Duration 2 Days 12 CPD hours This course is intended for System administrators and consultants, application owners, and system architects Overview By the end of the course, you should be able to meet the following objectives: Describe VMware Carbon Black Cloud platform Describe data flows on VMware Carbon Black Cloud Create and edit a custom role in VMware Carbon Black Cloud Recognize the impact of a user role on a console user Describe the VMware Carbon Black Cloud sensor resource usage Explain sensor usage in VMware Carbon Black Cloud Identify configuration settings for endpoints in sensor policy settings Determine requirements for initial deployment of sensors Recognize the differences between attended and unattended sensor installation methods Identify the correct deployment strategy for a given scenario Recognize the deployment process for VMware Carbon Black Cloud Workload⢠Identify eligible workloads in a VMware vSphere environment Describe VMware Carbon Black Cloud sensor deployment Manage VMware vSphere workloads Identify sensor status in RepCLI This two-day hands-on training course provides you with the knowledge, skills, and tools to achieve competency in planning and deploying VMware Carbon Black Cloud in your environment. This course explains the VMware Carbon Black Cloud components, managing users and roles in VMware Carbon Black Cloud, configuring policies to support sensor deployment and management, and presents methods for deploying sensors across endpoints and workloads. Course Introduction Introductions and course logistics Course objectives Introduction to VMware Carbon Black Cloud Describe the VMware Carbon Black Cloud platform Describe VMware Carbon Black Cloud operating systems requirements Identify interesting files according to VMware Carbon Black Cloud Identify events collected Describe data flows Managing VMware Carbon Black Cloud Roles and Users Describe the use of roles in VMware Carbon Black Cloud Describe RBAC capabilities Create and edit a custom role Manage new console users Recognize the impact of a user role on a console user Describe authentication mechanisms VMware Carbon Black Cloud Sensors Describe the VMware Carbon Black Cloud sensor resource usage List the supported operating systems for VMware Carbon Black Cloud sensors Explain sensor usage in VMware Carbon Black Cloud Preparing for Deployment Identify configuration settings for endpoints in sensor policy settings Organize sensors using sensor groups to assign the desired policy based on specific criteria Compare VDI sensor settings as compared to traditional endpoint sensor settings Determine requirements for the initial deployment of sensors Evaluate the policy impact on sensors Identify best practices for deploying sensors Installing Sensors Describe how to send an installation request Recognize the features and limitations of an installation code and company code Recognize the process for successfully completing an attended installation Recognize the differences between attended and unattended sensor installation methods Identify the correct deployment strategy for a given scenario Generate logs with unattended installations Generate sensor logs Check network connectivity for sensor installation Deploying Workloads Recognize the deployment process for VMware Carbon Black Cloud Workload Identify eligible workloads in a vSphere environment Recognize how to enable the VMware Carbon Black Cloud sensor on a VM workload Managing Sensors Describe VMware Carbon Black Cloud sensor deployment Explain the differences in sensor status Describe sensor update capabilities Explain sensor actions Manage vSphere workloads Post-deployment Validation Describe the process of a sensor background scan Recognize a properly registered sensor installation Identify sensor status in RepCLI Additional course details:Notes Delivery by TDSynex, Exit Certified and New Horizons an VMware Authorised Training Centre (VATC) Nexus Humans VMware Carbon Black Cloud: Plan and Deploy training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the VMware Carbon Black Cloud: Plan and Deploy course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.
Duration 2 Days 12 CPD hours This course is intended for Application developers who want to increase their understanding of Spring Security with hands-on experience and build secure Spring and Spring Boot applications. Overview By the end of the course, you should be able to meet the following objectives: Use Spring Security in Spring and Spring Boot applications Configure the Spring Security filter chain Protect HTTP endpoints with expression-based access control and the AuthorizationManager API Protect method execution Use different authentication mechanisms Handle passwords in an efficient way Integrate Spring Security with Junit 5 and MockMVC to test HTTP and method security Protect against common vulnerabilities and threats Understand what OAuth2 is Use and configure the Spring Authorization Server Implement a resource server and client This 2-day course offers hands-on experience with the major features of Spring Security, which includes configuration, authentication, authorization, password handling, testing, protecting against security threats, and the OAuth2 support to secure applications. On completion, participants will have a foundation for securing enterprise and microservices applications. Security Introduction Need for security Basic security concepts Common security vulnerabilities Spring Security Basics Introduction to Spring Security High-level architecture Overview of SecurityContext Spring Security with Spring Boot Customizing Authentication Building blocks for authentication Authentication mechanisms based on user name and password Other authentication mechanisms Authentication events Securing Web Applications Configuring authorization Using AccessDecisionsManager for authorization Using AuthorizationManager for authorization Bypassing security Method Security Method security architecture Declarative method security with annotations Security Testing Spring Security Testing Support Security mock annotations and meta-annotations Using MockMvc to test security Handling Passwords Password hashing Upgrading passwords (Optional) Protecting Against Common Vulnerabilities Hardening web applications with security headers Preventing cross-site request forgery Encrypting data in transit OAuth5 and OIDC Concepts Need for OAuth Overview of OAuth5 and OIDC OAuth5 grant types Types of tokens Spring Security OAuth5 support and OAuth5 login Spring Authorization Server Introduction to Authorization Server Spring Authorization Server endpoints Spring Authorization Server configuration Protecting and accessing resources with OAuth5 Resource server Using JWT tokens Using opaque tokens Configuring an OAuth5 client Additional course details:Notes Delivery by TDSynex, Exit Certified and New Horizons an VMware Authorised Training Centre (VATC) Nexus Humans VMware Spring Security training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the VMware Spring Security course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.
