organization Creating and Joining a Cluster Managing Clusters Cluster Communication Loading a Configuration in Clustered Appliances Best Practices Testing and Troubleshooting Debugging Mail Flow Using Test Messages: Trace Using the Listener to Test the Appliance Troubleshooting the Network Troubleshooting the Listener Troubleshooting Email Delivery Troubleshooting Performance Web Interface Appearance and Rendering Issues Responding to Alerts Troubleshooting Hardware Issues Working with Technical Support References Model Specifications for Large Enterprises Model Specifications for Midsize Enterprises and Small-to-Midsize Enterprises or Branch O?ces Cisco Email Security Appliance Model Specifications for Virtual Appliances

Duration 2 Days 12 CPD hours This course is intended for Cloud Architects, Security Experts, and Network Administrators requiring in depth knowledge on CloudGuard Network Security products. Overview Discuss AWS Platform Components and their relationship to Check Point CloudGuard Network Security. Explain how to maintain a secure, efficient, and stable cloud environment. Describe the components and constraints of a hub and spoke security environment. Describe the function of the Cloud Management Extension. Explain the purpose of identity and access controls and constraints in different cloud platforms. Explain the steps required to configure Identity and Access controls in AWS. Describe the purpose and function of the CloudGuard Controller, its processes, and how it is tied to the Identity Awareness feature. Explain how to design and configure Cloud Adaptive Policies. Discuss the purpose and function of Data Center Objects. Describe the function and advantages of Cloud Service Provider (CSP) automation templates for instance and resource deployments. Explain how CSP templates can be used for maintenance tasks in the cloud environment. Discuss Third-Party Automation tools, how they can simplify deployment and maintenance tasks, and the constraints associated with them. Discuss Scaling Solutions and Options for Cloud Environments. Explain the Scaling Options in AWS. Describe the workflow for configuring scaling solutions in AWS. Discuss how ClusterXL operates and what elements work together to permit traffic failover. Explain how ClusterXL functions differently in a Cloud Environment. Describe how clusters are created and function in AWS. Discuss the elements involved in Hybrid Data Center deployments, the advantages of them, and the constraints involved. Explain the nature of a 'Greenfield' deployment, the advantages of it, and the constraints involved. Describe the components and constraint involved in deploying a Disaster Recovery Site in the cloud. Discuss the steps required for troubleshooting automation in AWS. Explain the steps required for troubleshooting Scaling Solution issues in AWS. Describe the steps required for troubleshooting clusters in AWS. Learn advanced concepts and develop skills needed to design and administer CloudGuard Network Security Environments. Course Outline Create an SSH Key Pair. Create a VPC. Deploy an SMS. Connect to SmartConsole. Review the IAM Role. Configure the Cloud Management Extension. Configure the Access Control Policy. Create the AWS Data Center Object. Create Access Control Policy with a Data Center Object. Create the AWS VPC Spokes. Deploy the Web Servers into the Spoke VPCs. Create the AWS Auto Scale Deployment. Create the External and Internal Load Balancers. Create the VPC for the Auto Scale Deployment. Create the VPC Peers. Deploy the CloudGuard Cluster Template. Create the AWS VPN Gateway. Configure the Tunnel Interfaces. Configure the Static Routes. Configure the Network Objects. Configure the VPN Community. Configure the Security Policy. Test the Traffic. Troubleshoot the CloudGuard Controller. Debug the CloudGuard Controller. Debug the Cloud Management Extension Additional course details: Nexus Humans CNSE-AWS Check Point Network Security Expert for AWS training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the CNSE-AWS Check Point Network Security Expert for AWS course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for Cloud Architects, Security Experts, and Network Administrators requiring in depth knowledge on CloudGuard Network Security products. Overview Discuss Azure Platform Components and their relationship to Check Point CloudGuard Network Security. Explain how to maintain a secure, efficient, and stable cloud environment. Describe the components and constraints of a hub and spoke cloud security environment. Describe the function of the Cloud Management Extension Explain the purpose of identity and access controls and constraints in different cloud platforms. Explain the steps required to configure Identity and Access controls in Azure. Describe the purpose and function of the CloudGuard Controller, its processes, and how it is tied to the Identity Awareness feature. Explain how to design and configure Cloud Adaptive Policies. Discuss the purpose