Securing UNIX systems training course description This course teaches you everything you need to know to build a safe Linux environment. The first section handles cryptography and authentication with certificates, openssl, mod_ssl, DNSSEC and filesystem encryption. Then Host security and hardening is covered with intrusion detection, and also user management and authentication. Filesystem Access control is then covered. Finally network security is covered with network hardening, packet filtering and VPNs. What will you learn Secure UNIX accounts. Secure UNIX file systems. Secure UNIX access through the network. Securing UNIX systems course details Who will benefit: Linux technical staff needing to secure their systems. Prerequisites: Linux system administration (LPIC-1) Duration 5 days Securing UNIX systems course contents Cryptography Certificates and Public Key Infrastructures X.509 certificates, lifecycle, fields and certificate extensions. Trust chains and PKI. openssl. Public and private keys. Certification authority. Manage server and client certificates. Revoke certificates and CAs. Encryption, signing and authentication SSL, TLS, protocol versions. Transport layer security threats, e.g. MITM. Apache HTTPD with mod_ssl for HTTPS service, including SNI and HSTS. HTTPD with mod_ssl to authenticate users using certificates. HTTPD with mod_ssl to provide OCSP stapling. Use OpenSSL for SSL/TLS client and server tests. Encrypted File Systems Block device and file system encryption. dm-crypt with LUKS to encrypt block devices. eCryptfs to encrypt file systems, including home directories and, PAM integration, plain dm-crypt and EncFS. DNS and cryptography DNSSEC and DANE. BIND as an authoritative name server serving DNSSEC secured zones. BIND as an recursive name server that performs DNSSEC validation, KSK, ZSK, Key Tag, Key generation, key storage, key management and key rollover, Maintenance and resigning of zones, Use DANE. TSIG. Host Security Host Hardening BIOS and boot loader (GRUB 2) security. Disable useless software and services, sysctl for security related kernel configuration, particularly ASLR, Exec-Shield and IP / ICMP configuration, Exec-Shield and IP / ICMP configuration, Limit resource usage. Work with chroot environments, Security advantages of virtualization. Host Intrusion Detection The Linux Audit system, chkrootkit, rkhunter, including updates, Linux Malware Detect, Automate host scans using cron, AIDE, including rule management, OpenSCAP. User Management and Authentication NSS and PAM, Enforce password policies. Lock accounts automatically after failed login attempts, SSSD, Configure NSS and PAM for use with SSSD, SSSD authentication against Active Directory, IPA, LDAP, Kerberos and local domains, Kerberos and local domains, Kerberos tickets. FreeIPA Installation and Samba Integration FreeIPA, architecture and components. Install and manage a FreeIPA server and domain, Active Directory replication and Kerberos cross-realm trusts, sudo, autofs, SSH and SELinux integration in FreeIPA. Access Control Discretionary Access Control File ownership and permissions, SUID, SGID. Access control lists, extended attributes and attribute classes. Mandatory Access Control TE, RBAC, MAC, DAC. SELinux, AppArmor and Smack. etwork File Systems NFSv4 security issues and improvements, NFSv4 server and clients, NFSv4 authentication mechanisms (LIPKEY, SPKM, Kerberos), NFSv4 pseudo file system, NFSv4 ACLs. CIFS clients, CIFS Unix Extensions, CIFS security modes (NTLM, Kerberos), mapping and handling of CIFS ACLs and SIDs in a Linux system. Network Security Network Hardening FreeRADIUS, nmap, scan methods. Wireshark, filters and statistics. Rogue router advertisements and DHCP messages. Network Intrusion Detection ntop, Cacti, bandwidth usage monitoring, Snort, rule management, OpenVAS, NASL. Packet Filtering Firewall architectures, DMZ, netfilter, iptables and ip6tables, standard modules, tests and targets. IPv4 and IPv6 packet filtering. Connection tracking, NAT. IP sets and netfilter rules, nftables and nft. ebtables. conntrackd Virtual Private Networks OpenVPN server and clients for both bridged and routed VPN networks. IPsec server and clients for routed VPN networks using IPsec-Tools / racoon. L2TP.
