39 Incident Response courses delivered Live Online

Duration 5 Days 30 CPD hours This course is intended for Sr. Systems Administrator Cloud Engineer Systems Engineer Sr. Network Administrator Sr. Network Engineer Cloud Specialist Cloud Project Manager Overview After completion of this course you will be able to describe: Cloud architecture and design Security within the cloud Automation and virtualization Troubleshooting and Disaster recovery High availability  This course covers in depth the skills and abilities needed to operate in the cloud, validating that candidates have the technical experience needed to deploy, secure, and automate environments regardless of the vendor solution. Understanding Cloud Concepts Topic 1A: Recognize Cloud Concepts Topic 1B: Recognize Cloud Terms Topic 1C: Understand the Troubleshooting Methodology Planning and Designing a Cloud Environment Topic 2A: Meet Cloud Business Requirements Topic 2B: Design Capacity Planning and Requirements Administering Cloud Resources Topic 3A: Manage Cloud Administration Topic 3B: Manage Compute Resources in the Cloud Topic 3C: Manage Memory Resources Managing Cloud Storage Topic 4A: Understand Cloud Storage Types Topic 4B: Configure Cloud Storage Solutions Topic 4C: Configure Cloud Storage Protocols and RAID Managing Networks in the Cloud Topic 5A: Deploying Cloud Network Services Topic 5B: Identify Cloud Network Infrastructure Components Securing and Troubleshooting Networks in the Cloud Topic 6A: Secure a Network in a Cloud Environment Topic 6B: Troubleshooting Cloud Connectivity Managing Cloud Migrations and Troubleshooting Cloud Deployments Topic 7A: Manage Cloud Migrations Topic 7B: Troubleshoot Cloud Deployment and Migration Issues Managing Cloud Automation and Orchestration Topic 8A: Understand Cloud Automation and Orchestration Techniques Topic 8B: Troubleshoot Automation and Orchestration in the Cloud Understanding Cloud Security Concepts Topic 9A: Administer Identity and Access Management in the Cloud Topic 9B: Manage Cloud Operating System and Application Security Topic 9C: Manage Data Security and Compliance in the Cloud Managing Cloud Security Topic 10A: Implement Security Measures in the Cloud Domain Topic 10B: Troubleshoot Cloud Security Managing Cloud Performance Topic 11A: Operate Efficiently in the Cloud Topic 11B: Accomplish Cloud Operations Tasks Topic 11C: Optimize Cloud Resources Topic 11D: Troubleshoot Common Cloud Performance Problems Managing Maintenance in the Cloud Topic 12A: Configure Logs, Monitoring, and Alerting for Cloud Services Topic 12B: Manage Backup and Restore in the Cloud Implementing High Availability and Disaster Recovery in the Cloud Topic 13A: Understand High Availability and Scaling in the Cloud Topic 13B: Manage Disaster Recovery in the Cloud Topic 13C: Incident Response Additional course details: Nexus Humans Cloud Fundamentals training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Cloud Fundamentals course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for Experienced security administrators and security analysts who are already familiar with VMware Carbon Black Cloud Overview By the end of the course, you should be able to meet the following objectives: Describe and determine use cases for integrating with VMware Carbon Black Cloud Configure, automate, and troubleshoot the VMware Carbon Black Cloud Syslog Integration Use VMware Carbon Black Cloud APIs to pull data with Postman Install and use the VMware Carbon Black Cloud Python SDK Automate operations using the VMware Carbon Black Cloud SDK and APIs Identify and troubleshoot VMware Carbon Black Cloud sensor installations Gather troubleshooting data within the browser to remediate or escalate problems Identify and resolve sensor usage, networking, and performance problems with the VMware Carbon Black Cloud sensor This two-day, hands-on training course provides you with the advanced knowledge, skills, and tools to achieve competency in performing advanced operations and troubleshooting of VMware Carbon Black Cloud. This course will go into integrating VMware Carbon Black Cloud with other third-party components and utilizing the API and the SDK to automate operations within the product and your security stack. This course will also enable you to troubleshoot common problems during sensor installation, operations, and within the VMware Carbon Black Cloud console with hands-on lab problems. Course Introduction Introductions and course logistics Course objectives VMware Carbon Black Cloud Integrations Describe the integration capabilities with VMware Carbon Black Cloud Determine integration use cases for VMware Carbon Black Cloud Identify required components for integrating VMware Carbon Black Cloud Differentiate VMware Carbon Black Cloud integration vendors VMware Carbon Black Cloud Syslog Integration Describe the function of the Syslog Connector Generate API and SIEM keys from the Cloud console Validate a successful Syslog integration Describe how to automate the Syslog Connector Troubleshoot problems with the Syslog integration Using Postman Explain the concept and purpose of an API Interpret common REST API Status codes Recognize the difference between platform and product APIs Using the Postman Client to initiate API calls Create a custom access level and respective API key Create a valid API request Using the VMware Carbon Black Cloud Python SDK Install the VMware Carbon Black Cloud Python SDK Describe the different authentication methods Evaluate the best authentication method for a given task Automating Operations Automate basic Incident Response tasks using the VMware Carbon Black Cloud SDK and API Automate basic watchlist interactions using the VMware carbon Black Cloud SDK and API Sensor Installation Troubleshooting Describe sensor install log collection process Identify sensor install log parameters Create a detailed sensor install log Locate sensor install logs on an endpoint Interpret sensor install success from an install log Determine likely cause for install failure using sensor logs Propose resolution steps for a given sensor