119 Privacy courses in Cardiff delivered Live Online

Cloud technologies training course description This course provides an introduction to cloud technologies, including, configuration and deployment, security, maintenance, and management. It covers all aspects of cloud computing infrastructure. It will help you to master the fundamental concepts, terminology, and characteristics of cloud computing. . What will you learn Contrast and compare AWS, GCP and Azure. Explain the different cloud services, models and characteristics. Explain cloud virtualization components and options. Explain cloud security options. Describe cloud automation, orchestration, monitoring and performance options. Cloud technologies training course details Who will benefit: Anyone working with or looking to work with cloud technologies. Prerequisites: None. Duration 2 days Cloud technologies training course contents What is the cloud? The Internet Cloud computing Benefits Disadvantages Cloud services IaaS, PaaS, SaaS, others. Cloud service providers AWS, GCP Microsoft Azure, others Cloud architectures Private, public, hybrid others Cloud based delivery The cloud and virtualization Virtual Machines, networks, storage, deployment. Accessing the Virtual Machine Secure cloud environments Security considerations. Data privacy considerations Automation and orchestration Monitoring and performance Performance Cost issues Cost containment

We are data protection specialists and this is our flagship training programme for Data Protection Officers, Data Protection Managers, Compliance Managers or anyone with a responsibility for Data Protection. The Data Protection (GDPR) Practitioner Certificate is an internationally recognised qualification, endorsed by TQUK, which is regulated by Ofqual, a UK Government department. It equips current and aspiring data protection officers and data protection managers with knowledge and skills to undertake data protection compliance activities throughout an organisation. It is a valuable course for anybody with data protection compliance responsibilities. The course takes account of the latest developments in this fast moving subject, together with the latest guidance from the ICO and includes real life, practical examples throughout. There are two versions of the course (with the same content and same trainer). The courses priced at £1200 are run by Computer Law Training and lead to the TQUK endorsed certificate. The courses priced at £1440+VAT are run in collaboration with, and are booked through, the Law Society of Scotland and, on successful completion, lead to the TQUK endorsed certificate and a 'Certified Specialist' certification from the Law Society of Scotland. Suitability - Who should attend? The training programme for Data Protection Officers, Data Protection Managers, Compliance Managers, Corporate Governance Managers or anyone with a responsibility for Data Protection. The Data Protection (GDPR) Practitioner Certificate is ideal for you if you: Are already undertaking the role of Data Protection Officer Expect to be filling the post of Data Protection Officer in their current employment Are looking for employment as a Data Protection Officer Have, or expect to have, data protection responsibilities in their organisation Need to advise others on data protection compliance Wish to be able to demonstrate verifiable practical skills and learning in this area. It is suitable for those working in: the public sector, the private sector and the third sector. In either case, it will teach participants essential data protection skills and in depth knowledge. Outcome / Qualification etc. Understand the importance of data protection legislation and compliance in the UK and beyond. Interpret key terminology of the UK GDPR and Data Protection Act 2018 (DPA) in a practical context Understand the key obligations of the UK GDPR and DPA Create appropriate policies and procedures necessary for data protection compliance Carry out a data protection audit and gap analysis Develop an action plan to address a data protection gap analysis Respond appropriately to data protection issues arising in an organisation Carry out the duties of a data protection officer Undertake accountability and risk analysis activities Training Course Content Day 1 Data Protection – history and background GDPR Overview What, really, is personal data Purposes & Legal Bases Day 2 Consent Special Categories of Personal Data Data Subject Rights Transparency Requirements Data Processors and Controllers Information Security Obligations Breach Reporting and Recording Day 3 Restricted (International) Transfers Cloud Services Accountability The Personal Data Audit & Record of Processing The “Accountability Portfolio” Data Protection by Design & Default Data Protection Impact Assessments Privacy Enhancing Technologies Data Protection Officers Direct Marketing & Cookies Day 4 Data Protection Act 2018 HR Issues Risk Frameworks Data Protection Governance Day 5 Data Protection Audit Gap Analysis Action Plan Implementation The ICO and Enforcement Brexit and the future (crystal ball!) The European Data Protection Board (EDPB) Questions Course delivery details The course is delivered on Zoom. It lasts 5 days over 3 weeks, 9.30-16.30. The advertised start date is usually a Tuesday which is the first day of the course. The course normally continues on the Thursday of that week, Tuesday and Thursday the following week and one day in the third week: 24, 26, 31 January & 2, 7 February 2023 The one-hour test to obtain the certificate is online by arrangement in the week or two following the course. The trainer for the course is Tim Musson, who has a Master of Laws degree in IT and Telecoms Law, is a Certified Information Privacy Professional (CIPP/E) and a Certified Information Privacy Technologist (CIPT).