About this Training Course The 3-day hands-on petroleum economics training course provides a comprehensive overview of the practices of exploration and development petroleum economics and its application in valuing oil and gas assets to aid corporate decisions. Participants will gain a thorough understanding of the principles of economic analysis as well as practical instruction in analytical techniques used in the industry. The participants will learn how to construct economic models, to include basic fiscal terms, production and cost profiles and project timing. The resulting model will provide insights of how the various inputs affect value. Example exercises will be used throughout the course. Training Objectives Upon completion of this course, participants will be able to: Understand and construct petroleum industry cash flow projections Calculate, understand and know how to apply economic indicators Learn and apply risk analysis to exploration and production investments Evaluate and model fiscal/PSC terms of countries worldwide Target Audience The following oil & gas company personnel will benefit from the knowledge shared in this course: Geologists Explorationists Reservoir Engineers Project Accountants Contract Negotiators Financial Analysts New Venture Planners Economists Course Level Basic or Foundation Intermediate Trainer Your expert trainer has over 40 years' experience as a petroleum economist in the upstream oil and gas industry. He has presented over 230 oil and gas industry short courses worldwide on petroleum economics, risk, production sharing contracts (PSC) and fiscal analysis. In over 120 international oil industry consulting assignments, he has advised companies and governments in the Asia Pacific region on petroleum PSC and fiscal terms. He has prepared many independent valuations of petroleum properties and companies for acquisition and sale, as well as economics research reports on the oil and gas industry and including commercial support for oil field operations and investments worldwide. He has been involved in projects on petroleum royalties, design of petroleum fiscal terms, divestment of petroleum assets, and economic evaluation of assets and discoveries since the early 1990s to date. He has been working on training, consultancy, research and also advisory works in many countries including USA, UK, Denmark, Switzerland, Australia, New Zealand, Indonesia, India, Iran, Malaysia, Thailand, Vietnam, Brunei, Egypt, Libya, and South Africa. POST TRAINING COACHING SUPPORT (OPTIONAL) To further optimise your learning experience from our courses, we also offer individualized 'One to One' coaching support for 2 hours post training. We can help improve your competence in your chosen area of interest, based on your learning needs and available hours. This is a great opportunity to improve your capability and confidence in a particular area of expertise. It will be delivered over a secure video conference call by one of our senior trainers. They will work with you to create a tailor-made coaching program that will help you achieve your goals faster. Request for further information post training support and fees applicable Accreditions And Affliations
Total NetFlow training course description A comprehensive hands on course covering NetFlow. The course starts with the basics of flows moving swiftly onto configuring NetFlow and studying the information it provides. What will you learn Describe NetFlow. Configure generators and collectors. Recognise how NetFlow can be used. Describe the issues in using NetFlow. Compare NetFlow with SNMP, RMON and sflow. Total NetFlow training course details Who will benefit: Technical staff working with NetFlow. Prerequisites: TCP/IP Foundation Duration 2 days Total NetFlow for engineers What is NetFlow? Flows. Where to monitor traffic. Hands on Wireshark flow analysis. Getting started with NetFlow NetFlow configuration. Hands on Accessing NetFlow data using the CLI. NetFlow architecture Generators and collectors. When flows are exported. NetFlow reporting products. SolarWinds. Hands on Collector software. NetFlow features and benefits Real time segment statistics, real time top talkers, traffic matrices. Hands on Traffic analysis with NetFlow. NetFlow issues NetFlow impact, agent resources, server resources, comparing NetFlow with SNMP, RMON and sflow. Hands on Advanced NetFlow configuration. Export formats Flow aging timers, NetFlow versions, export formats, templates, IPFIX. Hands on NetFlow packet analysis. NetFlow MIBs The NetFlow MIB, configuration, retrieving NetFlow statistics. Hands on Integrating NetFlow with SNMP.