install failure VMware Carbon Black Cloud Console Troubleshooting Identify sensor bypass status reasons Simplify console data exports using search Describe differences in Audit Log detail levels Locate built-in browser tools Gather console diagnostics logs from a browser Review console diagnostics logs Sensor Operations Troubleshooting Identify available types of diagnostic logs Gather appropriate diagnostic logs for a given issue Identify steps for resolving software interoperability problems Identify steps for resolving resource problems Identify steps for resolving network problems Additional course details:Notes Delivery by TDSynex, Exit Certified and New Horizons an VMware Authorised Training Centre (VATC) Nexus Humans VMware Carbon Black Cloud:Advanced Operations and Troubleshooting training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the VMware Carbon Black Cloud:Advanced Operations and Troubleshooting course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for This course is designed for persons aspiring to the Microsoft 365 Administrator role and have completed at least one of the Microsoft 365 role-based administrator certification paths. This course covers the following key elements of Microsoft 365 administration: Microsoft 365 tenant management, Microsoft 365 identity synchronization, and Microsoft 365 security and compliance. In Microsoft 365 tenant management, you learn how to configure your Microsoft 365 tenant, including your organizational profile, tenant subscription options, component services, user accounts and licenses, security groups, and administrative roles. You then transition to configuring Microsoft 365, with a primary focus on configuring Office client connectivity. Finally, you explore how to manage user-driven client installations of Microsoft 365 Apps for enterprise deployments. The course then transitions to an in-depth examination of Microsoft 365 identity synchronization, with a focus on Microsoft Entra Connect and Connect Cloud Sync. You learn how to plan for and implement each of these directory synchronization options, how to manage synchronized identities, and how to implement password management in Microsoft 365 using multifactor authentication and self-service password management. In Microsoft 365 security management, you begin examining the common types of threat vectors and data breaches facing organizations today. You then learn how Microsoft 365?s security solutions address each of these threats. You are introduced to the Microsoft Secure Score, as well as to Microsoft Entra ID Protection. You then learn how to manage the Microsoft 365 security services, including Exchange Online Protection, Safe Attachments, and Safe Links. Finally, you are introduced to the various reports that monitor an organization?s security health. You then transition from security services to threat intelligence; specifically, using Microsoft 365 Defender, Microsoft Defender for Cloud Apps, and Microsoft Defender for Endpoint. Once you have this understanding of Microsoft 365?s security suite, you then examine the key components of Microsoft 365 compliance management. This begins with an overview of all key aspects of data governance, including data archiving and retention, Microsoft Purview message encryption, and data loss prevention (DLP). You then delve deeper into archiving and retention, paying particular attention to Microsoft Purview insider risk management, information barriers, and DLP policies. You then examine how to implement these compliance features by using data classification and sensitivity labels. Prerequisites Completed a role-based administrator course such as Messaging, Teamwork, Security, Compliance, or Collaboration. A proficient understanding of DNS and basic functional experience with Microsoft 365 services. A proficient understanding of general IT practices. A working knowledge of PowerShell. 1 - Configure your Microsoft 365 experience Explore your Microsoft 365 cloud environment Configure your Microsoft 365 organizational profile Manage your tenant subscriptions in Microsoft 365 Integrate Microsoft 365 with customer engagement apps Complete your tenant configuration in Microsoft 365 2 - Manage users, licenses, and mail contacts in Microsoft 365 Determine the user identity model for your organization Create user accounts in Microsoft 365 Manage user account settings in Microsoft 365 Manage user licenses in Microsoft 365 Recover deleted user accounts in Microsoft 365 Perform bulk user maintenance in Microsoft Entra ID Create and manage guest users Create and manage mail contacts 3 - Manage groups in Microsoft 365 Examine groups in Microsoft 365 Create and manage groups in Microsoft 365 Create dynamic groups using Azure rule builder Create a Microsoft 365 group naming policy Create groups in Exchange Online and SharePoint Online 4 - Add a custom domain in Microsoft 365 Plan a custom domain for your Microsoft 365 deployment Plan the DNS zones for a custom domain Plan the DNS record requirements for a custom domain Create a custom domain in Microsoft 365 5 - Configure client connectivity to Microsoft 365 Examine how automatic client configuration works Explore the DNS records required for client configuration Configure Outlook clients Troubleshoot client connectivity 6 - Configure administrative roles in Microsoft 365 Explore the Microsoft 365 permission model Explore the Microsoft 365 admin roles Assign admin roles to users in Microsoft 365 Delegate admin roles to partners Manage permissions using administrative units in Microsoft Entra ID Elevate privileges using Microsoft Entra Privileged Identity Management Examine best practices when configuring administrative roles 7 - Manage tenant health and services in Microsoft 365 Monitor the health of your Microsoft 365 services Monitor tenant health using Microsoft 365 Adoption Score Monitor tenant health using Microsoft 365 usage analytics Develop an incident response plan Request assistance from Microsoft 8 - Deploy Microsoft 365 Apps for enterprise Explore Microsoft 365 Apps for enterprise functionality Explore