69 Courses delivered Live Online

Duration 5 Days 30 CPD hours This course is intended for The CHFI course will benefit: Police and other laws enforcement personnel Defense and Military personnel e-Business Security professionals Systems administrators Legal professionals Banking, Insurance and other professionals Government agencies Overview At the end of this course, you will possess the skills needed to: Understand the fundamentals of computer forensics Understand the computer forensic investigation process Describe in detail different types of hard disks and file systems Understand data acquisition and duplication Counteract anti-forensic techniques Leverage forensic skills in Windows, Linux, and Mac Investigate web attacks Understand dark web forensics Deploy forensic techniques for databases, cloud, and networks Investigate email crimes including malware Perform forensics in mobile and IoT environments Every crime leaves a digital footprint, and you need the skills to track those footprints. In this course, students will learn to unravel these pieces of evidence, decode them and report them. From decoding a hack to taking legal action against the perpetrators, they will become an active respondent in times of cyber-breaches. Computer Forensics in Today?s World 1.1. Understand the Fundamentals of Computer Forensics 1.2. Understand Cybercrimes and their Investigation Procedures 1.3. Understand Digital Evidence 1.4. Understand Forensic Readiness, Incident Response and the Role of SOC (Security Operations Center) in Computer Forensics 1.5. Identify the Roles and Responsibilities of a Forensic Investigator 1.6. Understand the Challenges Faced in Investigating Cybercrimes 1.7. Understand Legal Compliance in Computer Forensics Computer Forensics Investigation Process 2.1. Understand the Forensic Investigation Process and its Importance 2.2. Understand the Pre-investigation Phase 2.3. Understand First Response 2.4. Understand the Investigation Phase 2.5. Understand the Post-investigation Phase Understanding Hard Disks and File Systems 3.1. Describe Different Types of Disk Drives and their Characteristics 3.2. Explain the Logical Structure of a Disk 3.3. Understand Booting Process of Windows, Linux and Mac Operating Systems 3.4. Understand Various File Systems of Windows, Linux and Mac Operating Systems 3.5. Examine File System Using Autopsy and The Sleuth Kit Tools 3.6 Understand Storage Systems 3.7. Understand Encoding Standards and Hex Editors 3.8. Analyze Popular File Formats Using Hex Editor Data Acquisition and Duplication 4.1. Understand Data Acquisition Fundamentals 4.2. Understand Data Acquisition Methodology 4.3. Prepare an Image File for Examination Defeating Anti-forensics Techniques 5.1. Understand Anti-forensics Techniques 5.2. Discuss Data Deletion and Recycle Bin Forensics 5.3. Illustrate File Carving Techniques and Ways to Recover Evidence from Deleted Partitions 5.4. Explore Password Cracking/Bypassing Techniques 5.5. Detect Steganography, Hidden Data in File System Structures, Trail Obfuscation, and File Extension Mismatch 5.6. Understand Techniques of Artifact Wiping, Overwritten Data/Metadata Detection, and Encryption 5.7. Detect Program Packers and Footprint Minimizing Techniques 5.8. Understand Anti-forensics Countermeasures Windows Forensics 6.1. Collect Volatile and Non-volatile Information 6.2. Perform Windows Memory and Registry Analysis 6.3. Examine the Cache, Cookie and History Recorded in Web Browsers 6.4. Examine Windows Files and Metadata 6.5. Understand ShellBags, LNK Files, and Jump Lists 6.6. Understand Text-based Logs and Windows Event Logs Linux and Mac Forensics 7.1. Understand Volatile and Non-volatile Data in Linux 7.2. Analyze Filesystem Images Using The Sleuth Kit 7.3. Demonstrate Memory Forensics Using Volatility & PhotoRec 7.4. Understand Mac Forensics Network Forensics 8.1. Understand Network Forensics 8.2. Explain Logging Fundamentals and Network Forensic Readiness 8.3. Summarize Event Correlation Concepts 8.4. Identify Indicators of Compromise (IoCs) from Network Logs 8.5. Investigate Network Traffic 8.6. Perform Incident Detection and Examination with SIEM Tools 8.7. Monitor and Detect Wireless Network Attacks Investigating Web Attacks 9.1. Understand Web Application Forensics 9.2. Understand Internet Information Services (IIS) Logs 9.3. Understand Apache Web Server Logs 9.4. Understand the Functionality of Intrusion Detection System (IDS) 9.5. Understand the Functionality of Web Application Firewall (WAF) 9.6. Investigate Web Attacks on Windows-based Servers 9.7. Detect and Investigate Various Attacks on Web Applications Dark Web Forensics 10.1. Understand the Dark Web 10.2. Determine How to Identify the Traces of Tor Browser during Investigation 