1597 Courses in Edinburgh

Cyber security training course description This cyber security course focusses on the network side of security. Technologies rather than specific products are studied focussing around the protection of networks using firewalls and VPNs. What will you learn Describe: - Basic security attacks - RADIUS - SSL - VPNs Deploy firewalls and secure networks Explain how the various technologies involved in an IP VPN work. Describe and implement: - L2TP - IPsec - SSL - MPLS, L3, VPNs. Cyber security training course details Who will benefit: Anyone working in the security field. Prerequisites: TCP/IP foundation for engineers Duration 5 days Cyber security training course contents Security review Denial of service, DDOS, data manipulation, data theft, data destruction, security checklists, incident response. Security exploits IP spoofing, SYN attacks, hijacking, reflectors and amplification, keeping up to date with new threats. Hands on port scanning, use a 'hacking' tool. Client and Server security Windows, Linux, Log files, syslogd, accounts, data security. Hands on Server hardening. Firewall introduction What is a firewall? Firewall benefits, concepts. HAnds on launching various attacks on a target. Firewall types Packet filtering, SPI, Proxy, Personal. Software firewalls, hardware firewalls. Firewall products. Hands on Simple personal firewall configuration. Packet filtering firewalls Things to filter in the IP header, stateless vs. stateful filtering. ACLs. Advantages of packet filtering. Hands on Configuring packet filtering firewalls. Stateful packet filtering Stateful algorithms, packet-by-packet inspection, application content filtering, tracks, special handling (fragments, IP options), sessions with TCP and UDP. Firewall hacking detection: SYN attacks, SSL, SSH interception. Hands on SPI firewalls. Proxy firewalls Circuit level, application level, SOCKS. Proxy firewall plusses and minuses. Hands on Proxy firewalls. Firewall architectures Small office, enterprise, service provider, what is a DMZ? DMZ architectures, bastion hosts, multi DMZ. Virtual firewalls, transparent firewalls. Dual firewall design, high availability, load balancing, VRRP. Hands on Resilient firewall architecture. Testing firewalls Configuration checklist, testing procedure, monitoring firewalls, logging, syslog. Hands on Testing firewalls. Encryption Encryption keys, Encryption strengths, Secret key vs Public key, algorithms, systems, SSL, SSH, Public Key Infrastructures. Hands on Password cracking. Authentication Types of authentication, Securid, Biometrics, PGP, Digital certificates, X.509 v3, Certificate authorities, CRLs, RADIUS. Hands on Using certificates. VPN overview What is a VPN? What is an IP VPN? VPNs vs. Private Data Networks, Internet VPNs, Intranet VPNs, Remote access VPNs, Site to site VPNs, VPN benefits and disadvantages. VPN Tunnelling VPN components, VPN tunnels, tunnel sources, tunnel end points, tunnelling topologies, tunnelling protocols, which tunnelling protocol? Requirements of tunnels. L2TP Overview, components, how it works, security, packet authentication, L2TP/IPsec, L2TP/PPP, L2 vs L3 tunnelling. Hands on Implementing a L2TP tunnel. IPsec AH, HMAC, ESP, transport and tunnel modes, Security Association, encryption and authentication algorithms, manual vs automated key exchange, NAT and other issues. Hands on Implementing an IPsec VPN. SSL VPNs Layer 4 VPNs, advantages, disadvantages. SSL. TLS. TLS negotiation, TLS authentication. TLS and certificates. Hands on Implementing a SSL VPN. MPLS VPNs Introduction to MPLS, why use MPLS, Headers, architecture, label switching, LDP, MPLS VPNs, L2 versus L3 VPNs. Point to point versus multipoint MPLS VPNs. MBGP and VRFs and their use in MPLS VPNs. Hands on Implementing a MPLS L3 VPN. Penetration testing Hacking webservers, web applications, Wireless networks and mobile platforms. Concepts, threats, methodology. Hands on Hacking tools and countermeasures.

