76 Courses in Cardiff delivered Live Online

Duration 5 Days 30 CPD hours This course is intended for Network Administrators Network security Administrators Network Security Engineer Network Defense Technicians CND Analyst Security Analyst Security Operator Anyone who involves in network operations Overview A dedicated focus on IoT security Network virtualization practices for the remote workforce Enhanced Cloud Security & IoT and Operational Technology (OT) Modules Introduction to threat intelligence In-depth Attack Surface Analysis Certified Network Defender (CND) is a vendor-neutral, hands-on, instructor-led comprehensive network security certification training program. It is a skills-based, lab intensive program based on the security education framework and work role task analysis presented by the National Infocomm Competency Framework (NICF) as well as a job-task analysis and cybersecurity education framework by the National Initiative of Cybersecurity Education (NICE). The course has also been mapped to global job roles and to the Department of Defense (DoD) job roles for system/network administrators. The program prepares network administrators how to identify what parts of an organization need to be reviewed and tested for security vulnerabilities and how to reduce, prevent, and mitigate risks in the network. CND covers the protect, detect, respond and predict approach to network security. Course Outline Network Attacks and Defense Strategies Administrative Network Security Technical Network Security Network Perimeter Security Endpoint Security-Windows Systems Endpoint Security-Linux Systems Endpoint Security- Mobile Devices Endpoint Security-IoT Devices Administrative Application Security Data Security Enterprise Virtual Network Security Enterprise Cloud Network Security Enterprise Wireless Network Security Network Traffic Monitoring and Analysis Network Logs Monitoring and Analysis Incident Response and Forensic Investigation Business Continuity and Disaster Recovery Risk Anticipation with Risk Management Threat Assessment with Attack Surface Analysis Threat Prediction with Cyber Threat Intelligence

Duration 3 Days 18 CPD hours This course is intended for This course is designed for the following roles: Network engineers Network security engineers Network architects Sales/presales engineers Overview After completing the course, you should be able to: Describe Cisco SD-WAN security functions and deployment options Understand how to deploy on-premises threat prevention Describe content filtering options Implement secure Direct Internet Access (DIA) Explain and implement service chaining Explore Secure Access Service Edge (SASE) and identify use cases Describe Umbrella Secure Internet Gateway (SIG) and deployment options Implement Cisco Umbrella SIG and DNS policies Explore and implement Cloud Access Security Broker (CASB) and identify use cases (including Microsoft 365) Discover how to use Cisco ThousandEyes to monitor cloud services Configure Cisco ThousandEyes to monitor Microsoft 365 applications Examine how to protect and optimize access to the software as a service (SaaS) application with Cisco SD-WAN Cloud OnRamp Discover and deploy Cloud OnRamp for multi-cloud, including interconnect and collocation use cases Examine Cisco SD-WAN monitoring capabilities and features with vManage and vAnalytics. The Implementing Cisco SD-WAN Security and Cloud Solutions (SDWSCS) v1.1 course is an advanced training course focused on Cisco SD-WAN security and cloud services. Through a series of labs and lectures you will learn about on-box security services, including application aware enterprise firewall, intrusion prevention, URL filtering, malware protection, and TLS or SSL decryption. You will also learn about cloud integration with multiple cloud services providers and multiple use-cases. Additionally, the lab will allow you to configure and deploy local security services and cloud security services with the Cisco Umbrella Secure Internet Gateway (SIG), as well as integrate the Cisco SD-WAN fabric with a cloud service provider using the Cisco vManage automated workflows. Course Outline Introducing Cisco SD-WAN Security Deploying On-Premises Threat Prevention Examining Content Filtering Exploring Cisco SD-WAN Dedicated Security Options Examining Cisco SASE Exploring Cisco Umbrella SIG Securing Cloud Applications with Cisco Umbrella SIG Exploring Cisco SD-Wan ThousandEyes Optimizing SaaS Applications Connecting Cisco SD-WAN to Public Cloud Examining Cloud Interconnect Solutions Exploring Cisco Cloud OnRamp for Colocation Monitoring Cisco SD-WAN Cloud and Security Solutions