your app compatibility by using the Readiness Toolkit Complete a self-service installation of Microsoft 365 Apps for enterprise Deploy Microsoft 365 Apps for enterprise with Microsoft Configuration Manager Deploy Microsoft 365 Apps for enterprise from the cloud Deploy Microsoft 365 Apps for enterprise from a local source Manage updates to Microsoft 365 Apps for enterprise Explore the update channels for Microsoft 365 Apps for enterprise Manage your cloud apps using the Microsoft 365 Apps admin center 9 - Analyze your Microsoft 365 workplace data using Microsoft Viva Insights Examine the analytical features of Microsoft Viva Insights Explore Personal insights Explore Team insights Explore Organization insights Explore Advanced insights 10 - Explore identity synchronization Examine identity models for Microsoft 365 Examine authentication options for the hybrid identity model Explore directory synchronization 11 - Prepare for identity synchronization to Microsoft 365 Plan your Microsoft Entra deployment Prepare for directory synchronization Choose your directory synchronization tool Plan for directory synchronization using Microsoft Entra Connect Plan for directory synchronization using Microsoft Entra Connect cloud sync 12 - Implement directory synchronization tools Configure Microsoft Entra Connect prerequisites Configure Microsoft Entra Connect Monitor synchronization services using Microsoft Entra Connect Health Configure Microsoft Entra Connect cloud sync prerequisites Configure Microsoft Entra Connect cloud sync 13 - Manage synchronized identities Manage users with directory synchronization Manage groups with directory synchronization Use Microsoft Entra Connect Sync Security Groups to help maintain directory synchronization Configure object filters for directory synchronization Explore Microsoft Identity Manager Troubleshoot directory synchronization 14 - Manage secure user access in Microsoft 365 Manage user passwords Enable pass-through authentication Enable multifactor authentication Enable passwordless sign-in with Microsoft Authenticator Explore self-service password management Explore Windows Hello for Business Implement Microsoft Entra Smart Lockout Implement conditional access policies Explore Security Defaults in Microsoft Entra ID Investigate authentication issues using sign-in logs 15 - Examine threat vectors and data breaches Explore today's work and threat landscape Examine how phishing retrieves sensitive information Examine how spoofing deceives users and compromises data security Compare spam and malware Examine account breaches Examine elevation of privilege attacks Examine how data exfiltration moves data out of your tenant Examine how attackers delete data from your tenant Examine how data spillage exposes data outside your tenant Examine other types of attacks 16 - Explore the Zero Trust security model Examine the principles and components of the Zero Trust model Plan for a Zero Trust security model in your organization Examine Microsoft's strategy for Zero Trust networking Adopt a Zero Trust approach 17 - Explore security solutions in Microsoft 365 Defender Enhance your email security using Exchange Online Protection and Microsoft Defender for Office 365 Protect your organization's identities using Microsoft Defender for Identity Protect your enterprise network against advanced threats using Microsoft Defender for Endpoint Protect against cyber attacks using Microsoft 365 Threat Intelligence Provide insight into suspicious activity using Microsoft Cloud App Security Review the security reports in Microsoft 365 Defender 18 - Examine Microsoft Secure Score Explore Microsoft Secure Score Assess your security posture with Microsoft Secure Score Improve your secure score Track your Microsoft Secure Score history and meet your goals 19 - Examine Privileged Identity Management Explore Privileged Identity Management in Microsoft Entra ID Configure Privileged Identity Management Audit Privileged Identity Management Control privileged admin tasks using Privileged Access Management 20 - Examine Azure Identity Protection Explore Azure Identity Protection Enable the default protection policies in Azure Identity Protection Explore the vulnerabilities and risk events detected by Azure Identity Protection Plan your identity investigation 21 - Examine Exchange Online Protection Examine the anti-malware pipeline Detect messages with spam or malware using Zero-hour auto purge Explore anti-spoofing protection provided by Exchange Online Protection Explore other anti-spoofing protection Examine outbound spam filtering 22 - Examine Microsoft Defender for Office 365 Climb the security ladder from EOP to Microsoft Defender for Office 365 Expand EOP protections by using Safe Attachments and Safe Links Manage spoofed intelligence Configure outbound spam filtering policies Unblock users from sending email 23 - Manage Safe Attachments Protect users from malicious attachments by using Safe Attachments Create Safe Attachment policies using Microsoft Defender for Office 365 Create Safe Attachments policies using PowerShell Modify an existing Safe Attachments policy Create a transport rule to bypass a Safe Attachments policy Examine the end-user experience with Safe Attachments 24 - Manage Safe Links Protect users from malicious URLs by using Safe Links Create Safe Links policies using Microsoft 365 Defender Create Safe Links policies using PowerShell Modify an existing Safe Links policy Create a transport rule to bypass a Safe Links policy Examine the end-user experience with Safe Links 25 - Explore threat intelligence in Microsoft 365 Defender Explore Microsoft Intelligent Security Graph Explore alert policies in Microsoft 365 Run automated investigations and responses Explore threat hunting with Microsoft Threat Protection Explore advanced threat hunting in Microsoft 365 Defender Explore threat analytics in Microsoft 365 Identify threat issues using Microsoft Defender reports 26 - Implement app protection by using Microsoft Defender for Cloud Apps Explore Microsoft Defender Cloud Apps Deploy Microsoft Defender for Cloud