Securing Linux systems training course description This course teaches you everything you need to know to build a safe Linux environment. The first section handles cryptography and authentication with certificates, openssl, mod_ssl, DNSSEC and filesystem encryption. Then Host security and hardening is covered with intrusion detection, and also user management and authentication. Filesystem Access control is then covered. Finally network security is covered with network hardening, packet filtering and VPNs. What will you learn Secure Linux accounts. Secure Linux file systems. Secure Linux access through the network. Securing Linux systems training course details Who will benefit: Linux technical staff needing to secure their systems. Prerequisites: Linux system administration (LPIC-1) Duration 5 days Securing Linux systems training course contents Cryptography Certificates and Public Key Infrastructures X.509 certificates, lifecycle, fields and certificate extensions. Trust chains and PKI. openssl. Public and private keys. Certification authority. Manage server and client certificates. Revoke certificates and CAs. Encryption, signing and authentication SSL, TLS, protocol versions. Transport layer security threats, e.g. MITM. Apache HTTPD with mod_ssl for HTTPS service, including SNI and HSTS. HTTPD with mod_ssl to authenticate users using certificates. HTTPD with mod_ssl to provide OCSP stapling. Use OpenSSL for SSL/TLS client and server tests. Encrypted File Systems Block device and file system encryption. dm-crypt with LUKS to encrypt block devices. eCryptfs to encrypt file systems, including home directories and, PAM integration, plain dm-crypt and EncFS. DNS and cryptography DNSSEC and DANE. BIND as an authoritative name server serving DNSSEC secured zones. BIND as an recursive name server that performs DNSSEC validation, KSK, ZSK, Key Tag, Key generation, key storage, key management and key rollover, Maintenance and resigning of zones, Use DANE. TSIG. Host Security Host Hardening BIOS and boot loader (GRUB 2) security. Disable useless software and services, sysctl for security related kernel configuration, particularly ASLR, Exec-Shield and IP / ICMP configuration, Exec-Shield and IP / ICMP configuration, Limit resource usage. Work with chroot environments, Security advantages of virtualization. Host Intrusion Detection The Linux Audit system, chkrootkit, rkhunter, including updates, Linux Malware Detect, Automate host scans using cron, AIDE, including rule management, OpenSCAP. User Management and Authentication NSS and PAM, Enforce password policies. Lock accounts automatically after failed login attempts, SSSD, Configure NSS and PAM for use with SSSD, SSSD authentication against Active Directory, IPA, LDAP, Kerberos and local domains, Kerberos and local domains, Kerberos tickets. FreeIPA Installation and Samba Integration FreeIPA, architecture and components. Install and manage a FreeIPA server and domain, Active Directory replication and Kerberos cross-realm trusts, sudo, autofs, SSH and SELinux integration in FreeIPA. Access Control Discretionary Access Control File ownership and permissions, SUID, SGID. Access control lists, extended attributes and attribute classes. Mandatory Access Control TE, RBAC, MAC, DAC. SELinux, AppArmor and Smack. etwork File Systems NFSv4 security issues and improvements, NFSv4 server and clients, NFSv4 authentication mechanisms (LIPKEY, SPKM, Kerberos), NFSv4 pseudo file system, NFSv4 ACLs. CIFS clients, CIFS Unix Extensions, CIFS security modes (NTLM, Kerberos), mapping and handling of CIFS ACLs and SIDs in a Linux system. Network Security Network Hardening FreeRADIUS, nmap, scan methods. Wireshark, filters and statistics. Rogue router advertisements and DHCP messages. Network Intrusion Detection ntop, Cacti, bandwidth usage monitoring, Snort, rule management, OpenVAS, NASL. Packet Filtering Firewall architectures, DMZ, netfilter, iptables and ip6tables, standard modules, tests and targets. IPv4 and IPv6 packet filtering. Connection tracking, NAT. IP sets and netfilter rules, nftables and nft. ebtables. conntrackd Virtual Private Networks OpenVPN server and clients for both bridged and routed VPN networks. IPsec server and clients for routed VPN networks using IPsec-Tools / racoon. L2TP.

Overview By the end of this Fundamentals of Transfer Pricing Strategies training course, participants will be able to: Acquire basic technical knowledge of transfer pricing Appreciate the importance of the arm's length principle Identify the different stages of a typical transfer pricing analysis Developing a high-level appreciation of the transfer pricing including tax areas and opportunities for multinationals Analyze the current transfer pricing legislative framework Be updated on recent developments in transfer pricing

Learners will be introduced to the design, installation, commissioning, and maintenance of CCTV systems.

