138 Certified in Cybersecurity (CC) courses in Alfreton delivered Live Online

Duration 5 Days 30 CPD hours This course is intended for IS Security Owners Security Officers Ethical Hackers Information Owners Penetration Testers System Owners and Managers Cyber Security Engineers Overview Upon completion, the Certified Professional Ethical Hacker candidate will be able to competently take the C)PEH exam. To protect an information system you need to be able to see that system through the eyes of the attacker.ÿThe Certified Professional Ethical Hackerÿcertification course is the foundational training to Mile2?s line of penetration testing courses because it teaches you to think like a hacker.ÿ Therefore, you can set up dynamic defenses to prevent intrusion. First, you will learn the value of vulnerability assessments.ÿ Then, you will discover how to use those assessments to make powerful changes in an information system?s security. Additionally, you will learn how malware and destructive viruses function and how to implement counter response and preventative measures when it comes to a network hack. Course Introduction Introduction to Ethical Hacking Linux Fundamentals Protocols Cryptography Password Cracking Malware Security Devices Information Gathering ? Passive Reconnaissance Social Engineering Active Reconnaissance Vulnerability Assessment Network Attacks Hacking Servers Hacking Web Technologies Hacking Wireless Technologies Maintaining Access and Covering Tracks

Duration 4 Days 24 CPD hours This course is intended for This is an intermediate-level programming course, designed for experienced .Net developers who wish to get up and running on developing well defended software applications. Real world programming experience with .Net is required. Overview Students who attend Attacking and Securing .Net Web Applications will leave the course armed with the skills required to recognize actual and potential software vulnerabilities and implement defenses for those vulnerabilities. This course begins by developing the skills required to fingerprint a web application and then scan it for vulnerabilities and bugs. Practical labs using current tools and techniques provide students with the experience needed to begin testing their own applications. Students also gain a deeper understanding of how attackers probe applications to understand the runtime environment as well as find potential weaknesses. This course the introduces developers to the most common security vulnerabilities faced by web applications today. Each vulnerability is examined from a .Net perspective through a process of describing the threat and attack mechanisms, recognizing associated vulnerabilities, and, finally, designing, implementing effective defenses. Practical labs reinforce these concepts with real vulnerabilities and attacks. Students are then challenged to design and implement the layered defenses they will need in defending their own applications. There is an emphasis on the underlying vulnerability patterns since the technologies, use cases, and methods of attack as constantly changing. The patterns remain the same through all the change and flux. This 'skills-centric' course is about 50% hands-on lab and 50% lecture, designed to train attendees in secure web application development, coding and design, coupling the most current, effective techniques with the soundest industry practices. Our instructors and mentors are highly experienced practitioners who bring years of current 'on-the-job' experience into every classroom. This lab-intensive course provides hands-on .Net security training that offers a unique look at .Net application security. Beginning with penetration testing and hunting for bugs in .Net web applications, you thoroughly examine best practices for defensively coding web applications, covering all the OWASP Top Ten as well as several additional prominent vulnerabilities. You will repeatedly attack and then defend various assets associated with fully functional web applications and services, driving home the mechanics of how to secure .Net web applications in the most practical of terms. Bug Hunting Foundation Why Hunt Bugs? Safe and Appropriate Bug Hunting/Hacking Scanning Web Applications Scanning Applications Overview Moving Forward from Hunting Bugs Removing Bugs Foundation for Securing Applications Principles of Information Security Bug Stomping 101 Unvalidated Data Injection Broken Authentication Sensitive Data Exposure XML External Entities (XXE) Broken Access Control Bug Stomping 102 Security Misconfiguration Cross Site Scripting (XSS) Deserialization/Vulnerable Components Insufficient Logging and Monitoring Spoofing, CSRF, and Redirects Moving Forward with Application Security Applications: What Next? .NET Issues and Best Practices Making Application Security Real Time Permitting Topics Cryptography Overview .NET Cryptographic Services

