1214 Courses delivered Live Online

Duration 5 Days 30 CPD hours This course is intended for The CCSP is ideal for IT and information security leaders responsible for applying best practices to cloud security architecture, design, operations and service orchestration. Overview Upon completing this course, the participants will gain valuable knowledge and skills including the ability to: - Successfully pass the CCSP exam. - Understand the fundamentals of the cloud computing architecture framework. - Understand security challenges associated with different types of cloud services. - Identify and evaluate security risks for their organization?s cloud environments. - Select and implement appropriate controls to ensure secure implementation of cloud services. - Thoroughly understand the 6 essential core domains of the CCSP common body of knowledge: 1. Architectural Concepts & Design Requirements 2. Cloud Data Security 3. Cloud Platform & Infrastructure Security 4. Cloud Application Security 5. Operations 6. Legal & Compliance The goal of the course is to prepare professionals for the challenging CCSP exam by covering the objectives of the exam based on the six domains as defined in the (ISC)2 CCSP common body of knowledge. 1 - Architectural Concepts and Design Requirements Cloud Computing Concepts Cloud Reference Architecture Cloud Computing Security Concepts Design Principles of Secure Cloud Computing Trusted Cloud Services 2 - Cloud Data Security CSA (Cloud Security Alliance) Cloud Data Lifecycle Cloud Data Storage Architectures Data Security Strategies Data Discovery and Classification Technologies Protecting Privacy and PII (Personally Identifiable Information) Data Rights Management Data Retention, Deletion, and Archiving Policies Auditability, Traceability, and Accountability of Data Events 3 - Cloud Platform and Infrastructure Security Cloud Infrastructure Components Cloud Infrastructure Risks Designing and Planning Security Controls Disaster Recovery and Business Continuity Management 4 - Cloud Application Security The Need for Security Awareness and Training in application Security Cloud Software Assurance and Validation Verified Secure Software SDLC (Software Development Life Cycle) Process Secure SDLC Specifics of Cloud Application Architecture Secure IAM (Identity and Access Management) Solutions 5 - Operations Planning Process for the Data Center Design Installation and Configuration of Physical Infrastructure for Cloud Environment Running Physical Infrastructure for Cloud Environment Managing Physical Infrastructure for Cloud Environment Installation and Configuration of Logical Infrastructure for Cloud Environment Running Logical Infrastructure for Cloud Environment Managing Logical Infrastructure for Cloud Environment Compliance with Regulations and Controls Risk Assessment for Logical and Physical Infrastructure Collection, Acquisition, and Preservation of Digital Evidence Managing Communication with Stakeholders 6 - Legal and Compliance Legal Requirements and Unique Risks within the Cloud Environment Relevant Privacy and PII Laws and Regulations Audit Process, Methodologies, and Required Adaptions for a Cloud Environment Implications of Cloud to Enterprise Risk Management Outsourcing and Cloud Contract Design Vendor Management

Duration 4 Days 24 CPD hours This course is intended for This course is designed for the aspiring or sitting upper-level manager striving to advance his or her career by learning to apply their existing deep technical knowledge to business problems. In this course, students will learn in-depth content in each of the 5 CCISO Domains Domain 01 - Governance Define, Implement, Manage, and Maintain an Information Security Governance Program Information Security Drivers Establishing an information security management structure Laws/Regulations/Standards as drivers of Organizational Policy/Standards/Procedures Managing an enterprise information security compliance program Risk Management Risk mitigation, risk treatment, and acceptable risk Risk management frameworks NIST Other Frameworks and Guidance (ISO 31000, TARA, OCTAVE, FAIR, COBIT, and ITIL) Risk management plan implementation Ongoing third-party risk management Risk management policies and processes Conclusion Domain 2 - Security Risk Management, Controls, & Audit Management INFORMATION SECURITY CONTROLS COMPLIANCE MANAGEMENT GUIDELINES, GOOD AND BEST PRACTICES AUDIT MANAGEMENT SUMMARY Domain 03 - Security Program Management and Operations PROGRAM MANAGEMENT OPERATIONS MANAGEMENT Summary Domain 04 - Information Security Core Concepts ACCESS CONTROL PHYSICAL SECURITY NETWORK SECURITY ENDPOINT PROTECTION APPLICATION SECURITY ENCRYPTION TECHNOLOGIES VIRTUALIZATION SECURITY CLOUD COMPUTING SECURITY TRANSFORMATIVE TECHNOLOGIES Summary Domain 05 - Strategic Planning, Finance, Procurement and Vendor Management STRATEGIC PLANNING Designing, Developing, and Maintaining an Enterprise Information Security Program Understanding the Enterprise Architecture (EA) FINANCE PROCUREMENT VENDOR MANAGEMENT Summary

The Preliminary Electronic Security Course is an introductory (or revision) course designed to provide participants who have no previous Electrical or Electronics experience with the background skills required to attend the CCTV Installation Course, Access Control Course or Fire Alarm Foundation Course. The course gives both an introduction to electronics and electronic security and shows how the two fields merge together. Ideal for a beginner wishing to learn more about this fascinating area. A large practical content is guaranteed. The day will be an excellent learning experience with a skilled instructor. It is a great introduction to the other courses we provide.

