684 Courses delivered Live Online

QA Level 2 Award In Food Safety For Retail (RQF) Face to Face: Full day course Virtual Classroom: Spread over 3 sessions of 2½ hr duration Food business operators are required by law, to ensure that food handlers receive appropriate supervision and instruction/training in food hygiene in line with their work activity and should enable them to handle food safely Recommended by HSE and Environmental Health Officers (EHO's) Course Contents: The Importance of Food Safety Food Safety Laws Legal Responsibilities of Food Handlers Types of Contamination and the Associated Risks Bacteriology Food Poisoning Foodborne Illnesses An Introduction to Hazard Analysis and Critical Control Points (HACCP) Personal Hygiene Work Flow, Work Surfaces and Equipment Cleaning and Disinfection Waste Disposal Pest Control Safe Food Handling Practices including Time and Temperature Controls Preparation Cooking and Reheating Chilling Cooling Thawing Hot holding Displaying food Core temperatures Food Preservation Storage Stock Control Procedures Benefits of this course: Businesses have a duty to their customers to produce food that is safe for consumption. There are one million cases of food poisoning in the UK each year. More than 6,000 are admitted to hospital. In 2014/2015, businesses in Chesterfield were issued 344 written enforcement notices. Derby received 1,116. Doing our Ofqual regulated, nationally accredited course ensures that nothing of importance is left out. EU and UK regulations state that all food handlers must receive appropriate training in food safety practices relevant to their duties. The Food Standards Agency says that 'Food business operators are required by law, to ensure that food handlers receive appropriate supervision and instruction/training in food hygiene in line with their work activity and should enable them to handle food safely’. Our QA Level 2 Award in Food Safety in Catering (RQF) is a nationally accredited qualification especially suitable for people working in, or planning to work in, the food retail industry, and complies with the training regulations.

Duration 5 Days 30 CPD hours This course is intended for The CHFI course will benefit: Police and other laws enforcement personnel Defense and Military personnel e-Business Security professionals Systems administrators Legal professionals Banking, Insurance and other professionals Government agencies Overview At the end of this course, you will possess the skills needed to: Understand the fundamentals of computer forensics Understand the computer forensic investigation process Describe in detail different types of hard disks and file systems Understand data acquisition and duplication Counteract anti-forensic techniques Leverage forensic skills in Windows, Linux, and Mac Investigate web attacks Understand dark web forensics Deploy forensic techniques for databases, cloud, and networks Investigate email crimes including malware Perform forensics in mobile and IoT environments Every crime leaves a digital footprint, and you need the skills to track those footprints. In this course, students will learn to unravel these pieces of evidence, decode them and report them. From decoding a hack to taking legal action against the perpetrators, they will become an active respondent in times of cyber-breaches. Computer Forensics in Today?s World 1.1. Understand the Fundamentals of Computer Forensics 1.2. Understand Cybercrimes and their Investigation Procedures 1.3. Understand Digital Evidence 1.4. Understand Forensic Readiness, Incident Response and the Role of SOC (Security Operations Center) in Computer Forensics 1.5. Identify the Roles and Responsibilities of a Forensic Investigator 1.6. Understand the Challenges Faced in Investigating Cybercrimes 1.7. Understand Legal Compliance in Computer Forensics Computer Forensics Investigation Process 2.1. Understand the Forensic Investigation Process and its Importance 2.2. Understand the Pre-investigation Phase 2.3. Understand First Response 2.4. Understand the Investigation Phase 2.5. Understand the Post-investigation Phase Understanding Hard Disks and File Systems 3.1. Describe Different Types of Disk Drives and their Characteristics 3.2. Explain the Logical Structure of a Disk 3.3. Understand Booting Process of Windows, Linux and Mac Operating Systems 3.4. Understand Various File Systems of Windows, Linux and Mac Operating Systems 3.5. Examine File System Using Autopsy and The Sleuth Kit Tools 3.6 Understand Storage Systems 3.7. Understand Encoding Standards and Hex Editors 3.8. Analyze Popular File Formats Using Hex Editor Data Acquisition and Duplication 4.1. Understand Data Acquisition Fundamentals 4.2. Understand Data Acquisition Methodology 4.3. Prepare an Image File for