10.3. Perform Tor Browser Forensics Database Forensics 11.1. Understand Database Forensics and its Importance 11.2. Determine Data Storage and Database Evidence Repositories in MSSQL Server 11.3. Collect Evidence Files on MSSQL Server 11.4. Perform MSSQL Forensics 11.5. Understand Internal Architecture of MySQL and Structure of Data Directory 11.6. Understand Information Schema and List MySQL Utilities for Performing Forensic Analysis 11.7. Perform MySQL Forensics on WordPress Web Application Database Cloud Forensics 12.1. Understand the Basic Cloud Computing Concepts 12.2. Understand Cloud Forensics 12.3. Understand the Fundamentals of Amazon Web Services (AWS) 12.4. Determine How to Investigate Security Incidents in AWS 12.5. Understand the Fundamentals of Microsoft Azure 12.6. Determine How to Investigate Security Incidents in Azure 12.7. Understand Forensic Methodologies for Containers and Microservices Investigating Email Crimes 13.1. Understand Email Basics 13.2. Understand Email Crime Investigation and its Steps 13.3. U.S. Laws Against Email Crime Malware Forensics 14.1. Define Malware and Identify the Common Techniques Attackers Use to Spread Malware 14.2. Understand Malware Forensics Fundamentals and Recognize Types of Malware Analysis 14.3. Understand and Perform Static Analysis of Malware 14.4. Analyze Suspicious Word and PDF Documents 14.5. Understand Dynamic Malware Analysis Fundamentals and Approaches 14.6. Analyze Malware Behavior on System Properties in Real-time 14.7. Analyze Malware Behavior on Network in Real-time 14.8. Describe Fileless Malware Attacks and How they Happen 14.9. Perform Fileless Malware Analysis - Emotet Mobile Forensics 15.1. Understand the Importance of Mobile Device Forensics 15.2. Illustrate Architectural Layers and Boot Processes of Android and iOS Devices 15.3. Explain the Steps Involved in Mobile Forensics Process 15.4. Investigate Cellular Network Data 15.5. Understand SIM File System and its Data Acquisition Method 15.6. Illustrate Phone Locks and Discuss Rooting of Android and Jailbreaking of iOS Devices 15.7. Perform Logical Acquisition on Android and iOS Devices 15.8. Perform Physical Acquisition on Android and iOS Devices 15.9. Discuss Mobile Forensics Challenges and Prepare Investigation Report IoT Forensics 16.1. Understand IoT and IoT Security Problems 16.2. Recognize Different Types of IoT Threats 16.3. Understand IoT Forensics 16.4. Perform Forensics on IoT Devices

Duration 3 Days 18 CPD hours This course is intended for The primary audience for this course is as follows: Cisco integrators, resellers, and partners Network administrators Security administrators Security consultants Systems engineers Technical support personnel Overview After taking this course, you should be able to: Cisco Advanced Malware Protection (AMP) Recognize the key features and concepts of the AMP for Endpoints product Navigate the AMP for Endpoints console interface and perform first-use setup tasks Identify and use the primary analysis features of AMP for Endpoints Use the AMP for Endpoints tools to analyze a compromised host Analyze files and events by using the AMP for Endpoints console and be able to produce threat reports Configure and customize AMP for Endpoints to perform malware detection Create and configure a policy for AMP-protected endpoints Plan, deploy, and troubleshoot an AMP for Endpoints installation Use Cisco Orbital to pull query data from installed AMP for Endpoints connectors. Describe the AMP Representational State Transfer (REST) API and the fundamentals of its use Describe all the features of the Accounts menu for both public and private cloud installations Protecting Against Malware Threats with Cisco AMP for Endpoints (SSFAMP) v6.0 is a 3-day course that shows you how to deploy and use Cisco© AMP for Endpoints, a next-generation endpoint security solution that prevents, detects, and responds to advanced threats. Through expert instruction and hands-on lab exercises, you will learn how to implement and use this powerful solution through a number of step-by-step attack scenarios. You?ll learn how to build and manage a Cisco AMP for Endpoints deployment, create policies for endpoint groups, and deploy connectors. You will also analyze malware detections using the tools available in the AMP for Endpoints console, Cisco Threat Grid, and the Cisco Orbital Advanced Search Tool. The course qualifies for 24 Cisco Continuing Education credits (CE) towards recertification.This class will help you:Learn how to deploy and manage Cisco AMP for EndpointsSucceed in today?s high-demand security operations roles Course Outline This course will cover the following topics: Introducing to Cisco AMP Technologies Introducing AMP for Endpoints Overview and Architecture Navigating the Console Interface Using Cisco AMP for Endpoints Identifying Attacks Analyzing Malware Managing Outbreak Control Creating Endpoint Policies Working with AMP for Endpoint Groups Using Orbital for Endpoint Visibility Introducing AMP REST API Navigating Accounts

