Duration 2 Days 12 CPD hours This course is intended for The intended audience for this comprehensive course on Information Assurance and STIGs includes professionals with roles such as: IT professionals - System administrators, network engineers, and security analysts who are responsible for maintaining and securing IT infrastructure and web applications. Developers - Software engineers and web developers who design, implement, and maintain web applications, and need to integrate security best practices throughout the development process. Project teams - Cross-functional teams that collaborate on application development projects, including members from development, testing, and deployment teams. Technical leads - Senior software engineers or architects who oversee technical aspects of projects and ensure the implementation of secure design and coding practices. Project managers - Professionals responsible for planning, executing, and closing projects, ensuring that security requirements are met throughout the project lifecycle. Overview Working in an interactive learning environment, guided by our application security expert, you'll explore: The concepts and terminology behind defensive coding Threat Modeling as a tool in identifying software vulnerabilities based on realistic threats against meaningful assets The entire spectrum of threats and attacks that take place against software applications in today's world The role that static code reviews and dynamic application testing to uncover vulnerabilities in applications The vulnerabilities of programming languages as well as how to harden installations The basics of Cryptography and Encryption and where they fit in the overall security picture The requirements and best practices for program management as specified in the STIGS The processes and measures associated with the Secure Software Development (SSD) The basics of security testing and planning Understand the concepts and terminology behind defensive coding Understand Threat Modeling as a tool in identifying software vulnerabilities based on realistic threats against meaningful assets Learn the entire spectrum of threats and attacks that take place against software applications in today's world Discuss the role that static code reviews and dynamic application testing to uncover vulnerabilities in applications Understand the vulnerabilities of programming language as well as how to harden installations Understand the basics of Cryptography and Encryption and where they fit in the overall security picture Understand the fundamentals of XML Digital Signature and XML Encryption as well as how they are used within the web services arena Understand the requirements and best practices for program management as specified in the STIGS Understand the processes and measures associated with the Secure Software Development (SSD) Understand the basics of security testing and planning The Information Assurance (STIG) Overview is a comprehensive two-day course that delves into the realm of Information Assurance, empowering you to enhance your cybersecurity skills, understand the essentials of STIGs, and discover cutting-edge web application security practices. This immersive experience is tailored for IT professionals, developers, project teams, technical leads, project managers, testing/QA personnel, and other key stakeholders who seek to expand their knowledge and expertise in the evolving cybersecurity landscape. The course focuses on the intricacies of best practices for design, implementation, and deployment, inspired by the diverse and powerful STIGs, ultimately helping participants become more proficient in application security.The first half of the course covers the foundations of DISA's Security Technical Implementation Guides (STIGs) and learn the ethical approach to bug hunting, while exploring the language of cybersecurity and dissecting real-life case studies. Our expert instrtors will guide you through the importance of respecting privacy, working with bug bounty programs, and avoiding common mistakes in the field.The next half delves into the core principles of information security and application protection, as you learn how to identify and mitigate authentication failures, SQL injections, and cryptographic vulnerabilities. You?ll gain experience with STIG walkthroughs and discover the crucial steps for securing web applications.Throughout the course, you'll also explore the fundamentals of application security and development, including checklists, common practices, and secure development lifecycle (SDL) processes. You?ll learn from recent incidents and acquire actionable strategies to strengthen your project teams and IT organizations. You'll also have the opportunity to explore asset analysis and design review methodologies to ensure your organization is prepared to face future cybersecurity challenges. DISA's Security Technical Implementation Guides (STIGs) The motivations behind STIGs Requirements that the various software development roles must meet Implementing STIG requirements and guidelines Why Hunt Bugs? The Language of CyberSecurity The Changing Cybersecurity Landscape AppSec Dissection of SolarWinds The Human Perimeter Interpreting the 2021 Verizon Data Breach Investigation Report First