4088 Courses in London

C++ training course description A hands on introduction to programming in the C++ language. The course concentrates on aspects that will be new to experienced C programmers and so is not suitable for those without C knowledge. What will you learn Write C++ programs Debug C++ programs. Examine existing code and determine its function. Use classes, function overloading, operator overloading, inheritance and virtual functions within C++ programs. C++ training course details Who will benefit: Programmers needing to write C++ code. Programmers needing to maintain C++ code. Prerequisites: C programming foundation. Duration 5 days C++ training course contents The origins of C++ C++ as a better C, C++ and Object Oriented Programming, encapsulation, polymorphism, inheritance. C++ standards. Getting started Simple C++ programs. Classes Basics, constructor and destructor functions, member and friend functions. Using objects. Default, copy and conversion constructors. A better C Arrays, pointers and references, new and delete. Improved safety with smart pointers, Resource Acquisition in Initialization (RAII). Functions in C++ Function overloading, default arguments, inline functions, Lambda functions. Templates Template classes and functions. Standard Library Containers, Iterators, algorithms, function objects. Operator overloading Basics, binary operators, the this pointer, relational operators, unary operators. Members versus friends. Inheritance Base class access control, protected members, multiple inheritance, virtual base classes. More I/O Manipulators, customising inserters, extractors. File I/O. Virtual functions Pointers to derived classes, run time polymorphism. Exception handling Throwing errors, trying code and catching errors.

Complete C# programming training course description This training course teaches developers the programming skills that are required for developers to create Windows applications using the C# language. Students review the basics of C# program structure, language syntax, and implementation details, and then consolidate their knowledge throughout the week as they build an application that incorporates several features of the .NET Framework. What will you learn Use the syntax and features of C#. Create and call methods, catch and handle exceptions, and describe the monitoring requirements of large-scale applications. Implement a typical desktop application. Create class, define and implement interfaces, and create and generic collections. Read and write data to/from files. Build a GUI using XAML. Complete C# programming training course details Who will benefit: Programmers wishing to learn C#. Prerequisites: Developers attending this course should already have gained some limited experience using C# to complete basic programming tasks. Duration 5 days Complete C# programming training course contents Review of C# Syntax Overview of Writing Applications using C#, Datatypes, Operators, and Expressions. C# Programming Language Constructs. Hands on Developing the Class Enrolment Application. Methods, exceptions and monitoring apps Creating and Invoking Methods. Creating Overloaded Methods and Using Optional and Output Parameters. Handling Exceptions. Monitoring Applications. Hands on Extending the Class Enrolment Application Functionality. Developing a graphical application Implementing Structs and Enums. Organizing Data into Collections. Handling Events. Hands on Writing the Grades Prototype Application. Classes and Type-safe collections Creating Classes. Defining and Implementing Interfaces. Implementing Type-safe Collections. Hands on Adding Data Validation and Type-safety to the Grades Application. Class hierarchy using Inheritance Class hierarchies. Extending .NET framework classes. Creating generic types. Hands on Refactoring common functionality into the User Class. Reading and writing local data Reading and Writing Files. Serializing and Deserializing Data. Performing I/O Using Streams. Hands on Generating the Grades Report. Accessing a Database Creating and using entity data models. Querying and updating data by using LINQ. Hands on Retrieving and modifying grade data. Accessing remote data Accessing data across the web and in the cloud. Hands on Modifying grade data in the Cloud. Designing the UI for a graphical applicatione Using XAML to design a User Interface. Binding controls to data. Styling a UI. Hands on Customizing Student Photographs and Styling the Application. Improving performance and responsiveness Implementing Multitasking by using tasks and Lambda Expressions. Performing operations asynchronously. Synchronizing concurrent data access. Hands on Improving the responsiveness and performance of the application. Integrating with unmanaged code Creating and using dynamic objects. Managing the Lifetime of objects and controlling unmanaged resources. Hands on Upgrading the grades report. Creating reusable types and assemblies Examining Object Metadata. Creating and Using Custom Attributes. Generating Managed Code. Versioning, Signing and Deploying Assemblies. Hands on Specifying the Data to Include in the Grades Report. Encrypting and Decrypting Data Implementing Symmetric Encryption. Implementing Asymmetric Encryption. Hands on Encrypting and Decrypting Grades Reports.

