241 Courses delivered Live Online

Duration 2 Days 12 CPD hours This course is intended for Participants who have actual experience in the data centre and/or IT infrastructures are best suited. Attendance of the CDCP© course is recommended but not a requirement. Overview After completion of the course the participant will be able to: 1. Develop and review their data centre strategy 2. Use different risk assessment methodologies together with practical tips specifically for data centre migrations to reduce the risk during a data centre migration 3. Understand different migration strategies 4. Understand the legal aspects when migrating a data centre 5. Understand the importance of Business Service Reviews and Service Level Objectives 6. Size and design the target data centre 7. Understand the importance of detailed discovery and how dependencies influence migration waves 8. Understand the safety requirements during migration 19. Get lots of practical tips when moving to another data centre This course is designed to expose participants to a step-by-step methodology which will enable them to reduce the risks involved when undertaking a data centre migration. It will also give participants a lot of valuable practical hints and tips by trainers having extensive experience in moving and consolidating mission critical data centre. Data Centre Strategy Data centre lifecycle Reasons to migrate a data centre Alternatives to data centre migration Consolidation Outsourcing Cloud computing Upgrade existing data centre or build new Project Management Project management and methods Scope statement Statement Of Work (SOW) Work Breakdown Structure (WBS) Allocate time to the project Cost and estimation methodology Project communication Risk Management Risk management and methods Risk identification Risk assessment methodologies Qualitative approach Semi-quantitative approach Quantitative approach Risk evaluation Risk treatment Risk in data centre migrations Migration Strategies Different data centre migration strategies Heterogeneous migration Homogeneous migration Physical migration Different IT transformations Pre-migration transformation Migration transformation Post-migration transformation Legal Aspects Regulatory requirements Contractual considerations Legal aspects when decommissioning High Level Discovery & Planning The importance of Business Service Reviews The concept of Availability The concept of Recoverability The importance of Service Level Objectives Requirements on designing the target IT architecture Information needed for high level planning Design Target Data Centre Requirements for the target data centre Sizing the data centre Architectural requirements Cooling requirements Power requirements Security Detailed Discovery and Planning The importance of discovery Automated discovery tools Asset management Network and system dependencies Detailed migration planning Migration waves Staffing Warranties and insurance Safety Safety precautions Technical safety review Electrical safety Lifting Personal safety during migration Fire safety during migration Security Controversy between access and security Access control Managing security during migration Security during migration Key management Practical hints and tips Continuous improvement Implementation Rehearsal Route investigation Resourcing Logistics team Packing Transport Installing the equipment Post migration support End of Project Why project closure Lessons learned Phased completion of project Criteria for project closure The outcome of the project End of project Exam: Certified Data Centre Migration Specialist Actual course outline may vary depending on offering center. Contact your sales representative for more information.