Axiom in Web Application Security Analysis First Axiom in Addressing ALL Security Concerns Lab: Case Study in Failure Safe and Appropriate Bug Hunting/Hacking Working Ethically Respecting Privacy Bug/Defect Notification Bug Bounty Programs Bug Hunting Mistakes to Avoid Principles of Information Security Secuity Is a Lifecycle Issue Minimize Attack Surface Area Layers of Defense: Tenacious D Compartmentalize Consider All Application States Do NOT Trust the Untrusted Identification and Authentication Failures Applicable STIGs Quality and Protection of Authentication Data Proper hashing of passwords Handling Passwords on Server Side Session Management HttpOnly and Security Headers Lab: STIG Walk-Throughs Injection Applicable STIGs Injection Flaws SQL Injection Attacks Evolve Drill Down on Stored Procedures Other Forms of Server-Side Injection Minimizing Injection Flaws Client-side Injection: XSS Persistent, Reflective, and DOM-Based XSS Best Practices for Untrusted Data Lab: STIG Walk-Throughs Applications: What Next? Common Vulnerabilities and Exposures CWE/SANS Top 25 Most Dangerous SW Errors Strength Training: Project Teams/Developers Strength Training: IT Organizations Cryptographic Failures Applicable STIGs Identifying Protection Needs Evolving Privacy Considerations Options for Protecting Data Transport/Message Level Security Weak Cryptographic Processing Keys and Key Management Threats of Quantum Computing Steal Now, Crack Later Threat Lab: STIG Walk-Throughs Application Security and Development Checklists Checklist Overview, Conventions, and Best Practices Leveraging Common AppSec Practices and Control Actionable Application Security Additional Tools for the Toolbox Strength Training: Project Teams/Developers Strength Training: IT Organizations Lab: Recent Incidents SDL Overview Attack Phases: Offensive Actions and Defensive Controls Secure Software Development Processes Shifting Left Actionable Items Moving Forward Lab: Design Study Review Asset Analysis Asset Analysis Process Types of Application-Related Assets Adding Risk Escalators Discovery and Recon Design Review Asset Inventory and Design Assets, Dataflows, and Trust Boundaries Risk Escalators in Designs Risk Mitigation Options
About this Training Energy insurance is a type of insurance designed to protect businesses that work in the energy industry. This type of insurance covers a wide range of risks that are unique to the energy industry, such as damage to oil rigs, power plants, pipelines, or other energy infrastructure, as well as accidents, explosions, fires, and environmental damage. Energy insurance can also provide coverage for business interruption caused by unforeseen events that can disrupt energy production or supply, such as natural disasters, equipment breakdown, and cyber-attacks. It may also include coverage for liability and loss of income resulting from lawsuits and legal claims. Training Objectives Upon completion of this course, participants will be able to: Understand the risk sharing between oil companies and contractors Know how this is dealt within the insurance products available Understand insurer's perception of risk Create awareness of how market insurance products meet industry needs Be familiar with insurer's pricing methodologies Better understanding of the broker interface Understand technical evaluation of the coverage wordings Putting technical knowledge into practice with claims workshop Target Audience The course is intended for individuals who work in the energy industry, particularly those who are involved in managing risk or making decisions related to insurance coverage. The following personnel will benefit from the knowledge shared in this course: Insurers Brokers Adjusters Lawyers Risk Managers Treasury Contracts Legals Contract Adjustor Project Managers Course Level Basic or Foundation Trainer Your expert course leader has worked in the insurance sector for 59 years. He has worked as a broker for reputable firms, such as Marsh, where he served as the managing director of Energy Construction. He has also participated in peer review for different Lloyds Syndicates. He also served as a broker for Sedgwick, AAA, and Miller in the offshore energy sector. He has helped businesses including Shell, BP, Chevron, ConocoPhillips, Petrofina, Woodside, ENI, and Brunei Shell for their policy reviews during his career. POST TRAINING COACHING SUPPORT (OPTIONAL) To further optimise your learning experience from our courses, we also offer individualized 'One to One' coaching support for 2 hours post training. We can help improve your competence in your chosen area of interest, based on your learning needs and available hours. This is a great opportunity to improve your capability and confidence in a particular area of expertise. It will be delivered over a secure video conference call by one of our senior trainers. They will work with you to create a tailor-made coaching program that will help you achieve your goals faster. Request for further information post training support and fees applicable Accreditions And Affliations