Total SPB training course description A comprehensive look at Service Provider Bridging (SPB) as standardised in 802.1aq. This SPB course starts with the problems in traditional switched networks then moves onto to how SPB solves these problems. As IS-IS is key to loop free topologies in SPB networks, this protocols is also studied. What will you learn Explain the benefits of SPB. Explain how SPB works. Explain the role of IS-IS in SPB. Integrate SPB into existing networks. Total SPB training course details Who will benefit: Technical staff working with Ethernet. Prerequisites: Definitive Ethernet switching for engineers Duration 1 day Total SPB training course contents What is SPB? Layer 2 versus Layer 3, STP problems: One path, convergence, MAC explosion. Virtualisation issues: VRF. Service Provider Bridging (SPB), 802.1aq. Virtual Services Network. SPB variants 802.1Q, 802.1ad, Q-in-Q, VLAN IDs, 802.1ah, M-in-M, I-SID. SPBV, SPBM. SPBM frame format. How SPB works Node ID, Backbone Edge Bridges, Backbone MAC address, Customer MACs, I-SID. IS-IS. Forwarding database. VSN. IS-IS Link layer IS-IS, SPF trees, traffic management. IS-IS extensions for SPB. ISIS TLV. SPB services Data centre bridging, server virtualisation, multitenant applications. Integration of SPB into existing networks. VLAN to ISID mappings. Inter ISID routing, IP/SPB Layer 3 VRF extensions. Miscellaneous Multicast in SPB environments. Source specific multicast trees. SPB configuration. SPB deployment considerations.
IP security training course description Connection to the Internet is becoming an essential business tool. This course looks at firewalls, digital certificates, encryption and other essential topics for e-commerce sites. A generic course that looks at firewalls and VPNs. Hands on sessions include using hacking tools and configuring firewalls. What will you learn Describe: Basic security attacks RADIUS SSL IPSec VPNs Implement digital certificates Deploy firewalls to protect Web servers and users. Secure Web servers and clients. IP security training course details Who will benefit: Network administrators. Network operators. Security auditors Prerequisites: TCP/IP foundation for engineers Duration 2 days IP security training course contents TCP/IP review Brief overview of the relevant headers. Hands on Download software for course, use analyser to capture passwords on the wire. Security review Policies, Types of security breach, denial of service, data manipulation, data theft, data destruction, security checklists, incident response. Security exploits The Internet worm, IP spoofing, SYN attack, hijacking, Ping o' Death⦠keeping up to date with new threats. Hands on Use a port scanning tool, use a 'hacking' tool. Firewalls Products, Packet filtering, DMZ, content filtering, stateful packet inspection, Proxies, firewall architectures, Intrusion Detection Systems, Viruses. Hands on Set up a firewall and prevent attacks. NAT NAT and PAT, Why use NAT, NAT-ALG, RSIP. Encryption Encryption keys, Encryption strengths, Secret key vs Public key, algorithms, systems, SSL, SSH, Public Key Infrastructures. Hands on Run a password-cracking program. Authentication Types of authentication, Securid, Biometrics, PGP, Digital certificates, X.509 v3, Certificate authorities, CRLs, PPP authentication, RADIUS. Hands on Using certificates. Web client and server security Cookies, browser certificates, censorship, PICS. Operating system security, Web server user authentication, Restricting access, Logging, Securing CGI scripts. Hands on Browser security. VPNs and IPSec What is a VPN, tunnelling, L2F, PPTP, L2TP, IPSec, AH, ESP, transport mode, tunnel mode.