Duration 3 Days 18 CPD hours This course is intended for This course is designed for system administrators and implementors interested in learning IBM Security Verify Access. Overview Describe IBM Security Verify Access product and its key features Discuss the architecture and deployment process Configure IBM Security Verify Access users, groups, and domains Introduce concepts of a reverse proxy and how it fits in your web-based infrastructure Describe protected object space and the policy access control model Explain how to set up reverse proxy junctions to handle web requests Discuss and configure authentication mechanisms that are supported by Verify Access Explain and set up logging, auditing, and tracing for Verify Access components IBM Security Verify Access helps you simplify your users' access while more securely adopting web, mobile, IoT, and cloud technologies. It can be deployed on premises, in a virtual or hardware appliance, or containerized with Docker. Verify Access also directly connects with Verify SaaS for a modernized, hybrid IAM approach to enable your organization's migration to identity as a service (IDaaS) at a comfortable pace. Using the skills taught in this course, you learn how to run Verify Access via Docker, configure authentication and authorization mechanisms, implement policy access control, and set up reverse proxy junctions to process web requests. Hands-on exercises reinforce the skills learned. Unit 1 Introduction to IBM Security Verify Access Unit 2 Architecture and deployment Unit 3 Managing users, groups, and domains Unit 4 Reverse Proxy (WebSEAL) concepts Unit 5 Managing access control Unit 6 Configuring junctions for back-end resources Unit 7 Authentication framework and methods Unit 8 Logging, auditing, and tracing Additional course details: Nexus Humans TW108G IBM Security Verify Access Foundations training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the TW108G IBM Security Verify Access Foundations course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for Cybersecurity analysts and engineers and security operations specialists, as well as administrators and product deployers. Overview Successful completion of this instructor-led course with hands-on lab activities should enable you to: Describe the architecture and components of the Cortex XDR family Use the Cortex XDR management console Create Cortex XDR agent installation packages, endpoint groups, and policies Deploy Cortex XDR agents on endpoints Create and manage exploit and malware prevention profiles Investigate alerts and prioritize them using starring and exclusion policies Tune Security profiles using Cortex XDR exceptions Perform and track response actions in the Action Center Perform basic troubleshooting related to Cortex XDR agents Deploy a Broker VM and activate the Local Agents Settings applet Understand Cortex XDR deployment concepts and activation requirements Work with the Customer Support Portal and Cortex XDR Gateway for authentication and authorization This instructor-led training enables you to prevent attacks on your endpoints. After an overview of the Cortex XDR components, the training introduces the Cortex XDR management console and demonstrates how to install agents on your endpoints and how to create Security profiles and policies. The training enables you to perform and track response actions, tune profiles, and work with Cortex XDR alerts. The training concludes with discussions about basic troubleshooting of the agent, the on-premises Broker VM component, and Cortex XDR deployment. Course Outline This class is comprised of the following modules: Module 1 - Cortex XDR Family Overview Module 2 - Cortex XDR Main Components Module 3 - Cortex XDR Mangement Components Module 4 - Profiles and Policy Rules Module 5 - Malware Protection Module 6 - Exploit Protection Module 7 - Cortex XDR Alerts Module 8 - Tuning Policies using Exceptions Module 9 - - Response Actions Module 10 - Basic Agent Troubleshooting Module 11 - Broker VM Overview Module 12 - Deployment Consideration