Examination Defeating Anti-forensics Techniques 5.1. Understand Anti-forensics Techniques 5.2. Discuss Data Deletion and Recycle Bin Forensics 5.3. Illustrate File Carving Techniques and Ways to Recover Evidence from Deleted Partitions 5.4. Explore Password Cracking/Bypassing Techniques 5.5. Detect Steganography, Hidden Data in File System Structures, Trail Obfuscation, and File Extension Mismatch 5.6. Understand Techniques of Artifact Wiping, Overwritten Data/Metadata Detection, and Encryption 5.7. Detect Program Packers and Footprint Minimizing Techniques 5.8. Understand Anti-forensics Countermeasures Windows Forensics 6.1. Collect Volatile and Non-volatile Information 6.2. Perform Windows Memory and Registry Analysis 6.3. Examine the Cache, Cookie and History Recorded in Web Browsers 6.4. Examine Windows Files and Metadata 6.5. Understand ShellBags, LNK Files, and Jump Lists 6.6. Understand Text-based Logs and Windows Event Logs Linux and Mac Forensics 7.1. Understand Volatile and Non-volatile Data in Linux 7.2. Analyze Filesystem Images Using The Sleuth Kit 7.3. Demonstrate Memory Forensics Using Volatility & PhotoRec 7.4. Understand Mac Forensics Network Forensics 8.1. Understand Network Forensics 8.2. Explain Logging Fundamentals and Network Forensic Readiness 8.3. Summarize Event Correlation Concepts 8.4. Identify Indicators of Compromise (IoCs) from Network Logs 8.5. Investigate Network Traffic 8.6. Perform Incident Detection and Examination with SIEM Tools 8.7. Monitor and Detect Wireless Network Attacks Investigating Web Attacks 9.1. Understand Web Application Forensics 9.2. Understand Internet Information Services (IIS) Logs 9.3. Understand Apache Web Server Logs 9.4. Understand the Functionality of Intrusion Detection System (IDS) 9.5. Understand the Functionality of Web Application Firewall (WAF) 9.6. Investigate Web Attacks on Windows-based Servers 9.7. Detect and Investigate Various Attacks on Web Applications Dark Web Forensics 10.1. Understand the Dark Web 10.2. Determine How to Identify the Traces of Tor Browser during Investigation 10.3. Perform Tor Browser Forensics Database Forensics 11.1. Understand Database Forensics and its Importance 11.2. Determine Data Storage and Database Evidence Repositories in MSSQL Server 11.3. Collect Evidence Files on MSSQL Server 11.4. Perform MSSQL Forensics 11.5. Understand Internal Architecture of MySQL and Structure of Data Directory 11.6. Understand Information Schema and List MySQL Utilities for Performing Forensic Analysis 11.7. Perform MySQL Forensics on WordPress Web Application Database Cloud Forensics 12.1. Understand the Basic Cloud Computing Concepts 12.2. Understand Cloud Forensics 12.3. Understand the Fundamentals of Amazon Web Services (AWS) 12.4. Determine How to Investigate Security Incidents in AWS 12.5. Understand the Fundamentals of Microsoft Azure 12.6. Determine How to Investigate Security Incidents in Azure 12.7. Understand Forensic Methodologies for Containers and Microservices Investigating Email Crimes 13.1. Understand Email Basics 13.2. Understand Email Crime Investigation and its Steps 13.3. U.S. Laws Against Email Crime Malware Forensics 14.1. Define Malware and Identify the Common Techniques Attackers Use to Spread Malware 14.2. Understand Malware Forensics Fundamentals and Recognize Types of Malware Analysis 14.3. Understand and Perform Static Analysis of Malware 14.4. Analyze Suspicious Word and PDF Documents 14.5. Understand Dynamic Malware Analysis Fundamentals and Approaches 14.6. Analyze Malware Behavior on System Properties in Real-time 14.7. Analyze Malware Behavior on Network in Real-time 14.8. Describe Fileless Malware Attacks and How they Happen 14.9. Perform Fileless Malware Analysis - Emotet Mobile Forensics 15.1. Understand the Importance of Mobile Device Forensics 15.2. Illustrate Architectural Layers and Boot Processes of Android and iOS Devices 15.3. Explain the Steps Involved in Mobile Forensics Process 15.4. Investigate Cellular Network Data 15.5. Understand SIM File System and its Data Acquisition Method 15.6. Illustrate Phone Locks and Discuss Rooting of Android and Jailbreaking of iOS Devices 15.7. Perform Logical Acquisition on Android and iOS Devices 15.8. Perform Physical Acquisition on Android and iOS Devices 15.9. Discuss Mobile Forensics Challenges and Prepare Investigation Report IoT Forensics 16.1. Understand IoT and IoT Security Problems 16.2. Recognize Different Types of IoT Threats 16.3. Understand IoT Forensics 16.4. Perform Forensics on IoT Devices

This expert-led training course is created and designed to help you gain the skills and confidence needed to help your governing body ensure there is a consistent and effective whole-school approach to safeguarding in place in your school / college.

