35 Courses in Cardiff delivered Live Online

Duration 1 Days 6 CPD hours This course is intended for Security Engineers Network Engineers Support staff Overview This course is intended to provide an understanding of Palo Alto Networks Next-Generation firewall technologies enable the student to perform a basic installation of Palo Alto Networks Next-Generation firewalls. Upon completion of this course, students will be able to: Explain the features and advantages of the Palo Alto Networks next-generation firewall architecture Understand the capabilities of App-ID, Content-ID, and User-ID Perform the basic configuration of the firewall including: Interfaces and virtual routers NAT Policies Security zones Objects Security policies Content security profiles View logs and basic reports This course was formerly named Palo Alto Networks Foundations of Next Generation Firewalls (EDU-150). ** Our foundation classes are just introductory trainings, NOT a full technical training. Your network has expanded beyond your organization\'s boundaries. Cloud locations and remote users (often using personal devices) have \'distributed\' the surface you need to both enable and protect.At the same time, the motivations of attackers and their sophistication have continued to evolve.Palo Alto Networks' next-generation firewalls are all based on a consistent Single-Pass Architecture, enabling security capability that is unique in the industry. This architecture is implemented in a portfolio of both physical and virtual appliances, designed to cover a range of performance and use case requirements.Features and management are consistent across the portfolio. Integration with GlobalProtect? mobile security service extends policy-based security to mobile devices (whether on-premises or remote). Integration with our threat intelligence services keeps information up to date for the firewall (e.g., URL categories, threat signatures). WildFire? cloud-based malware analysis environment integration supports a rapid \'feedback loop\' that enables the firewall to stop advanced threats throughout the attack lifecycle. Course Outline Module 0: Introduction Module 1: Platforms & Architecture Module 2: Getting Started Module 3: Basic Administration Module 4: Connectivity Module 5: Security Module 6: Logging & Reporting Additional course details: Nexus Humans Palo Alto Networks : Strata Foundations training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Palo Alto Networks : Strata Foundations course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 3 Days 18 CPD hours This course is intended for Operators of Juniper Networks security solutions, including network engineers, administrators, support personnel, and resellers. Overview Identify high-level security challenges in today's networks. Identify products that are incorporated into the Juniper Connected Security solution. Explain the value of implementing security solutions. Explain how Juniper Connected Security solves the cyber security challenges of the future. Explain the SRX Series devices and the added capabilities that next-generation firewalls provide. Explain traffic flows through the SRX Series devices. List the different security objects and how to create them. Describe interface types and perform basic interface configuration tasks. Describe the initial configuration for an SRX Series device. Explain security zones. Describe screens and their use. Explain address objects. Describe services and their use. Describe the purpose for security policies on an SRX Series device. Describe zone-based policies. Describe global policies and their use. Explain unified security policies. Configure unified security policies with the J-Web user interface. Describe IDP signatures. Configure an IDP policy using predefined templates with the J-Web user interface. Describe the use and configuration of the integrated user firewall feature. Describe the UTM security services List the available UTM services on the SRX Series device. Configure UTM filtering on a security policy with the J-Web user interface. Explain Sky ATP's use in security. Describe how Sky ATP and SRX Series devices operate together in blocking threats. Describe NAT and why it is used. Explain source NAT and when to use it. Explain destination NAT and when to use it. Explain static NAT and its uses. Describe the operation and configuration the different types of NAT. Identify various types of VPNs. Describe IPsec VPNs and their functionality. Describe how IPsec VPNs are established. Describe IPsec traffic processing. Configure IPsec VPNs with the J-Web user interface. Describe and configure proxy IDs and traffic selectors with the J-Web user interface. Monitor IPsec VPNs with the J-Web user interface. Describe the J-Web monitoring features. Explain the J-Web reporting features. Describe the Sky Enterprise service and how it can save resources. Explain the functionality of Junos Space Security Director. This course is designed to provide students with the foundational knowledge required to work with SRX Series devices. This course will use the J-Web user interface to introduce students to the Junos operating system. Module 1: COURSE INTRODUCTION COURSE INTRODUCTION