1695 Computing courses in Prestatyn delivered Live Online

Duration 3 Days 18 CPD hours This course is intended for This course is intended for Solution Architects Overview At the end of this course, you will be able to: Apply the AWS Well-Architected Framework Manage multiple AWS accounts for your organization Connect an on-premises datacenter to AWS cloud Move large data from an on-premises datacenter to AWS Design large datastores for AWS cloud Understand different architectural designs for scalability Protect your infrastructure from DDoS attack Secure your data on AWS with encryption Enhance the performance of your solutions Select the most appropriate AWS deployment mechanism Building on concepts introduced in Architecting on AWS, Advanced Architecting on AWS is intended for individuals who are experienced with designing scalable and elastic applications on the AWS platform. Building on concepts introduced in Architecting on AWS, this course covers how to build complex solutions which incorporate data services, governance, and security on AWS. This course introduces specialized AWS services, including AWS Direct Connect and AWS Storage Gateway to support Hybrid architecture. It also covers designing best practices for building scalable, elastic, secure, and highly available applications on AWS. Module 1: AWS Account Management Multiple accounts Multi-account patterns License management Manage security and costs with multiple accounts AWS Organizations AWS Directory Service Hands-on lab: Multi-VPC connectivity using a VPN Module 2: Advanced Network Architectures Improve VPC network connections Enhance performance for HPC workloads VPN connections over AWS AWS Direct Connect AWS Transit Gateway Amazon Route 53 Exercise: Design a hybrid architecture Module 3: Deployment Management on AWS Application lifecycle management Application deployment using containers AWS Elastic Beanstalk AWS OpsWorks AWS CloudFormation Module 4: Data Optimize Amazon S3 storage Amazon ElastiCache AWS Snowball AWS Storage Gateway AWS DataSync Backup and archival considerations Database migration Designing for big data with Amazon DynamoDB Hands-on lab: Build a failover solution with Amazon Route 53 and Amazon RDS Module 5: Designing for large scale applications AWS Auto Scaling Migrating over-provisioned resources Blue-green deployments on AWS Hands-on lab: Blue-green deployment with AWS Module 6: Building resilient architectures DDoS attack overview AWS Shield AWS WAF Amazon GuardDuty High availability using Microsoft SQL Server and Microsoft SharePoint on AWS High availability using MongoDB on Amazon EC2 AWS Global Accelerator Hands-on lab: CloudFront content delivery and automating AWS WAF rules Module 7: Encryption and data security Encryption primer DIY key management in AWS AWS Marketplace for encryption products AWS Key Management Service (AWS KMS) Cloud Hardware Security Module (HSM) Comparison of key management options Hands-on lab: AWS KMS with envelope encryption

Duration 3 Days 18 CPD hours This course is intended for The primary audience for this course is anyone who works in and around IT, facilities or data centre operations and needs to understand and improve the daily operations including important processes such as lock-out/tag-out, the right process for installing/de-installing equipment, safety procedures, capacity management and much more. Overview The old believe that a fully redundant data centre facility will save the day is no longer true as many research outcomes have revealed that the majority of downtime is caused by the human factor. Policies, processes, procedures and work instructions should be carefully developed, ideally following relevant standards, to ensure an effcient and effective data centre operations which are also compliant to the required regulations. The CDFOS© (Certified Data Centre Facilities Operations Specialist) course is a three-day course which will enable participants to fully understand the requirements of running the day-to-day operations of a mission critical data centre. Participants will gain all the required competences for running the daily operations, understand which processes should be in place, and the critical elements of those processes and how to execute them. The course is fully aligned with the DCOS© (Data Centre Operations Standard). Data centre facilities operations management have proven to be the key differentiator between a data centre that is performing well or badly. Service Level Management Service Level Management Needs analysis Capability assessment