Kerberos for engineers training course description This hands on course covers the details of Kerberos, from installation and administration through to how it all works including the protocols. What will you learn Describe what Kerberos is. Explain how Kerberos works. Install Kerberos. Configure Kerberos. Troubleshoot Kerberos. Kerberos for engineers training course details Who will benefit: Engineers interested in security. Prerequisites: TCP/IP foundation for engineers Duration 2 days Kerberos for engineers training course contents What is Kerberos? Single Sign On, The protocol, the standard, history, v4, v5, RFCs, Linux, Windows. Kerberos concepts and technology AAA, Authentication, Authorization, Accounting. Kerberos vs LDAP and directories. Privacy, integrity. Kerberos realms, principles, instances. Keys, salts, passwords. Key Distribution Centre, Authentication server, ticket granting server. Tickets. Installation and administration of Kerberos Installing Kerberos, creating realms, testing. DNS and Kerberos, Kerberos clients. Hands on Windows and Linux Kerberos. Kerberos protocols The Needham-Schroeder protocol, Kerberos v4. Authentication server, ticket granting server, Kerberos v5, encryption options, ticket options, other protocol features and extensions. Related protocols: GSSAPI, SPNEGO. Hands on Using Wireshark to 'see' Kerberos. Troubleshooting Kerberos Approach, debugging tools, errors and solutions. Hands on Kerberos troubleshooting. Kerberos security concerns Kerberos attacks, protocol security issues. Dictionary attacks, brute force attacks, replay attacks, MITM attacks, security solutions, protecting the KDC, firewalls, NAT and Kerberos. Hands on Kerberos logging. Software which uses Kerberos Kerberos logins, Kerberos and web based applications, Directory services. Advanced Kerberos issues Cross realm authentication, Windows issues, Windows and UNIX interoperability, Hands on Using a Windows DC for UNIX clients.

Penetration testing training course description An advanced technical hands on course focusing on hacking and counter hacking. The course revolves around a series of exercises based on "hacking" into a network (pen testing the network) and then defending against the hacks. What will you learn Perform penetration tests. Explain the technical workings of various penetration tests. Produce reports on results of penetration tests. Defend against hackers. Penetration testing training course details Who will benefit: Technical support staff, auditors and security professionals. Staff who are responsible for network infrastructure integrity. Prerequisites: IP Security IP VPNs Duration 5 days Penetration testing training course contents Introduction Hacking concepts, phases, types of attacks, 'White hacking', What is penetration testing? Why use pen testing, black box vs. white box testing, equipment and tools, security lifecycles, counter hacking, pen testing reports, methodologies, legal issues. Physical security and social engineering Testing access controls, perimeter reviews, location reviews, alarm response testing. Request testing, guided suggestions, trust testing. Social engineering concepts, techniques, counter measures, Identity theft, Impersonation on social media, Footprints through social engineering Reconnaissance (discovery) Footprinting methodologies, concepts, threats and countermeasures, WHOIS footprinting, Gaining contacts and addresses, DNS queries, NIC queries, ICMP ping sweeping, system and server trails from the target network, information leaks, competitive intelligence. Scanning pen testing. Gaining access Getting past passwords, password grinding, spoofed tokens, replays, remaining anonymous. Scanning (enumeration) Gaining OS info, platform info, open port info, application info. Routes used, proxies, firewalking, Port scanning, stealth port scanning, vulnerability scanning, FIN scanning, Xmas tree scanning, Null scanning, spoofed scanning, Scanning beyond IDS. Enumeration concepts, counter measures and enumeration pen testing. Hacking Hacking webservers, web applications, Wireless networks and mobile platforms. Concepts, threats, methodology, hacking tools and countermeasures. Trojan, Backdoors, Sniffers, Viruses and Worms Detection, concepts, countermeasures, Pen testing Trojans, backdoors, sniffers and viruses. MAC attacks, DHCP attacks, ARP poisoning, DNS poisoning Anti-Trojan software, Malware analysis Sniffing tools. Exploiting (testing) vulnerabilities Buffer overflows,, simple exploits, brute force methods, UNIX based, Windows based, specific application vulnerabilities. DoS/DDoS Concepts, techniques, attack tools, Botnet, countermeasures, protection tools, DoS attack pen testing. SQL Injection Types and testing, Blind SQL Injection, Injection tools, evasion and countermeasures. Securing networks 'Hurdles', firewalls, DMZ, stopping port scans, IDS, Honeypots, Router testing, firewall testing, IDS testing, Buffer Overflow. Cryptography PKI, Encryption algorithms, tools, Email and Disk Encryption. Information security Document grinding, privacy.