Linux virtualization and HA training course description The LPIC-3 certification is the culmination of LPI's multi -level professional certification program. LPIC-3 is designed for the enterprise-level Linux professional and represents the highest level of professional, distribution neutral Linux certification within the industry. LPIC-3 304 covers administering Linux enterprise-wide with an emphasis on virtualization and high availability. At SNT we have enhanced the contents of the course by covering containers. What will you learn Manage Virtual Machines. Manage containers. Manage HA clusters. Manage HA cluster storage. Linux virtualization and HA training course details Who will benefit: Linux professionals working with virtualization and/or High availability. Prerequisites: Linux network administration 2 (LPIC-2) Duration 5 days Linux virtualization and HA training course contents VIRTUALIZATION Virtualization concepts and theory Terminology, Pros and Cons of virtualization, variations of Virtual Machine monitors, migration of physical to VMs, migration of VMs between host systems, cloud computing. Xen Xen architecture, networking and storage, Xen configuration, Xen utilities, troubleshooting Xen installations, XAPI, XenStore, Xen Boot Parameters, the xm utility. KVM KVM architecture, networking and storage, KVM configuration, KVM utilities, troubleshooting KVM installations. Other virtualization solutions OpenVZ and LXC, other virtualization technologies, virtualization provisioning tools. Libvirt and Related Tools libvirt architecture, networking and storage, basic technical knowledge of libvirt and virsh, oVirt. Cloud Management Tools Basic feature knowledge of OpenStack and CloudStack, awareness of Eucalyptus and OpenNebula. Containers Containers versus VMs, Docker, Kubernetes. Load balanced clusters of LVS/IPVS, VRRP, configuration of keepalived, configuration of ldirectord, backend server network configuration. HAProxy, configuration of HAProxy. Failover clusters Pacemaker architecture and components (CIB, CRMd, PEngine, LRMd, DC, STONITHd), Pacemaker cluster configuration, Resource classes (OCF, LSB, Systemd, Upstart, Service, STONITH, Nagios), Resource rules and constraints (location, order, colocation), Advanced resource features (templates, groups, clone resources, multi-state resources), Pacemaker management using pcs, Pacemaker management using crmsh, configuration and management of corosync in conjunction with Pacemaker, other cluster engines (OpenAIS, Heartbeat, CMAN). HIGH AVAILABILITY CLUSTER STORAGE DRBD/cLVM DRBD resources, states and replication modes, configuration of DRBD resources, networking, disks and devices, configuration of DRBD automatic recovery and error handling, management of DRBD using drbdadm. drbdsetup and drbdmeta, Integration of DRBD with Pacemaker, cLVM, integration of cLVM with Pacemaker. Clustered File Systems Principles of cluster file systems. Create, maintain and troubleshoot GFS2 file systems in a cluster, create, maintain and troubleshoot OCFS2 file systems in a cluster, Integration of GFS2 and OCFS2 with Pacemaker, the O2CB cluster stack, other commonly used clustered file systems.

