632 Network & Security courses in Aldershot delivered Live Online

UNIX system administration training course description This five day hands on course provides a comprehensive coverage of core UNIX administration tasks. The course covers generic UNIX and is available for any UNIX distribution required. What will you learn Administer & configure UNIX systems. Maintain UNIX by handling disk space and taking regular backups. Manage software packages. Perform basic troubleshooting. Maintain a secure UNIX system. Describe the organisation and implementation of the filesystem. UNIX system administration training course details Who will benefit: System administrators Network administrators. Prerequisites: UNIX fundamentals. Duration 5 days UNIX system administration training course contents Part 1 Exploring UNIX command-line tools Using a shell, shell configuration, environment variables, getting help, streams, redirection and pipes, processing text using filters, manipulating files, regular expressions, grep, sed. Managing software Package concepts, comparison of package formats, RPM, rpm commands, yum, dpkg, apt-cache, apt-get, dselect, aptitude, converting between package formats, dependencies and conflicts, startup script problems, shared libraries, library management, managing processes, the kernel: the first process, process lists, foreground & background processes, process priorities, killing processes. Configuring hardware Configuring firmware and hardware, RQs, I/O addresses, DMA addresses, Boot disks, coldplug and hotplug devices, configuring expansion cards and PCI cards, kernel modules, USB devices, UNIX USB crivers, configuring hard disks, partitioning systems, LVM, common layouts, creating partitions and filesystems, maintaining filesystem health, tuning, journals, checking filesystems, monitoring disk use, mounting and unmounting filesystems. Managing files File management commands, file naming and wildcards, file archiving, links, directory commands, file ownership and group, file access control, permissions, chmod, defaults, file attributes, disk quotas, enabling and setting quotas, locating files, the FHS. Booting UNIX and editing files Installing boot loaders, GRUB legacy, GRUB 2, alternative boot loaders, the boot process, boot messages, runlevels and the initialization process, runlevel functions, runlevel services, alternative boot systems, upstart, system. Part 2 Configuring the X window system Localization, configuring basic X features, X server options, methods of configuring X, X display information, X fonts, the X GUI login system, XDMCP server, using X for remote access, screen display settings, setting your time zone, your locale, configuring printing, conceptualizing the UNIX printing architecture, understanding PostScript and ghostscript, running a printing system, configuring CUPS, monitoring and controlling the print queue. Administering the system Managing users and groups, tuning user and system environments, using system log files, understanding syslogd, setting logging options, manually logging data, rotating l;og files, reviewing log file contents, maintaining the system time, UNIX time concepts, manually setting the time, using NTP, running jobs in the future, understanding the role of cron, creating system cron jobs, creating user cron jobs, using anacron, using at. Configuring basic networking TCP/IP, network hardware, network addresses, hostnames, network ports, configuring UNIX for a local network, configuring with DHCP, static IP address, configuring routing, using GUI configuration tools, ifup and ifdown, diagnosing network connections, testing connectivity, tracing a route, checking network status , examining network traffic, additional tools. Writing scripts, configuring email, and using databases The shell environment, aliases, shell configuration files, writing scripts, commands, variables, conditional expressions, loops, functions, managing email, choosing email software, securing your email server, managing data with SQL, picking a SQL package, understanding SQL basics, using MySQL. Securing your system Administering network security, super server restrictions, disabling unused servers, administering local security, securing passwords, limiting root access, setting login, process, SUID/SGID files, configuring SSH, using GPG, generating, importing and revoking keys, encrypting and decrypting data, signing messages and verifying signatures.

