56 IT Security courses in Exeter delivered Live Online

Duration 3 Days 18 CPD hours This course is intended for This course is recommended for technical professionals who perform advanced deployment configurations of Check Point products. Overview Provide an overview of the upgrade service and options available. Explain how to perform management upgrade and migration. Articulate the process using CPUSE features. Articulate the purpose and function of Management High Availability. Explain Primary vs Secondary, Active vs Standby and Synchronization. Explain disaster recovery steps in case the primary management server becomes unavailable. Provide overview of Central Deployment in SmartConsole. Articulate an understanding of Security Gateway cluster upgrade methods. Explain about Multi Version Cluster (MVC) upgrades. Discuss Gaia Commands and how they are used. Explain the main processes on s and s. Describe how to work with scripts and SmartTasks to configure automatic actions. Explain the Management Data Plane Separation (MDPS) Explain kernel operations and traffic flow Articulate Dynamic and Updatable Objects in Security Gateways Explain the policy installation flow and files used. Describe the use of policy installation history. Explain concurrent and accelerated install policy. Describe an overview of APIs and ways to use and authenticate. Explain how to make changes in GAIA and management configuration. Explain how to install policy using API. Explain how the SecureXL acceleration technology enhances and optimizes Security Gateway performance. Describe how the CoreXL acceleration technology enhances and improves Security Gateway performance. Articulate how utilizing multiple traffic queues can make traffic handling more efficient. Discuss Site-to-Site VPN basics, deployment and communities. Describe how to analyze and interpret VPN tunnel traffic. Explain Link Selection and ISP Redundancy options. Explain tunnel management features. Discuss Check Point Remote Access solutions and how they differ from each other. Describe how client security can be provided by Remote Access . Explain authentication methods including machine authentication. Explain Multiple Entry Point (MEP). Discuss the Mobile Access Software Blade and how it secures communication and data exchange during remote connections. Learn basic concepts and develop skills necessary to administer IT security fundamental tasks. Course Outline Prepare for a Security Management Server Upgrade Upgrade the Security Management Server Deploy a Secondary Security Management Server Configure a Distributed Log Server Upgrade a Security Gateway from SmartConsole Work with the Command Line Use Scripts and SmartTasks Configure Dynamic Objects Monitor Traffic Verify Policy Installation and Status Work with Gaia and Management APIs Work with Acceleration Features Configure a Locally Managed Site to Site VPN Configure a Site to Site VPN with an Interoperable Device Configure Remote Access VPN Configure Mobile Access VPN Configure a High Availability Cluster Work with ClusterXL Configure Policy Compliance Deploy SmartEvent

Duration 3 Days 18 CPD hours This course is intended for Channel and Customer Engineers Network Engineer System Engineer Wireless Engineer Consulting Systems Engineer Technical Solutions Architect Network Admisnistrator Wireless Design Engineer Network Manager Channel SEs Sales Engineer Channel AMs Account Manager Overview Upon completing this course, students will be able to meet these objectives: Understand the overall architecture of the Cisco security solutions and how APIs help enable security Understand how to use Cisco Firepower APIs Understand how pxGrid APIs function and their benefits Understand what capabilities the Cisco Stealthwatch APIs offer and construct API requests to them for configuration changes and auditing purposes Understand the features and benefits of using Cisco Stealthwatch Cloud APIs Learn how to use the Cisco Umbrella Investigate API Understand the Functionality provided by Cisco AMP and its APIs Learn how to use Cisco Threat Grid APIs to analyze, search, and dispose of threats This course demonstrates the tools and the benefits of leveraging programmability and automation in Cisco Security Solutions, including Cisco Firepower Management Center, Cisco Firepower Threat Defense, Cisco ISE, Cisco pxGrid, Cisco Stealthwatch Enterprise, Cisco Stealthwatch Cloud, Cisco Umbrella, Cisco AMP, Cisco Threat grid, and Cisco Security