524 Courses delivered Online

Duration 5 Days 30 CPD hours This course is intended for This course is targeted toward an IT Professional that has the technical knowledge and skills required to conceptualize, design, and engineer secure solutions across complex enterprise environments. Students should have a minimum of 10 years experience including at least 5 years of hands-on technical security experience. Overview Upon successful completion of this course, students will be able to: Identify enterprise security fundamentals. Apply enterprise security technology solutions. Implement security design and solutions. Manage risk, policies and procedures within an enterprise. Integrate security solutions within an enterprise. Conduct security research and analysis. In this course, students will examine advanced security concepts, principles, and implementations that pertain to enterprise level security. Prerequisites CompTIA Cybersecurity Analyst (CySA+) Certification 1 - Enterprise Security Architecture The Basics of Enterprise Security The Enterprise Structure Enterprise Security Requirements 2 - Enterprise Security Technology Common Network Security Components and Technologies Communications and Collaboration Security Cryptographic Tools and Techniques Advanced Authentication 3 - Enterprise Resource Technology Enterprise Storage Security Issues Distributed, Shared, and Virtualized Computing Cloud Computing and Security 4 - Security Design and Solutions Network Security Design Conduct a Security Assessment Host Security 5 - Application Security Design Application Security Basics Web Application Security 6 - Managing Risk, Security Policies, and Security Procedures Analyze Security Risk Implement Risk Mitigation Strategies and Controls Implement Enterprise-Level Security Policies and Procedures Prepare for Incident Response and Recovery 7 - Enterprise Security Integration The Technology Life Cycle Inter-Organizational Change Integrate Enterprise Disciplines to Achieve Secure Solutions 8 - Security Research and Analysis Perform an Industry Trends and Impact Analysis Perform an Enterprise Security Analysis

The NCSP® 800-53 Practitioner accredited (APMG International), certified (NCSC/GCHQ-UK), and recognized (DHS-CISA-USA) certification course teaches Digital Business, Operational Stakeholders, Auditors, and Risk Practitioners a Fast-Track approach to adopting and adapting the NIST Cybersecurity Framework and its 800-53 controls across an enterprise and its supply chain.The course also teaches candidates how to build a Digital Value Management System (DVMS) CPD overlay model capable of enabling the quick adoption and adaption of new frameworks and models (NIST-CSF, NIST Privacy Framework, CMMC, etc.) that may be required to address internal, external (regulatory), and cyber threat landscape changes. Finally, the course teaches candidates how to ensure the organization's DVMS is designed for use within the organization and auditable by government regulators looking to verify regulatory outcomes. The NCSP Practitioner 800-53 course is designed for both the Implementer and Auditor topics and participants select the exam they want to take (or an additional exam can be ordered to be certified as both an implementer and auditor).

Duration 5 Days 30 CPD hours This course is intended for This course is designed primarily for cybersecurity practitioners who perform job functions related to protecting information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation. This course focuses on the knowledge, ability, and skills necessary to provide for the defense of those information systems in a cybersecurity context, including protection, detection, analysis, investigation, and response processes. In addition, the course ensures that all members of an IT team?everyone from help desk staff to the Chief Information Officer?understand their role in these security processes. Overview In this course, you will assess and respond to security threats and operate a systems and network security analysis platform. You will: - Assess information security risk in computing and network environments. - Analyze reconnaissance threats to computing and network environments. - Analyze attacks on computing and network environments. - Analyze post-attack techniques on computing and network environments. - Implement a vulnerability management program. - Collect cybersecurity intelligence. - Analyze data collected from security and event logs. - Perform active analysis on assets and networks. - Respond to cybersecurity incidents. - Investigate cybersecurity incidents. - Address security issues with the organization's technology architecture. The course introduces tools and tactics to manage cybersecurity risks, identify various types of common threats, evaluate the organization's security, collect and analyze cybersecurity intelligence, and handle incidents as they occur. 1 - ASSESSING INFORMATION SECURITY RISK Identify the Importance of Risk Management Assess Risk Mitigate Risk Integrate Documentation into Risk Management 2 - ANALYZING RECONNAISSANCE THREATS TO COMPUTING AND NETWORK ENVIRONMENTS Assess the Impact of Reconnaissance Incidents Assess the Impact of Social Engineering 3 - ANALYZING ATTACKS ON COMPUTING AND NETWORK ENVIRONMENTS Assess the Impact of System Hacking Attacks Assess the Impact of Web-Based Attacks Assess the Impact of Malware Assess the Impact of Hijacking and Impersonation Attacks Assess the Impact of DoS Incidents Assess the Impact of Threats to Mobile Security Assess the Impact of Threats to Cloud Security 4 - ANALYZING POST-ATTACK TECHNIQUES Assess Command and Control Techniques Assess Persistence Techniques Assess Lateral Movement and Pivoting Techniques Assess Data Exfiltration Techniques Assess Anti-Forensics Techniques 5 - MANAGING VULNERABILITIES IN THE ORGANIZATION Implement a Vulnerability Management Plan Assess Common Vulnerabilities Conduct Vulnerability Scans Conduct Penetration Tests on Network