Duration 5 Days 30 CPD hours This course is intended for IS Security Officers IS Managers Virtualization Engineers and Managers Cloud Security Managers Overview Upon completion, the Certified Digital Forensics Examiner candidate will be able to competently take the CDFE exam. The Certified Digital Forensics Examiner, C)DFE certification is designed to train Cyber Crime and Fraud Investigators. Students are taught electronic discovery and advanced investigation techniques.ÿ This course is essential to anyone encountering digital evidence while conducting an investigation. Mile2?s Certified Digital Forensics Examiner training teaches the methodology for conducting a computer forensic examination. Students will learn to use forensically sound investigative techniques in order to evaluate the scene, collect and document all relevant information, interview appropriate personnel, maintain chain-of-ðcustody, and write a findings report. Through the use of a risk-based approach, the C)DFE is able to implement and maintain cost-effective security controls that are closely aligned with both business and industry standards. Course Outline Computer Forensic Incidents Investigative Theory Investigative Process Digital Acquisition and Analysis Disks and Storages Live Acquisitions Windows Forensics Linux Forensics Mac Forensics Examination Protocols Digital Evidence Protocols Digital Evidence Presentation Laboratory Protocols Specialized Artifact Recovery eDiscovery and ESI Mobile Forensics Incident Handling Reporting Additional course details: Nexus Humans C)DFE - Certified Digital Forensics Examiner Mile 2 training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the C)DFE - Certified Digital Forensics Examiner Mile 2 course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 4 Days 24 CPD hours This course is intended for Security Engineers Security Administrators Security Operations Specialists Security Analysts Network Engineers Overview Successful completion of this four-day, instructor-led course will help enhance your understanding of how to better protect your applications, remote networks, and mobile users using a SASE implementation. You will get hands-on experience configuring, managing, and troubleshooting Prisma Access in a lab environment. The Prisma Access SASE Security: Design and Operation (EDU-318) course describes Prisma Access Secure Access Service Edge (SASE) and how it helps organizations embrace cloud and mobility by providing network and network security services from the cloud. This course is intended for people in the fields of public cloud security and cybersecurity, or for anyone who wants to learn how to secure remote networks and mobile users. Course Outline 1 - Prisma Access Overview and Definitions 2 - Planning and Design Architecture 3 - Routing SD-WAN Design and CloudGenix 4 - Activate and Configure Service Connections 5 - Rule Enforcement in Prisma Access and SSL Decrypt 6 - Panorama Operations for Prisma Access and Fawkes Overview 7 - Remote Networks 8 - Mobile Users 9- Cloud Secure Web Gateway 10 - Tune, Optimize and Troubleshoot 11 - Manage Multiple Tenants 12 - What?s New in v2.1 13 - Next Steps Additional course details: Nexus Humans Palo Alto Networks: Prisma Access SASE Security: Design and Operation EDU-318 (3.2) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Palo Alto Networks: Prisma Access SASE Security: Design and Operation EDU-318 (3.2) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 4 Days 24 CPD hours This course is intended for Successful students have experience and knowledge in IT operations, including networking, virtualization, identity, security, business continuity, disaster recovery, data platforms, and governance. Students also have experience designing and architecting solutions. Before attending this course, students must have previous experience deploying or administering Azure resources and strong conceptual knowledge of: Azure compute technologies such as VMs, containers and serverless solutions Azure virtual networking to include load balancers Azure Storage technologies (unstructured and databases) General application design concepts such as messaging and high availability This course teaches Azure Solution Architects how to design infrastructure solutions. Course topics cover governance, compute, application architecture, storage, data integration, authentication, networks, business continuity, and migrations. The course combines lecture with case studies to demonstrate basic architect design principles. Prerequisites Before attending this course, students must have previous experience deploying or administering Azure resources and conceptual knowledge of: Azure Active Directory Azure compute technologies such as VMs, containers and serverless solutions Azure virtual networking to include load balancers Azure Storage technologies (unstructured and databases) General application design concepts such as messaging and high availability AZ-104T00 - Microsoft Azure Administrator 1 - Design governance Design for governance Design for management groups Design for subscriptions Design for resource groups Design for resource tags Design for Azure Policy Design for role-based access control (RBAC) Design for Azure landing zones 2 - Design an Azure compute solution Choose an Azure compute service Design for Azure Virtual Machines solutions Design for Azure Batch solutions Design for Azure App Service solutions Design for Azure Container Instances solutions Design for Azure Kubernetes Service solutions Design for Azure Functions solutions Design for Azure Logic Apps solutions 3 - Design a data storage solution for non-relational data Design for data storage Design for Azure storage accounts Design for data redundancy Design for Azure Blob Storage Design for Azure Files Design for Azure managed disks Design for storage security 4 - Design a data storage solution for relational data Design for Azure SQL Database Design