Duration 2 Days 12 CPD hours This course is intended for Cybersecurity analysts and engineers Security operations specialists Overview Successful completion of this instructor-led course with hands-on lab activities should enable participants to: Investigate and manage incidents Describe the Cortex XDR causality and analytics concepts Analyze alerts using the Causality and Timeline Views Work with Cortex XDR Pro actions such as remote script execution Create and manage on-demand and scheduled search queries in the Query Center Create and manage the Cortex XDR rules BIOC and IOC Working with Cortex XDR assets and inventories Write XQL queries to search datasets and visualize the result sets Work with Cortex XDR's external-data collection This instructor-led course teaches you how to use the Incidents pages of the Cortex XDR management console to investigate attacks. It explains causality chains, detectors in the Analytics Engine, alerts versus logs, log stitching, and the concepts of causality and analytics. You will learn how to analyze alerts using the Causality and Timeline Views and how to use advanced response actions, such as remediation suggestions, the EDL service, and remote script execution. Multiple modules focus on how to leverage the collected data. You will create simple search queries in one module and XDR rules in another. The course demonstrate how to use specialized investigation views to visualize artifact-related data, such as IP and Hash Views. Additionally, it provides an introduction to XDR Query Language (XQL). The course concludes with Cortex XDR external-data collection capabilities, including the use of Cortex XDR API to receive external alerts. This class is powered by Cloud Harmonics. Course Outline Module 1 - Cortex XDR Incidents Module 2 - Causality and Analytics Concepts Module 3 - Causality Analysis of Alerts Module 4 - Advanced Response Actions Module 5 - Building Search Queries Module 6 - Building XDR Rules Module 7 - Cortex XDR Assets Module 8 - Introduction to XQL Module 9 - External Data Collection

Duration 3 Days 18 CPD hours This course is intended for This course is designed for IoT practitioners who are looking to improve their skills and knowledge of IoT security and privacy. This course is also designed for students who are seeking the CertNexus Certified Internet of Things Security Practitioner (CIoTSP) certification and who want to prepare for Exam ITS-110. Overview This program will validate that the candidate has the knowledge, skills, and abilities to secure network environments for IoT devices, analyze vulnerabilities and determine reasonable controls against threats, and effectively monitor IoT devices and respond to incidents. This course is designed for practitioners who are seeking to demonstrate a vendor-neutral, cross-industry skill set that will enable them to design, implement, operate, and/or manage a secure IoT ecosystem. Managing IoT Risks Map the IoT Attack Surface Build in Security by Design Securing Web and Cloud Interfaces Identify Threats to IoT Web and Cloud Interfaces Prevent Injection Flaws Prevent Session Management Flaws Prevent Cross-Site Scripting Flaws Prevent Cross-Site Request Forgery Flaws Prevent Unvalidated Redirects and Forwards Securing Data Use Cryptography Appropriately Protect Data in Motion Protect Data at Rest Protect Data in Use Controlling Access to IoT Resources Identify the Need to Protect IoT Implement Secure Authentication Implement Secure Authorization Implement Security Monitoring on IoT Systems Securing IoT Networks Ensure the Security of IP Networks Ensure the Security of Wireless Networks Ensure the Security of Mobile Networks Ensure the Security of IoT Edge Networks Ensuring Privacy Improve Data Collection to Reduce Privacy Concerns Protect Sensitive Data Dispose of Sensitive Data Managing Software and Firmware Risks Manage General Software Risks Manage Risks Related to Software Installation and Configuration Manage Risks Related to Software Patches and Updates Manage Risks Related to IoT Device Operating Systems and Firmware Promoting Physical Security Protect Local Memory and Storage Prevent Physical Port Access

Duration 2 Days 12 CPD hours This course is intended for This course is designed for technical professionals who need to know how to deploy a Cisco Integrated Threat Defense solution in their network environment. Cisco integrators and partners Systems and network engineers Technical architects Technical support personnel Overview After taking this course, you should be able to: Understand the network security landscape and the Cisco Integrated Threat Defense (ITD) solutions Describe the key components of the ITD solution and their use in the network Configure the Cisco Identity Services Engine (ISE) for a baseline of operation in the ITD solution Configure the integration between the Cisco Stealthwatch and Cisco ISE platforms Configure the integration between the Cisco Firepower and ISE platforms Configure the integration between Cisco Firepower and Cisco Advanced Malware Protection (AMP) for Endpoints The Implementing an Integrated Threat Defense Solution (SECUR201) v1.2 course provides an analysis of the cybersecurity landscape