39 Incident Response courses in Coventry delivered Live Online

Cyber security training course description This cyber security course focusses on the network side of security. Technologies rather than specific products are studied focussing around the protection of networks using firewalls and VPNs. What will you learn Describe: - Basic security attacks - RADIUS - SSL - VPNs Deploy firewalls and secure networks Explain how the various technologies involved in an IP VPN work. Describe and implement: - L2TP - IPsec - SSL - MPLS, L3, VPNs. Cyber security training course details Who will benefit: Anyone working in the security field. Prerequisites: TCP/IP foundation for engineers Duration 5 days Cyber security training course contents Security review Denial of service, DDOS, data manipulation, data theft, data destruction, security checklists, incident response. Security exploits IP spoofing, SYN attacks, hijacking, reflectors and amplification, keeping up to date with new threats. Hands on port scanning, use a 'hacking' tool. Client and Server security Windows, Linux, Log files, syslogd, accounts, data security. Hands on Server hardening. Firewall introduction What is a firewall? Firewall benefits, concepts. HAnds on launching various attacks on a target. Firewall types Packet filtering, SPI, Proxy, Personal. Software firewalls, hardware firewalls. Firewall products. Hands on Simple personal firewall configuration. Packet filtering firewalls Things to filter in the IP header, stateless vs. stateful filtering. ACLs. Advantages of packet filtering. Hands on Configuring packet filtering firewalls. Stateful packet filtering Stateful algorithms, packet-by-packet inspection, application content filtering, tracks, special handling (fragments, IP options), sessions with TCP and UDP. Firewall hacking detection: SYN attacks, SSL, SSH interception. Hands on SPI firewalls. Proxy firewalls Circuit level, application level, SOCKS. Proxy firewall plusses and minuses. Hands on Proxy firewalls. Firewall architectures Small office, enterprise, service provider, what is a DMZ? DMZ architectures, bastion hosts, multi DMZ. Virtual firewalls, transparent firewalls. Dual firewall design, high availability, load balancing, VRRP. Hands on Resilient firewall architecture. Testing firewalls Configuration checklist, testing procedure, monitoring firewalls, logging, syslog. Hands on Testing firewalls. Encryption Encryption keys, Encryption strengths, Secret key vs Public key, algorithms, systems, SSL, SSH, Public Key Infrastructures. Hands on Password cracking. Authentication Types of authentication, Securid, Biometrics, PGP, Digital certificates, X.509 v3, Certificate authorities, CRLs, RADIUS. Hands on Using certificates. VPN overview What is a VPN? What is an IP VPN? VPNs vs. Private Data Networks, Internet VPNs, Intranet VPNs, Remote access VPNs, Site to site VPNs, VPN benefits and disadvantages. VPN Tunnelling VPN components, VPN tunnels, tunnel sources, tunnel end points, tunnelling topologies, tunnelling protocols, which tunnelling protocol? Requirements of tunnels. L2TP Overview, components, how it works, security, packet authentication, L2TP/IPsec, L2TP/PPP, L2 vs L3 tunnelling. Hands on Implementing a L2TP tunnel. IPsec AH, HMAC, ESP, transport and tunnel modes, Security Association, encryption and authentication algorithms, manual vs automated key exchange, NAT and other issues. Hands on Implementing an IPsec VPN. SSL VPNs Layer 4 VPNs, advantages, disadvantages. SSL. TLS. TLS negotiation, TLS authentication. TLS and certificates. Hands on Implementing a SSL VPN. MPLS VPNs Introduction to MPLS, why use MPLS, Headers, architecture, label switching, LDP, MPLS VPNs, L2 versus L3 VPNs. Point to point versus multipoint MPLS VPNs. MBGP and VRFs and their use in MPLS VPNs. Hands on Implementing a MPLS L3 VPN. Penetration testing Hacking webservers, web applications, Wireless networks and mobile platforms. Concepts, threats, methodology. Hands on Hacking tools and countermeasures.

