160 Courses in Cardiff delivered Live Online

Duration 5 Days 30 CPD hours This course is intended for This course is geared toward Windows system administrators, network administrators, and other system administrators who are interested in supplementing current skills or backstopping other team members, in addition to Linux system administrators who are responsible for these tasks: Configuring, installing, upgrading, and maintaining Linux systems using established standards and procedures Providing operational support Managing systems for monitoring system performance and availability Writing and deploying scripts for task automation and system administration Successful completion of Red Hat System Administration I (RH124) is recommended. Experienced Linux administrators seeking to accelerate their path toward becoming a Red Hat Certified System Administrator should start with the RHCSA Rapid Track course (RH199). Overview You should be able to demonstrate these skills: - Install Red Hat Enterprise Linux using Kickstart - Manage file systems and logical volumes - Manage scheduled jobs - Access network file systems - Manage SELinux - Control firewalls - Perform troubleshooting tasks Red Hat System Administration II (RH134) is designed as the second part of the Red Hat© Certified System Administrator (RHCSA©) training track for IT professionals who have taken Red Hat System Administration I (RH124). The course goes deeper into core Linux© system administration skills, including storage configuration, security feature management, task control, and installation and deployment of Red Hat© Enterprise Linux. Prerequisites Successful completion of Red Hat System Administration I (RH124) is recommended. 1 - Automate installation with Kickstart Automate the installation of Red Hat Enterprise Linux systems with Kickstart. 2 - Use regular expressions with grep Write regular expressions that, when partnered with grep, will allow you to quickly isolate or locate content within text files. 3 - Create and Edit text files with vim Introduce the vim text editor, with which you can open, edit, and save text files. 4 - Schedule future Linux tasks Schedule tasks to automatically execute in the future. 5 - Manage priority of Linux processes Influence the relative priorities at which Linux processes run. 6 - Control access to files with access control lists (ACL) Manage file security using POSIX access control lists. 7 - Manage SELinux security Manage the Security Enhanced Linux (SELinux) behavior of a system to keep it secure in case of a network service compromise. 8 - Connect to network-defined users and groups Configure systems to use central identity management services. 9 - Add disks, partitions, and file systems to a Linux system Manage simple partitions and file systems. 10 - Manage logical volume management (LVM) storage Manage logical volumes from the command line. 11 - Access networked attached storage with network file system (NFS) Access (secure) NFS shares. 12 - Access networked storage with SMB Use autofs and the command line to mount and unmount SMB file systems. 13 - Control and troubleshoot the Red Hat Enterprise Linux boot process 14 - Limit network communication with firewall Configure a basic firewall. 15 - Comprehensive review Practice and demonstrate knowledge and skills learned in this course.

Duration 5 Days 30 CPD hours This course is intended for Network security engineers ISE administrators Wireless network security engineers Cisco integrators and partners Overview After taking this course, you should be able to: Describe Cisco ISE deployments, including core deployment components and how they interact to create a cohesive security architecture. Describe the advantages of such a deployment and how each Cisco ISE capability contributes to these advantages. Describe concepts and configure components related to 802.1X and MAC Authentication Bypass (MAB) authentication, identity management, and certificate services. Describe how Cisco ISE policy sets are used to implement authentication and authorization, and how to leverage this capability to meet the needs of your organization. Describe third-party Network Access Devices (NADs), Cisco TrustSec, and Easy Connect. Describe and configure web authentication, processes, operation, and guest services, including guest access components and various guest access scenarios. Describe and configure Cisco ISE profiling services, and understand how to monitor these services to enhance your situational awareness about network-connected endpoints. Describe best practices for deploying this profiler service in your specific environment. Describe BYOD challenges, solutions, processes, and portals. Configure a BYOD solution, and describe the relationship between BYOD processes and their related configuration components. Describe and configure various certificates related to a BYOD solution. Describe the value of the My Devices portal and how to configure this portal. Describe endpoint compliance, compliance components, posture agents, posture deployment and licensing, and the posture service in Cisco ISE. Describe and configure TACACS+ device administration using Cisco ISE, including command sets, profiles, and policy sets. Understand the role of TACACS+ within the Authentication, Authentication, and