Apps Configure file policies in Microsoft Defender for Cloud Apps Manage and respond to alerts in Microsoft Defender for Cloud Apps Configure Cloud Discovery in Microsoft Defender for Cloud Apps Troubleshoot Cloud Discovery in Microsoft Defender for Cloud Apps 27 - Implement endpoint protection by using Microsoft Defender for Endpoint Explore Microsoft Defender for Endpoint Configure Microsoft Defender for Endpoint in Microsoft Intune Onboard devices in Microsoft Defender for Endpoint Manage endpoint vulnerabilities with Microsoft Defender Vulnerability Management Manage device discovery and vulnerability assessment Reduce your threat and vulnerability exposure 28 - Implement threat protection by using Microsoft Defender for Office 365 Explore the Microsoft Defender for Office 365 protection stack Investigate security attacks by using Threat Explorer Identify cybersecurity issues by using Threat Trackers Prepare for attacks with Attack simulation training 29 - Examine data governance solutions in Microsoft Purview Explore data governance and compliance in Microsoft Purview Protect sensitive data with Microsoft Purview Information Protection Govern organizational data using Microsoft Purview Data Lifecycle Management Minimize internal risks with Microsoft Purview Insider Risk Management Explore Microsoft Purview eDiscovery solutions 30 - Explore archiving and records management in Microsoft 365 Explore archive mailboxes in Microsoft 365 Enable archive mailboxes in Microsoft 365 Explore Microsoft Purview Records Management Implement Microsoft Purview Records Management Restore deleted data in Exchange Online Restore deleted data in SharePoint Online 31 - Explore retention in Microsoft 365 Explore retention by using retention policies and retention labels Compare capabilities in retention policies and retention labels Define the scope of a retention policy Examine the principles of retention Implement retention using retention policies, retention labels, and eDiscovery holds Restrict retention changes by using Preservation Lock 32 - Explore Microsoft Purview Message Encryption Examine Microsoft Purview Message Encryption Configure Microsoft Purview Message Encryption Define mail flow rules to encrypt email messages Add organizational branding to encrypted email messages Explore Microsoft Purview Advanced Message Encryption 33 - Explore compliance in Microsoft 365 Plan for security and compliance in Microsoft 365 Plan your beginning compliance tasks in Microsoft Purview Manage your compliance requirements with Compliance Manager Examine the Compliance Manager dashboard Analyze the Microsoft Compliance score 34 - Implement Microsoft Purview Insider Risk Management Explore insider risk management Plan for insider risk management Explore insider risk management policies Create insider risk management policies Investigate insider risk management activities and alerts Explore insider risk management cases 35 - Implement Microsoft Purview Information Barriers Explore Microsoft Purview Information Barriers Configure information barriers in Microsoft Purview Examine information barriers in Microsoft Teams Examine information barriers in OneDrive Examine information barriers in SharePoint 36 - Explore Microsoft Purview Data Loss Prevention Examine Data Loss Prevention Explore Endpoint data loss prevention Examine DLP policies View DLP policy results Explore DLP reports 37 - Implement Microsoft Purview Data Loss Prevention Plan to implement Microsoft Purview Data Loss Protection Implement Microsoft Purview's default DLP policies Design a custom DLP policy Create a custom DLP policy from a template Configure email notifications for DLP policies Configure policy tips for DLP policies 38 - Implement data classification of sensitive information Explore data classification Implement data classification in Microsoft 365 Explore trainable classifiers Create and retrain a trainable classifier View sensitive data using Content explorer and Activity explorer Detect sensitive information documents using Document Fingerprinting 39 - Explore sensitivity labels Manage data protection using sensitivity labels Explore what sensitivity labels can do Determine a sensitivity label's scope Apply sensitivity labels automatically Explore sensitivity label policies 40 - Implement sensitivity labels Plan your deployment strategy for sensitivity labels Examine the requirements to create a sensitivity label Create sensitivity labels Publish sensitivity labels Remove and delete sensitivity labels Additional course details: Nexus Humans MS-102T00: Microsoft 365 Administrator training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the MS-102T00: Microsoft 365 Administrator course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 4 Days 24 CPD hours This course is intended for This course benefits individuals responsible for implementing, monitoring, and troubleshooting Juniper security components. Overview After successfully completing this course, you should be able to: Demonstrate understanding of concepts covered in the prerequisite Juniper Security courses. Describe the various forms of security supported by the Junos OS. Describe the Juniper Connected Security model. Describe Junos security handling at Layer 2 versus Layer 3. Implement next generation Layer 2 security features. Demonstrate understanding of Logical Systems (LSYS). Demonstrate understanding of Tenant Systems (TSYS). Implement virtual routing instances in a security setting. Describe and configure route sharing between routing instances using logical tunnel interfaces. Describe and discuss Juniper ATP and its function in the network. Describe and implement Juniper Connected Security with Policy Enforcer in a network. Describe firewall filters use on a security device. Implement firewall filters to route traffic. Explain how to troubleshoot zone problems. Describe the tools available to troubleshoot SRX Series devices. Describe and implement IPsec VPN in a hub-and-spoke model. Describe the PKI infrastructure. Implement certificates to build an ADVPN network. Describe using