A one day course on GDPR for beginners, including practical exercises.

H.323 training course description A hands on course covering IP telephony with H.323. The course starts with a brief review of knowledge students should already possess including RTP and RTCP. The main focus is on H.323 protocols though, progressing from what H.323 is through signalling, call processing and architectures, moving onto more advanced issues including security, multimedia, conferencing, and interoperability. Hands on practicals follow each major theory session. What will you learn Explain how H.323 works. Analyse H.323 packets. Deploy H.323 IP telephony solutions. Integrate H.323 with other telephony solutions. H.323 training course details Who will benefit: Technical staff working with H.323 Prerequisites: Voice Over IP Duration 2 days H.323 training course contents VoIP review Brief review of VoIP, IP, telephones and voice. RTP, RTCP, mixers and translators. What is H.323? The framework, Why H.323, history, H.323 standards and the ITU, H.323 versions 1,2,3,4, and 5, Annexes and Appendices, capabilities, services, How H.323 works, a basic call. H.323 protocol stack The overall framework, Audio codecs (H.7xx), Video codecs (H.26x), T.120 data conferencing. H.323 Architecture Endpoints: Terminals, MCUs, gateways. Gatekeepers, border and peer elements, design issues, signalling with and without gatekeepers. H.225 Packet format, ASN.1, Information elements, Call setup, Call control. Gatekeepers Gatekeeper features, admissions, address translation, bandwidth management, call routing, zones, administrative domains, gatekeeper discovery, call establishment, fast connect. RAS packet formats, RAS signalling. Alternate gatekeepers. H.245 Purpose, call control channel, relationship with H.225, message format, tunnelling. H.323 Supplementary services Conferencing: point to point, multipoint, hybrid, broadcast, H.332. H.450.x. Call transfer, diversion, hold and waiting. Remote device control (H.282, H.283). Capability exchange, Video. Security H.235. Authentication, privacy, transport layer level security. Interoperability Gateways, Inter working with PSTN, SIP and H323. H.246. Annexes and Appendices An overview.