Service portfolio and catalogue Service Level Agreements Reporting - Complaint procedure Customer satisfaction Service Improvement Process (SIP) Safety and Crisis Management Most common type of accidents and why they often happen The roles and responsibilities of appointed safety staff The importance of the OH&S or WHS manual Calibration of measurement and test equipment Proper lock-out/tag-out procedures Emergency response plan requirement for various potential emergencies The importance of Permit To Work Physical Security Standard Operating Procedures (SOP) for security Security risk assessment Security zones Physical inspections / security patrols Delivery of goods / holding area Entry control of individuals Badges and key management Security monitoring Security incident reporting Facilities Maintenance The importance of maintenance Maintenance definitions Maintenance operations procedures (MOP) Service reports Spare management Tools Housekeeping Data Centre Operations Shift handover Walk around duties Service management Release management Configuration management Floor management Equipment life cycle management Monitoring/Reporting/Control Monitoring requirements Facilities monitoring matrix Sensor / alarm point testing and calibration Notification matrix Escalation requirements Reporting Project Management Project management Project organization Project manager Initiation Planning Execution Monitor and control Closing Evaluation / lessons learnt Environmental Sustainability The importance of sustainability Environmental standards Power efficiency indicators Energy saving best practises Water management Sustainable energy usage Governance and Compliance The importance of document management The siz sub-processes of document management Asset management Requirements or asset recording Exam: Certified Data Centre Facilities Operations Specialist (CDFOS©) Certification exams are administered at the end of the course. The exam is a 90-minute closed book exam, with 60 multiple-choice questions. The candidate requires a minimum of 42 correct answers to pass the exam. Online exam results are known immediately and paper-based exam results will be known within one week. Additional course details: Nexus Humans Certified Data Centre Facilities Operations Specialist (CDFOS) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Certified Data Centre Facilities Operations Specialist (CDFOS) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Audience This is an intermediate course for system and database administrators, application developers, and other individuals who need a technical introduction to selected new features of Db2 13 for z/OS. Prerequisites You should have practical experience with Db2 for z/OS Duration 2 days.  Course Objectives Learn about the new features and enhancements of Db2 for z/OS (v13), including the technical detail of the functional enhancements of this significant new version of Db2 for z/OS. Course Content Unit 1: Db2 v12 Function Levels: Selected Highlights Unit 2: Migrating to Db2 13 Unit 3: Availability & Scalability Unit 4: Performance Unit 5: Application Management and SQL Changes Unit 6: SQL Data Insights Unit 7: Security Unit 8: IBM Db2 Utilities Unit 9: Instrumentation and Serviceability

  During this training course, you will acquire the knowledge and skills to plan and carry out internal audits in compliance with ISO 19011. About This Course   Based on a number of exercises, you will learn how to utilise audit techniques and become competent to manage an internal audit programme, communicate with customers, and manage conflict resolution. After acquiring the necessary expertise, you can sit for the exam and gain 'Certified ISO/IEC 27001: 2022 Internal Auditor' Certification. By holding this Certificate, you will demonstrate that you have the capabilities and competencies to audit organizations based on best practices. Learning objectives By the end of this training course, the participants will be able to: Explain the concepts and principles of an information security management system (ISMS) based on ISO/IEC 27001: 2022 Analyse the ISO/IEC 27001: 2022 requirements for an ISMS from the perspective of an auditor Evaluate the ISMS conformity requirements Plan, conduct, and close an ISO/IEC 27001: 2022 compliance audit programme Assist an organisation in transitioning from ISO 27001: 2013 Deliver an ISO/IEC 27001: 2022 Internal audit programme Our approach This training is based on both theory and best practices used in ISMS audits Lessons are illustrated with examples based