for Azure SQL Managed Instance Design for SQL Server on Azure Virtual Machines Recommend a solution for database scalability Recommend a solution for database availability Design security for data at rest, data in motion, and data in use Design for Azure SQL Edge Design for Azure Cosmos DB and Table Storage 5 - Design data integration Design a data integration solution with Azure Data Factory Design a data integration solution with Azure Data Lake Design a data integration and analytic solution with Azure Databricks Design a data integration and analytic solution with Azure Synapse Analytics Design strategies for hot, warm, and cold data paths Design an Azure Stream Analytics solution for data analysis 6 - Design an application architecture Describe message and event scenarios Design a messaging solution Design an Azure Event Hubs messaging solution Design an event-driven solution Design a caching solution Design API integration Design an automated app deployment solution Design an app configuration management solution 7 - Design authentication and authorization solutions Design for identity and access management (IAM) Design for Microsoft Entra ID Design for Microsoft Entra business-to-business (B2B) Design for Azure Active Directory B2C (business-to-customer) Design for conditional access Design for identity protection Design for access reviews Design service principals for applications Design managed identities Design for Azure Key Vault 8 - Design a solution to log and monitor Azure resources Design for Azure Monitor data sources Design for Azure Monitor Logs (Log Analytics) workspaces Design for Azure Workbooks and Azure insights Design for Azure Data Explorer 9 - Design network solutions Recommend a network architecture solution based on workload requirements Design patterns for Azure network connectivity services Design outbound connectivity and routing Design for on-premises connectivity to Azure Virtual Network Choose an application delivery service Design for application delivery services Design for application protection services 10 - Design a solution for backup and disaster recovery Design for backup and recovery Design for Azure Backup Design for Azure blob backup and recovery Design for Azure files backup and recovery Design for Azure virtual machine backup and recovery Design for Azure SQL backup and recovery Design for Azure Site Recovery 11 - Design migrations Evaluate migration with the Cloud Adoption Framework Describe the Azure migration framework Assess your on-premises workloads Select a migration tool Migrate your structured data in databases Select an online storage migration tool for unstructured data Migrate offline data 12 - Introduction to the Microsoft Azure Well-Architected Framework Azure Well-Architected Framework pillars Cost optimization Operational excellence Performance efficiency Reliability Security 13 - Microsoft Azure Well-Architected Framework - Cost Optimization Develop cost-management discipline Design with a cost-efficiency mindset Design for usage optimization Design for rate optimization Monitor and optimize over time 14 - Microsoft Azure Well-Architected Framework - Operational excellence Embrace DevOps culture Establish development standards Evolve operations with observability Deploy with confidence Automate for efficiency Adopt safe deployment practices 15 - Microsoft Azure Well-Architected Framework - Performance efficiency Negotiate realistic performance targets Design to meet capacity requirements Achieve and sustain performance Improve efficiency through optimization 16 - Microsoft Azure Well-Architected Framework - Reliability Design for business requirements Design for resilience Design for recovery Design for operations Keep it simple 17 - Microsoft Azure Well-Architected Framework - Security Plan your security readiness Design to protect confidentiality Design to protect integrity Design to protect availability Sustain and evolve your security posture 18 - Getting started with the Microsoft Cloud Adoption Framework for Azure Customer narrative Common blockers 19 - Prepare for successful cloud adoption with a well-defined strategy Customer narrative Capture strategic motivation Define objectives and key results Evaluate financial considerations Understand technical considerations Create a business case 20 - Prepare for cloud adoption with a data-driven plan Customer narrative 21 - Choose the best Azure landing zone to support your requirements for cloud operations Customer narrative Common operating models Design areas for Azure landing zones Design principles for Azure landing zones Journey to the target architecture Choose an Azure landing zone option Deploy the Azure landing zone accelerator Enhance your landing zone 22 - Migrate to Azure through repeatable processes and common tools Customer narrative Migration process Migration tools Common tech platforms 23 - Address tangible risks with the Govern methodology of the Cloud Adoption Framework for Azure Customer narrative Govern methodology Corporate policies Governance disciplines Deploy a cloud governance foundation The Cost Management discipline 24 - Ensure stable operations and optimization across all supported workloads deployed to the cloud Establish business commitments Deploy an operations baseline Protect