CCNP training course description The Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) v1.2 course provides the knowledge and skills needed to configure, troubleshoot, and manage enterprise wired and wireless networks. You'll learn to implement security principles within an enterprise network and how to overlay network design using solutions such as SDAccess and SD-WAN. Course content includes 3 days of self-study material. This course helps you prepare for the 350-401 Implementing Cisco Enterprise Network Core Technologies (ENCOR) exam What will you learn Configure, troubleshoot, and manage enterprise wired and wireless networks Implement security principles within an enterprise network Prepare you prepare to take the 350-401 Implementing Cisco Enterprise Network Core Technologies (ENCOR) exam CCNP training course details Who will benefit: Mid-level network engineers, Network administrators, Network support technicians, Help desk technicians. Prerequisites: Implementation of Enterprise LAN networks. Basic understanding of Enterprise routing and wireless connectivity, and Python scripting Duration 5 days CCNP training course content Cisco Enterprise Network Architecture: Access, distribution, core in the hierarchical network. Cisco Switching Paths: Switching mechanisms, TCAM, CAM, process switching, fast switching, and CEF. Implementing Campus LAN Connectivity: Troubleshoot L2 connectivity using VLANs and trunkingBuilding Redundant Switched Topology: STP Implementing Layer 2 Port Aggregation Troubleshoot link aggregation using Etherchannel EIGRP Implement and optimize OSPFv2/v3, including adjacencies, packet types, and areas, summarization, and route filtering for IPv4/v6 Implement EBGP interdomain routing, path selection, and single and dual-homed networkingImplementing Network Redundancy: HSRP and VRRP Implement static and dynamic NAT Virtualization Protocols and TechniquesVPNs and Interfaces: Overlay technologies such as VRF, GRE, VPN, and LISP Wireless Principles: RF, antenna characteristics, and wireless standards.Wireless Deployment: Models available, autonomous AP deployments and cloud-based designs within the centralized Cisco WLC architecture Wireless Roaming and Location ServicesWireless AP Operation: How APs communicate with WLCs to obtain software, configurations, and centralized managementWireless Client Authentication: EAP, WebAuth, and PSK wireless client authentication on a WLC. Troubleshoot wireless client connectivity issues using various available tools Troubleshoot networks using services such as NTP, SNMP, Cisco IP SLAs, NetFlow, and Cisco IOS EEM Explain network analysis and troubleshooting tools, which include show and debug commands, as well as best practices in troubleshootingMulticast Protocols: IGMP v2/v3, PIM DM/SM and RPs Introducing QoS: Concepts and features. Implementing Network Services: Secure administrative access for Cisco IOS devices using CLI access, RBAC, ACL, and SSH, and device hardening concepts to secure devices from less secure applications Using Network Analysis ToolsInfrastructure Security: Scalable administration using AAA and the local database, features and benefits Enterprise Network Security Architecture: VPNs, content security, logging, endpoint security, personal firewalls, and other security features. Automation and Assurance with Cisco DNA Center: Purpose, function, features, and workflow. Intent-Based Networking, for network visibility, proactive monitoring, and application experienceCisco SD-Access Solution: Nodes, fabric control plane, and data plane, VXLAN gatewaysCisco SD-WAN Solution: Components and features of Cisco SD-WAN solutions, including the orchestration, management, control, and data planesBasics of Python Programming: Python components and conditionals with script writing and analysis Network Programmability: NETCONF and RESTCONF APIs in Cisco DNA Center and vManage Labs: Investigate the CAM. Analyze CEF. Troubleshoot VLAN and Trunk Issues. Tuning STP and Configuring RSTP. Configure MSTP. Troubleshoot EtherChannel. Implement Multi-area OSPF. Implement OSPF Tuning. Apply OSPF Optimization. Implement OSPFv3. Configure and Verify Single-Homed EBGP. Implementing HSRP. Configure VRRP. Implement NAT. Configure and Verify VRF. Configure and Verify a GRE Tunnel. Configure Static VTI Point-to-Point Tunnels. Configure Wireless Client Authentication in a Centralized Deployment. Troubleshoot Wireless Client Connectivity Issues. Configure Syslog. Configure and Verify Flexible NetFlow. Configuring Cisco IOS EEM. Troubleshoot Connectivity and Analyze Traffic with Ping, Traceroute, and Debug. Configure and Verify Cisco IP SLAs. Configure Standard and Extended ACLs. Configure Control Plane Policing. Implement Local and Server-Based AAA. Writing and Troubleshooting Python Scripts. Explore JSON Objects and Scripts in Python. Use NETCONF Via SSH. Use RESTCONF with Cisco IOS XE.

Duration 4 Days 24 CPD hours This course is intended for This course is for experienced cloud security engineers who have taken a previous certification in the security, compliance and identity portfolio. Specifically, students should have advanced experience and knowledge in a wide range of security engineering areas, including identity and access, platform protection, security operations, securing data, and securing applications. They should also have experience with hybrid and cloud implementations. Beginning students should instead take the course SC-900: Microsoft Security, Compliance, and Identity Fundamentals. This is an advanced, expert-level course. Although not required to attend, students are strongly encouraged to have taken and passed another associate level certification in the security, compliance and identity portfolio (such as AZ-500, SC-200 or SC-300) before attending this class. This course prepares students with the expertise to design and evaluate cybersecurity strategies in the following areas: Zero Trust, Governance Risk Compliance (GRC), security operations (SecOps), and data and applications. Students will also learn how to design and architect solutions using zero trust principles and specify security requirements for cloud infrastructure in different service models (SaaS, PaaS, IaaS). Prerequisites Highly recommended to have attended and passed one of the associate level certifications in the security, compliance and identity portfolio (such as AZ-500T00 Microsoft Azure Security Technologies, SC-200T00: Microsoft Security Operations Analyst, or SC-300T00: Microsoft Identity and Access Administrator.) Advanced experience and knowledge in identity and access, platform protection, security operations, securing data and securing applications. Experience with hybrid and cloud implementations. 