Management Appliances. Students will learn how to use the API for each Cisco security solution and specific applications of when the API benefits IT security content. Introducing Cisco Security APIs Role of APIs in Cisco Security Solutions Cisco Firepower, Cisco ISE, Cisco pxGrid, and Cisco Stealthwatch APIs Use cases and security workflow Consuming Cisco Advanced Malware Protection APIs Cisco AMP overview Cisco AMP endpoint API Cisco AMP use cases and workflows Discovery 1: Query Cisco AMP endpoint APIs for verifying compliance Using Cisco ISE Introducing Cisco Identity services engine Cisco ISE use cases Cisco ISE APIs Using Cisco pxGrid APIs Cisco pxGrid overview WebSockets and STOMP messaging protocol Discovery 2: Use the REST API and Cisco pxGrid with Cisco Identity services engine Using Cisco Threat Grid APIs Cisco threat grid overview Cisco threat grid API Cisco threat grid use cases and workflows Discovery 3: Construct a Python script using the Cisco threat grid API Investigating Cisco Umbrella Security Data Programmatically Cisco Umbrella investigate API overview Cisco Umbrella investigate API: Details Discovery 4: Query security data with the Cisco Umbrella investigate API Exploring Cisco Umbrella Reporting and Enforcement APIs Cisco Umbrella reporting and enforcement APIs: Overview Cisco Umbrella reporting and enforcement APIs: Deep dive Discovery 5: Generate reports using the Cisco Umbrella reporting API Automating Security with Cisco Firepower APIs Review basic constructs of Firewall policy management Design policies for automation Cisco FMC APIs in depth Discovery 6: Explore the Cisco Firepower management center API Cisco FTD automation with ansible Discovery 7: Use ansible to automate Cisco Firepower threat defense configuration Cisco FDM API in depth Discovery 8: Automate Firewall policies using the Cisco Firepower device manager API Operationalizing Cisco Stealthwatch and Its API Capabilities Cisco Stealthwatch overview Cisco Stealthwatch APIs: Details Discovery 9: Automate alarm policies and create reports using the Cisco Stealthwatch APIs Using Cisco Stealthwatch Cloud APIs Cisco Stealthwatch Cloud overview Cisco Stealthwatch Cloud APIs: Deep dive Discovery 10: Construct a report using Cisco stealthwatch Cloud APIs Describing Cisco Security Management Appliance APIs Cisco SMA APIs overview Cisco SMA API Discovery 11: Construct reports using Cisco SMA APIs

Duration 3 Days 18 CPD hours This course is intended for This course is for network managers, resellers, systems administrators, client security administrators, systems professionals, and consultants who are charged with the installation, configuration, and day-to-day management of Symantec Endpoint Protection in a variety of network environments, and who are responsible for troubleshooting and tuning the performance of this product in the enterprise environment. Overview At the completion of the course, you will be able to: Describe Symantec Endpoint Protection products, components, dependencies, and system hierarchy. Install and configure Symantec Endpoint Protection management and client components. Deploy Symantec Endpoint Protection Windows, Windows Embedded, Mac and Linux clients. Manage the client user interface. Manage content updates for Windows, Mac, and Linux. Perform server and database management. Configure replication and load balancing. Design a Symantec Endpoint Protection environment. This course is designed for the network, IT security, and systems administration professional tasked with architecting and implementing Symantec Endpoint Protection. Introduction Course overview The classroom lab environment Symantec Endpoint Protection Product Solution Why use Symantec Endpoint Protection? Symantec Endpoint Protection technologies Symantec Endpoint Protection services Symantec Endpoint Protection components Symantec Endpoint Protection policies and concepts Extending Symantec Endpoint Protection Installing the Symantec Endpoint Protection Manager Identifying system requirements Preparing servers for installation Installing and configuring the Symantec Endpoint Protection Manager Describing Symantec Endpoint Protection upgrades and version compatibility Configuring the Symantec Endpoint Protection Environment Starting and navigating the SEPM Describing policy types and components Console authentication Licensing the SEP environment Deploying Windows and Windows Embedded Clients Planning the client deployment Configuring client deployment