This is the perfect launch pad for a technical career in Cyber Security and fully prepares every delegate for the prestigious Certified Ethical Hacking (CEH) Course that comes next on the Cyber & Hacking Learning Pathways by Nemstar.

Securing Linux systems training course description This course teaches you everything you need to know to build a safe Linux environment. The first section handles cryptography and authentication with certificates, openssl, mod_ssl, DNSSEC and filesystem encryption. Then Host security and hardening is covered with intrusion detection, and also user management and authentication. Filesystem Access control is then covered. Finally network security is covered with network hardening, packet filtering and VPNs. What will you learn Secure Linux accounts. Secure Linux file systems. Secure Linux access through the network. Securing Linux systems training course details Who will benefit: Linux technical staff needing to secure their systems. Prerequisites: Linux system administration (LPIC-1) Duration 5 days Securing Linux systems training course contents Cryptography Certificates and Public Key Infrastructures X.509 certificates, lifecycle, fields and certificate extensions. Trust chains and PKI. openssl. Public and private keys. Certification authority. Manage server and client certificates. Revoke certificates and CAs. Encryption, signing and authentication SSL, TLS, protocol versions. Transport layer security threats, e.g. MITM. Apache HTTPD with mod_ssl for HTTPS service, including SNI and HSTS. HTTPD with mod_ssl to authenticate users using certificates. HTTPD with mod_ssl to provide OCSP stapling. Use OpenSSL for SSL/TLS client and server tests. Encrypted File Systems Block device and file system encryption. dm-crypt with LUKS to encrypt block devices. eCryptfs to encrypt file systems, including home directories and, PAM integration, plain dm-crypt and EncFS. DNS and cryptography DNSSEC and DANE. BIND as an authoritative name server serving DNSSEC secured zones. BIND as an recursive name server that performs DNSSEC validation, KSK, ZSK, Key Tag, Key generation, key storage, key management and key rollover, Maintenance and resigning of zones, Use DANE. TSIG. Host Security Host Hardening BIOS and boot loader (GRUB 2) security. Disable useless software and services, sysctl for security related kernel configuration, particularly ASLR, Exec-Shield and IP / ICMP configuration, Exec-Shield and IP / ICMP configuration, Limit resource usage. Work with chroot environments, Security advantages of virtualization. Host Intrusion Detection The Linux Audit system, chkrootkit, rkhunter, including updates, Linux Malware Detect, Automate host scans using cron, AIDE, including rule management, OpenSCAP. User Management and Authentication NSS and PAM, Enforce password policies. Lock accounts automatically after failed login attempts, SSSD, Configure NSS and PAM for use with SSSD, SSSD authentication against Active Directory, IPA, LDAP, Kerberos and local domains, Kerberos and local domains, Kerberos tickets. FreeIPA Installation and Samba Integration FreeIPA, architecture and components. Install and manage a FreeIPA server and domain, Active Directory replication and Kerberos cross-realm trusts, sudo, autofs, SSH and SELinux integration in FreeIPA. Access Control Discretionary Access Control File ownership and permissions, SUID, SGID. Access control lists, extended attributes and attribute classes. Mandatory Access Control TE, RBAC, MAC, DAC. SELinux, AppArmor and Smack. etwork File Systems NFSv4 security issues and improvements, NFSv4 server and clients, NFSv4 authentication mechanisms (LIPKEY, SPKM, Kerberos), NFSv4 pseudo file system, NFSv4 ACLs. CIFS clients, CIFS Unix Extensions, CIFS security modes (NTLM, Kerberos), mapping and handling of CIFS ACLs and SIDs in a Linux system. Network Security Network Hardening FreeRADIUS, nmap, scan methods. Wireshark, filters and statistics. Rogue router advertisements and DHCP messages. Network Intrusion Detection ntop, Cacti, bandwidth usage monitoring, Snort, rule management, OpenVAS, NASL. Packet Filtering Firewall architectures, DMZ, netfilter, iptables and ip6tables, standard modules, tests and targets. IPv4 and IPv6 packet filtering. Connection tracking, NAT. IP sets and netfilter rules, nftables and nft. ebtables. conntrackd Virtual Private Networks OpenVPN server and clients for both bridged and routed VPN networks. IPsec server and clients for routed VPN networks using IPsec-Tools / racoon. L2TP.

