918 Courses delivered Online

Duration 4 Days 24 CPD hours This course is intended for This is an intermediate-level programming course, designed for experienced .Net developers who wish to get up and running on developing well defended software applications. Real world programming experience with .Net is required. Overview Students who attend Attacking and Securing .Net Web Applications will leave the course armed with the skills required to recognize actual and potential software vulnerabilities and implement defenses for those vulnerabilities. This course begins by developing the skills required to fingerprint a web application and then scan it for vulnerabilities and bugs. Practical labs using current tools and techniques provide students with the experience needed to begin testing their own applications. Students also gain a deeper understanding of how attackers probe applications to understand the runtime environment as well as find potential weaknesses. This course the introduces developers to the most common security vulnerabilities faced by web applications today. Each vulnerability is examined from a .Net perspective through a process of describing the threat and attack mechanisms, recognizing associated vulnerabilities, and, finally, designing, implementing effective defenses. Practical labs reinforce these concepts with real vulnerabilities and attacks. Students are then challenged to design and implement the layered defenses they will need in defending their own applications. There is an emphasis on the underlying vulnerability patterns since the technologies, use cases, and methods of attack as constantly changing. The patterns remain the same through all the change and flux. This 'skills-centric' course is about 50% hands-on lab and 50% lecture, designed to train attendees in secure web application development, coding and design, coupling the most current, effective techniques with the soundest industry practices. Our instructors and mentors are highly experienced practitioners who bring years of current 'on-the-job' experience into every classroom. This lab-intensive course provides hands-on .Net security training that offers a unique look at .Net application security. Beginning with penetration testing and hunting for bugs in .Net web applications, you thoroughly examine best practices for defensively coding web applications, covering all the OWASP Top Ten as well as several additional prominent vulnerabilities. You will repeatedly attack and then defend various assets associated with fully functional web applications and services, driving home the mechanics of how to secure .Net web applications in the most practical of terms. Bug Hunting Foundation Why Hunt Bugs? Safe and Appropriate Bug Hunting/Hacking Scanning Web Applications Scanning Applications Overview Moving Forward from Hunting Bugs Removing Bugs Foundation for Securing Applications Principles of Information Security Bug Stomping 101 Unvalidated Data Injection Broken Authentication Sensitive Data Exposure XML External Entities (XXE) Broken Access Control Bug Stomping 102 Security Misconfiguration Cross Site Scripting (XSS) Deserialization/Vulnerable Components Insufficient Logging and Monitoring Spoofing, CSRF, and Redirects Moving Forward with Application Security Applications: What Next? .NET Issues and Best Practices Making Application Security Real Time Permitting Topics Cryptography Overview .NET Cryptographic Services

Want to learn how to deliver high-quality IT services that meet the needs of your business and customers? Then take the ITIL Foundation course.

Course Description Get instant knowledge from this bite-sized Security Management Diploma Part - 1 course. This course is very short and you can complete it within a very short time. In this Security Management Diploma Part - 1 course you will get fundamental ideas of security management, the key strategy of security management, security risk analysis and so on. Enrol in this course today and start your instant first step towards the introduction to security management. Learn faster for instant implementation. Learning Outcome Familiarise with security management Understand organisational security management Gain in-depth knowledge of the security risk analysis and risk reduction Deepen your understanding of physical and information security protection How Much Do Security Managers Earn? Senior - £72,000 (Apprx.) Average - £45,000 (Apprx.) Starting - £29,000 (Apprx.) Requirement Our Security Management Diploma Part - 1 is fully compatible with any kind of device. Whether you are using Windows computer, Mac, smartphones or tablets, you will get the same experience while learning. Besides that, you will be able to access the course with any kind of internet connection from anywhere at any time without any kind of limitation. Security Management Diploma Part - 1 Module 01: Introduction to Security Management 00:33:00 Module 02: Organisational Security Management 00:26:00 Module 03: Security Risk Analysis and Risk Reduction 00:25:00 Module 04: Physical and Information Security Protection 00:36:00 Assignment Assignment - Security Management Diploma Part - 1 00:00:00

