1214 Courses delivered Live Online

Duration 5 Days 30 CPD hours This course is intended for The intended audience for this course is information systems security professionals, internal review auditors, and other individuals who have an interest in aspects of information systems audit, controls, and security. Overview Upon successful completion of this course, students will be able to: - implement information systems audit services in accordance with information systems audit standards, guidelines, and best practices. - evaluate an organizations structure, policies, accountability, mechanisms, and monitoring practices. - evaluate information systems acquisition, development, and implementation. - evaluate the information systems operations, maintenance, and support of an organization; and evaluate the business continuity and disaster recovery processes used to provide assurance that in the event of a disruption, IT services are maintained. - define the protection policies used to promote the confidentiality, integrity, and availability of information assets. In this course, students will evaluate organizational policies, procedures, and processes to ensure that an organizations information systems align with its overall business goals and objectives. 1 - The Process of Auditing Information Systems ISACA Information Systems Auditing Standards and Guidelines Fundamental Business Processes Develop and Implement an Information Systems Audit Strategy Plan an Audit Conduct an Audit The Evidence Life Cycle Communicate Issues, Risks, and Audit Results Support the Implementation of Risk Management and Control Practices 2 - IT Governance and Management Evaluate the Effectiveness of IT Governance Evaluate the IT Organizational Structure and HR Management Evaluate the IT Strategy and Direction Evaluate IT Policies, Standards, and Procedures Evaluate the Effectiveness of Quality Management Systems Evaluate IT Management and Monitoring of Controls IT Resource Investment, Use, and Allocation Practices Evaluate IT Contracting Strategies and Policies Evaluate Risk Management Practices Performance Monitoring and Assurance Practices Evaluate the Organizations Business Continuity Plan 3 - Information Systems Acquisition, Development, and Implementation Evaluate the Business Case for Change Evaluate Project Management Frameworks and Governance Practices Development Life Cycle Management Perform Periodic Project Reviews Evaluate Control Mechanisms for Systems Evaluate Development and Testing Processes Evaluate Implementation Readiness Evaluate a System Migration Perform a Post-Implementation System Review 4 - Information Systems Operations, Maintenance, and Support Perform Periodic System Reviews Evaluate Service Level Management Practices Evaluate Third-Party Management Practices Evaluate Operations and End User Management Practices Evaluate the Maintenance Process Evaluate Data Administration Practices Evaluate the Use of Capacity and Performance Monitoring Methods Evaluate Change, Configuration, and Release Management Practices Evaluate Problem and Incident Management Practices Evaluate the Adequacy of Backup and Restore Provisions 5 - Protection of Information Assets Information Security Design Encryption Basics Evaluate the Functionality of the IT Infrastructure Evaluate Network Infrastructure Security Evaluate the Design, Implementation, and Monitoring of Logical Access Controls Risks and Controls of Virtualization Evaluate the Design, Implementation, and Monitoring of Data Classification Process Evaluate the Design, Implementation, and Monitoring of Physical Access Controls Evaluate the Design, Implementation, and Monitoring of Environmental Controls

Accredited through APMG International, certified in the UK by the National Cyber Security Centre (NCSC) and listed as qualified cyber training by Department of Homeland Security Cybersecurity and Infrastructure Security Agency (DHS CISA) in the USA, the NIST Cyber Security Professional (NCSP®) training program teaches individuals and organizations how to engineer, operationalize, and continually improve a NIST Cybersecurity Framework program. This introductory level, non-examinable NCSP® Digital Business Risk Awareness Certificate course takes learners on a journey to understand how the ever-changing cyber threat landscape impacts an organization's ability to secure the value of its digital business services. The course will allow participants to apply what they learn in a real-world environment.

