35 Courses in Edinburgh

CWSP training course description A hands-on training course concentrating solely on WiFi security with an emphasis on the delegates learning the necessary knowledge and skills to pass the CWSP exam. The course progresses from simple authentication, encryption and key management onto in depth coverage of 802.X and EAP along with many other security solutions such as access control, intrusion prevention and secure roaming. What will you learn Demonstrate the threats to WiFi networks. Secure WiFi networks. Configure: WPA2 RADIUS 802.1x EAP Pass the CWSP exam. CWSP training course details Who will benefit: Technical network staff. Technical security staff. Prerequisites: Certified Wireless Network Associate. Duration 5 days CWSP training course contents WLAN Security overview Standards, security basics, AAA, 802.11 security history. Hands on WLAN connectivity. Legacy 802.11 security Authentication: Open system, shared key. WEP. VPNs. MAC filters. SSID segmentation, SSID cloaking. Hands on Analysing 802.11 frame exchanges, viewing hidden SSIDs. Encryption Basics, AES, TKIP, CCMP, WPA, WPA2. Hands on Decrypting 802.11 data frames. 802.11 layer 2 authentication 802.1X: Supplicant, Authenticator, Authentication server. Credentials. Legacy authentication. EAP, Weak EAP protocols, Strong EAP protocols: EAP -PEAP, EAP-TTLS, EAP-TLS, EAP-FAST. Hands on Analysing 802.1X/EAP frames. 802.11 layer 2 dynamic key generation Robust Security Network. Hands on Authentication and key management. SOHO 802.11 security WPA/WPA2 personal, Preshared Keys, WiFi Protected Setup (WPS). Hands on PSK mapping. WLAN security infrastructure DS, Autonomous APs, WLAN controllers, split MAC, mesh, bridging, location based access control. Resilience. Wireless network management system. RADIUS/LDAP servers, PKI, RBAC. Hands on 802.1X/EAP configuration. RADIUS configuration. 802.11 Fast secure roaming History, RSNA, OKC, Fast BSS transition, 802.11k. Hands on Roaming. Wireless security risks Rogue devices, rogue prevention. Eavesdropping, DOS attacks. Public access and hotspots. Hands on Backtrack. WiFi security auditing Layer 1 audit, layer 2 audit, pen testing. WLAN security auditing tools. WiFi security monitoring Wireless Intrusion Detection and Prevention Systems. Device classification, WIDS/WIPS analysis. Monitoring. 802.11w. Hands on Laptop spectrum analysers. VPNs, remote access, guest access Role of VPNs in 802.11, remote access, hotspots, captive portal. Wireless security policies General policy, functional policy, recommendations.

Security+ training course description A hands on course aimed at getting delegates successfully through the CompTia Security+ examination. What will you learn Explain general security concepts. Describe the security concepts in communications. Describe how to secure an infrastructure. Recognise the role of cryptography. Describe operational/organisational security. Security+ training course details Who will benefit: Those wishing to pass the Security+ exam. Prerequisites: TCP/IP foundation for engineers Duration 5 days Security+ training course contents General security concepts Non-essential services and protocols. Access control: MAC, DAC, RBAC. Security attacks: DOS, DDOS, back doors, spoofing, man in the middle, replay, hijacking, weak keys, social engineering, mathematical, password guessing, brute force, dictionary, software exploitation. Authentication: Kerberos, CHAP, certificates, usernames/ passwords, tokens, biometrics. Malicious code: Viruses, trojan horses, logic bombs, worms. Auditing, logging, scanning. Communication security Remote access: 802.1x, VPNs, L2TP, PPTP, IPsec, RADIUS, TACACS, SSH. Email: S/MIME, PGP, spam, hoaxes. Internet: SSL, TLS, HTTPS, IM, packet sniffing, privacy, Javascript, ActiveX, buffer overflows, cookies, signed applets, CGI, SMTP relay. LDAP. sftp, anon ftp, file sharing, sniffing, 8.3 names. Wireless: WTLS, 802.11, 802.11x, WEP/WAP. Infrastructure security Firewalls, routers, switches, wireless, modems, RAS, PBX, VPN, IDS, networking monitoring, workstations, servers, mobile devices. Media security: Coax, UTP, STP, fibre. Removable media. Topologies: Security zones, DMZ, Intranet, Extranet, VLANs, NAT, Tunnelling. IDS: Active/ passive, network/host based, honey pots, incident response. Security baselines: Hardening OS/NOS, networks and applications. Cryptography basics Integrity, confidentiality, access control, authentication, non-repudiation. Standards and protocols. Hashing, symmetric, asymmetric. PKI: Certificates, policies, practice statements, revocation, trust models. Key management and certificate lifecycles. Storage: h/w, s/w, private key protection. Escrow, expiration, revocation, suspension, recovery, destruction, key usage. Operational/Organisation security Physical security: Access control, social engineering, environment. Disaster recovery: Backups, secure disaster recovery plans. Business continuity: Utilities, high availability, backups. Security policies: AU, due care, privacy, separation of duties, need to know, password management, SLAs, disposal, destruction, HR policies. Incident response policy. Privilege management: Users, groups, roles, single sign on, centralised/decentralised. Auditing. Forensics: Chain of custody, preserving and collecting evidence. Identifying risks: Assets, risks, threats, vulnerabilities. Role of education/training. Security documentation.