Duration 2 Days 12 CPD hours This course is intended for The COBIT 2019 Foundation course would suit candidates working in the following IT professions or areas: IT Auditors IT Managers IT Quality professionals IT Leadership IT Developers Process practitioners Managers in IT service providing firms The above list is a suggestion only; individuals may wish to attend based on their own career aspirations, personal goals or objectives. Delegates may take as few or as many Intermediate qualifications as they require, and to suit their needs. Overview This COBIT 2019 Foundation course is designed as an introduction to COBIT 2019 and enables you to understand how an integrated business framework for the governance and management of enterprise IT can be utilized to achieve IT business integration, cost reductions and increased productivity. The syllabus areas that this course is designed to cover are: New framework introduction Key concepts and terminology Governance and Framework Principles Governance system and components Governance and management objectives Performance management Designing a tailored governance system COBIT 2019 builds on and integrates more than 25 years of development in this field, not only incorporating new insights from science, but also operationalizing these insights as practice. The heart of the COBIT framework updates COBIT principles while laying out the structure of the overall framework including: New concepts are introduced and terminology is explained?the COBIT Core Model and its 40 governance and management objectives provide the platform for establishing your governance program. The performance management system is updated and allows the flexibility to use maturity measurements as well as capability measurements. Introductions to design factors and focus areas offer additional practical guidance on flexible adoption of COBIT 2019, whether for specific projects or full implementation. From its foundation in the IT audit community, COBIT has developed into a broader and more comprehensive information and technology (I&T) governance and management framework and continues to establish itself as a generally accepted framework for I&T governance. 1 - COBIT 5 OVERVIEW AND INTRODUCTION Course Administration Course Objectives Exam Overview Certification Scheme History of COBIT COBIT 2019 Improvements Major differences with 2019 Misconceptions about COBIT COBIT and Other Standards 2 - KEY CONCEPTS AND TERMINOLOGY Introduction to Enterprise Governance of Information and Technology Benefits of Information and Technology Governance COBIT Information and Technology Governance Framework Distinction of Governance and Management Three Principles of a Governance Framework Six Principles for a Governance System 3 - GOVERNANCE SYSTEMS AND COMPONENTS Introduction to the Components of a Governance System Processes and Capability Levels Organizational Structures and Defined Roles Information Flows and Items People, Skills and Competencies Principles, Policies and Frameworks Culture, Ethics and Behavior Services, Infrastructure and Applications 4 - GOVERNANCE MANAGEMENT OBJECTIVES Governance and Management Objectives Publication Governance and Management Objectives Governance and Management Objectives Core Model Evaluate, Direct and Monitor Align, Plan and Organize Build, Acquire and Implement Deliver, Service and Support Monitor, Evaluate and Assess 5 - GOALS CASCADE Governance and Management Objective Relationships Governance and Management Objective Descriptions High-Level Information Example Introduction to the Goals Cascade Enterprise Goals Alignment Goals Mapping Tables ? Appendix A 6 - PERFORMANCE MANAGEMENT Introduction to Performance Management COBIT Performance Management Principles COBIT Performance Management (CPM) Overview Process Capability Levels Rating Process Activities Focus Area Maturity Levels Performance Management of Organizational Structures Performance Management of Information Items Performance Management of Culture and Behavior 7 - DESIGNING A TAILORED GOVERNANCE SYSTEM The Need for Tailoring Design Factors Enterprise Strategy Enterprise Goals Risk Profile I&T Related Issues Threat Landscape Compliance Requirements Role of IT Sourcing Model for IT IT Implementation Methods Technology Adoption Strategy Enterprise Size Focus Areas Designing a Tailored Governance System Management Objective Priority and Target Capability Levels Component Variations Specific Focus Areas Stages and Steps in the Design Process 8 - IMPLEMENTING ENTERPRISE GOVERNANCE OF IT The Business Case The COBIT Implementation Guide Purpose COBIT Implementation Approach Phase 1 ? What are the Drivers Phase 2 ? Where are we Now Phase 3 ? Where do we Want to be Phase 4 ? What Needs to be Done Phase 5 ? How do we get There Phase 6 ? Did we get There Phase 7 How do we Weep the Momentum Going? EGIT Implementation Program Challenges