1 - Introduction to Zero Trust and best practice frameworks Zero Trust initiatives Zero Trust technology pillars part 1 Zero Trust technology pillars part 2 2 - Design solutions that align with the Cloud Adoption Framework (CAF) and Well-Architected Framework (WAF) Define a security strategy Cloud Adoption Framework secure methodology Design security with Azure Landing Zones The Well-Architected Framework security pillar 3 - Design solutions that align with the Microsoft Cybersecurity Reference Architecture (MCRA) and Microsoft cloud security benchmark (MCSB) Design solutions with best practices for capabilities and controls Design solutions with best practices for attack protection 4 - Design a resiliency strategy for common cyberthreats like ransomware Common cyberthreats and attack patterns Support business resiliency Ransomware protection Configurations for secure backup and restore Security updates 5 - Case study: Design solutions that align with security best practices and priorities Case study description Case study answers Conceptual walkthrough Technical walkthrough 6 - Design solutions for regulatory compliance Translate compliance requirements into a security solution Address compliance requirements with Microsoft Purview Address privacy requirements with Microsoft Priva Address security and compliance requirements with Azure policy Evaluate infrastructure compliance with Defender for Cloud 7 - Design solutions for identity and access management Design cloud, hybrid and multicloud access strategies (including Azure AD) Design a solution for external identities Design modern authentication and authorization strategies Align conditional access and Zero Trust Specify requirements to secure Active Directory Domain Services (AD DS) Design a solution to manage secrets, keys, and certificates 8 - Design solutions for securing privileged access The enterprise access model Design identity governance solutions Design a solution to secure tenant administration Design a solution for cloud infrastructure entitlement management (CIEM) Design a solution for privileged access workstations and bastion services 9 - Design solutions for security operations Design security operations capabilities in hybrid and multicloud environments Design centralized logging and auditing Design security information and event management (SIEM) solutions Design solutions for detection and response Design a solution for security orchestration, automation, and response (SOAR) Design security workflows Design threat detection coverage 10 - Case study: Design security operations, identity and compliance capabilities Case study description Case study answers Conceptual walkthrough Technical walkthrough 11 - Design solutions for securing Microsoft 365 Evaluate security posture for collaboration and productivity workloads Design a Microsoft 365 Defender solution Design configurations and operational practices for Microsoft 365 12 - Design solutions for securing applications Design and implement standards to secure application development Evaluate security posture of existing application portfolios Evaluate application threats with threat modeling Design security lifecycle strategy for applications Secure access for workload identities Design a solution for API management and security Design a solution for secure access to applications 13 - Design solutions for securing an organization's data Design a solution for data discovery and classification using Microsoft Purview Design a solution for data protection Design data security for Azure workloads Design security for Azure Storage Design a security solution with Microsoft Defender for SQL and Microsoft Defender for Storage 14 - Case study: Design security solutions for applications and data Case study description Case study answers Conceptual walkthrough Technical walkthrough 15 - Specify requirements for securing SaaS, PaaS, and IaaS services Specify security baselines for SaaS, PaaS, and IaaS services Specify security requirements for web workloads Specify security requirements for containers and container orchestration 16 - Design solutions for security posture management in hybrid and multicloud environments Evaluate security posture by using Microsoft Cloud Security Benchmark Design integrated posture management and workload protection Evaluate security posture by using Microsoft Defender for Cloud Posture evaluation with Microsoft Defender for Cloud secure score Design cloud workload protection with Microsoft Defender for Cloud Integrate hybrid and multicloud environments with Azure Arc Design a solution for external attack surface management 17 - Design solutions for securing server and client endpoints Specify server security requirements Specify requirements for mobile devices and clients Specify internet of things (IoT) and embedded device security requirements Secure operational technology (OT) and industrial control systems (ICS) with Microsoft Defender for IoT Specify security baselines for server and client endpoints Design a solution for secure remote access 18 - Design solutions for network security Design solutions for network segmentation Design solutions for traffic filtering with network security groups Design solutions for network posture management Design solutions for network monitoring 19 - Case study: Design security solutions for infrastructure Case study description Case study answers Conceptual walkthrough Technical walkthrough Additional course details: Nexus Humans SC-100T00 Microsoft Cybersecurity Architect training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the SC-100T00 Microsoft Cybersecurity Architect course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 1 Days 6 CPD hours This course is intended for This course is designed primarily for IT leaders and company executives who are responsible for complying with incident response legislation. This course focuses on the knowledge, resources, and skills necessary to comply with incident response, and incident handling process requirements. Overview In this course, you will understand, assess and respond to security threats and operate a system and network security analysis platform. You will: Explain the importance of best practices in preparation for incident response Given a scenario, execute incident response process Explain general mitigation methods and devices Assess and comply with current incident response requirements. This course covers incident response methods and procedures are taught in alignment with industry frameworks such as US-CERT?s NCISP (National Cyber Incident Response Plan), and Presidential Policy Directive (PPD) 41 on Cyber Incident Coordination Policy. It is ideal for candidates who have been tasked with managing compliance with state legislation and other regulatory requirements regarding incident response, and for executing standardized responses to such incidents. The course introduces procedures and resources to comply with legislative requirements regarding incident response. This course is designed to assist students in preparing for the CertNexus Incident Responder Credential (CIR-110). What you learn and practice in this course can be a significant part of your preparation. Assessment of Information Security Risks The Importance of Risk Management Integrating Documentation into Risk Management Response to Cybersecurity Incidents Deployment of Incident Handling and Response Architecture Containment and Mitigation of Incidents Preparation for Forensic Investigation as a CSIRT Investigating Cybersecurity Incidents Use a Forensic Investigation Plan Securely Collect and Analyze Electronic Evidence Follow Up on the Results of an Investigation Complying with Legislation Examples of Legislation (if this is covered in above topics, no need to include here) GDPR, HIPPA, Elections Case study: Incident Response and GDPR (Using GDPR legislation, create a response that is compliant with it ? this could be discussion-based activity as well.) State Legislation Resources and Example Search terms to find state legislation Using NYS as example use the NYS Privacy Response act or other legislation to create a similar case study as previous. Provide answers on when to use federal versus state and do you have to follow both?

