1214 Courses delivered Live Online

At the end of the 5 days, Learners will attain an RQF Award in the requirements of FD&FA systems for non-domestic buildings BS 5839-1: 2017.

Duration 5 Days 30 CPD hours This course is intended for The CHFI course will benefit: Police and other laws enforcement personnel Defense and Military personnel e-Business Security professionals Systems administrators Legal professionals Banking, Insurance and other professionals Government agencies Overview At the end of this course, you will possess the skills needed to: Understand the fundamentals of computer forensics Understand the computer forensic investigation process Describe in detail different types of hard disks and file systems Understand data acquisition and duplication Counteract anti-forensic techniques Leverage forensic skills in Windows, Linux, and Mac Investigate web attacks Understand dark web forensics Deploy forensic techniques for databases, cloud, and networks Investigate email crimes including malware Perform forensics in mobile and IoT environments Every crime leaves a digital footprint, and you need the skills to track those footprints. In this course, students will learn to unravel these pieces of evidence, decode them and report them. From decoding a hack to taking legal action against the perpetrators, they will become an active respondent in times of cyber-breaches. Computer Forensics in Today?s World 1.1. Understand the Fundamentals of Computer Forensics 1.2. Understand Cybercrimes and their Investigation Procedures 1.3. Understand Digital Evidence 1.4. Understand Forensic Readiness, Incident Response and the Role of SOC (Security Operations Center) in Computer Forensics 1.5. Identify the Roles and Responsibilities of a Forensic Investigator 1.6. Understand the Challenges Faced in Investigating Cybercrimes 1.7. Understand Legal Compliance in Computer Forensics Computer Forensics Investigation Process 2.1. Understand the Forensic Investigation Process and its Importance 2.2. Understand the Pre-investigation Phase 2.3. Understand First Response 2.4. Understand the Investigation Phase 2.5. Understand the Post-investigation Phase Understanding Hard Disks and File Systems 3.1. Describe Different Types of Disk Drives and their Characteristics 3.2. Explain the Logical Structure of a Disk 3.3. Understand Booting Process of Windows, Linux and Mac Operating Systems 3.4. Understand Various File Systems of Windows, Linux and Mac Operating Systems 3.5. Examine File System Using Autopsy and The Sleuth Kit Tools 3.6 Understand Storage Systems 3.7. Understand Encoding Standards and Hex Editors 3.8. Analyze Popular File Formats Using Hex Editor Data Acquisition and Duplication 4.1. Understand Data Acquisition Fundamentals 4.2. Understand Data Acquisition Methodology 4.3. Prepare an Image File for Examination Defeating Anti-forensics Techniques 5.1. Understand Anti-forensics Techniques 5.2. Discuss Data Deletion and Recycle Bin Forensics 5.3. Illustrate File Carving Techniques and Ways to Recover Evidence from Deleted Partitions 5.4. Explore Password Cracking/Bypassing Techniques 5.5. Detect Steganography, Hidden Data in File System Structures, Trail Obfuscation, and File Extension Mismatch 5.6. Understand Techniques of Artifact Wiping, Overwritten Data/Metadata Detection, and Encryption 5.7. Detect Program Packers and Footprint Minimizing Techniques 5.8. Understand Anti-forensics Countermeasures Windows Forensics 6.1. Collect Volatile and Non-volatile Information 6.2. Perform Windows Memory and Registry Analysis 6.3. Examine the Cache, Cookie and History Recorded in Web Browsers 6.4. Examine Windows Files and Metadata 6.5. Understand ShellBags, LNK Files, and Jump Lists 6.6. Understand Text-based Logs and Windows Event Logs Linux and Mac Forensics 7.1. Understand Volatile and Non-volatile Data in Linux 7.2. Analyze Filesystem Images Using The Sleuth Kit 7.3. Demonstrate Memory Forensics Using Volatility & PhotoRec 7.4. Understand Mac Forensics Network Forensics 8.1. Understand Network Forensics 8.2. Explain Logging Fundamentals and Network Forensic Readiness 8.3. Summarize Event Correlation Concepts 8.4. Identify Indicators of Compromise (IoCs) from Network Logs 8.5. Investigate Network Traffic 8.6. Perform Incident Detection and Examination with SIEM Tools 8.7. Monitor and Detect Wireless Network Attacks Investigating Web Attacks 9.1. Understand Web Application Forensics 9.2. Understand Internet Information Services (IIS) Logs 9.3. Understand Apache Web Server Logs 9.4. Understand the Functionality of Intrusion Detection System (IDS) 9.5. Understand the Functionality of Web Application Firewall (WAF) 9.6. Investigate Web Attacks on Windows-based Servers 9.7. Detect and Investigate Various Attacks on Web Applications Dark Web Forensics 10.1. Understand the Dark Web 10.2. Determine