CCNP (ENARSI) training course description The Implementing Cisco Enterprise Advanced Routing and Services (ENARSI) v1.0 gives you the knowledge you need to install, configure, operate, and troubleshoot an enterprise network. This course covers advanced routing and infrastructure technologies, expanding on the topics covered in the Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) v1.0 course. This course helps prepare for the exam, Implementing Cisco Enterprise Advanced Routing and Services (300- 410 ENARSI), which leads to the new CCNP What will you learn Gain the knowledge you need to install, configure, operate, and troubleshoot an enterprise network. Qualify for professional-level job roles in advance routing and services Prepare for the Implementing Cisco Enterprise Advanced Routing and Services Exam (300-410 ENARSI). CCNP (ENARSI) training course details Who will benefit: Enterprise network engineers, System engineers, System administrators, Network administrators. Prerequisites: CCNP core Duration 5 days CCNP (ENARSI) training course content Course Objectives Configure classic Enhanced Interior Gateway Routing Protocol (EIGRP) and named EIGRP for IPv4 and IPv6 Optimize classic EIGRP and named EIGRP for IPv4 and IPv6 Troubleshoot classic EIGRP and named EIGRP for IPv4 and IPv6 Configure Open Shortest Path First (OSPF)v2 and OSPFv3 in IPv4 and IPv6 environments Optimize OSPFv2 and OSPFv3 behaviour Troubleshoot OSPFv2 for IPv4 and OSPFv3 for IPv4 and IPv6 Implement route redistribution using filtering mechanisms Troubleshoot redistribution Implement path control using Policy-Based Routing (PBR) and IP Service Level Agreement (SLA) Configure Multiprotocol-Border Gateway Protocol (MPBGP) in IPv4 and IPv6 environments Optimize MPBGP in IPv4 and IPv6 environments Troubleshoot MPBGP for IPv4 and IPv6 Describe the features of Multiprotocol Label Switching (MPLS) Describe the major architectural components of an MPLS VPN Identify the routing and packet forwarding functionalities for MPLS VPNs Explain how packets are forwarded in an MPLS VPN environment Implement Cisco Internetwork Operating System (IOS) Dynamic Multipoint VPNs (DMVPNs) Implement Dynamic Host Configuration Protocol (DHCP) Describe the tools available to secure the IPV6 first hop Troubleshoot Cisco router security features Troubleshoot infrastructure security and services Course Outline Implementing EIGRP Optimizing EIGRP Troubleshooting EIGRP Implementing OSPF Optimizing OSPF Troubleshooting OSPF Configuring Redistribution Troubleshooting Redistribution Implementing Path Control Implementing Internal Border Gateway Protocol (IBGP) Optimizing BGP Implementing MP-BGP Troubleshooting BGP Exploring MPLS Introducing MPLS L3 VPN Architecture Introducing MPLS L3 VPN Routing Configuring Virtual Routing and Forwarding (VRF)-Lite Implementing DMVPN Implementing DHCP Introducing IPv6 First Hop Security Securing Cisco Routers Troubleshooting Infrastructure Security and Services Troubleshooting with DNA Center Assurance. Lab outline Configure EIGRP Using Classic Mode and Named Mode for IPv4 and IPv6 Verify the EIGRP Topology Table Configure EIGRP Stub Routing, Summarization, and Default Routing Configure EIGRP Load Balancing and Authentication Troubleshoot EIGRP Issues Configure OSPFv3 for IPv4 and IPv6 Verify the LinkState Database Configure OSPF Stub Areas and Summarization Configure OSPF Authentication Troubleshoot OSPF Issues Implement Routing Protocol Redistribution Manipulate Redistribution Manipulate Redistribution Using Route Maps Troubleshoot Redistribution Issues Implement PBR Configure IBGP and External Border Gateway Protocol (EBGP) Implement BGP Path Selection Configure BGP Advanced Features Configure BGP Route Reflectors Configure MP-BGP for IPv4 and IPv6 Troubleshoot BGP Issues Configure Routing with VRF -Lite Implement Cisco IOS DMVPN Obtain IPv6 Addresses Dynamically Troubleshoot DHCPv4 and DHCPv6 Issues Troubleshoot IPv4 and IPv6 Access Control List (ACL) Issues Configure and Verify Unicast Reverse Path Forwarding (uRPF) Troubleshoot Network Management Protocol Issues: Lab 1 and 2