Duration 5 Days 30 CPD hours This course is intended for Security engineer Network engineer Network designer Network administrator Systems engineer Consulting systems engineer Technical solutions architect Network manager Cisco integrators and partners Overview After taking this course, you should be able to: Describe information security concepts and strategies within the network Describe common TCP/IP, network application, and endpoint attacks Describe how various network security technologies work together to guard against attacks Implement access control on Cisco ASA appliance and Cisco Firepower Next-Generation Firewall Describe and implement basic email content security features and functions provided by Cisco Email Security Appliance Describe and implement web content security features and functions provided by Cisco Web Security Appliance Describe Cisco Umbrella security capabilities, deployment models, policy management, and Investigate console Introduce VPNs and describe cryptography solutions and algorithms Describe Cisco secure site-to-site connectivity solutions and explain how to deploy Cisco Internetwork Operating System (Cisco IOS) Virtual Tunnel Interface (VTI)-based point-to-point IPsec VPNs, and point-to-point IPsec VPN on the Cisco ASA and Cisco Firepower Next-Generation Firewall (NGFW) Describe and deploy Cisco secure remote access connectivity solutions and describe how to configure 802.1X and Extensible Authentication Protocol (EAP) authentication Provide basic understanding of endpoint security and describe Advanced Malware Protection (AMP) for Endpoints architecture and basic features Examine various defenses on Cisco devices that protect the control and management plane Configure and verify Cisco IOS software Layer 2 and Layer 3 data plane controls Describe Cisco Stealthwatch Enterprise and Stealthwatch Cloud solutions Describe basics of cloud computing and common cloud attacks and how to secure cloud environment The Implementing and Operating Cisco Security Core Technologies (SCOR) v1.0 course helps you prepare for the Cisco© CCNP© Security and CCIE© Security certifications and for senior-level security roles. In this course, you will master the skills and technologies you need to implement core Cisco security solutions to provide advanced threat protection against cybersecurity attacks. You will learn security for networks, cloud and content, endpoint protection, secure network access, visibility, and enforcements. You will get extensive hands-on experience deploying Cisco Firepower© Next-Generation Firewall and Cisco Adaptive Security Appliance (ASA) Firewall; configuring access control policies, mail policies, and 802.1X Authentication; and more. You will get introductory practice on Cisco Stealthwatch© Enterprise and Cisco Stealthwatch Cloud threat detection features. This course, including the self-paced material, helps prepare you to take the exam, Implementing and Operating Cisco Security Core Technologies (350-701 SCOR), which leads to the new CCNP Security, CCIE Security, and the Cisco Certified Specialist - Security Core certifications. Describing Information Security Concepts* Information Security Overview Assets, Vulnerabilities, and Countermeasures Managing Risk Vulnerability Assessment Understanding Common Vulnerability Scoring System (CVSS) Describing Common TCP/IP Attacks* Legacy TCP/IP Vulnerabilities IP Vulnerabilities Internet Control Message Protocol (ICMP) Vulnerabilities TCP Vulnerabilities User Datagram Protocol (UDP) Vulnerabilities Attack Surface and Attack Vectors Reconnaissance Attacks Access Attacks Man-in-the-Middle Attacks Denial of Service and Distributed Denial of Service Attacks Reflection and Amplification Attacks Spoofing Attacks Dynamic Host Configuration Protocol (DHCP) Attacks Describing Common Network Application Attacks* Password Attacks Domain Name System (DNS)-Based Attacks DNS Tunneling Web-Based Attacks HTTP 302 Cushioning Command Injections SQL Injections Cross-Site Scripting and Request Forgery Email-Based Attacks Describing Common Endpoint Attacks* Buffer Overflow Malware Reconnaissance Attack Gaining Access and Control Gaining Access via Social Engineering Gaining Access via Web-Based Attacks Exploit Kits and Rootkits Privilege Escalation Post-Exploitation Phase Angler Exploit Kit Describing Network Security Technologies Defense-in-Depth Strategy Defending Across the Attack Continuum Network Segmentation and Virtualization Overview Stateful Firewall Overview Security Intelligence Overview Threat Information Standardization Network-Based Malware Protection Overview Intrusion Prevention System (IPS) Overview Next Generation Firewall Overview Email Content Security Overview Web Content Security Overview Threat Analytic Systems Overview DNS Security Overview Authentication, Authorization, and Accounting Overview Identity and Access Management Overview Virtual Private Network Technology Overview Network Security Device Form Factors Overview Deploying Cisco ASA Firewall Cisco ASA Deployment Types Cisco ASA Interface Security Levels Cisco ASA Objects and Object Groups Network Address Translation Cisco ASA Interface Access Control Lists (ACLs) Cisco ASA Global ACLs Cisco ASA