How to Identify the Traces of Tor Browser during Investigation 10.3. Perform Tor Browser Forensics Database Forensics 11.1. Understand Database Forensics and its Importance 11.2. Determine Data Storage and Database Evidence Repositories in MSSQL Server 11.3. Collect Evidence Files on MSSQL Server 11.4. Perform MSSQL Forensics 11.5. Understand Internal Architecture of MySQL and Structure of Data Directory 11.6. Understand Information Schema and List MySQL Utilities for Performing Forensic Analysis 11.7. Perform MySQL Forensics on WordPress Web Application Database Cloud Forensics 12.1. Understand the Basic Cloud Computing Concepts 12.2. Understand Cloud Forensics 12.3. Understand the Fundamentals of Amazon Web Services (AWS) 12.4. Determine How to Investigate Security Incidents in AWS 12.5. Understand the Fundamentals of Microsoft Azure 12.6. Determine How to Investigate Security Incidents in Azure 12.7. Understand Forensic Methodologies for Containers and Microservices Investigating Email Crimes 13.1. Understand Email Basics 13.2. Understand Email Crime Investigation and its Steps 13.3. U.S. Laws Against Email Crime Malware Forensics 14.1. Define Malware and Identify the Common Techniques Attackers Use to Spread Malware 14.2. Understand Malware Forensics Fundamentals and Recognize Types of Malware Analysis 14.3. Understand and Perform Static Analysis of Malware 14.4. Analyze Suspicious Word and PDF Documents 14.5. Understand Dynamic Malware Analysis Fundamentals and Approaches 14.6. Analyze Malware Behavior on System Properties in Real-time 14.7. Analyze Malware Behavior on Network in Real-time 14.8. Describe Fileless Malware Attacks and How they Happen 14.9. Perform Fileless Malware Analysis - Emotet Mobile Forensics 15.1. Understand the Importance of Mobile Device Forensics 15.2. Illustrate Architectural Layers and Boot Processes of Android and iOS Devices 15.3. Explain the Steps Involved in Mobile Forensics Process 15.4. Investigate Cellular Network Data 15.5. Understand SIM File System and its Data Acquisition Method 15.6. Illustrate Phone Locks and Discuss Rooting of Android and Jailbreaking of iOS Devices 15.7. Perform Logical Acquisition on Android and iOS Devices 15.8. Perform Physical Acquisition on Android and iOS Devices 15.9. Discuss Mobile Forensics Challenges and Prepare Investigation Report IoT Forensics 16.1. Understand IoT and IoT Security Problems 16.2. Recognize Different Types of IoT Threats 16.3. Understand IoT Forensics 16.4. Perform Forensics on IoT Devices

Duration 3 Days 18 CPD hours This course is intended for Networking and security professionals involved in the management, configuration, administration, and monitoring of FortiGate devices used to secure their organizations' networks. Overview Deploy the appropriate operation mode for your network. Use the GUI and CLI for administration. Identify the characteristics of the Fortinet security fabric. Control network access to configured networks using firewall policies. Apply port forwarding, source NAT, and destination NAT. Authenticate users using firewall policies. Understand encryption functions and certificates. Inspect SSL/TLS-secured traffic to prevent encryption used to bypass security policies. Configure security profiles to neutralize threats and misuse, including viruses, torrents, and inappropriate websites. Apply application control techniques to monitor and control network applications that might use standard or non-standard protocols and ports. Fight hacking and denial of service (DoS). Defend against data leaks by identifying files with sensitive data, and block them from leaving your private network. Offer an SSL VPN for secure access to your private network. Implement a dial-up IPsec VPN tunnel between FortiGate and FortiClient. Collect and interpret log entries. In this three-day course, you will learn how to use basic FortiGate features, including security profiles. Course Outline Module 1. Introduction to FortiGate and the Security Fabric Module 2. Firewall Policies Module 3. Network Address Translation (NAT) Module 4. Firewall Authentication Module 5. Logging and Monitoring Module 6. Certificate Operations Module 7. Web Filtering Module 8. Application Control Module 9. Antivirus Module 10. Intrusion Prevention and Denial of Service Module 11. SSL VPN Module 12. Dial-Up IPsec VPN Module 13. Data Leak Prevention (DLP)

The “ISO 27001:2022 Lead Implementer ” course provides comprehensive training in the ISO 27001:2022 standard and all its requirements from the Implementer ’s point of view, as well as basic skills necessary to execute the requirements. It’s a practical-oriented training that should be considered “a must” for every ISO 27001:2022 Implementer. This intensive course is specifically designed to participants to serve as ISO 27001:2022 Lead Implementers.