on case studies Practical exercises are based on a real world case study Practice tests are similar to the Certification Exam Course Overview Module 1 Foundational Audit principles and concepts of Information Security Management System (ISMS) Module 2 The Information Security Management System (ISMS) Module 3 ISO 19011 audit concepts and principles Module 4 Preparation of an ISO/IEC 27001 audit Module 5 Providing an ISO/IEC 27001 audit Module 6 Closing an ISO/IEC 27001 audit Module 7 Managing an ISO/IEC 27001 Internal audit programme Course Agenda Day 1: Introduction to the information security management system (ISMS) and ISO/IEC 19011 Day 2: Audit principles, preparation, and initiation of an audit Day 3: Audit activities, Closing the Audit and the Certification exam Accreditation Assessment   All candidates at official training courses are tested throughout their course with quizzes and exercises, in combination with a final exam held on the last day of the course. Both elements are a part of the overall score. For this course, the final exam constitutes a 10 question essay type which should be completed within 125 minutes. A passing score is achieved at 70%. Self-study candidates can purchase an exam voucher from our Store. Exam results are returned within 24 hours, with successful candidates receiving both a digital badge and a Certificate of Achievement Prerequisites     A general understanding of ISO/IEC 27001: 2022 and knowledge of audit principles.   Provided by   This course is Accredited by NACS and Administered by the IECB What's Included?   Refreshments & Lunch (Classroom courses only) Course Slide Deck Official Study Guides CPD Certificate The Exam Who Should Attend?   Auditors seeking to perform Internal Information Security Management System (ISMS) certification audits Managers or consultants seeking to master an Information Security Management System audit process Individuals responsible for maintaining conformance with Information Security Management System requirements Technical experts seeking to prepare for an Information Security Management System audit Expert advisors in Information Security Management

Classroom based, instructor led workshop with proctor at home exam. The lab-intensive Certified SOC Analyst (CSA) program emphasizes the holistic approach to deliver the advanced knowledge of how to identify, validate and defend against cyber-attacks.

IP security training course description Connection to the Internet is becoming an essential business tool. This course looks at firewalls, digital certificates, encryption and other essential topics for e-commerce sites. A generic course that looks at firewalls and VPNs. Hands on sessions include using hacking tools and configuring firewalls. What will you learn Describe: Basic security attacks RADIUS SSL IPSec VPNs Implement digital certificates Deploy firewalls to protect Web servers and users. Secure Web servers and clients. IP security training course details Who will benefit: Network administrators. Network operators. Security auditors Prerequisites: TCP/IP foundation for engineers Duration 2 days IP security training course contents TCP/IP review Brief overview of the relevant headers. Hands on Download software for course, use analyser to capture passwords on the wire. Security review Policies, Types of security breach, denial of service, data manipulation, data theft, data destruction, security checklists, incident response. Security exploits The Internet worm, IP spoofing, SYN attack, hijacking, Ping o' Death… keeping up to date with new threats. Hands on Use a port scanning tool, use a 'hacking' tool. Firewalls Products, Packet filtering, DMZ, content filtering, stateful packet inspection, Proxies, firewall architectures, Intrusion Detection Systems, Viruses. Hands on Set up a firewall and prevent attacks. NAT NAT and PAT, Why use NAT, NAT-ALG, RSIP. Encryption Encryption keys, Encryption strengths, Secret key vs Public key, algorithms, systems, SSL, SSH, Public Key Infrastructures. Hands on Run a password-cracking program. Authentication Types of authentication, Securid, Biometrics, PGP, Digital certificates, X.509 v3, Certificate authorities, CRLs, PPP authentication, RADIUS. Hands on Using certificates. Web client and server security Cookies, browser certificates, censorship, PICS. Operating system security, Web server user authentication, Restricting access, Logging, Securing CGI scripts. Hands on Browser security. VPNs and IPSec What is a VPN, tunnelling, L2F, PPTP, L2TP, IPSec, AH, ESP, transport mode, tunnel mode.