Accounting (AAA) framework and the differences between the RADIUS and TACACS+ protocols. Migrate TACACS+ functionality from Cisco Secure Access Control System (ACS) to Cisco ISE, using a migration tool. The Implementing and Configuring Cisco Identity Services Engine (SISE) v3.0 course shows you how to deploy and use Cisco© Identity Services Engine (ISE) v2.4, an identity and access control policy platform that simplifies the delivery of consistent, highly secure access control across wired, wireless, and VPN connections. This hands-on course provides you with the knowledge and skills to implement and use Cisco ISE, including policy enforcement, profiling services, web authentication and guest access services, BYOD, endpoint compliance services, and TACACS+ device administration. Through expert instruction and hands-on practice, you will learn how to use Cisco ISE to gain visibility into what is happening in your network, streamline security policy management, and contribute to operational efficiency. This course helps you prepare to take the exam, Implementing and Configuring Cisco Identity Services Engine (300-715 SISE), which leads to CCNP© Security and the Cisco Certified Specialist - Security Identity Management Implementation certifications. Introducing Cisco ISE Architecture and Deployment Using Cisco ISE as a Network Access Policy Engine Cisco ISE Use Cases Describing Cisco ISE Functions Cisco ISE Deployment Models Context Visibility Cisco ISE Policy Enforcement Using 802.1X for Wired and Wireless Access Using MAC Authentication Bypass for Wired and Wireless Access Introducing Identity Management Configuring Certificate Services Introducing Cisco ISE Policy Implementing Third-Party Network Access Device Support Introducing Cisco TrustSec Cisco TrustSec Configuration Easy Connect Web Authentication and Guest Services Introducing Web Access with Cisco ISE Introducing Guest Access Components Configuring Guest Access Settings Configuring Sponsor and Guest Portals Cisco ISE Profiler Introducing Cisco ISE Profiler Profiling Deployment and Best Practices Cisco ISE BYOD Introducing the Cisco ISE BYOD Process Describing BYOD Flow Configuring the My Devices Portal Configuring Certificates in BYOD Scenarios Cisco ISE Endpoint Compliance Services Introducing Endpoint Compliance Services Configuring Client Posture Services and Provisioning in Cisco ISE Working with Network Access Devices Review TACACS+ Cisco ISE TACACS+ Device Administration Configure TACACS+ Device Administration TACACS+ Device Administration Guidelines and Best Practices Migrating from Cisco ACS to Cisco ISE Lab outline Access the SISE Lab and Install ISE 2.4 Configure Initial Cisco ISE Setup, GUI Familiarization, and System Certificate Usage Integrate Cisco ISE with Active Directory Configure Basic Policy on Cisco ISE Configure Policy Sets Configure Access Policy for Easy Connect Configure Guest Access Configure Guest Access Operations Create Guest Reports Configure Profiling Customize the Cisco ISE Profiling Configuration Create Cisco ISE Profiling Reports Configure BYOD Blacklisting a Device Configure Cisco ISE Compliance Services Configure Client Provisioning Configure Posture Policies Test and Monitor Compliance-Based Access Test Compliance Policy Configure Cisco ISE for Basic Device Administration Configure TACACS+ Command Authorization Additional course details: Nexus Humans Cisco Implementing and Configuring Cisco Identity Services Engine v3.0 (SISE) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Cisco Implementing and Configuring Cisco Identity Services Engine v3.0 (SISE) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for Security engineer Network engineer Network designer Network administrator Systems engineer Consulting systems engineer Technical solutions architect Network manager Cisco integrators and partners Overview After taking this course, you should be able to: Describe information security concepts and strategies within the network Describe common TCP/IP, network application, and endpoint attacks Describe how various network security technologies work together to guard against attacks Implement access control on Cisco ASA appliance and Cisco Firepower Next-Generation Firewall Describe and implement basic email content security features and functions provided by Cisco Email Security Appliance Describe and implement web content security features and functions provided by Cisco Web Security Appliance Describe Cisco Umbrella security capabilities, deployment models, policy management, and Investigate console Introduce VPNs and describe cryptography solutions and algorithms Describe Cisco secure site-to-site connectivity solutions and explain how to deploy Cisco Internetwork Operating System (Cisco IOS) Virtual Tunnel Interface (VTI)-based point-to-point IPsec VPNs, and point-to-point IPsec VPN on the Cisco ASA and Cisco Firepower Next-Generation Firewall (NGFW) Describe and deploy Cisco secure remote access connectivity solutions and describe how to configure 802.1X and Extensible Authentication Protocol (EAP) authentication Provide basic understanding of endpoint security and describe Advanced Malware Protection (AMP) for Endpoints architecture and basic features Examine various defenses on Cisco devices that protect the control and management plane