with an emphasis on the importance of an integrated threat defense architecture. Through a combination of lessons and hands-on practice, you will learn to deploy and integrate Cisco©?s Integrated Threat Defense solutions which include: Cisco Identity Services Engine (ISE), Cisco Stealthwatch, Cisco Firepower NGFW, and Cisco AMP for Endpoints. This course provides you with the knowledge and skills to implement and integrate solution components with existing network services, integrate solution components with the pxGrid (Platform Exchange Grid) framework, integrate network and endpoint-based malware protection, and observation of security dataflow after the introduction of malware. Course Outline Integrated Threat Defense Introduction ITD Products Identity Services Engine Setup Integration of Stealthwatch with Identity Services Engine Integration of Firepower with Identity Services Engine Integration of Firepower with AMP for Endpoints Lab outline Connecting to the Lab Environment Integrating ISE and Active Directory Integrating ISE and Cisco Adaptive Security Appliance (ASA) Configuring pxGrid and Client Certificates Integrating Stealthwatch with Identity Services Engine Integrating Network Visibility Module (NVM) with AnyConnect Integrating Firepower with Identity Services Engine Integrating AMP for Endpoints with Firepower

Duration 3 Days 18 CPD hours This course is intended for Blockchain Architects Blockchain DevelopersApplication Developers Blockchain System AdministratorsNetwork Security Architects Cyber Security ExpertsIT Professionals w/cyber security experience Overview Those who attend the Security for Blockchain Professionals course and pass the exam certification will have a demonstrated knowledge of:Identifying and differentiating between security threats and attacks on a Blockchain network.Blockchain security methods, best practices, risk mitigation, and more.All known (to date) cyber-attack vectors on the Blockchain.Performing Blockchain network security risk analysis.A complete understanding of Blockchain?s inherent security features and risks.An excellent knowledge of best security practices for Blockchain System/Network Administrators.Demonstrating appropriate Blockchain data safeguarding techniques. This course covers all known aspects of Blockchain security that exist in the Blockchain environment today and provides a detailed overview of all Blockchain security issues, including threats, risk mitigation, node security integrity, confidentiality, best security practices, advanced Blockchain security and more. Fundamental Blockchain Security Cryptography for the Blockchain Hash Functions Public Key Cryptography Elliptic Curve Cryptography A Brief Introduction to Blockchain The Blocks The Chains The Network Promises of the Blockchain Blockchain Security Assumptions Digital Signature Security Hash Function Security Limitations of Basic Blockchain Security Public Key Cryptography Review Real-Life Public Key Protection Cryptography and Quantum Computers Lab 1 (Tentative) Finding Hash Function Collisions Reversible hash function Hash function with poor non-locality Hash function with small search space Breaking Public Key Cryptography Brute Forcing a Short Private Key Brute Forcing a Poorly-Chosen Private Key Consensus in the Blockchain Blockchain Consensus and Byzantine Generals Blockchain Networking Review Byzantine Generals Problem Relation to Blockchain Byzantine Fault Tolerance Introduction to Blockchain Consensus Security Blockchain Consensus Breakthrough Proof of Work What is Proof of Work? How does Proof of Work Solve BGP? Proof of Work Security Assumptions Attacking Proof of Work Proof of Stake What is Proof of Stake? How does Proof of Stake Solve BGP? Proof of Stake Security Assumptions Attacking Proof of Stake General Attacks on Blockchain Consensus Other Blockchain Consensus Algorithms Lab 2 (Tentative) Attacking Proof of Work Performing a 51% Attack Performing a Selfish Mining Attack Attacking Proof of Stake Performing a XX% Attack Performing a Long-Range Attack Malleable Transaction Attacks Advanced Blockchain Security Mechanisms Architectural Security Measures Permissioned Blockchains Checkpointing Advanced Cryptographic Solutions Multiparty Signatures Zero-Knowledge Proofs Stealth Addresses Ring Signatures Confidential Transactions Lab 3 (Tentative) Permissioned Blockchains 51% on a Checkpointed Blockchain Data mining on a blockchain with/without stealth addresses Zero-Knowledge Proof Simulation Trying to fake knowledge of a ZKP Module 4: Blockchain for Business Introduction to Ethereum Security What is Ethereum Consensus in Ethereum Smart Contracts in Ethereum Ethereum Security Pros and Cons of Ethereum Blockchains Introduction