package Deploying packages to clients Maintaining the client environment Upgrading Symantec Endpoint Protection clients Deploying Mac and Linux Clients Linux prerequisites Linux deployment Mac prerequisites Mac deployment Client and Policy Management Describing SEPM and client communications Administering clients Configuring groups Configuring locations Active Directory integration with SEP 12.1 Client configuration modes Configuring domains General client settings and Tamper Protection Configuring Content Updates for Windows Clients Introducing LiveUpdate Configuring the SEPM for LiveUpdate Configuring the LiveUpdate Settings and Content policies Configuring multiple group update providers (GUPs) Manually updating virus definitions Configuring Content Updates for Mac and Linux Clients Describing content update methods Configuring the LiveUpdate policy Configuring the SEPM as a reverse proxy Monitoring updates Performing Server and Database Management Managing SEPM servers Maintaining server security Communicating with other servers Managing administrators Managing the database Disaster recovery techniques Configuring Replication and Failover and Load Balancing About sites and replication How replication works Symantec Endpoint Protection replication scenarios Configuring replication Failover and load balancing Designing a Symantec Endpoint Environment Architecture components Architecture constraints Component placement Content delivery Determining client to SEPM ratios SEPM and database sizing best practices

Duration 2 Days 12 CPD hours This course is intended for This course is for network managers, resellers, systems administrators, client security administrators, systems professionals, and consultants who are charged with the configuration and day-to-day management of Symantec Endpoint Protection in a variety of network environments. Overview By the completion of this course, you will be able to: Manage Virus and Spyware Protection policies. Manage SONAR scans. Manage Firewall and Intrusion Prevention policies. Manage Application and Device Control policies. Manage System Lockdown. Manage Host Integrity. Manage Virtualized clients. This course is designed for the network, IT security, and systems administration professional tasked with implementing and monitoring virus and spyware protection, zero-day protection, and network threat protection solutions. Introduction Course overview The classroom lab environment Introducing Antivirus, Insight, and SONAR Virus and spyware protection needs and solutions Reputation and Insight Administrator-defined scans Auto-Protect Download Insight SONAR Included Virus and Spyware Protection policies Managing Virus and Spyware Protection Policies for Windows Configuring administrator-defined scans Configuring protection technology settings and scans Configuring e-mail scans Configuring advanced options Managing scanned clients Managing Virus and Spyware Protection Policies for Mac and Linux Configuring Virus and Spyware settings for Mac Configuring Virus and Spyware settings for Linux Configuring advanced options Managing Exception Policies Exceptions and exclusions Configuring the Exceptions policy Introducing Network Threat Protection The OSI model and network threats Network threat tools and attack methods Attack and mitigation Managing Firewall Policies Firewall policy overview Defining rule components Modifying firewall rules Configuring built-in rules Configuring protection and stealth settings Configuring Windows integration settings Managing Intrusion Prevention Policies Configuring network and browser intrusion prevention Managing custom signatures Compliance Management Application and Device Control System Lockdown Host Integrity Virtualization Introducing virtualization features Virtual image exception Network and vShield Shared Insight Cache Virtual client tagging Offline image scanner Windows Azure support Additional course details: Nexus Humans Symantec Endpoint Protection 12.X - Manage And Administer training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Symantec Endpoint Protection 12.X - Manage And Administer course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 1 Days 6 CPD hours This course is intended for The course is designed for anyone desiring or requiring an understanding of how to manage cloud technologies as a business asset. This includes: IT Asset Managers Hardware Asset Managers Software Asset Managers Cloud Asset Managers Cloud Project