Duration 2 Days 12 CPD hours This course is intended for Cybersecurity analysts and engineers Security operations specialists Overview Successful completion of this instructor-led course with hands-on lab activities should enable participants to: Investigate and manage incidents Describe the Cortex XDR causality and analytics concepts Analyze alerts using the Causality and Timeline Views Work with Cortex XDR Pro actions such as remote script execution Create and manage on-demand and scheduled search queries in the Query Center Create and manage the Cortex XDR rules BIOC and IOC Working with Cortex XDR assets and inventories Write XQL queries to search datasets and visualize the result sets Work with Cortex XDR's external-data collection This instructor-led course teaches you how to use the Incidents pages of the Cortex XDR management console to investigate attacks. It explains causality chains, detectors in the Analytics Engine, alerts versus logs, log stitching, and the concepts of causality and analytics. You will learn how to analyze alerts using the Causality and Timeline Views and how to use advanced response actions, such as remediation suggestions, the EDL service, and remote script execution. Multiple modules focus on how to leverage the collected data. You will create simple search queries in one module and XDR rules in another. The course demonstrate how to use specialized investigation views to visualize artifact-related data, such as IP and Hash Views. Additionally, it provides an introduction to XDR Query Language (XQL). The course concludes with Cortex XDR external-data collection capabilities, including the use of Cortex XDR API to receive external alerts. This class is powered by Cloud Harmonics. Course Outline Module 1 - Cortex XDR Incidents Module 2 - Causality and Analytics Concepts Module 3 - Causality Analysis of Alerts Module 4 - Advanced Response Actions Module 5 - Building Search Queries Module 6 - Building XDR Rules Module 7 - Cortex XDR Assets Module 8 - Introduction to XQL Module 9 - External Data Collection
Duration 5 Days 30 CPD hours
Duration 2 Days 12 CPD hours This two-day course provides students an opportunity to learn about the skills, tools, and knowledge needed to deploy iOS devices. Interactive discussions and hands-on exercises guide students through the configuration, management, and supervision of iOS devices. Students? knowledge and skills are tested and reinforced by working through real-world scenarios The Role of MDM, VPP, and DEP How to successfully deploy iOS devices Identify and respond to challenges when deploying and managing devices without MDM Apple IDs Explain what an Apple ID is and identify when it?s needed Security How security is relevant in the context of a given deployment scenario Design and implement a deployment solution for a given scenario DEP Devices Configure DEP registered devices for Over-the-Air Enrollment Configure and manage settings, apps, and content on user-owned and company-owned devicesPrerequisites Manual Configuration Explore the challenges and inconsistencies when manually configuring multiple devices. Creating Configuration profiles using Apple Configurator to view and edit a configuration profile. Learn how profiles ensure consistency across multiple devices Manage Settings The iOS MDM protocol How a MDM solution is used to configure and manage devices over-the-air with consistency and accountability Apps and Content Introduce and define VPP Assign apps and content to their user and then configure and test managed 'open in' functionality Company-Owned (Personalized and Shared) Configure settings to enable Over-the-Air Enrollment and supervision and learn how users can personalize company-owned devices. Configure and test shared (shared) device scenarios and how Apps and content are distributed to the devices Workshop Real-world deployment scenarios Design a deployment that meets your scenario?s needs
Duration 1 Days 6 CPD hours This course is intended for This basic course is for: Business Analyst Systems Engineer Software Engineer Requirements Engineer Requirements Manager Requirements Team Leader Overview Build projects in DOORS, including defining data structure, linking schema, attributes, and access permissions Use DOORS external linking facilities Share DOORS information with 3rd parties Control the flow of changes through your DOORS database Apply configuration management and backup strategies to your DOORS data This course builds on the content learned in the IBM Engineering Requirements Management DOORS V9.6 Foundation course. It is designed for those who will be in the role of team lead or project manager, or who want to learn more about advanced DOORS end-user functionality. It discusses creating and structuring DOORS projects, defining linking relationships and attributes, setting access permissions, and managing change. It also discusses external linking, working with spreadsheets, and applying configuration management strategies to DOORS data. Course Outline Build projects in DOORS, including defining data structure, linking schema, attributes, and access permissions Use DOORS external linking facilities Share DOORS information with 3rd parties Control the flow of changes through your DOORS database Apply configuration management and backup strategies to your DOORS data