NAT, CoS and routing protocols over IPsec VPNs. Implement NAT and routing protocols over an IPsec VPN. Describe the logs and troubleshooting methodologies to fix IPsec VPNs. Implement working IPsec VPNs when given configuration that are broken. Describe Incident Reporting with Juniper ATP On-Prem device. Configure mitigation response to prevent spread of malware. Explain SecIntel uses and when to use them. Describe the systems that work with SecIntel. Describe and implement advanced NAT options on the SRX Series devices. Explain DNS doctoring and when to use it. Describe NAT troubleshooting logs and techniques. This four-day course, designed to build off the current Juniper Security (JSEC) offering, delves deeper into Junos security, next-generation security features, and ATP supporting software. Chapter 1: Course Introduction Course Introduction Chapter 2: Junos Layer 2 Packet Handling and Security Features Transparent Mode Security Secure Wire Layer 2 Next Generation Ethernet Switching MACsec Lab 1: Implementing Layer 2 Security Chapter 3: Firewall Filters Using Firewall Filters to Troubleshoot Routing Instances Filter-Based Forwarding Lab 2: Implementing Firewall Filters Chapter 4: Troubleshooting Zones and Policies General Troubleshooting for Junos Devices Troubleshooting Tools Troubleshooting Zones and Policies Zone and Policy Case Studies Lab 3: Troubleshooting Zones and Policies Chapter 5: Hub-and-Spoke VPN Overview Configuration and Monitoring Lab 4: Implementing Hub-and-Spoke VPNs Chapter 6: Advanced NAT Configuring Persistent NAT Demonstrate DNS doctoring Configure IPv6 NAT operations Troubleshooting NAT Lab 5: Implementing Advanced NAT Features Chapter 7: Logical and Tenant Systems Overview Administrative Roles Differences Between LSYS and TSYS Configuring LSYS Configuring TSYS Lab 6: Implementing TSYS Chapter 8: PKI and ADVPNs PKI Overview PKI Configuration ADVPN Overview ADVPN Configuration and Monitoring Lab 7: Implementing ADVPNs Chapter 9: Advanced IPsec NAT with IPsec Class of Service with IPsec Best Practices Routing OSPF over VPNs Lab 8: Implementing Advanced IPsec Solutions Chapter 10: Troubleshooting IPsec IPsec Troubleshooting Overview Troubleshooting IKE Phase 1 and 2 IPsec Logging IPsec Case Studies Lab 9: Troubleshooting IPsec Chapter 11: Juniper Connected Security Security Models Enforcement on Every Network Device Chapter 12: SecIntel Security Feed Encrypted Traffic Analysis Use Cases for SecIntel Lab 10: Implementing SecIntel Chapter 13:Advanced Juniper ATP On-Prem Collectors Private Mode Incident Response Deployment Models Lab 11: Implementing Advanced ATP On-Prem Chapter 14: Automated Threat Mitigation Identify and Mitigate Malware Threats Automate Security Mitigation Lab 12: Identifying and Mitigation of Threats Additional course details: Nexus Humans AJSEC - Advanced Junos Security training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the AJSEC - Advanced Junos Security course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

A flexible, modular-based, programme to heighten participants' awareness of ways in which their operations can affect the environment, the principles of environmental management and the practical steps they need to take as individuals and as an organisation to improve environmental performance. Depending on the course modules selected, this programme will give participants: Increased awareness of relevant environmental issues A greater understanding of, and commitment to, the organisation's environmental management programme Preparation for any responsibilities they may have under an Environmental Management System Further benefits according to options chosen 1 Environmental awareness Definition of 'the environment' Key environmental issuesGlobal warmingOzone depletionAcid rainAir qualityWater pollutionContaminated landLand take and green belt shrinkageResource usageHabitat destruction and species extinctions. Option: This module can be used to explain the key environmental issues related to the activities of your own organisation. Diagrams, photos, pictures, examples and statistics relevant to your own organisation are used where possible to illustrate the points being made. 2 Environmental legislation Key elements of environmental legislation affecting the activities of your organisation - including international, European and UK legislation. Legislation of particular relevance to your organisation - how it affects the operations of your organisation Option: Legislation can be dealt with according to which aspect of the environment it protects (eg, air, water, waste) or which part of your organisation's activities it affects Consequences of breaching legislation 3 Environmental management systems Overview of what an environmental management system isHow is an Environmental Management System (EMS) designed and put together?Key elements (emphasising Plan - Do - Check - Review cycle)The need to continually improve Pros and consReasons for having an EMSBenefits of an EMSConsequences of not managing the environmentCosts of installing an EMS Explanation of ISO 14001 and EMAS standards and guidance as applicable to the EMSs of your organisationOverview of your organisation's EMSHow it was set up / is being developed / operatesWho is responsible for itKey parts of system (eg, environmental policy, objectives and targets) identified and discussedEMS documentation - what and where it is. Workshop option: Brainstorm 'Pros and cons' with the participants, come up with all their ideas for good and bad things about EMS and demonstrate that the 'good' list is longer than the 'bad' 4 Environmental consequences Define what an environmental impact is and discuss how they are determined, with reference to the EMS Identify why we want to determine the environmental consequences of operations and activities; how they are used in the EMS for planning, and reducing the impact on the environment Establish key environmental consequences of construction and operational activities on the site; discuss significance ranking and the control measures in place in your organisation. Workshop option: In small groups, participants are asked to identify the impact on the environment of your organisation's activities or a part of their activities. They are then asked to rank these impacts in terms of their significance, using guidelines provided to help them be aware of the contributing factors (eg, frequency, severity). For a selected number of the impacts, the participants are asked to identify what control measures there are and which of these they play a part in. All stages can be discussed with trainers as a whole group at various stages during the workshop. 