Duration 4 Days 24 CPD hours This course is intended for Security engineers Security administrators Security architects Operations engineers Network engineers Network administrators Network or security technicians Network managers System designers Cisco integrators and partners Overview After taking this course, you should be able to: Describe and administer the Cisco Email Security Appliance (ESA) Control sender and recipient domains Control spam with Talos SenderBase and anti-spam Use anti-virus and outbreak filters Use mail policies Use content filters Use message filters to enforce email policies Prevent data loss Perform LDAP queries Authenticate Simple Mail Transfer Protocol (SMTP) sessions Authenticate email Encrypt email Use system quarantines and delivery methods Perform centralized management using clusters Test and troubleshoot This course shows you how to deploy and use Cisco© Email Security Appliance to establish protection for your email systems against phishing, business email compromise, and ransomware, and to help streamline email security policy management. This hands-on course provides you with the knowledge and skills to implement, troubleshoot, and administer Cisco Email Security Appliance, including key capabilities such as advanced malware protection, spam blocking, anti-virus protection, outbreak filtering, encryption, quarantines, and data loss prevention. This course helps you prepare to take the exam, Securing Email with Cisco Email Security Appliance (300-720 SESA). Describing the Cisco Email Security Appliance Cisco Email Security Appliance Overview Technology Use Case Cisco Email Security Appliance Data Sheet SMTP Overview Email Pipeline Overview Installation Scenarios Initial Cisco Email Security Appliance Configuration Centralizing Services on a Cisco Administering the Cisco Email Security Appliance Distributing Administrative Tasks System Administration Managing and Monitoring Using the Command Line Interface (CLI) Other Tasks in the GUI Advanced Network Configuration Using Email Security Monitor Tracking Messages Logging Controlling Sender and Recipient Domains Public and Private Listeners Configuring the Gateway to Receive Email Host Access Table Overview Recipient Access Table Overview Configuring Routing and Delivery Features Controlling Spam with Talos SenderBase and Anti-Spam SenderBase Overview Anti-Spam Managing Graymail Protecting Against Malicious or Undesirable URLs File Reputation Filtering and File Analysis Bounce Verification Using Anti-Virus and Outbreak Filters Anti-Virus Scanning Overview Sophos Anti-Virus Filtering McAfee Anti-Virus Filtering Configuring the Appliance to Scan for Viruses Outbreak Filters How the Outbreak Filters Feature Works Managing Outbreak Filters Using Mail Policies Email Security Manager Overview Mail Policies Overview Handling Incoming and Outgoing Messages Differently Matching Users to a Mail Policy Message Splintering Configuring Mail Policies Using Content Filters Content Filters Overview Content Filter Conditions Content Filter Actions Filter Messages Based on Content Text Resources Overview Using and Testing the Content Dictionaries Filter Rules Understanding Text Resources Text Resource Management Using Text Resources Using Message Filters to Enforce Email Policies Message Filters Overview Components of a Message Filter Message Filter Processing Message Filter Rules Message Filter Actions Attachment Scanning Examples of Attachment Scanning Message Filters Using the CLI to Manage Message Filters Message Filter Examples Configuring Scan Behavior Preventing Data Loss Overview of the Data Loss Prevention (DLP) Scanning Process Setting Up Data Loss Prevention Policies for Data Loss Prevention Message Actions Updating the DLP Engine and Content Matching Classifiers Using LDAP Overview of LDAP Working with LDAP Using LDAP Queries Authenticating End-Users of the Spam Quarantine Configuring External LDAP Authentication for Users Testing Servers and Queries Using LDAP for Directory Harvest Attack Prevention Spam Quarantine Alias Consolidation Queries Validating Recipients Using an SMTP Server SMTP Session Authentication Configuring AsyncOS for SMTP Authentication Authenticating SMTP Sessions Using Client Certificates Checking the Validity of a Client Certificate Authenticating User Using LDAP Directory Authenticating SMTP Connection Over Transport Layer Security (TLS) Using a Client Certificate Establishing a TLS Connection from the Appliance Updating a List of Revoked Certificates Email Authentication Email Authentication Overview Configuring DomainKeys and DomainKeys Identified Mail (DKIM) Signing Verifying Incoming Messages Using DKIM Overview of Sender Policy Framework (SPF) and SIDF Veri?cation Domain-based Message Authentication Reporting and Conformance (DMARC) Verification Forged Email Detection Email Encryption Overview of Cisco Email Encryption Encrypting Messages Determining Which Messages to Encrypt Inserting Encryption Headers into Messages Encrypting Communication with Other Message Transfer Agents (MTAs) Working with Certificates Managing Lists of Certificate Authorities Enabling TLS on a Listener?s Host Access Table (HAT) Enabling TLS and Certi?cate Verification on Delivery Secure/Multipurpose Internet Mail Extensions (S/MIME) Security Services Using System Quarantines and Delivery Methods Describing Quarantines Spam Quarantine Setting Up the Centralized Spam Quarantine Using Safelists and Blocklists to Control Email Delivery Based on Sender Configuring Spam Management Features for End Users Managing Messages in the Spam Quarantine Policy, Virus, and Outbreak Quarantines Managing Policy, Virus, and Outbreak Quarantines Working with Messages in Policy, Virus, or Outbreak Quarantines Delivery Methods Centralized Management Using Clusters Overview of Centralized Management Using Clusters Cluster Organization Creating and Joining a Cluster Managing Clusters Cluster Communication Loading a Configuration in Clustered Appliances Best Practices Testing and Troubleshooting Debugging Mail Flow Using Test Messages: Trace Using the Listener to Test the Appliance Troubleshooting the Network Troubleshooting the Listener Troubleshooting Email Delivery Troubleshooting Performance Web Interface Appearance and Rendering Issues Responding to Alerts Troubleshooting Hardware Issues Working with Technical Support References Model Specifications for Large Enterprises Model Specifications for Midsize Enterprises and Small-to-Midsize Enterprises or Branch O?ces Cisco Email Security Appliance Model Specifications for Virtual Appliances