Managers IT Managers IT Cloud Managers and Developers Cloud Vendor Managers IT Procurement IT Security Professionals Overview The student will learn the nuances of cloud assets and manage them from a financial, risk, compliance, and efficiency perspective. Upon completion of the course, the student will be able to: Understand the attributes of and requirements for managing cloud assets Define and develop cloud asset management processes Create cloud asset policies Develop and implement a communication plan for managing cloud assets Identify tool requirements to support the cloud asset type Develop cloud vendor contract requirements Understand and articulate individual and department responsibilities for the cloud asset management program Define requirements for managing cloud vendors Assess the organization's cloud asset management readiness This course takes an in-depth look at cloud assets. It defines how to manage these assets using best practical practices for the primary cloud architectures Software-as-a-Service, Platform-as-a-Service, and Infrastructure as-a-Service. What is Information Technology Asset Management? Why Cloud Solutions Need ITAM Introducing Cloud Services Vendor's Tools Cloud Vendor Management Communication Managing SaaS Acquire Phase Receive Phase Deploy Phase In-Use Phase Recover Phase Dispose Phase Example Vendor Reports Terms and Conditions Vendor Scorecard Managing IaaS and PaaS ITAM Data Center Challenges, Before Virtualization ITAM Data Center Challenges, with Virtualization The Data Center Transformation The End-User ITAM Supporting Processes Acquire Phase Receive Phase Deploy Phase In-Use Phase Recover Phase Dispose Phase Software Asset Management Example Vendor Reports Terms and Conditions Vendor Scorecard Disaster Recovery PlanDisposal of Replaced IT AssetsCAM and the ITAM Hierarchy Additional course details: Nexus Humans The Definitive Guide to Cloud Asset Management training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the The Definitive Guide to Cloud Asset Management course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for This course is recommended for technical professionals who support, install, deploy or administer Check Point products. This course is recommended for technical professionals who perform advanced deployment configurations of Check Point products. Overview CCSA Know how to perform periodic administrator tasks. Describe the basic functions of the Gaia operating system. Recognize SmartConsole features, functions, and tools. Understand how SmartConsole is used by administrators to give user access. Learn how Check Point security solutions and products work and how they protect networks. Understand licensing and contract requirements for Check Point security products. Describe the essential elements of a Security Policy. Understand the Check Point policy layer concept. Understand how to enable the Application Control and URL Filtering software. Blades to block access to various applications. Describe how to configure manual and automatic NAT. Identify tools designed to monitor data, determine threats and recognize opportunities for performance improvements. Describe different Check Point Threat Prevention solutions for network attacks. Articulate how the Intrusion Prevention System is configured, maintained and tuned. Understand the Infinity Threat Prevention system. Knowledge about Check Point's IoT Protect. CCSE Provide an overview of the upgrade service and options available. Explain how to perform management upgrade and migration. Articulate the process using CPUSE features. Articulate the purpose and function of Management High Availability. Explain Primary vs Secondary, Active vs Standby and Synchronization. Explain disaster recovery steps in case the primary management server becomes unavailable. Provide overview of Central Deployment in SmartConsole. Articulate an understanding of Security Gateway cluster upgrade methods. Explain about Multi Version Cluster (MVC) upgrades. Discuss Gaia Commands and how they are used. Explain the main processes on s and s. Describe how to work with scripts and SmartTasks to configure automatic actions. Explain the Management Data Plane Separation (MDPS) Explain kernel operations and traffic flow Articulate Dynamic and Updatable Objects in Security Gateways Explain the policy installation flow and files used. Describe the use of policy installation history. Explain concurrent and accelerated install policy. Describe