Penetration testing training course description An advanced technical hands on course focusing on hacking and counter hacking. The course revolves around a series of exercises based on "hacking" into a network (pen testing the network) and then defending against the hacks. What will you learn Perform penetration tests. Explain the technical workings of various penetration tests. Produce reports on results of penetration tests. Defend against hackers. Penetration testing training course details Who will benefit: Technical support staff, auditors and security professionals. Staff who are responsible for network infrastructure integrity. Prerequisites: IP Security IP VPNs Duration 5 days Penetration testing training course contents Introduction Hacking concepts, phases, types of attacks, 'White hacking', What is penetration testing? Why use pen testing, black box vs. white box testing, equipment and tools, security lifecycles, counter hacking, pen testing reports, methodologies, legal issues. Physical security and social engineering Testing access controls, perimeter reviews, location reviews, alarm response testing. Request testing, guided suggestions, trust testing. Social engineering concepts, techniques, counter measures, Identity theft, Impersonation on social media, Footprints through social engineering Reconnaissance (discovery) Footprinting methodologies, concepts, threats and countermeasures, WHOIS footprinting, Gaining contacts and addresses, DNS queries, NIC queries, ICMP ping sweeping, system and server trails from the target network, information leaks, competitive intelligence. Scanning pen testing. Gaining access Getting past passwords, password grinding, spoofed tokens, replays, remaining anonymous. Scanning (enumeration) Gaining OS info, platform info, open port info, application info. Routes used, proxies, firewalking, Port scanning, stealth port scanning, vulnerability scanning, FIN scanning, Xmas tree scanning, Null scanning, spoofed scanning, Scanning beyond IDS. Enumeration concepts, counter measures and enumeration pen testing. Hacking Hacking webservers, web applications, Wireless networks and mobile platforms. Concepts, threats, methodology, hacking tools and countermeasures. Trojan, Backdoors, Sniffers, Viruses and Worms Detection, concepts, countermeasures, Pen testing Trojans, backdoors, sniffers and viruses. MAC attacks, DHCP attacks, ARP poisoning, DNS poisoning Anti-Trojan software, Malware analysis Sniffing tools. Exploiting (testing) vulnerabilities Buffer overflows,, simple exploits, brute force methods, UNIX based, Windows based, specific application vulnerabilities. DoS/DDoS Concepts, techniques, attack tools, Botnet, countermeasures, protection tools, DoS attack pen testing. SQL Injection Types and testing, Blind SQL Injection, Injection tools, evasion and countermeasures. Securing networks 'Hurdles', firewalls, DMZ, stopping port scans, IDS, Honeypots, Router testing, firewall testing, IDS testing, Buffer Overflow. Cryptography PKI, Encryption algorithms, tools, Email and Disk Encryption. Information security Document grinding, privacy.
Overview The course helps you attain the skills in managing VIPs and Public Relations. It enables participants to discuss a large diversity of encounters, characters, everyday situations, conversations, and sometimes some rough events as well.
Advanced Ethernet switching training course description An advanced hands on switching course for those already familiar with the basics such as STP and VLANs. The course starts with advanced diagnostics and network monitoring moving onto switch protocols. A large part of the second day is spent implementing QoS and security such as 802.1x. What will you learn Troubleshoot switching. Explain how a number of switch protocols work, including: UDLD LLDP LACP DTP VTP/MVRP Design redundancy into switched networks. Implement QoS on switches. Harden switches. Advanced Ethernet switching training course details Who will benefit: Technical staff working with Ethernet switches. Prerequisites: None Duration 2 days Advanced Ethernet switching training course contents Switches Switch review, troubleshooting, diagnostics, L2 traceroute, UDLD, message logging, Wireshark, port mirroring, Hands on: Troubleshooting. Network management SNMP, SNMPv3, RMON, Netflow, Sflow. System logging. Hands on: Managing switches with SNMP. Syslogd. Switches and automatic configuration Auto-MDIX, LLDP, CDP, Link aggregation, LACP, Link state tracking, VLANS and tags, DTP. Hands on: Discovery, dynamic configuration. RSTP 802.1w, new port roles and states, new BPDUs, rapid convergence, topology changes, compatibility issues. L3 redundancy, VRRP, GLBP. Design issues. Hands on: RSTP, VRRP. VLANS: Registration protocols Why VTP? VTP modes, how VTP works, VTP pruning. GVRP, MVRP. Hands on: Dynamic VLANs STP variations and alternatives 802.1s (multiple spanning tree), regions, rings, L2MP, TRILL. Hands on: 802.1s Multicasting What is multicasting, Static configuration, IGMP snooping, CGMP, MVR. IPv6 MLD snooping. Hands on: Multicast through switches QoS Storm control, DSCP, 802.1Q, 802.1p, mapping, classification, policy, Ingress queues, Egress queues. Dropping frames, limiting bandwidth. Hands on: Voice through switches. More VLANS Native VLANs, Voice VLANs Security Static MAC addresses, AAA, RADIUS, Port based authentication, 802.1x, Guest VLANs, L2 attacks, SSH, HTTPS. Hands on: Hardening switches. Miscellaneous NTP, managing the MAC address table, managing system resources, SDN