The course focuses on the five domains that should be known for the CompTIA PenTest+ PT0-002 exam. Learn to successfully plan and scope a pen test engagement with a client, find vulnerabilities, exploit them to get into a network, then report on those findings to the client with the help of this comprehensive course.

Duration 1 Days 6 CPD hours This course is intended for This course is designed primarily for IT leaders and company executives who are responsible for complying with incident response legislation. This course focuses on the knowledge, resources, and skills necessary to comply with incident response, and incident handling process requirements. Overview In this course, you will understand, assess and respond to security threats and operate a system and network security analysis platform. You will: Explain the importance of best practices in preparation for incident response Given a scenario, execute incident response process Explain general mitigation methods and devices Assess and comply with current incident response requirements. This course covers incident response methods and procedures are taught in alignment with industry frameworks such as US-CERT?s NCISP (National Cyber Incident Response Plan), and Presidential Policy Directive (PPD) 41 on Cyber Incident Coordination Policy. It is ideal for candidates who have been tasked with managing compliance with state legislation and other regulatory requirements regarding incident response, and for executing standardized responses to such incidents. The course introduces procedures and resources to comply with legislative requirements regarding incident response. This course is designed to assist students in preparing for the CertNexus Incident Responder Credential (CIR-110). What you learn and practice in this course can be a significant part of your preparation. Assessment of Information Security Risks The Importance of Risk Management Integrating Documentation into Risk Management Response to Cybersecurity Incidents Deployment of Incident Handling and Response Architecture Containment and Mitigation of Incidents Preparation for Forensic Investigation as a CSIRT Investigating Cybersecurity Incidents Use a Forensic Investigation Plan Securely Collect and Analyze Electronic Evidence Follow Up on the Results of an Investigation Complying with Legislation Examples of Legislation (if this is covered in above topics, no need to include here) GDPR, HIPPA, Elections Case study: Incident Response and GDPR (Using GDPR legislation, create a response that is compliant with it ? this could be discussion-based activity as well.) State Legislation Resources and Example Search terms to find state legislation Using NYS as example use the NYS Privacy Response act or other legislation to create a similar case study as previous. Provide answers on when to use federal versus state and do you have to follow both?

This comprehensive course is designed to prepare you to take and pass the CompTIA A+ Certification Core (220-1102) certification exam. This is the second of a two-course series. To become fully A+ certified, you will need to pass both the 220-1101 and 220-1102 exams.