Advanced Access Policies Cisco ASA High Availability Overview Deploying Cisco Firepower Next-Generation Firewall Cisco Firepower NGFW Deployments Cisco Firepower NGFW Packet Processing and Policies Cisco Firepower NGFW Objects Cisco Firepower NGFW Network Address Translation (NAT) Cisco Firepower NGFW Prefilter Policies Cisco Firepower NGFW Access Control Policies Cisco Firepower NGFW Security Intelligence Cisco Firepower NGFW Discovery Policies Cisco Firepower NGFW IPS Policies Cisco Firepower NGFW Malware and File Policies Deploying Email Content Security Cisco Email Content Security Overview Simple Mail Transfer Protocol (SMTP) Overview Email Pipeline Overview Public and Private Listeners Host Access Table Overview Recipient Access Table Overview Mail Policies Overview Protection Against Spam and Graymail Anti-virus and Anti-malware Protection Outbreak Filters Content Filters Data Loss Prevention Email Encryption Deploying Web Content Security Cisco Web Security Appliance (WSA) Overview Deployment Options Network Users Authentication Secure HTTP (HTTPS) Traffic Decryption Access Policies and Identification Profiles Acceptable Use Controls Settings Anti-Malware Protection Deploying Cisco Umbrella* Cisco Umbrella Architecture Deploying Cisco Umbrella Cisco Umbrella Roaming Client Managing Cisco Umbrella Cisco Umbrella Investigate Overview and Concepts Explaining VPN Technologies and Cryptography VPN Definition VPN Types Secure Communication and Cryptographic Services Keys in Cryptography Public Key Infrastructure Introducing Cisco Secure Site-to-Site VPN Solutions Site-to-Site VPN Topologies IPsec VPN Overview IPsec Static Crypto Maps IPsec Static Virtual Tunnel Interface Dynamic Multipoint VPN Cisco IOS FlexVPN Deploying Cisco IOS VTI-Based Point-to-Point IPsec VPNs Cisco IOS VTIs Static VTI Point-to-Point IPsec Internet Key Exchange (IKE) v2 VPN Configuration Deploying Point-to-Point IPsec VPNs on the Cisco ASA and Cisco Firepower NGFW Point-to-Point VPNs on the Cisco ASA and Cisco Firepower NGFW Cisco ASA Point-to-Point VPN Configuration Cisco Firepower NGFW Point-to-Point VPN Configuration Introducing Cisco Secure Remote Access VPN Solutions Remote Access VPN Components Remote Access VPN Technologies Secure Sockets Layer (SSL) Overview Deploying Remote Access SSL VPNs on the Cisco ASA and Cisco Firepower NGFW Remote Access Configuration Concepts Connection Profiles Group Policies Cisco ASA Remote Access VPN Configuration Cisco Firepower NGFW Remote Access VPN Configuration Explaining Cisco Secure Network Access Solutions Cisco Secure Network Access Cisco Secure Network Access Components AAA Role in Cisco Secure Network Access Solution Cisco Identity Services Engine Cisco TrustSec Describing 802.1X Authentication 802.1X and Extensible Authentication Protocol (EAP) EAP Methods Role of Remote Authentication Dial-in User Service (RADIUS) in 802.1X Communications RADIUS Change of Authorization Configuring 802.1X Authentication Cisco Catalyst© Switch 802.1X Configuration Cisco Wireless LAN Controller (WLC) 802.1X Configuration Cisco Identity Services Engine (ISE) 802.1X Configuration Supplicant 802.1x Configuration Cisco Central Web Authentication Describing Endpoint Security Technologies* Host-Based Personal Firewall Host-Based Anti-Virus Host-Based Intrusion Prevention System Application Whitelists and Blacklists Host-Based Malware Protection Sandboxing Overview File Integrity Checking Deploying Cisco Advanced Malware Protection (AMP) for Endpoints* Cisco AMP for Endpoints Architecture Cisco AMP for Endpoints Engines Retrospective Security with Cisco AMP Cisco AMP Device and File Trajectory Managing Cisco AMP for Endpoints Introducing Network Infrastructure Protection* Identifying Network Device Planes Control Plane Security Controls Management Plane Security Controls Network Telemetry Layer 2 Data Plane Security Controls Layer 3 Data Plane Security Controls Deploying Control Plane Security Controls* Infrastructure ACLs Control Plane Policing Control Plane Protection Routing Protocol Security Deploying Layer 2 Data Plane Security Controls* Overview of Layer 2 Data Plane Security Controls Virtual LAN (VLAN)-Based Attacks Mitigation Sp

Duration 3 Days 18 CPD hours This course is intended for This course is designed for the following roles: Network engineers Network security engineers Network architects Sales/presales engineers Overview After completing the course, you should be able to: Describe Cisco SD-WAN security functions and deployment options Understand how to deploy on-premises threat prevention Describe content filtering options Implement secure Direct Internet Access (DIA) Explain and implement service chaining Explore Secure Access Service Edge (SASE) and identify use cases Describe Umbrella Secure Internet Gateway (SIG) and deployment options Implement Cisco Umbrella SIG and DNS policies Explore and implement Cloud Access Security Broker (CASB) and identify use cases (including Microsoft 365) Discover how to use Cisco ThousandEyes to monitor cloud services Configure Cisco ThousandEyes to monitor Microsoft 365 applications Examine how to protect and optimize access to the software as a service (SaaS) application with Cisco SD-WAN Cloud OnRamp