and function of Data Center Objects. Describe the function and advantages of Cloud Service Provider (CSP) automation templates for instance and resource deployments. Explain how CSP templates can be used for maintenance tasks in the cloud environment. Discuss Third-Party Automation tools, how they can simplify deployment and maintenance tasks, and the constraints associated with them. Discuss Scaling Solutions and Options for Cloud Environments. Explain the Scaling Options in Azure. Describe the workflow for configuring scaling solutions in Azure. Discuss how ClusterXL operates and what elements work together to permit traffic failover. Explain how ClusterXL functions differently in a Cloud Environment. Describe how clusters are created and function in Azure. Discuss the elements involved in Hybrid Data Center deployments, the advantages of them, and the constraints involved. Explain the nature of a 'Greenfield' deployment, the advantages of it, and the constraints involved. Describe the components and constraint involved in deploying a Disaster Recovery Site in the cloud. Discuss the steps required for troubleshooting automation in Azure. Explain the steps required for troubleshooting Scaling Solution issues in Azure. Describe the steps required for troubleshooting clusters in Azure. Learn advanced concepts and develop skills needed to design and administer CloudGuard Network Security Environments. Course Outline Deploy a Security Management Server. Connect to SmartConsole. Configure Azure Active Directory and the Service Principle. Install the Cloud Management Extension. Configure the Cloud Management Extension. Configure the Access Control Policy. Assign the Service Principle. Create the CloudGuard Controller Object. Configure Access Control Policy with a Data Center Object. Deploy the Spoke vNets. Create the Spoke Route Table. Deploy Web Servers into the Spoke vNets. Deploy the Virtual Machine Scale Set. Assign the Service Principle to the VMSS Resource Group. Enable Indentity Awareness on the VMSS. Create Load Balancer Rules. Create vNet Peers. Create Web Server Access Control policy. Deploy the Azure High Availability Solution. Create the Cluster Object. Configure the vNet Peering. Create the Internal User Defined Routes. Create the Security Policy for Internal Traffic. Test the Internal Traffic. Troubleshoot the CloudGuard Controller. Debugs the CloudGuard Controller. Debug the Cloud Management Extension. Additional course details: Nexus Humans CNSE-Azure Check Point Network Security Expert for Azure training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the CNSE-Azure Check Point Network Security Expert for Azure course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 3 Days 18 CPD hours This course is intended for This course is recommended for technical professionals who perform advanced deployment configurations of Check Point products. Overview Provide an overview of the upgrade service and options available. Explain how to perform management upgrade and migration. Articulate the process using CPUSE features. Articulate the purpose and function of Management High Availability. Explain Primary vs Secondary, Active vs Standby and Synchronization. Explain disaster recovery steps in case the primary management server becomes unavailable. Provide overview of Central Deployment in SmartConsole. Articulate an understanding of Security Gateway cluster upgrade methods. Explain about Multi Version Cluster (MVC) upgrades. Discuss Gaia Commands and how they are used. Explain the main processes on s and s. Describe how to work with scripts and SmartTasks to configure automatic actions. Explain the Management Data Plane Separation (MDPS) Explain kernel operations and traffic flow Articulate Dynamic and Updatable Objects in Security Gateways Explain the policy installation flow and files used. Describe the use of policy installation history. Explain concurrent and accelerated install policy. Describe an overview of APIs and ways to use and authenticate. Explain how to make changes in GAIA and management configuration. Explain how to install policy using API. Explain how the SecureXL acceleration technology enhances and optimizes Security Gateway performance. Describe how the CoreXL acceleration technology enhances and improves Security Gateway performance. Articulate how utilizing multiple traffic queues can make traffic handling more efficient. Discuss Site-to-Site VPN basics, deployment and communities. Describe how to analyze and interpret VPN tunnel traffic. Explain Link Selection and ISP Redundancy options. Explain tunnel management features. Discuss Check Point Remote Access solutions and how they differ from each other. Describe how client security can be provided by Remote Access . Explain authentication methods including machine authentication. Explain Multiple Entry Point (MEP). Discuss the Mobile Access Software Blade and how it secures communication and data exchange during remote connections. Learn basic concepts