Facilitation Skills for Business Analysts: In-House Training This course is part of IIL's Business Analysis Certificate Program (BACP), a program designed to help prepare individuals pass the IIBA® Certification exam to become a Certified Business Analysis Professional (CBAP™). Business analysts are communicators who bridge the gap between people with business needs and knowledge and the people who will provide solutions. Business analysts are continuously involved in communications with stakeholders and developers as they create the solution to business problems. They participate in information-gathering sessions including interviewing, joint requirements definition, and Joint Application Design (JAD) workshops which are used to streamline information gathering and get immediate validation from user representatives. The business analyst is also involved with negotiating the solution with the stakeholders, upper-level management, and the developers, mediating among the groups when disagreements take place, and influencing the results of decisions during the solution cycle. This course teaches the methods needed to organize and run information-gathering events. It combines the basics of graphic decision making and modeling with facilitation, communication, and meeting management skills. What you will Learn At the end of this program, you will be able to: Identify the major touch points between key BABOK® Guide knowledge areas and business analysis communication Describe the facilitation skills that are most supportive of those intersections Improve your ability to apply these skills in the context of your business analyst functions Foundation Concepts The role of the Business analyst (BA) An Introduction to the BABOK® Guide Business analyst roles and the product / project life cycle (PLC) Facilitation skills for the business analyst The BABOK® Guide and Communication An introduction to the communication process Addressing basic communications challenges Planning business analysis communication Communication and BABOK® Guide tasks Targeted Elicitation Techniques Synergy between communication and targeted elicitation techniques Preparing for elicitation Cornerstone targeted technique: interviews Other targeted elicitation techniques Related general communication skills Group Elicitation Techniques Synergy between requirements communication and group elicitation techniques Cornerstone group elicitation technique - requirements workshops Other group elicitation techniques Related general communication skills - meeting management best practices Related general communication skills - facilitating best practices Process / Model-Based Elicitation Techniques Synergy between requirements communication and process / model-based elicitation techniques Process / model-based elicitation techniques Related interpersonal skills - problem solving and decision making Investigative Elicitation Techniques Synergy between requirements communication and investigative elicitation techniques Cornerstone investigative elicitation technique - document analysis Other investigative elicitation techniques Summary of elicitation techniques by usage in the requirements process Using Presentations, Structured Walkthroughs, and Influencing Structured walkthroughs, presentations, and influencing within BABOK® Guide tasks Cornerstone technique - structured walkthroughs General communication skill - presenting Related interpersonal skill - influencing Special Facilitation Skills - Negotiating and Mediating Negotiating Mediating

Management of Risk (M_o_R®) Practitioner: In-House Training The M_o_R® Practitioner course has been designed to provide learners with the opportunity to practice the practical application of the M_o_R method and covers the twelve M_o_R principles: Approach, Process and the basic techniques essential to managing risks using the M_o_R guidance. The purpose of the M_o_R Practitioner qualification is to confirm that the learner has achieved sufficient understanding of how to apply and tailor M_o_R in a scenario situation. What you will Learn At the end of the M_o_R Practitioner course, learners will gain competencies in: M_o_R framework (principles, approach based on risk documentation, process steps, and embedding and reviewing M_o_R principles Outline of M_o_R approach documents (including policy, process guide, and risk communications plan) Risk identification, assessment, and control Embedding and reviewing M_o_R M_o_R organizational perspectives (strategic, program, project, operational) Benefits The M_o_R Practitioner course offers a wide-ranging set of guidelines that will help in the management of risk in a project or program environment. It will help prepare learners for the M_o_R Practitioner Exam. They will feel more confident in approaching risk management after attending the course and will be aware of the use of different techniques that can assist in this task, including: Improved basis for effective strategy formation Reduced time spent fire-fighting and fewer unwelcome surprises Increased likelihood of successful change initiative outcomes Closer internal focus on doing the right things properly Increase in efficient use of resources waste and fraud Better management of contingency resources M_o_R roles and responsibilities M_o_R health check M_o_R maturity model Risk specialisms (including business continuity management) Introduction Introduction to the course What is a risk? What is risk management? Why is risk management so important? Basic risk definitions The development of knowledge about risk management Corporate governance and internal control Where and when should risk management be applied? M_o_R Principles The purpose of M_o_R principles Aligns with objectives Fits the context Engages stakeholders Provides clear guidance Informs decision-making Facilitates continual improvement Creates a supportive culture Achieves measurable value Risk management maturity models M_o_R Approach Relationship between the documents Risk management policy Risk management process guide Risk management strategy Risk register Issue register Risk response plan Risk improvement plan Risk communications plan M_o_R Process Common process barriers Identify - contexts Identify - the risks Assess - estimate Assess - evaluate Plan Implement Communication throughout the process M_o_R Perspectives Strategic perspective Programme perspective Project perspective Operational perspective Risk Specialisms Business continuity management Incident and crisis management Health and Safety management Financial risk management Environmental risk management Reputational risk management Contract risk management