5 Protected species, nature conservation and invasive weeds Nature conservation, landscape and visual issues in the planning process - overview of key nature UK wildlife legislation, EIA, appropriate timing of surveys, Hedgerow regulations and landscape and visual impact issues Ecological issues - ecological legislation, significant species, hedgerows Archaeology in the development process - why archaeology is important, organisation in the UK, legislation and planning guidance Construction phase issues and consents - major environmental issues during construction, including water resources and land drainage consents, discharges to land or water, water abstraction, public rights of way, tree protection, waste management, Special waste, noise, good practice pollution control and Environmental Audits Identification and management of invasive weeds - including legal position regarding management 6 Chemicals and fuels handling and storage How health and safety management is closely linked to environmental management of materials Planning - what mechanisms are in place for planning materials use; legislation, guidance and policies which define how to manage materials Materials storage - what are the considerations for storing materials, covering:Labels: what are the different types and what do they tell us?Storage facilities: what are the requirements for safe storage of materials (eg, signs, secondary containment, access, segregation, lids/covers)Handling: safe handling for protecting the environment, organisational procedures, high risk situations (eg, decanting, deliveries), how to reduce the risks (eg, use of funnels, proper supervision, training)COSHH and MSDS: brief explanation of legislation and its role in environmental control of hazardous materials, how to use the information provided by COSHH assessments Option: These sessions can be illustrated with photographs/pictures and examples of good and bad storage and handling practices Workshop Options: Labelling Quiz - quick-fire quiz on what different labels tell us; Build a Storage Facility - participants are asked to consider all the environmental requirements for building a safe storage facility for their organisation 7 On-site control measures Overview of the legislation associated with nuisance issues on site and mitigating problems when they arise Examples of bad practice, including fuel storage tanks and mobile equipment - costs involved with prosecution of fuel spills, remediation costs, management costs, legal fees, bad PR coverage Identification and management of contaminated land and relevant legislation Workshop option: Participants are provided with a site plan containing information on site features, environmental conditions and indications of potential issues 8 Waste management Why worry about waste? - a look at how waste disposal can impact on the environment, illustrated by examples of waste-related incidents, statistics on waste production on national, industry-wide and organisational levels, landfill site space, etc Legislation - overview of the relevant legislation, what the main requirements of the regulations are, what penalties there are, and the associated documentation (waste transfer notes) Waste classification - a more in-depth look at how waste is classified under legislation according to hazardous properties, referring to Environment Agency guidance Handling and storage requirements - what are the requirements of the applicable waste legislation and how are they covered by organisational procedures? Examples of good and bad environmental practice associated with handling and storing waste. Workshop option: 'Brown bag' exercise - participants pass round a bag containing tags each with a different waste printed on. They are asked to pick out a tag and identify the classification and the handling, storage and disposal requirements for the waste they select Waste minimisation - overview of the waste minimisation 'ladder' and its different options (elimination, reduction, reuse and recycling), benefits of waste minimisation, examples of waste minimisation techniques Workshop option: Participants are asked to identify opportunities that actually exist within the organisation for minimising production of waste that are not currently being taken advantage of 9 Auditing Requirements for environmental auditing of operations Auditing the EMS Types of internal and external audits Requirements EMS standards (ISO 14001 and EMAS) Carrying out internal audits and being prepared for external audits Workshop options:Mock audit 'Brown Bag' - can be used either for trainers to test participants as if they were in an audit situation, or for the participants to test each other and practice their auditing technique. The bag contains tags each with a different topic printed on (eg, waste skips); participants pass the bag round and select a tag; they are then questioned by the trainer or another participant about that topic as if they were in an audit situation. If the participants are auditing each other, they will be provided with a set of guidelines to keep in mind during the workshop.Virtual auditing - a more practical workshop where participants review photographs of situations/activities relevant to the organisation's operations. They are asked to identify all the good and bad environmental practices that are occurring in the situations. 10 Incident response What should you do when an incident does happen? What should be in a spill kit? When should you call in the experts? When should you inform the Environment Agency or Environmental Health Officer? Workshop option: The participants are provided with some incident scenarios and asked to develop a response to the incident 11 Monitoring and reporting Environmental monitoring programmes and procedures Monitoring and reporting as control measures for environmental consequences Monitoring and environmental 'STOP' card systems - personal and behavioural monitoring and reporting