Advanced Junos Security training course description This course provides students with intermediate routing knowledge and configuration examples. The course includes an overview of protocol-independent routing features, load balancing and filter-based forwarding, OSPF, BGP, IP tunneling, and high availability (HA) features. Junos Intermediate Routing (JIR) is an intermediate-level course. What will you learn Demonstrate the understanding of integrated user firewall. Implement next generation Layer 2 security features. Implement virtual routing instances in a security setting. Utilize Junos tools for troubleshooting Junos security implementations. Implement IPS policy. Advanced Junos Security training course details Who will benefit: Individuals responsible for implementing, monitoring, and troubleshooting Junos security components. Prerequisites: Intro to the Junos Operating System Duration 5 days Advanced Junos Security training course contents Junos Layer 2 Packet Handling and Security Features Transparent Mode Security Secure Wire Layer 2 Next Generation Ethernet Switching MACsec Lab 2 Implementing Layer 2 Security Virtualization Virtualization Overview Routing Instances Logical Systems Lab 3 Implementing Junos Virtual Routing AppSecure Theory AppSecure Overview AppID Overview AppID Techniques Application System Cache Custom Application Signatures AppSecure Implementation AppTrack AppFW AppQoS APBR SSL Proxy Lab 4 Implementing AppSecure Working with Log Director Log Director Overview Log Director Components Installing and setting up Log Director Clustering with the Log Concentrator VM Administrating Log Director Lab 5 Deploying Log Director Sky ATP Theory Sky ATP Overview Monitoring Sky ATP Analysis and Detection of Malware Sky ATP Implementation Configuring Sky ATP Installing Sky ATP Analysis and detection of Malware Infected Host Case Study Lab 6 Instructor Led Sky ATP Demo Implementing UTM UTM Overview AntiSpam AntiVirus Content and Web Filtering Lab 7 Implementing UTM Introduction to IPS IPS Overview Network Asset Protection Intrusion Attack Methods Intrusion Prevention Systems IPS Inspection Walkthrough IPS Policy and Configuration SRX IPS Requirements IPS Operation Modes Basic IPS Policy Review IPS Rulebase Operations Lab 8 Implementing Basic IPS Policy SDSN SDSN Overview, Components & Configuration Policy Enforcer Troubleshooting SDSN Use Cases Lab 9 Implementing SDSN Enforcement, Monitoring, and Reporting User Role Firewall and Integrated User Firewall Overview User Role Firewall Implementation Monitoring User Role Firewall Integrated User Firewall Implementation Monitoring Integrated User Firewall Lab 10 Configure User Role Firewall and Integrated User Firewall Troubleshooting Junos Security Troubleshooting Methodology Troubleshooting Tools Identifying IPsec Issues Lab 11 Performing Security Troubleshooting Techniques Appendix A: SRX Series Hardware and Interfaces Branch SRX Platform Overview High End SRX Platform Overview SRX Traffic Flow and Distribution SRX Interfaces
Securing UNIX systems training course description This course teaches you everything you need to know to build a safe Linux environment. The first section handles cryptography and authentication with certificates, openssl, mod_ssl, DNSSEC and filesystem encryption. Then Host security and hardening is covered with intrusion detection, and also user management and authentication. Filesystem Access control is then covered. Finally network security is covered with network hardening, packet filtering and VPNs. What will you learn Secure UNIX accounts. Secure UNIX file systems. Secure UNIX access through the network. Securing UNIX systems course details Who will benefit: Linux technical staff needing to secure their systems. Prerequisites: Linux system administration (LPIC-1) Duration 5 days Securing UNIX systems course contents Cryptography Certificates and Public Key Infrastructures X.509 certificates, lifecycle, fields and certificate extensions. Trust chains and PKI. openssl. Public and private keys. Certification authority. Manage server and client certificates. Revoke certificates and CAs. Encryption, signing and authentication SSL, TLS, protocol versions. Transport layer security threats, e.g. MITM. Apache HTTPD with mod_ssl for HTTPS service, including SNI and HSTS. HTTPD with mod_ssl to authenticate users using certificates. HTTPD with mod_ssl to provide OCSP stapling. Use OpenSSL for SSL/TLS client and server tests. Encrypted File Systems Block device and file system encryption. dm-crypt with LUKS to encrypt block devices. eCryptfs to encrypt file systems, including home directories and, PAM integration, plain dm-crypt and EncFS. DNS and cryptography DNSSEC and DANE. BIND as an authoritative name server serving DNSSEC secured zones. BIND as an recursive name server that performs DNSSEC validation, KSK, ZSK, Key Tag, Key generation, key storage, key management and key rollover, Maintenance and resigning of zones, Use DANE. TSIG. Host Security Host Hardening BIOS and boot loader (GRUB 2) security. Disable useless software