Assets 6 - COLLECTING CYBERSECURITY INTELLIGENCE Deploy a Security Intelligence Collection and Analysis Platform Collect Data from Network-Based Intelligence Sources Collect Data from Host-Based Intelligence Sources 7 - ANALYZING LOG DATA Use Common Tools to Analyze Logs Use SIEM Tools for Analysis 8 - PERFORMING ACTIVE ASSET AND NETWORK ANALYSIS Analyze Incidents with Windows-Based Tools Analyze Incidents with Linux-Based Tools Analyze Malware Analyze Indicators of Compromise 9 - RESPONDING TO CYBERSECURITY INCIDENTS Deploy an Incident Handling and Response Architecture Mitigate Incidents Prepare for Forensic Investigation as a CSIRT 10 - INVESTIGATING CYBERSECURITY INCIDENTS Apply a Forensic Investigation Plan Securely Collect and Analyze Electronic Evidence Follow Up on the Results of an Investigation 11 - ADDRESSING SECURITY ARCHITECTURE ISSUES Remediate Identity and Access Management Issues Implement Security During the SDLC Additional course details: Nexus Humans CompTIA Cybersecurity Analyst Certification (CySA Plus) (Exam CS0-003) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the CompTIA Cybersecurity Analyst Certification (CySA Plus) (Exam CS0-003) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for This course is designed for people who are seeking to launch a career in cybersecurity. Overview Assess the security posture of an enterprise environment and recommend and implement appropriate security solutions; Monitor and secure hybrid environments, including cloud, mobile, and IoT; Operate with an awareness of applicable laws and policies, including principles of governance, risk, and compliance; Identify, analyze, and respond to security events and incidents. CompTIA Security+ is a global certification that validates the baseline skills necessary to perform core security functions and is the first security certification a candidate should earn. CompTIA Security+ establishes the core knowledge required of any cybersecurity role and provides a springboard to intermediate-level cybersecurity jobs. Lesson 1: Summarize Fundamental Security Concepts Security Concepts Security Controls Lesson 2: Compare Threat Types Threat Actors Attack Surfaces Social Engineering Lesson 3: Explain Cryptographic Solutions Cryptographic Algorithms Public Key Infrastructure Cryptographic Solutions Lesson 4: Implement Identity and Access Management Authentication Authorization Identity Management Lesson 5: Secure Enterprise Network Architecture Enterprise Network Architecture Network Security Appliances Secure Communications Lesson 6: Secure Cloud Network Architecture Cloud Infrastructure Embedded Systems and Zero Trust Architecture Lesson 7: Explain Resiliency and Site Security Concepts Asset Management Redundancy Strategies Physical Security Lesson 8: Explain Vulnerability Management Device and OS Vulnerabilities Application and Cloud Vulnerabilities Vulnerability Identification Methods Vulnerability Analysis and Remediation Lesson 9: Evaluate Network Security Capabilities Network Security Baselines Network Security Capability Enhancement Lesson 10: Assess Endpoint Security Capabilities Implement Endpoint Security Mobile Device Hardening Lesson 11: Enhance Application Security Capabilities Application Protocol Security Baselines Cloud and Web Application Security Concepts Lesson 12: Explain Incident Response and Monitoring Concepts Incident Response Digital Forensics Data Sources Alerting and Monitoring Tools Lesson 13: Analyze Indicators of Malicious Activity Malware Attack Indicators Physical and Network Attack Indicators Application Attack Indicators Lesson 14: Summarize Security Governance Concepts Policies, Standards, and Procedures Change Management Automation and Orchestration Lesson 15: Explain Risk Management Processes Risk Management Processes and Concepts Vendor Management Concepts Audits and Assessments Lesson 16: Summarize Data Protection and Compliance Concepts Data Classification and Compliance Personnel Policies Additional course details: Nexus Humans CompTIA Security Plus Certification (Exam SY0-601) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the CompTIA Security Plus Certification (Exam SY0-601) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

The NCSP® ISO 27001 Specialist accredited (APMG International), certified (NCSC/GCHQ-UK), and recognized (DHS-CISA-USA) certification course teaches Digital Business, Operational Stakeholders, Auditors, and Risk Practitioners a Fast-Track approach to adopting and adapting the ISO 27001 controls in the context of a NIST Cybersecurity Framework program.This course looks at the impact of adapting a principled approach to an enterprise risk management framework to better support cybersecurity decisions within the context of the selected informative reference. It guides participants on the best approach to adapt, implement, and operate (AIO) a comprehensive cybersecurity program that integrates into existing organizational capabilities and incorporates the selected Informative Reference. NCSP® ISO 27001 Specialist introduces the integration of typical enterprise capabilities with cybersecurity from the perspective of the selected cybersecurity informative reference. The overall approach places these activities into systems thinking context by introducing the Service Value Management System composed of three aspects, governance, assurance, and the Z-X Model. With this in place, the course presents the approach to adapt, implement, operate, and improve the organizational cybersecurity posture that builds on the application of the FastTrack™ presented in the NCSP Practitioner. The NIST Cybersecurity Professional (NCSP®) program is the industry's first accredited certification training program that teaches organizations how to build a Digital Value Management Overlay System capable of leveraging the NIST Cybersecurity Framework to deliver the secure, digital business outcomes expected by executives, government regulators, and legal advisors.