Python training course description This Python course focusses on teaching Python for use in network automation and network DevOps. We focus on getting delegates up and running with Python and network automation as quickly as possible rather than making them great programmers. In other words we concentrate on enabling delegates to use network automation libraries such as netmiko, NAPALM and Nornir, and APIs such as NETCONF and RESTCONF rather than enabling delegates to produce object oriented programs. Hands on sessions use Cisco and Juniper devices. What will you learn Run Python programs. Read Python programs. Write Python programs. Debug Python programs. Automate network tasks with Python programs. Configure network devices with Python. Collect data from network devices with Python. Python training course details Who will benefit: Network engineers. Prerequisites: TCP/IP Foundation Duration 5 days Python training course contents What is Python? Programming languages, Why Python? Python in interactive mode, Python scripts, ipython, Python version 2 versus version 3. A simple Python script. Comments. Hands on Installing Python, Hello world. A network example On box vs off box Python. telnet, ssh, NETCONF, HTTP, APIs, manufacturers and API support, analysis of a simple telnetlib program. Hands on Using Python to retrieve the configuration from a network device. Using wireshark to analyse the actions. Python basics I/O, operators, variables and assignment, types, indentation, loops and conditionals. Hands on Modifying the telnet program, changing configurations on a network devices. Functions, classes and methods What are functions, calling functions, builtin functions, useful builtin functions, file handling, classes, objects, creating instances. Hands on Storing configurations in files, configuring devices from files, using an inventory file to work on multiple devices. Libraries and modules Modules, files and packages, import, from-import, Python standard library, other packages, pip install, executing other programs. Managing python libraries. Hands on Using pip, installing and using ipaddress, subprocess to access netsnmp. For the more advanced, using the sockets library. Paramiko and netmiko SSH, enabling SSH on devices, keys. Paramiko versus netmiko, example scripts. pexpect. Hands on Configuring VLANs from Python. pySNMP Gathering facts using previous methods, SNMP review, pySNMP GET, pySNMP and SNMPv3. easySNMP library. Hands on Walking a MIB from Python. NETCONF What is NETCONF? Enabling NETCONF on devices, A first ncclient script, device handlers, get_config, edit_config, copy_config, delete_config, commit, validate, pyEZ, utils_config, utils.sw. Hands on Configuration using ncclient and PyEZ. This session is expanded for those interesting in JunOS automation. Manipulating configuration files Builtin functions, string handling. Unicode. Sequences, strings, lists, tuples. Dictionaries. TextFSM. Regular expressions. JSON, YAML, XML, YANG, Jinja2, templates. Hands on Jinja2 templating with Python to configure network devices. NAPALM Getters, configuration operations, supported devices, NAPALM transport, Config-replace, Config-merge, Compare config, Atomic changes, rollback. Example NAPLAM scripts. Hands on Using NAPALM to gather facts, Using NAPALM for configuration management REST and RESTCONF What is REST, HTTP methods, GET, POST, cURL, Postman, Python requests library. RESTCONF, a RESTCONF example. Hands on Modifying a configuration using RESTCONF. Scapy What is scapy, Scapy in interactive mode, Scapy as a module. Hands on Packet crafting from Python. Warning Errors and exceptions, Exception handling, try, except. Memory management. Garbage collection. Context management, With. Hands on Improving Python code. Nornir What is Nornir? A network automation framework, inventories, connection management and parallelization. Nornir architecture and other libraires. Hands on Setting up nornir, nornir fact gathering, nornir tasks. Optional Writing your own functions, Writing your own classes. pyntc. Hands on Writing reusable code.

Advanced Java training course description A tour of the more advanced features of Java following on from the Introduction to Java course. JDBC and JavaBeans are covered in separate courses. What will you learn Use Java to implement OOA/D. Use within Java programs - Internationalisation - Object serialisation - Reflection - RMI - Swing - JAR files Write Servlets and Java Server Pages Advanced Java training course details Who will benefit: Those wishing to program in Java. Prerequisites: Introduction to Java programming Duration 5 days Advanced Java training course contents What you should already know OO features in Java Static initialisers, object destruction, finalisation, constructor chaining, shadowing, Abstract classes and interfaces, inner classes, nested classes, member classes, local classes, anonymous classes. Internationalisation Locales, Unicode, local customs, localising messages. Object Serialisation Simple and custom serialisation, class versioning. Reflection Obtaining class and member information. RMI Restrictions, RMI architecture, Stubs, skeletons, rmic, the registry server, The RMI API. Swing An overview, examples, comparison vs. AWT, data transfer cut & paste. Servlets Servlet API, Java Web server, The servlet life cycle, chaining servlets, Hybrid servlets. JAR files and signed applet JAR files and signed applet