Duration 5 Days 30 CPD hours This course is intended for This course is designed for IT professionals who want to develop penetration testing skills to enable them to identify information-system vulnerabilities and effective remediation techniques for those vulnerabilities. Target students who also need to offer practical recommendations for action to properly protect information systems and their contents will derive those skills from this course. This course is also designed for individuals who are preparing to take the CompTIA PenTest+ certification exam PT0-002, or who plan to use PenTest+ as the foundation for more advanced security certifications or career roles. Individuals seeking this certification should have three to four years of hands-on experience performing penetration tests, vulnerability assessments, and vulnerability management. Overview After completing this course, you will be able to plan, conduct, analyze, and report on penetration tests, including the ability to: Plan and scope penetration tests. Conduct passive reconnaissance. Perform non-technical tests to gather information. Conductive active reconnaissance. Analyze vulnerabilities. Penetrate networks. Exploit host-based vulnerabilities. Test applications. Complete post-exploit tasks. Analyze and report pen test results. Security remains one of the hottest topics in IT and other industries. It seems that each week brings news of some new breach of privacy or security. As organizations scramble to protect themselves and their customers, the ability to conduct penetration testing is an emerging skill set that is becoming ever more valuable to the organizations seeking protection, and ever more lucrative for those who possess these skills. In this course, you will be introduced to some general concepts and methodologies related to pen testing, and you will work your way through a simulated pen test for a fictitious company. 1 - Outline Lesson 1: Scoping Organization/Customer Requirements Lesson 2: Defining the Rules of Engagement Lesson 3: Footprinting and Gathering Intelligence Lesson 4: Evaluating Human and Physical Vulnerabilities Lesson 5: Preparing the Vulnerability Scan Lesson 6: Scanning Logical Vulnerabilities Lesson 7: Analyzing Scanning Results Lesson 8: Avoiding Detection and Covering Tracks Lesson 9: Exploiting the LAN and Cloud Lesson 10: Testing Wireless Networks Lesson 11: Targeting Mobile Devices Lesson 12: Attacking Specialized Systems Lesson 13: Web Application-Based Attacks Lesson 14: Performing System Hacking Lesson 15: Scripting and Software Development Lesson 16: Leveraging the Attack: Pivot and Penetrate Lesson 17: Communicating During the PenTesting Process Lesson 18: Summarizing Report Components Lesson 19: Recommending Remediation Lesson 20: Performing Post-Report Delivery Activities Additional course details: Nexus Humans CompTIA Penetration Testing Certification (PenTest Plus) - (Exam PT0-002) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the CompTIA Penetration Testing Certification (PenTest Plus) - (Exam PT0-002) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for The target audience for the DevSecOps Foundation course are professionals including: Anyone involved or interested in learning about DevSecOps strategies and automation Anyone involved in Continuous Delivery toolchain architectures Compliance Team Business managers Delivery Staff DevOps Engineers IT Managers IT Security Professionals, Practitioners, and Managers Maintenance and support staff Managed Service Providers Project & Product Managers Quality Assurance Teams Release Managers Scrum Masters Site Reliability Engineers Software Engineers Testers Overview You will learn: The purpose, benefits, concepts, and vocabulary of DevSecOps How DevOps security practices differ from other security approaches Business-driven security strategies and Best Practices Understanding and applying data and security sciences Integrating corporate stakeholders into DevSecOps Practices Enhancing communication between Dev, Sec, and Ops teams How DevSecOps roles fit with a DevOps culture and organization In this course, students will gain a solid understanding of how DevSecOps provides business value, enhancing your business opportunities, and improving corporate value. The core DevSecOps principles taught can support an organizational transformation, increase productivity, reduce risk, and optimize resource usage. This course explains how DevOps security practices differ from other approaches then delivers the education needed to apply changes to your organization. Participants learn the purpose, benefits, concepts, vocabulary and applications of DevSecOps. Most importantly, students learn how DevSecOps roles fit with a DevOps culture and organization. At the course?s end, participants will understand ?security as code? to make security and compliance value consumable as a service. This course prepares you for the DevSecOps Foundation (DSOF) certification. Realizing DevSecOps Outcomes Origins of DevOps Evolution of DevSecOps CALMS The Three Ways Defining the Cyberthreat Landscape What