to Hyperledger Security What is Hyperledger Consensus in Hyperledger Smart Contracts in Hyperledger Hyperledger Security Pros and Cons of Hyperledger Blockchains Introduction to Corda Security What is Corda Consensus in Corda Smart Contracts in Corda Corda Security Pros and Cons of Corda Blockchains Lab 4 Blockchain Risk Assessment What are the Risks of the Blockchain? Information Security Information Sensitivity Data being placed on blockchain Risks of disclosure Regulatory Requirements Data encryption Data control PII protection Blockchain Architectural Design Public and Private Blockchains Open and Permissioned Blockchains Choosing a Blockchain Architecture Lab 5 Exploring public/private open/permissioned blockchains? Basic Blockchain Security Blockchain Architecture User Security Protecting Private Keys Malware Update Node Security Configuring MSPs Network Security Lab 6 (TBD) Smart Contract Security Introduction to Smart Contracts Smart Contract Security Considerations Turing-Complete Lifetime External Software Smart Contract Code Auditing Difficulties Techniques Tools Lab 7 (Tentative) Try a couple of smart contract code auditing tool against different contracts with built-in vulnerabilities Module 8: Security Implementing Business Blockchains Ethereum Best Practices Hyperledger Best Practices Corda Best Practices Lab 8 Network-Level Vulnerabilities and Attacks Introduction to Blockchain Network Attacks 51% Attacks Denial of Service Attacks Eclipse Attacks Routing Attacks Sybil Attacks Lab 9 Perform different network-level attacks System-Level Vulnerabilities and Attacks Introduction to Blockchain System Vulnerabilities The Bitcoin Hack The Verge Hack The EOS Vulnerability Lab 10 Smart Contract Vulnerabilities and Attacks Introduction to Common Smart Contract Vulnerabilities Reentrancy Access Control Arithmetic Unchecked Return Values Denial of Service Bad Randomness Race Conditions Timestamp Dependence Short Addresses Lab 11 Exploiting vulnerable smart contracts Security of Alternative DLT Architectures What Are Alternative DLT Architectures? Introduction to Directed Acyclic Graphs (DAGs) DAGs vs. Blockchains Advantages of DAGs DAG Vulnerabilities and Security Lab 12 Exploring a DAG network

Duration 0.5 Days 3 CPD hours This course is intended for This 4-hour course is intended for business leads in project management, marketing and sales who are seeking to grow their organization through IoT technology solutions. This course prepares students for taking the CertNexus IoTBIZ Credential (IOZ-110). Overview This course and associated credential (IOZ-110) will validate your knowledge of IoT terminology and your ability to understand the components of IoT infrastructure, help you uncover challenges for consideration and understand the impact that IoT has on your organization. This includes being able to identify what IoT can do for your organization and the various business and technical challenges that you must address. The Internet of Things (IoT) allows organization to collect an extraordinary volume of data and new analysis tools can enable you to use this data to make well-informed decisions to be made quickly. But before you can successfully plan and implement an IoT solution, you must understand the various factors that will drive your decisions. Putting IoT systems into place can be a complicated proposition with unique considerations distinctly different from traditional IT solutions. This course will familiarize you with IoT components, understand the challenges that you may face, and make design decisions about your IoT projects. Course includes an exam voucher for the IoTBIZ exam (exam IOZ-110). Planning an IoT Implementation Defining IoT IoT Infrastructure Identify Benefits and Challenges of IoT Undertaking an IoT Project Identify Real World Applications for IoT The IoT Development Lifecycle Additional course details: Nexus Humans CertNexus Internet of Things for Business Professionals (IoTBIZ) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the CertNexus Internet of Things for Business Professionals (IoTBIZ) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 4 Days 24 CPD hours This course is intended for This course assumes the student has successfully taken and passed the NCSF Foundation 2.0 course based on the NIST Cybersecurity Framework version 1.1, release April 2018. Following the course introduction, the course provides an introduction to the intersection between digital transformation and cybersecurity, which is followed by an overview of the threat landscape. Following an approach to the implementation of cybersecurity controls, the course delves into an organizational approach to cybersecurity that starts