Penetration testing training course description An advanced technical hands on course focusing on hacking and counter hacking. The course revolves around a series of exercises based on "hacking" into a network (pen testing the network) and then defending against the hacks. What will you learn Perform penetration tests. Explain the technical workings of various penetration tests. Produce reports on results of penetration tests. Defend against hackers. Penetration testing training course details Who will benefit: Technical support staff, auditors and security professionals. Staff who are responsible for network infrastructure integrity. Prerequisites: IP Security IP VPNs Duration 5 days Penetration testing training course contents Introduction Hacking concepts, phases, types of attacks, 'White hacking', What is penetration testing? Why use pen testing, black box vs. white box testing, equipment and tools, security lifecycles, counter hacking, pen testing reports, methodologies, legal issues. Physical security and social engineering Testing access controls, perimeter reviews, location reviews, alarm response testing. Request testing, guided suggestions, trust testing. Social engineering concepts, techniques, counter measures, Identity theft, Impersonation on social media, Footprints through social engineering Reconnaissance (discovery) Footprinting methodologies, concepts, threats and countermeasures, WHOIS footprinting, Gaining contacts and addresses, DNS queries, NIC queries, ICMP ping sweeping, system and server trails from the target network, information leaks, competitive intelligence. Scanning pen testing. Gaining access Getting past passwords, password grinding, spoofed tokens, replays, remaining anonymous. Scanning (enumeration) Gaining OS info, platform info, open port info, application info. Routes used, proxies, firewalking, Port scanning, stealth port scanning, vulnerability scanning, FIN scanning, Xmas tree scanning, Null scanning, spoofed scanning, Scanning beyond IDS. Enumeration concepts, counter measures and enumeration pen testing. Hacking Hacking webservers, web applications, Wireless networks and mobile platforms. Concepts, threats, methodology, hacking tools and countermeasures. Trojan, Backdoors, Sniffers, Viruses and Worms Detection, concepts, countermeasures, Pen testing Trojans, backdoors, sniffers and viruses. MAC attacks, DHCP attacks, ARP poisoning, DNS poisoning Anti-Trojan software, Malware analysis Sniffing tools. Exploiting (testing) vulnerabilities Buffer overflows,, simple exploits, brute force methods, UNIX based, Windows based, specific application vulnerabilities. DoS/DDoS Concepts, techniques, attack tools, Botnet, countermeasures, protection tools, DoS attack pen testing. SQL Injection Types and testing, Blind SQL Injection, Injection tools, evasion and countermeasures. Securing networks 'Hurdles', firewalls, DMZ, stopping port scans, IDS, Honeypots, Router testing, firewall testing, IDS testing, Buffer Overflow. Cryptography PKI, Encryption algorithms, tools, Email and Disk Encryption. Information security Document grinding, privacy.