Duration 3 Days 18 CPD hours This course is intended for Delegates attending this course must have successfully achieved the ITIL 4 Foundation Qualification; your certificate must be presented as documentary evidence to gain admission to this course. Ideally, candidates should have at least two years of professional experience working in IT Service Management. The ITIL 4 CDS Qualification would most likely suit the following delegates: Individuals continuing their journey in service management ITSM managers and aspiring ITSM managers ITSM practitioners managing the operation of IT-enabled & digital products and services, and those responsible for the end-to-end delivery Existing ITIL qualification holders wishing to develop their knowledge The above list is a suggestion only; individuals may wish to attend based on their own career aspirations, personal goals or objectives. Delegates may take as few or as many Intermediate qualifications as they require, and to suit their needs. Overview The course includes core concepts describing how different types of work (value streams) are built, tested and delivered ?end-to-end? from beginning to end and with continual iterations and feedback loops. There is also a focus on areas such as testing, knowledge, customer and employee feedback, new technologies, supplier sourcing, and ways of managing work. During this course, you will: Understand how to plan and build a service value stream to create, deliver and support services Know how relevant ITIL practices contribute to creation, delivery, and support across the SVS and value streams Know how to create, deliver and support services Understand how to integrate different value streams and activities to create, deliver and support IT-enabled products and services, and relevant practices, methods, and tools Understand service performance, service quality, and improvement methods. This course begins your journey toward the ITIL Managing Professional designation. You will acquire insight that will allow you to integrate different value streams and activities to create, deliver and support IT-enabled products and services. Armed with this knowledge and skill set, you will be confident in running those IT-enabled services, teams and workflows successfully. This class includes an exam voucher. Prerequisites ITIL© 4 Foundation 1 - PLANNING AND BUILDING A SERVICE VALUE STREAM Tackling the concepts and challenges related to SVS Using the ?shift left? approach The true value of information and technology across the SVS 2 - CONTRIBUTING TO CREATION, DELIVERY AND SUPPORT Using the value stream to design, develop and transition new services Adding to a value stream by leveraging ITIL practices Providing user support Furthering the value stream for support through ITIL practices 3 - CREATING, DELIVERING AND SUPPORTING SERVICES Coordinate, prioritize and structure activities The value of buy vs. build, sourcing, and service integration and management

The NCSP® 800-171 Specialist accredited (APMG International), certified (NCSC/GCHQ-UK), and recognized (DHS-CISA-USA) certification course teaches Digital Business, Operational Stakeholders, Auditors, and Risk Practitioners a Fast-Track approach to adopting and adapting the 800-171 controls in the context of a NIST Cybersecurity Framework program. This course looks at the impact of adapting a principled approach to the enterprise risk management (ERM) framework to better support cybersecurity decisions, establishing the context for the selected informative reference (IR). It guides participants on the best approach to adapting, implementing, and operating (AIO) a comprehensive cybersecurity program that can be integrated into the existing organizational capabilities and incorporates the selected IR. NCSP® 800-171 Specialist introduces the integration of typical enterprise capabilities with cybersecurity from the selected cybersecurity IR perspective. The overall approach places these activities into a systems-thinking context by introducing the service value management system (SVMS), including governance, assurance, and the Z-X model. With this in place, the course presents the approach to adapt, implement, operate, and improve the organizational cybersecurity posture that builds on the application of the FastTrack™ concept presented in the NCSP Practitioner course. The NIST Cybersecurity Professional (NCSP®) program is the industry's first accredited certification training program that teaches organizations how to build a Digital Value Management Overlay System capable of leveraging the NIST Cybersecurity Framework to deliver the secure, digital business outcomes expected by executives, government regulators, and legal advisors.