is the Cyber Threat Landscape? What is the threat? What do we protect from? What do we protect, and why? How do I talk to security? Building a Responsive DevSecOps Model Demonstrate Model Technical, business and human outcomes What?s being measured? Gating and thresholding Integrating DevSecOps Stakeholders The DevSecOps State of Mind The DevSecOps Stakeholders What?s at stake for who? Participating in the DevSecOps model Establishing DevSecOps Best Practices Start where you are Integrating people, process and technology and governance DevSecOps operating model Communication practices and boundaries Focusing on outcomes Best Practices to get Started The Three Ways Identifying target states Value stream-centric thinking DevOps Pipelines and Continuous Compliance The goal of a DevOps pipeline Why continuous compliance is important Archetypes and reference architectures Coordinating DevOps Pipeline construction DevSecOps tool categories, types and examples Learning Using Outcomes Security Training Options Training as Policy Experiential Learning Cross-Skilling The DevSecOps Collective Body of Knowledge Preparing for the DevSecOps Foundation certification exam Additional course details: Nexus Humans DevSecOps Foundation (DevOps Institute) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the DevSecOps Foundation (DevOps Institute) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 3 Days 18 CPD hours This course is intended for The primary audience for this course is anyone who works in and around IT, facilities or data centre operations and needs to understand and improve the daily operations including important processes such as lock-out/tag-out, the right process for installing/de-installing equipment, safety procedures, capacity management and much more. Overview The old believe that a fully redundant data centre facility will save the day is no longer true as many research outcomes have revealed that the majority of downtime is caused by the human factor. Policies, processes, procedures and work instructions should be carefully developed, ideally following relevant standards, to ensure an effcient and effective data centre operations which are also compliant to the required regulations. The CDFOS© (Certified Data Centre Facilities Operations Specialist) course is a three-day course which will enable participants to fully understand the requirements of running the day-to-day operations of a mission critical data centre. Participants will gain all the required competences for running the daily operations, understand which processes should be in place, and the critical elements of those processes and how to execute them. The course is fully aligned with the DCOS© (Data Centre Operations Standard). Data centre facilities operations management have proven to be the key differentiator between a data centre that is performing well or badly. Service Level Management Service Level Management Needs analysis Capability assessment Service portfolio and catalogue Service Level Agreements Reporting - Complaint procedure Customer satisfaction Service Improvement Process (SIP) Safety and Crisis Management Most common type of accidents and why they often happen The roles and responsibilities of appointed safety staff The importance of the OH&S or WHS manual Calibration of measurement and test equipment Proper lock-out/tag-out procedures Emergency response plan requirement for various potential emergencies The importance of Permit To Work Physical Security Standard Operating Procedures (SOP) for security Security risk assessment Security zones Physical inspections / security patrols Delivery of goods / holding area Entry control of individuals Badges and key management Security monitoring Security incident reporting Facilities Maintenance The importance of maintenance Maintenance definitions Maintenance operations procedures (MOP) Service reports Spare management Tools Housekeeping Data Centre Operations Shift handover Walk around duties Service management Release management Configuration management Floor management Equipment life cycle management Monitoring/Reporting/Control Monitoring requirements Facilities monitoring matrix Sensor / alarm point testing and calibration Notification matrix Escalation requirements Reporting Project Management Project management Project organization Project manager Initiation Planning Execution Monitor and control Closing Evaluation / lessons learnt Environmental Sustainability The importance of sustainability Environmental standards Power efficiency indicators Energy saving best practises Water management Sustainable energy usage Governance and Compliance The importance of document management The siz sub-processes of document management Asset management Requirements or asset recording Exam: Certified Data Centre Facilities Operations Specialist (CDFOS©) Certification exams are administered at the end of the course. The exam is a 90-minute closed book exam, with 60 multiple-choice questions. The candidate requires a minimum of 42 correct answers to pass the exam. Online exam results are known immediately and paper-based