and recover Enhance an operations baseline Manage platform and workload specialization 25 - Innovate applications by using Azure cloud technologies Follow the innovation lifecycle Azure technologies for the build process Infuse your applications with AI Azure technologies for measuring business impact Azure technologies for the learn process 26 - Prepare for cloud security by using the Microsoft Cloud Adoption Framework for Azure Customer narrative Methodology Security roles and responsibilities Simplify compliance and security Simplify security implementation Security tools and policies Additional course details: Nexus Humans AZ-305T00: Designing Microsoft Azure Infrastructure Solutions training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the AZ-305T00: Designing Microsoft Azure Infrastructure Solutions course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for This course is intended for Ethical Hackers, Penetration Testers, Network Server Administrators, Firewall Administrators, Security Testers, System Administrators and Risk Assessment Professionals, Cybersecurity Forensic Analyst, Cyberthreat Analyst, Cloud Security, Analyst Information Security Consultant, Application Security Analyst, Cybersecurity Assurance Engineer, Security Operations Center (SOC) Analyst, Technical Operations Network Engineer, Information Security Engineer, Network Security Penetration Tester, Network Security Engineer, Information Security Architect. Overview Upon successful completion of this course, students will master their Penetration Testing skills, perform the repeatable methodology, become committed to the code of ethics, and present analyzed results through structured reports. The main course outcomes include: 100% mapped with the NICE framework. Maps to the job role of a Penetration Tester and security analyst, based on major job portals. 100% methodology-based Penetration Testing program. Provides strong reporting writing guidance. Blended with both manual and automated Penetration Testing approaches. Gives a real-world experience through an Advanced Penetration Testing Range. Designed based on the most common Penetration Testing services offered by the best service providers in the market. Offers standard templates that can help during a Penetration test. This is a multidisciplinary course with extensive hands-on training in a wide range of crucial skills, including advanced Windows attacks, Internet of Things (IoT) and Operational Technology (OT) systems, filtered network bypass techniques, exploit writing, single and double pivoting, advanced privilege escalation, and binary exploitation. Course Outline Introduction to Penetration Testing Penetration Testing Scoping and Engagement Open Source Intelligence (OSINT) Social Engineering Penetration Testing Network Penetration Testing ? External Network Penetration Testing ? Internal Network Penetration Testing - Perimeter Devices Web Application Penetration Testing Wireless Penetration Testing IoT Penetration Testing OT/SCADA Penetration Testing Cloud Penetration Testing Binary Analysis and Exploitation Report Writing and Post-Testing Actions Additional course details: Nexus Humans Certified Penetration Testing Professional (CPENT) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Certified Penetration Testing Professional (CPENT) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 3 Days 18 CPD hours This course is intended for This course is designed for the following roles: Network engineers Network security engineers Network architects Sales/presales engineers Overview After taking this course, you should be able to: Describe Cisco SD-WAN security functions and deployment options Understand how to deploy on-premises threat prevention Describe content filtering options Implement secure Direct Internet Access (DIA) Explain and implement service chaining Explore Secure Access Service Edge (SASE) and identify use cases Describe Cisco Umbrella Secure Internet Gateway (SIG) and deployment options Implement Cisco Umbrella SIG and Domain Name System (DNS) policies Explore and implement Cloud Access Security Broker (CASB) and identify use cases (including Microsoft 365) Describe how to use Cisco ThousandEyes to monitor cloud services Configure Cisco ThousandEyes to monitor Microsoft 365 applications Examine how to protect and optimize access to the Software as a Service (SaaS) application with Cisco SD-WAN Cloud OnRamp Describe and deploy Cloud OnRamp for multi-cloud, including interconnect and colocation use cases Examine Cisco SD-WAN monitoring capabilities and features with vManage and vAnalytics The Implementing Cisco SD-WAN Security and Cloud Solutions (SDWSCS) v1.0 course is an advanced training course focused on Cisco SD-WAN security and cloud services. Through a series of labs and lectures you will learn about on-box security services, including application-aware enterprise firewall, intrusion prevention, URL filtering, malware protection, and Transport Layer Security (TLS) or Secure Socket Layer (SSL) decryption. You will also learn about cloud integration with multiple cloud service providers across multiple use cases. Additionally, the course labs will allow you to configure and deploy local security services and cloud security services with the Cisco Umbrella Secure