Module 2: Juniper Security Concept Security Challenges Security Design Overview Juniper Connected Security Module 3: Juniper Connected Security ? SRX Series Devices Connected Security Interfaces Initial Configuration LAB 1: Initial Configuration Module 4: Security Objects Security Zone Objects Security Screen Objects Security Address Objects Security Services Objects LAB 2: Creating Security Objects with J-Web Module 5: Security Policies Security Policy Overview Zone-Based Policies Global Security Policies Application Firewall with Unified Security Policies LAB 3: Creating Security Policies with J-Web Module 6: Security Services ? IDP and User Firewall IDP Security Services Integrated User Firewall LAB 4: Adding IDP and User Firewall Security Services to Security Policies Module 7: Security Services ? UTM Content Filtering Web Filtering Antivirus Antispam LAB 5: Adding UTM Security Services to Security Policies Module 8: Juniper Connected Security ? Sky AT Sky ATP Overview Blocking Threats Lab 6: Demonstrating Sky ATP Module 9: Network Address Translation NAT Overview Source NAT Destination NAT Static NAT Lab 7: Implementing Network Address Translation Module 10: IPsec VPN Concepts VPN Types Secure VPN Requirements IPsec Tunnel Establishment IPsec Traffic Processing Module 11: Site-to-Site VPNs IPsec Configuration IPsec Site-to-Site Tunne Lab 8: Implementing Site-to-Site IPsec VPNs Module 12: Monitoring and Reporting J-Web monitoring options J-Web Reporting options Lab 9: Using Monitoring and Reporting Appendix A: SRX Series Hardware Appendix D: Sky Enterprise Services Appendix B: Virtual SRX Appendix EJunos Space Security Director Appendix CCLI Prime

Duration 3 Days 18 CPD hours This course is intended for This course is designed for system administrators and implementors interested in learning IBM Security Verify Access. Overview Describe IBM Security Verify Access product and its key features Discuss the architecture and deployment process Configure IBM Security Verify Access users, groups, and domains Introduce concepts of a reverse proxy and how it fits in your web-based infrastructure Describe protected object space and the policy access control model Explain how to set up reverse proxy junctions to handle web requests Discuss and configure authentication mechanisms that are supported by Verify Access Explain and set up logging, auditing, and tracing for Verify Access components IBM Security Verify Access helps you simplify your users' access while more securely adopting web, mobile, IoT, and cloud technologies. It can be deployed on premises, in a virtual or hardware appliance, or containerized with Docker. Verify Access also directly connects with Verify SaaS for a modernized, hybrid IAM approach to enable your organization's migration to identity as a service (IDaaS) at a comfortable pace. Using the skills taught in this course, you learn how to run Verify Access via Docker, configure authentication and authorization mechanisms, implement policy access control, and set up reverse proxy junctions to process web requests. Hands-on exercises reinforce the skills learned. Unit 1 Introduction to IBM Security Verify Access Unit 2 Architecture and deployment Unit 3 Managing users, groups, and domains Unit 4 Reverse Proxy (WebSEAL) concepts Unit 5 Managing access control Unit 6 Configuring junctions for back-end resources Unit 7 Authentication framework and methods Unit 8 Logging, auditing, and tracing Additional course details: Nexus Humans TW108G IBM Security Verify Access Foundations training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the TW108G IBM Security Verify Access Foundations course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for This is an introduction to database security course for intermediate skilled team members. Attendees might include DBAs, system administrators, developers and other enterprise team members. Ideally, students should have approximately 6 months to a year of database working knowledge. Overview Students who attend Securing Databases will leave the course armed with the skills required to recognize actual and potential database vulnerabilities, implement defenses for those vulnerabilities, and test those defenses for sufficiency. This course introduces students to the most common security vulnerabilities faced by databases today. Each vulnerability is examined from a database perspective through a process of describing the threat and attack mechanisms, recognizing associated vulnerabilities, and, finally, designing, implementing, and testing effective defenses. Multiple practical demonstrations reinforce these concepts with real vulnerabilities and attacks. Students will learn how to design and implement the layered defenses they will need in defending their own databases. Securing Databases is an essential training course for DBAs and developers who need to produce secure database applications and manage secure databases. Data, databases, and related resources are at the heart of most IT infrastructures. These assets can have high value from a business, regulatory, and liability perspective, and must be protected accordingly. This course showcases demonstrations on how to repeatedly attack and