Duration 3 Days 18 CPD hours This course is intended for This course is intended for security engineers, security architects, and information security professionals. Overview Identify security benefits and responsibilities of using the AWS Cloud Build secure application infrastructures Protect applications and data from common security threats Perform and automate security checks Configure authentication and permissions for applications and resources Monitor AWS resources and respond to incidents Capture and process logs Create and configure automated and repeatable deployments with tools such as AMIs and AWS CloudFormation This course demonstrates how to efficiently use AWS security services to stay secure in the AWS Cloud. The course focuses on the security practices that AWS recommends for enhancing the security of your data and systems in the cloud. The course highlights the security features of AWS key services including compute, storage, networking, and database services. You will also learn how to leverage AWS services and tools for automation, continuous monitoring and logging, and responding to security incidents. Prerequisites We recommend that attendees of this course have: Working knowledge of IT security practices and infrastructure concepts Familiarity with cloud computing concepts Completed AWS Security Essentials and Architecting on AWS courses 1 - Security on AWS Security in the AWS cloud AWS Shared Responsibility Model Incident response overview DevOps with Security Engineering 2 - Identifying Entry Points on AWS Identify the different ways to access the AWS platform Understanding IAM policies IAM Permissions Boundary IAM Access Analyzer Multi-factor authentication AWS CloudTrail 3 - Security Considerations: Web Application Environments Threats in a three-tier architecture Common threats: user access Common threats: data access AWS Trusted Advisor 4 - Application Security Amazon Machine Images Amazon Inspector AWS Systems Manager 5 - Data Security Data protection strategies Encryption on AWS Protecting data at rest with Amazon S3, Amazon RDS, Amazon DynamoDB Protecting archived data with Amazon S3 Glacier Amazon S3 Access Analyzer Amazon S3 Access Points 6 - Securing Network Communications Amazon VPC security considerations Amazon VPC Traffic Mirroring Responding to compromised instances Elastic Load Balancing AWS Certificate Manager 7 - Monitoring and Collecting Logs on AWS Amazon CloudWatch and CloudWatch Logs AWS Config Amazon Macie Amazon VPC Flow Logs Amazon S3 Server Access Logs ELB Access Logs 8 - Processing Logs on AWS Amazon Kinesis Amazon Athena 9 - Security Considerations: Hybrid Environments AWS Site-to-Site and Client VPN connections AWS Direct Connect AWS Transit Gateway 10 - Out-Of-Region Protection Amazon Route 53 AWS WAF Amazon CloudFront AWS Shield AWS Firewall Manager DDoS mitigation on AWS 11 - Security Considerations: Serverless Environments Amazon Cognito Amazon API Gateway AWS Lambda 12 - Threat Detection and Investigation Amazon GuardDuty AWS Security Hub Amazon Detective 13 - Secrets Management on AWS AWS KMS AWS CloudHSM AWS Secrets Manager 14 - Automation and Security by Design AWS CloudFormation AWS Service Catalog 15 - Account Management and Provisioning on AWS AWS Organizations AWS Control Tower AWS SSO AWS Directory Service