Internet Gateway (SIG), as well as integrate the Cisco SD-WAN fabric with a cloud service provider using the Cisco vManage automated workflows. The course lab environment is built using Cisco Catalyst 8000v IOS XE routers and Cisco SD-WAN 20.7 code, and it includes the integration of Cisco FirePOWER Threat Defense for network security and Cisco ThousandEyes for network monitoring. The course will allow you to earn 24 Continuing Education (CE) credits toward recertification. Course Outline Introducing Cisco SD-WAN Security Deploying On-Premises Threat Prevention Examining Content Filtering Exploring Cisco SD-WAN Dedicated Security Options Examining Cisco SASE Exploring Cisco Umbrella SIG Securing Cloud Applications with Cisco Umbrella SIG Exploring Cisco SD-Wan ThousandEyes Optimizing SaaS Applications Connecting Cisco SD-WAN to Public Cloud Examining Cloud Interconnect Solutions Exploring Cisco Cloud OnRamp for Colocation Monitoring Cisco SD-WAN Cloud and Security Solutions Additional course details: Nexus Humans Cisco SD-WAN Security and Cloud Onboarding v1.0 (SDWSCS) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Cisco SD-WAN Security and Cloud Onboarding v1.0 (SDWSCS) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 4 Days 24 CPD hours This course is intended for The Microsoft Security Operations Analyst collaborates with organizational stakeholders to secure information technology systems for the organization. Their goal is to reduce organizational risk by rapidly remediating active attacks in the environment, advising on improvements to threat protection practices, and referring violations of organizational policies to appropriate stakeholders. Responsibilities include threat management, monitoring, and response by using a variety of security solutions across their environment. The role primarily investigates, responds to, and hunts for threats using Microsoft Sentinel, Microsoft Defender for Cloud, Microsoft 365 Defender, and third-party security products. Since the Security Operations Analyst consumes the operational output of these tools, they are also a critical stakeholder in the configuration and deployment of these technologies. Learn how to investigate, respond to, and hunt for threats using Microsoft Sentinel, Microsoft Defender for Cloud, and Microsoft 365 Defender. In this course you will learn how to mitigate cyberthreats using these technologies. Specifically, you will configure and use Microsoft Sentinel as well as utilize Kusto Query Language (KQL) to perform detection, analysis, and reporting. The course was designed for people who work in a Security Operations job role and helps learners prepare for the exam SC-200: Microsoft Security Operations Analyst. Prerequisites Basic understanding of Microsoft 365 Fundamental understanding of Microsoft security, compliance, and identity products Intermediate understanding of Windows 10 Familiarity with Azure services, specifically Azure SQL Database and Azure Storage Familiarity with Azure virtual machines and virtual networking Basic understanding of scripting concepts. 1 - Introduction to Microsoft 365 threat protection Explore Extended Detection & Response (XDR) response use cases Understand Microsoft Defender XDR in a Security Operations Center (SOC) Explore Microsoft Security Graph Investigate security incidents in Microsoft Defender XDR 2 - Mitigate incidents using Microsoft 365 Defender Use the Microsoft Defender portal Manage incidents Investigate incidents Manage and investigate alerts Manage automated investigations Use the action center Explore advanced hunting Investigate Microsoft Entra sign-in logs Understand Microsoft Secure Score Analyze threat analytics Analyze reports Configure the Microsoft Defender portal 3 - Protect your identities with Microsoft Entra ID Protection Microsoft Entra ID Protection overview Detect risks with Microsoft Entra ID Protection policies Investigate and remediate risks detected by Microsoft Entra ID Protection 4 - Remediate risks with Microsoft Defender for Office 365 Automate, investigate, and remediate Configure, protect, and detect Simulate attacks 5 - Safeguard your environment with Microsoft Defender for Identity Configure Microsoft Defender for Identity sensors Review compromised accounts or data Integrate with other Microsoft tools 6 - Secure your cloud apps and services with Microsoft Defender for Cloud Apps Understand the Defender for Cloud Apps Framework Explore your cloud apps with Cloud Discovery Protect your data and apps with Conditional Access App Control Walk through discovery and access control with Microsoft Defender for Cloud Apps Classify and protect sensitive information Detect Threats 7 - Respond to data loss prevention alerts using Microsoft 365 Describe data loss prevention alerts Investigate data loss prevention alerts in Microsoft Purview Investigate data loss prevention alerts in Microsoft Defender for Cloud Apps 8 - Manage insider risk in Microsoft Purview Insider risk management overview Create and manage insider risk policies Investigate insider risk alerts Take action on insider risk alerts through cases Manage insider risk management forensic evidence Create insider risk management notice templates 9 - Investigate threats by using audit features in Microsoft Defender XDR and