Duration 4 Days 24 CPD hours This course is intended for Penetration Testers Microsoft Administrators Security Administrators Active Directory Administrators Anyone looking to learn more about security Overview Upon completion, Certified IS Security Manager students will have a strong foundation in Cyber Security & IS management standards with current best practices and will be prepared to competently take the C)ISSM exam. Companies will lean on a Certified IS Security Manager, C)ISSM to create solutions for tomorrow?s problems, today. When it comes to identifying critical issues and providing effective IS management solutions.ÿ ÿThe knowledge and course content provided in the Certified Information Systems Security Manager ? C)ISSM will not only cover ISACA©?s CISM exam but will provide a measurable certification that demonstrates proficiency in the IS Management Field. The Certified Information Systems Security Manager covers the skills and knowledge to assess threat analysis and risks, Risk & incident management, Security programs and CISO roles, IS security strategy and frameworks, Audit and Risk management creation of policies, compliance and awareness, as well as DR and BCP development, deployment and maintenance. Course Outline Introduction Information Security Governance Information Risk Management and Compliance Information Security Program Development and Management Information Security Incident Management Additional course details: Nexus Humans C)ISSM - Certified Information Systems Security Manager Mile 2 training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the C)ISSM - Certified Information Systems Security Manager Mile 2 course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for IS Security Officers IS Managers Risk Managers Auditors Information Systems Owners IS Control Assessors System Managers Government Employees Overview The person who carries this certification should be able to acquire necessary resources, advise senior leadership, collaborate with stakeholders, evaluate effectiveness, identify cybersecurity problems, manage threats, oversee information security awareness programs, participate in risk assessments, support compliance activities, and define or implement policies and procedures to ensure protection of critical infrastructure within an information security environment. If you are looking for the ?gotta have it? cybersecurity course, then the Certified Information Systems Security Officer is for you.ÿ The C)ISSO will prepare you for multiple managerial roles inside the INFOSEC community by covering a broad range of topics. You will learn theories in security concepts, practices, monitoring and compliance in IS management. An Information Systems Security Officer is able to implement and maintain cost-effective security controls that are closely aligned with business and industry standards. The C)ISSO certification course is an idealÿway to increaseÿknowledge, expertise, and skill for managers, auditors, and INFOSEC professionals.ÿ At Mile2 we consider the C)ISSO to be one of our flagship courses.The things you learn in this course can be applied to management, prevention teams, and recovery professionals. Material learned in the Live Class or Self-Study options will apply directly to the certification exam. Course Outline Risk Management Security Management Identification and Authentication Access Control Security Models and Evaluation Operations Security Vulnerability Assessments Symmetric Cryptography and Hashing Network Connections Network Protocols and Devices Telephony, VPNs, and Wireless Security Architecture and Attacks Software Development Security Database Security Malware and Software Attacks Business Continuity Disaster Recovery Incident Management, Law, and Ethics Physical Security Additional course details: Nexus Humans C)ISSO - Certified Information Security Systems Officer Mile 2 training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the C)ISSO - Certified Information Security Systems Officer Mile 2 course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 1 Days 6 CPD hours This course is intended for The audience for this course is looking to familiarize themselves with the fundamentals of security, compliance, and identity (SCI) across cloud-based and related Microsoft services. The content for this course aligns to the SC-900 exam objective domain. Candidates should be familiar with Microsoft Azure and Microsoft 365 and understand how Microsoft security, compliance, and identity solutions can span across these solution areas to provide a holistic and end-to-end solution. Before attending this course, students must have: General understanding of networking and cloud computing concepts. General IT knowledge or any general experience working in an IT environment. General understanding of Microsoft Azure and Microsoft 365. This course provides foundational level knowledge on security, compliance, and identity concepts and related cloud-based Microsoft solutions. Prerequisites General understanding of networking and cloud computing concepts. General IT knowledge or any general experience working in an IT environment. General understanding of Microsoft Azure and Microsoft 365. 