STGO Abnormal Loads

Duration 5 Days 30 CPD hours This course is intended for This course is intended for anyone responsible for conf iguring, maintaining, and troubleshooting Symantec Data Loss Prevention. Additionally, this course is intended for technical users responsible for creating and maintaining Symantec Data Loss Prevention policies and the incident response structure. Overview At the completion of the course, you will be able to: Enforce server, detection servers, and DLP Agents as well as reporting, workflow, incident response management, policy management and detection, response management, user and role administration, directory integration, and filtering. This course is designed to provide you with the fundamental know ledge to configure and administer the Symantec Data Loss Prevention Enforce platform. Introduction to Symantec Data Loss Prevention Symantec Data Loss Prevention overview Symantec Data Loss Prevention architecture Navigation and Reporting Navigating the user interface Reporting and analysis Report navigation, preferences, and features Report filters Report commands Incident snapshot Incident Data Access Hands-on labs: Become familiar with navigation and tools in the user interface. Create, filter, summarize, customize, and distribute reports. Create users, roles, and attributes. Incident Remediation and Workflow Incident remediation and w orkf low Managing users and attributes Custom attribute lookup User Risk Summary Hands-on labs: Remediate incidents and configure a user?s reporting preferences Policy Management Policy overview Creating policy groups Using policy templates Building policies Policy development best practices Hands-on labs: Use policy templates and policy builder to configure and apply new policies Response Rule Management Response rule overview Configuring Automated Response rules Configuring Smart Response rules Response rule best practices Hands-On Labs: Create and use Automated and Smart Response rules Described Content Matching DCM detection methods Hands-on labs: Create policies that include DCM and then use those policies to capture incidents Exact Data Matching and Directory Group Matching Exact data matching (EDM) Advanced EDM Directory group matching (DGM) Hands-on labs: Create policies that include EDM and DGM, and then use those policies to capture incident Indexed Document Matching Indexed document matching (IDM) Hands-on labs: Create policies that include IDM rules and then use those policies to capture incidents Vector Machine Learning Vector Machine Learning (VML) Hands-on labs: Create a VML profile, import document sets, and create a VML policy Network Monitor Review of Network Monitor Protocols Traffic filtering Network Monitor best practices Hands-On Labs: Apply IP and L7 filters Network Prevent Network Prevent overview Introduction to Network Prevent (Email) Introduction to Network Prevent (Web) Hands-On Labs: Configure Network Prevent (E-mail) response rules, incorporate them into policies, and use the policies to capture incidents Mobile Email Monitor and Mobile Prevent Introduction to Mobile Email Monitor Mobile Prevent overview Configuration VPN configuration Policy and Response Rule Creation Reporting and Remediation Troubleshooting Network Discover and Network Protect Network Discover and Network Protect overview Configuring Discover targets Configuring Box cloud targets Protecting data Auto-discovery of servers and shares Running and managing scans Reports and remediation Network Discover and Network Protect best practices Hands-on labs: Create and run a filesystem target using various response rules, including quarantining Endpoint Prevent Endpoint Prevent overview Detection capabilities at the Endpoint Configuring Endpoint Prevent Creating Endpoint response rules Viewing Endpoint Prevent incidents Endpoint Prevent best practices Managing DLP Agents Hands-on labs: Create Agent Groups and Endpoint response rules, monitor and block Endpoint actions, view Endpoint incidents, and use the Enforce console to manage DLP Agents Endpoint Discover Endpoint Discover overview Creating and running Endpoint Discover targets Using Endpoint Discover reports and reporting features Hands-on labs: Create Endpoint Discover targets, run Endpoint Discover targets, and view Endpoint Discover incidents Enterprise Enablement Preparing for risk reduction Risk reduction DLP Maturity model System Administration Server administration Language support Incident Delete Credential management Troubleshooting Diagnostic tools Troubleshooting scenario Getting support Hands-on labs: Interpret event reports and traffic reports, configure alerts, and use the Log Collection and Configuration tool Additional course details: Nexus Humans Symantec Data Loss Prevention 14.0 - Administration training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Symantec