Duration 3 Days 18 CPD hours This course is intended for The target audience for the SRE Practitioner course are professionals including: Anyone focused on large-scale service scalability and reliability Anyone interested in modern IT leadership and organizational change approaches Business Managers Business Stakeholders Change Agents Consultants DevOps Practitioners IT Directors IT Managers IT Team Leaders Product Owners Scrum Masters Software Engineers Site Reliability Engineers System Integrators Tool Providers Overview After completing this course, students will have learned: Practical view of how to successfully implement a flourishing SRE culture in your organization. The underlying principles of SRE and an understanding of what it is not in terms of anti-patterns, and how you become aware of them to avoid them. The organizational impact of introducing SRE. Acing the art of SLIs and SLOs in a distributed ecosystem and extending the usage of Error Budgets beyond the normal to innovate and avoid risks. Building security and resilience by design in a distributed, zero-trust environment. How do you implement full stack observability, distributed tracing and bring about an Observability-driven development culture? Curating data using AI to move from reactive to proactive and predictive incident management. Also, how you use DataOps to build clean data lineage. Why is Platform Engineering so important in building consistency and predictability of SRE culture? Implementing practical Chaos Engineering. Major incident response responsibilities for a SRE based on incident command framework, and examples of anatomy of unmanaged incidents. Perspective of why SRE can be considered as the purest implementation of DevOps SRE Execution model Understanding the SRE role and understanding why reliability is everyone's problem. SRE success story learnings This course introduces a range of practices for advancing service reliability engineering through a mixture of automation, organizational ways of working and business alignment. Tailored for those focused on large-scale service scalability and reliability. SRE Anti-patterns Rebranding Ops or DevOps or Dev as SRE Users notice an issue before you do Measuring until my Edge False positives are worse than no alerts Configuration management trap for snowflakes The Dogpile: Mob incident response Point fixing Production Readiness Gatekeeper Fail-Safe really? SLO is a Proxy for Customer Happiness Define SLIs that meaningfully measure the reliability of a service from a user?s perspective Defining System boundaries in a distributed ecosystem for defining correct SLIs Use error budgets to help your team have better discussions and make better data-driven decisions Overall, Reliability is only as good as the weakest link on your service graph Error thresholds when 3rd party services are used Building Secure and Reliable Systems SRE and their role in Building Secure and Reliable systems Design for Changing Architecture Fault tolerant Design Design for Security Design for Resiliency Design for Scalability Design for Performance Design for Reliability Ensuring Data Security and Privacy Full-Stack Observability Modern Apps are Complex & Unpredictable Slow is the new down Pillars of Observability Implementing Synthetic and End user monitoring Observability driven development Distributed Tracing What happens to Monitoring? Instrumenting using Libraries an Agents Platform Engineering and AIOPs Taking a Platform Centric View solves Organizational scalability challenges such as fragmentation, inconsistency and unpredictability. How do you use AIOps to improve Resiliency How can DataOps help you in the journey A simple recipe to implement AIOps Indicative measurement of AIOps SRE & Incident Response Management SRE Key Responsibilities towards incident response DevOps & SRE and ITIL OODA and SRE Incident Response Closed Loop Remediation and the Advantages Swarming ? Food for Thought AI/ML for better incident management Chaos Engineering Navigating Complexity Chaos Engineering Defined Quick Facts about Chaos Engineering Chaos Monkey Origin Story Who is adopting Chaos Engineering Myths of Chaos Chaos Engineering Experiments GameDay Exercises Security Chaos Engineering Chaos Engineering Resources SRE is the Purest form of DevOps Key Principles of SRE SREs help increase Reliability across the product spectrum Metrics for Success Selection of Target areas SRE Execution Model Culture and Behavioral Skills are key SRE Case study Post-class assignments/exercises Non-abstract Large Scale Design (after Day 1) Engineering Instrumentation- Instrumenting Gremlin (after Day 2)
Duration 5 Days 30 CPD hours This course is intended for This class is designed for experienced BizTalk Server Developers who have at least one year of hands-on experience developing BizTalk Server applications. Overview In this 5-day course, you will learn how to apply best practices and design patterns to build smarter BizTalk Server applications. Furthermore, this course provides extensive coverage of BizTalk Server's extensibility, including such topics as: custom functoids, custom pipeline components, and invoking external .NET methods. This course is designed specifically for experienced BizTalk Server developers and focuses on best practices & pattern-based design while pulling back the curtain on some of BizTalk Server's eccentricities. Review of BizTalk Server Fundamentals The BizTalk Server Architecture Inner Workings of the Messaging Engine Messaging Engine Deep Dive Two-way Messaging Without Orchestrations Designing and Testing Schemas Schema Design Enabling Unit Testing for BizTalk Projects Data Translation and Transformation Custom Data Transformation Creating Custom Pipeline Components Working with Message Interchanges Debatching Message Interchanges Advanced Concepts of WCF Adapters Connecting to External Systems Using WCF LOB Adapters in BizTalk Server