Integrating UNIX and Microsoft course description This course is designed for the enterprise-level UNIX professional and represents the highest level of professional, distribution-neutral UNIX certification within the industry. It covers administering UNIX enterprise-wide with an emphasis on mixed environments. What will you learn Configure and troubleshoot OpenLDAP. Use OpenLDAP as an authentication backend. Manage software packages. Use Samba - Share configuration - User and group management - Domain integration - Name services - with Linux and Windows clients Integrating UNIX and Microsoft course details Who will benefit: Enterprise-level UNIX professionals. Prerequisites: UNIX network administration. Duration 5 days Integrating UNIX and Microsoft course contents OPENLDAP CONFIGURATION OpenLDAP replication Replication concepts, OpenLDAP replication, replication log files, replica hubs, LDAP referrals, LDAP sync replication. Securing the Directory Securing the directory with SSL and TLS, Firewall considerations, Unauthenticated access methods, User/password authentication methods, Maintanence of SASL user DB, certificates. OpenLDAP Server Performance Tuning Measure OpenLDAP performance, Tune software configuration to increase performance, indexes. OPENLDAP AS AN AUTHENTICATION BACKEND LDAP Integration with PAM and NSS Configure PAM to use LDAP for authentication, NSS to retrieve information from LDAP and PAM modules in UNIX. Integrating LDAP with Active Directory and Kerberos Kerberos integration with LDAP, Cross platform authentication, Single sign-on concepts, Integration and compatibility limitations between OpenLDAP and Active Directory. SAMBA BASICS Samba Concepts and Architecture Samba daemons and components, key issues regarding heterogeneous network, Identify key TCP/UDP ports used with SMB/CIFS, Knowledge of Samba3 and Samba4 differences. Configure Samba Samba server configuration file structure, variables and configuration parameters, Troubleshoot and debug configuration problems. Regular Samba Maintenance Monitor and interact with running Samba daemons, Perform regular backups of Samba configuration and state data. Troubleshooting Samba Samba logging, Backup TDB files, Restore TDB files, Identify TDB file corruption, Edit / list TDB file content. Internationalization Internationalization character codes and code pages, differences in the name space between Windows and Linux/Unix with respect to share, names, user/group/computer naming in a non-English environment. SAMBA SHARE CONFIGURATION Linux File System and Share/Service Permissions File / directory permission control, Samba interaction with Linux file system permissions and ACLs, Use Samba VFS to store Windows ACLs. Print Services Printer sharing, integration between Samba and CUPS, Manage Windows print drivers and configure downloading of print drivers, security concerns with printer sharing. SAMBA USER AND GROUP MANAGEMENT Managing User Accounts and Groups User and group accounts, mappings, user account management tools, smbpasswd, file/directory ownership of objects. Authentication, Authorization and Winbind Local password database, password synchronization, passdb backends, Convert between passdb backends, Integrate Samba with LDAP, Winbind service, PAM and NSS. SAMBA DOMAIN INTEGRATION Samba as a PDC and BDC Domain membership and trust relationships, Create and maintain a PDC and BDC with Samba3/4, Add computers to an existing domain, logon scripts, roaming profiles, system policies. Samba4 as an AD compatible Domain Samba 4 as an AD DC, smbclient, how Samba integrates with AD services: DNS, Kerberos, NTP, LDAP. Configure Samba as a Domain Member Server Joining Samba to NT4 and AD domains, obtain a TGT from a KDC. SAMBA NAME SERVICES NetBIOS and WINS WINS concepts, NetBIOS concepts, local master browser, domain master browser, Samba as a WINS server, name resolution, WINS replication, NetBIOS browsing and browser elections, NETBIOS name types. Active Directory Name Resolution DNS for Samba4 as an AD Domain Controller, DNS forwarding with the internal DNS server of Samba4. WORKING WITH LINUX AND WINDOWS CLIENTS CIFS Integration SMB/CIFS concepts, remote CIFS shares from a Linux client, securely storing CIFS credentials, features and benefits of CIFS, permissions and file ownership of remote CIFS shares. Working with Windows Clients browse lists and SMB clients from Windows, Share file/print resources from Windows, the smbclient program, the Windows net utility.