Want to learn how to create eye-catching and engaging graphics for your business? Join our Using Canva workshop to find out how to utilise the online graphic design platform Canva to make everything from your company branding to social media posts and more! Event details: Time: 10am – 11:30am Location: Online (ZOOM) Cost: £25pp (£30pp from after April) In this course, we’ll cover everything from: How to sign up and get set up on the platform How to navigate Canva as a beginner Creating a brand kit for your business Creating a new graphic together for a campaign for a business Walkthrough of all the basic features of Canva Resizing designs to make posters and leaflets  As part of the live event of this workshop, we will also have a Questions and Answers session to finish this online workshop, where participants can ask specific questions about how to use Canva for their business. Meet the Host: Kerry Madge | Marketing Executive, Let's Do Marketing Kerry Madge is a dynamic Marketing Executive at Let's Do Marketing, bringing nearly six years of diverse experience collaborating with businesses of all sizes. Holding a BA in Marketing Management, Kerry excels in social media advertising, graphic design, and copywriting. Her passion lies in crafting creative solutions and developing comprehensive marketing strategies that empower small businesses to visualise and achieve their overarching goals. Privacy Notice By registering for this event, you agree to Let’s Do Business Group processing and managing your personal data in accordance with our Privacy Policy. Your data will only be used for the purposes of managing your event registration and any relevant communications.

Duration 5 Days 30 CPD hours This course is intended for This course is intended for experienced IT security-related practitioners, auditors, consultants, investigators, or instructors, including network or security analysts and engineers, network administrators, information security specialists, and risk management professionals, who are pursuing CISSP training and certification to acquire the credibility and mobility to advance within their current computer security careers or to migrate to a related career. Through the study of all eight CISSP Common Body of Knowledge (CBK) domains, students will validate their knowledge by meeting the necessary preparation requirements to qualify to sit for the CISSP certification exam. Additional CISSP certification requirements include a minimum of five years of direct professional work experience in two or more fields related to the eight CBK security domains, or a college degree and four years of experience. Overview #NAME? In this course, students will expand upon their knowledge by addressing the essential elements of the 8 domains that comprise a Common Body of Knowledge (CBK)© for information systems security professionals. Prerequisites CompTIA Network+ Certification 1 - Security and Risk Management Security Governance Principles Compliance Professional Ethics Security Documentation Risk Management Threat Modeling Business Continuity Plan Fundamentals Acquisition Strategy and Practice Personnel Security Policies Security Awareness and Training 2 - Asset Security Asset Classification Privacy Protection Asset Retention Data Security Controls Secure Data Handling 3 - Security Engineering Security in the Engineering Lifecycle System Component Security Security Models Controls and Countermeasures in Enterprise Security Information System Security Capabilities Design and Architecture Vulnerability Mitigation Vulnerability Mitigation in Embedded, Mobile, and Web-Based Systems Cryptography Concepts Cryptography Techniques Site and Facility Design for Physical Security Physical Security Implementation in Sites and Facilities 4 - Information Security Management Goals Organizational Security The Application of Security Concepts 5 - Information Security Classification and Program Development Information Classification Security Program Development 6 - Risk Management and Ethics Risk Management Ethics 7 - Software Development Security Software Configuration Management Software Controls Database System Security 8 - Cryptography Ciphers and Cryptography Symmetric-Key Cryptography Asymmetric-Key Cryptography Hashing and Message Digests Email, Internet, and Wireless Security Cryptographic Weaknesses 9 - Physical Security Physical Access Control Physical Access Monitoring Physical Security Methods Facilities Security