Discover and deploy Cloud OnRamp for multi-cloud, including interconnect and collocation use cases Examine Cisco SD-WAN monitoring capabilities and features with vManage and vAnalytics. The Implementing Cisco SD-WAN Security and Cloud Solutions (SDWSCS) v1.1 course is an advanced training course focused on Cisco SD-WAN security and cloud services. Through a series of labs and lectures you will learn about on-box security services, including application aware enterprise firewall, intrusion prevention, URL filtering, malware protection, and TLS or SSL decryption. You will also learn about cloud integration with multiple cloud services providers and multiple use-cases. Additionally, the lab will allow you to configure and deploy local security services and cloud security services with the Cisco Umbrella Secure Internet Gateway (SIG), as well as integrate the Cisco SD-WAN fabric with a cloud service provider using the Cisco vManage automated workflows. Course Outline Introducing Cisco SD-WAN Security Deploying On-Premises Threat Prevention Examining Content Filtering Exploring Cisco SD-WAN Dedicated Security Options Examining Cisco SASE Exploring Cisco Umbrella SIG Securing Cloud Applications with Cisco Umbrella SIG Exploring Cisco SD-Wan ThousandEyes Optimizing SaaS Applications Connecting Cisco SD-WAN to Public Cloud Examining Cloud Interconnect Solutions Exploring Cisco Cloud OnRamp for Colocation Monitoring Cisco SD-WAN Cloud and Security Solutions

Duration 4 Days 24 CPD hours This course is intended for This four-day course is intended for Windows Server Hybrid Administrators who have experience working with Windows Server and want to extend the capabilities of their on-premises environments by combining on-premises and hybrid technologies. Windows Server Hybrid Administrators who already implement and manage on-premises core technologies want to secure and protect their environments, migrate virtual and physical workloads to Azure Iaas, enable a highly available, fully redundant environment, and perform monitoring and troubleshooting. This course teaches IT Professionals to configure advanced Windows Server services using on-premises, hybrid, and cloud technologies. The course teaches IT Professionals how to leverage the hybrid capabilities of Azure, how to migrate virtual and physical server workloads to Azure IaaS, and how to secure Azure VMs running Windows Server. The course also teaches IT Professionals how to perform tasks related to high availability, troubleshooting, and disaster recovery. The course highlights administrative tools and technologies including Windows Admin Center, PowerShell, Azure Arc, Azure Automation Update Management, Microsoft Defender for Identity, Azure Security Center, Azure Migrate, and Azure Monitor. Prerequisites An understanding of the following concepts as related to Windows Server technologies: High availability and disaster recovery Automation Monitoring Troubleshooting 1 - Secure Windows Server user accounts Configure user account rights Protect user accounts with the Protected Users group Describe Windows Defender Credential Guard Block NTLM authentication Locate problematic accounts 2 - Hardening Windows Server Describe Local Password Administrator Solution Configure Privileged Access Workstations Secure domain controllers Analyze security configuration with Security Compliance Toolkit Secure SMB traffic 3 - Windows Server update management Explore Windows Update Outline Windows Server Update Services server deployment options Define Windows Server Update Services update management process Describe the process of Update Management 4 - Secure Windows Server DNS Implement split-horizon DNS Create DNS policies Implement DNS policies Secure Windows Server DNS Implement DNSSEC 5 - Implement Windows Server IaaS VM network security Implement network security groups and Windows IaaS VMs Implement adaptive network hardening Implement Azure Firewall and Windows IaaS VMs Implement Windows firewall with Windows Server IaaS VMs Choose the appropriate filtering solution Deploy and configure Azure firewall using the Azure portal Capture network traffic with network watcher Log network traffic to and from a VM using the Azure portal 6 - Audit the security of Windows Server IaaS Virtual Machines Describe Azure Security Center Enable Azure Security Center in hybrid environments Implement and assess security policies Protect your resources with Azure Security Center Implement Azure Sentinel 7 - Manage Azure updates Describe update management Enable update management Deploy updates View update assessments Manage updates for your Azure Virtual Machines 8 - Create and implement application allowlists with adaptive application control Describe adaptive application control Implement adaptive application control policies 9 - Configure BitLocker disk encryption for Windows IaaS Virtual Machines Describe Azure Disk Encryption and server-side encryption Configure Key Vault for Azure Disk Encryption Encrypt Azure IaaS Virtual Machine hard disks Back up and recover data from encrypted disks Create and encrypt a Windows Virtual Machine 10 - Implement change tracking and file integrity monitoring for Windows IaaS VMs Implement