Definitive Salt training course description Salt is a remote execution framework and configuration management system. This course covers Salt from the basics. After a quick first taste the course moves onto execution modules, salt states, minion and master data, jinja, Salt extensions and then topology and configuration options. Hands on sessions are used to reinforce the theory rather than teach specific manufacturer equipment. What will you learn Install and use Salt. Describe the architecture of Salt. Manage configurations with Salt. Extend Salt. Definitive Salt training course details Who will benefit: Anyone working with Salt. Prerequisites: Linux fundamentals. Duration 2 days Definitive Salt training course contents Introduction What is Salt? High- level architecture, Some quick examples, system management, configuration management, A brief history, Topology options, Extending Salt. Quick start: First taste of Salt Single-master setup, from packages, bootstrap scripts, Starting up, Basic commands, salt: the main workhorse, salt-key: key management, salt-call: execution on the minion, salt-run: co-ordination of jobs on the master, summary of commands, Key management, viewing keys, accepting keys, rejecting keys, key files, Minion targeting, minion ID, list (-L), glob, regular expressions (-E), grains (-G), compound (-C), targeting summary, Additional remote execution details, Conclusion. Execution modules: The functional foundation sys: information and documentation about modules, sys.doc basic documentation, sys.list_modules, sys.list_functions: simple listings, cmd: execute via shell, cmd.run: run any command, pkg: manage packages, virtual modules, pkg.lists_pkgs: list all installed packages, pkg.available version: see what version will be installed, pkg.install: install packages, user: manage users, user.add: add users, user.list_users, user info: get user info, saltutil: access various Salt utilities, Summary. Configuration management: Salt states Salt files overview, SLS example: adding a user, working with the multi-layered state system, Highstate and the top file, the top file, State ordering, require: depend on another state, watch: run based on other changes, odds and ends, Summary. Minion data / master data Grains are minion data, performing basic grain operations, setting grains, targeting with grains in the top file, Pillars are data from the master, querying pillar data, querying other sources with external pillars, Renderers give data options. Extending Salt: part I Introduction to Jinja, Jinja basics, Templating with Jinja, filtering by grains, Custom execution module, Custom state modules, Custom grains, External pillars, Summary. More on the matter Runners, manage minions, manage jobs, The orchestrate runner, The event system, The reactor system, Summary. Extending Salt: part II Python client API, reading configuration data on a master and minion, using the master client (localclient) API, Using the caller client API, Custom runners, writing a custom runner, using the runnerclient API, Summary. Topology and configuration options Master configuration, directories and files, logging, access control, files server options, Topology variations, masterless minions, peer systems, syndication masters, multiple masters. Brief introduction to salt-cloud Overview, Setup AWS and salt-cloud, installing salt-cloud, cloud providers, cloud profiles, cloud maps, Introspection via salt cloud, Creating infrastructure, More information. Using vagrant to run Salt examples YAML.
SMPTE 2022 training course description SMPTE 2022 is the standard for IP video transport in the broadcast industry. This course covers the seven section of the standard in detail. Particular attention is given to FEC and seamless protection switching areas of the standard. What will you learn Use Wireshark to analyse. SMPTE 2022 streams. Explain the role of FEC in SMPTE 2022. Explain how SMPTE 2022 provides resilience. SMPTE 2022 training course details Who will benefit: Anyone working with TV distribution. Prerequisites: TCP/IP foundation for engineers Duration 1 day SMPTE 2022 training course contents Introduction What is SMPTE 2022, SMPTE 2022 parts. SDI over IP. Contribution and distribution versus delivery. The SMPTE 2022 protocol stack SMPTE 2022-2 (mapping of MPEG TS into IP) and SMPTE 2022-6 mapping uncompressed video into IP. IP: Best effort, connectionless, DF flag, routers, Diffserv, RSVP. IPv6. UDP: Unreliable, connectionless, broadcasts, multicasts and unicasts. RTP RTP, ports, payloads types, sequence numbers, timestamps. RTP header extensions. RTCP. MPEG2-TS: Elementary streams, transport over IP. FEC Forward Error Correction. SMPTE 2022-1, SMPTE 2022-5. Logical rows and columns. 1D and 2D parity. FEC header format. FEC configuration and choosing dimensions. FEC traffic shaping. Overheads and delays. Seamless protection switching IP failover. SMPTE 2022-7: Sending two matching streams over different paths. Stream synchronization. The HBRMT header. Calculating the packet to switch over. Summary Summary of the 7 sections of the SMPTE 2022 standard. Clock recovery.