Duration 3 Days 18 CPD hours This course is intended for This course is designed for technical professionals who need to know how to deploy a Cisco NCS 2000 Series Dense Wavelength-Division Multiplexing (DWDM) network with Flex Spectrum. The primary audience for this course includes: Designers Systems engineers and implementation staff Network operations center personnel Technical support personnel who are involved with the deployment, operations, and maintenance of the Cisco NCS 2000 Series Channel partners and resellers Overview After taking this course, you should be able to: Describe the hardware and components required and used with the Flex Spectrum feature Design optical networks in the Cisco Transport Planner software Install the hardware, including multishelf nodes Perform node turn-up and create circuits using the Cisco Transport Controller software Configure optical networks with multidegree ROADM multishelf nodes Configure optical networks with colorless, contentionless, omnidirectional, and MPO cross-connect advanced features Describe and configure the NCS 2000 400-Gbps Xponder line card Add a node to an existing DWDM ring Describe the NCS 2000 Troubleshooting Guide Use the features and documentation with Transport Controller to perform maintenance, testing, and basic troubleshooting The Cisco NCS2000 Deploying 96-Channel Flex Spectrum (OPT201) v3.0 course shows you how to plan, configure, and control optical networks using the Cisco© Network Convergence System (NCS) 2000 series Flex Spectrum platform.The course teaches you how to design Flex Spectrum networks with multi-degree Reconfigurable Optical Add-Drop Multiplexer (ROADM) multi-shelf nodes using the Cisco Transport Planner (CTP) software. Course Outline DWDM and Flex Spectrum Foundation NCS 2000 Chassis and Cards Design ROADM Networks with CTP Hardware Installation and Multishelf Node Turn-Up and Circuit Creation Advanced Feature Networks and Circuits Testing, Maintenance, and Basic Troubleshooting Spectrum Switched Optical Network
Duration 2 Days 12 CPD hours This course is intended for The target audience for the DevSecOps Foundation course are professionals including: Anyone involved or interested in learning about DevSecOps strategies and automation Anyone involved in Continuous Delivery toolchain architectures Compliance Team Business managers Delivery Staff DevOps Engineers IT Managers IT Security Professionals, Practitioners, and Managers Maintenance and support staff Managed Service Providers Project & Product Managers Quality Assurance Teams Release Managers Scrum Masters Site Reliability Engineers Software Engineers Testers Overview You will learn: The purpose, benefits, concepts, and vocabulary of DevSecOps How DevOps security practices differ from other security approaches Business-driven security strategies and Best Practices Understanding and applying data and security sciences Integrating corporate stakeholders into DevSecOps Practices Enhancing communication between Dev, Sec, and Ops teams How DevSecOps roles fit with a DevOps culture and organization In this course, students will gain a solid understanding of how DevSecOps provides business value, enhancing your business opportunities, and improving corporate value. The core DevSecOps principles taught can support an organizational transformation, increase productivity, reduce risk, and optimize resource usage. This course explains how DevOps security practices differ from other approaches then delivers the education needed to apply changes to your organization. Participants learn the purpose, benefits, concepts, vocabulary and applications of DevSecOps. Most importantly, students learn how DevSecOps roles fit with a DevOps culture and organization. At the course?s end, participants will understand ?security as code? to make security and compliance value consumable as a service. This course prepares you for the DevSecOps Foundation (DSOF) certification. Realizing DevSecOps Outcomes Origins of DevOps Evolution of DevSecOps CALMS The Three Ways Defining the Cyberthreat Landscape What is the Cyber Threat Landscape? What is the threat? What do we protect from? What do we protect, and why? How do I talk to security? Building a Responsive DevSecOps Model Demonstrate Model Technical, business and human outcomes What?s being measured? Gating and thresholding Integrating DevSecOps Stakeholders The DevSecOps State of Mind The DevSecOps Stakeholders What?s at stake for who? Participating in the DevSecOps model Establishing DevSecOps Best Practices Start where you are Integrating people, process and technology and governance DevSecOps operating model Communication practices and boundaries Focusing on outcomes Best Practices to get Started The Three Ways Identifying target states Value stream-centric thinking DevOps Pipelines and Continuous Compliance The goal of a DevOps pipeline Why continuous compliance is important Archetypes and reference architectures Coordinating DevOps Pipeline construction DevSecOps tool categories, types and examples Learning Using Outcomes Security Training Options Training as Policy Experiential Learning Cross-Skilling The DevSecOps Collective Body of Knowledge Preparing for the DevSecOps Foundation certification exam Additional course details: Nexus Humans DevSecOps Foundation (DevOps Institute) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the DevSecOps Foundation (DevOps Institute) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.