Duration 3 Days 18 CPD hours This course is intended for This course is designed for software developers, testers, and architects who design and develop software in various programming languages and platforms, including desktop, web, cloud, and mobile, and who want to improve their ability to deliver software that is of high quality, particularly regarding security and privacy. This course is also designed for students who are seeking the CertNexus Cyber Secure Coder (CSC) Exam CSC-210 certification Overview In this course, you will employ best practices in software development to develop secure software.You will: Identify the need for security in your software projects. Eliminate vulnerabilities within software. Use a Security by Design approach to design a secure architecture for your software. Implement common protections to protect users and data. Apply various testing methods to find and correct security defects in your software. Maintain deployed software to ensure ongoing security... The stakes for software security are very high, and yet many development teams deal with software security only after the code has been developed and the software is being prepared for delivery. As with any aspect of software quality, to ensure successful implementation, security and privacy issues should be managed throughout the entire software development lifecycle. This course presents an approach for dealing with security and privacy throughout the entire software development lifecycle. You will learn about vulnerabilities that undermine security, and how to identify and remediate them in your own projects. You will learn general strategies for dealing with security defects and misconfiguration, how to design software to deal with the human element in security, and how to incorporate security into all phases of development. Identifying the Need for Security in Your Software Projects Identify Security Requirements and Expectations Identify Factors That Undermine Software Security Find Vulnerabilities in Your Software Gather Intelligence on Vulnerabilities and Exploits Handling Vulnerabilities Handle Vulnerabilities Due to Software Defects and Misconfiguration Handle Vulnerabilities Due to Human Factors Handle Vulnerabilities Due to Process Shortcomings Designing for Security Apply General Principles for Secure Design Design Software to Counter Specific Threats Developing Secure Code Follow Best Practices for Secure Coding Prevent Platform Vulnerabilities Prevent Privacy Vulnerabilities Implementing Common Protections Limit Access Using Login and User Roles Protect Data in Transit and At Rest Implement Error Handling and Logging Protect Sensitive Data and Functions Protect Database Access Testing Software Security Perform Security Testing Analyze Code to find Security Problems Use Automated Testing Tools to Find Security Problems Maintaining Security in Deployed Software Monitor and Log Applications to Support Security Maintain Security after Deployment

Duration 5 Days 30 CPD hours This course is intended for This course is designed primarily for cybersecurity practitioners preparing for or who currently perform job functions related to protecting information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation. It is ideal for those roles within federal contracting companies and private sector firms whose mission or strategic objectives require the execution of Defensive Cyber Operations (DCO) or DoD Information Network (DoDIN) operation and incident handling. This course focuses on the knowledge, ability, and skills necessary to provide for the defense of those information systems in a cybersecurity context, including protection, detection, analysis, investigation, and response processes. Overview In this course, you will identify, assess, respond to, and protect against security threats and operate a system and network security analysis platform. You will: Assess cybersecurity risks to the organization. Analyze the threat landscape. Analyze various reconnaissance threats to computing and network environments. Analyze various attacks on computing and network environments. Analyze various post-attack techniques. Assess the organization's security posture through auditing, vulnerability management, and penetration testing. Collect cybersecurity intelligence from various network-based and host-based sources. Analyze log data to reveal evidence of threats and incidents. Perform active asset and network analysis to detect incidents. Respond to cybersecurity incidents using containment, mitigation, and recovery tactics. Investigate cybersecurity incidents using forensic analysis techniques. This course covers network defense and incident response methods, tactics, and procedures that are in alignment with industry frameworks such as NIST 800-61r2 (Computer Security Incident Handling Guide), US-CERT's National Cyber Incident Response Plan (NCIRP), and Presidential Policy Directive (PPD)-41 on Cyber Incident Coordination. It is ideal for candidates who have been tasked with the responsibility of monitoring and detecting security incidents in information systems and networks, and for executing standardized responses to such incidents. The course introduces tools, tactics, and procedures to manage cybersecurity risks, defend cybersecurity assets, identify various types of common threats, evaluate the organization's security, collect and analyze cybersecurity intelligence, and remediate