Duration 3 Days 18 CPD hours This course is intended for Security administrators Security consultants Network administrators Systems engineers Technical support personnel Cisco integrators, resellers, and partners Overview Identify the key components and methodologies of Cisco Advanced Malware Protection (AMP) Recognize the key features and concepts of the AMP for Endpoints product Navigate the AMP for Endpoints console interface and perform first-use setup tasks Identify and use the primary analysis features of AMP for Endpoints Use the AMP for Endpoints tools to analyze a compromised host Analyze files and events by using the AMP for Endpoints console and be able to produce threat reports Configure and customize AMP for Endpoints to perform malware detection· Create and configure a policy for AMP-protected endpoints Plan, deploy, and troubleshoot an AMP for Endpoints installation Use Cisco Orbital to pull query data from installed AMP for Endpoints connectors Describe the AMP Representational State Transfer (REST) API and the fundamentals of its use Describe all the features of the Accounts menu for both public and private cloud installations This course shows you how to deploy and use Cisco AMP for Endpoints, a next-generation endpoint security solution that prevents, detects, and responds to advanced threats. Through expert instruction and hands-on lab exercises, you will learn how to implement and use this powerful solution through a number of step-by-step attack scenarios. You?ll learn how to build and manage a Cisco AMP for Endpoints deployment, create policies for endpoint groups, and deploy connectors. You will also analyze malware detections using the tools available in the AMP for Endpoints console, Cisco Threat Grid, and the Cisco Orbital Advanced Search Tool. Course Outline Introducing Cisco AMP Technologies Introducing AMP for Endpoints Overview and Architecture Navigating the Console Interface Using Cisco AMP for Endpoints Identifying Attacks Analyzing Malware Managing Outbreak Control Creating Endpoint Policies Working with AMP for Endpoint Groups Using Orbital for Endpoint Visibility Introducing AMP REST API Navigating Accounts

Duration 5 Days 30 CPD hours This course is intended for The Certified Ethical Hacking v12 course will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure. Overview Information security controls, laws, and standards. Various types of footprinting, footprinting tools, and countermeasures. Network scanning techniques and scanning countermeasures Enumeration techniques and enumeration countermeasures Vulnerability analysis to identify security loopholes in the target organization?s network, communication infrastructure, and end systems. System hacking methodology, steganography, steganalysis attacks, and covering tracks to discover system and network vulnerabilities. Different types of malware (Trojan, Virus, worms, etc.), system auditing for malware attacks, malware analysis, and countermeasures. Packet sniffing techniques to discover network vulnerabilities and countermeasures to defend against sniffing. Social engineering techniques and how to identify theft attacks to audit human-level vulnerabilities and social engineering countermeasures. DoS/DDoS attack techniques and tools to audit a target and DoS/DDoS countermeasures. Session hijacking techniques to discover network-level session management, authentication/authorization, and cryptographic weaknesses and countermeasures. Webserver attacks and a comprehensive attack methodology to audit vulnerabilities in webserver infrastructure, and countermeasures. Web application attacks, comprehensive web application hacking methodology to audit vulnerabilities in web applications, and countermeasures. SQL injection attack techniques, injection detection tools to detect SQL injection attempts, and countermeasures. Wireless encryption, wireless hacking methodology, wireless hacking tools, and Wi-Fi security tools. Mobile platform attack vector, android vulnerability exploitations, and mobile security guidelines and tools. Firewall, IDS and honeypot evasion techniques, evasion tools and techniques to audit a network perimeter for weaknesses, and countermeasures. Cloud computing concepts (Container technology, serverless computing), the working of various threats and attacks, and security techniques and tools. Penetration testing, security audit, vulnerability assessment, and penetration testing roadmap. Threats to IoT and OT