Duration 1 Days 6 CPD hours This course is intended for Certification Preparation for Service Cloud Consultant is designed for individuals who have experience designing Service Cloud solutions and are preparing to take the Salesforce Service Cloud Consultant Certification exam. You should have the following experience before attending this class: Attainment and maintenance of the Salesforce Administrator Certification Knowledge of the topics discussed in the Service Cloud Consultant Overview When you complete this course, you will be able to: Review the different exam objectives and their weighting on the exam Understand the product areas to focus on to best prepare for the exam Discuss how to design Service Cloud solutions to meet specific business needs Assess your exam readiness by answering practice questions Are you ready to take the next step in your career by becoming a Salesforce Certified Service Cloud Consultant? Instructors will present scenarios that will help reinforce your knowledge of Service Cloud functionality by thinking through requirements and design considerations. The course provides an overview of the exam objectives to help you focus your efforts to prepare for the Salesforce Service Cloud Consultant Certification exam. Review the different exam objectives and their weighting on the examUnderstand the product areas to focus on to best prepare for the examDiscuss how to design Service Cloud solutions to meet specific business needsAssess your exam readiness by answering practice questions Additional course details: Nexus Humans Salesforce Certification Preparation for Service Cloud Consultant (CRT261) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Salesforce Certification Preparation for Service Cloud Consultant (CRT261) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.
Duration 1 Days 6 CPD hours This course is intended for This course is designed for students wishing to gain intermediate-level skills or individuals whose job responsibilities include constructing relational databases and developing tables, queries, forms, and reports in Microsoft Access for Microsoft 365. Overview In this course, you will optimize an Access database. You will: Provide input validation features to promote the entry of quality data into a database. Organize a database for efficiency and performance, and to maintain data integrity. Improve the usability of Access tables. Create advanced queries to join and summarize data. Use advanced formatting and controls to improve form presentation. Use advanced formatting and calculated fields to improve reports. Your training and experience using Microsoft© Access© has given you basic database management skills, such as creating tables, designing forms and reports, and building queries. In this course, you will expand your knowledge of relational database design; promote quality input from users; improve database efficiency and promote data integrity; and implement advanced features in tables, queries, forms, and reports. Extending your knowledge of Access will result in a robust, functional database for your users.This course is the second part of a three-course series that covers the skills needed to perform database design and development in Access.Microsoft© Access© for Office 365?: Part 1 : Focuses on the design and construction of an Access database?viewing, navigating, searching, and entering data in a database, as well as basic relational database design and creating simple tables, queries, forms, and reports.Microsoft© Access© for Office 365?: Part 2 (this course): Focuses on optimization of an Access database, including optimizing performance and normalizing data; data validation; usability; and advanced queries, forms, and reports.Microsoft© Access© for Office 365?: Part 3 : Focuses on managing the database and supporting complex database designs, including import and export of data; using action queries to manage data; creating complex forms and reports; macros and Visual Basic for Applications (VBA); and tools and strategies to manage, distribute, and secure a database.This course may be a useful component in your preparation for the Microsoft Access Expert (Microsoft 365 Apps and Office 2019): Exam MO-500 certification exam. Lesson 1: Promoting Quality Data Input Topic A: Restrict Data Input Through Field Validation Topic B: Restrict Data Input Through Forms and Record Validation Lesson 2: Improving Efficiency and Data Integrity Topic A: Data Normalization Topic B: Associate Unrelated Tables Topic C: Enforce Referential Integrity Lesson 3: Improving Table Usability Topic A: Create Lookups Within a Table Topic B: Work with Subdatasheets Lesson 4: Creating Advanced Queries Topic A: Create Query Joins Topic B: Create Subqueries Topic C: Summarize Data Lesson 5: Improving Form Presentation Topic A: Apply Conditional Formatting Topic B: Create Tab Pages with Subforms and Other Controls Lesson 6: Creating Advanced Reports Topic A: Apply Advanced Formatting to a Report Topic B: Add a Calculated Field to a Report Topic C: Control Pagination and Print Quality Topic D: Add a Chart to a Report