UNIX networking training course description A course covering the complete range of standard UNIX networking products from the basic TCP/IP configuration through DNS, NIS, NFS and Samba. Hands-on exercises follow most theory sessions. What will you learn Install and configure fundamental network services. Describe TCP/IP, Apache, DNS, NIS, NIS+, NFS, Samba and sendmail. Configure and administrate TCP/IP. Install and administrate a DNS server. Configure and administrate a NIS+ network. Administrate NFS. Setup a sendmail server. UNIX networking training course details Who will benefit: System Administrators. Network Administrators. Prerequisites: Linux engineer certification 1 (LPIC-2) Duration 5 days UNIX networking training course contents Organizing Email Services The UNIX Mail System, Mail Transfer Agent, Mail Delivery Agent, Mail User Agent, Email Protocols, SMTP, POP, IMAP, Using Email Servers, Sendmail, Postfix, Local Email Delivery, Procmail Basics, Sieve, Remote Email Delivery, Courier, Dovecot. DNS DNS and BIND, Configuring a DNS Server, Starting, Stopping, and Reloading BIND, Configuring BIND Logging, Creating and Maintaining DNS Zones, BIND Zone Files, Managing BIND Zones, Securing a DNS Server, ailing BIND, DNSSEC, TSIG, Employing DANE. Offering Web Services Web Servers, HTTP, The Apache Web Server, Installing and configuring Apache, Hosting Dynamic Web Applications, Secure Web Servers, Proxy Servers, Installing and configuring Squid, Configuring Clients, Nginx Server, Installing Nginx, Configuring Nginx. Sharing Files Samba, Configuring Samba, Troubleshooting Samba, NFS, Configuring NFS, Securing NFS, Troubleshooting NFS, FTP Servers, Configuring vsftpd, Configuring Pure-FTPd. Managing Network Clients Assigning Network Addresses, DHCP, UNIX DHCP Software, Installing and configuring a DHCP Server and clients, Authentication Service, PAM Basics, Configuring PAM, PAM Application Files, Network Directories, LDAP Basics, OpenLDAP Server, LDAP Clients. Setting Up System Security Server Network Security, Port Scanning, Intrusion Detection Systems, External Network Security, iptables, Routing in UNIX, Connecting Securely to a Server, OpenSSH, OpenVPN, Security Resources, US-CERT, SANS Institute, Bugtraq.

CWSP training course description A hands-on training course concentrating solely on WiFi security with an emphasis on the delegates learning the necessary knowledge and skills to pass the CWSP exam. The course progresses from simple authentication, encryption and key management onto in depth coverage of 802.X and EAP along with many other security solutions such as access control, intrusion prevention and secure roaming. What will you learn Demonstrate the threats to WiFi networks. Secure WiFi networks. Configure: WPA2 RADIUS 802.1x EAP Pass the CWSP exam. CWSP training course details Who will benefit: Technical network staff. Technical security staff. Prerequisites: Certified Wireless Network Associate. Duration 5 days CWSP training course contents WLAN Security overview Standards, security basics, AAA, 802.11 security history. Hands on WLAN connectivity. Legacy 802.11 security Authentication: Open system, shared key. WEP. VPNs. MAC filters. SSID segmentation, SSID cloaking. Hands on Analysing 802.11 frame exchanges, viewing hidden SSIDs. Encryption Basics, AES, TKIP, CCMP, WPA, WPA2. Hands on Decrypting 802.11 data frames. 802.11 layer 2 authentication 802.1X: Supplicant, Authenticator, Authentication server. Credentials. Legacy authentication. EAP, Weak EAP protocols, Strong EAP protocols: EAP -PEAP, EAP-TTLS, EAP-TLS, EAP-FAST. Hands on Analysing 802.1X/EAP frames. 802.11 layer 2 dynamic key generation Robust Security Network. Hands on Authentication and key management. SOHO 802.11 security WPA/WPA2 personal, Preshared Keys, WiFi Protected Setup (WPS). Hands on PSK mapping. WLAN security infrastructure DS, Autonomous APs, WLAN controllers, split MAC, mesh, bridging, location based access control. Resilience. Wireless network management system. RADIUS/LDAP servers, PKI, RBAC. Hands on 802.1X/EAP configuration. RADIUS configuration. 802.11 Fast secure roaming History, RSNA, OKC, Fast BSS transition, 802.11k. Hands on Roaming. Wireless security risks Rogue devices, rogue prevention. Eavesdropping, DOS attacks. Public access and hotspots. Hands on Backtrack. WiFi security auditing Layer 1 audit, layer 2 audit, pen testing. WLAN security auditing tools. WiFi security monitoring Wireless Intrusion Detection and Prevention Systems. Device classification, WIDS/WIPS analysis. Monitoring. 802.11w. Hands on Laptop spectrum analysers. VPNs, remote access, guest access Role of VPNs in 802.11, remote access, hotspots, captive portal. Wireless security policies General policy, functional policy, recommendations.