Microsoft Purview Standard Explore Microsoft Purview Audit solutions Implement Microsoft Purview Audit (Standard) Start recording activity in the Unified Audit Log Search the Unified Audit Log (UAL) Export, configure, and view audit log records Use audit log searching to investigate common support issues 10 - Investigate threats using audit in Microsoft Defender XDR and Microsoft Purview (Premium) Explore Microsoft Purview Audit (Premium) Implement Microsoft Purview Audit (Premium) Manage audit log retention policies Investigate compromised email accounts using Purview Audit (Premium) 11 - Investigate threats with Content search in Microsoft Purview Explore Microsoft Purview eDiscovery solutions Create a content search View the search results and statistics Export the search results and search report Configure search permissions filtering Search for and delete email messages 12 - Protect against threats with Microsoft Defender for Endpoint Practice security administration Hunt threats within your network 13 - Deploy the Microsoft Defender for Endpoint environment Create your environment Understand operating systems compatibility and features Onboard devices Manage access Create and manage roles for role-based access control Configure device groups Configure environment advanced features 14 - Implement Windows security enhancements with Microsoft Defender for Endpoint Understand attack surface reduction Enable attack surface reduction rules 15 - Perform device investigations in Microsoft Defender for Endpoint Use the device inventory list Investigate the device Use behavioral blocking Detect devices with device discovery 16 - Perform actions on a device using Microsoft Defender for Endpoint Explain device actions Run Microsoft Defender antivirus scan on devices Collect investigation package from devices Initiate live response session 17 - Perform evidence and entities investigations using Microsoft Defender for Endpoint Investigate a file Investigate a user account Investigate an IP address Investigate a domain 18 - Configure and manage automation using Microsoft Defender for Endpoint Configure advanced features Manage automation upload and folder settings Configure automated investigation and remediation capabilities Block at risk devices 19 - Configure for alerts and detections in Microsoft Defender for Endpoint Configure advanced features Configure alert notifications Manage alert suppression Manage indicators 20 - Utilize Vulnerability Management in Microsoft Defender for Endpoint Understand vulnerability management Explore vulnerabilities on your devices Manage remediation 21 - Plan for cloud workload protections using Microsoft Defender for Cloud Explain Microsoft Defender for Cloud Describe Microsoft Defender for Cloud workload protections Enable Microsoft Defender for Cloud 22 - Connect Azure assets to Microsoft Defender for Cloud Explore and manage your resources with asset inventory Configure auto provisioning Manual log analytics agent provisioning 23 - Connect non-Azure resources to Microsoft Defender for Cloud Protect non-Azure resources Connect non-Azure machines Connect your AWS accounts Connect your GCP accounts 24 - Manage your cloud security posture management? Explore Secure Score Explore Recommendations Measure and enforce regulatory compliance Understand Workbooks 25 - Explain cloud workload protections in Microsoft Defender for Cloud Understand Microsoft Defender for servers Understand Microsoft Defender for App Service Understand Microsoft Defender for Storage Understand Microsoft Defender for SQL Understand Microsoft Defender for open-source databases Understand Microsoft Defender for Key Vault Understand Microsoft Defender for Resource Manager Understand Microsoft Defender for DNS Understand Microsoft Defender for Containers Understand Microsoft Defender additional protections 26 - Remediate security alerts using Microsoft Defender for Cloud Understand security alerts Remediate alerts and automate responses Suppress alerts from Defender for Cloud Generate threat intelligence reports Respond to alerts from Azure resources 27 - Construct KQL statements for Microsoft Sentinel Understand the Kusto Query Language statement structure Use the search operator Use the where operator Use the let statement Use the extend operator Use the order by operator Use the project operators 28 - Analyze query results using KQL Use the summarize operator Use the summarize operator to filter results Use the summarize operator to prepare data Use the render operator to create visualizations 29 - Build multi-table statements using KQL Use the union operator Use the join operator 30 - Work with data in Microsoft Sentinel using Kusto Query Language Extract data from unstructured string fields Extract data from structured string data Integrate external data Create parsers with functions 31 - Introduction to Microsoft Sentinel What is Microsoft Sentinel? How Microsoft Sentinel works When to use Microsoft Sentinel 32 - Create and manage Microsoft Sentinel workspaces Plan for the Microsoft Sentinel workspace Create a Microsoft Sentinel workspace Manage workspaces across tenants using Azure Lighthouse Understand Microsoft Sentinel permissions and roles Manage Microsoft Sentinel settings Configure logs 33 - Query logs in Microsoft