Configure and verify Cisco IOS software Layer 2 and Layer 3 data plane controls Describe Cisco Stealthwatch Enterprise and Stealthwatch Cloud solutions Describe basics of cloud computing and common cloud attacks and how to secure cloud environment The Implementing and Operating Cisco Security Core Technologies (SCOR) v1.0 course helps you prepare for the Cisco© CCNP© Security and CCIE© Security certifications and for senior-level security roles. In this course, you will master the skills and technologies you need to implement core Cisco security solutions to provide advanced threat protection against cybersecurity attacks. You will learn security for networks, cloud and content, endpoint protection, secure network access, visibility, and enforcements. You will get extensive hands-on experience deploying Cisco Firepower© Next-Generation Firewall and Cisco Adaptive Security Appliance (ASA) Firewall; configuring access control policies, mail policies, and 802.1X Authentication; and more. You will get introductory practice on Cisco Stealthwatch© Enterprise and Cisco Stealthwatch Cloud threat detection features. This course, including the self-paced material, helps prepare you to take the exam, Implementing and Operating Cisco Security Core Technologies (350-701 SCOR), which leads to the new CCNP Security, CCIE Security, and the Cisco Certified Specialist - Security Core certifications. Describing Information Security Concepts* Information Security Overview Assets, Vulnerabilities, and Countermeasures Managing Risk Vulnerability Assessment Understanding Common Vulnerability Scoring System (CVSS) Describing Common TCP/IP Attacks* Legacy TCP/IP Vulnerabilities IP Vulnerabilities Internet Control Message Protocol (ICMP) Vulnerabilities TCP Vulnerabilities User Datagram Protocol (UDP) Vulnerabilities Attack Surface and Attack Vectors Reconnaissance Attacks Access Attacks Man-in-the-Middle Attacks Denial of Service and Distributed Denial of Service Attacks Reflection and Amplification Attacks Spoofing Attacks Dynamic Host Configuration Protocol (DHCP) Attacks Describing Common Network Application Attacks* Password Attacks Domain Name System (DNS)-Based Attacks DNS Tunneling Web-Based Attacks HTTP 302 Cushioning Command Injections SQL Injections Cross-Site Scripting and Request Forgery Email-Based Attacks Describing Common Endpoint Attacks* Buffer Overflow Malware Reconnaissance Attack Gaining Access and Control Gaining Access via Social Engineering Gaining Access via Web-Based Attacks Exploit Kits and Rootkits Privilege Escalation Post-Exploitation Phase Angler Exploit Kit Describing Network Security Technologies Defense-in-Depth Strategy Defending Across the Attack Continuum Network Segmentation and Virtualization Overview Stateful Firewall Overview Security Intelligence Overview Threat Information Standardization Network-Based Malware Protection Overview Intrusion Prevention System (IPS) Overview Next Generation Firewall Overview Email Content Security Overview Web Content Security Overview Threat Analytic Systems Overview DNS Security Overview Authentication, Authorization, and Accounting Overview Identity and Access Management Overview Virtual Private Network Technology Overview Network Security Device Form Factors Overview Deploying Cisco ASA Firewall Cisco ASA Deployment Types Cisco ASA Interface Security Levels Cisco ASA Objects and Object Groups Network Address Translation Cisco ASA Interface Access Control Lists (ACLs) Cisco ASA Global ACLs Cisco ASA Advanced Access Policies Cisco ASA High Availability Overview Deploying Cisco Firepower Next-Generation Firewall Cisco Firepower NGFW Deployments Cisco Firepower NGFW Packet Processing and Policies Cisco Firepower NGFW Objects Cisco Firepower NGFW Network Address Translation (NAT) Cisco Firepower NGFW Prefilter Policies Cisco Firepower NGFW Access Control Policies Cisco Firepower NGFW Security Intelligence Cisco Firepower NGFW Discovery Policies Cisco Firepower NGFW IPS Policies Cisco Firepower NGFW Malware and File Policies Deploying Email Content Security Cisco Email Content Security Overview Simple Mail Transfer Protocol (SMTP) Overview Email Pipeline Overview Public and Private Listeners Host Access Table Overview Recipient Access Table Overview Mail Policies Overview Protection Against Spam and Graymail Anti-virus and Anti-malware Protection Outbreak Filters Content Filters Data Loss Prevention Email Encryption Deploying Web Content Security Cisco Web Security Appliance (WSA) Overview Deployment Options Network Users Authentication Secure HTTP (HTTPS) Traffic Decryption Access Policies and Identification Profiles Acceptable Use Controls Settings Anti-Malware Protection Deploying Cisco Umbrella* Cisco Umbrella Architecture Deploying Cisco Umbrella Cisco Umbrella Roaming Client Managing Cisco Umbrella Cisco Umbrella Investigate Overview and Concepts Explaining VPN Technologies and Cryptography VPN Definition VPN Types Secure Communication and Cryptographic Services Keys in Cryptography Public Key Infrastructure Introducing Cisco Secure Site-to-Site VPN Solutions Site-to-Site VPN Topologies IPsec VPN Overview IPsec Static Crypto Maps IPsec Static Virtual Tunnel Interface Dynamic Multipoint VPN Cisco IOS FlexVPN Deploying Cisco IOS VTI-Based Point-to-Point IPsec VPNs Cisco IOS VTIs Static