Data Loss Prevention 14.0 - Administration course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for The CHFI course will benefit: Police and other laws enforcement personnel Defense and Military personnel e-Business Security professionals Systems administrators Legal professionals Banking, Insurance and other professionals Government agencies Overview At the end of this course, you will possess the skills needed to: Understand the fundamentals of computer forensics Understand the computer forensic investigation process Describe in detail different types of hard disks and file systems Understand data acquisition and duplication Counteract anti-forensic techniques Leverage forensic skills in Windows, Linux, and Mac Investigate web attacks Understand dark web forensics Deploy forensic techniques for databases, cloud, and networks Investigate email crimes including malware Perform forensics in mobile and IoT environments Every crime leaves a digital footprint, and you need the skills to track those footprints. In this course, students will learn to unravel these pieces of evidence, decode them and report them. From decoding a hack to taking legal action against the perpetrators, they will become an active respondent in times of cyber-breaches. Computer Forensics in Today?s World 1.1. Understand the Fundamentals of Computer Forensics 1.2. Understand Cybercrimes and their Investigation Procedures 1.3. Understand Digital Evidence 1.4. Understand Forensic Readiness, Incident Response and the Role of SOC (Security Operations Center) in Computer Forensics 1.5. Identify the Roles and Responsibilities of a Forensic Investigator 1.6. Understand the Challenges Faced in Investigating Cybercrimes 1.7. Understand Legal Compliance in Computer Forensics Computer Forensics Investigation Process 2.1. Understand the Forensic Investigation Process and its Importance 2.2. Understand the Pre-investigation Phase 2.3. Understand First Response 2.4. Understand the Investigation Phase 2.5. Understand the Post-investigation Phase Understanding Hard Disks and File Systems 3.1. Describe Different Types of Disk Drives and their Characteristics 3.2. Explain the Logical Structure of a Disk 3.3. Understand Booting Process of Windows, Linux and Mac Operating Systems 3.4. Understand Various File Systems of Windows, Linux and Mac Operating Systems 3.5. Examine File System Using Autopsy and The Sleuth Kit Tools 3.6 Understand Storage Systems 3.7. Understand Encoding Standards and Hex Editors 3.8. Analyze Popular File Formats Using Hex Editor Data Acquisition and Duplication 4.1. Understand Data Acquisition Fundamentals 4.2. Understand Data Acquisition Methodology 4.3. Prepare an Image File for Examination Defeating Anti-forensics Techniques 5.1. Understand Anti-forensics Techniques 5.2. Discuss Data Deletion and Recycle Bin Forensics 5.3. Illustrate File Carving Techniques and Ways to Recover Evidence from Deleted Partitions 5.4. Explore Password Cracking/Bypassing Techniques 5.5. Detect Steganography, Hidden Data in File System Structures, Trail Obfuscation, and File Extension Mismatch 5.6. Understand Techniques of Artifact Wiping, Overwritten Data/Metadata Detection, and Encryption 5.7. Detect Program Packers and Footprint Minimizing Techniques 5.8. Understand Anti-forensics Countermeasures Windows Forensics 6.1. Collect Volatile and Non-volatile Information 6.2. Perform Windows Memory and Registry Analysis 6.3. Examine the Cache, Cookie and History Recorded in Web Browsers 6.4. Examine Windows Files and Metadata 6.5. Understand ShellBags, LNK Files, and Jump Lists 6.6. Understand Text-based Logs and Windows Event Logs Linux and Mac Forensics 7.1. Understand Volatile and Non-volatile Data in Linux 7.2. Analyze Filesystem Images Using The Sleuth Kit 7.3. Demonstrate Memory Forensics Using Volatility & PhotoRec 7.4. Understand Mac Forensics Network Forensics 8.1. Understand Network Forensics 8.2. Explain Logging Fundamentals and Network Forensic Readiness 8.3. Summarize Event Correlation Concepts 8.4. Identify Indicators of Compromise (IoCs) from Network Logs 8.5. Investigate Network Traffic 8.6. Perform Incident Detection and Examination with SIEM Tools 8.7. Monitor and Detect Wireless Network Attacks Investigating Web Attacks 9.1. Understand Web Application Forensics 9.2. Understand Internet Information Services (IIS) Logs 9.3. Understand Apache Web Server Logs 9.4. Understand the Functionality of Intrusion Detection System (IDS) 9.5. Understand the Functionality of Web Application Firewall (WAF) 9.6. Investigate Web Attacks on Windows-based Servers 9.7. Detect and Investigate Various Attacks on Web Applications Dark Web Forensics 10.1. Understand the Dark Web 10.2. Determine How to Identify the Traces of Tor Browser during Investigation 10.3. Perform Tor Browser Forensics Database Forensics 11.1. Understand Database