Securing Linux systems training course description This course teaches you everything you need to know to build a safe Linux environment. The first section handles cryptography and authentication with certificates, openssl, mod_ssl, DNSSEC and filesystem encryption. Then Host security and hardening is covered with intrusion detection, and also user management and authentication. Filesystem Access control is then covered. Finally network security is covered with network hardening, packet filtering and VPNs. What will you learn Secure Linux accounts. Secure Linux file systems. Secure Linux access through the network. Securing Linux systems training course details Who will benefit: Linux technical staff needing to secure their systems. Prerequisites: Linux system administration (LPIC-1) Duration 5 days Securing Linux systems training course contents Cryptography Certificates and Public Key Infrastructures X.509 certificates, lifecycle, fields and certificate extensions. Trust chains and PKI. openssl. Public and private keys. Certification authority. Manage server and client certificates. Revoke certificates and CAs. Encryption, signing and authentication SSL, TLS, protocol versions. Transport layer security threats, e.g. MITM. Apache HTTPD with mod_ssl for HTTPS service, including SNI and HSTS. HTTPD with mod_ssl to authenticate users using certificates. HTTPD with mod_ssl to provide OCSP stapling. Use OpenSSL for SSL/TLS client and server tests. Encrypted File Systems Block device and file system encryption. dm-crypt with LUKS to encrypt block devices. eCryptfs to encrypt file systems, including home directories and, PAM integration, plain dm-crypt and EncFS. DNS and cryptography DNSSEC and DANE. BIND as an authoritative name server serving DNSSEC secured zones. BIND as an recursive name server that performs DNSSEC validation, KSK, ZSK, Key Tag, Key generation, key storage, key management and key rollover, Maintenance and resigning of zones, Use DANE. TSIG. Host Security Host Hardening BIOS and boot loader (GRUB 2) security. Disable useless software and services, sysctl for security related kernel configuration, particularly ASLR, Exec-Shield and IP / ICMP configuration, Exec-Shield and IP / ICMP configuration, Limit resource usage. Work with chroot environments, Security advantages of virtualization. Host Intrusion Detection The Linux Audit system, chkrootkit, rkhunter, including updates, Linux Malware Detect, Automate host scans using cron, AIDE, including rule management, OpenSCAP. User Management and Authentication NSS and PAM, Enforce password policies. Lock accounts automatically after failed login attempts, SSSD, Configure NSS and PAM for use with SSSD, SSSD authentication against Active Directory, IPA, LDAP, Kerberos and local domains, Kerberos and local domains, Kerberos tickets. FreeIPA Installation and Samba Integration FreeIPA, architecture and components. Install and manage a FreeIPA server and domain, Active Directory replication and Kerberos cross-realm trusts, sudo, autofs, SSH and SELinux integration in FreeIPA. Access Control Discretionary Access Control File ownership and permissions, SUID, SGID. Access control lists, extended attributes and attribute classes. Mandatory Access Control TE, RBAC, MAC, DAC. SELinux, AppArmor and Smack. etwork File Systems NFSv4 security issues and improvements, NFSv4 server and clients, NFSv4 authentication mechanisms (LIPKEY, SPKM, Kerberos), NFSv4 pseudo file system, NFSv4 ACLs. CIFS clients, CIFS Unix Extensions, CIFS security modes (NTLM, Kerberos), mapping and handling of CIFS ACLs and SIDs in a Linux system. Network Security Network Hardening FreeRADIUS, nmap, scan methods. Wireshark, filters and statistics. Rogue router advertisements and DHCP messages. Network Intrusion Detection ntop, Cacti, bandwidth usage monitoring, Snort, rule management, OpenVAS, NASL. Packet Filtering Firewall architectures, DMZ, netfilter, iptables and ip6tables, standard modules, tests and targets. IPv4 and IPv6 packet filtering. Connection tracking, NAT. IP sets and netfilter rules, nftables and nft. ebtables. conntrackd Virtual Private Networks OpenVPN server and clients for both bridged and routed VPN networks. IPsec server and clients for routed VPN networks using IPsec-Tools / racoon. L2TP.