This course aims to provide learners with a comprehensive understanding of the impact of information systems on organizations and business firms. The course will explore the concept of competitive advantage and its dimensions and how strategic information systems can be used to achieve and sustain competitive advantage. Learners will also learn about the various types of information systems, their use in supporting business processes, and how to align IS strategy with business strategy. Additionally, the course will cover the impact of the internet on competitive advantage, Porter's Five Forces, and the Value Chain Analysis. After the successful completion of the course, you will be able to learn about the following, Organization and Information Systems and How Information Systems Impact Organizations and Business Firms? Competency, Competitive Advantage, its dimensions. Strategic Information System. Types of Information System Strategies. Management Information System and Competitive Advantage. The Internet's Impact on Competitive Advantage. Porter's Five Forces and Competitive Advantage. The Value Chain Analysis and Competitive Advantage. Information Systems Products and Services. Types of Information Systems to Support Business Processes. Alignment Between IS Strategy and Business Strategy. The People in Information Systems. This course will give learners an in-depth understanding of the relationship between information systems and organizations. The course will begin by exploring the concept of competitive advantage and its dimensions and how information systems can be used to achieve and sustain competitive advantage. Learners will learn about the different types of information systems strategies, including strategic information systems, management information systems, and the internet's impact on competitive advantage. This course will provide learners with an in-depth understanding of the relationship between information systems and organizations. The course will begin by exploring the concept of competitive advantage and its dimensions, and how information systems can be used to achieve and sustain competitive advantage. Learners will learn about the different types of information systems strategies, including strategic information systems, management information systems, and the internet's impact on competitive advantage. VIDEO - Course Structure and Assessment Guidelines Watch this video to gain further insight. Navigating the MSBM Study Portal Watch this video to gain further insight. Interacting with Lectures/Learning Components Watch this video to gain further insight. Appraising Information Systems and Organisation Strategy Self-paced pre-recorded learning content on this topic. Appraising Information Systems and Organisation Strategy Put your knowledge to the test with this quiz. Read each question carefully and choose the response that you feel is correct. All MSBM courses are accredited by the relevant partners and awarding bodies. Please refer to MSBM accreditation in about us for more details. There are no strict entry requirements for this course. Work experience will be added advantage to understanding the content of the course. The certificate is designed to enhance the learner's knowledge in the field. This certificate is for everyone eager to know more and get updated on current ideas in their respective field. We recommend this certificate for the following audience. Business Owners Entrepreneurs Managers and Executives IT Professionals Marketing Professionals Average Completion Time 2 Weeks Accreditation 3 CPD Hours Level Advanced Start Time Anytime 100% Online Study online with ease. Unlimited Access 24/7 unlimited access with pre-recorded lectures. Low Fees Our fees are low and easy to pay online.

Duration 2 Days 12 CPD hours This course is intended for The ProxySG 6.6 Basic Administration course is intended for students who wish to master the fundamentals of the ProxySG. It is designed for students who have not taken any previous training courses about the ProxySG. Overview Describe the major Secure Web Gateway functions of the ProxySG.License and configure a ProxySG.Deploy a ProxySG in either explicit or transparent mode.Use the Visual Policy Manager to write policies to manage web filtering, authentication, and SSL traffic management.Use ProxySG access logs to generate reports. The ProxySG 6.6 Basic Administration course is an introduction to deployment options and management of the individual key features offered using the ProxySG 6.6 solution. Introduction to the Symantec ProxySG Secure Web Gateway Describe the functions of a proxy server Differentiate proxy servers from firewalls Describe the key features and benefits of the ProxySG List the various ProxySG models Access online Symantec community resources ProxySG Security Deployment Options Describe the three network deployment methods Describe the three possible roles of the ProxySG ProxySG Management Console Describe the relationship between the Management Console and the ProxySG CLI Describe the primary function of the major areas of the Management Console Use the Management Console to access on-box help and Symantec product documentation Traffic Interception Using Proxy Services Understand the functions of proxy services, listeners, and proxy types Describe the three most common proxy services Explain how the intercept and bypass settings affect what happens to network traffic passing through the ProxySG Explain the function of common global proxy service settings Hypertext Transfer Protocol Understand how a connection is initiated over the transport layer Identify the components of an HTTP URL Explain the two types of HTTP messages: request and response Identify common response codes Introduction to the Visual Policy Manager Describe the relationship among the VPM, CPL, and the Management Console Describe the default processing order for policy layers and rules Describe triggers and actions that can be used in writing policy Identify the types of objects that the VPM supports Describe some of the best practices to be followed when using the VPM to create policy Filtering Web Content Describe the main concepts of web filtering Describe the primary category databases Describe the category types available to policy Describe how WebFilter and WebPulse work together Using Threat Intelligence to Defend the Network Understand Intelligence Services as provided by the Global Intelligence Network Understand Geolocation and Threat Risk Levels and how they can be used in policy Ensuring Safe Downloads Describe how malware can be transmitted via HTTP Explain the methods, advantages, and disadvantages of file type detection Describe some of the considerations in deciding what content to block as possible malware sources Notifying User of Internet Usage Policies Explain the function and various components of built-in and custom exception pages Describe the function of Notify User objects Identify the types of pages that can be sent to users by using Notify User objects Describe splash pages and coaching pages using Notify User objects in the VPM Access Logging on the ProxySG Describe, at a high level, how the ProxySG performs access logging Describe the components of a ProxySG access log facility Identify default log facilities and log formats Describe common use cases for periodic and continuous uploading of access logs