About this Training Course Liquefied Natural Gas (LNG) has provided intercontinental mobility to natural gas, which now provides about 25% of the global primary energy. Being the cleanest fossil fuel, natural gas/LNG consumption is forecasted to grow in all future scenarios. With the entry of various players, including Trading companies, the LNG value chain is becoming increasingly complex, and a solid understanding of its economics and management of its interfaces have become crucial to identify and assess investment opportunities and risks. Recent market disturbances caused by COVID-19, Oil & Gas price instabilities - coupled with the political (Ukraine/Russia) challenges - make a deep understanding of LNG Value Chain Logistics and Economics even more essential to ensure the security of energy supplies sustainably and profitably. This intermediate level 3 full-day course starts with a concise introduction to the LNG business. Thereafter, the elements of the LNG value chain are described, and their individual economics analysed. A Business Activity Model along the value chain will be developed and discussed in depth, covering the following key processes: 'Buy Gas - Transport Gas - Liquefy Gas - Sell LNG/Products - Ship LNG - Regasify LNG' The integrated chain economics will then be developed and quantified. A hands-on group workshop/exercise developing the economic case of a full-sized Liquefaction project will be carried out, considering the forecasted cash flows throughout the project life, the location of the plant, its markets, project sensitivities and profitability assessment. Participants will be provided with Excel based tools/models (LNG Liquefaction project development Net Present Value (NPV) analyses, Shipping Freight Calculations and Economics) to work through the exercises and also for their future personal use. Training Objectives After the completion of this course, participants will be able to: Understand how the LNG Value Chain operates, bound by the relevant Contracts and Agreements. Learn the basic economic parameters (operating, capital costs, financing, profitability) of each major element of the value chain. Appreciate the complexity of the value chain, and the associated opportunities and risks. Develop quantitative project evaluation skills. Explore options to maximise profitability in a given LNG value chain. Discuss best practices on how to manage, steer and govern these activities. Target Audience Technical, Operational, Shipping, Commercial, Project and Governance professionals who are already active in a specific section of the LNG Value Chain will directly benefit in developing a wider and deeper perspective on how the LNG Value Chain operations and can be optimised. Managers (Technical, Financial, Legal and Governance) less familiar with the specifics of the LNG Industry will also benefit from attending this VILT course, as they will obtain the required background to be able to set sharper targets, suitable performance indicators, and governance and performance assessment guidelines for units engaged in the chain. The course is most relevant for professionals engaged in the LNG industry at: National and International Oil & Gas/Energy Companies LNG Importers/Exporters/Traders/Shippers Government & Regulatory Agencies Finance Institutions It will also apply to the following audience: Business Development Managers Corporate Planning Professionals Project Developers Supply Planners & Scheduling Professionals Regulators Tax & Finance Advisors Compliance Officers Equity Analyst and Bankers Joint Venture Representatives, Board Directors Negotiators and Contracting Staff Trading Professionals Course Level Intermediate Trainer Your expert course leader is an Oil & Gas/LNG professional with more than 35 years of international experience, majority of which was gained at Shell International Joint Ventures engaged in Oil Refining, Supply / Trading, Gas Supply and LNG Businesses in the Netherlands, France, Thailand, Dominican Republic and Nigeria. Since 2004, he has had several roles in the management of the LNG Value Chain including the Commercial Operational Management of Nigeria LNG (NLNG). He played an active role in the start-up and integration of LNG trains 4, 5 and 6 with NLNG becoming the 3rd largest LNG producer in the world in 2007. Commercial operations spanned 4 Gas Supply, 11 LNG Sales & Purchase Agreements, ad-hoc LPG and Condensate Sales and LNG Ship Chartering contracts. Under his supervision, more than 2,000 LNG cargoes were exported. He was part