Forensics and its Importance 11.2. Determine Data Storage and Database Evidence Repositories in MSSQL Server 11.3. Collect Evidence Files on MSSQL Server 11.4. Perform MSSQL Forensics 11.5. Understand Internal Architecture of MySQL and Structure of Data Directory 11.6. Understand Information Schema and List MySQL Utilities for Performing Forensic Analysis 11.7. Perform MySQL Forensics on WordPress Web Application Database Cloud Forensics 12.1. Understand the Basic Cloud Computing Concepts 12.2. Understand Cloud Forensics 12.3. Understand the Fundamentals of Amazon Web Services (AWS) 12.4. Determine How to Investigate Security Incidents in AWS 12.5. Understand the Fundamentals of Microsoft Azure 12.6. Determine How to Investigate Security Incidents in Azure 12.7. Understand Forensic Methodologies for Containers and Microservices Investigating Email Crimes 13.1. Understand Email Basics 13.2. Understand Email Crime Investigation and its Steps 13.3. U.S. Laws Against Email Crime Malware Forensics 14.1. Define Malware and Identify the Common Techniques Attackers Use to Spread Malware 14.2. Understand Malware Forensics Fundamentals and Recognize Types of Malware Analysis 14.3. Understand and Perform Static Analysis of Malware 14.4. Analyze Suspicious Word and PDF Documents 14.5. Understand Dynamic Malware Analysis Fundamentals and Approaches 14.6. Analyze Malware Behavior on System Properties in Real-time 14.7. Analyze Malware Behavior on Network in Real-time 14.8. Describe Fileless Malware Attacks and How they Happen 14.9. Perform Fileless Malware Analysis - Emotet Mobile Forensics 15.1. Understand the Importance of Mobile Device Forensics 15.2. Illustrate Architectural Layers and Boot Processes of Android and iOS Devices 15.3. Explain the Steps Involved in Mobile Forensics Process 15.4. Investigate Cellular Network Data 15.5. Understand SIM File System and its Data Acquisition Method 15.6. Illustrate Phone Locks and Discuss Rooting of Android and Jailbreaking of iOS Devices 15.7. Perform Logical Acquisition on Android and iOS Devices 15.8. Perform Physical Acquisition on Android and iOS Devices 15.9. Discuss Mobile Forensics Challenges and Prepare Investigation Report IoT Forensics 16.1. Understand IoT and IoT Security Problems 16.2. Recognize Different Types of IoT Threats 16.3. Understand IoT Forensics 16.4. Perform Forensics on IoT Devices

Duration 5 Days 30 CPD hours This course is intended for Network Administrators Network security Administrators Network Security Engineer Network Defense Technicians CND Analyst Security Analyst Security Operator Anyone who involves in network operations Overview A dedicated focus on IoT security Network virtualization practices for the remote workforce Enhanced Cloud Security & IoT and Operational Technology (OT) Modules Introduction to threat intelligence In-depth Attack Surface Analysis Certified Network Defender (CND) is a vendor-neutral, hands-on, instructor-led comprehensive network security certification training program. It is a skills-based, lab intensive program based on the security education framework and work role task analysis presented by the National Infocomm Competency Framework (NICF) as well as a job-task analysis and cybersecurity education framework by the National Initiative of Cybersecurity Education (NICE). The course has also been mapped to global job roles and to the Department of Defense (DoD) job roles for system/network administrators. The program prepares network administrators how to identify what parts of an organization need to be reviewed and tested for security vulnerabilities and how to reduce, prevent, and mitigate risks in the network. CND covers the protect, detect, respond and predict approach to network security. Course Outline Network Attacks and Defense Strategies Administrative Network Security Technical Network Security Network Perimeter Security Endpoint Security-Windows Systems Endpoint Security-Linux Systems Endpoint Security- Mobile Devices Endpoint Security-IoT Devices Administrative Application Security Data Security Enterprise Virtual Network Security Enterprise Cloud Network Security Enterprise Wireless Network Security Network Traffic Monitoring and Analysis Network Logs Monitoring and Analysis Incident Response and Forensic Investigation Business Continuity and Disaster Recovery Risk Anticipation with Risk Management Threat Assessment with Attack Surface Analysis Threat Prediction with Cyber Threat Intelligence