ITIL® 4 Leader: Digital and IT Strategy: In-House Training The ITIL® 4 Leader: Digital and IT Strategy (DITS) is one of the two modules in the ITIL® 4 Strategic Leader (SL) certification scheme. The other module in the SL designation is the ITIL® 4 Strategist: Direct, Plan & Improve. Accredited training for the ITIL® 4 Strategic Leader modules is mandatory to enable full understanding of the core material. The ITIL ® 4 Digital and IT Strategy certification focuses on enabling business success through the creation of digital and IT strategies. The IT and Digital Strategy certification adds a new perspective to the ITIL suite and elevates the discussion around ITIL concepts to a strategic level among business leaders and aspiring leaders. The ITIL® 4 Digital and IT Strategy course is based on the ITIL® 4 Digital and IT Strategy exam specification from AXELOS. With the help of ITIL® 4 concepts and terminology, exercises, and examples included in the course, you will acquire relevant knowledge to pass the certification exam. The core learning material in the course is supported by interactive case study, discussions and activities. What You Will Learn The ITIL ® 4 Digital and IT Strategy course covers the content in relation to the following learning outcomes of the exam specification for ITIL ® 4 Digital and IT Strategy: Demonstrate the use of the ITIL guiding principles in Digital and IT Strategy decisions and activities Understand how to leverage digital strategy to react to digital disruption Understand the relationship between the concepts of Digital and IT Strategy, the service value system and the service value chain, and explain how to utilize them to create value Understand how an organization uses Digital and IT Strategy to remain viable in environments disrupted by digital technology Understand strategic approaches made possible by digital and information technology to achieve customer/market relevance and operational excellence Understand the risks and opportunities of Digital and IT Strategy Understand the steps and techniques involved in defining and advocating for a Digital and IT Strategy Understand how to implement a Digital and IT Strategy Key Concepts of Digital and IT Strategy Digital, Information, and Communication Technology Digital Transformation Services, Products, and Competitive Advantage Tiers of Strategy Business Models Operating Models Strategy and the Service Value System Opportunity and Demand Value Governance ITIL® Guiding Principles Continual Improvement ITIL® Practices What is Vision? Disruptions Vision Digital Disruptions Balanced Strategic Focus Positioning Tools for Digital Organizations Assignment 1: Digital Disruption and Digital Positioning Where Are We Now? Environmental Analysis Opportunity Analysis Digital Readiness Assessment How Do We Get There (Strategic Planning) Strategy Planning Financial Aspects of Digital and IT Strategy Business Models for Strategy Planning Portfolio Optimization How Do We Get There (Strategic Approaches) Strategic Approaches for Digital Organizations Strategic Approaches for Operational Excellence Strategic Approaches to Evolution Strategic Approaches to Social Responsibility and Sustainability Assignment 2: Strategic Approaches for Digital Organizations Take Action (Managing Strategic Initiatives) How Strategies are Implemented Coordinating Strategy and Strategic Initiatives Leading Digital Transformation Digital Leadership Assignment 3: Strategy Planning and Communication Did We Get There? (Measuring Strategy) Key Facts About Measurement Measuring a Strategy Instrumenting Strategy How Do We Keep the Momentum Going Long-Term Momentum: Ensuring Organizational Viability Short-Term Momentum: Parallel Operation Assignment: Digital Strategy in VUCA Environment Managing Innovation and Emerging Technologies Managing Innovation Formal Approach to Innovation Management Culture that Supports Innovation Approaches to Innovation Evaluating and Adopting Emerging Technology Managing Strategic Risk Risk Management Risk Identification Risk Posture Risk Treatment

Duration 5 Days 30 CPD hours This course is intended for This course is intended for existing IT professionals who have some networking knowledge and experience and are looking for a single course that provides insight into core and advanced networking technologies in Windows Server. This audience would typically include: Network administrators who are looking to reinforce existing skills and learn about new networking technology changes and functionality in Windows Server. System or Infrastructure Administrators with general networking knowledge who are looking to gain core and advanced networking knowledge and skills on Windows Server. Overview Plan and implement an IPv4 network. Implement Dynamic Host Configuration Protocol (DHCP). Implement IPv6. Implement Domain Name System (DNS). Implement and manage IP address management (IPAM). Plan for remote access. Implement DirectAccess. Implement virtual private networks (VPNs). Implement networking for branch offices. Configure advanced networking features. Implement Software Defined Networking. 