Duration 4 Days 24 CPD hours This course is intended for This course assumes the student has successfully taken and passed the NCSF Foundation 2.0 course based on the NIST Cybersecurity Framework version 1.1, release April 2018. Following the course introduction, the course provides an introduction to the intersection between digital transformation and cybersecurity, which is followed by an overview of the threat landscape. Following an approach to the implementation of cybersecurity controls, the course delves into an organizational approach to cybersecurity that starts governance, management, and a supportive culture,Finally, the course provides additional guidance for the cybersecurity practitioner to determine the current state, the desired state, and a plan to close the gap - and to do this over and over again to inculcate it into organizational DNA. Overview This course looks at the impact of digital transformation on cybersecurity risks, an understanding of the threat landscape, and an approach to the application of cybersecurity controls. It provides guidance for students on the best approach to design and build a comprehensive cybersecurity program. Executives are keenly aware of the risks but have limited knowledge on the best way to mitigate these risks. This course also enables our executives to answer the critical question - Are we secure? The class includes lectures, informative supplemental reference materials, quizzes, exercises, and formal examination. The exercises are a critical aspect of the course; do not skip them. Outcomes and benefits from this class is a practical approach that students can use to build and maintain comprehensive cybersecurity and cyber-risk management programs. This course is targeted at IT and Cybersecurity professionals looking to become certified on how to operationalize the NIST Cybersecurity Framework (NCSP) across an enterprise and its supply chain. Digital Transformation Explores what the Practitioner needs to know about the relationship between digital transformation and cybersecurity Explain how to determine the impact of cybersecurity on DX. Explain the relationships between culture and digital transformation from the perspective of a practitioner. Explain the delivery of value to stakeholders in a DX & cybersecurity environment. Illustrate the interdependent relationship between cybersecurity and DX. Threat Landscape The Practitioner needs to understand what threat actors do and their capabilities. Compare the evolving attack type impact to the threat environment. Apply knowledge about the threat landscape to maintain a readiness to respond. Develop a risk profile based on business impact analysis Establish the relationship between awareness and training in the continual improvement of cybersecurity posture. Develop and treat training & awareness as a critical aspect of deterrence Use knowledge about the threat landscape as a predicate to the adoption and adaptation of your cybersecurity posture. The Controls This chapter provides a sample set of controls based on an informative reference. Understand the purpose goals & objectives for each control. Characterize & explain the informative reference controls Discover how to apply the controls in an organizational context. Adopt & Adapt Adopt is a decision about governance; adapt is the set of management decisions that result from the decision to adopt. Distinguish Adopt, Adapt, Management & Governance. Develop an approach to adoption & adaptation. Distinguish & demonstrate the impact of organizational culture on developing cybersecurity as a capability. Develop an assessment approach to define current state. Adaptive Way of Working Threat actors are agile and highly adaptive. The cybersecurity Practitioner must develop the same capabilities Break down what constitutes an adaptive approach. Characterize & apply the need for crossfunctional teams. Recognize and prioritize the first steps (get started). Demonstrate & establish cybersecurity phases. Break down the impact of the flows. Rapid Adoption & Rapid Adaptation FastTrack FastTrack? is an approach to allow organizations to learn to adapt to an evolving threat landscape rapidly. Approach: Establish what it takes to adopt CS. Determine how that impacts management adaptation of CS. Determine how that impacts the capability to assess. CS Capability: Determine the gap between existing & needed capabilities. Establish what must be developed. Develop appropriate risk management profile. Discover how cybersecurity impacts people, practice & technology impacts organization. Differentiate CIS Implementation groups. Determine appropriate implementation group & approach. Develop appropriate phase approaches. CIIS Practice Cybersecurity is an ongoing game of cat and mouse. Organizations must learn how to inculcate cybersecurity improvement into their DNA. Break down & develop mechanisms for ongoing cybersecurity improvement that includes developing a learning organization. Illustrate an improvement plan based on the NIST 7-Step Approach. Illustrate an improvement plan based on the Improvement GPS Demonstrate understanding of Cybersecurity Maturity Model Certification Break down the balancing loop & how it fits into the escalation archetype Use the Fast Track? (improvement & implementation) cycles.