1 - Describe security and compliance concepts Describe the shared responsibility model Describe defense in depth Describe the Zero Trust model Describe governance, risk, and compliance (GRC) concepts 2 - Describe identity concepts Define authentication and authorization Define identity as the primary security perimeter Describe the role of the identity provider Describe the concept of directory services and Active Directory Describe the concept of federation 3 - Describe the function and identity types of Microsoft Entra ID Describe Microsoft Entra ID Describe types of identities Describe hybrid identity Describe external identities 4 - Describe the authentication capabilities of Microsoft Entra ID Describe authentication methods Describe multifactor authentication Describe self-service password reset Describe password protection and management capabilities 5 - Describe access management capabilities of Microsoft Entra ID Describe Conditional Access Describe Microsoft Entra roles and role-based access control (RBAC) 6 - Describe the identity protection and governance capabilities of Azure AD Describe Microsoft Entra ID Governance Describe access reviews Describe entitlement management Describe the capabilities of Privileged identity Management Describe Microsoft Entra ID Protection Describe Microsoft Entra Permissions Management Describe Microsoft Entra Verified ID 7 - Describe core infrastructure security services in Azure Describe Azure DDoS protection Describe Azure Firewall Describe Web Application Firewall Describe network segmentation in Azure Describe Azure Network Security Groups Describe Azure Bastion Describe Azure Key Vault 8 - Describe the security management capabilities in Azure Describe Microsoft Defender for Cloud Describe how security policies and initiatives improve cloud security posture Describe Cloud security posture management Describe the enhanced security of Microsoft Defender for Cloud Describe DevOps security management 9 - Describe security capabilities of Microsoft Sentinel Describe threat detection and mitigation capabilities in Microsoft Sentinel Describe Microsoft Security Copilot 10 - Describe threat protection with Microsoft Defender XDR Describe Microsoft Defender XDR services Describe Microsoft Defender for Office 365 Describe Microsoft Defender for Endpoint Describe Microsoft Defender for Cloud Apps Describe Microsoft Defender for Identity Describe Microsoft Defender Vulnerability Management Describe Microsoft Defender Threat Intelligence Describe the Microsoft Defender portal 11 - Describe Microsoft?s Service Trust portal and privacy capabilities Describe the offerings of the Service Trust portal Describe Microsoft's privacy principles Describe Microsoft Priva 12 - Describe the compliance management capabilities in Microsoft Purview Describe the Microsoft Purview compliance portal Describe Compliance Manager Describe use and benefits of compliance score 13 - Describe information protection, data lifecycle management, and data governance capabilities in Microsoft Purview Know your data, protect your data, and govern your data Describe the data classification capabilities of the compliance portal Describe sensitivity labels and policies Describe data loss prevention Describe retention policies and retention labels Describe records management Describe the Microsoft Purview unified data governance solution 14 - Describe the insider risk capabilities in Microsoft Purview Describe insider risk management Describe communication compliance 15 - Describe the eDiscovery and Audit capabilities in Microsoft Purview Describe the eDiscovery solutions in Microsoft Purview Describe the audit solutions in Microsoft Purview

Duration 2 Days 12 CPD hours This course is intended for This course is intended for network engineers, network support personnel, reseller support personnel and anyone else needing a working knowledge of Network and Security Manager. Overview After successfully completing this course, you should be able to: Explain Network and Security Manager concepts and terminology. Set up and administer Network and Security Manager servers. Configure domains and administrators. Add devices using modeling and importing. Work with objects and templates. Configure policies. Perform routine device management tasks Work with logs and reports Configure VPNs with the VPN Manager tool This course discusses the basic operations of Network and Security Manager. Key topics include server and domain administration, device configuration, template creation and management, policy creation and management, logging, and report generation. Through demonstrations and hands-on labs, students gain experience in configuring, testing, and troubleshooting features of Network and Security Manager. Labs will be done on a ScreenOS platform Chapter 1: Course IntroductionChapter 2: Network and Security Manager Concepts Chapter 3: Server Administration Chapter 4: Domains and Administrators Chapter 5: Adding Devices Chapter 6: Abstraction Objects and TemplatesChapter 7: Abstraction Policies Chapter 8: Managing Devices Chapter 9: Logging, Reporting and Monitoring Chapter 10: Central ManagerChapter 11: Virtual Private Networks Additional course details: Nexus Humans Network and Security Manager Fundamentals training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Network and Security Manager Fundamentals course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for Security architects System designers Network administrators Operations engineers Network managers, network or security