platforms and defending IoT and OT devices. Cryptography ciphers, Public Key Infrastructure (PKI), cryptography attacks, and cryptanalysis tools. CEH provides an in-depth understanding of ethical hacking phases, various attack vectors, and preventative countermeasures. It will teach you how hackers think and act maliciously so you will be better positioned to setup your security infrastructure and defend against future attacks. An understanding of system weaknesses and vulnerabilities helps organizations strengthen their system security controls to minimize the risk of an incident. CEH was built to incorporate a hands-on environment and systematic process across each ethical hacking domain and methodology, giving you the opportunity to work towards proving the required knowledge and skills needed to achieve the CEH credential. You will be exposed to an entirely different posture toward the responsibilities and measures required to be secure. Now in its 12th version, CEH continues to evolve with the latest operating systems, tools, tactics, exploits, and technologies. 1 - Introduction to Ethical Hacking Information Security Overview Cyber Kill Chain Concepts Hacking Concepts Ethical Hacking Concepts Information Security Controls Information Security Laws and Standards 2 - 2 - Foot-printing and Reconnaissance Footprinting Concepts Footprinting through Search Engines Footprinting through Web Services Footprinting through Social Networking Sites Website Footprinting Email Footprinting Who is Footprinting DNS Footprinting Network Footprinting Footprinting through Social Engineering Footprinting Tools Footprinting Countermeasures 3 - Scanning Networks Network Scanning Concepts Scanning Tools Host Discovery Port and Service Discovery OS Discovery (Banner Grabbing/OS Fingerprinting) Scanning Beyond IDS and Firewall Draw Network Diagrams 4 - Enumeration Enumeration Concepts NetBIOS Enumeration SNMP Enumeration LDAP Enumeration NTP and NFS Enumeration SMTP and DNS Enumeration Other Enumeration Techniques Enumeration Countermeasures 5 - Vulnerability Analysis Vulnerability Assessment Concepts Vulnerability Classification and Assessment Types Vulnerability Assessment Solutions and Tools Vulnerability Assessment Reports 6 - System Hacking System Hacking Concepts Gaining Access Escalating Privileges Maintaining Access Clearing Logs 7 - Malware Threats Malware Concepts APT Concepts Trojan Concepts Virus and Worm Concepts Fileless Malware Concepts Malware Analysis Countermeasures Anti-Malware Software 8 - Sniffing Sniffing Concepts Sniffing Technique: MAC Attacks Sniffing Technique: DHCP Attacks Sniffing Technique: ARP Poisoning Sniffing Technique: Spoofing Attacks Sniffing Technique: DNS Poisoning Sniffing Tools Countermeasures Sniffing Detection Techniques 9 - Social Engineering Social Engineering Concepts Social Engineering Techniques Insider Threats Impersonation on Social Networking Sites Identity Theft Countermeasures 10 - Denial-of-Service DoS/DDoS Concepts DoS/DDoS Attack Techniques BotnetsDDoS Case Study DoS/DDoS Attack Tools Countermeasures DoS/DDoS Protection Tools 11 - Session Hijacking Session Hijacking Concepts Application Level Session Hijacking Network Level Session Hijacking Session Hijacking Tools Countermeasures 12 - Evading IDS, Firewalls, and Honeypots IDS, IPS, Firewall, and Honeypot Concepts IDS, IPS, Firewall, and Honeypot Solutions Evading IDS Evading Firewalls IDS/Firewall Evading Tools Detecting Honeypots IDS/Firewall Evasion Countermeasures 13 - Hacking Web Servers Web Server Concepts Web Server Attacks Web Server Attack Methodology Web Server Attack Tools Countermeasures Patch Management Web Server Security Tools 14 - Hacking Web Applications Web Application Concepts Web Application Threats Web Application Hacking Methodology Web API, Webhooks, and Web Shell Web Application Security 15 - SQL Injection SQL Injection Concepts Types of SQL Injection SQL Injection Methodology SQL Injection Tools Evasion Techniques Countermeasures 16 - Hacking Wireless Networks Wireless Concepts Wireless Encryption Wireless Threats Wireless Hacking Methodology Wireless Hacking Tools Bluetooth Hacking Countermeasures Wireless Security Tools 17 - Hacking Mobile Platforms Mobile Platform Attack Vectors Hacking Android OS Hacking iOS Mobile Device Management Mobile Security Guidelines and Tools 18 - IoT and OT Hacking IoT Hacking IoT Concepts IoT Attacks IoT Hacking Methodology IoT Hacking Tools Countermeasures OT Hacking OT Concepts OT Attacks OT Hacking Methodology OT Hacking Tools Countermeasures 19 - Cloud Computing Cloud Computing Concepts Container Technology Serverless Computing Cloud Computing Threats Cloud Hacking Cloud Security 20 - Cryptography Cryptography Concepts Encryption Algorithms Cryptography