exam results will be known within one week. Additional course details: Nexus Humans Certified Data Centre Facilities Operations Specialist (CDFOS) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Certified Data Centre Facilities Operations Specialist (CDFOS) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for This course is designed for IT professionals who wish to develop cloud computing skills to enable them to move IT workloads to the cloud and integrate products and services from different providers and industries. Their focus is to ensure that cloud deployments are secure, that automation and orchestration are used effectively to bring business value from the cloud, and that costs are controlled through effective management of cloud vendors. This course is also designed for students who are preparing to take the CompTIA Cloud+ certification exam CV0-003, or who plan to use Cloud+ as the foundation for more advanced cloud certifications or career roles. Overview In this course, you will deploy, test, secure, manage, optimize, and troubleshoot a cloud solution. You will: - Prepare to deploy cloud solutions - Deploy a pilot project - Test a pilot project deployment - Design a secure network for cloud deployment - Determine CPU and memory sizing for cloud deployments - Determine storage requirements for cloud deployments - Plan Identity and Access Management for cloud deployments - Analyze workload characteristics to ensure successful migration to the cloud - Secure systems to meet access requirements - Maintain cloud systems - Implement backup, restore, and business continuity measures - Analyze cloud systems for required performance - Analyze cloud systems for anomalies and growth forecasting - Troubleshoot deployment, capacity, automation, and orchestration issues - Troubleshoot connectivity issues - Troubleshoot security issues In this course, you will learn how to implement, maintain, and deliver cloud technologies including network, storage, and virtualization technologies to create cloud solutions. 1 - PREPARING TO DEPLOY CLOUD SOLUTIONS Describe Interaction of Cloud Components and Services Describe Interaction of Non-cloud Components and Services Evaluate Existing Components and Services for Cloud Deployment Evaluate Automation and Orchestration Options Prepare for Cloud Deployment 2 - DEPLOYING A PILOT PROJECT Manage Change in a Pilot Project Execute Cloud Deployment Workflow Complete Post-Deployment Configuration 3 - TESTING PILOT PROJECT DEPLOYMENTS Identify Cloud Service Components for Testing Test for High Availability and Accessibility Perform Deployment Load Testing Analyze Test Results 4 - DESIGNING A SECURE AND COMPLIANT CLOUD INFRASTRUCTURE Design Cloud Infrastructure for Security Determine Organizational Compliance Needs 5 - DESIGNING AND IMPLEMENTING A SECURE CLOUD ENVIRONMENT Design Virtual Network for Cloud Deployment Determine Network Access Requirements Secure Networks for Cloud Interaction Manage Cloud Component Security Implement Security Technologies 6 - PLANNING IDENTITY AND ACCESS MANAGEMENT FOR CLOUD DEPLOYMENTS Determine Identity Management and Authentication Technologies Plan Account Management Policies for the Network and Systems Control Access to Cloud Objects Provision Accounts 7 - DETERMINING CPU AND MEMORY SIZING FOR CLOUD DEPLOYMENTS Determine CPU Size for Cloud Deployment Determine Memory Size for Cloud Deployment 8 - DETERMINING STORAGE REQUIREMENTS FOR CLOUD DEPLOYMENTS Determine Storage Technology Requirements Select Storage Options for Deployment Determine Storage Access and Provisioning Requirements Determine Storage Security Options 9 - ANALYZING WORKLOAD CHARACTERISTICS TO ENSURE SUCCESSFUL MIGRATION Determine the Type of Cloud Deployment to Perform Manage Virtual Machine and Container Migration Manage Network, Storage, and Data Migration 10 - MAINTAINING CLOUD SYSTEMS Patch Cloud Systems Design and Implement Automation and Orchestration for Maintenance 11 - IMPLEMENTING BACKUP, RESTORE, DISASTER RECOVERY, AND BUSINESS CONTINUITY MEASURES Back Up and Restore Cloud Data Implement Disaster Recovery Plans Implement Business Continuity Plans 12 - ANALYZING CLOUD SYSTEMS FOR PERFORMANCE Monitor Cloud Systems to Measure Performance Optimize Cloud Systems to Meet Performance Criteria 13 - ANALYZING CLOUD SYSTEMS FOR ANOMALIES AND GROWTH FORECASTING Monitor for Anomalies and Resource Needs Plan for Capacity Create Reports on Cloud System Metrics 14 - TROUBLESHOOTING DEPLOYMENT, CAPACITY, AUTOMATION, AND ORCHESTRATION ISSUES Troubleshoot Deployment Issues Troubleshoot Capacity Issues Troubleshoot Automation and Orchestration Issues 15 - TROUBLESHOOTING CONNECTIVITY ISSUES Identify Connectivity Issues Troubleshoot Connectivity Issues 16 - TROUBLESHOOTING SECURITY ISSUES Troubleshoot Identity and Access Issues Troubleshoot Attacks Troubleshoot Other Security Issues Additional course details: Nexus Humans CompTIA Cloud Plus Certification (Exam CV0-003) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the CompTIA Cloud Plus Certification (Exam CV0-003) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