Business Relationship Management Professional (BRMP)®: Virtual In-House Training Business Relationship Management (BRM) embodies a set of competencies (knowledge, skills, and behaviors) to foster an effective business value-producing relationship between a service provider and its business partners. The BRM Discipline rests on solid research-based foundations verified and enhanced over a decade of successful implementations in leading organizations across the world. Proven to be equally effective for shared services including Human Resources, Finance, Legal, external service providers and others, BRM practices have enjoyed widespread adaptation in IT. The Business Relationship Management Professional (BRMP) training and certification program provides a foundational understanding of business relationship management (BRM) for individuals at every experience level, with the training and certification designed to provide a solid baseline level of knowledge. In other words, this course provides the 'why' and the 'what' - 'why' business relationship management is important to your organization and 'what' a BRM capability does to add value to your organization. This interactive course, with discussions, partnering activities, and periodic knowledge checks, will provide you with the opportunity to apply learning to your unique organizational situations, creating solutions that you can use immediately upon returning to your workplace. This practical knowledge will allow you to demonstrate immediate value in your role, as well as prepare you for the BRMP Certification exam.
Enhance your knowledge in petroleum geochemistry with EnergyEdge's course on petroleum exploration. Enroll now!
PYTHON BOOTCAMP: This 12-week Python Data Analytics Data Boot Camp is designed to give you a complete skill set required by data analysts . You will be fully fluent and confident as a Python data analyst, with full understanding of Python Programming. From Data, databases, datasets, importing, cleaning, transforming, analysing to visualisation and creating awesome dashboards The course is a practical, instructor-lead program.
About this Virtual Instructor Led Training (VILT) Electrification of the transportation sector will impact the power system in several ways. Besides the additional load, local impact on the grid needs to be managed by the grid operators. Simultaneously charging of many electric vehicles (EVs) might exceed the limits in specific locations. On the other hand, EVs can provide flexibility and other ancillary services that will help grid operators. This 3 half-day VILT course will provide a complete overview of integrating electric vehicles (EVs) into the power grid. It will cover the whole value chain from grid operations to the car battery. This includes the control room, possible grid reinforcement, demand side management and power electronics. This course will demonstrate the impact on the grid and solutions for a safe & cost-effective grid plan and operation, with examples of successful integration of EVs. The course will also provide vital knowledge about technology used for EVs such as power electronics, demand side management, communication and batteries. In this context, the focus will be on power electronics as it has the highest impact on the grid. The grid planning tool, pandapower, is introduced as an open source tool for power system modelling. The set-up of the training course allows for discussion and questions. Questions can be formulated by the participants upfront or during the training. This course is delivered in partnership with Fraunhofer IEE. Training Objectives At the end of this course, the participants will: Understand the charging options for EVs and its impact on the grid and batteries Identify system services for EVs with regards to voltage quality at the point of common coupling Discover what are the 'grid friendly' and grid supporting functions in EVs Uncover the different applications, standards and data researched on EVs Examine the application of a grid planning tool (pandapower) for power system modelling Be able to develop code snippets with pandapower Apply