Duration 1 Days 6 CPD hours This course is intended for Security operations personnel, including analysts and incident responders Overview By the end of the course, you should be able to meet the following objectives: Utilize Carbon Black EDR throughout an incident Implement a baseline configuration for Carbon Black EDR Determine if an alert is a true or false positive Fully scope out an attack from moment of compromise Describe Carbon Black EDR capabilities available to respond to an incident Create addition detection controls to increase security This course teaches you how to use the VMware Carbon Black© EDR? product during incident response. Using the SANS PICERL framework, you will configure the server and perform an investigation on a possible incident. This course provides guidance on using Carbon Black EDR capabilities throughout an incident with an in-depth, hands-on, scenariobased lab. Course Introduction Introductions and course logistics Course objectives VMware Carbon Black EDR & Incident Response Framework identification and process Preparation Implement the Carbon Black EDR instance according to organizational requirements Identification Use initial detection mechanisms Process alerts Proactive threat hunting Incident determination Containment Incident scoping Artifact collection Investigation Eradication Hash banning Removing artifacts Continuous monitoring Recovery Rebuilding endpoints Getting to a more secure state Lessons Learned Tuning Carbon Black EDR Incident close out
Duration 1 Days 6 CPD hours This course is intended for System administrators and security operations personnel, including analysts and managers Overview By the end of the course, you should be able to meet the following objectives: Describe the components and capabilities of VMware Carbon Black Cloud Audit and Remediation Identify the architecture and data flows for Carbon Black Cloud Audit and Remediation communication Describe the use case and functionality of recommended queries Achieve a basic knowledge of SQL Describe the elements of a SQL query Evaluate the filtering options for queries Perform basic SQL queries on endpoints Describe the different response capabilities available from VMware Carbon Black Cloud This course teaches you how to use the VMware Carbon Black© Cloud Audit and Remediation? product to build queries for IT hygiene, incident response, and vulnerability assessment to support your organization?s security posture and policies. This course provides an in-depth, technical understanding of the product through comprehensive coursework and hands-on scenario-based labs. Course Introduction Introductions and course logistics Course objectives Data Flows and Communication Hardware and software requirements Architecture Data flows Query Basics Osquery Available tables Query scope Running versus scheduling Recommended Queries Use cases Inspecting the SQL query SQL Basics Components Tables Select statements Where clause Creating basic queries Filtering Results Where clause Exporting and filtering Basic SQL Queries Query creation Running queries Viewing results Advanced Search Capabilities Advanced SQL options Threat hunting Response Capabilities Using live response Additional course details:Notes Delivery by TDSynex, Exit Certified and New Horizons an VMware Authorised Training Centre (VATC) Nexus Humans VMware Carbon Black Cloud Audit and Remediation training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the VMware Carbon Black Cloud Audit and Remediation course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.