an overview of APIs and ways to use and authenticate. Explain how to make changes in GAIA and management configuration. Explain how to install policy using API. Explain how the SecureXL acceleration technology enhances and optimizes Security Gateway performance. Learn basic concepts and develop skills necessary to administer IT security fundamental tasks. CCSA Outline Configure the Security Management Server. Use the WebUI to run the First Time Wizard. Install the Smart Console. Install the Alpha Gateway using the network detailed in the course topology. Demonstrate how the Security Management Server and Gateway communicate. Test SIC Status. Create multiple administrators and apply different roles and permissions for simultaneous administration. Validate existing licenses for products installed on the network. Create and configure host, network and group objects. Create a simplified Security Policy. Demonstrate how to use Security Zones in policy. Demonstrate how to share a layer between Security Polices. Configure Network Address Translation for server and network objects. Enable Identity Awareness. Deploy user access roles for more granular control of the security Policy. Generate network Traffic and use traffic visibility tools to monitor the data. Use SmartConsole and SmartView Monitor to view status, alerts, and block suspicious traffic. CCSE Outline Prepare for a Security Management Server Upgrade Upgrade the Security Management Server Deploy a Secondary Security Management Server Configure a Distributed Log Server Upgrade a Security Gateway from SmartConsole Work with the Command Line Use Scripts and SmartTasks Configure Dynamic Objects Monitor Traffic Verify Policy Installation and Status Work with Gaia and Management APIs Work with Acceleration Features Configure a Locally Managed Site to Site VPN Configure a Site to Site VPN with an Interoperable Device Configure Remote Access VPN Configure Mobile Access VPN Configure a High Availability Cluster Work with ClusterXL Configure Policy Compliance Deploy SmartEvent

Duration 5 Days 30 CPD hours This course is intended for This course is targeted towards the information technology (IT) professional that has a minimum 1 year IT Security and Networking experience. This course would be ideal for Information System Owners, Security Officers, Ethical Hackers, Information Owners, Penetration Testers, System Owner and Managers as well as Cyber Security Engineers. Overview Upon completion, the Certified Professional Ethical Hacker candidate will be able to competently take the CPEH exam. The CPEH certification training enables students to understand the importance of vulnerability assessments and how to implement counter response along with preventative measures when it comes to a network hack. Security Fundamentals Overview The Growth of Environments and Security Our Motivation? The Goal: Protecting Information! CIA Triad in Detail Approach Security Holistically Security Definitions Definitions Relationships Method: Ping The TCP/IP Stack Which Services Use Which Ports? TCP 3-Way Handshake TCP Flags Malware Types of Malware Types of Malware Cont... Types of Viruses More Malware: Spyware Trojan Horses Back Doors DoS DDoS Packet Sniffers Passive Sniffing Active Sniffing Firewalls, IDS and IPS Firewall ? First Line of Defense IDS ? Second Line of Defense IPS ? Last Line of Defense? Firewalls Firewall Types: (1) Packet Filtering Firewall Types: (2) Proxy Firewalls Firewall Types ? Circuit-Level Proxy Firewall Type of Circuit- Level Proxy ? SOCKS Firewall Types ? Application-Layer Proxy Firewall Types: (3) Stateful Firewall Types: (4) Dynamic Packet-Filtering Firewall Types: (5) Kernel Proxies Firewall Placement Firewall Architecture Types ? Screened Host Multi- or Dual-Homed Screened Subnet Wi-Fi Network Types Wi-Fi Network Types Widely Deployed Standards Standards Comparison 802.11n - MIMO Overview of Database Server Review Access Controls Overview Role of Access Control Definitions More Definitions Categories of Access Controls Physical Controls Logical Controls ?Soft? Controls Security Roles Steps to Granting Access Access Criteria Physical Access Control Mechanisms Biometric System Types Synchronous Token Asynchronous Token Device Memory Cards Smart Card Cryptographic Keys Logical Access Controls OS Access Controls Linux Access Controls Accounts and Groups Password & Shadow File Formats Accounts and Groups Linux and UNIX Permissions Set UID Programs Trust Relationships