and report incidents as they occur. This course provides a comprehensive methodology for individuals responsible for defending the cybersecurity of their organization. This course is designed to assist students in preparing for the CertNexus CyberSec First Responder (Exam CFR-410) certification examination. What you learn and practice in this course can be a significant part of your preparation. In addition, this course and subsequent certification (CFR-410) meet all requirements for personnel requiring DoD directive 8570.01-M position certification baselines: CSSP Analyst CSSP Infrastructure Support CSSP Incident Responder CSSP Auditor The course and certification also meet all criteria for the following Cybersecurity Maturity Model Certification (CMMC) domains: Incident Response (IR) Audit and Accountability (AU) Risk Management (RM) Lesson 1: Assessing Cybersecurity Risk Topic A: Identify the Importance of Risk Management Topic B: Assess Risk Topic C: Mitigate Risk Topic D: Integrate Documentation into Risk Management Lesson 2: Analyzing the Threat Landscape Topic A: Classify Threats Topic B: Analyze Trends Affecting Security Posture Lesson 3: Analyzing Reconnaissance Threats to Computing and Network Environments Topic A: Implement Threat Modeling Topic B: Assess the Impact of Reconnaissance Topic C: Assess the Impact of Social Engineering Lesson 4: Analyzing Attacks on Computing and Network Environments Topic A: Assess the Impact of System Hacking Attacks Topic B: Assess the Impact of Web-Based Attacks Topic C: Assess the Impact of Malware Topic D: Assess the Impact of Hijacking and Impersonation Attacks Topic E: Assess the Impact of DoS Incidents Topic F: Assess the Impact of Threats to Mobile Security Topic G: Assess the Impact of Threats to Cloud Security Lesson 5: Analyzing Post-Attack Techniques Topic A: Assess Command and Control Techniques Topic B: Assess Persistence Techniques Topic C: Assess Lateral Movement and Pivoting Techniques Topic D: Assess Data Exfiltration Techniques Topic E: Assess Anti-Forensics Techniques Lesson 6: Assessing the Organization's Security Posture Topic A: Implement Cybersecurity Auditing Topic B: Implement a Vulnerability Management Plan Topic C: Assess Vulnerabilities Topic D: Conduct Penetration Testing Lesson 7: Collecting Cybersecurity Intelligence Topic A: Deploy a Security Intelligence Collection and Analysis Platform Topic B: Collect Data from Network-Based Intelligence Sources Topic C: Collect Data from Host-Based Intelligence Sources Lesson 8: Analyzing Log Data Topic A: Use Common Tools to Analyze Logs Topic B: Use SIEM Tools for Analysis Lesson 9: Performing Active Asset and Network Analysis Topic A: Analyze Incidents with Windows-Based Tools Topic B: Analyze Incidents with Linux-Based Tools Topic C: Analyze Indicators of Compromise Lesson 10: Responding to Cybersecurity Incidents Topic A: Deploy an Incident Handling and Response Architecture Topic B: Mitigate Incidents Topic C: Hand Over Incident Information to a Forensic Investigation Lesson 11: Investigating Cybersecurity Incidents Topic A: Apply a Forensic Investigation Plan Topic B: Securely Collect and Analyze Electronic Evidence Topic C: Follow Up on the Results of an Investigation Additional course details: Nexus Humans CertNexus Certified CyberSec First Responder (CFR-410) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the CertNexus Certified CyberSec First Responder (CFR-410) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Kerberos for engineers training course description This hands on course covers the details of Kerberos, from installation and administration through to how it all works including the protocols. What will you learn Describe what Kerberos is. Explain how Kerberos works. Install Kerberos. Configure Kerberos. Troubleshoot Kerberos. Kerberos for engineers training course details Who will benefit: Engineers interested in security. Prerequisites: TCP/IP foundation for engineers Duration 2 days Kerberos for engineers training course contents What is Kerberos? Single Sign On, The protocol, the standard, history, v4, v5, RFCs, Linux, Windows. Kerberos concepts and technology AAA, Authentication, Authorization, Accounting. Kerberos vs LDAP and directories. Privacy, integrity. Kerberos realms, principles, instances. Keys, salts, passwords. Key Distribution Centre, Authentication server, ticket granting server. Tickets. Installation and administration of Kerberos Installing Kerberos, creating realms, testing. DNS and Kerberos, Kerberos clients. Hands on Windows and Linux Kerberos. Kerberos protocols The Needham-Schroeder protocol, Kerberos v4. Authentication server, ticket granting server, Kerberos v5, encryption options, ticket options, other protocol features and extensions. Related protocols: GSSAPI, SPNEGO. Hands on Using Wireshark to 'see' Kerberos. Troubleshooting Kerberos Approach, debugging tools, errors and solutions. Hands on Kerberos troubleshooting. Kerberos security concerns Kerberos attacks, protocol security issues. Dictionary attacks, brute force attacks, replay attacks, MITM attacks, security solutions, protecting the KDC, firewalls, NAT and Kerberos. Hands on Kerberos logging. Software which uses Kerberos Kerberos logins, Kerberos and web based applications, Directory services. Advanced Kerberos issues Cross realm authentication, Windows issues, Windows and UNIX interoperability, Hands on Using a Windows DC for UNIX clients.