then defend various assets associated with a fully functional database. This approach illustrates the mechanics of how to secure databases in the most practical of terms. Security experts agree that the least effective approach to security is 'penetrate and patch'. It is far more effective to 'bake' security into an application throughout its lifecycle. After spending significant time trying to defend a poorly designed (from a security perspective) database application, students will learn how to build secure their databases and applications, starting at project inception. Securing Databases Foundation Why Hunt for Security Defects? Fingerprinting Databases Principles of Information Security Database Security Vulnerabilities Database Security Concerns Vulnerabilities Cryptography Overview Database Security Database Security What Next? Secure Development Lifecycle (SDL) SDL Process Overview Taking Action Now Asset Analysis Design Review Making Application Security Real

Duration 1 Days 6 CPD hours This course is intended for This course is intended for Administrator, Database Administrator, End User, Network Administrator, and Systems Administrator. Overview Upon completion of this course, students will be able to Describe and determine database security requirements, Understand Oracle security solutions to help meet security requirements, Implement basic database security, Configure network security, and Discover basic security configuration issues. This Introduction to Oracle Database Security Ed 1 training teaches you how to use Oracle Database features to help meet the security, privacy and compliance requirements of your organization. Introduction Course Objectives Course Schedule Detective Security Controls Preventive Security Controls Your Learning Aids Basic Workshop Architecture Understanding Security Requirements Fundamental Data Security Requirements Security Risks Techniques to Enforce Security Choosing Security Solutions Database Access Control: Authentication Protecting Against Database Bypass with Encryption Protecting Sensitive Data Protecting against Application Bypass Detecting Threats Compliance Implementing Basic Database Security Database Security Checklist Reducing Administrative Effort Principle of Least Privilege Objects Protection Configuring Network Security Network Access Control Listener Security Listener Usage Control Manage fine-grained access to external network services Discovering Basic Configuration Issues Accessing Enterprise Manager Security Reports Using Various Security Reports

Duration 3 Days 18 CPD hours This course is intended for This course is for information technology professionals, security professionals, network, system managers and administrators tasked with installing, configuring and maintaining Symantec Data Center Security: Server Advanced. Overview At the completion of the course, you will be able to: Describe the major components of Symantec Data Center Security: Server Advanced and how they communicate. Install the management server, console and agent. Define, manage and create assets, policies, events and configurations. Understand policy creation and editing in depth. course is an introduction to implementing and managing a Symantec Data Center Security: Server Advanced 6.0 deployment. Introduction Course Overview The Classroom Lab Environment Introduction to Security Risks and Risk Security Risks Security Risk Management Managing and Protecting Systems Corporate Security Policies and Security Assessments Host-Based Computer Security Issues SDCS:Server Advanced Overview SDCS: Server Advanced Component Overview Policy Types and Platforms Management Console Overview Agent User Interface Overview DEMO of Management Console Installation and Deployment Planning the Installation Deploying SDCS:SA for High Availability Scalability Installing the Management Server Installing the Management Console Installing a Windows Agent Installing a UNIX Agent LAB: Install Manager and Agents Configuring Assets Asset and Agent Overview Viewing Agents and Assets Managing Agents Managing Agents on Assets LAB: Create Asset Groups LAB: Examine Agent Interface Policy Overview Policies Defined Prevention Policy Overview Process Sets Resource Access Policy Options Detection Policy Overview IDS Capabilities Rules Collectors Policy Management Workspace User Interface on Agent Example Use Cases LAB: Paper Based Scenarios LAB: What type of security strategy should be used? Detailed Prevention Policies Policy Editor Policy Structure Global Policy Options Service Options Program Options Policy Processing Order Network Rules File Rules Registry Rules Process Sets Predefined Policies LAB: Deploy Strict policy LAB: Examine Functionality Advanced Prevention Profiling Applications Customizing Predefined Policies LAB: Modify Policy Previously Deployed LAB: Re-examine Functionality LAB: Preparing for Policy deployment LAB: Best Practice - Covering Basics LAB: Further Enhance Strict Policy LAB: Create Custom Process Set LAB :Secure an FTP Server LAB: Troubleshoot Policy/pset Assignment Using CLI Detection Policies Detection Policies Structure Collectors Rules Predefined Detection Policies Creating a Detection Policy Using the