Tools Public Key Infrastructure (PKI) Email Encryption Disk Encryption Cryptanalysis Countermeasures Additional course details: Nexus Humans EC-Council Certified Ethical Hacker (CEH) v.12 training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the EC-Council Certified Ethical Hacker (CEH) v.12 course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Advanced Junos Security training course description This course provides students with intermediate routing knowledge and configuration examples. The course includes an overview of protocol-independent routing features, load balancing and filter-based forwarding, OSPF, BGP, IP tunneling, and high availability (HA) features. Junos Intermediate Routing (JIR) is an intermediate-level course. What will you learn Demonstrate the understanding of integrated user firewall. Implement next generation Layer 2 security features. Implement virtual routing instances in a security setting. Utilize Junos tools for troubleshooting Junos security implementations. Implement IPS policy. Advanced Junos Security training course details Who will benefit: Individuals responsible for implementing, monitoring, and troubleshooting Junos security components. Prerequisites: Intro to the Junos Operating System Duration 5 days Advanced Junos Security training course contents Junos Layer 2 Packet Handling and Security Features Transparent Mode Security Secure Wire Layer 2 Next Generation Ethernet Switching MACsec Lab 2 Implementing Layer 2 Security Virtualization Virtualization Overview Routing Instances Logical Systems Lab 3 Implementing Junos Virtual Routing AppSecure Theory AppSecure Overview AppID Overview AppID Techniques Application System Cache Custom Application Signatures AppSecure Implementation AppTrack AppFW AppQoS APBR SSL Proxy Lab 4 Implementing AppSecure Working with Log Director Log Director Overview Log Director Components Installing and setting up Log Director Clustering with the Log Concentrator VM Administrating Log Director Lab 5 Deploying Log Director Sky ATP Theory Sky ATP Overview Monitoring Sky ATP Analysis and Detection of Malware Sky ATP Implementation Configuring Sky ATP Installing Sky ATP Analysis and detection of Malware Infected Host Case Study Lab 6 Instructor Led Sky ATP Demo Implementing UTM UTM Overview AntiSpam AntiVirus Content and Web Filtering Lab 7 Implementing UTM Introduction to IPS IPS Overview Network Asset Protection Intrusion Attack Methods Intrusion Prevention Systems IPS Inspection Walkthrough IPS Policy and Configuration SRX IPS Requirements IPS Operation Modes Basic IPS Policy Review IPS Rulebase Operations Lab 8 Implementing Basic IPS Policy SDSN SDSN Overview, Components & Configuration Policy Enforcer Troubleshooting SDSN Use Cases Lab 9 Implementing SDSN Enforcement, Monitoring, and Reporting User Role Firewall and Integrated User Firewall Overview User Role Firewall Implementation Monitoring User Role Firewall Integrated User Firewall Implementation Monitoring Integrated User Firewall Lab 10 Configure User Role Firewall and Integrated User Firewall Troubleshooting Junos Security Troubleshooting Methodology Troubleshooting Tools Identifying IPsec Issues Lab 11 Performing Security Troubleshooting Techniques Appendix A: SRX Series Hardware and Interfaces Branch SRX Platform Overview High End SRX Platform Overview SRX Traffic Flow and Distribution SRX Interfaces

Duration 2 Days 12 CPD hours This course is intended for Network analysts Network investigators Cisco integrators and partners Overview After taking this course, you should be able to: Describe the stages of the network attack lifecycle and identify ITD solution platform placement based on a given stage Detail how to locate and mitigate email malware attacks Describe email phishing attacks and the steps taken to locate and mitigate them on the network Identify and mitigate data exfiltration threats on the network Identify malware threats on the network and mitigate those threats after investigation The Cisco Integrated Threat Defense Investigation and Mitigation (SECUR202) v1.0 course shows you how to identify, isolate, and mitigate network threats using the Cisco© Integrated Threat Defense solution platform. Through expert instruction and lab-based scenarios, you will be introduced to network threat investigation, and learn how to identify relationships between Cisco products and the stages of the attack lifecycle. This course is the second in a pair of courses (SECUR201) covering the Cisco Integrated Threat Defense (ITD) solution. Network Threat Investigation Introduction Network Attack Introduction Hunting Network Threats in the Enterprise Investigation and Mitigation of Email Malware Threats Examining Email Malware Threats Investigating and Verifying Email Malware Threat Mitigation Investigation and Mitigation of Email Phishing Threats Examining Email Phishing Attacks Configuring Cisco Email Security Appliance (ESA) for URL and Content Filtering Investigating and Verifying Email Phishing Threat Mitigation Investigation and Mitigation of Data Exfiltration Threats Exploiting Vulnerable Network Servers Investigating Data Exfiltration Threats Mitigating and Verifying Data Exfiltration Threats nvestigation and Mitigation of Malware Threats Examining Endpoint Malware Protection Investigating and Mitigating Endpoint Malware Threats