  During this training course, you will be able to understand the different modules of ISMS, including ISMS policy, procedures, performance measurements, management commitment, internal audit, management review and continual improvement.   About This Course After attending this course, delegates will; Understand the basic concepts of Information Security Management Acknowledge the correlation between ISO/IEC 27001 and other standards and regulatory frameworks Understand the process approaches used to effectively manage Information Security Assessment     Delegates sit a combined exam, consisting of in-course quizzes and exercises, as well as a final 40 question, multiple choice exam on Day 2 of the course. The overall passing score is 70%, to be achieved within the 150 minute time allowance. Exam results are provided within 24 hours, with both a Certificate and a digital badge provided as proof of success.   Our Guarantee   We are an Accredited Training Provider of IECB. You can learn wherever and whenever you want with our robust classroom and interactive online training courses. Our courses are taught by qualified practitioners with a minimum of 25 years commercial experience. We strive to give our delegates the hands-on experience. Our courses are all-inclusive with no hidden extras.  The one-off cost covers the training, all course materials, and exam voucher. Our aim: To achieve a 100% first time pass rate on all our instructor-led courses. Our Promise: Pass first time or 'train' again for FREE. *FREE training offered for retakes - come back within a year and only pay for the exam. Accreditation Prerequisites   Basic knowledge on Information Security Management is preferred. What's Included?   Delegates will be provided with; Course Slide deck Participant Guide Exam fees Who Should Attend?   Individuals interested in Information Security Management process approaches Individuals seeking to gain knowledge about the main principles and concepts of Information Security Management Individuals interested to pursue a career in Information Security Management Provided by   This course is Accredited by NACS and Administered by theIECB

Duration 4 Days 24 CPD hours This course is intended for The Microsoft Security Operations Analyst collaborates with organizational stakeholders to secure information technology systems for the organization. Their goal is to reduce organizational risk by rapidly remediating active attacks in the environment, advising on improvements to threat protection practices, and referring violations of organizational policies to appropriate stakeholders. Responsibilities include threat management, monitoring, and response by using a variety of security solutions across their environment. The role primarily investigates, responds to, and hunts for threats using Microsoft Sentinel, Microsoft Defender for Cloud, Microsoft 365 Defender, and third-party security products. Since the Security Operations Analyst consumes the operational output of these tools, they are also a critical stakeholder in the configuration and deployment of these technologies. Learn how to investigate, respond to, and hunt for threats using Microsoft Sentinel, Microsoft Defender for Cloud, and Microsoft 365 Defender. In this course you will learn how to mitigate cyberthreats using these technologies. Specifically, you will configure and use Microsoft Sentinel as well as utilize Kusto Query Language (KQL) to perform detection, analysis, and reporting. The course was designed for people who work in a Security Operations job role and helps learners prepare for the exam SC-200: Microsoft Security Operations Analyst. Prerequisites Basic understanding of Microsoft 365 Fundamental understanding of Microsoft security, compliance, and identity products Intermediate understanding of Windows 10 Familiarity with Azure services, specifically Azure SQL Database and Azure Storage Familiarity with Azure virtual machines and virtual networking Basic understanding of scripting concepts. 1 - Introduction to Microsoft 365 threat protection Explore Extended Detection & Response (XDR) response use cases Understand Microsoft Defender XDR in a Security Operations Center (SOC) Explore Microsoft Security Graph Investigate security incidents in Microsoft Defender XDR 2 - Mitigate incidents using Microsoft 365 Defender Use the Microsoft Defender portal Manage incidents Investigate incidents Manage and investigate alerts Manage automated investigations Use the action center Explore advanced hunting Investigate Microsoft Entra sign-in logs Understand Microsoft Secure Score Analyze threat analytics Analyze reports Configure the Microsoft Defender portal 3 - Protect your identities with Microsoft Entra ID Protection Microsoft Entra ID Protection overview Detect risks with Microsoft Entra ID Protection policies Investigate and remediate risks detected by Microsoft Entra ID Protection 4 - Remediate risks with Microsoft Defender for Office 365 Automate, investigate, and remediate Configure, protect, and detect Simulate attacks 5 - Safeguard your environment with Microsoft