Change Tracking and Inventory Manage Change Tracking and Inventory Manage tracked files Implement File Integrity Monitoring Select and monitor entities Use File Integrity Monitoring 11 - Introduction to Cluster Shared Volumes Determine the functionality of Cluster Shared Volumes Explore the architecture and components of Cluster Shared Volumes Implement Cluster Shared Volumes 12 - Implement Windows Server failover clustering Define Windows Server failover clustering Plan Windows Server failover clustering Implement Windows Server failover clustering Manage Windows Server failover clustering Implement stretch clusters Define cluster sets 13 - Implement high availability of Windows Server VMs Select high-availability options for Hyper-V Consider network load balancing for Hyper-V VMs Implement Hyper-V VM live migration Implement Hyper-V VMs storage migration 14 - Implement Windows Server File Server high availability Explore the Windows Server File Server high-availability options Define Cluster Shared Volumes Implement Scale-Out File Server Implement Storage Replica 15 - Implement scale and high availability with Windows Server VM Describe virtual machine scale sets Implement scaling Implement load-balancing VMs Create a virtual machine scale set in the Azure portal Describe Azure Site Recovery Implement Azure Site Recovery 16 - Implement Hyper-V Replica Define Hyper-V Replica Plan for Hyper-V Replica Configure and implement Hyper-V Replica Define extended replication Define Azure Site Recovery Implement Site Recovery from on-premises site to Azure Implement Site Recovery from on-premises site to on-premises site 17 - Protect your on-premises infrastructure from disasters with Azure Site Recovery Azure Site Recovery overview Workloads supported for protection with Azure Site Recovery Run a disaster recovery drill Failover and failback 18 - Implement hybrid backup and recovery with Windows Server IaaS Describe Azure Backup Implement recovery vaults Implement Azure Backup policies Recover Windows IaaS Virtual Machines Perform file and folder recovery Perform backup and restore of on-premises workloads Manage Azure Virtual Machine backups with Azure Backup service 19 - Protect your Azure infrastructure with Azure Site Recovery What is Azure Site Recovery Prepare for disaster recovery with Azure Site Recovery Run a disaster recovery drill Failover and failback using Azure Site Recovery 20 - Protect your virtual machines by using Azure Backup Azure Backup features and scenarios Back up an Azure virtual machine by using Azure Backup Restore virtual machine data 21 - Active Directory Domain Services migration Examine upgrade vs. migration Upgrade a previous version of Active Directory Domain Services to Windows Server 2022 Migrate to Active Directory Domain Services in Windows Server 2022 from a previous version Explore the Active Directory Migration Tool 22 - Migrate file server workloads using Storage Migration Service Storage Migration Service overview and usage scenarios Storage migration requirements Migrate a server with Storage migration Evaluate storage migration considerations 23 - Migrate Windows Server roles Describe the Windows Server Migration Tools Install the Migration Tools Migrate roles using the Migration Tools 24 - Migrate on-premises Windows Server instances to Azure IaaS virtual machines Plan your migration Describe Azure Migrate Perform server assessment Assess physical servers with Azure Migrate Migrate Windows Server workloads by using Azure Migrate 25 - Upgrade and migrate Windows Server IaaS virtual machines Describe Azure Migrate Migrate Windows Server workloads by using Azure Migrate Describe storage migration Migrate file servers by using Storage Migration Service 26 - Containerize and migrate ASP.NET applications to Azure App Service Azure Migrate App Containerization overview 27 - Monitor Windows Server performance Use Performance Monitor to identify performance problems Use Resource Monitor to review current resource usage Review reliability with Reliability Monitor Implement a performance monitoring methodology Use Data Collector Sets to analyze server performance Monitor network infrastructure services Monitor virtual machines running Windows Server Monitor performance with Windows Admin Center Use System Insights to help predict future capacity issues Optimize the performance of Windows Server 28 - Manage and monitor Windows Server event logs Describe Windows Server event logs Use Windows Admin Center to review logs Use Server Manager to review logs Use custom views Implement event log subscriptions 29 - Implement Windows Server auditing and diagnostics Describe basic auditing categories Describe advanced categories Log user access Enable setup and boot event collection 30 - Troubleshoot Active Directory Recover objects from the AD recycle bin Recover the AD DS database Recover SYSVOL Troubleshoot AD DS replication Troubleshoot hybrid authentication issues 31 - Monitor Windows Server IaaS Virtual Machines and hybrid instances Enable Azure Monitor for Virtual Machines Monitor an Azure Virtual Machine with Azure Monitor Enable Azure Monitor in hybrid scenarios Collect data from a Windows computer in a hybrid environment Integrate Azure Monitor with Microsoft Operations Manager 32 - Monitor your Azure virtual machines with Azure Monitor Monitoring for Azure VMs Monitor VM host data Use Metrics Explorer to view detailed host metrics Collect client performance counters by using VM insights Collect VM client event logs 33 - Troubleshoot on-premises and hybrid networking Diagnose DHCP proble