Duration 4.125 Days 24.75 CPD hours This course is intended for The job roles best suited to the material in this course are: Project managers and consultants involved in business continuity Expert advisors seeking to master the implementation of the business continuity management system Individuals responsible to maintain conformity with BCMS requirements within an organization Members of the BCMS team Overview Understand the concepts, approaches, methods, and techniques used for the implementation and effective management of a BCMS. Learn how to interpret and implement the requirements of ISO 22301 in the specific context of an organization. Understand the operation of the business continuity management system and its processes based on ISO 22301. Learn how to interpret and implement the requirements of ISO 22301 in the specific context of an organization. No two disasters in the world cause equal damage. Between the unpredictability of natural disasters, information security breaches, and incidents of different nature, preparedness can make you stand out in the crowd and predict the future of your business. In light of this, proper planning is essential to mitigating risks, avoiding consequences, coping with the negative effects of disasters and incidents, but at the same time, continuing your daily operations so that customer needs do not remain unfulfilled.This training course will prepare its participants to implement a business continuity management system (BCMS) in compliance with the requirements of ISO 22301. Attending this training course allows you to gain a comprehensive understanding of the best practices of the business continuity management system and to be able to establish a framework that allows the organization to continue operating efficiently during disruptive events Introduction to ISO 22301 and initiation of a BCMS Training course objectives and structure Standards and regulatory frameworks Business continuity management system (BCMS) Fundamental business continuity concepts and principles Initiation of the BCMS implementation Understanding the organization and its context BCMS scope Implementation plan of a BCMS Leadership and commitment Business continuity policy Risks, opportunities, and business continuity objectives Support for the BCMS Business impact analysis Risk assessment Implementation of a BCMS Business continuity strategies and solutions Business continuity plans and procedures Incident response and emergency response Crisis management Exercise programs Monitoring, measurement, analysis, and evaluation Internal audit BCMS monitoring, continual improvement, and preparation for the certification audi Management review Treatment of nonconformities Continual improvement Preparation for the certification audit Closing of the training course

Duration 1 Days 6 CPD hours This course is intended for System administrators and security operations personnel, including analysts and managers Overview By the end of the course, you should be able to meet the following objectives: Describe the components and capabilities of VMware Carbon Black Cloud Audit and Remediation Identify the architecture and data flows for Carbon Black Cloud Audit and Remediation communication Describe the use case and functionality of recommended queries Achieve a basic knowledge of SQL Describe the elements of a SQL query Evaluate the filtering options for queries Perform basic SQL queries on endpoints Describe the different response capabilities available from VMware Carbon Black Cloud This course teaches you how to use the VMware Carbon Black© Cloud Audit and Remediation? product to build queries for IT hygiene, incident response, and vulnerability assessment to support your organization?s security posture and policies. This course provides an in-depth, technical understanding of the product through comprehensive coursework and hands-on scenario-based labs. Course Introduction Introductions and course logistics Course objectives Data Flows and Communication Hardware and software requirements Architecture Data flows Query Basics Osquery Available tables Query scope Running versus scheduling Recommended Queries Use cases Inspecting the SQL query SQL Basics Components Tables Select statements Where clause Creating basic queries Filtering Results Where clause Exporting and filtering Basic SQL Queries Query creation Running queries Viewing results Advanced Search Capabilities Advanced SQL options Threat hunting Response Capabilities Using live response Additional course details:Notes Delivery by TDSynex, Exit Certified and New Horizons an VMware Authorised Training Centre (VATC) Nexus Humans VMware Carbon Black Cloud Audit and Remediation training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the VMware Carbon Black Cloud Audit and Remediation course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 3 Days 18 CPD hours This course is intended for Organizations today demand a professional-level cybersecurity threat intelligence analyst who can extract the intelligence from data by implementing various advanced strategies. Such professional-level programs can only be achieved when the core of the curricula maps with and is compliant to government and industry published threat