and develop skills necessary to administer IT security fundamental tasks. Course Outline Prepare for a Security Management Server Upgrade Upgrade the Security Management Server Deploy a Secondary Security Management Server Configure a Distributed Log Server Upgrade a Security Gateway from SmartConsole Work with the Command Line Use Scripts and SmartTasks Configure Dynamic Objects Monitor Traffic Verify Policy Installation and Status Work with Gaia and Management APIs Work with Acceleration Features Configure a Locally Managed Site to Site VPN Configure a Site to Site VPN with an Interoperable Device Configure Remote Access VPN Configure Mobile Access VPN Configure a High Availability Cluster Work with ClusterXL Configure Policy Compliance Deploy SmartEvent

Duration 2 Days 12 CPD hours This course is intended for Diese Zertifizierung richtet sich an Experten aus Geschäftsbetrieben aller Branchen, die mit der Cloud-Technologie arbeiten oder an dieser Technologie und ihrem Nutzen für Unternehmen interessiert sind: Alle Mitarbeiter von internen oder externen Service Providern, Ihre Kunden Manager, Auditoren Overview Die Zertifizierung EXIN Cloud Computing Foundation validiert das Wissen von Kandidaten in folgenden Bereichen: Cloud - Prinzipien Implementierung von Management des Cloud Computing Nutzung von Cloud Computing Sicherheit, Identität und Privatsphäre im Cloud Computing Bewertung des Cloud Computing Unter Cloud Computing versteht man die Implementierung und Nutzung der Cloud - Technologie um IT - Services bereitzustellen, die an einem andren Standort gehostet werden. Cloud-Prinzipien Das Cloud - Konzept Entwicklung des Cloud Computing Cloud - Architektur Vorteile und Beschr„nkungen des Cloud Computing Implementierung und Management des Cloud Computing Aufbau lokaler Cloud - Umgebungen Management - Prinzipien fr Cloud - Services Nutzung von Cloud Computing Zugriff auf die Cloud Untersttzung von Business - Prozessen durch Cloud Computing Cloud - Nutzung durch Service Provider Sicherheit, Identit„t und Privatsph„re im Cloud Computing Sicherheit im Cloud Computing Identit„ts- und Privatsph„renmanagement Bewertung des Cloud Computing Business Cas fr das Cloud Computing Bewertung von Cloud - Implementierungen

Duration 4 Days 24 CPD hours This course is intended for IS Security Officers Privacy Officers Health IS Managers Risk Managers Information Security Managers Compliance and Privacy Officers Overview Upon completion, the student will be ready to take the Certified Healthcare Information Systems Security Practitioner exam by mile2. In addition, at the end of the CHISSP course, the student will be versed with best practices in the healthcare industry and will be able to establish a framework with current best practices in respects to privacy, regulation and risk management. The Certified Healthcare IS Security Practitioner, C)HISSP certification course covers the skills and knowledge to implement the best IT healthcare practices, as well as, regulatory compliance and standards in the healthcare industry. Because of growing industry regulations and privacy requirements in the healthcare industry, the C)HISSP was developed by Mile2. Graduates of this course have become vital in managing and protecting healthcare data and are tasked to protect patient information by implementing, managing, and assessing proper IT controls for patient health information integrity. Course Outline Intro to the Healthcare Industry Regulatory Environment Healthcare Privacy and Security Policies Information Governance Risk Management Third-Party Risk Management

Duration 5 Days 30 CPD hours This course is intended for This course is recommended for technical professionals who support, install, deploy or administer Check Point products. This course is recommended for technical professionals who perform advanced deployment configurations of Check Point products. Overview CCSA Know how to perform periodic administrator tasks. Describe the basic functions of the Gaia operating system. Recognize SmartConsole features, functions, and tools. Understand how SmartConsole is used by administrators to give user access. Learn how Check Point security solutions and products work and how they protect networks. Understand licensing and contract requirements for Check Point security products. Describe the essential elements of a Security Policy. Understand the Check Point policy layer concept. Understand how to enable the Application Control and URL Filtering software. Blades to block access to various applications. Describe how to configure manual and automatic NAT. Identify tools designed to monitor data, determine threats and recognize opportunities for performance improvements. Describe different Check Point Threat Prevention solutions for network attacks. Articulate how the Intrusion Prevention System is configured, maintained and tuned. Understand the Infinity Threat Prevention system. Knowledge about Check Point's IoT Protect. CCSE Provide an overview of the upgrade