Duration 5 Days 30 CPD hours This course is intended for Although there are no mandatory prerequisites, the course is particularly suited for the following audiences: Cybersecurity engineer Cybersecurity investigator Incident manager Incident responder Network engineer SOC analysts currently functioning at entry level with 2+ years of experience Overview After taking this course, you should be able to: Describe the types of service coverage within a SOC and operational responsibilities associated with each. Compare security operations considerations of cloud platforms. Describe the general methodologies of SOC platforms development, management, and automation. Explain asset segmentation, segregation, network segmentation, micro-segmentation, and approaches to each, as part of asset controls and protections. Describe Zero Trust and associated approaches, as part of asset controls and protections. Perform incident investigations using Security Information and Event Management (SIEM) and/or security orchestration and automation (SOAR) in the SOC. Use different types of core security technology platforms for security monitoring, investigation, and response. Describe the DevOps and SecDevOps processes. Explain the common data formats, for example, JavaScript Object Notation (JSON), HTML, XML, CommaSeparated Values (CSV). Describe API authentication mechanisms. Analyze the approach and strategies of threat detection, during monitoring, investigation, and response. Determine known Indicators of Compromise (IOCs) and Indicators of Attack (IOAs). Interpret the sequence of events during an attack based on analysis of traffic patterns. Describe the different security tools and their limitations for network analysis (for example, packet capture tools, traffic analysis tools, network log analysis tools). Analyze anomalous user and entity behavior (UEBA). Perform proactive threat hunting following best practices. The Performing CyberOps Using Cisco Security Technologies (CBRCOR) v1.0 course guides you through cybersecurity fundamentals and prepares you for the role of Information Security Analyst on a Security Operations Center team. You?ll learn to automate for security using cloud platforms and how to apply your knowledge to real-world scenarios Course Outline Understanding Risk Management and SOC Operations Understanding Analytical Processes and Playbooks Investigating Packet Captures, Logs, and Traffic Analysis Investigating Endpoint and Appliance Logs Understanding Cloud Service Model Security Responsibilities Understanding Enterprise Environment Assets Threat Tuning Threat Researching and Threat Intelligence Practices Understanding APIs Understanding SOC Development and Deployment Models Performing Security Analytics and Reports in a SOC Malware Forensics Basics Threat Hunting Basics Additional course details: Nexus Humans Cisco Performing CyberOps Using Cisco Security Technologies (CBRCOR) v1.0 training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Cisco Performing CyberOps Using Cisco Security Technologies (CBRCOR) v1.0 course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 3 Days 18 CPD hours This course is intended for Security analyst, threat hunters, or incident responders Security professionals who work with enterprise and endpoint security tools Overview By the end of the course, you should be able to meet the following objectives: Describe the architecture of a Carbon Black EDR implementation Perform the installation, upgrade, and configuration of the Carbon Black EDR server Describe the purpose and use of multiple datastores in the server Perform live queries across endpoints to gather additional data Perform effective searches across the dataset to find security artifacts related to the endpoints Manage Threat Intelligence Feeds and Watchlists Describe connectors in Carbon Black EDR Troubleshoot server and sensor problems Analyze data found in the Heads-Up Display Manage investigations to group and summarize security incidents and artifacts Perform the different response capabilities available to users in Carbon Black EDR Use the Carbon Black EDR API to automate tasks This three-day, hands-on training course provides you with the knowledge, skills, and tools to achieve competency in installing, configuring, and managing the VMware Carbon Black© EDR? environment. This course introduces you to product features, capabilities, and workflows for managing endpoint security. Hands-on labs enable learners to reinforce topics by performing operations and tasks within the product in a training environment. Course Introduction Introductions and course logistics Course objectives Planning and Architecture Describe the architecture and components of Carbon Black EDR Identify the communication requirements for Carbon Black EDR Server Installation, Upgrade, and Administration Install the Carbon Black EDR server Describe the options during the installation process Install a Carbon Black EDR sensor Confirm data ingestion in the Carbon Black EDR server Identify built-in administration tools Manage sensor groups Manage users and teams Server Datastores Describe the datastores used in Carbon Black EDR Interact with the available datastores Live Query Describe live query capabilities Perform queries across endpoints Searching and Best Practices Describe the capabilities and data available in the process search Perform process searches to find specific endpoint activity Describe the capabilities and data available in the binary search Perform binary searches to find application data Describe the query syntax and advanced use cases Perform advanced queries across the dataset