Publishing and Consuming WCF and RESTful Services Overview of Service Integration Using WCF Implementing WCF Services Preprocessing Messages with IIS Modules Consuming Services Advanced Orchestration Communication Patterns Orchestration Engine Deep Dive Splitting and Aggregating Messages using Orchestrations Orchestration Communication Bridging the Synchronous/Asynchronous Gap Across Multiple Channels Correlating Messages in Orchestration Instances Building Convoy Orchestrations Handling Orchestration Faults and Exceptions Exception Handling in Orchestrations Implementing Transactions and Compensation Creating Transactional Processes Designing Custom Tracking Models for BizTalk Applications Introduction to Business Activity Monitoring Enabling Business Activity Monitoring Extending BAM Beyond BizTalk Building Declarative Logic Using the Business Rules Engine Concepts of Declarative Logic Fundamentals of BizTalk BRE Integrating Policies with BizTalk Advanced Concepts of the Business Rules Engine Advanced Business Rule Concepts Working with Advanced Facts Integrating Across Business Boundaries Using Parties, Roles, and EDI Port Binding Option Review Role-Based Integration What is EDI? Enabling EDI-Based Messaging
Duration 3 Days 18 CPD hours This course is intended for Networking and security professionals involved in the management, configuration, administration, and monitoring of FortiGate devices used to secure their organizations' networks. Overview Deploy the appropriate operation mode for your network. Use the GUI and CLI for administration. Identify the characteristics of the Fortinet security fabric. Control network access to configured networks using firewall policies. Apply port forwarding, source NAT, and destination NAT. Authenticate users using firewall policies. Understand encryption functions and certificates. Inspect SSL/TLS-secured traffic to prevent encryption used to bypass security policies. Configure security profiles to neutralize threats and misuse, including viruses, torrents, and inappropriate websites. Apply application control techniques to monitor and control network applications that might use standard or non-standard protocols and ports. Fight hacking and denial of service (DoS). Defend against data leaks by identifying files with sensitive data, and block them from leaving your private network. Offer an SSL VPN for secure access to your private network. Implement a dial-up IPsec VPN tunnel between FortiGate and FortiClient. Collect and interpret log entries. In this three-day course, you will learn how to use basic FortiGate features, including security profiles. Course Outline Module 1. Introduction to FortiGate and the Security Fabric Module 2. Firewall Policies Module 3. Network Address Translation (NAT) Module 4. Firewall Authentication Module 5. Logging and Monitoring Module 6. Certificate Operations Module 7. Web Filtering Module 8. Application Control Module 9. Antivirus Module 10. Intrusion Prevention and Denial of Service Module 11. SSL VPN Module 12. Dial-Up IPsec VPN Module 13. Data Leak Prevention (DLP)
Duration 3 Days 18 CPD hours This course is intended for This course is for information technology professionals, security professionals, network, system managers and administrators tasked with installing, configuring and maintaining Symantec Data Center Security: Server Advanced. Overview At the completion of the course, you will be able to: Describe the major components of Symantec Data Center Security: Server Advanced and how they communicate. Install the management server, console and agent. Define, manage and create assets, policies, events and configurations. Understand policy creation and editing in depth. course is an introduction to implementing and managing a Symantec Data Center Security: Server Advanced 6.0 deployment. Introduction Course Overview The Classroom Lab Environment Introduction to Security Risks and Risk Security Risks Security Risk Management Managing and Protecting Systems Corporate Security Policies and Security Assessments Host-Based Computer Security Issues SDCS:Server Advanced Overview SDCS: Server Advanced Component Overview Policy Types and Platforms Management Console Overview Agent User Interface Overview DEMO of Management Console Installation and Deployment Planning the Installation Deploying SDCS:SA for High Availability Scalability Installing the Management Server Installing the Management Console Installing a Windows Agent Installing a UNIX Agent LAB: Install Manager and Agents Configuring Assets Asset and Agent Overview Viewing Agents and Assets Managing Agents Managing Agents on Assets LAB: Create Asset Groups LAB: Examine Agent Interface Policy Overview Policies Defined Prevention Policy Overview Process Sets Resource Access Policy Options Detection Policy Overview IDS Capabilities Rules Collectors Policy Management Workspace User Interface on Agent Example Use Cases LAB: Paper Based Scenarios LAB: What type of security strategy should be used? Detailed Prevention Policies Policy Editor Policy Structure Global Policy Options Service Options Program Options Policy Processing Order Network Rules File Rules Registry Rules Process Sets Predefined Policies LAB: Deploy Strict policy LAB: Examine Functionality Advanced Prevention Profiling Applications Customizing Predefined Policies LAB: Modify Policy Previously Deployed LAB: Re-examine Functionality LAB: Preparing for Policy deployment LAB: Best Practice - Covering Basics LAB: Further Enhance Strict Policy LAB: Create Custom Process Set LAB :Secure an FTP Server LAB: Troubleshoot Policy/pset Assignment Using CLI Detection Policies