Review Protocols Protocols Overview OSI ? Application Layer OSI ? Presentation Layer OSI ? Session Layer Transport Layer OSI ? Network Layer OSI ? Data Link OSI ? Physical Layer Protocols at Each OSI Model Layer TCP/IP Suite Port and Protocol Relationship Conceptual Use of Ports UDP versus TCP Protocols ? ARP Protocols ? ICMP Network Service ? DNS SSH Security Protocol SSH Protocols ? SNMP Protocols ? SMTP Packet Sniffers Example Packet Sniffers Review Cryptography Overview Introduction Encryption Cryptographic Definitions Encryption Algorithm Implementation Symmetric Encryption Symmetric Downfalls Symmetric Algorithms Crack Times Asymmetric Encryption Public Key Cryptography Advantages Asymmetric Algorithm Disadvantages Asymmetric Algorithm Examples Key Exchange Symmetric versus Asymmetric Using the Algorithm Types Together Instructor Demonstration Hashing Common Hash Algorithms Birthday Attack Example of a Birthday Attack Generic Hash Demo Instructor Demonstration Security Issues in Hashing Hash Collisions MD5 Collision Creates Rogue Certificate Authority Hybrid Encryption Digital Signatures SSL/TLS SSL Connection Setup SSL Hybrid Encryption SSH IPSec - Network Layer Protection IPSec IPSec Public Key Infrastructure Quantum Cryptography Attack Vectors Network Attacks More Attacks (Cryptanalysis) Review Why Vulnerability Assessments? Overview What is a Vulnerability Assessment? Vulnerability Assessment Benefits of a Vulnerability Assessment What are Vulnerabilities? Security Vulnerability Life Cycle Compliance and Project Scoping The Project Overview Statement Project Overview Statement Assessing Current Network Concerns Vulnerabilities in Networks More Concerns Network Vulnerability Assessment Methodology Network Vulnerability Assessment Methodology Phase I: Data Collection Phase II: Interviews, Information Reviews, and Hands-On Investigation Phase III: Analysis Analysis cont. Risk Management Why Is Risk Management Difficult? Risk Analysis Objectives Putting Together the Team and Components What Is the Value of an Asset? Examples of Some Vulnerabilities that Are Not Always Obvious Categorizing Risks Some Examples of Types of Losses Different Approaches to Analysis Who Uses What? Qualitative Analysis Steps Quantitative Analysis ALE Values Uses ALE Example ARO Values and Their Meaning ALE Calculation Can a Purely Quantitative Analysis Be Accomplished? Comparing Cost and Benefit Countermeasure Criteria Calculating Cost/Benefit Cost of a Countermeasure Can You Get Rid of All Risk? Management?s Response to Identified Risks Liability of Actions Policy Review (Top-Down) Methodology Definitions Policy Types Policies with Different Goals Industry Best Practice Standards Components that Support the Security Policy Policy Contents When Critiquing a Policy Technical (Bottom-Up) Methodology Review Vulnerability Tools of the Trade Vulnerability Scanners Nessus SAINT ? Sample Report Tool: Retina Qualys Guard http://www.qualys.com/products/overview/ Tool: LANguard Microsoft Baseline Analyzer MBSA Scan Report Dealing with Assessment Results Patch Management Options Review Output Analysis and Reports Overview Staying Abreast: Security Alerts Vulnerability Research Sites Nessus SAINT SAINT Reports GFI Languard GFI Reports MBSA MBSA Reports Review Reconnaissance, Enumeration & Scanning Reconnaissance Overview Step One in the Hacking ?Life-Cycle? What Information is Gathered by the Hacker? Passive vs. Active Reconnaissance Footprinting Defined Social Access Social Engineering Techniques Social Networking Sites People Search Engines Internet Archive: The WayBack Machine Footprinting Tools Overview Maltego GUI Johnny.Ihackstuff.com Google (cont.) Domain Name Registration WHOIS Output DNS Databases Using Nslookup Traceroute Operation Web Server Info Tool: Netcraft Introduction to Port Scanning Which Services use Which Ports? Port Scan Tips Port Scans Shou