55343A is the Community Courseware equivalent of retired Legacy Course 20741BC - Networking with Windows Server 2016. This 5-day classroom-based course provides the fundamental networking skills required to deploy and support Windows Server in most organizations. It covers IP fundamentals, remote access technologies, and more advanced content including Software Defined Networking. Although this course and the associated labs are written for Windows Server 2022, the skills taught will also be backwards compatible for Server 2016 and Server 2019. Prerequisites In addition to professional experience, students who attend this training should already have the following technical knowledge: Experience working with Windows Server Knowledge of the Open Systems Interconnection (OSI) model Understanding of core networking infrastructure components and technologies such as cabling, routers and switches Familiarity with networking topologies and architectures such as local area networks (LANs), wide area networks (WANs) and wireless networking Some basic knowledge of the TCP/IP protocol stack, addressing and name resolution Experience with and knowledge of virtualization Hands-on experience working with the Windows client operating systems such as Windows 10 or Windows 11 1 - Planning and implementing an IPv4 network Planning IPv4 addressing Configuring an IPv4 host Managing and troubleshooting IPv4 network connectivity 2 - Implementing DHCP Overview of the DHCP server role Deploying DHCP Managing and troubleshooting DHCP 3 - Implementing IPv6 Overview of IPv6 addressing Configuring an IPv6 host Implementing IPv6 and IPv4 coexistence Transitioning from IPv4 to IPv6 4 - Implementing DNS Implementing DNS servers Configuring zones in DNS Configuring name resolution between DNS zones Configuring DNS integration with Active Directory Domain Services (AD DS) Configuring advanced DNS settings 5 - Implementing and managing IPAM Overview of IPAM Deploying IPAM Managing IP address spaces by using IPAM 6 - Remote access in Windows Server Overview of remote access Implementing the Web Application Proxy 7 - Implementing DirectAccess Overview of DirectAccess Implementing DirectAccess by using the Getting Started Wizard Implementing and managing an advanced DirectAccess infrastructure 8 - Implementing VPNs Planning VPNs Implementing VPNs 9 - Implementing networking for branch offices Networking features and considerations for branch offices Implementing Distributed File System (DFS) for branch offices Implementing BranchCache for branch offices 10 - Configuring advanced networking features Overview of high performance networking features Configuring advanced Microsoft Hyper-V networking features 11 - Implementing Software Defined Networking Overview of SDN. Implementing network virtualization Implementing Network Controller

Duration 4 Days 24 CPD hours This course is intended for This course is for Azure Administrators. The Azure Administrator implements, manages, and monitors identity, governance, storage, compute, and virtual networks in a cloud environment. The Azure Administrator will provision, size, monitor, and adjust resources as appropriate. This course teaches IT Professionals how to manage their Azure subscriptions, secure identities, administer the infrastructure, configure virtual networking, connect Azure and on-premises sites, manage network traffic, implement storage solutions, create and scale virtual machines, implement web apps and containers, back up and share data, and monitor your solution. Prerequisites Successful Azure Administrators start this role with experience in virtualization, networking, identity, and storage. Understanding of on-premises virtualization technologies, including: VMs, virtual networking, and virtual hard disks. Understanding of network configurations, including TCP/IP, Domain Name System (DNS), virtual private networks (VPNs), firewalls, and encryption technologies. Understanding of Active Directory concepts, including users, groups, and role-based access control. Understanding of resilience and disaster recovery, including backup and restore operations. 