of the organizational transformation of the company from a Project-based set-up to a Production / Commercial based structure and implemented an 'Integrated Planning and Scheduling Department' in which he optimized the value chain (Buy-Gas - Liquify Gas to LNG - Sell - Ship LNG). Staff competence management was one of his focus areas during this period. He was also the NLNG representative on JV Technical, Commercial, Shipping Committees where he interfaced with Government & Regulatory authorities. In 2014, he was appointed as Shell Shareholder representative to NLNG and became a Non-Executive Board member to NLNG companies, including Bonny Gas Transport (BGT) managing 24 LNG Ships. During this period, he was involved in the Economic and Technical steering of the Shipping Fleet and Liquefaction Plant Rejuvenation projects and a further capacity expansion of liquefaction plant which resulted in the achievement of NLNG train 7 project FID in 2019. Since 2016, he has been active as an independent consultant. He co-authored 2 patents and more than 30 published papers/presentations. He holds a PhD from Delft University of Technology in the Netherlands and a MSc and BSc in Chemical Engineering from the University of Birmingham, UK. POST TRAINING COACHING SUPPORT (OPTIONAL) To further optimise your learning experience from our courses, we also offer individualized 'One to One' coaching support for 2 hours post training. We can help improve your competence in your chosen area of interest, based on your learning needs and available hours. This is a great opportunity to improve your capability and confidence in a particular area of expertise. It will be delivered over a secure video conference call by one of our senior trainers. They will work with you to create a tailor-made coaching program that will help you achieve your goals faster. Request for further information post training support and fees applicable Accreditions And Affliations

Transport Compliance, Audits, Health and Safety, HGV compliance, PSV compliance, Compliance, Templates, Toolbox Talk, Professional Development, Assistance, Operator Licence assistance,

  Make a difference in your organization and in your career. The CIPM designation says that you're a leader in privacy program administration and that you've got the goods to establish, maintain and manage a privacy program across all stages of its lifecycle. The CIPM is the world's first and only certification in privacy program management. When you earn a CIPM, it shows that you don't just know privacy regulations-you know how to make it work for your organization. In other words, you're the go-to person for day-to-day operations when it comes to privacy. Developed in collaboration with the law firms, Bird and Bird, Field Fisher, Wilson/Sonsini and Covington and Burling, the CIPM encompasses pan-European and national data protection laws, key privacy terminology and practical concepts concerning the determination of control measures designed to protect personal data and trans-border data flows. About This Course   Delivered in a modular format, the course covers;   Module 1: Introduction to privacy program management Identifies privacy program management responsibilities, and describes the role of accountability in privacy program management. Module 2: Privacy governance Examines considerations for developing and implementing a privacy program, including the position of the privacy function within the organization, role of the DPO, program scope and charter, privacy strategy, support and ongoing involvement of key functions and privacy frameworks. Module 3: Applicable laws and regulations Discusses the regulatory environment, common elements across jurisdictions and strategies for aligning compliance with organizational strategy. Module 4: Data assessments Relates practical processes for creating and using data inventories/maps, gap analyses, privacy assessments, privacy impact assessments/data protection impact assessments and vendor assessments. Module 5: Policies Describes common types of privacy-related policies, outlines components and offers strategies for implementation. Module 6: Data subject rights Discusses operational considerations for communicating and ensuring data subject rights, including privacy notice, choice and consent, access and rectification, data portability, and erasure and the right to be forgotten. Module 7: Training and awareness Outlines strategies for developing and implementing privacy training and awareness programs. Module 8: Protecting personal information Examines a holistic approach to protecting personal information through privacy by design. Module 9: Data breach incident plans Provides guidance on planning for and responding to a data security incident or breach. Module 10: Measuring, monitoring and auditing program performance Relates common practices for monitoring, measuring, analyzing and auditing privacy program performance   The CIPM body of knowledge outlines all the concepts and topics that you need to know to become certified. The exam blueprint gives you an idea of how many questions from each topic area you can expect on the exam.  