governance, management, and a supportive culture,Finally, the course provides additional guidance for the cybersecurity practitioner to determine the current state, the desired state, and a plan to close the gap - and to do this over and over again to inculcate it into organizational DNA. Overview This course looks at the impact of digital transformation on cybersecurity risks, an understanding of the threat landscape, and an approach to the application of cybersecurity controls. It provides guidance for students on the best approach to design and build a comprehensive cybersecurity program. Executives are keenly aware of the risks but have limited knowledge on the best way to mitigate these risks. This course also enables our executives to answer the critical question - Are we secure? The class includes lectures, informative supplemental reference materials, quizzes, exercises, and formal examination. The exercises are a critical aspect of the course; do not skip them. Outcomes and benefits from this class is a practical approach that students can use to build and maintain comprehensive cybersecurity and cyber-risk management programs. This course is targeted at IT and Cybersecurity professionals looking to become certified on how to operationalize the NIST Cybersecurity Framework (NCSP) across an enterprise and its supply chain. Digital Transformation Explores what the Practitioner needs to know about the relationship between digital transformation and cybersecurity Explain how to determine the impact of cybersecurity on DX. Explain the relationships between culture and digital transformation from the perspective of a practitioner. Explain the delivery of value to stakeholders in a DX & cybersecurity environment. Illustrate the interdependent relationship between cybersecurity and DX. Threat Landscape The Practitioner needs to understand what threat actors do and their capabilities. Compare the evolving attack type impact to the threat environment. Apply knowledge about the threat landscape to maintain a readiness to respond. Develop a risk profile based on business impact analysis Establish the relationship between awareness and training in the continual improvement of cybersecurity posture. Develop and treat training & awareness as a critical aspect of deterrence Use knowledge about the threat landscape as a predicate to the adoption and adaptation of your cybersecurity posture. The Controls This chapter provides a sample set of controls based on an informative reference. Understand the purpose goals & objectives for each control. Characterize & explain the informative reference controls Discover how to apply the controls in an organizational context. Adopt & Adapt Adopt is a decision about governance; adapt is the set of management decisions that result from the decision to adopt. Distinguish Adopt, Adapt, Management & Governance. Develop an approach to adoption & adaptation. Distinguish & demonstrate the impact of organizational culture on developing cybersecurity as a capability. Develop an assessment approach to define current state. Adaptive Way of Working Threat actors are agile and highly adaptive. The cybersecurity Practitioner must develop the same capabilities Break down what constitutes an adaptive approach. Characterize & apply the need for crossfunctional teams. Recognize and prioritize the first steps (get started). Demonstrate & establish cybersecurity phases. Break down the impact of the flows. Rapid Adoption & Rapid Adaptation FastTrack FastTrack? is an approach to allow organizations to learn to adapt to an evolving threat landscape rapidly. Approach: Establish what it takes to adopt CS. Determine how that impacts management adaptation of CS. Determine how that impacts the capability to assess. CS Capability: Determine the gap between existing & needed capabilities. Establish what must be developed. Develop appropriate risk management profile. Discover how cybersecurity impacts people, practice & technology impacts organization. Differentiate CIS Implementation groups. Determine appropriate implementation group & approach. Develop appropriate phase approaches. CIIS Practice Cybersecurity is an ongoing game of cat and mouse. Organizations must learn how to inculcate cybersecurity improvement into their DNA. Break down & develop mechanisms for ongoing cybersecurity improvement that includes developing a learning organization. Illustrate an improvement plan based on the NIST 7-Step Approach. Illustrate an improvement plan based on the Improvement GPS Demonstrate understanding of Cybersecurity Maturity Model Certification Break down the balancing loop & how it fits into the escalation archetype Use the Fast Track? (improvement & implementation) cycles.