Duration 5 Days 30 CPD hours This course is intended for This course is designed for individuals who have basic computer user skills and who are interested in obtaining a job as an entry-level IT technician. This course is also designed for students who are seeking the CompTIA A+ certification and who want to prepare for the CompTIA A+ Core 2 220-1102 Certification Exam. Overview Identify, install and configure Windows Operating System features Perform OS installations and upgrades Identify features and tools of macOS Identify features and tools of Linux OS Summarize security measures and protocols Configure SOHO network security Manage security settings Troubleshoot Windows OS problems Explain change-management best practices Implement workstation backup and recover methods Identify the basics of scripting CompTIA A+ certified professionals are proven problem solvers. They support today?s core technologies from security to cloud to data management and more. CompTIA A+ is the industry standard for launching IT careers into today?s digital world. It is the only industry recognized credential with performance-based items to prove pros can think on their feet to perform critical IT support tasks in the moment. It is trusted by employers around the world to identify the go-to person in end point management and technical support roles. CompTIA A+ is regularly re-invented by IT experts to ensure that it validates core skills and abilities demanded in the workplace. This course follows after the A+ Part 1 course and prepares you for the A+ Core 2 exam 220-1101. Prerequisites While there are no prerequisites for this course, please ensure you have the right level of experience to be successful in this training. Lesson 1: Configuring Windows Topic 1A: Configure Windows User Settings Topic 1B: Configure Windows System Settings Lesson 2: Managing Windows Topic 2A: Use Management Consoles Topic 2B: Use Performance and Troubleshooting Tools Topic 2C: Use Command-line Tools Lesson 3: Identifying OS Types and Features Topic 3A: Explain OS Types Topic 3B: Compare Windows Editions Lesson 4: Supporting Windows Topic 4A: Perform OS Installations and Upgrades Topic 4B: Install and Configure Application Topic 4C: Troubleshoot Windows OS Problems Lesson 5: Managing Windows Networking Topic 5A: Manage Windows Networking Topic 5B: Troubleshoot Windows Networking Topic 5C: Configure Windows Security Settings Topic 5D: Manage Windows Shares Lesson 6: Managing Linux and macOS Topic 6A: Identify Features of Linux Topic 6B: Identify Features of macOS Lesson 7: Configuring SOHO Network Security Topic 7A: Explain Attacks, Threats, and Vulnerabilities Topic 7B: Compare Wireless Security Protocols Topic 7C: Configure SOHO Router Security Topic 7D: Summarize Security Measures Lesson 8: Managing Security Settings Topic 8A: Configure Workstation Security Topic 8B: Configure Browser Security Topic 8C: Troubleshoot Workstation Security Issues Lesson 9: Supporting Mobile Software Topic 9A: Configure Mobile OS Security Topic 9B: Troubleshoot Mobile OS and App Software Topic 9C: Troubleshoot Mobile OS and App Security Lesson 10: Using Support and Scripting Tools Topic 10A: Use Remote Access Technologies Topic 10B: Implement Backup and Recovery Topic 10C: Explain Data Handling Best Practices Topic 10D: Identify Basics of Scripting Lesson 11: Implementing Operational Procedures Topic 11A: Implement Best Practice Documentation Topic 11B: Use Proper Communication Techniques Topic 11C: Use Common Safety and Environmental Procedures