1 - Configure Microsoft Entra ID Describe Microsoft Entra ID benefits and features Describe Microsoft Entra concepts Compare Active Directory Domain Services to Microsoft Entra ID Select Microsoft Entra editions Implement Microsoft Entra join Implement Microsoft Entra self-service password reset 2 - Configure user and group accounts Create user accounts Manage user accounts Create bulk user accounts Create group accounts Create administrative units 3 - Configure subscriptions Identify Azure regions Implement Azure subscriptions Obtain an Azure subscription Identify Azure subscription usage Implement Microsoft Cost Management Apply resource tagging Apply cost savings 4 - Configure Azure Policy Create management groups Implement Azure policies Create Azure policies Create policy definitions Create an initiative definition Scope the initiative definition Determine compliance 5 - Configure role-based access control Implement role-based access control Create a role definition Create a role assignment Compare Azure roles to Microsoft Entra roles Apply role-based access control Review fundamental Azure RBAC roles 6 - Configure Azure resources with tools Use the Azure portal Use Azure Cloud Shell Use Azure PowerShell Use Azure CLI 7 - Use Azure Resource Manager Review Azure Resource Manager benefits Review Azure resource terminology Create resource groups Create Azure Resource Manager locks Reorganize Azure resources Remove resources and resource groups Determine resource limits 8 - Configure resources with Azure Resource Manager templates Review Azure Resource Manager template advantages Explore the Azure Resource Manager template schema Explore the Azure Resource Manager template parameters Consider Bicep templates Review QuickStart templates 9 - Configure virtual networks Plan virtual networks Create subnets Create virtual networks Plan IP addressing Create public IP addressing Associate public IP addresses Allocate or assign private IP addresses 10 - Configure network security groups Implement network security groups Determine network security group rules Determine network security group effective rules Create network security group rules Implement application security groups 11 - Configure Azure DNS Identify domains and custom domains Verify custom domain names Create Azure DNS zones Delegate DNS domains Add DNS record sets Plan for Azure Private DNS zones Review Azure Private DNS zone scenarios 12 - Configure Azure Virtual Network peering Determine Azure Virtual Network peering uses Determine gateway transit and connectivity Create virtual network peering Extend peering with user-defined routes and service chaining 13 - Configure network routing and endpoints Review system routes Identify user-defined routes Determine service endpoint uses Determine service endpoint services Identify private link uses 14 - Configure Azure Load Balancer Determine Azure Load Balancer uses Implement a public load balancer Implement an internal load balancer Determine load balancer SKUs Create back-end pools Create health probes Create load balancer rules 15 - Configure Azure Application Gateway Implement Azure Application Gateway Determine Azure Application Gateway routing Configure Azure Application Gateway components 16 - Configure storage accounts Implement Azure Storage Explore Azure Storage services Determine storage account types Determine replication strategies Access storage Secure storage endpoints 17 - Configure Azure Blob Storage Implement Azure Blob Storage Create blob containers Assign blob access tiers Add blob lifecycle management rules Determine blob object replication Upload blobs Determine Blob Storage pricing 18 - Configure Azure Storage security Review Azure Storage security strategies Create shared access signatures Identify URI and SAS parameters Determine Azure Storage encryption Create customer-managed keys Apply Azure Storage security best practices 19 - Configure Azure Files and Azure File Sync Compare storage for file shares and blob data Manage Azure file shares Create file share snapshots Implement Azure File Sync Identify Azure File Sync components Deploy Azure File Sync 20 - Configure Azure Storage with tools Use Azure Storage Explorer Use the Azure Import/Export service Use the WAImportExport tool Use the AzCopy tool 21 - Configure virtual machines Review cloud services responsibilities Plan virtual machines Determine virtual machine sizing Determine virtual machine storage Create virtual machines in the Azure portal Connect to virtual machines 22 - Configure virtual machine availability Plan for maintenance and downtime Create availability sets Review update domains and fault domains Review availability zones Compare vertical and horizontal scaling Implement Azure Virtual Machine Scale Sets Create Virtual Machine Scale Sets Implement autoscale Configure autoscale 23 - Configure Azure App Service plans Implement Azure App Service plans Determine Azure App Service plan pricing Scale up and scale out Azure App Service Configure Azure App Service autoscale 24 - Configure Azure App Service Implement Azure App Service Create an app with App Service Explore continuous integration and deployment Create deployment slots Add deployment slots Secure your App Service app Create custom domain names Back up and restore your App Service app Use Azure Application Insights 25 - Configure Azure Container Instances Compare containers to virtual machines Review Azure Container Instances Implement container groups Review the Docker platform 26 - Configure file and folder backups Describe Azure