technicians, and security engineers and managers responsible for web security Cisco integrators and partners Overview After taking this course, you should be able to: Describe Cisco WSA Deploy proxy services Utilize authentication Describe decryption policies to control HTTPS traffic Understand differentiated traffic access policies and identification profiles Enforce acceptable use control settings Defend against malware Describe data security and data loss prevention Perform administration and troubleshooting This course shows you how to implement, use, and maintain Cisco© Web Security Appliance (WSA), powered by Cisco Talos, to provide advanced protection for business email and control against web security threats. Through a combination of expert instruction and hands-on practice, you?ll learn how to deploy proxy services, use authentication, implement policies to control HTTPS traffic and access, implement use control settings and policies, use the solution?s anti-malware features, implement data security and data loss prevention, perform administration of Cisco WSA solution, and more.This course helps you prepare to take the exam, Securing the Web with Cisco Web Security Appliance (300-725 SWSA). Describing Cisco WSA Technology Use Case Cisco WSA Solution Cisco WSA Features Cisco WSA Architecture Proxy Service Integrated Layer 4 Traffic Monitor Data Loss Prevention Cisco Cognitive Intelligence Management Tools Cisco Advanced Web Security Reporting (AWSR) and Third-Party Integration Cisco Content Security Management Appliance (SMA) Deploying Proxy Services Explicit Forward Mode vs. Transparent Mode Transparent Mode Traffic Redirection Web Cache Control Protocol Web Cache Communication Protocol (WCCP) Upstream and Downstream Flow Proxy Bypass Proxy Caching Proxy Auto-Config (PAC) Files FTP Proxy Socket Secure (SOCKS) Proxy Proxy Access Log and HTTP Headers Customizing Error Notifications with End User Notification (EUN) Pages Utilizing Authentication Authentication Protocols Authentication Realms Tracking User Credentials Explicit (Forward) and Transparent Proxy Mode Bypassing Authentication with Problematic Agents Reporting and Authentication Re-Authentication FTP Proxy Authentication Troubleshooting Joining Domains and Test Authentication Integration with Cisco Identity Services Engine (ISE) Creating Decryption Policies to Control HTTPS Traffic Transport Layer Security (TLS)/Secure Sockets Layer (SSL) Inspection Overview Certificate Overview Overview of HTTPS Decryption Policies Activating HTTPS Proxy Function Access Control List (ACL) Tags for HTTPS Inspection Access Log Examples Understanding Differentiated Traffic Access Policies and Identification Profiles Overview of Access Policies Access Policy Groups Overview of Identification Profiles Identification Profiles and Authentication Access Policy and Identification Profiles Processing Order Other Policy Types Access Log Examples ACL Decision Tags and Policy Groups Enforcing Time-Based and Traffic Volume Acceptable Use Policies, and End User Notifications Defending Against Malware Web Reputation Filters Anti-Malware Scanning Scanning Outbound Traffic Anti-Malware and Reputation in Policies File Reputation Filtering and File Analysis Cisco Advanced Malware Protection File Reputation and Analysis Features Integration with Cisco Cognitive Intelligence Enforcing Acceptable Use Control Settings Controlling Web Usage URL Filtering URL Category Solutions Dynamic Content Analysis Engine Web Application Visibility and Control Enforcing Media Bandwidth Limits Software as a Service (SaaS) Access Control Filtering Adult Content Data Security and Data Loss Prevention Data Security Cisco Data Security Solution Data Security Policy Definitions Data Security Logs Performing Administration and Troubleshooting Monitor the Cisco Web Security Appliance Cisco WSA Reports Monitoring System Activity Through Logs System Administration Tasks Troubleshooting Command Line Interface

This course will develop knowledge from the FD&FA foundation BS 5839-1 module and/or industry experience and apply this to the design of FD&FA systems.

Duration 4 Days 24 CPD hours This course is intended for Security engineers Security administrators Security architects Operations engineers Network engineers Network administrators Network or security technicians Network managers System designers Cisco integrators and partners Overview After taking this course, you should be able to: Describe and administer the Cisco Email Security Appliance (ESA) Control sender and recipient domains Control spam with Talos SenderBase and anti-spam Use anti-virus and outbreak filters Use mail policies Use content filters Use message filters to enforce email policies Prevent data loss Perform LDAP queries Authenticate Simple Mail Transfer Protocol (SMTP) sessions Authenticate email Encrypt email Use system quarantines and delivery methods Perform centralized management using clusters Test and troubleshoot This course shows you how to deploy and use Cisco© Email Security Appliance to establish protection for your email systems against phishing, business email compromise, and ransomware, and to help streamline email security policy management. This hands-on course provides you with the knowledge and skills to implement, troubleshoot, and administer Cisco Email Security Appliance, including key capabilities such as advanced