and execute a code example for power system modelling with pandapower Target Audience EV and grid project developers and administrators Power grid operators and planners EPC organisations involved in grid development EV/ battery manufacturers and designers EV transport planners and designers Government regulators and policy makers Training Methods The VILT will be delivered online in 3 half-day sessions comprising 4 hours per day, with 2 x 10 minutes breaks per day, including time for lectures, discussion, quizzes and short interactive exercises. Additionally, some self-study will be requested. Participants are invited but not obliged to bring a short presentation (10 mins max) on a practical problem they encountered in their work. This will then be explained and discussed during the VILT. A short test or quiz will be held at the end of every session/day. Trainer Our first course expert is Head of Department Converters and Electrical Drive Systems at Fraunhofer IEE and Professor for Electromobility and Electrical Infrastructure at Bonn-Rhein-Sieg University of Applied Sciences. He received his engineering degree in automation in 2008 by the THM Technische Hochschule Mittelhessen (FH Giessen-Friedberg). Afterwards he studied power engineering at University of Kassel and received his diploma certificate in 2010. In 2016 he received the Ph.D. (Dr.-Ing.) from the University of Hannover. The title of his dissertation is Optimized multifunctional bi-directional charger for electric vehicles. He has been a researcher at the Fraunhofer IEE in Kassel since 2010 and deals with power converters for electric vehicles, photovoltaics and wind energy. His current research interests include the bidirectional inductive power transfer, battery charger and inverter as well as new power electronic components such as SiC MOSFETs and chokes. Additionally, our key expert is Chairman of the IEEE Joint IAS/PELS/IES German Chapter and a member of the International Scientific Committee of the EPE Association. Our second course expert is deputy head of energy storage department at Fraunhofer IEE. Prior to this he was the Director of Grid Integration department at SMA Solar Technology AG, one of the world's largest manufacturers of PV power converters. Before joining SMA, our course expert was manager of the Front Office System Planning at Amprion GmbH (formerly RWE TSO), one of the four German transmission system operators. He holds a degree of electrical engineering of the University of Kassel, Germany. In 2003 he finished his Ph.D. (Dr.-Ing.) on the topic of wind power forecasting at the 'Institute of Solar Energy Supply Technology' (now Fraunhofer IEE) in Kassel. In 2004 he started his career at RWE TSO with main focus on wind power integration and congestion management. Our course expert is chairman of the IEC SC 8A 'Grid Integration of Large-capacity Renewable Energy (RE) Generation' and has published several papers about grid integration of renewable energy source and forecasting systems on books, magazines, international conferences and workshops. Our third course expert is Research Associate at Fraunhofer IEE. He is actively working on different projects related to the integration of electric vehicle charging into the electric distribution grid. The focus of this work concerns time series based simulations for grid planning and operation in order to investigate the effect of a future rollout of electric vehicles and charging infrastructure on economics e.g. costs for grid reinforcement. He completed his master degree (MSc.) in Business Administration and Engineering: Electrical Power Engineering at RWTH Aachen University, Germany. Our trainers are experts from Fraunhofer Institute for Energy Economics and Energy System Technology (Fraunhofer, IEE), Germany. The Fraunhofer IEE researches for the national and international transformation of energy supply systems POST TRAINING COACHING SUPPORT (OPTIONAL) To further optimise your learning experience from our courses, we also offer individualized 'One to One' coaching support for 2 hours post training. We can help improve your competence in your chosen area of interest, based on your learning needs and available hours. This is a great opportunity to improve your capability and confidence in a particular area of expertise. It will be delivered over a secure video conference call by one of our senior trainers. They will work with you to create a tailor-made coaching program that will help you achieve your goals faster. Request for further information about post training coaching support and fees applicable for this. Accreditions And Affliations