Sentinel Query logs in the logs page Understand Microsoft Sentinel tables Understand common tables Understand Microsoft Defender XDR tables 34 - Use watchlists in Microsoft Sentinel Plan for watchlists Create a watchlist Manage watchlists 35 - Utilize threat intelligence in Microsoft Sentinel Define threat intelligence Manage your threat indicators View your threat indicators with KQL 36 - Connect data to Microsoft Sentinel using data connectors Ingest log data with data connectors Understand data connector providers View connected hosts 37 - Connect Microsoft services to Microsoft Sentinel Plan for Microsoft services connectors Connect the Microsoft Office 365 connector Connect the Microsoft Entra connector Connect the Microsoft Entra ID Protection connector Connect the Azure Activity connector 38 - Connect Microsoft Defender XDR to Microsoft Sentinel Plan for Microsoft Defender XDR connectors Connect the Microsoft Defender XDR connector Connect Microsoft Defender for Cloud connector Connect Microsoft Defender for IoT Connect Microsoft Defender legacy connectors 39 - Connect Windows hosts to Microsoft Sentinel Plan for Windows hosts security events connector Connect using the Windows Security Events via AMA Connector Connect using the Security Events via Legacy Agent Connector Collect Sysmon event logs 40 - Connect Common Event Format logs to Microsoft Sentinel Plan for Common Event Format connector Connect your external solution using the Common Event Format connector 41 - Connect syslog data sources to Microsoft Sentinel Plan for syslog data collection Collect data from Linux-based sources using syslog Configure the Data Collection Rule for Syslog Data Sources Parse syslog data with KQL 42 - Connect threat indicators to Microsoft Sentinel Plan for threat intelligence connectors Connect the threat intelligence TAXII connector Connect the threat intelligence platforms connector View your threat indicators with KQL 43 - Threat detection with Microsoft Sentinel analytics What is Microsoft Sentinel Analytics? Types of analytics rules Create an analytics rule from templates Create an analytics rule from wizard Manage analytics rules 44 - Automation in Microsoft Sentinel Understand automation options Create automation rules 45 - Threat response with Microsoft Sentinel playbooks What are Microsoft Sentinel playbooks? Trigger a playbook in real-time Run playbooks on demand 46 - Security incident management in Microsoft Sentinel Understand incidents Incident evidence and entities Incident management 47 - Identify threats with Behavioral Analytics Understand behavioral analytics Explore entities Display entity behavior information Use Anomaly detection analytical rule templates 48 - Data normalization in Microsoft Sentinel Understand data normalization Use ASIM Parsers Understand parameterized KQL functions Create an ASIM Parser Configure Azure Monitor Data Collection Rules 49 - Query, visualize, and monitor data in Microsoft Sentinel Monitor and visualize data Query data using Kusto Query Language Use default Microsoft Sentinel Workbooks Create a new Microsoft Sentinel Workbook 50 - Manage content in Microsoft Sentinel Use solutions from the content hub Use repositories for deployment 51 - Explain threat hunting concepts in Microsoft Sentinel Understand cybersecurity threat hunts Develop a hypothesis Explore MITRE ATT&CK 52 - Threat hunting with Microsoft Sentinel Explore creation and management of threat-hunting queries Save key findings with bookmarks Observe threats over time with livestream 53 - Use Search jobs in Microsoft Sentinel Hunt with a Search Job Restore historical data 54 - Hunt for threats using notebooks in Microsoft Sentinel Access Azure Sentinel data with external tools Hunt with notebooks Create a notebook Explore notebook code

Duration 2 Days 12 CPD hours This course is intended for Cloud Architects, Security Experts, and Network Administrators requiring in depth knowledge on CloudGuard Network Security products. Overview Discuss Azure Platform Components and their relationship to Check Point CloudGuard Network Security. Explain how to maintain a secure, efficient, and stable cloud environment. Describe the components and constraints of a hub and spoke cloud security environment. Describe the function of the Cloud Management Extension Explain the purpose of identity and access controls and constraints in different cloud platforms. Explain the steps required to configure Identity and Access controls in Azure. Describe the purpose and function of the CloudGuard Controller, its processes, and how it is tied to the Identity Awareness feature. Explain how to design and configure Cloud Adaptive Policies. Discuss the purpose and function of Data Center Objects. Describe the function and advantages of Cloud Service Provider (CSP) automation templates for instance and resource deployments. Explain how CSP templates can be used for maintenance tasks in the cloud environment. Discuss Third-Party Automation tools, how they can simplify deployment and maintenance tasks, and the constraints associated with them. Discuss Scaling Solutions and Options for Cloud Environments. Explain the Scaling Options in Azure. Describe the workflow for configuring scaling solutions in Azure. Discuss how ClusterXL operates and what elements