Backup benefits Implement Backup Center for Azure Backup Configure Azure Recovery Services vault backup options Use the Microsoft Azure Recovery Services (MARS) agent Configure on-premises file and folder backups 27 - Configure virtual machine backups Explore options to protect virtual machine data Create virtual machine snapshots in Azure Backup Set up Azure Recovery Services vault backup options Back up your virtual machines Restore your virtual machines Implement System Center DPM and Azure Backup Server Compare the MARS agent and Azure Backup Server Implement soft delete for your virtual machines Implement Azure Site Recovery 28 - Configure Azure Monitor Describe Azure Monitor key capabilities Describe Azure Monitor components Define metrics and logs Identify monitoring data and tiers Describe activity log events Query the activity log 29 - Configure Azure alerts Describe Azure Monitor alerts Manage Azure Monitor alerts Create alert rules Create action groups 30 - Configure Log Analytics Determine Log Analytics uses Create a Log Analytics workspace Create Kusto (KQL) queries Structure Log Analytics queries 31 - Configure Network Watcher Describe Azure Network Watcher features Review IP flow verify diagnostics Review next hop diagnostics Visualize the network topology

Duration 4 Days 24 CPD hours This course is intended for This course is for Azure Security Engineers who are planning to take the associated certification exam, or who are performing security tasks in their day-to-day job. This course would also be helpful to an engineer that wants to specialize in providing security for Azure-based digital platforms and play an integral role in protecting an organization's data. This course provides IT Security Professionals with the knowledge and skills needed to implement security controls, maintain an organization?s security posture, and identify and remediate security vulnerabilities. This course includes security for identity and access, platform protection, data and applications, and security operations. Prerequisites AZ-104T00 - Microsoft Azure Administrator Security best practices and industry security requirements such as defense in depth, least privileged access, role-based access control, multi-factor authentication, shared responsibility, and zero trust model. Be familiar with security protocols such as Virtual Private Networks (VPN), Internet Security Protocol (IPSec), Secure Socket Layer (SSL), disk and data encryption methods. Have some experience deploying Azure workloads. This course does not cover the basics of Azure administration, instead the course content builds on that knowledge by adding security specific information. Have experience with Windows and Linux operating systems and scripting languages. Course labs may use PowerShell and the CLI. 1 - Manage identities in Microsoft Entra ID Secure users in Microsoft Entra ID Secure groups in Microsoft Entra ID Recommend when to use external identities Secure external identities Implement Microsoft Entra Identity protection 2 - Manage authentication by using Microsoft Entra ID Configure Microsoft Entra Verified ID Implement multifactor authentication (MFA) Implement passwordless authentication Implement password protection Implement single sign-on (SSO) Integrate single sign-on (SSO) and identity providers Recommend and enforce modern authentication protocols 3 - Manage authorization by using Microsoft Entra ID Configure Azure role permissions for management groups, subscriptions, resource groups, and resources Assign built-in roles in Microsoft Entra ID Assign built-in roles in Azure Create and assign a custom role in Microsoft Entra ID Implement and manage Microsoft Entra Permissions Management Configure Microsoft Entra Privileged Identity Management Configure role management and access reviews by using Microsoft Entra Identity Governance Implement Conditional Access policies 4 - Manage application access in Microsoft Entra ID Manage access to enterprise applications in Microsoft Entra ID, including OAuth permission grants Manage app registrations in Microsoft Entra ID Configure app registration permission scopes Manage app registration permission consent Manage and use service principals Manage managed identities for Azure resources Recommend when to use and configure a Microsoft Entra Application Proxy, including authentication 5 - Plan and implement security for virtual networks Plan and implement Network Security Groups (NSGs) and Application Security Groups (ASGs) Plan and implement User-Defined Routes (UDRs) Plan and implement Virtual Network peering or gateway Plan and implement Virtual Wide Area Network, including secured virtual hub Secure VPN connectivity, including point-to-site and site-to-site Implement encryption over ExpressRoute Configure firewall settings on PaaS resources Monitor network security by using Network Watcher, including NSG flow logging 6 - Plan and implement security for