Prerequisites   There are no prerequisites for this course but attendees would benefit from a review of the materials on the IAPP site What's Included?   Breakfast, Lunch and refreshments (Classroom based courses only)  The Official Study Guide (Privacy Programme Management - Third Edition)*  Official Exam Q&A's*  Official Practice Exam Participant Guide* 1 years membership of the IAPP  The Exam Fees * In electronic format for Live Online and hard copy for Classroom delegates   Who Should Attend?   The CIPM is ideal for IT and information security leaders responsible for developing Data Protection frameworks and applying best practice, including those in the following positions: Data Analysts Cyber Security Analysts and Managers Aspiring Data Protection Officers IT Managers  Accreditation Our Guarantee   We are an approved IAPP Training Partner. You can learn wherever and whenever you want with our robust classroom and interactive online training courses. Our courses are taught by qualified practitioners with a minimum of 25 years commercial experience. We strive to give our delegates the hands-on experience. Our courses are all-inclusive with no hidden extras.  The one-off cost covers the training, all course materials, and exam voucher. Our aim: To achieve a 100% first time pass rate on all our instructor-led courses. Our Promise: Pass first time or 'train' again for FREE. *FREE training offered for retakes - come back within a year and only pay for the exam.

Become an FSSC 22000 v6 Lead Auditor with our CQI and IRCA certified course. Gain the skills to lead food safety management audits and elevate your career. Enroll today!

This week long CPD accredited training is ideal for those Real Estate professionals, who are looking to bolster the DCF modelling skills. This course covers Real Estate Investment, Development, Finance & Risk.

Duration 4 Days 24 CPD hours This course is intended for This course is for the Identity and Access Administrators who are planning to take the associated certification exam, or who are performing identity and access administration tasks in their day-to-day job. This course would also be helpful to an administrator or engineer that wants to specialize in providing identity solutions and access management systems for Azure-based solutions; playing an integral role in protecting an organization. The Microsoft Identity and Access Administrator course explores how to design, implement, and operate an organization?s identity and access management systems by using Microsoft Entra ID. Learn to manage tasks such as providing secure authentication and authorization access to enterprise applications. You will also learn to provide seamless experiences and self-service management capabilities for all users. Finally, learn to create adaptive access and governance of your identity and access management solutions ensuring you can troubleshoot, monitor, and report on your environment. The Identity and Access Administrator may be a single individual or a member of a larger team. Learn how this role collaborates with many other roles in the organization to drive strategic identity projects. The end goal is to provide you knowledge to modernize identity solutions, to implement hybrid identity solutions, and to implement identity governance. Prerequisites SC-900T00: Microsoft Security, Compliance, and Identity Fundamentals AZ-104T00 - Microsoft Azure Administrator 1 - Explore identity in Microsoft Entra ID Explain the identity landscape Explore zero trust with identity Discuss identity as a control plane Explore why we have identity Define identity administration Contrast decentralized identity with central identity systems Discuss identity management solutions Explain Microsoft Entra Business to Business Compare Microsoft identity providers Define identity licensing Explore authentication Discuss authorization Explain auditing in identity 2 - Implement initial configuration of Microsoft Entra ID Configure company brand Configure and manage Microsoft Entra roles Configure delegation by using administrative units Analyze Microsoft Entra role permissions Configure and manage custom domains Configure tenant-wide setting 3 - Create, configure, and manage identities Create, configure, and manage users