NETCONF and YANG training course description An introduction to NETCONF and YANG. The course progresses from what they are, why they are needed, and how to configure them onto a more detailed analysis of how NETCONF works and how to read YANG models. What will you learn Recognise the limits and problems of SNMP and the CLI. Describe the relationship between NETCONF and YANG. Configure NETCONF on network devices. Use NETCONF to configure devices. Read YANG models. NETCONF and YANG training course details Who will benefit: Network engineers. Prerequisites: Network management technologies Duration 1 day NETCONF and YANG training course content What are NETCONF and YANG? Network management and configuration issues. What is NETCONF? What is YANG? Protocols, data models, architecture. Hands on Configuring NETCONF on network devices, using NETCONF. NETCONF NETCONF layers, Secure transport: SSH, Messages: rpc, Operations, Content. Base operations: <get>, <get-config>, <edit-config>, <copy-config>, <delete-config>, <lock>,<unlock>, <close-session>, <kill-session> NETCONF datastores: :candidate, :startup, running. Hands on Retrieving a configuration with NETCONF, Editing a configuration with NETCONF. NETCONF more details NETCONF traffic flows, NETCONF capabilities, hello, capabilities exchange., Filtering data, atomic transactions, validating configurations. Hands on Using NETCONF. YANG YANG models, IETF standard YANG models, tree diagrams, an example: YANG interface management, Module header, Imports and includes, Containers, Lists, leaves, Data types, typedef, Instance data, XML. Hands on Reading YANG data models, creating a configuration instance.
REST and RESTCONF training course description An introduction to REST and RESTCONF using Python. The course progresses from how to use them onto how they work and then looks at using them from within Python all the time on network devices. What will you learn Explain what REST and RESTCONF are. Use the REST API on network device. Use RESTCONF. REST and RESTCONF training course details Who will benefit: Network engineers. Prerequisites: Python for network engineers. Duration 1 day REST and RESTCONF training course contents Using REST Curl, Browser plugins, Postman, RESTClient, Python. Hands on Using the REST API on network devices. What is REST? What is REST? Architecture, APIs, RESTful APIs, APIs over HTTP/HTTPS, URIs, resources, HTTP methods, GET, POST, PUT, DELETE. CRUD. Comparison with other APIs. Hands on REST analysis with Wireshark. Rest conventions Passing parameters, return values, HTTP status, JSON. XML. Hands on Configuring REST on network devices, changing format of responses, POST requests, using parameters. Configuring network devices with REST Invoking multiple RPCs. Hands on Device configuration with REST. The request library RESTFUL APIs in Python, the request library, Installation, example to retrieve the interface configuration. Hands on Using the Python requests library on network devices. RESTCONF What is RESTCONF? YANG and NETCONF, relationship with REST, RESTCONF URIs, A RESTCONF example with ietf-interfaces, RESTCONF responses. PATCH. Hands on Using RESTCONF to update a network device configuration.
QSIG training course description A concise overview of QSIG, covering the development, current use and future of this private network signalling protocol. What will you learn Describe the use of QSIG. Describe the evolution of QSIG. Describe functionality of the QSIGProtocol Stack. Describe functionality and use of the main Supplementary Services and Additional Network Functions within QSIG. QSIG training course details Who will benefit: Network/Systems Engineers Operators/Planners or anyone working within the QSIG Arena. Prerequisites: Telecommunications Introduction Duration 1 day QSIG training course contents Introduction What is QSIG? User benefits, flexible interconnection, public ISDN synergy, feature transparency-end to end intelligence, innovation specialist features - heterogeneous environment. Evolution of QSIG Evolution of QSIG, ISDN PBX Networking, Specification forum (IPNS), QSIG standardisation. The ITU-T reference model extended for corporate networks. QSIG Protocol Q Protocol stack, QSIG basic call layer 3 - SubLayer 1, QSIG Generic Functional layer 3 Sub-Layer 2 (GF), QSIG protocols for supplementary services & ANF's- Layer 3, Sub-Layer 3, Layer 3 Message Overview. Supplementary Services and ANFs QSIG supplementary services standardisation methodology. QSIG Services and additional network features: Advice of charge, Call Completion, (CCBS, CCNR), Call Forwarding and diversion (CFB, CFNR, CFU, CD), Services (CINT, CI, CO, CT, CW, DDI) Services cont. (DND, DNDO), Identification Services - (CLIP, COLP, CLIR, CNIP, CONP, CNIR), Other QSIG services and additional network features (Mobile, Multi Subscriber Number (MSN), Operator Services, Recall (RE), Sub-Addressing (SUB)), User to user signalling, compliance with services. Conclusion - QSIG1 FAQ's, European Computer Manufacturers Association. The Future.