Duration 5 Days 30 CPD hours This course is intended for This course is targeted towards the information technology (IT) professional that has a minimum 1 year IT Security and Networking experience. This course would be ideal for Information System Owners, Security Officers, Ethical Hackers, Information Owners, Penetration Testers, System Owner and Managers as well as Cyber Security Engineers. Overview Upon completion, the Certified Professional Ethical Hacker candidate will be able to competently take the CPEH exam. The CPEH certification training enables students to understand the importance of vulnerability assessments and how to implement counter response along with preventative measures when it comes to a network hack. Security Fundamentals Overview The Growth of Environments and Security Our Motivation? The Goal: Protecting Information! CIA Triad in Detail Approach Security Holistically Security Definitions Definitions Relationships Method: Ping The TCP/IP Stack Which Services Use Which Ports? TCP 3-Way Handshake TCP Flags Malware Types of Malware Types of Malware Cont... Types of Viruses More Malware: Spyware Trojan Horses Back Doors DoS DDoS Packet Sniffers Passive Sniffing Active Sniffing Firewalls, IDS and IPS Firewall ? First Line of Defense IDS ? Second Line of Defense IPS ? Last Line of Defense? Firewalls Firewall Types: (1) Packet Filtering Firewall Types: (2) Proxy Firewalls Firewall Types ? Circuit-Level Proxy Firewall Type of Circuit- Level Proxy ? SOCKS Firewall Types ? Application-Layer Proxy Firewall Types: (3) Stateful Firewall Types: (4) Dynamic Packet-Filtering Firewall Types: (5) Kernel Proxies Firewall Placement Firewall Architecture Types ? Screened Host Multi- or Dual-Homed Screened Subnet Wi-Fi Network Types Wi-Fi Network Types Widely Deployed Standards Standards Comparison 802.11n - MIMO Overview of Database Server Review Access Controls Overview Role of Access Control Definitions More Definitions Categories of Access Controls Physical Controls Logical Controls ?Soft? Controls Security Roles Steps to Granting Access Access Criteria Physical Access Control Mechanisms Biometric System Types Synchronous Token Asynchronous Token Device Memory Cards Smart Card Cryptographic Keys Logical Access Controls OS Access Controls Linux Access Controls Accounts and Groups Password & Shadow File Formats Accounts and Groups Linux and UNIX Permissions Set UID Programs Trust Relationships Review Protocols Protocols Overview OSI ? Application Layer OSI ? Presentation Layer OSI ? Session Layer Transport Layer OSI ? Network Layer OSI ? Data Link OSI ? Physical Layer Protocols at Each OSI Model Layer TCP/IP Suite Port and Protocol Relationship Conceptual Use of Ports UDP versus TCP Protocols ? ARP Protocols ? ICMP Network Service ? DNS SSH Security Protocol SSH Protocols ? SNMP Protocols ? SMTP Packet Sniffers Example Packet Sniffers Review Cryptography Overview Introduction Encryption Cryptographic Definitions Encryption Algorithm Implementation Symmetric Encryption Symmetric Downfalls Symmetric Algorithms Crack Times Asymmetric Encryption Public Key Cryptography Advantages Asymmetric Algorithm Disadvantages Asymmetric Algorithm Examples Key Exchange Symmetric versus Asymmetric Using the Algorithm Types Together Instructor Demonstration Hashing Common Hash Algorithms Birthday Attack Example of a Birthday Attack Generic Hash Demo Instructor Demonstration Security Issues in Hashing Hash Collisions MD5 Collision Creates Rogue Certificate Authority Hybrid Encryption Digital Signatures SSL/TLS SSL Connection Setup SSL Hybrid Encryption SSH IPSec - Network Layer Protection IPSec IPSec Public Key Infrastructure Quantum Cryptography Attack Vectors Network Attacks More Attacks (Cryptanalysis) Review Why Vulnerability Assessments? Overview What is a Vulnerability Assessment? Vulnerability Assessment Benefits of a Vulnerability Assessment What are Vulnerabilities? Security Vulnerability Life Cycle Compliance and Project Scoping The Project Overview Statement Project Overview Statement Assessing Current Network Concerns Vulnerabilities in Networks More Concerns Network Vulnerability Assessment Methodology Network Vulnerability Assessment Methodology Phase I: Data Collection Phase II: Interviews, Information Reviews, and Hands-On Investigation Phase III: Analysis Analysis cont. Risk Management Why Is Risk Management Difficult? Risk Analysis Objectives Putting Together the Team and Components What Is the Value of an Asset? Examples of Some Vulnerabilities that Are Not Always Obvious Categorizing Risks Some Examples of Types of Losses Different Approaches to Analysis Who Uses What? Qualitative Analysis Steps Quantitative Analysis ALE Values Uses ALE Example ARO Values and Their Meaning ALE Calculation Can a Purely Quantitative Analysis Be Accomplished? Comparing Cost and Benefit Countermeasure Criteria Calculating Cost/Benefit Cost of a Countermeasure Can You Get Rid of All Risk? Management?s Response to Identified Risks Liability of Actions Policy Review (Top-Down) Methodology Definitions Policy Types Policies with Different Goals Industry Best Practice Standards Components that Support the Security Policy Policy Contents When Critiquing a Policy Technical (Bottom-Up) Methodology Review Vulnerability Tools of the Trade Vulnerability Scanners Nessus SAINT ? Sample Report Tool: Retina Qualys Guard http://www.qualys.com/products/overview/ Tool: LANguard Microsoft Baseline Analyzer MBSA Scan Report Dealing with Assessment Results Patch Management Options Review Output Analysis and Reports Overview Staying Abreast: Security Alerts Vulnerability Research Sites Nessus SAINT SAINT Reports GFI Languard GFI Reports MBSA MBSA Reports Review Reconnaissance, Enumeration & Scanning Reconnaissance Overview Step One in the Hacking ?Life-Cycle? What Information is Gathered by the Hacker? Passive vs. Active Reconnaissance Footprinting Defined Social Access Social Engineering Techniques Social Networking Sites People Search Engines Internet Archive: The WayBack Machine Footprinting Tools Overview Maltego GUI Johnny.Ihackstuff.com Google (cont.) Domain Name Registration WHOIS Output DNS Databases Using Nslookup Traceroute Operation Web Server Info Tool: Netcraft Introduction to Port Scanning Which Services use Which Ports? Port Scan Tips Port Scans Shou