Overview An ineffective audit can mean severe consequences; resulting in process failure, customer dissatisfaction and regulatory noncompliance. Optimize your generic auditing skills with this Internal Auditing training course not aimed at any specific ISO management systems standard or Process. Boost your internal audit capabilities by gaining confidence in planning and performing an effective audit and reporting and taking corrective action where necessary. This course develops the necessary skills to assess and report on the conformance and implementation of processes based on management systems. You'll learn how to initiate an audit, prepare and conduct audit activities, compile and distribute audit reports and complete follow-up activities

Overview Many hospitals and clinics will use a smile, “customer service” and good intentions to hide the fact they have poor or no training in service and professional staff about the different care that medical tourists or expat local patients need. At the heart of appropriate care for medical travellers is a need for institutional awareness of the unique differences between local patients and medical tourists. Having a better understanding of what medical tourists, their care managers and home-based doctors expect from the receiving hospital or clinic at the medical destination will lead to a better quality of patient care for medical travellers.

About this Virtual Instructor Led Training (VILT) Preventive and Predictive maintenance are not new concepts. Both have been used across industry all over the world and when done properly, can yield impressive results (cost reductions of 20% or greater and a leap forward in equipment reliability and performance are very achievable). However, for every company using these concepts effectively, there are many others who are not. This 8 half-day Virtual Instructor Led Training (VILT) course has been derived from the Plant Performance Improvement Road Map developed by practitioners that guarantee the reliability of your operations. The VILT training focuses on how to improve profitability of any business by identifying the right maintenance strategy for any equipment. The aim of the VILT training is to help practitioners run programmes that will deliver real benefits as fast as possible with minimum zero wasted effort. The VILT training will also cover the core principles of Reliability Centred Maintenance, Total Productive Maintenance and Six Sigma and the increasingly important role of operations in achieving optimised asset performance. This is a certified course with the option of sitting for a short exam on the final day of the course to give participants the opportunity to gain a Certificate from petroEDGE and the Carcharodon Maintenance Academy. Training Objectives Master the critical skills by acquiring the following: An understanding of how maintenance can add profit The ability to develop improvement programmes that deliver maximum benefit in the shortest time A fundamental understanding of the principles of Preventive, Predictive and other maintenance types A practical understanding of the latest methods of solving problems at root cause level An appreciation of maintenance methodologies such as Reliability Centred Maintenance Strategies for ensuring your company gets value for money from your Contractors How to use the Maintenance Model of Excellence and Plant Performance Improvement Road Map Target Audience This VILT course has been designed for maintenance managers and engineers, reliability professionals, planners, project engineers, operations team members, and functional specialists. Training Methods The VILT course will be delivered online in 8 half-day sessions comprising 4 hours per day, with 2 breaks of 10 minutes per day. Course Duration: 8 half-day sessions, 4 hours per session (32 hours in total). Trainer Your expert course leader is an award-winning consultant and trainer with 30 years' experience in maintenance and reliability improvement. He has worked across five continents, in a wide variety of environments from the world's largest oil refinery to a small drinks production line. He has 10 years of maintenance management experience in the process industry, so he brings a very practical approach to training. He moved into consulting with ABB Eutech as their global maintenance specialist where he led maintenance and reliability best practice panels, delivered a wide range of maintenance improvement projects and trained other consultants. He is a fully qualified CMRP professional, an approved SMRP* Proctor, authorised to conduct CMRP exams and a globally respected maintenance consultant and best practice trainer. He founded his consultancy and training business in 2002 to focus on maintenance and reliability improvement. As part of this, he developed a range of maintenance 'models of excellence' with inputs from authors, international lecturers and some of the world's leading consultants and operators. His work has been recognised as being at the leading edge of industry best practice, winning independent awards such as the UK Chemical Industries Association 'Excellence in Engineering' award. He remains close to the industry as a respected specialist helping operating companies to achieve changes in performance. This ongoing field work enables him to continue to refine and extend best practice and the learning from this is continually fed into his training. His unique experience of facilitating two major turnarounds when the Coronavirus escalated into lockdown have given him a unique insight into how events of this type can disrupt maintenance. Moreover, his involvement in developing management processes and leading a Coronavirus response on a major industrial asset means he can talk with direct experience about how to cope and innovate in this global pandemic. *SMRP refers to Society of Maintenance and Reliability Professionals. PetroEdge is not affiliated with SMRP POST TRAINING COACHING SUPPORT (OPTIONAL) To further optimise your learning experience from our courses, we also offer individualized 'One to One' coaching support for 2 hours post training. We can help improve your competence in your chosen area of interest, based on your learning needs and available hours. This is a great opportunity to improve your capability and confidence in a particular area of expertise. It will be delivered over a secure video conference call by one of our senior trainers. They will work with you to create a tailor-made coaching program that will help you achieve your goals faster. Request for further information about post training coaching support and fees applicable for this. Accreditions And Affliations