Template Policy LAB: Deploy Baseline Policy LAB: Create Custom Policy Event Management Events Defined Viewing Events Reports and Queries Overview Creating Queries and Reports Creating Alerts LAB: View Monitor Types and Search Events LAB: Create Real Time Monitor Agent Management and Troubleshooting Configurations Defined Creating and Editing Configurations Common Parameters Prevention Settings Detection Settings Analyzing Agent Log Files Diagnostic Policies Local Agent Tool ? sisipsconfig LAB: Create Custom Configurations LAB: Implement Bulk Logging LAB: Disable Prevention on Agent Using CLI LAB: Use Diagnostic Policy to Gather Logs LAB: Troubleshoot a Policy System Management Managing Users and Roles Server Security Viewing and Managing Server Settings Viewing and Managing Database Settings Viewing and Managing Tomcat Settings LAB: Create a New User LAB: View System Settings

Duration 3 Days 18 CPD hours This course is intended for Networking and security professionals involved in the management, configuration, administration, and monitoring of FortiGate devices used to secure their organizations' networks. Overview Deploy the appropriate operation mode for your network. Use the GUI and CLI for administration. Identify the characteristics of the Fortinet security fabric. Control network access to configured networks using firewall policies. Apply port forwarding, source NAT, and destination NAT. Authenticate users using firewall policies. Understand encryption functions and certificates. Inspect SSL/TLS-secured traffic to prevent encryption used to bypass security policies. Configure security profiles to neutralize threats and misuse, including viruses, torrents, and inappropriate websites. Apply application control techniques to monitor and control network applications that might use standard or non-standard protocols and ports. Fight hacking and denial of service (DoS). Defend against data leaks by identifying files with sensitive data, and block them from leaving your private network. Offer an SSL VPN for secure access to your private network. Implement a dial-up IPsec VPN tunnel between FortiGate and FortiClient. Collect and interpret log entries. In this three-day course, you will learn how to use basic FortiGate features, including security profiles. Course Outline Module 1. Introduction to FortiGate and the Security Fabric Module 2. Firewall Policies Module 3. Network Address Translation (NAT) Module 4. Firewall Authentication Module 5. Logging and Monitoring Module 6. Certificate Operations Module 7. Web Filtering Module 8. Application Control Module 9. Antivirus Module 10. Intrusion Prevention and Denial of Service Module 11. SSL VPN Module 12. Dial-Up IPsec VPN Module 13. Data Leak Prevention (DLP)

Duration 2 Days 12 CPD hours This course is intended for The ProxySG 6.6 Basic Administration course is intended for students who wish to master the fundamentals of the ProxySG. It is designed for students who have not taken any previous training courses about the ProxySG. Overview Describe the major Secure Web Gateway functions of the ProxySG.License and configure a ProxySG.Deploy a ProxySG in either explicit or transparent mode.Use the Visual Policy Manager to write policies to manage web filtering, authentication, and SSL traffic management.Use ProxySG access logs to generate reports. The ProxySG 6.6 Basic Administration course is an introduction to deployment options and management of the individual key features offered using the ProxySG 6.6 solution. Introduction to the Symantec ProxySG Secure Web Gateway Describe the functions of a proxy server Differentiate proxy servers from firewalls Describe the key features and benefits of the ProxySG List the various ProxySG models Access online Symantec community resources ProxySG Security Deployment Options Describe the three network deployment methods Describe the three possible roles of the ProxySG ProxySG Management Console Describe the relationship between the Management Console and the ProxySG CLI Describe the primary function of the major areas of the Management Console Use the Management Console to access on-box help and Symantec product documentation Traffic Interception Using Proxy Services Understand the functions of proxy services, listeners, and proxy types Describe the three most common proxy services Explain how the intercept and bypass settings affect what happens to network traffic passing through the ProxySG Explain the function of common global proxy service settings Hypertext Transfer Protocol Understand how a connection is initiated over the transport layer Identify the components of an HTTP URL Explain the two types of HTTP messages: request and response Identify common response codes Introduction to the Visual Policy Manager Describe the relationship among the VPM, CPL, and the Management Console Describe the default processing order for policy layers and rules Describe triggers and actions that can be used in writing policy Identify the types of objects that the VPM supports Describe some of the best practices to be followed when using the VPM to create policy Filtering Web Content Describe the main concepts of web filtering Describe the primary category databases Describe