intelligence frameworks. Ethical Hackers Security Practitioners, Engineers, Analysts, Specialist, Architects, and Managers Threat Intelligence Analysts, Associates, Researchers, Consultants Threat Hunters SOC Professionals Digital Forensic and Malware Analysts Incident Response Team Members Any mid-level to high-level cybersecurity professionals with a minimum of 2 years of experience. Individuals from the information security profession and who want to enrich their skills and knowledge in the field of cyber threat intelligence. Individuals interested in preventing cyber threats. Overview This program will benefit students who are looking to build effective threat intelligence for their organization in order to combat modern-day cyber-attacks and prevent future attacks. Certified Threat Intelligence Analyst (C|TIA) is designed and developed in collaboration with cybersecurity and threat intelligence experts across the globe to help organizations identify and mitigate business risks by converting unknown internal and external threats into known threats. It is a comprehensive, specialist-level program that teaches a structured approach for building effective threat intelligence. Introduction to Threat Intelligence Understanding Intelligence Understanding Cyber Threat Intelligence Overview of Threat Intelligence Lifecycle and Frameworks Cyber Threats and Kill Chain Methodology Understanding Cyber Threats Understanding Advanced Persistent Threats (APTs) Understanding Cyber Kill Chain Understanding Indicators of Compromise (IoCs) Requirements, Planning, Direction, and Review Understanding Organization?s Current Threat Landscape Understanding Requirements Analysis Planning Threat Intelligence Program Establishing Management Support Building a Threat Intelligence Team Overview of Threat Intelligence Sharing Reviewing Threat Intelligence Program Data Collection and Processing Overview of Threat Intelligence Data Collection Overview of Threat Intelligence Collection Management Overview of Threat Intelligence Feeds and Sources Understanding Threat Intelligence Data Collection and Acquisition Understanding Bulk Data Collection Understanding Data Processing and Exploitation Data Analysis Overview of Data Analysis Understanding Data Analysis Techniques Overview of Threat Analysis Understanding Threat Analysis Process Overview of Fine-Tuning Threat Analysis Understanding Threat Intelligence Evaluation Creating Runbooks and Knowledge Base Overview of Threat Intelligence Tools Intelligence Reporting and Dissemination Overview of Threat Intelligence Reports Introduction to Dissemination Participating in Sharing Relationships Overview of Sharing Threat Intelligence Overview of Delivery Mechanisms Understanding Threat Intelligence Sharing Platforms Overview of Intelligence Sharing Acts and Regulations Overview of Threat Intelligence Integration

Duration 3 Days 18 CPD hours This course is intended for This course is most suited for IT professionals who have a need to understand the current requirements and core competences for managing IT in mission-critical environments. Overview After completion of the course the participant will be able to: 1. Provide guidance and implementation for IT strategy as set by senior IT and business management 2. Select and manage staff, implement training programs, career plan development and job rotation programs 3. Select, evaluate and negotiate vendors using RFI, RFP and selection criteria 4. Provide guidance for developing, testing and implementing business applications 5. Manage and/or assist in IT project management 6. Design and implement service management processes for incident, problem and change management 7. Understand the need for business continuity and design the business continuity plan 8. Review and implement information security practices and controls 9. Assist and initiate risk management practices 10. Understand and select new technologies such as cloud computing, big data, Internet of Things and social media to support business change demands 11. Select strategies for information management 12. Measure and improve quality of IT services CITS is designed to teach the skills, knowledge and competencies required of the modern IT specialist working at the senior professional, team-leader, supervisor or management level in IT management. IT Strategy The need for Information Technology Enterprise architecture Service catalogue Service level management Sustainable development IT Organisation Personnel need Roles and responsibilities Sourcing Selection process Hiring staff Managing staff Career planning Training / job rotation Performance appraisal Staff departures Vendor Selection / Management The importance of vendors Vendor selection Request For Information (RFI) Request For Proposal (RFP) Proposal evaluation Vendor reference checks Contract negotiation Contract