Duration 1 Days 6 CPD hours This course is intended for This course is intended for IT Asset Managers and other professionals involved in Asset Management, strategic planning, security programs and those affected or influenced by ITAM and security initiatives. The mission of IAITAM?s CAMSE course is to maximize the contribution of IT Asset Management professionals to the information security and physical security of the organization by bridging the gap between ITAM and IT security processes while incorporating security strategies throughout the ITAM policies, processes and procedures so that ITAM enhances the security program and improves the applicable governance. This course includes the comprehensive online examination necessary for achieving CAMSE Certification. Course Outline Scope of IT Security & ITAM Threat Prevention vs. Threat Protection Decentralized vs. Centralized Security The IT Security Plan ITAM?s Role in Risk Management The 12 KPAs & Security Program Management & Security Communication & Education Management & Security Policy Management & Security Acquisition Management & Security Asset Identification Management & Security Disposal Management & Security Project Management & Security Documentation Management & Security Financial Management & Security Legislation Management & Security Compliance Management & Security Vendor Management & Security Assessing Asset Risk Level Program Issues by Asset Type ITAM Program Assessment for Security

Duration 5 Days 30 CPD hours This course is intended for Anyone whose position requires CCSP certificationIndividuals whose responsibilities involve procuring, securing, and managing cloud environments or purchased cloud services Overview In-depth coverage of the six domains required to pass the CCSP exam:Architectural concepts and design requirementsCloud data securityCloud platform and infrastructure securityCloud application securityOperationsLegal and compliance This course is the most comprehensive review of cloud security concepts and industry best practices covering the six domains of the CCSP Common Body of Knowledge (CBK). You will gain knowledge in identifying the types of controls necessary to administer various levels of confidentiality, integrity, and availability, with regard to securing data in the cloud. You will identify the virtual and physical components of the cloud infrastructure with regard to risk management analysis, including tools and techniques necessary for maintaining a secure cloud infrastructure. You will gain an understanding in cloud software assurance and validation, utilizing secure software, and the controls necessary for developing secure cloud environments. You will identify privacy issues and audit processes utilized within a cloud environment, including auditing controls, assurance issues, and the specific reporting attributes. Architectural Concepts and Design Requirements Cloud Data SecurityCloud Platform and Infrastucture Security Cloud Application SecurityOperations Legal and compliance

Duration 1 Days 6 CPD hours This course is intended for This class is intended for individuals with some level of experience overseeing, managing, or working on projects. Overview Project Management FrameworkInitiatingPlanningExecutingMonitoring and ControllingClosing This one-day course introduces the senior managers, department managers, and other key stakeholders to the principles and processes of project management. Project Management Framework What is a Project? What is Project Management? Role of a Project Manager Project, Program, and Portfolio Management Strategy, Portfolio, Program, and Project Management Organizational Goals Project Selection Criteria The Project Life Cycle Overview Case Study Selection Initiating Initiating Process Group Overview Develop Project Charter Identify Stakeholders Planning Planning Process Group Overview Develop Project Management Plan Collect Requirements Define Scope and Create WBS Determine Project ROI Schedule Processes Cost Management Processes Plan Quality Management Plan Human Resource Management Project Human Resource Difficulties Plan Communications Management Risk Management Activities Plan Procurement Management Executing Executing Process Group Overview Team Building Lessons Learned Monitoring & Controlling Monitoring and Controlling Process Group Overview Perform Integrated Change Control Monitoring and Controlling Processes Verify Scope Closing Closing Process Group Overview Close Project or Phase Close Procurements

Duration 5 Days 30 CPD hours This course is intended for Network Administrators Network security Administrators Network Security Engineer Network Defense Technicians CND Analyst Security Analyst Security Operator Anyone who involves in network operations Overview A dedicated focus on IoT security Network virtualization practices for the remote workforce Enhanced Cloud Security & IoT and Operational Technology (OT) Modules Introduction to threat intelligence In-depth Attack Surface Analysis Certified Network Defender (CND) is a vendor-neutral, hands-on, instructor-led comprehensive network security certification training program. It is a skills-based, lab intensive program based on the security education framework and work role task analysis presented by the National Infocomm Competency Framework (NICF) as well as a job-task analysis and cybersecurity education framework by the National Initiative of Cybersecurity Education (NICE). The course has also been mapped to global job roles and to the Department of Defense (DoD) job roles for system/network administrators. The program prepares network administrators how to identify what parts of an organization need to be reviewed and tested for security vulnerabilities and how to reduce, prevent, and mitigate risks in the network. CND covers the protect, detect, respond and predict approach to network security. Course Outline Network Attacks and Defense Strategies Administrative Network Security Technical Network Security Network Perimeter Security Endpoint Security-Windows Systems Endpoint Security-Linux Systems Endpoint Security- Mobile Devices Endpoint Security-IoT Devices Administrative Application Security Data Security Enterprise Virtual Network Security Enterprise Cloud Network Security Enterprise Wireless Network Security Network Traffic Monitoring and Analysis Network Logs Monitoring and Analysis Incident Response and Forensic Investigation Business Continuity and Disaster Recovery Risk Anticipation with Risk Management Threat Assessment with Attack Surface Analysis Threat Prediction with Cyber Threat Intelligence