the category types available to policy Describe how WebFilter and WebPulse work together Using Threat Intelligence to Defend the Network Understand Intelligence Services as provided by the Global Intelligence Network Understand Geolocation and Threat Risk Levels and how they can be used in policy Ensuring Safe Downloads Describe how malware can be transmitted via HTTP Explain the methods, advantages, and disadvantages of file type detection Describe some of the considerations in deciding what content to block as possible malware sources Notifying User of Internet Usage Policies Explain the function and various components of built-in and custom exception pages Describe the function of Notify User objects Identify the types of pages that can be sent to users by using Notify User objects Describe splash pages and coaching pages using Notify User objects in the VPM Access Logging on the ProxySG Describe, at a high level, how the ProxySG performs access logging Describe the components of a ProxySG access log facility Identify default log facilities and log formats Describe common use cases for periodic and continuous uploading of access logs

Duration 3 Days 18 CPD hours This course is intended for This course is for Network, IT security, and systems administration professionals in a Security Operations position who are tasked with configuring optimum security settings for endpoints protected by Symantec Endpoint Protection 14. Overview At the completion of the course, you will be able to: Protect against Network Attacks and Enforcing Corporate Policies using the Firewall Policy. Blocking Threats with Intrusion Prevention. Introducing File-Based Threats. Preventing Attacks with SEP. Layered Security. Securing Windows Clients. Secure Mac Clients. Secure Linux Clients. Controlling Application and File Access. Restricting Device Access for Windows and Mac Clients. Hardening Clients with System Lockdown. Customizing Policies based on Location. Managing Security Exceptions. This course is designed for the network, IT security, and systems administration professionals in a Security Operations position who are tasked with configuring optimum security settings for endpoints protected by Symantec Endpoint Protection 14. Introduction Course environment Lab environment Introducing Network Threats Describing how Symantec Endpoint Protection protects each layer of the network stack Discovering the tools and methods used by attackers Describing the stages of an attack Protecting against Network Attacks and Enforcing Corporate Policies using the Firewall Policy Preventing network attacks Examining Firewall Policy elements Evaluating built-in rules Creating custom firewall rules Enforcing corporate security policy with firewall rules Blocking network attacks using protection and stealth settings Configuring advanced firewall feature Blocking Threats with Intrusion Prevention Introducing Intrusion Prevention technologies Configuring the Intrusion Prevention policy Managing custom signatures Monitoring Intrusion Prevention events Introducing File-Based Threats Describing threat types Discovering how attackers disguise their malicious applications Describing threat vectors Describing Advanced Persistent Threats and a typical attack scenario Following security best practices to reduce risks Preventing Attacks with SEP Layered Security Virus and Spyware protection needs and solutions Describing how Symantec Endpoint Protection protects each layer of the network stack Examining file reputation scoring Describing how SEP protects against zero-day threats and threats downloaded through files and email Describing how endpoints are protected with the Intelligent Threat Cloud Service Describing how the emulator executes a file in a sandbox and the machine learning engine?s role and function Securing Windows Clients Platform and Virus and Spyware Protection policy overview Tailoring scans to meet an environment?s needs Ensuring real-time protection for clients Detecting and remediating risks in downloaded files Identifying zero-day and unknown threats Preventing email from downloading malware Configuring advanced options Monitoring virus and spyware activity Securing Mac Clients Touring the SEP for Mac client Securing Mac clients Monitoring Mac clients Securing Linux Clients Navigating the Linux client Tailoring Virus and Spyware settings for Linux clients Monitoring Linux clients Providing Granular Control with Host Integrity Ensuring client compliance with Host Integrity Configuring Host Integrity Troubleshooting Host Integrity Monitoring Host Integrity Controlling Application and File Access Describing Application Control and concepts Creating application rulesets to restrict how applications run Monitoring Application Control events Restricting Device Access for Windows and Mac Clients Describing Device Control features and concepts for Windows and Mac clients Enforcing access to hardware using Device Control Discovering hardware access policy violations with reports, logs, and notifications Hardening Clients with System Lockdown What is System Lockdown? Determining to use System Lockdown in Whitelist or Blacklist mode Creating whitelists for blacklists Protecting clients by testing and Implementing System Lockdown Customizing Policies based on Location Creating locations to ensure the appropriate level of security when logging on remotely Determining the criteria and order of assessment before assigning policies Assigning policies to locations Monitoring locations on the SEPM and SEP client Managing Security Exceptions Creating file and folder exceptions for different scan types Describing the automatic exclusion created during installation Managing Windows and Mac exclusions Monitoring security exceptions