Duration 3 Days 18 CPD hours This course is intended for Delegates attending this course must have successfully achieved the ITIL 4 Foundation Qualification; your certificate must be presented as documentary evidence to gain admission to this course. Although there is no mandatory requirement, ideally candidates should have at least two years professional experience working in IT Service Management. The ITIL 4 DPI Qualification would most likely suit the following delegates: Individuals continuing of their journey in service management ITSM managers and aspiring ITSM managers Managers of all levels involved in shaping direction and strategy or developing a continually improving team Existing ITIL qualification holders wishing to develop their knowledge The above list is a suggestion only; individuals may wish to attend based on their own career aspirations, personal goals or objectives. Delegates may take as few or as many Intermediate qualifications as they require, and to suit their needs. Overview The purpose of the ITIL 4 Direct Plan and Improve Qualification is: To provide the candidate with the practical skills necessary to create a ?learning and improving? IT organization, with a strong and effective strategic direction To provide practitioners with a practical and strategic method for planning and delivering continual improvement with the necessary agility The objectives of this course are to: Understand the Key Concepts of Direct, Plan & Improve Understand the scope of what is to be directed and/or planned, and know how to use key principles and methods of direction and planning in that context Understand the role of GRC (Governance, Risk & Compliance) and know how to integrate the principles and methods into the service value system Understand and know how to use the key principles and methods of continual improvement for all types of improvements Understand and know how to use the key principles and methods of Organizational Change Management to direction, planning and improvement Understand and know how to use the key principles and methods of measurement and reporting in directing, planning and improvement Understand and know how to direct, plan and improve value streams and practices This unique and central course covers requirements in both the ITIL Managing Professional and ITIL Strategic Leader designations. As such, this course is a must-have in any ITIL 4 professional development plan. You will gain the practical skills needed to establish a ?learning and improving? IT organization that possess a strong and targeted strategic direction. This class includes an exam voucher. Prerequisites ITIL© 4 Foundation 1 - KEY CONCEPTS OF DIRECT, PLAN AND IMPROVE Knowing key terms Differentiating between principle concepts Defining the relationship of Values, Outcomes, Costs and Risks 2 - SCOPING WHAT IS TO BE DIRECTED Cascading goals and requirements Deciphering effective policies, controls and guidelines Placing decision-making authority at the correct level 3 - THE ROLE OF GRC IN THE SERVICE VALUE SYSTEM The role of risk management How governance impacts DPI Ensuring that controls are sufficient but not excessive 4 - PRINCIPLES AND METHODS FOR CONTINUAL IMPROVEMENT Leverage the ITIL CI model Identify assessment objectives and outputs Select the appropriate assessment method Prioritize desired outcomes Build, justify and advocate your business case Conduct improvement reviews and lessons learned sessions Embed CI at all levels of the service value stream 5 - APPLYING COMMUNICATION AND ORGANIZATIONAL CHANGE MANAGEMENT The nature and benefits of OCM Manage, communicate effectively, and influence stakeholders Establish valuable interfaces across the value chain 6 - EFFECTIVE MEASURING AND REPORTING Defining indicators and metrics to support objectives 7 - DIRECT, PLAN AND IMPROVE VALUE STREAMS Recognizing the differences between value streams and practices Choosing the right methods and techniques to direct, plan and improve value streams Additional course details:Notes New Horizons is an Authorised Training Organisation (ATO) for Peoplecert for ITIL4 Nexus Humans ITIL 4 Strategist Direct Plan and Improve (DPI) with Exam training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the ITIL 4 Strategist Direct Plan and Improve (DPI) with Exam course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 3 Days 18 CPD hours This course is intended for This course is designed for software developers, testers, and architects who design and develop software in various programming languages and platforms, including desktop, web, cloud, and mobile, and who want to improve their ability to deliver software that is of high quality, particularly regarding security and privacy. This course is also designed for students who are seeking the CertNexus Cyber Secure Coder (CSC) Exam CSC-210 certification Overview In this course, you will employ best practices in software development to develop secure software.You will: Identify the need for security in your software projects. Eliminate vulnerabilities within software. Use a Security by Design approach to design a secure architecture for your software. Implement common protections to protect users and data. Apply various testing