service and options available. Explain how to perform management upgrade and migration. Articulate the process using CPUSE features. Articulate the purpose and function of Management High Availability. Explain Primary vs Secondary, Active vs Standby and Synchronization. Explain disaster recovery steps in case the primary management server becomes unavailable. Provide overview of Central Deployment in SmartConsole. Articulate an understanding of Security Gateway cluster upgrade methods. Explain about Multi Version Cluster (MVC) upgrades. Discuss Gaia Commands and how they are used. Explain the main processes on s and s. Describe how to work with scripts and SmartTasks to configure automatic actions. Explain the Management Data Plane Separation (MDPS) Explain kernel operations and traffic flow Articulate Dynamic and Updatable Objects in Security Gateways Explain the policy installation flow and files used. Describe the use of policy installation history. Explain concurrent and accelerated install policy. Describe an overview of APIs and ways to use and authenticate. Explain how to make changes in GAIA and management configuration. Explain how to install policy using API. Explain how the SecureXL acceleration technology enhances and optimizes Security Gateway performance. Learn basic concepts and develop skills necessary to administer IT security fundamental tasks. CCSA Outline Configure the Security Management Server. Use the WebUI to run the First Time Wizard. Install the Smart Console. Install the Alpha Gateway using the network detailed in the course topology. Demonstrate how the Security Management Server and Gateway communicate. Test SIC Status. Create multiple administrators and apply different roles and permissions for simultaneous administration. Validate existing licenses for products installed on the network. Create and configure host, network and group objects. Create a simplified Security Policy. Demonstrate how to use Security Zones in policy. Demonstrate how to share a layer between Security Polices. Configure Network Address Translation for server and network objects. Enable Identity Awareness. Deploy user access roles for more granular control of the security Policy. Generate network Traffic and use traffic visibility tools to monitor the data. Use SmartConsole and SmartView Monitor to view status, alerts, and block suspicious traffic. CCSE Outline Prepare for a Security Management Server Upgrade Upgrade the Security Management Server Deploy a Secondary Security Management Server Configure a Distributed Log Server Upgrade a Security Gateway from SmartConsole Work with the Command Line Use Scripts and SmartTasks Configure Dynamic Objects Monitor Traffic Verify Policy Installation and Status Work with Gaia and Management APIs Work with Acceleration Features Configure a Locally Managed Site to Site VPN Configure a Site to Site VPN with an Interoperable Device Configure Remote Access VPN Configure Mobile Access VPN Configure a High Availability Cluster Work with ClusterXL Configure Policy Compliance Deploy SmartEvent

Duration 1 Days 6 CPD hours Overview The purpose of this document is to provide the learning outcomes for the course and the assessment criteria. It also provides an overview of the examination design in terms of the types of questions asked.Starting with Chapter 2, Digital Transformation, the BL 1 & 2 (for Bloom's Taxonomy 1 & 2) provides the number of questions that will appear on the exam. This course is targeted at IT and Cybersecurity professionals looking to become certified on how to operationalize the NIST Cybersecurity Framework (NCSP) across an enterprise and its supply chain. Digital Transformation Explain what it means to ?become digital.? Discuss the difference between industrial and digital era enterprises. Explain how cybersecurity supports an organization?s digital transformation. Understanding cyber Risks Explain the cyber risk equation. Identify and explain each component of the cyber risk equation. Describe the basics of a risk assessment. NIST Cybersecurity Framework Fundamentals9 Explain the genesis of the NIST-CSF. List and describe the components of the NIST-CSF. Describe each of the NIST-CSF?s objectives. Core Functions, Categories & Subcategories Understand and explain the a.Core Functions b.Framework Categories c.Informative References. Implementation Tiers & Profiles Understand and explain Implementation Tier terms and their use. Understand and explain each Implementation Tier. Understand and describe the three risk categories Understand and explain Profiles and their use a.Current b.Target Understand and describe the use of Profiles when a.Determining gaps b.Identify & prioritize focus areas Cybersecurity Improvement Understand and explain how an organization can approach the adoption and adaptation of the NIST-CSF Understand and describe how to implement cybersecurity controls using an incremental improvement approach. Understand and describe CIIS as a practice within an organization.