Detection Policies Structure Collectors Rules Predefined Detection Policies Creating a Detection Policy Using the Template Policy LAB: Deploy Baseline Policy LAB: Create Custom Policy Event Management Events Defined Viewing Events Reports and Queries Overview Creating Queries and Reports Creating Alerts LAB: View Monitor Types and Search Events LAB: Create Real Time Monitor Agent Management and Troubleshooting Configurations Defined Creating and Editing Configurations Common Parameters Prevention Settings Detection Settings Analyzing Agent Log Files Diagnostic Policies Local Agent Tool ? sisipsconfig LAB: Create Custom Configurations LAB: Implement Bulk Logging LAB: Disable Prevention on Agent Using CLI LAB: Use Diagnostic Policy to Gather Logs LAB: Troubleshoot a Policy System Management Managing Users and Roles Server Security Viewing and Managing Server Settings Viewing and Managing Database Settings Viewing and Managing Tomcat Settings LAB: Create a New User LAB: View System Settings
Duration 3 Days 18 CPD hours This course is intended for This course is for Network, IT security, and systems administration professionals in a Security Operations position who are tasked with configuring optimum security settings for endpoints protected by Symantec Endpoint Protection 14. Overview At the completion of the course, you will be able to: Protect against Network Attacks and Enforcing Corporate Policies using the Firewall Policy. Blocking Threats with Intrusion Prevention. Introducing File-Based Threats. Preventing Attacks with SEP. Layered Security. Securing Windows Clients. Secure Mac Clients. Secure Linux Clients. Controlling Application and File Access. Restricting Device Access for Windows and Mac Clients. Hardening Clients with System Lockdown. Customizing Policies based on Location. Managing Security Exceptions. This course is designed for the network, IT security, and systems administration professionals in a Security Operations position who are tasked with configuring optimum security settings for endpoints protected by Symantec Endpoint Protection 14. Introduction Course environment Lab environment Introducing Network Threats Describing how Symantec Endpoint Protection protects each layer of the network stack Discovering the tools and methods used by attackers Describing the stages of an attack Protecting against Network Attacks and Enforcing Corporate Policies using the Firewall Policy Preventing network attacks Examining Firewall Policy elements Evaluating built-in rules Creating custom firewall rules Enforcing corporate security policy with firewall rules Blocking network attacks using protection and stealth settings Configuring advanced firewall feature Blocking Threats with Intrusion Prevention Introducing Intrusion Prevention technologies Configuring the Intrusion Prevention policy Managing custom signatures Monitoring Intrusion Prevention events Introducing File-Based Threats Describing threat types Discovering how attackers disguise their malicious applications Describing threat vectors Describing Advanced Persistent Threats and a typical attack scenario Following security best practices to reduce risks Preventing Attacks with SEP Layered Security Virus and Spyware protection needs and solutions Describing how Symantec Endpoint Protection protects each layer of the network stack Examining file reputation scoring Describing how SEP protects against zero-day threats and threats downloaded through files and email Describing how endpoints are protected with the Intelligent Threat Cloud Service Describing how the emulator executes a file in a sandbox and the machine learning engine?s role and function Securing Windows Clients Platform and Virus and Spyware Protection policy overview Tailoring scans to meet an environment?s needs Ensuring real-time protection for clients Detecting and remediating risks in downloaded files Identifying zero-day and unknown threats Preventing email from downloading malware Configuring advanced options Monitoring virus and spyware activity Securing Mac Clients Touring the SEP for Mac client Securing Mac clients Monitoring Mac clients Securing Linux Clients Navigating the Linux client Tailoring Virus and Spyware settings for Linux clients Monitoring Linux clients Providing Granular Control with Host Integrity Ensuring client compliance with Host Integrity Configuring Host Integrity Troubleshooting Host Integrity Monitoring Host Integrity Controlling Application and File Access Describing Application Control and concepts Creating application rulesets to restrict how applications run Monitoring Application Control events Restricting Device Access for Windows and Mac Clients Describing Device Control features and concepts for Windows and Mac clients Enforcing access to hardware using Device Control Discovering hardware access policy violations with reports, logs, and notifications Hardening Clients with System Lockdown What is System Lockdown? Determining to use System Lockdown in Whitelist or Blacklist mode Creating whitelists for blacklists Protecting clients by testing and Implementing System Lockdown Customizing Policies based on Location Creating locations to ensure the appropriate level of security when logging on remotely Determining the criteria and order of assessment before assigning policies Assigning policies to locations Monitoring locations on the SEPM and SEP client Managing Security Exceptions Creating file and folder exceptions for different scan types Describing the automatic exclusion created during installation Managing Windows and Mac exclusions Monitoring security exceptions
Duration 2.5 Days 15 CPD hours