Threat Intelligence Feeds and Watchlists Define Threat Intelligence Feeds Manage the available Threat Intelligence Feeds Describe the use of Watchlists Manage Watchlists in the environment Connectors in Carbon Black EDR Configure connectors in Carbon Black EDR Troubleshoot connectors Troubleshooting Identify the available troubleshooting scripts in the Carbon Black EDR server Run troubleshooting scripts to identify problems Generate a sensor log bundle Identify the location of sensor registry keys Head-Up Display Identify panels relating to endpoint data Analyze endpoint data provided by the panels Identify panels relating to operations data Analyze operations data provided by the panels Identify panels relating to server data Analyze server data provided by the panels Define alert generation in Carbon Black EDR Manage alerts Investigations Describe investigations Explore data used in an investigation Manage investigations Manage investigation events Responding to Endpoint Incidents Describe isolation in Carbon Black EDR Manage isolating endpoints Describe live response capabilities Manage live response sessions Describe hash banning Manage banned hashes Overview of Postman and the Carbon Black EDR API Explain the use of the API Differentiate the APIs available for Carbon Black EDR Explain the purpose of API tokens Create an API token Explain the API URL Create a valid API request Import a collection to Postman Initiate an API request from Postman Perform operations manually using Postman Analyze the use cases for Postman Show basic automation tasks using the API and curl Compare the usage of curl with Postman Additional course details:Notes Delivery by TDSynex, Exit Certified and New Horizons an VMware Authorised Training Centre (VATC) Nexus Humans VMware Carbon Black EDR: Install, Configure, Manage [V7.x] training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the VMware Carbon Black EDR: Install, Configure, Manage [V7.x] course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for Cybersecurity analysts and engineers and security operations specialists, as well as administrators and product deployers. Overview Successful completion of this instructor-led course with hands-on lab activities should enable you to: Describe the architecture and components of the Cortex XDR family Use the Cortex XDR management console Create Cortex XDR agent installation packages, endpoint groups, and policies Deploy Cortex XDR agents on endpoints Create and manage exploit and malware prevention profiles Investigate alerts and prioritize them using starring and exclusion policies Tune Security profiles using Cortex XDR exceptions Perform and track response actions in the Action Center Perform basic troubleshooting related to Cortex XDR agents Deploy a Broker VM and activate the Local Agents Settings applet Understand Cortex XDR deployment concepts and activation requirements Work with the Customer Support Portal and Cortex XDR Gateway for authentication and authorization This instructor-led training enables you to prevent attacks on your endpoints. After an overview of the Cortex XDR components, the training introduces the Cortex XDR management console and demonstrates how to install agents on your endpoints and how to create Security profiles and policies. The training enables you to perform and track response actions, tune profiles, and work with Cortex XDR alerts. The training concludes with discussions about basic troubleshooting of the agent, the on-premises Broker VM component, and Cortex XDR deployment. Course Outline This class is comprised of the following modules: Module 1 - Cortex XDR Family Overview Module 2 - Cortex XDR Main Components Module 3 - Cortex XDR Mangement Components Module 4 - Profiles and Policy Rules Module 5 - Malware Protection Module 6 - Exploit Protection Module 7 - Cortex XDR Alerts Module 8 - Tuning Policies using Exceptions Module 9 - - Response Actions Module 10 - Basic Agent Troubleshooting Module 11 - Broker VM Overview Module 12 - Deployment Consideration

Duration 2 Days 12 CPD hours This course is intended for Cybersecurity analysts and engineers Security operations specialists Overview Successful completion of this instructor-led course with hands-on lab activities should enable participants to: Investigate and manage incidents Describe the Cortex XDR causality and analytics concepts Analyze alerts using the Causality and Timeline Views Work with Cortex XDR Pro actions such as remote script execution Create and manage on-demand and scheduled search queries in the Query Center Create and manage the Cortex XDR rules BIOC and IOC Working with Cortex XDR assets and inventories Write XQL queries to search datasets and visualize the result sets Work with Cortex XDR's external-data collection This instructor-led course teaches you how to use the Incidents pages of the Cortex XDR management console to investigate attacks. It explains causality chains, detectors in the Analytics Engine, alerts versus logs, log stitching, and the concepts of causality and analytics. You will learn how to analyze alerts using the Causality and Timeline Views and how to use advanced response actions, such as remediation suggestions, the EDL service, and remote script execution. Multiple modules focus on how to leverage the collected data. You will create simple search queries in one module and XDR rules in another. The course demonstrate how to use specialized investigation views to visualize artifact-related data, such as IP and Hash Views. Additionally, it provides an introduction to XDR Query Language (XQL). The course concludes with Cortex XDR external-data collection capabilities, including the use of Cortex XDR API to receive external alerts. This class is powered by Cloud Harmonics. Course Outline Module 1 - Cortex XDR Incidents Module 2 - Causality and Analytics Concepts Module 3 - Causality Analysis of Alerts Module 4 - Advanced Response Actions Module 5 - Building Search Queries Module 6 - Building XDR Rules Module 7 - Cortex XDR Assets Module 8 - Introduction to XQL Module 9 - External Data Collection