Create, configure, and manage groups Configure and manage device registration Manage licenses Create custom security attributes Explore automatic user creation 4 - Implement and manage external identities Describe guest access and Business to Business accounts Manage external collaboration Invite external users - individually and in bulk Demo - manage guest users in Microsoft Entra ID Manage external user accounts in Microsoft Entra ID Manage external users in Microsoft 365 workloads Implement and manage Microsoft Entra Verified ID Configure identity providers Implement cross-tenant access controls 5 - Implement and manage hybrid identity Plan, design, and implement Microsoft Entra Connect Implement manage password hash synchronization (PHS) Implement manage pass-through authentication (PTA) Demo - Manage pass-through authentication and seamless single sign-on (SSO) Implement and manage federation Trouble-shoot synchronization errors Implement Microsoft Entra Connect Health Manage Microsoft Entra Health 6 - Secure Microsoft Entra users with multifactor authentication What is Microsoft Entra multifactor authentication? Plan your multifactor authentication deployment Configure multi-factor authentication methods 7 - Manage user authentication Administer FIDO2 and passwordless authentication methods Explore Authenticator app and OATH tokens Implement an authentication solution based on Windows Hello for Business Deploy and manage password protection Configure smart lockout thresholds Implement Kerberos and certificate-based authentication in Microsoft Entra ID Configure Microsoft Entra user authentication for virtual machines 8 - Plan, implement, and administer Conditional Access Plan security defaults Plan Conditional Access policies Implement Conditional Access policy controls and assignments Test and troubleshoot Conditional Access policies Implement application controls Implement session management Implement continuous access evaluation 9 - Manage Microsoft Entra Identity Protection Review identity protection basics Implement and manage user risk policy Monitor, investigate, and remediate elevated risky users Implement security for workload identities Explore Microsoft Defender for Identity 10 - Implement access management for Azure resources Assign Azure roles Configure custom Azure roles Create and configure managed identities Access Azure resources with managed identities Analyze Azure role permissions Configure Azure Key Vault RBAC policies Retrieve objects from Azure Key Vault Explore Microsoft Entra Permissions Management 11 - Plan and design the integration of enterprise apps for SSO Discover apps by using Microsoft Defender for Cloud Apps and Active Directory Federation Services app report Configure connectors to apps Design and implement app management roles Configure preintegrated gallery SaaS apps Implement and manage policies for OAuth apps 12 - Implement and monitor the integration of enterprise apps for SSO Implement token customizations Implement and configure consent settings Integrate on-premises apps with Microsoft Entra application proxy Integrate custom SaaS apps for single sign-on Implement application-based user provisioning Monitor and audit access to Microsoft Entra integrated enterprise applications Create and manage application collections 13 - Implement app registration Plan your line of business application registration strategy Implement application registration Register an application Configure permission for an application Grant tenant-wide admin consent to applications Implement application authorization Manage and monitor application by using app governance 14 - Plan and implement entitlement management Define access packages Configure entitlement management Configure and manage connected organizations Review per-user entitlements 15 - Plan, implement, and manage access review Plan for access reviews Create access reviews for groups and apps Create and configure access review programs Monitor access review findings Automate access review management tasks Configure recurring access reviews 16 - Plan and implement privileged access Define a privileged access strategy for administrative users Configure Privileged Identity Management for Azure resources Plan and configure Privileged Access Groups Analyze Privileged Identity Management audit history and reports Create and manage emergency access accounts 17 - Monitor and maintain Microsoft Entra ID Analyze and investigate sign-in logs to troubleshoot access issues Review and monitor Microsoft Entra audit logs Export logs to third-party security information and event management system Analyze Microsoft Entra workbooks and reporting Monitor security posture with Identity Secure Score