work together to permit traffic failover. Explain how ClusterXL functions differently in a Cloud Environment. Describe how clusters are created and function in Azure. Discuss the elements involved in Hybrid Data Center deployments, the advantages of them, and the constraints involved. Explain the nature of a 'Greenfield' deployment, the advantages of it, and the constraints involved. Describe the components and constraint involved in deploying a Disaster Recovery Site in the cloud. Discuss the steps required for troubleshooting automation in Azure. Explain the steps required for troubleshooting Scaling Solution issues in Azure. Describe the steps required for troubleshooting clusters in Azure. Learn advanced concepts and develop skills needed to design and administer CloudGuard Network Security Environments. Course Outline Deploy a Security Management Server. Connect to SmartConsole. Configure Azure Active Directory and the Service Principle. Install the Cloud Management Extension. Configure the Cloud Management Extension. Configure the Access Control Policy. Assign the Service Principle. Create the CloudGuard Controller Object. Configure Access Control Policy with a Data Center Object. Deploy the Spoke vNets. Create the Spoke Route Table. Deploy Web Servers into the Spoke vNets. Deploy the Virtual Machine Scale Set. Assign the Service Principle to the VMSS Resource Group. Enable Indentity Awareness on the VMSS. Create Load Balancer Rules. Create vNet Peers. Create Web Server Access Control policy. Deploy the Azure High Availability Solution. Create the Cluster Object. Configure the vNet Peering. Create the Internal User Defined Routes. Create the Security Policy for Internal Traffic. Test the Internal Traffic. Troubleshoot the CloudGuard Controller. Debugs the CloudGuard Controller. Debug the Cloud Management Extension. Additional course details: Nexus Humans CNSE-Azure Check Point Network Security Expert for Azure training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the CNSE-Azure Check Point Network Security Expert for Azure course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for The primary audience for this course is as follows: Channel Partner System Engineers System Administrators Architects Security Professionals Overview Upon successful completion of this course, the student will gain the following knowledge:How to describe and position Cisco UmbrellaDiscuss Secure Internet Gateway and Ransomware ProtectionLearn about DNS & IP layer enforcement & Intelligent ProxyDescribe Command and control callback blockingDiscuss Threat IntelligenceCompare Umbrella PackagesUnderstand Roaming SecurityBasic understanding of Cisco Roaming ClientUnderstand how to use Cisco Umbrella Virtual ApplianceExplain the ease of Integrating Cisco Umbrella into Active DirectoryDiscuss Umbrella ReportingUnderstand Utilize Multi-Organization Tools Cisco Umbrella? is a cloud security platform that provides the first line of defense against threats on the Internet. Being able to understand and position how Cisco Umbrella? works and what are the features is the key focus of this 2-day Cisco© online IT class. Students who enter the course with a basic understanding of Cisco© products and IT solutions will be able to describe the Cisco Umbrella?, understand Secure Internet Gateway and Ransomware Protection, discuss Threat Intelligence, use Cisco© Roaming Client. Cisco Umbrella- Security Solution Discuss Security Internet Gateway Explain Ransomware Protection DNS & IP layer enforcement Intelligent Proxy Command & control callback blocking Threat Intelligence Umbrella Packages Implementing Cisco Umbrella Overview of Cisco Umbrella How do you Protect your network Review how to Point your DNS to Cisco Umbrella What are the custom policies? Discuss Intelligent Proxy Umbrella Policy Tester Policy Precedence Roaming Client Introduction to Umbrella Roaming Client Prerequisites Downloading and Installing Adding IP Layer Enforcement Status, States, and Functionality Virtual Appliances Internal Domains Umbrella Roaming Security AnyConnect: Cisco Umbrella Roaming Security Client Administrator Guide Cisco Umbrella Dashboard at a glance Cisco Certificate Import Virtual Appliance Setup Guide Discuss Deployment Guidelines How to Deploy the VAs Review via VMware Review via Hyper-V Understand Your VAs Local DNS Forwarding Overview of DNS Explain Sites and Internal Networks Sizing Active Directory Overview of Active Directory Discuss Up DNS Forwarding with your VAs Active Directory Environment Route DNS Traffic Communication Flow Multiple Active Directory and Umbrella Sites Reporting Overview Reporting Basics Understanding Security Categories Scheduled Reports: Overview Security Overview Report Activity Search Report Security Activity Report Destinations Report Identities Report Cloud Services Report Admin Audit Log Report Umbrella Multi-Org Overview Cisco Umbrella Multi-Org Overview Centralized Settings Centralized Reports: Service Status Centralized Reports: Cloud Services Additional course details: Nexus Humans Cisco Administering and Positioning Cisco Umbrella Operations (ADMUMB) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Cisco Administering and Positioning Cisco Umbrella Operations (ADMUMB) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.