Duration 4.125 Days 24.75 CPD hours This course is intended for The job roles best suited to the material in this course are: Project managers and consultants involved in and concerned with the implementation of an ISMS, expert advisors seeking to master the implementation of an ISMS, individuals responsible for ensuring conformity to information security requirements within an organization Overview Master the concepts, approaches, methods and techniques used for the implementation and effective management of an ISMS Learn how to interpret the ISO/IEC 27001 requirements in the specific context of an organization Learn how to support an organization to effectively plan, implement, manage, monitor and maintain an ISMS Acknowledge the correlation between ISO/IEC 27001, ISO/IEC 27002 and other standards and regulatory frameworks Acquire the expertise to advise an organization in implementing Information Security Management System best practices This training course is designed to prepare you to implement an information security management system (ISMS) based on the requirements of ISO/IEC 27001. It aims to provide a comprehensive understanding of the best practices of an ISMS and a framework for its continual management and improvement. Introduction to ISO/IEC 27001 and initiation of an ISMS Training course objectives and structure Standards and regulatory frameworks Information Security Management System (ISMS) Fundamental information security concepts and principles Initiation of the ISMS implementation Understanding the organization and its context ISMS scope Planning the implementation of an ISMS Leadership and project approval Organizational structure Analysis of the existing system Information security policy Risk management Statement of Applicability Implementation of an ISMS Documented information management Selection and design of controls Implementation of controls Trends and technologies Communication Competence and awareness Security operations management ISMS monitoring, continual improvement, and preparation for the certification audit Monitoring, measurement, analysis, and evaluation Internal audit h Management review Treatment of nonconformities Continual improvement Preparing for the certification audit Certification process and closing of the training course

Duration 5 Days 30 CPD hours This course is intended for Test Programme Managers, Test Managers, and anyone else wishing to take the ISTQB© Certified Tester Advanced Level Test Manager examination. Overview Whilst this course is focused on the syllabus, giving participants the maximum chance of passing the examination, it also contains many real world practical examples. On completion of this course, attendees will have an advanced understanding of test design techniques and will be fully prepared to take the ISTQB© Certified Tester Advanced Level Test Manager examination. ISTQB© is the standard for international qualifications in software testing at an advanced level. The course thoroughly prepares attendees for the ISTQB© Certified Tester Advanced Level Test Manager examination. Testing Process The fundamental test process Test levels and test types Test planning, monitoring and control Test analysis Test design Test implementation Test execution Evaluating exit criteria and reporting Test closure activities Test Management Test management in context Risk-based testing and other approaches for test prioritization and effort allocation Test documentation and other work products Project risk management Other test work products Test estimation Defining and using test metrics Business value of testing Distributed, outsourced, and insourced testing Managing the application of industry standards Reviews Management reviews and audits Managing reviews Metrics for reviews Managing formal reviews Defect Management The defect lifecycle and the software development lifecycle Cross-functional defect management Defect report information Assessing process capability with defect report information Improving the Testing Process Introduction Test improvement process Improving the testing process Improving the testing process with TMMI Improving the testing process with TPI Next Improving the testing process with CTP Improving the testing process with STEP Test Tools and Automation Tool selection Return on investment (ROI) Selection process Tool lifecycle Tool metrics People Skills ? Team Composition Individual skills Test team dynamics Fitting testing within an organization Motivation Communication

Duration 4 Days 24 CPD hours This course is intended for C - Level Managers IT Managers Cyber Security Personelle Engineers Information Systems Owners ISSO's CISSP Students ISO's Overview Upon completion, the Certified Security Leadership Officer candidate be able to competently take the C)SLO exam. You will be versed in implementing strong security controls and managing an organization with an industry acceptable security posture. Certified Security Leadership Officerÿ course is designed for mid and upper-level managers.ÿ If you are an engineer, this course will increase your knowledge in the leading information system security teams. Plus, the C)SLO will give you an essential understanding of current security issues, best practices, and technology. With this knowledge you will then be prepared to manage the security component of an information technology project. As a Security Leadership Officer, you will be the bridge between cybersecurity and business operations. Course Outline Security Management Risk Management Encryption Information Security Access Control Concepts Incident Handling and Evidence Operations Security Network Security Additional course details: Nexus Humans C)SLO-Certified Security Leadership Officer Mile 2 training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the C)SLO-Certified Security Leadership Officer Mile 2 course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.