Overview This training course will empower you to recognize the root causes of fraud and white-collar crime in the current economy, understand the categories of fraud, equip you with methodologies of fraud detection and prevention, and heighten your ability to detect potential fraudulent situations. In addition to the fundamentals of fraud investigation and detection in a digital environment; profit-loss evaluation, analysis of accounting books, legal concepts, and quantification of financial damages are also examined in this course

Overview The effective management of finances is a fundamental function for any organisation but particularly so in the public sector. Governments, under the scrutiny of the citizens they represent, are increasingly under pressure to improve public services whilst at the same time identifying ways to cut spending and increase efficiency. This programme recognises these difficulties and ensures that participants leave the programme with a full understanding of effective financial management in the public sector - including budgeting systems, auditing, preparing financial statements and tracking expenditure. 

ISO 3834:2021 (Quality requirements for fusion welding of metallic materials) Lead Auditor” course provides comprehensive training for participants to be able to understand and audit each and every ISO 3834:2021 guidelines in ensuring orgnaisation compliance and continual improvement in the welding industry

Overview The development, monitoring, and continued improvement of a highly-integrated, internal audit function is essential for the continued financial success, stability, and growth of world-class business entities. A well-designed and effective internal audit system will provide verification and support that accounting and financial policies, procedures, and controls are working adequately and will spotlight any significant matters that need attention. 

Overview For internal employees who want to understand and expand their roles related to financial reporting, as well as those who simply need a refresher on financial accounting, this course is the ideal way to get up to speed. By exploring concepts that go beyond basic accounting, this course will enable participants to approach financial auditing with renewed confidence. The programme will walk participants through an analysis of an organization's financial statements using case study exercises, where participants will calculate key ratios and analyze trends over time. Engaging in discussions on both historic and current fraud cases, participants will learn how to recognize “red flags” in financial statement reporting.

Overview Corporate frauds have the inherent power to bring large organizations to their knees, cause huge monetary loss, prompt lawsuits followed by significant legal expenses, lead to the imprisonment of employees and deteriorate confidence in the market, governments, and institutions. In response, corporations and governments across the globe have stepped up their effort to inspect, prevent and penalize fraudulent practices; resulting in a greater emphasis on the domains of forensic auditing and accounting in the current economy. This training course will empower you to recognize the root causes of fraud and white-collar crime in the current economy, understand the categories of fraud, equip you with methodologies of fraud detection and prevention, and heighten your ability to detect potential fraudulent situations. In addition to the fundamentals of fraud investigation and detection in a digital environment; profit-loss evaluation, analysis of accounting books, legal concepts, and quantification of financial damages are also examined in this course

Overview This Compliance and Risk Management Course is designed for anyone looking for a pathway into this profession and wanting to develop their industry knowledge and skills. It covers the role of the Compliance Officer and compliance department in detail, with step-by-step training in compliance auditing and risk management. This Compliance and Risk Management Training Course will equip you with the fundamental skills needed to identify and manage regulatory risk in your organization, taking you through key topics such as how to implement an efficient Compliance Management System, ethics and compliance, risk types and classifications, and how to design a solid risk management strategy. By the end of this Compliance and Risk Management Training Course, you'll have an excellent understanding of core compliance issues, as well as how to promote a positive compliance culture for your organization, which will give you a head start when it comes to standing out in the relevant job market. 

Microsoft security training course description A hands on training course focusing on security in the Microsoft environment. The course progresses from patch management onto the use of Microsoft security tools. Then server, desktop and network security are studied in the Microsoft environment. What will you learn Use Microsoft security tools. Secure Microsoft servers. Secure Microsoft desktops. Secure Microsoft networks. Microsoft security training course details Who will benefit: Technical server support staff. Technical desktop support staff. Technical network staff. Technical security staff. Prerequisites: Supporting Windows server 2016 Networking Microsoft systems. Duration 3 days Microsoft security training course contents Introduction Security threats, Microsoft defaults, admin accounts, security patches, patch management, patch tools. Hands on: Studying Microsoft defaults, applying security patches. Microsoft security tools Microsoft updates, WSUS, Inventory tool, baseline security analyser, URLscan, EventCombMT, Cipher security tool, Port reporter, PortQry. Tools hackers use. Hands on: Using Microsoft security tools. Server security Checklists, core server security, AD, Member server security, Domain controller security, Specific roles. Hands on Hardening Microsoft servers, security templates. Active Directory Admin authority in AD, group policy, trust and authentication. Desktop security Checklists, core client security, anti virus software, anti spyware software, firewalls, securing clients with AD, securing clients with group policy, software restriction policies. Hands on Securing Microsoft desktops. Network security Checklist, IP security, VPNs, PKI, certificate authorities, RAS, RRAS, IAS. Hands on: VPN configuration, IAS configuration. Monitoring Auditing, authorisation and logons, tracking, system monitoring, detecting attacks. Hands on: Monitoring Microsoft systems. Summary Microsoft security response centre, security advisories.