and services, sysctl for security related kernel configuration, particularly ASLR, Exec-Shield and IP / ICMP configuration, Exec-Shield and IP / ICMP configuration, Limit resource usage. Work with chroot environments, Security advantages of virtualization. Host Intrusion Detection The Linux Audit system, chkrootkit, rkhunter, including updates, Linux Malware Detect, Automate host scans using cron, AIDE, including rule management, OpenSCAP. User Management and Authentication NSS and PAM, Enforce password policies. Lock accounts automatically after failed login attempts, SSSD, Configure NSS and PAM for use with SSSD, SSSD authentication against Active Directory, IPA, LDAP, Kerberos and local domains, Kerberos and local domains, Kerberos tickets. FreeIPA Installation and Samba Integration FreeIPA, architecture and components. Install and manage a FreeIPA server and domain, Active Directory replication and Kerberos cross-realm trusts, sudo, autofs, SSH and SELinux integration in FreeIPA. Access Control Discretionary Access Control File ownership and permissions, SUID, SGID. Access control lists, extended attributes and attribute classes. Mandatory Access Control TE, RBAC, MAC, DAC. SELinux, AppArmor and Smack. etwork File Systems NFSv4 security issues and improvements, NFSv4 server and clients, NFSv4 authentication mechanisms (LIPKEY, SPKM, Kerberos), NFSv4 pseudo file system, NFSv4 ACLs. CIFS clients, CIFS Unix Extensions, CIFS security modes (NTLM, Kerberos), mapping and handling of CIFS ACLs and SIDs in a Linux system. Network Security Network Hardening FreeRADIUS, nmap, scan methods. Wireshark, filters and statistics. Rogue router advertisements and DHCP messages. Network Intrusion Detection ntop, Cacti, bandwidth usage monitoring, Snort, rule management, OpenVAS, NASL. Packet Filtering Firewall architectures, DMZ, netfilter, iptables and ip6tables, standard modules, tests and targets. IPv4 and IPv6 packet filtering. Connection tracking, NAT. IP sets and netfilter rules, nftables and nft. ebtables. conntrackd Virtual Private Networks OpenVPN server and clients for both bridged and routed VPN networks. IPsec server and clients for routed VPN networks using IPsec-Tools / racoon. L2TP.
Overview The course curriculum covers human resource planning; recruitment and selection; employee training and development; employee health and safety etc. Based on the fact that knowledge is the gateway to engagement, the 'HR Management course' is designed to build participants' awareness and knowledge of the major functions that make up a modern HR department.
Overview This course is designed to support the governments, public sector, state-owned enterprises and other entities to strategically understand how to plan the asset management and worth of their physical assets like buildings, infrastructure, transportation etc. The course will also highlight how the public sector can improve asset performance, reduce costs and increase returns generated from the assets by using well-planned asset management tools and techniques.
Overview This course will give you a whole tour of how to enhance your skills as a UI/UX Design using Adobe. It is very important to master the basics of web and visual design because that is important for UI design eg designing buttons, typography, drop shadow etc. With having a good foundation in visual and web design become an essential key to become a skilled UI/UX Designer.
Overview Cyber Security plays an important role in every business as it encompasses everything that relates to protecting sensitive data, personal information, intellectual property, data, and governmental and industry information systems from theft and damage attempted by criminals and adversaries. This course is designed to understand and gain practical skills to plan, deliver and monitor IT/cyber security to internal and external clients understanding a complete, knowledge in the areas of IT policies, Security-Operational-Run-Book, security/penetration testing, ethical hacking and black hat hacking including understanding the basics of Kali Operating System and its tools and techniques. It will also cover WiFi security, Website security, human factors, cyber forensics, and cyber security team management, including all other areas in relation to Cyber Security.
Overview This Compliance and Risk Management Course is designed for anyone looking for a pathway into this profession and wanting to develop their industry knowledge and skills. It covers the role of the Compliance Officer and compliance department in detail, with step-by-step training in compliance auditing and risk management. This Compliance and Risk Management Training Course will equip you with the fundamental skills needed to identify and manage regulatory risk in your organization, taking you through key topics such as how to implement an efficient Compliance Management System, ethics and compliance, risk types and classifications, and how to design a solid risk management strategy. By the end of this Compliance and Risk Management Training Course, you'll have an excellent understanding of core compliance issues, as well as how to promote a positive compliance culture for your organization, which will give you a head start when it comes to standing out in the relevant job market.