methods to find and correct security defects in your software. Maintain deployed software to ensure ongoing security... The stakes for software security are very high, and yet many development teams deal with software security only after the code has been developed and the software is being prepared for delivery. As with any aspect of software quality, to ensure successful implementation, security and privacy issues should be managed throughout the entire software development lifecycle. This course presents an approach for dealing with security and privacy throughout the entire software development lifecycle. You will learn about vulnerabilities that undermine security, and how to identify and remediate them in your own projects. You will learn general strategies for dealing with security defects and misconfiguration, how to design software to deal with the human element in security, and how to incorporate security into all phases of development. Identifying the Need for Security in Your Software Projects Identify Security Requirements and Expectations Identify Factors That Undermine Software Security Find Vulnerabilities in Your Software Gather Intelligence on Vulnerabilities and Exploits Handling Vulnerabilities Handle Vulnerabilities Due to Software Defects and Misconfiguration Handle Vulnerabilities Due to Human Factors Handle Vulnerabilities Due to Process Shortcomings Designing for Security Apply General Principles for Secure Design Design Software to Counter Specific Threats Developing Secure Code Follow Best Practices for Secure Coding Prevent Platform Vulnerabilities Prevent Privacy Vulnerabilities Implementing Common Protections Limit Access Using Login and User Roles Protect Data in Transit and At Rest Implement Error Handling and Logging Protect Sensitive Data and Functions Protect Database Access Testing Software Security Perform Security Testing Analyze Code to find Security Problems Use Automated Testing Tools to Find Security Problems Maintaining Security in Deployed Software Monitor and Log Applications to Support Security Maintain Security after Deployment

Duration 3 Days 18 CPD hours This course is intended for This course is ideal for Professionals preparing to become CRISC certified. Risk practitioners Students or recent graduates Overview At course completions, students will understand the essential concepts in the 4 ISACA CRISC domains: Governance IT Risk Assessment Risk Response and Reporting Information Technology and Security This 3 Day CRISC course is geared towards preparing students to pass the ISACA Certified in Risk and Information Systems Control examination. The course covers all four of the CRISC domains, and each section corresponds directly to the CRISC job practice. CRISC validates your experience in building a well-defined, agile risk-management program, based on best practices to identify, analyze, evaluate, assess, prioritize and respond to risks. This enhances benefits realization and delivers optimal value to stakeholders. GOVERNANCE - a. Organizational Governance Organizational Strategy, Goals, and Objectives Organizational Structure, Roles, and Responsibilities Organizational Culture Policies and Standards Business Processes Organizational Assets GOVERNANCE - b. Risk Governance Enterprise Risk Management and Risk Management Framework Three Lines of Defense Risk Profile Risk Appetite and Risk Tolerance Legal, Regulatory, and Contractual Requirements Professional Ethics of Risk Management IT RISK ASSESSMENT - a. IT Risk Identification Risk Events (e.g., contributing conditions, loss result) Threat Modelling and Threat Landscape Vulnerability and Control Deficiency Analysis (e.g., root cause analysis) Risk Scenario Development IT RISK ASSESSMENT - b. IT Risk Analysis and Evaluation Risk Assessment Concepts, Standards, and Frameworks Risk Register Risk Analysis Methodologies Business Impact Analysis Inherent and Residual Risk RISK RESPONSE AND REPORTING - a. Risk Response Risk Treatment / Risk Response Options Risk and Control Ownership Third-Party Risk Management Issue, Finding, and Exception Management Management of Emerging Risk RISK RESPONSE AND REPORTING - b. Control Design and Implementation Control Types, Standards, and Frameworks Control Design, Selection, and Analysis Control Implementation Control Testing and Effectiveness Evaluation RISK RESPONSE AND REPORTING - c. Risk Monitoring and Reporting Risk Treatment Plans Data Collection, Aggregation, Analysis, and Validation Risk and Control Monitoring Techniques Risk and Control Reporting Techniques (heatmap, scorecards, dashboards) Key Performance Indicators Key Risk Indicators (KRIs) Key Control Indicators (KCIs) INFORMATION TECHNOLOGY AND SECURITY - a. Information Technology Principles Enterprise Architecture IT Operations Management (e.g., change management, IT assets, problems, incidents) Project Management Disaster Recovery Management (DRM) Data Lifecycle Management System Development Life Cycle (SDLC) Emerging Technologies INFORMATION TECHNOLOGY AND SECURITY - b. Information Security Principles Information Security Concepts, Frameworks, and Standards Information Security Awareness Training Business Continuity Management Data Privacy and Data Protection Principles