Duration 2 Days 12 CPD hours This course is intended for This course is recommended for technical professionals who need to deploy and manage Endpoint Security within their security environment. Overview Explain how Endpoint Security works to enforce corporate security compliance for end users and their devices. Become familiar with the Check Point Endpoint Security Solution architecture and how it integrates with Check Point Network Security Management. Identify and describe key elements of the SmartEndpoint Management console. Discuss Endpoint Security Software Blade options and how they are managed from the SmartEndpoint Management console. Explain how to create and assign security policies for Endpoint clients using Endpoint Security. Understand deployment methods and server considerations for Endpoint Security Management installation. Identify the different ways to install and configure Endpoint clients. Recognize how to configure VPN connectivity to allow clients connecting outside of the network perimeter to securely access corporate resources. Understand how Endpoint Security authenticates and verifies clients connecting to the Endpoint Security Management Server. Describe additional server configurations that are available to help manage Endpoint clients. Recognize the different types of data security protections available to deploy on end user machines. Describe how Full Disk Encryption technology protects and recovers data accessed and stored on Endpoint computers. Understand how to secure removable media devices. Become familiar with the Remote Help tool and how it supports clients experiencing FDE and Media Encryption issues. Recognize the types of threats that target Endpoint computers. Describe Check Point SandBlast Agent and how to deploy it in the Endpoint Security environment. Explain how SandBlast Agent technology prevents malware from infiltrating Endpoint machines and corporate resources. Identify SmartEndpoint reporting tools used to monitor and respond quickly to security events. Understand how to troubleshoot and debug issues. The goal of this course is to provide a comprehensive understanding of Check Point Endpoint Security and how to deploy it within the corporate network environment. Course Topics Introduction to Endpoint Security Endpoint Security Management Deploying Endpoint Security Additional Endpoint Server Configurations Data Security Protection Advanced Threat Prevention Reporting and Troubleshooting LAB EXERCISES Installing the Endpoint Security Management Solution Deploying Endpoint Client Packages Deploying Endpoint Policy Servers Configuring High Availability for Endpoint Security Modifying Client Installations Working with Deployment Rules Working with SandBlast Agent Additional course details: Nexus Humans CCES Check Point Certified Endpoint Specialist training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the CCES Check Point Certified Endpoint Specialist course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 1 Days 6 CPD hours This course is intended for This course is intended for Administrator, Database Administrator, End User, Network Administrator, and Systems Administrator. Overview Upon completion of this course, students will be able to Describe and determine database security requirements, Understand Oracle security solutions to help meet security requirements, Implement basic database security, Configure network security, and Discover basic security configuration issues. This Introduction to Oracle Database Security Ed 1 training teaches you how to use Oracle Database features to help meet the security, privacy and compliance requirements of your organization. Introduction Course Objectives Course Schedule Detective Security Controls Preventive Security Controls Your Learning Aids Basic Workshop Architecture Understanding Security Requirements Fundamental Data Security Requirements Security Risks Techniques to Enforce Security Choosing Security Solutions Database Access Control: Authentication Protecting Against Database Bypass with Encryption Protecting Sensitive Data Protecting against Application Bypass Detecting Threats Compliance Implementing Basic Database Security Database Security Checklist Reducing Administrative Effort Principle of Least Privilege Objects Protection Configuring Network Security Network Access Control Listener Security Listener Usage Control Manage fine-grained access to external network services Discovering Basic Configuration Issues Accessing Enterprise Manager Security Reports Using Various Security Reports

Our unique 5 day workshop prepares you for a first time pass of your CISSP exam. Covering each of the famous 8 CBK's, cram the theory before testing your knowledge during exam simulations. Led by a multi-award winning InfoSec consultant, this workshop delivers everything you need to pass,