private access to Azure resources Plan and implement virtual network Service Endpoints Plan and implement Private Endpoints Plan and implement Private Link services Plan and implement network integration for Azure App Service and Azure Functions Plan and implement network security configurations for an App Service Environment (ASE) Plan and implement network security configurations for an Azure SQL Managed Instance 7 - Plan and implement security for public access to Azure resources Plan and implement Transport Layer Security (TLS) to applications, including Azure App Service and API Management Plan, implement, and manage an Azure Firewall, Azure Firewall Manager and firewall policies Plan and implement an Azure Application Gateway Plan and implement an Azure Front Door, including Content Delivery Network (CDN) Plan and implement a Web Application Firewall (WAF) Recommend when to use Azure DDoS Protection Standard 8 - Plan and implement advanced security for compute Plan and implement remote access to public endpoints, Azure Bastion and just-in-time (JIT) virtual machine (VM) access Configure network isolation for Azure Kubernetes Service (AKS) Secure and monitor AKS Configure authentication for AKS Configure security for Azure Container Instances (ACIs) Configure security for Azure Container Apps (ACAs) Manage access to Azure Container Registry (ACR) Configure disk encryption, Azure Disk Encryption (ADE), encryption as host, and confidential disk encryption Recommend security configurations for Azure API Management 9 - Plan and implement security for storage Configure access control for storage accounts Manage life cycle for storage account access keys Select and configure an appropriate method for access to Azure Files Select and configure an appropriate method for access to Azure Blob Storage Select and configure an appropriate method for access to Azure Tables Select and configure an appropriate method for access to Azure Queues Select and configure appropriate methods for protecting against data security threats, including soft delete, backups, versioning, and immutable storage Configure Bring your own key (BYOK) Enable double encryption at the Azure Storage infrastructure level 10 - Plan and implement security for Azure SQL Database and Azure SQL Managed Instance Enable database authentication by using Microsoft Entra ID Enable and monitor database audit Identify use cases for the Microsoft Purview governance portal Implement data classification of sensitive information by using the Microsoft Purview governance portal Plan and implement dynamic mask Implement transparent data encryption? Recommend when to use Azure SQL Database Always Encrypted 11 - Plan, implement, and manage governance for security Create, assign, and interpret security policies and initiatives in Azure Policy Configure security settings by using Azure Blueprint Deploy secure infrastructures by using a landing zone Create and configure an Azure Key Vault Recommend when to use a dedicated Hardware Security Module (HSM) Configure access to Key Vault, including vault access policies and Azure Role Based Access Control Manage certificates, secrets, and keys Configure key rotation Configure backup and recovery of certificates, secrets, and keys 12 - Manage security posture by using Microsoft Defender for Cloud Implement Microsoft Defender for Cloud Identify and remediate security risks by using the Microsoft Defender for Cloud Secure Score and Inventory Assess compliance against security frameworks and Microsoft Defender for Cloud Add industry and regulatory standards to Microsoft Defender for Cloud Add custom initiatives to Microsoft Defender for Cloud Connect hybrid cloud and multicloud environments to Microsoft Defender for Cloud Identify and monitor external assets by using Microsoft Defender External Attack Surface Management 13 - Configure and manage threat protection by using Microsoft Defender for Cloud Enable workload protection services in Microsoft Defender for Cloud, including Microsoft Defender for Storage, Databases, Containers, App Service, Key Vault, Resource Manager, and DNS Configure Microsoft Defender for Servers Configure Microsoft Defender for Azure SQL Database Manage and respond to security alerts in Microsoft Defender for Cloud Configure workflow automation by using Microsoft Defender for Cloud Evaluate vulnerability scans from Microsoft Defender for Server 14 - Configure and manage security monitoring and automation solutions Monitor security events by using Azure Monitor Configure data connectors in Microsoft Sentinel Create and customize analytics rules in Microsoft Sentinel Configure automation in Microsoft Sentinel Additional course details: Nexus Humans AZ-500T00 Microsoft Azure Security Technologies training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the AZ-500T00 Microsoft Azure Security Technologies course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.