Duration 5 Days 30 CPD hours This course is intended for This course is designed primarily for cybersecurity practitioners who perform job functions related to protecting information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation. This course focuses on the knowledge, ability, and skills necessary to provide for the defense of those information systems in a cybersecurity context, including protection, detection, analysis, investigation, and response processes. In addition, the course ensures that all members of an IT team?everyone from help desk staff to the Chief Information Officer?understand their role in these security processes. Overview In this course, you will assess and respond to security threats and operate a systems and network security analysis platform. You will: - Assess information security risk in computing and network environments. - Analyze reconnaissance threats to computing and network environments. - Analyze attacks on computing and network environments. - Analyze post-attack techniques on computing and network environments. - Implement a vulnerability management program. - Collect cybersecurity intelligence. - Analyze data collected from security and event logs. - Perform active analysis on assets and networks. - Respond to cybersecurity incidents. - Investigate cybersecurity incidents. - Address security issues with the organization's technology architecture. The course introduces tools and tactics to manage cybersecurity risks, identify various types of common threats, evaluate the organization's security, collect and analyze cybersecurity intelligence, and handle incidents as they occur. 1 - ASSESSING INFORMATION SECURITY RISK Identify the Importance of Risk Management Assess Risk Mitigate Risk Integrate Documentation into Risk Management 2 - ANALYZING RECONNAISSANCE THREATS TO COMPUTING AND NETWORK ENVIRONMENTS Assess the Impact of Reconnaissance Incidents Assess the Impact of Social Engineering 3 - ANALYZING ATTACKS ON COMPUTING AND NETWORK ENVIRONMENTS Assess the Impact of System Hacking Attacks Assess the Impact of Web-Based Attacks Assess the Impact of Malware Assess the Impact of Hijacking and Impersonation Attacks Assess the Impact of DoS Incidents Assess the Impact of Threats to Mobile Security Assess the Impact of Threats to Cloud Security 4 - ANALYZING POST-ATTACK TECHNIQUES Assess Command and Control Techniques Assess Persistence Techniques Assess Lateral Movement and Pivoting Techniques Assess Data Exfiltration Techniques Assess Anti-Forensics Techniques 5 - MANAGING VULNERABILITIES IN THE ORGANIZATION Implement a Vulnerability Management Plan Assess Common Vulnerabilities Conduct Vulnerability Scans Conduct Penetration Tests on Network Assets 6 - COLLECTING CYBERSECURITY INTELLIGENCE Deploy a Security Intelligence Collection and Analysis Platform Collect Data from Network-Based Intelligence Sources Collect Data from Host-Based Intelligence Sources 7 - ANALYZING LOG DATA Use Common Tools to Analyze Logs Use SIEM Tools for Analysis 8 - PERFORMING ACTIVE ASSET AND NETWORK ANALYSIS Analyze Incidents with Windows-Based Tools Analyze Incidents with Linux-Based Tools Analyze Malware Analyze Indicators of Compromise 9 - RESPONDING TO CYBERSECURITY INCIDENTS Deploy an Incident Handling and Response Architecture Mitigate Incidents Prepare for Forensic Investigation as a CSIRT 10 - INVESTIGATING CYBERSECURITY INCIDENTS Apply a Forensic Investigation Plan Securely Collect and Analyze Electronic Evidence Follow Up on the Results of an Investigation 11 - ADDRESSING SECURITY ARCHITECTURE ISSUES Remediate Identity and Access Management Issues Implement Security During the SDLC Additional course details: Nexus Humans CompTIA Cybersecurity Analyst Certification (CySA Plus) (Exam CS0-003) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the CompTIA Cybersecurity Analyst Certification (CySA Plus) (Exam CS0-003) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for Experienced security administrators Overview By the end of the course, you should be able to meet the following objectives: Define information-security-related concepts Explain the different types of firewalls and their use