VTI Point-to-Point IPsec Internet Key Exchange (IKE) v2 VPN Configuration Deploying Point-to-Point IPsec VPNs on the Cisco ASA and Cisco Firepower NGFW Point-to-Point VPNs on the Cisco ASA and Cisco Firepower NGFW Cisco ASA Point-to-Point VPN Configuration Cisco Firepower NGFW Point-to-Point VPN Configuration Introducing Cisco Secure Remote Access VPN Solutions Remote Access VPN Components Remote Access VPN Technologies Secure Sockets Layer (SSL) Overview Deploying Remote Access SSL VPNs on the Cisco ASA and Cisco Firepower NGFW Remote Access Configuration Concepts Connection Profiles Group Policies Cisco ASA Remote Access VPN Configuration Cisco Firepower NGFW Remote Access VPN Configuration Explaining Cisco Secure Network Access Solutions Cisco Secure Network Access Cisco Secure Network Access Components AAA Role in Cisco Secure Network Access Solution Cisco Identity Services Engine Cisco TrustSec Describing 802.1X Authentication 802.1X and Extensible Authentication Protocol (EAP) EAP Methods Role of Remote Authentication Dial-in User Service (RADIUS) in 802.1X Communications RADIUS Change of Authorization Configuring 802.1X Authentication Cisco Catalyst© Switch 802.1X Configuration Cisco Wireless LAN Controller (WLC) 802.1X Configuration Cisco Identity Services Engine (ISE) 802.1X Configuration Supplicant 802.1x Configuration Cisco Central Web Authentication Describing Endpoint Security Technologies* Host-Based Personal Firewall Host-Based Anti-Virus Host-Based Intrusion Prevention System Application Whitelists and Blacklists Host-Based Malware Protection Sandboxing Overview File Integrity Checking Deploying Cisco Advanced Malware Protection (AMP) for Endpoints* Cisco AMP for Endpoints Architecture Cisco AMP for Endpoints Engines Retrospective Security with Cisco AMP Cisco AMP Device and File Trajectory Managing Cisco AMP for Endpoints Introducing Network Infrastructure Protection* Identifying Network Device Planes Control Plane Security Controls Management Plane Security Controls Network Telemetry Layer 2 Data Plane Security Controls Layer 3 Data Plane Security Controls Deploying Control Plane Security Controls* Infrastructure ACLs Control Plane Policing Control Plane Protection Routing Protocol Security Deploying Layer 2 Data Plane Security Controls* Overview of Layer 2 Data Plane Security Controls Virtual LAN (VLAN)-Based Attacks Mitigation Sp

Duration 2 Days 12 CPD hours This course is intended for This course is designed for security experts and Check Point resellers who desire to obtain the necessary knowledge required to perform more advanced troubleshooting skills while managing their security environments. Overview Understand how to use Check Point diagnostic tools to determine the status of a network. Understand how to use network packet analyzers and packet capturing tools to evaluate network traffic.Become familiar with more advanced Linux system commands. Obtain a deeper knowledge of the Security Management architecture. Understand how the Management database is structured and how objects are represented in the database. Understand key Security Management Server processes and their debugs. Understand how GuiDBedit operates. Understand how the kernel handles traffic and how to troubleshoot issues with chain modules. Understand how to use the two main procedures for debugging the Firewall kernel and how they differ. Recognize User mode processes and how to interpret their debugs. Discuss how to enable and use core dumps. Understand the processes and components used for policy installs and processing packets in Access Control policies. Understand how to troubleshoot and debug issues that may occur with App Control and URLF. Understand how to debug HTTPS Inspection-related issues. Understand how to troubleshoot and debug Content Awareness issues. Understand how IPS works and how to manage performance issues. Understand how to troubleshoot Anti-Bot and Antivirus. Recognize how to troubleshoot and debug Site-to-Site VPN related issues. Understand how to troubleshoot and debug Remote Access VPNs. Understand how troubleshoot Mobile Access VPN issues. Recognize how to use SecureXL features and commands to enable and disable accelerated traffic. Understand how the server hardware and operating system affects the performance of Security Gateways. Understand how to evaluate hardware configurations for optimal performance. Provide advanced troubleshooting skills to investigate and resolve more complex issues that may occur while managing your Check Point Security environment. Course Outline Advanced Troubleshooting Management Database and Processes Advanced Kernel Debugging User Mode Troubleshooting Advanced Access Control Understanding Threat Prevention Advanced VPN Troubleshooting Acceleration and Performance Tuning Additional course details: Nexus Humans CCTE Check Point Troubleshooting Expert training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the CCTE Check Point Troubleshooting Expert course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for System installersSystem integratorsSystem administratorsNetwork administratorsSolution designers Overview After taking this course, you should be able to:Describe the Cisco IOS XR software architecture, high availability components, and scalability featuresPerform basic