Security+ training course description A hands on course aimed at getting delegates successfully through the CompTia Security+ examination. What will you learn Explain general security concepts. Describe the security concepts in communications. Describe how to secure an infrastructure. Recognise the role of cryptography. Describe operational/organisational security. Security+ training course details Who will benefit: Those wishing to pass the Security+ exam. Prerequisites: TCP/IP foundation for engineers Duration 5 days Security+ training course contents General security concepts Non-essential services and protocols. Access control: MAC, DAC, RBAC. Security attacks: DOS, DDOS, back doors, spoofing, man in the middle, replay, hijacking, weak keys, social engineering, mathematical, password guessing, brute force, dictionary, software exploitation. Authentication: Kerberos, CHAP, certificates, usernames/ passwords, tokens, biometrics. Malicious code: Viruses, trojan horses, logic bombs, worms. Auditing, logging, scanning. Communication security Remote access: 802.1x, VPNs, L2TP, PPTP, IPsec, RADIUS, TACACS, SSH. Email: S/MIME, PGP, spam, hoaxes. Internet: SSL, TLS, HTTPS, IM, packet sniffing, privacy, Javascript, ActiveX, buffer overflows, cookies, signed applets, CGI, SMTP relay. LDAP. sftp, anon ftp, file sharing, sniffing, 8.3 names. Wireless: WTLS, 802.11, 802.11x, WEP/WAP. Infrastructure security Firewalls, routers, switches, wireless, modems, RAS, PBX, VPN, IDS, networking monitoring, workstations, servers, mobile devices. Media security: Coax, UTP, STP, fibre. Removable media. Topologies: Security zones, DMZ, Intranet, Extranet, VLANs, NAT, Tunnelling. IDS: Active/ passive, network/host based, honey pots, incident response. Security baselines: Hardening OS/NOS, networks and applications. Cryptography basics Integrity, confidentiality, access control, authentication, non-repudiation. Standards and protocols. Hashing, symmetric, asymmetric. PKI: Certificates, policies, practice statements, revocation, trust models. Key management and certificate lifecycles. Storage: h/w, s/w, private key protection. Escrow, expiration, revocation, suspension, recovery, destruction, key usage. Operational/Organisation security Physical security: Access control, social engineering, environment. Disaster recovery: Backups, secure disaster recovery plans. Business continuity: Utilities, high availability, backups. Security policies: AU, due care, privacy, separation of duties, need to know, password management, SLAs, disposal, destruction, HR policies. Incident response policy. Privilege management: Users, groups, roles, single sign on, centralised/decentralised. Auditing. Forensics: Chain of custody, preserving and collecting evidence. Identifying risks: Assets, risks, threats, vulnerabilities. Role of education/training. Security documentation.