Duration 3 Days 18 CPD hours This course is intended for This course is for technical professionals to gain skills in writing rules for Snort-based intrusion detection systems (IDS) and intrusion prevention systems (IPS). The primary audience includes: Security administrators Security consultants Network administrators System engineers Technical support personnel using open source IDS and IPS Channel partners and resellers Overview After taking this course, you should be able to: Describe the Snort rule development process Describe the Snort basic rule syntax and usage Describe how traffic is processed by Snort Describe several advanced rule options used by Snort Describe OpenAppID features and functionality Describe how to monitor the performance of Snort and how to tune rules The Securing Cisco Networks with Snort Rule Writing Best Practices (SSFRules) v2.0 course shows you how to write rules for Snort, an open-source intrusion detection and prevention system. Through a combination of expert-instruction and hands-on practice, this course provides you with the knowledge and skills to develop and test custom rules, standard and advanced rules-writing techniques, how to integrate OpenAppID into rules, rules filtering, rules tuning, and more. The hands-on labs give you practice in creating and testing Snort rules. Course Outline Introduction to Snort Rule Development Snort Rule Syntax and Usage Traffic Flow Through Snort Rules Advanced Rule Options OpenAppID Detection Tuning Snort Lab outline Connecting to the Lab Environment Introducing Snort Rule Development Basic Rule Syntax and Usage Advanced Rule Options OpenAppID Tuning Snort

Duration 3 Days 18 CPD hours This course is intended for Operators of Juniper Networks security solutions, including network engineers, administrators, support personnel, and resellers. Overview Identify high-level security challenges in today's networks. Identify products that are incorporated into the Juniper Connected Security solution. Explain the value of implementing security solutions. Explain how Juniper Connected Security solves the cyber security challenges of the future. Explain the SRX Series devices and the added capabilities that next-generation firewalls provide. Explain traffic flows through the SRX Series devices. List the different security objects and how to create them. Describe interface types and perform basic interface configuration tasks. Describe the initial configuration for an SRX Series device. Explain security zones. Describe screens and their use. Explain address objects. Describe services and their use. Describe the purpose for security policies on an SRX Series device. Describe zone-based policies. Describe global policies and their use. Explain unified security policies. Configure unified security policies with the J-Web user interface. Describe IDP signatures. Configure an IDP policy using predefined templates with the J-Web user interface. Describe the use and configuration of the integrated user firewall feature. Describe the UTM security services List the available UTM services on the SRX Series device. Configure UTM filtering on a security policy with the J-Web user interface. Explain Sky ATP's use in security. Describe how Sky ATP and SRX Series devices operate together in blocking threats. Describe NAT and why it is used. Explain source NAT and when to use it. Explain destination NAT and when to use it. Explain static NAT and its uses. Describe the operation and configuration the different types of NAT. Identify various types of VPNs. Describe IPsec VPNs and their functionality. Describe how IPsec VPNs are established. Describe IPsec traffic processing. Configure IPsec VPNs with the J-Web user interface. Describe and configure proxy IDs and traffic selectors with the J-Web user interface. Monitor IPsec VPNs with the J-Web user interface. Describe the J-Web monitoring features. Explain the J-Web reporting features. Describe the Sky Enterprise service and how it can save resources. Explain the functionality of Junos Space Security Director. This course is designed to provide students with the foundational knowledge required to work with SRX Series devices. This course will use the J-Web user interface to introduce students to the Junos operating system. Module 1: COURSE INTRODUCTION COURSE INTRODUCTION Module 2: Juniper Security Concept Security Challenges Security Design Overview Juniper Connected Security Module 3: Juniper Connected Security ? SRX Series Devices Connected Security Interfaces Initial Configuration LAB 1: Initial Configuration Module 4: Security Objects Security Zone Objects Security Screen Objects Security Address Objects Security Services Objects LAB 2: Creating Security Objects with J-Web Module 5: Security Policies Security Policy Overview Zone-Based Policies Global Security Policies Application Firewall with Unified Security Policies LAB 3: Creating Security Policies with J-Web Module 6: Security Services ? IDP and User Firewall IDP Security Services Integrated User Firewall LAB 4: Adding IDP and User Firewall