configurations on a Cisco IOS XR routerDescribe Cisco IOS XR software operationsDescribe the configuration file systemPerform Cisco IOS XR software installationsConfigure AAA servicesConfigure NTPConfigure Simple Network Management Protocol (SNMP), telemetry, and loggingConfigure routing protocolsMonitor processesUse error messages and core dumps he Introduction to Cisco IOS XR (IOSXR100) v2.0 course introduces you to the features and functions of the Cisco© Internetwork Operating System (Cisco IOS©) XR Software operating system. You learn the fundamental concepts on which the operating system is based and Cisco IOS XR basic operations, system administration, and troubleshooting. Cisco IOS XR Software Overview Platform Overview Cisco IOS XR Architecture Cisco IOS XR High Availability Cisco IOS XR Software Configuration Basics Cisco IOS XR Configuration Operations Cisco IOS XR Initial Configuration Reviewing the Configuration Cisco IOS XR Software Operations Examining Configuration Operations Examining Configuration Rollback and Recovery Configuration File System Overview Examining the Binary Configuration Examining the Commit Database Examining the ASCII Configuration Examining the Nonvolatile Generation (NVgen) Files Verifying Cisco Fabric Services (CFS) Integrity Cisco IOS XR Software Installation Software Package Basics Installing Software Packages AAA Security AAA Fundamentals Task-Based Security Configuring a User Security Policy Authentication with Remote Servers Configuring Router to AAA Server Communication Configuring Authentication Terminal Access Controller Access-Control System Plus (TACACS+) Command Authorization Configuring Accounting AAA Troubleshooting Network Time Synchronization Network Time Protocol SNMP, Telemetry, and Logging Examining SNMP Examining Telemetry Examining Logging Basic Routing Configuration Configuring Intermediate System to Intermediate System (IS-IS) Configuring Open Shortest Path First (OSPF) Configuring Border Gateway Protocol (BGP) Configuring Routing Protocol for LLN (RPL) Policy Packet Filtering Access Control Lists Unicast Reverse Path Forwarding Management Plane Protection Monitoring Process Examining Processes and Threads Process Crashes Commands for Debugging Processes Restartability of Processes Process Monitoring Identifying Memory Problems Memory Depletion Core Dumps Core Dump Fundamentals Using Core Dump Information Additional course details: Nexus Humans Cisco Introduction to Cisco IOS XR v2.0 (IOSXR100) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Cisco Introduction to Cisco IOS XR v2.0 (IOSXR100) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for Security Professionals working with Kubernetes Clusters Container Orchestration Engineers DevOps Professionals Overview In this course, students will learn and practice essential Kubernetes concepts and tasks in the following sections: Cloud Security Fundamentals Cluster Hardening System Hardening Minimize Microservice Vulnerabilities Supply Chain Security Disaster Recovery Secure Back-up and Restore This class prepares students for the Certified Kubernetes Security Specialist (CKS) exam. Kubernetes is a Cloud Orchestration Platform providing reliability, replication, and stabilitywhile maximizing resource utilization for applications and services. By the conclusion of this hands-on, vendor agnostic training you will be equipped with a thorough understanding ofcloud security fundamentals, along with the knowledge, skills and abilities to secure a Kubernetes cluster, detect threats, and properly resolve a security catastrophe. This courseincludes hands-on instruction which develops skills and knowledge for securing container-based applications and Kubernetes platforms, during build, deployment, and runtime. We prioritizecovering all objectives and concepts necessary for passing the Certified Kubernetes Security Specialist (CKS) exam. You will be provided the components necessary to assemble your ownhigh availability Kubernetes environment and harden it for your security needs. Learning Your Environment Underlying Infrastructure Using Vim Tmux Cloud Security Primer Basic Principles Threat Analysis Approach CIS Benchmarks Securing your Kubernetes Cluster Kubernetes Architecture Pods and the Control Plane Kubernetes Security Concepts Install Kubernetes using kubeadm Configure Network Plugin Requirements Kubeadm Basic Cluster Installing Kubeadm Join Node to Cluster Kubeadm Token Manage Kubeadm Tokens Kubeadm Cluster Upgrade Securing the kube-apiserver Configuring the kube-apiserver Enable Audit Logging Falco Deploy Falco to Monitor System Calls Enable Pod Security Policies Encrypt Data at Rest Encryption Configuration Benchmark Cluster with Kube-Bench Kube-Bench Securing ETCD ETCD Isolation ETCD Disaster Recovery ETCD Snapshot and Restore Purge Kubernetes Purge Kubeadm 3Purge Kubeadm Image Scanning Container Essentials Secure Containers Creating a Docker Image Scanning with Trivy Trivy Snyk Security Manually Installing Kubernetes Kubernetes the Alta3 Way Deploy Kubernetes the Alta3 Way Validate your Kubernetes Installation Sonobuoy K8s Validation Test Kubectl (Optional) Kubectl get and sorting kubectl get kubectl describe Labels (Optional) Labels Labels and Selectors Annotations Insert an Annotation Securing your Application Scan a Running