Defender for Identity Configure Microsoft Defender for Identity sensors Review compromised accounts or data Integrate with other Microsoft tools 6 - Secure your cloud apps and services with Microsoft Defender for Cloud Apps Understand the Defender for Cloud Apps Framework Explore your cloud apps with Cloud Discovery Protect your data and apps with Conditional Access App Control Walk through discovery and access control with Microsoft Defender for Cloud Apps Classify and protect sensitive information Detect Threats 7 - Respond to data loss prevention alerts using Microsoft 365 Describe data loss prevention alerts Investigate data loss prevention alerts in Microsoft Purview Investigate data loss prevention alerts in Microsoft Defender for Cloud Apps 8 - Manage insider risk in Microsoft Purview Insider risk management overview Create and manage insider risk policies Investigate insider risk alerts Take action on insider risk alerts through cases Manage insider risk management forensic evidence Create insider risk management notice templates 9 - Investigate threats by using audit features in Microsoft Defender XDR and Microsoft Purview Standard Explore Microsoft Purview Audit solutions Implement Microsoft Purview Audit (Standard) Start recording activity in the Unified Audit Log Search the Unified Audit Log (UAL) Export, configure, and view audit log records Use audit log searching to investigate common support issues 10 - Investigate threats using audit in Microsoft Defender XDR and Microsoft Purview (Premium) Explore Microsoft Purview Audit (Premium) Implement Microsoft Purview Audit (Premium) Manage audit log retention policies Investigate compromised email accounts using Purview Audit (Premium) 11 - Investigate threats with Content search in Microsoft Purview Explore Microsoft Purview eDiscovery solutions Create a content search View the search results and statistics Export the search results and search report Configure search permissions filtering Search for and delete email messages 12 - Protect against threats with Microsoft Defender for Endpoint Practice security administration Hunt threats within your network 13 - Deploy the Microsoft Defender for Endpoint environment Create your environment Understand operating systems compatibility and features Onboard devices Manage access Create and manage roles for role-based access control Configure device groups Configure environment advanced features 14 - Implement Windows security enhancements with Microsoft Defender for Endpoint Understand attack surface reduction Enable attack surface reduction rules 15 - Perform device investigations in Microsoft Defender for Endpoint Use the device inventory list Investigate the device Use behavioral blocking Detect devices with device discovery 16 - Perform actions on a device using Microsoft Defender for Endpoint Explain device actions Run Microsoft Defender antivirus scan on devices Collect investigation package from devices Initiate live response session 17 - Perform evidence and entities investigations using Microsoft Defender for Endpoint Investigate a file Investigate a user account Investigate an IP address Investigate a domain 18 - Configure and manage automation using Microsoft Defender for Endpoint Configure advanced features Manage automation upload and folder settings Configure automated investigation and remediation capabilities Block at risk devices 19 - Configure for alerts and detections in Microsoft Defender for Endpoint Configure advanced features Configure alert notifications Manage alert suppression Manage indicators 20 - Utilize Vulnerability Management in Microsoft Defender for Endpoint Understand vulnerability management Explore vulnerabilities on your devices Manage remediation 21 - Plan for cloud workload protections using Microsoft Defender for Cloud Explain Microsoft Defender for Cloud Describe Microsoft Defender for Cloud workload protections Enable Microsoft Defender for Cloud 22 - Connect Azure assets to Microsoft Defender for Cloud Explore and manage your resources with asset inventory Configure auto provisioning Manual log analytics agent provisioning 23 - Connect non-Azure resources to Microsoft Defender for Cloud Protect non-Azure resources Connect non-Azure machines Connect your AWS accounts Connect your GCP accounts 24 - Manage your cloud security posture management? Explore Secure Score Explore Recommendations Measure and enforce regulatory compliance Understand Workbooks 25 - Explain cloud workload protections in Microsoft Defender for Cloud Understand Microsoft Defender for servers Understand Microsoft Defender for App Service Understand Microsoft Defender for Storage Understand Microsoft Defender for SQL Understand Microsoft Defender for open-source databases Understand Microsoft Defender for Key Vault Understand Microsoft Defender for Resource Manager Understand Microsoft Defender for DNS Understand Microsoft Defender for Containers Understand Microsoft Defender additional protections 26 - Remediate security alerts using Microsoft Defender for Cloud Understand security alerts Remediate alerts and automate