Security Services to Security Policies Module 7: Security Services ? UTM Content Filtering Web Filtering Antivirus Antispam LAB 5: Adding UTM Security Services to Security Policies Module 8: Juniper Connected Security ? Sky AT Sky ATP Overview Blocking Threats Lab 6: Demonstrating Sky ATP Module 9: Network Address Translation NAT Overview Source NAT Destination NAT Static NAT Lab 7: Implementing Network Address Translation Module 10: IPsec VPN Concepts VPN Types Secure VPN Requirements IPsec Tunnel Establishment IPsec Traffic Processing Module 11: Site-to-Site VPNs IPsec Configuration IPsec Site-to-Site Tunne Lab 8: Implementing Site-to-Site IPsec VPNs Module 12: Monitoring and Reporting J-Web monitoring options J-Web Reporting options Lab 9: Using Monitoring and Reporting Appendix A: SRX Series Hardware Appendix D: Sky Enterprise Services Appendix B: Virtual SRX Appendix EJunos Space Security Director Appendix CCLI Prime

Duration 3 Days 18 CPD hours This course is intended for This course is for information technology professionals, security professionals, network, system managers and administrators tasked with installing, configuring and maintaining Symantec Data Center Security: Server Advanced. Overview At the completion of the course, you will be able to: Describe the major components of Symantec Data Center Security: Server Advanced and how they communicate. Install the management server, console and agent. Define, manage and create assets, policies, events and configurations. Understand policy creation and editing in depth. course is an introduction to implementing and managing a Symantec Data Center Security: Server Advanced 6.0 deployment. Introduction Course Overview The Classroom Lab Environment Introduction to Security Risks and Risk Security Risks Security Risk Management Managing and Protecting Systems Corporate Security Policies and Security Assessments Host-Based Computer Security Issues SDCS:Server Advanced Overview SDCS: Server Advanced Component Overview Policy Types and Platforms Management Console Overview Agent User Interface Overview DEMO of Management Console Installation and Deployment Planning the Installation Deploying SDCS:SA for High Availability Scalability Installing the Management Server Installing the Management Console Installing a Windows Agent Installing a UNIX Agent LAB: Install Manager and Agents Configuring Assets Asset and Agent Overview Viewing Agents and Assets Managing Agents Managing Agents on Assets LAB: Create Asset Groups LAB: Examine Agent Interface Policy Overview Policies Defined Prevention Policy Overview Process Sets Resource Access Policy Options Detection Policy Overview IDS Capabilities Rules Collectors Policy Management Workspace User Interface on Agent Example Use Cases LAB: Paper Based Scenarios LAB: What type of security strategy should be used? Detailed Prevention Policies Policy Editor Policy Structure Global Policy Options Service Options Program Options Policy Processing Order Network Rules File Rules Registry Rules Process Sets Predefined Policies LAB: Deploy Strict policy LAB: Examine Functionality Advanced Prevention Profiling Applications Customizing Predefined Policies LAB: Modify Policy Previously Deployed LAB: Re-examine Functionality LAB: Preparing for Policy deployment LAB: Best Practice - Covering Basics LAB: Further Enhance Strict Policy LAB: Create Custom Process Set LAB :Secure an FTP Server LAB: Troubleshoot Policy/pset Assignment Using CLI Detection Policies Detection Policies Structure Collectors Rules Predefined Detection Policies Creating a Detection Policy Using the Template Policy LAB: Deploy Baseline Policy LAB: Create Custom Policy Event Management Events Defined Viewing Events Reports and Queries Overview Creating Queries and Reports Creating Alerts LAB: View Monitor Types and Search Events LAB: Create Real Time Monitor Agent Management and Troubleshooting Configurations Defined Creating and Editing Configurations Common Parameters Prevention Settings Detection Settings Analyzing Agent Log Files Diagnostic Policies Local Agent Tool ? sisipsconfig LAB: Create Custom Configurations LAB: Implement Bulk Logging LAB: Disable Prevention on Agent Using CLI LAB: Use Diagnostic Policy to Gather Logs LAB: Troubleshoot a Policy System Management Managing Users and Roles Server Security Viewing and Managing Server Settings Viewing and Managing Database Settings Viewing and Managing Tomcat Settings LAB: Create a New User LAB: View System Settings