cases Describe the operation of intrusion detection and intrusion prevention systems Differentiate between Malware Prevention approaches Describe the VMware intrinsic security portfolio Implement Zero-Trust Security using VMware NSX segmentation Configure user and role management Configure and troubleshoot Distributed Firewall, Identity Firewall, and time-based policies Configure and troubleshoot Gateway Security Use VMware vRealize Log Insight™ for NSX™ and VMware vRealize Network Insight™ to operate NSX firewalls Explain the security best practices related to grouping, tagging, and rule configuration Describe north-south and east-west service insertion Describe endpoint protection Configure and troubleshoot IDS/IPS Deploy NSX Application Platform Configure and troubleshoot NSX Malware Prevention Describe the capabilities of NSX Intelligence and NSX Network Detection and Response This five-day, hands-on training course provides you with the knowledge, skills, and tools to achieve competency in configuring, operating, and troubleshooting VMware NSX-T? Data Center for intrinsic security. In this course, you are introduced to all the security features in NSX-T Data Center, including Distributed Firewall and Gateway Firewall, Intrusion Detection and Prevention (IDS/IPS), NSX Application Platform, NSX Malware Prevention, VMware NSX© Intelligence?, and VMware NSX© Network Detection and Response?.In addition, you are presented with common configuration issues and given a methodology to resolve them. Course Introduction Introductions and course logistics Course objectives Security Basics Define information-security-related concepts Explain the different types of firewalls and their use cases Describe the operation of IDS/IPS Differentiate between Malware Prevention approaches VMware Intrinsic Security Define the VMware intrinsic security strategy Describe the VMware intrinsic security portfolio Explain how NSX-T Data Center aligns with the intrinsic security strategy Implementing Zero-Trust Security Define Zero-Trust Security Describe the five pillars of a Zero-Trust Architecture Define NSX segmentation and its use cases Describe the steps needed to enforce Zero-Trust with NSX segmentation User and Role Management Integrate NSX-T Data Center and VMware Identity Manager? Integrate NSX-T Data Center and LDAP Describe the native users and roles in NSX-T Data Center Create and assign custom user roles Distributed Firewall Configure Distributed Firewall rules and policies Describe the NSX Distributed Firewall architecture Troubleshoot common problems related to NSX Distributed Firewall Configure time-based policies Configure Identity Firewall rules Gateway Security Configure Gateway Firewall rules and policies Describe the architecture of the Gateway Firewall Identify and troubleshoot common Gateway Firewall issues Configure TLS Inspection to decrypt traffic for both internal and external services Configure URL filtering and identify common configuration issues Operating Internal Firewalls Use vRealize Log Insight for NSX and vRealize Network Insight to operate NSX firewalls Explain security best practices related to grouping, tagging, and rule configuration Network Introspection Explain network introspection Describe the architecture and workflows of north-south and east-west service insertion Troubleshoot north-south and east-west service insertion Endpoint Protection Explain endpoint protection Describe the architecture and workflows of endpoint protection Troubleshoot endpoint protection Intrusion Detection and Prevention Describe the MITRE ATT&CK framework Explain the different phases of a cyber attack Describe how NSX security solutions can be used to protect against cyber attacks Configure and troubleshoot Distributed IDS/IPS Configure and troubleshoot North-South IDS/IPS NSX Application Platform Describe NSX Application Platform and its use cases Identify the topologies supported for the deployment of NSX Application Platform Deploy NSX Application Platform Explain the NSX Application Platform architecture and services Validate the NSX Application Platform deployment and troubleshoot common issues NSX Malware Prevention Identify use cases for NSX Malware Prevention Identify the components in the NSX Malware Prevention architecture Describe the NSX Malware Prevention packet flows for known and unknown files Configure NSX Malware Prevention for east-west and north-south traffic NSX Intelligence and NSX Network Detection and Response Describe NSX Intelligence and its use cases Explain NSX Intelligence visualization, recommendation, and network traffic analysis capabilities Describe NSX Network Detection and Response and its use cases Explain the architecture of NSX Network Detection and Response in NSX-T Data Center Describe the visualization capabilities of NSX Network Detection and Response