Container Tracee Security Contexts for Pods Understanding Security Contexts AppArmor Profiles AppArmor Isolate Container Kernels gVisor Pod Security Pod Security Policies Deploy a PSP Pod Security Standards Enable PSS Open Policy Agent (OPA) Admission Controller Create a LimitRange Open Policy Agent Policy as Code Deploy Gatekeeper User Administration Contexts Contexts Authentication and Authorization Role Based Access Control Role Based Access Control RBAC Distributing Access Service Accounts Limit Pod Service Accounts Securing Secrets Secrets Create and Consume Secrets Hashicorp Vault Deploy Vault Securing the Network Networking Plugins NetworkPolicy Deploy a NetworkPolicy mTLS Linkerd mTLS with istio istio Threat Detection Active Threat Analysis Host Intrusion Detection Deploy OSSEC Network Intrusion Detection Deploy Suricata Physical Intrusion Detection Disaster Recovery Harsh Reality of Security Deploy a Response Plan Kasten K10 Backups Deploy K10

Duration 5 Days 30 CPD hours This course is intended for Typical candidates for this course are IT Professionals who will deploy and manage networks based on HPE?s ArubaOS-Switches. Overview Upon completion of this course, students will be able to: Implement spanning tree protocol and loop protections Ensure redundancy for a network?s default gateway by configuring VRRP on Aruba switches Implement and manage an VSF fabric Deploy ArubaOS switches in single-area and multi-area OSPF systems Use Internet Group Management Protocol (IGMP) to optimize forwarding of multicasts within VLANs Implement PIM-DM to route multicast traffic Establish and monitor BGP sessions between your routers and ISP routers Define ACLs and identify the criteria by which ACLs select traffic Configure ACLs on ArubaOS switches to select given traffic Implement 802.1X on ArubaOS switch ports Configure captive portal authentication on ArubaOS switches to integrate them with an Aruba ClearPass solution Configure tunneled-node on ArubaOS switches Configure ArubaOS switches to select traffic, apply the appropriate QoS marking, and place the traffic in the proper priority queues Implement DHCP snooping and ARP protection to defend networks against DHCP exploits, ARP snooping, and ARP poisoning attacks Implement the proper port security measures for various use cases Implement connection rate filtering to provide a first layer of protection against viruses and worms This course teaches students how to implement and operate enterprise-level Aruba campus switching solutions. Hand-on labs gives students experience with ArubaOS-Switches, including securing access, redundancy technologies such as Multiple Spanning Tree Protocol (MSTP), link aggregation techniques including Link Aggregation Protocol (LACP) and switch virtualization with HPE?s Virtual SwitchingFramework (VSF). Students will also learn to configure dynamic routing with Open Shortest Path First (OSPF) and Border Gateway Protocol (BGP), network optimization via Quality of Service (QoS), IP multicast routing leveraging Protocol Independent Multicast (PIM), and protecting the network using Access Control Lists (ACLs). This course is approximately 30% lecture and 70% hands on lab exercises. Introduction to Aruba SolutionsData Link Layer Redundancy TechnologiesVirtual Router Redundancy Protocol (VRRP)Aruba Backplane Stacking and Advanced Virtual Switch Framework (VSF)Advanced Open Shortest Path First (OSPF)Internet Group Management Protocol (IGMP)Border Gateway Protocol (BGP)Access Control Lists (ACLs)MAC AuthenticationCaptive Portal and Other Guest OptionsIntegrating with Aruba Mobility SolutionsSecure Device ManagementQuality of Service (QoS)Additional Security Features Additional course details: Nexus Humans Aruba Networks - Implementing Aruba Campus Switching Solutions, Rev. 17.41 (IACSS) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Aruba Networks - Implementing Aruba Campus Switching Solutions, Rev. 17.41 (IACSS) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for Security architects System designers Network administrators Operations engineers Network managers, network or security technicians, and security engineers and managers responsible for web security Cisco integrators and partners Overview After taking this course, you should be able to: Describe Cisco WSA Deploy proxy services Utilize authentication Describe decryption policies to control HTTPS traffic Understand differentiated traffic access policies and identification profiles Enforce acceptable use control settings Defend against malware Describe data security and data loss prevention Perform administration and troubleshooting This course shows you how to implement, use, and maintain Cisco© Web Security Appliance (WSA), powered by Cisco Talos, to provide advanced protection for business email and control against web security threats. Through a combination of expert instruction and hands-on practice, you?ll learn how to deploy proxy services, use authentication, implement policies to control HTTPS traffic and access, implement use control settings and policies, use the solution?s anti-malware features, implement data security and data loss prevention, perform administration of Cisco WSA solution, and more.This course helps you prepare to take the exam, Securing the Web with Cisco Web Security Appliance (300-725 SWSA). Describing Cisco WSA Technology Use Case Cisco WSA Solution Cisco WSA Features Cisco WSA Architecture Proxy Service Integrated Layer 4 Traffic Monitor Data Loss Prevention Cisco Cognitive Intelligence Management Tools Cisco Advanced Web Security Reporting (AWSR) and Third-Party Integration Cisco Content Security Management Appliance (SMA) Deploying Proxy Services Explicit Forward Mode vs. Transparent Mode Transparent Mode Traffic Redirection Web Cache Control Protocol Web Cache Communication Protocol (WCCP) Upstream and Downstream Flow Proxy Bypass Proxy Caching Proxy Auto-Config (PAC) Files FTP Proxy Socket Secure (SOCKS) Proxy Proxy Access Log and HTTP Headers Customizing Error Notifications with End User Notification (EUN) Pages Utilizing Authentication Authentication Protocols Authentication Realms Tracking User Credentials Explicit (Forward) and Transparent Proxy Mode Bypassing Authentication with Problematic Agents Reporting and Authentication Re-Authentication FTP Proxy Authentication Troubleshooting Joining Domains and Test Authentication Integration with Cisco Identity Services Engine (ISE) Creating Decryption Policies to Control HTTPS Traffic Transport Layer Security (TLS)/Secure Sockets Layer (SSL) Inspection Overview Certificate Overview Overview of HTTPS Decryption Policies Activating HTTPS Proxy Function Access Control List (ACL) Tags for HTTPS Inspection Access Log Examples Understanding Differentiated Traffic Access Policies and Identification Profiles Overview of Access Policies Access Policy Groups Overview of Identification Profiles Identification Profiles and Authentication Access Policy and Identification Profiles Processing Order Other Policy Types Access Log Examples ACL Decision Tags and Policy Groups Enforcing Time-Based and Traffic Volume Acceptable Use Policies, and End User Notifications Defending Against Malware Web Reputation Filters Anti-Malware Scanning Scanning Outbound Traffic Anti-Malware and Reputation in Policies File Reputation Filtering and File Analysis Cisco Advanced Malware Protection File Reputation and Analysis Features Integration with Cisco Cognitive Intelligence Enforcing Acceptable Use Control Settings Controlling Web Usage URL Filtering URL Category Solutions Dynamic Content Analysis Engine Web Application Visibility and Control Enforcing Media Bandwidth Limits Software as a Service (SaaS) Access Control Filtering Adult Content Data Security and Data Loss Prevention Data Security Cisco Data Security Solution Data Security Policy Definitions Data Security Logs Performing Administration and Troubleshooting Monitor the Cisco Web Security Appliance Cisco WSA Reports Monitoring System Activity Through Logs System Administration Tasks Troubleshooting Command Line Interface

Duration 2 Days 12 CPD hours This course is intended for Cloud Architects, Security Experts, and Network Administrators requiring in depth knowledge on CloudGuard Network Security products. Overview Discuss AWS Platform Components and their relationship to Check Point CloudGuard Network Security. Explain how to maintain a secure, efficient, and stable cloud environment. Describe the components and constraints of a hub and spoke security environment. Describe the function of the Cloud Management Extension. Explain the purpose of identity and access controls and constraints in different cloud platforms. Explain the steps required to configure Identity and Access controls in AWS. Describe the purpose and function of the CloudGuard Controller, its processes, and how it is tied to the Identity Awareness feature. Explain how to design and configure Cloud Adaptive Policies. Discuss the purpose and function of Data Center Objects. Describe the function and advantages of Cloud Service Provider (CSP) automation templates for instance and resource deployments. Explain how CSP templates can be used for maintenance tasks in the cloud environment. Discuss Third-Party Automation tools, how they can simplify deployment and maintenance tasks, and the constraints associated with them. Discuss Scaling Solutions and Options for Cloud Environments. Explain the Scaling Options in AWS. Describe the workflow for configuring scaling solutions in AWS. Discuss how ClusterXL operates and what elements work together to permit traffic failover. Explain how ClusterXL functions differently in a Cloud Environment. Describe how clusters are created and function in AWS. Discuss the elements involved in Hybrid Data Center deployments, the advantages of them, and the constraints involved. Explain the nature of a 'Greenfield' deployment, the advantages of it, and the constraints involved. Describe the components and constraint involved in deploying a Disaster Recovery Site in the cloud. Discuss the steps required for troubleshooting automation in AWS. Explain the steps required for troubleshooting Scaling Solution issues in AWS. Describe the steps required for troubleshooting clusters in AWS. Learn advanced concepts and develop skills needed to design and administer CloudGuard Network Security Environments. Course Outline Create an SSH Key Pair. Create a VPC. Deploy an SMS. Connect to SmartConsole. Review the IAM Role. Configure the Cloud Management Extension. Configure the Access Control Policy. Create the AWS Data Center Object. Create Access