responses Suppress alerts from Defender for Cloud Generate threat intelligence reports Respond to alerts from Azure resources 27 - Construct KQL statements for Microsoft Sentinel Understand the Kusto Query Language statement structure Use the search operator Use the where operator Use the let statement Use the extend operator Use the order by operator Use the project operators 28 - Analyze query results using KQL Use the summarize operator Use the summarize operator to filter results Use the summarize operator to prepare data Use the render operator to create visualizations 29 - Build multi-table statements using KQL Use the union operator Use the join operator 30 - Work with data in Microsoft Sentinel using Kusto Query Language Extract data from unstructured string fields Extract data from structured string data Integrate external data Create parsers with functions 31 - Introduction to Microsoft Sentinel What is Microsoft Sentinel? How Microsoft Sentinel works When to use Microsoft Sentinel 32 - Create and manage Microsoft Sentinel workspaces Plan for the Microsoft Sentinel workspace Create a Microsoft Sentinel workspace Manage workspaces across tenants using Azure Lighthouse Understand Microsoft Sentinel permissions and roles Manage Microsoft Sentinel settings Configure logs 33 - Query logs in Microsoft Sentinel Query logs in the logs page Understand Microsoft Sentinel tables Understand common tables Understand Microsoft Defender XDR tables 34 - Use watchlists in Microsoft Sentinel Plan for watchlists Create a watchlist Manage watchlists 35 - Utilize threat intelligence in Microsoft Sentinel Define threat intelligence Manage your threat indicators View your threat indicators with KQL 36 - Connect data to Microsoft Sentinel using data connectors Ingest log data with data connectors Understand data connector providers View connected hosts 37 - Connect Microsoft services to Microsoft Sentinel Plan for Microsoft services connectors Connect the Microsoft Office 365 connector Connect the Microsoft Entra connector Connect the Microsoft Entra ID Protection connector Connect the Azure Activity connector 38 - Connect Microsoft Defender XDR to Microsoft Sentinel Plan for Microsoft Defender XDR connectors Connect the Microsoft Defender XDR connector Connect Microsoft Defender for Cloud connector Connect Microsoft Defender for IoT Connect Microsoft Defender legacy connectors 39 - Connect Windows hosts to Microsoft Sentinel Plan for Windows hosts security events connector Connect using the Windows Security Events via AMA Connector Connect using the Security Events via Legacy Agent Connector Collect Sysmon event logs 40 - Connect Common Event Format logs to Microsoft Sentinel Plan for Common Event Format connector Connect your external solution using the Common Event Format connector 41 - Connect syslog data sources to Microsoft Sentinel Plan for syslog data collection Collect data from Linux-based sources using syslog Configure the Data Collection Rule for Syslog Data Sources Parse syslog data with KQL 42 - Connect threat indicators to Microsoft Sentinel Plan for threat intelligence connectors Connect the threat intelligence TAXII connector Connect the threat intelligence platforms connector View your threat indicators with KQL 43 - Threat detection with Microsoft Sentinel analytics What is Microsoft Sentinel Analytics? Types of analytics rules Create an analytics rule from templates Create an analytics rule from wizard Manage analytics rules 44 - Automation in Microsoft Sentinel Understand automation options Create automation rules 45 - Threat response with Microsoft Sentinel playbooks What are Microsoft Sentinel playbooks? Trigger a playbook in real-time Run playbooks on demand 46 - Security incident management in Microsoft Sentinel Understand incidents Incident evidence and entities Incident management 47 - Identify threats with Behavioral Analytics Understand behavioral analytics Explore entities Display entity behavior information Use Anomaly detection analytical rule templates 48 - Data normalization in Microsoft Sentinel Understand data normalization Use ASIM Parsers Understand parameterized KQL functions Create an ASIM Parser Configure Azure Monitor Data Collection Rules 49 - Query, visualize, and monitor data in Microsoft Sentinel Monitor and visualize data Query data using Kusto Query Language Use default Microsoft Sentinel Workbooks Create a new Microsoft Sentinel Workbook 50 - Manage content in Microsoft Sentinel Use solutions from the content hub Use repositories for deployment 51 - Explain threat hunting concepts in Microsoft Sentinel Understand cybersecurity threat hunts Develop a hypothesis Explore MITRE ATT&CK 52 - Threat hunting with Microsoft Sentinel Explore creation and management of threat-hunting queries Save key findings with bookmarks Observe threats over time with livestream 53 - Use Search jobs in Microsoft Sentinel Hunt with a Search Job Restore historical data 54 - Hunt for threats using notebooks in Microsoft Sentinel Access Azure Sentinel data with external tools Hunt with notebooks Create a notebook Explore notebook code