Cyber Security training course description The reliance of the world on the Internet and computer systems means the protection of information systems is vitally important. This is even more important smart devices and the Internet of Things increase the number of devices. This Cyber Security provides a concise overview on the threats and attacks that can happen along with the counter measures that can be taken. What will you learn Recognise the different types of attack. Describe the attacks that can be made against information systems. Describe the counter measures available. Cyber Security training course details Who will benefit: Non-technical staff working with computers. Prerequisites: None. Duration 1 day Cyber Security training course contents What is Cyber Security? Computer security, Policies, Types of security breach, denial of service, data manipulation, data theft, data destruction, security checklists, incident response. Attacks Physical access, Social engineering, Privilege escalation, Malware, Trojans, worms, viruses, rootkits, Backdoors, Denial of Service (DOS), Distributed DOS, Eavesdropping, Spoofing, Man the middle tampering. Countermeasures Prevention, detection, response. Physical, user accounts, Firewalls, IDS, AAA, authentication, cryptography, encryption, data integrity. Cyber security standards ETSI, ISO 27001, 27002, NIST, ISA/IEC 62443.

Duration 5 Days 30 CPD hours This course is intended for This course is designed for technical professionals who need to know how to deploy and manage a Cisco Firepower NGIPS in their network environment. Security administrators Security consultants Network administrators System engineers Technical support personnel Channel partners and resellers Overview After taking this course, you should be able to: Describe the components of Cisco Firepower Threat Defense and the managed device registration process Detail Next-Generation Firewalls (NGFW) traffic control and configure the Cisco Firepower system for network discovery Implement access control policies and describe access control policy advanced features Configure security intelligences features and the Advanced Malware Protection (AMP) for Networks implementation procedure for file control and advanced malware protection Implement and manage intrusion and network analysis policies for NGIPS inspection Describe and demonstrate the detailed analysis techniques and reporting features provided by the Cisco Firepower Management Center Integrate the Cisco Firepower Management Center with an external logging destination Describe and demonstrate the external alerting options available to Cisco Firepower Management Center and configure a correlation policy Describe key Cisco Firepower Management Center software update and user account management features Identify commonly misconfigured settings within the Cisco Firepower Management Center and use basic commands to troubleshoot a Cisco Firepower Threat Defense device This course shows you how to deploy and use Cisco Firepower© Next-Generation Intrusion Prevention System (NGIPS). This hands-on course gives you the knowledge and skills to use the platform features and includes firewall security concepts, platform architecture and key features; in-depth event analysis including detection of network-based malware and file type, NGIPS tuning and configuration including application control, security intelligence, firewall, and network-based malware and file controls; Snort© rules language; file and malware inspection, security intelligence, and network analysis policy configuration designed to detect traffic patterns; configuration and deployment of correlation policies to take action based on events detected; troubleshooting; system and user administration tasks, and more. This course helps you prepare to take the exam, Securing Networks with Cisco Firepower (300-710 SNCF), which leads to CCNP Security and Cisco Certified Specialist ? Network Security Firepower certifications. The 300-710 SNCF exam has a second preparation course as well, Cisco© Securing Networks with Cisco© Firepower Next Generation Firewall (SSNGFW). You can take these courses in any order. Course Outline Cisco Firepower Threat Defense Overview Cisco Firepower NGFW Device Configuration Cisco Firepower NGFW Traffic Control Cisco Firepower Discovery Implementing Access Control Policies Security Intelligence File Control and Advanced Malware Protection Next-Generation Intrusion Prevention Systems Network Analysis Policies Detailed Analysis Techniques Cisco Firepower Platform Integration Alerting and Correlation Policies Performing System Administration Troubleshooting Cisco Firepower