Control Policy with a Data Center Object. Create the AWS VPC Spokes. Deploy the Web Servers into the Spoke VPCs. Create the AWS Auto Scale Deployment. Create the External and Internal Load Balancers. Create the VPC for the Auto Scale Deployment. Create the VPC Peers. Deploy the CloudGuard Cluster Template. Create the AWS VPN Gateway. Configure the Tunnel Interfaces. Configure the Static Routes. Configure the Network Objects. Configure the VPN Community. Configure the Security Policy. Test the Traffic. Troubleshoot the CloudGuard Controller. Debug the CloudGuard Controller. Debug the Cloud Management Extension Additional course details: Nexus Humans CNSE-AWS Check Point Network Security Expert for AWS training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the CNSE-AWS Check Point Network Security Expert for AWS course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 3 Days 18 CPD hours This course is intended for This class is intended for the following participants: Cloud architects, administrators, and SysOps/DevOps personnel Individuals using Google Cloud Platform to create new solutions or to integrate existing systems, application environments, and infrastructure with the Google Cloud Platform. Overview This course teaches participants the following skills: Understand how software containers work Understand the architecture of Kubernetes Understand the architecture of Google Cloud Platform Understand how pod networking works in Kubernetes Engine Create and manage Kubernetes Engine clusters using the GCP Console and gcloud/ kubectl commands Launch, roll back and expose jobs in Kubernetes Manage access control using Kubernetes RBAC and Google Cloud IAM Managing pod security policies and network policies Using Secrets and ConfigMaps to isolate security credentials and configuration artifacts Understand GCP choices for managed storage services Monitor applications running in Kubernetes Engine This class introduces participants to deploying and managing containerized applications on Google Kubernetes Engine (GKE) and the other services provided by Google Cloud Platform. Through a combination of presentations, demos, and hands-on labs, participants explore and deploy solution elements, including infrastructure components such as pods, containers, deployments, and services; as well as networks and application services. This course also covers deploying practical solutions including security and access management, resource management, and resource monitoring. Introduction to Google Cloud Platform Use the Google Cloud Platform Console Use Cloud Shell Define cloud computing Identify GCPs compute services Understand regions and zones Understand the cloud resource hierarchy Administer your GCP resources Containers and Kubernetes in GCP Create a container using Cloud Build Store a container in Container Registry Understand the relationship between Kubernetes and Google Kubernetes Engine (GKE) Understand how to choose among GCP compute platforms Kubernetes Architecture Understand the architecture of Kubernetes: pods, namespaces Understand the control-plane components of Kubernetes Create container images using Google Cloud Build Store container images in Google Container Registry Create a Kubernetes Engine cluster Kubernetes Operations Work with the kubectl command Inspect the cluster and Pods View a Pods console output Sign in to a Pod interactively Deployments, Jobs, and Scaling Create and use Deployments Create and run Jobs and CronJobs Scale clusters manually and automatically Configure Node and Pod affinity Get software into your cluster with Helm charts and Kubernetes Marketplace GKE Networking Create Services to expose applications that are running within Pods Use load balancers to expose Services to external clients Create Ingress resources for HTTP(S) load balancing Leverage container-native load balancing to improve Pod load balancing Define Kubernetes network policies to allow and block traffic to pods Persistent Data and Storage Use Secrets to isolate security credentials Use ConfigMaps to isolate configuration artifacts Push out and roll back updates to Secrets and ConfigMaps Configure Persistent Storage Volumes for Kubernetes Pods Use StatefulSets to ensure that claims on persistent storage volumes persist across restarts Access Control and Security in Kubernetes and Kubernetes Engine Understand Kubernetes authentication and authorization Define Kubernetes RBAC roles and role bindings for accessing resources in namespaces Define Kubernetes RBAC cluster roles and cluster role bindings for accessing cluster-scoped resources Define Kubernetes pod security policies Understand the structure of GCP IAM Define IAM roles and policies for Kubernetes Engine cluster administration Logging and Monitoring Use Stackdriver to monitor and manage availability and performance Locate and inspect Kubernetes logs Create probes for wellness checks on live applications Using GCP Managed Storage Services from Kubernetes Applications Understand pros and cons for using a managed storage service versus self-managed containerized storage Enable applications running in GKE to access GCP storage services Understand use cases for Cloud Storage, Cloud SQL, Cloud Spanner, Cloud Bigtable, Cloud Firestore, and Bigquery from within a Kubernetes application