malware protection, spam blocking, anti-virus protection, outbreak filtering, encryption, quarantines, and data loss prevention. This course helps you prepare to take the exam, Securing Email with Cisco Email Security Appliance (300-720 SESA). Describing the Cisco Email Security Appliance Cisco Email Security Appliance Overview Technology Use Case Cisco Email Security Appliance Data Sheet SMTP Overview Email Pipeline Overview Installation Scenarios Initial Cisco Email Security Appliance Configuration Centralizing Services on a Cisco Administering the Cisco Email Security Appliance Distributing Administrative Tasks System Administration Managing and Monitoring Using the Command Line Interface (CLI) Other Tasks in the GUI Advanced Network Configuration Using Email Security Monitor Tracking Messages Logging Controlling Sender and Recipient Domains Public and Private Listeners Configuring the Gateway to Receive Email Host Access Table Overview Recipient Access Table Overview Configuring Routing and Delivery Features Controlling Spam with Talos SenderBase and Anti-Spam SenderBase Overview Anti-Spam Managing Graymail Protecting Against Malicious or Undesirable URLs File Reputation Filtering and File Analysis Bounce Verification Using Anti-Virus and Outbreak Filters Anti-Virus Scanning Overview Sophos Anti-Virus Filtering McAfee Anti-Virus Filtering Configuring the Appliance to Scan for Viruses Outbreak Filters How the Outbreak Filters Feature Works Managing Outbreak Filters Using Mail Policies Email Security Manager Overview Mail Policies Overview Handling Incoming and Outgoing Messages Differently Matching Users to a Mail Policy Message Splintering Configuring Mail Policies Using Content Filters Content Filters Overview Content Filter Conditions Content Filter Actions Filter Messages Based on Content Text Resources Overview Using and Testing the Content Dictionaries Filter Rules Understanding Text Resources Text Resource Management Using Text Resources Using Message Filters to Enforce Email Policies Message Filters Overview Components of a Message Filter Message Filter Processing Message Filter Rules Message Filter Actions Attachment Scanning Examples of Attachment Scanning Message Filters Using the CLI to Manage Message Filters Message Filter Examples Configuring Scan Behavior Preventing Data Loss Overview of the Data Loss Prevention (DLP) Scanning Process Setting Up Data Loss Prevention Policies for Data Loss Prevention Message Actions Updating the DLP Engine and Content Matching Classifiers Using LDAP Overview of LDAP Working with LDAP Using LDAP Queries Authenticating End-Users of the Spam Quarantine Configuring External LDAP Authentication for Users Testing Servers and Queries Using LDAP for Directory Harvest Attack Prevention Spam Quarantine Alias Consolidation Queries Validating Recipients Using an SMTP Server SMTP Session Authentication Configuring AsyncOS for SMTP Authentication Authenticating SMTP Sessions Using Client Certificates Checking the Validity of a Client Certificate Authenticating User Using LDAP Directory Authenticating SMTP Connection Over Transport Layer Security (TLS) Using a Client Certificate Establishing a TLS Connection from the Appliance Updating a List of Revoked Certificates Email Authentication Email Authentication Overview Configuring DomainKeys and DomainKeys Identified Mail (DKIM) Signing Verifying Incoming Messages Using DKIM Overview of Sender Policy Framework (SPF) and SIDF Veri?cation Domain-based Message Authentication Reporting and Conformance (DMARC) Verification Forged Email Detection Email Encryption Overview of Cisco Email Encryption Encrypting Messages Determining Which Messages to Encrypt Inserting Encryption Headers into Messages Encrypting Communication with Other Message Transfer Agents (MTAs) Working with Certificates Managing Lists of Certificate Authorities Enabling TLS on a Listener?s Host Access Table (HAT) Enabling TLS and Certi?cate Verification on Delivery Secure/Multipurpose Internet Mail Extensions (S/MIME) Security Services Using System Quarantines and Delivery Methods Describing Quarantines Spam Quarantine Setting Up the Centralized Spam Quarantine Using Safelists and Blocklists to Control Email Delivery Based on Sender Configuring Spam Management Features for End Users Managing Messages in the Spam Quarantine Policy, Virus, and Outbreak Quarantines Managing Policy, Virus, and Outbreak Quarantines Working with Messages in Policy, Virus, or Outbreak Quarantines Delivery Methods Centralized Management Using Clusters Overview of Centralized Management Using Clusters Cluster Organization Creating and Joining a Cluster Managing Clusters Cluster Communication Loading a Configuration in Clustered Appliances Best Practices Testing and Troubleshooting Debugging Mail Flow Using Test Messages: Trace Using the Listener to Test the Appliance Troubleshooting the Network Troubleshooting the Listener Troubleshooting Email Delivery Troubleshooting Performance Web Interface Appearance and Rendering Issues Responding to Alerts Troubleshooting Hardware Issues Working with Technical Support References Model Specifications for Large Enterprises Model Specifications for Midsize Enterprises and Small-to-Midsize Enterprises or Branch O?ces Cisco Email Security Appliance Model Specifications for Virtual Appliances

This is a gateway course for all further learning in FD&FA systems.