Duration 3 Days 18 CPD hours This course is intended for This class is intended for the following job roles: [Cloud] information security analysts, architects, and engineers Information security/cybersecurity specialists Cloud infrastructure architects Additionally, the course is intended for Google and partner field personnel who work with customers in those job roles. The course should also be useful to developers of cloud applications Overview This course teaches participants the following skills: Understanding the Google approach to security Managing administrative identities using Cloud Identity. Implementing least privilege administrative access using Google Cloud Resource Manager, Cloud IAM. Implementing IP traffic controls using VPC firewalls and Cloud Armor Implementing Identity Aware Proxy Analyzing changes to the configuration or metadata of resources with GCP audit logs Scanning for and redact sensitive data with the Data Loss Prevention API Scanning a GCP deployment with Forseti Remediating important types of vulnerabilities, especially in public access to data and VMs This course gives participants broad study of security controls and techniques on Google Cloud Platform. Through lectures, demonstrations, and hands-on labs, participants explore and deploy the components of a secure Google Cloud solution. Participants also learn mitigation techniques for attacks at many points in a Google Cloud-based infrastructure, including Distributed Denial-of-Service attacks, phishing attacks, and threats involving content classification and use. Foundations of GCP Security Google Cloud's approach to security The shared security responsibility model Threats mitigated by Google and by GCP Access Transparency Cloud Identity Cloud Identity Syncing with Microsoft Active Directory Choosing between Google authentication and SAML-based SSO GCP best practices Identity and Access Management GCP Resource Manager: projects, folders, and organizations GCP IAM roles, including custom roles GCP IAM policies, including organization policies GCP IAM best practices Configuring Google Virtual Private Cloud for Isolation and Security Configuring VPC firewalls (both ingress and egress rules) Load balancing and SSL policies Private Google API access SSL proxy use Best practices for structuring VPC networks Best security practices for VPNs Security considerations for interconnect and peering options Available security products from partners Monitoring, Logging, Auditing, and Scanning Stackdriver monitoring and logging VPC flow logs Cloud audit logging Deploying and Using Forseti Securing Compute Engine: techniques and best practices Compute Engine service accounts, default and customer-defined IAM roles for VMs API scopes for VMs Managing SSH keys for Linux VMs Managing RDP logins for Windows VMs Organization policy controls: trusted images, public IP address, disabling serial port Encrypting VM images with customer-managed encryption keys and with customer-supplied encryption keys Finding and remediating public access to VMs VM best practices Encrypting VM disks with customer-supplied encryption keys Securing cloud data: techniques and best practices Cloud Storage and IAM permissions Cloud Storage and ACLs Auditing cloud data, including finding and remediating publicly accessible data Signed Cloud Storage URLs Signed policy documents Encrypting Cloud Storage objects with customer-managed encryption keys and with customer-supplied encryption keys Best practices, including deleting archived versions of objects after key rotation BigQuery authorized views BigQuery IAM roles Best practices, including preferring IAM permissions over ACLs Protecting against Distributed Denial of Service Attacks: techniques and best practices How DDoS attacks work Mitigations: GCLB, Cloud CDN, autoscaling, VPC ingress and egress firewalls, Cloud Armor Types of complementary partner products Application Security: techniques and best practices Types of application security vulnerabilities DoS protections in App Engine and Cloud Functions Cloud Security Scanner Threat: Identity and Oauth phishing Identity Aware Proxy Content-related vulnerabilities: techniques and best practices Threat: Ransomware Mitigations: Backups, IAM, Data Loss Prevention API Threats: Data misuse, privacy violations, sensitive/restricted/unacceptable content Mitigations: Classifying content using Cloud ML APIs; scanning and redacting data using Data Loss Prevention API Additional course details: Nexus Humans Security in Google Cloud training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Security in Google Cloud course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.