Duration 1 Days 6 CPD hours This course is intended for System administrators and security operations personnel, including analysts and managers Overview By the end of the course, you should be able to meet the following objectives: Describe the components and capabilities of VMware Carbon Black Cloud Endpoint Standard Identify the architecture and data flows for Carbon Black Cloud Endpoint Standard communication Perform searches across endpoint data to discover suspicious behavior Manage the Carbon Black Cloud Endpoint Standard rules based on organizational requirements Configure rules to address common threats Evaluate the impact of rules on endpoints Process and respond to alerts Describe the different response capabilities available from VMware Carbon Black CloudTM This course teaches you how to use the VMware Carbon Black Cloud Endpoint? Standard product and leverage the capabilities to configure and maintain the system according to your organization?s security posture and policies. This course provides an in-depth, technical understanding of the product through comprehensive coursework and hands-on scenario-based labs. Course Introduction Introductions and course logistics Course objectives Data Flows and Communication Hardware and software requirements Architecture Data flows Searching Data Creating searches Analyzing events Search operators Advanced queries Policy Components Rules Local scanner Sensor capabilities Prevention Capabilities Using Rules Rule types Rule creation Reputation priority Configuring rules Evaluating rule impact Processing Alerts Alert triage Alert actions Response Capabilities Using quarantine Using live response Hash banning
Duration 1 Days 6 CPD hours This course is intended for Security operations personnel, including analysts and managers Overview By the end of the course, you should be able to meet the following objectives: Describe the components and capabilities of VMware Carbon Black Cloud Enterprise EDR Identify the architecture and data flows for VMware Carbon Black Cloud Enterprise EDR communication Perform searches across endpoint data to discover suspicious behavior Manage watchlists to augment the functionality of VMware Carbon Black Cloud Enterprise EDR Create custom watchlists to detect suspicious activity in your environment Describe the process for responding to alerts in VMware Carbon Black Cloud Enterprise EDR Discover malicious activity within VMware Carbon Black Cloud Enterprise EDR Describe the different response capabilities available from VMware Carbon Black Cloud This course teaches you how to use the VMware Carbon Black© Cloud Enterprise EDR? product and leverage its capabilities to configure and maintain the system according to your organization?s security posture and policies. This course provides an in-depth, technical understanding of the product through comprehensive coursework and hands-on scenario-based labs. Course Introduction Introductions and course logistics Course objectives Data Flows and Communication Hardware and software requirements Architecture Data flows Searching Data Creating searches Search operators Analyzing processes Analyzing binaries Advanced queries Managing Watchlists Subscribing Alerting Custom watchlists Alert Processing Alert creation Analyzing alert data Alert actions Threat Hunting in Enterprise EDR Cognitive Attack Loop Malicious behaviors Response Capabilities Using quarantine Using live response Additional course details:Notes Delivery by TDSynex, Exit Certified and New Horizons an VMware Authorised Training Centre (VATC) Nexus Humans VMware Carbon Black Cloud Enterprise EDR training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the VMware Carbon Black Cloud Enterprise EDR course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.
Duration 3 Days 18 CPD hours This course is intended for Organizations today demand a professional-level cybersecurity threat intelligence analyst who can extract the intelligence from data by implementing various advanced strategies. Such professional-level programs can only be achieved when the core of the curricula maps with and is compliant to government and industry published threat intelligence frameworks. Ethical Hackers Security Practitioners, Engineers, Analysts, Specialist, Architects, and Managers Threat Intelligence Analysts, Associates, Researchers, Consultants Threat Hunters SOC Professionals Digital Forensic and Malware Analysts Incident Response Team Members Any mid-level to high-level cybersecurity professionals with a minimum of 2 years of experience. Individuals from the information security profession and who want to enrich their skills and knowledge in the field of cyber threat intelligence. Individuals interested in preventing cyber threats. Overview This program will benefit students who are looking to build effective threat intelligence for their organization in order to combat modern-day cyber-attacks and prevent future attacks. Certified Threat Intelligence Analyst (C|TIA) is designed and developed in collaboration with cybersecurity and threat intelligence experts across the globe to help organizations identify and mitigate business risks by converting unknown internal and external threats into known threats. It is a comprehensive, specialist-level program that teaches a structured approach for building effective threat intelligence. Introduction to Threat Intelligence Understanding Intelligence Understanding Cyber Threat Intelligence Overview of Threat Intelligence Lifecycle and Frameworks Cyber Threats and Kill Chain Methodology Understanding Cyber Threats Understanding Advanced Persistent Threats (APTs) Understanding Cyber Kill Chain Understanding Indicators of Compromise (IoCs) Requirements, Planning, Direction, and Review Understanding Organization?s Current Threat Landscape Understanding Requirements Analysis Planning Threat Intelligence Program Establishing Management Support Building a Threat Intelligence Team Overview of Threat Intelligence Sharing Reviewing Threat Intelligence Program Data Collection and Processing Overview of Threat Intelligence Data Collection Overview of Threat Intelligence Collection Management Overview of Threat Intelligence Feeds and Sources Understanding Threat Intelligence Data Collection and Acquisition Understanding Bulk Data Collection Understanding Data Processing and Exploitation Data Analysis Overview of Data Analysis Understanding Data Analysis Techniques Overview of Threat Analysis Understanding Threat Analysis Process Overview of Fine-Tuning Threat Analysis Understanding Threat Intelligence Evaluation Creating Runbooks and Knowledge Base Overview of Threat Intelligence Tools Intelligence Reporting and Dissemination Overview of Threat Intelligence Reports Introduction to Dissemination Participating in Sharing Relationships Overview of Sharing Threat Intelligence Overview of Delivery Mechanisms Understanding Threat Intelligence Sharing Platforms Overview of Intelligence Sharing Acts and Regulations Overview of Threat Intelligence Integration