management Vendor management Re-compete vendors Project Management Methodologies Project organisation Starting up / initiating Planning / initiation a project Risk Quality Scope Work / Product Breakdown Structure PERT diagram / Gantt chart Cost Communication Application Management Software Development Life Cycle (SDLC) Software Quality Assurance (SQA) Requirements Development Testing Adoption (implementation) Maintenance Service Management Incident management Problem management Change management Business Continuity Management Standards and guidelines Objectives Context Interested parties Scope Roles and responsibilities Resources and competences Awareness and communication Documentation Business Impact Analysis Risk Management Guidelines Context establishment Identification Analysis Evaluation Treatment Communication Monitoring and control Information Security Management Standards Confidentiality Integrity Availability Controls types Guideline for controls selection Control categories Information security awareness Security incident response Information and Knowledge Management Information management Data management Information management - technologies Business intelligence Data management - technologies Best practices in data governance Pitfalls in data governance Business Change Management Business change Frameworks, models and techniques Needs identification Cloud computing Social media / digital marketing Big data Internet of Things (IoT) Quality Management Standards, guidelines and frameworks Objectives Activities Services review Customer feedback Customer survey Key Performance Indicators (KPI) Metrics Scorecards and reports Quality register Exam Actual course outline may vary depending on offering center. Contact your sales representative for more information.

Duration 5 Days 30 CPD hours This course is intended for ECSS is designed for anyone who wants to enhance their skills and make a career in information security, network security, and computer forensics fields. It can be IT Specialists, Network Administrators, or System Administrators. Overview Upon successful completion of this course, students will learn: Key issues plaguing the information security, network security, and computer forensics. Fundamentals of networks and various components of the OSI and TCP/IP model. Various network security protocols. Various types of information security threats and attacks, and their countermeasures. Social engineering techniques, identify theft, and social engineering countermeasures. Different stages of the hacking cycle Identification, authentication, and authorization concepts Different types of cryptography ciphers, Public Key Infrastructure (PKI), cryptography attacks, and cryptanalysis tools. Fundamentals of firewall, techniques for bypassing firewall, and firewall technologies such as Bastion Host, DMZ, Proxy Servers, Network Address Translation, Virtual Private Network, and Honeypot. Fundamentals of IDS and IDS evasion techniques. Data backup techniques and VPN security. Wireless Encryption, wireless threats, wireless hacking tools, and Wi-Fi security. Different types of web server and web application attacks, and countermeasures. Fundamentals of ethical hacking and pen testing. Incident handling and response process. Cyber-crime and computer forensics investigation methodology. Different types of digital evidence and digital evidence examination process. Different type of file systems and their comparison (based on limit and features). Gathering volatile and non-volatile information from Windows and network forensics analysis mechanism. Steganography and its techniques. Different types of log capturing, time synchronization, and log capturing tools. E-mails tracking and e-mail crimes investigation. Writing investigation report. This is an entry-level security program covering the fundamental concepts and giving a holistic overview of the key components of information security, computer forensics, and network security. Course Outline Information Security Fundamentals Networking Fundamentals Secure Network Protocols Information Security Threats and Attacks Social Engineering Hacking Cycle Identification, Authentication, and Authorization Cryptography Firewalls Intrusion Detection System Data Backup Virtual Private Network Wireless Network Security Web Security Ethical Hacking and Pen Testing Incident Response Computer Forensics Fundamentals Digital Evidence Understanding File Systems Windows Forensics Network Forensics and Investigating Network Traffic Steganography Analyzing Logs E-mail Crime and Computer Forensics Writing Investigative Report Additional course details: Nexus Humans EC-Council Certified Security Specialist (ECSS) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the EC-Council Certified Security Specialist (ECSS) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.