Duration 2 Days 12 CPD hours This course is intended for This course is designed for security administrators and Check Point resellers who need to manage and monitor issues that may occur within their Security Management environment. Overview Understand how to use Check Point resources for support. Understand how to perform packet captures using tcmdump and FW Monitor command tools. Understand the basic process of kernel debugging, and how debug commands are structured. Recognize how to use various Linux commands for troubleshooting system issues. Recognize communication issues that may occur between SmartConsole and the SMS and how to resolve them. Understand how to troubleshoot SmartConsole login and authentication issues. Understand how to prevent and resolve licensing and contract issues. Understand how to troubleshoot issues that may occur during policy installation. Understand communication issues that may occur when collecting logs and how to resolve them. Recall various tools to use when analyzing issues with logs. Understand how to restore interrupted communications during heavy logging. Understand how NAT works and how to troubleshoot issues. Understand Client Side and Server Side NAT. Understand how the Access Control Policy functions and how the access control applications work together. Understand how to troubleshoot issues that may occur with Application Control and URL Filtering. Understand how the HTTPS Inspection process works and how to resolve issues that may occur during the process. Understand how to troubleshoot Content Awareness issues. Recognize how to troubleshoot VPN-related issues. Understand how to monitor cluster status and work with critical devices. Recognize how to troubleshoot State Synchronization. Understand how to troubleshoot communication issues between Identity Sources and Security Gateways. Understand how to troubleshoot and debug issues with internal Identity Awareness processes. The goal of this course is to provide an understanding of the concepts and skills necessary to troubleshoot issues which may occur when managing the Check Point Security Management architecture and Security Gateways. Course Outline An Introduction to Troubleshooting SmartConsole and Policy Management Troubleshooting Monitoring Logging Activity Troubleshooting Issues with NAT Understanding the Unified Access Control Policy Basic VPN Troubleshooting Monitoring ClusterXL Connections Understanding Identity Awareness Additional course details: Nexus Humans CCTA Check Point Troubleshooting Administration training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the CCTA Check Point Troubleshooting Administration course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.
Duration 1 Days 6 CPD hours This course is intended for System administrators and security operations personnel, including analysts and managers Overview By the end of the course, you should be able to meet the following objectives: Describe the components and capabilities of the Carbon Black EDR server Identify the architecture and data flows for Carbon Black EDR communication Identify the architecture for a cluster configuration and Carbon Black EDR cluster communication Describe the Carbon Black EDR server data types and data locations Use the API to interact with the Carbon Black EDR server without using the UI Create custom threat feeds for use in the Carbon Black EDR server Perform the integration with a syslog server Use different server-side scripts for troubleshooting Troubleshoot sensor-side configurations and communication This course teaches you how to use the advanced features of the VMware Carbon Black© EDR? product. This usage includes gaining access to the Linux server for management and troubleshooting in addition to configuring integrations and using the API. This course provides an in-depth, technical understanding of the Carbon Black EDR product through comprehensive coursework and hands-on scenario-based labs. This class focuses exclusively on advanced technical topics related to the technical back-end configuration and maintenance Course Introduction Introductions and course logistics Course objectives Architecture Data flows and channels Sizing considerations Communication channels and ports Server Datastores SOLR database Storage configurations and data aging Partition states Postgres Modulestore EDR API CBAPI overview Viewing API calls in the browser Utilizing the API to access data Threat Intelligence Feeds Feed structure Report indicator types Custom threat feed creation and addition Syslog Integration SIEM support Configuration Troubleshooting Server-side scripts Server logs Sensor operations Additional course details:Notes Delivery by TDSynex, Exit Certified and New Horizons an VMware Authorised Training Centre (VATC) Nexus Humans VMware Carbon Black EDR Advanced Administrator training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the VMware Carbon Black EDR Advanced Administrator course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.
Information on the risks and practical advice to address them TSC's eBooks, whitepapers, and reports cover some of the most important risks in information and cyber security — risks that constantly challenge information and cyber security professionals who work tirelessly to reduce them across their organisations and home users alike.