Essential IMS training course description The IP Multimedia Core Network Subsystem (IMS) is defined by 3GPP as a new mobile infrastructure. This course studies the discreet elements in the IMS. What will you learn Describe the IMS. Describe the IMS architecture. Explain how charging, security and QoS is handled in the IMS. Explain how the IMS supports service enablers such as Push to talk and Presence. Essential IMS training course details Who will benefit: Telecommunications staff. Prerequisites: Mobile communications overview Duration 2 days Essential IMS training course contents Mobile communications review The role of IP in telecommunications. GSM to IMS. Enhanced multimedia services, Push To, convergence, conferencing, roaming. What is IMS? What it is, why IMS, standard bodies: 3GPP, IETF, OMA, IMS services. MMD comparison. IMS architecture blocks Overview, IMS functions, IMS interfaces, IMS protocols, IMS elements, IMS reference points. Access network, IMS in GSM, CDMA, WiFi & PSTN networks. Core network. Application, Control and Call planes. HSS - User database Identification. The user database, role of HSS, SLF and multiple HSSs. 'Normal' identities, IMPI, IMPU. IMS signalling: SIP What is SIP? SIP URI, contact address, UAs, Proxies, basic SIP call flow, SIP sessions. IMS other protocols Megaco, Diameter, XML, XCAP, COPS, RTP/RTCP, SDP, H.324M, IM and MSRP. Call/Session Control Call Session Control Functions (CSCF). Domains. Home networks, visited networks. CSCF and SIP. P-CSCF, P-CSCF discovery, P-CSCF functions. I-CSCF, DNS and I-CSCF. S-CSCF, S-CSCF functions, ENUM lookups. QoS. Example call flows. IMS services Open service platform, Application Servers, profiles, AS interface with S-CSCF. 'Normal' services (Caller ID, Call waiting, transfer…) Push to talk Over Cellular (PoC), IMS conferencing, Group management, IMS Presence, IMS Messaging. Other possible applications. Media servers. (MRFC, MRFP). Gateways IMS PSTN procedures, BGCF, PSTN interface. SGW, MGCF, MGW Charging Architecture, Offline, online and flow based charging, charging reference points, CCF, DIAMETER, ICID, IOI. IMS security IMS security architecture, identities, AAA, public and private user ID, service filters, Cx interface, RADIUS, Diameter protocol, 3GPP AKA, integrity, privacy, NDS, IPSEC, trust, assertion.

Duration 1 Days 6 CPD hours This course is intended for The audience for this course is looking to familiarize themselves with the fundamentals of security, compliance, and identity (SCI) across cloud-based and related Microsoft services. The content for this course aligns to the SC-900 exam objective domain. Candidates should be familiar with Microsoft Azure and Microsoft 365 and understand how Microsoft security, compliance, and identity solutions can span across these solution areas to provide a holistic and end-to-end solution. Before attending this course, students must have: General understanding of networking and cloud computing concepts. General IT knowledge or any general experience working in an IT environment. General understanding of Microsoft Azure and Microsoft 365. This course provides foundational level knowledge on security, compliance, and identity concepts and related cloud-based Microsoft solutions. Prerequisites General understanding of networking and cloud computing concepts. General IT knowledge or any general experience working in an IT environment. General understanding of Microsoft Azure and Microsoft 365. 1 - Describe security and compliance concepts Describe the shared responsibility model Describe defense in depth Describe the Zero Trust model Describe governance, risk, and compliance (GRC) concepts 2 - Describe identity concepts Define authentication and authorization Define identity as the primary security perimeter Describe the role of the identity provider Describe the concept of directory services and Active Directory Describe the concept of federation 3 - Describe the function and identity types of Microsoft Entra ID Describe Microsoft Entra ID Describe types of identities Describe hybrid identity Describe external identities 4 - Describe the authentication capabilities of Microsoft Entra ID Describe authentication methods Describe multifactor authentication Describe self-service password reset Describe password protection and management capabilities 5 - Describe access management capabilities of Microsoft Entra ID Describe Conditional Access Describe Microsoft Entra roles and role-based access control (RBAC) 6 - Describe the identity protection and governance capabilities of Azure AD Describe Microsoft Entra ID Governance Describe access reviews Describe entitlement management Describe the capabilities of Privileged identity Management Describe Microsoft Entra ID Protection Describe Microsoft Entra Permissions Management Describe Microsoft Entra Verified ID 7 - Describe core infrastructure security services in Azure Describe Azure DDoS protection Describe Azure Firewall Describe Web Application Firewall Describe network segmentation in Azure Describe Azure Network Security Groups Describe Azure Bastion Describe Azure Key Vault 8 - Describe the security management capabilities in Azure Describe Microsoft Defender for Cloud Describe how security policies and initiatives improve cloud security posture Describe Cloud security posture management Describe the enhanced security of Microsoft Defender for Cloud Describe DevOps security management 9 - Describe security capabilities of Microsoft Sentinel Describe threat detection and mitigation capabilities in Microsoft Sentinel Describe Microsoft Security Copilot 10 - Describe threat protection with Microsoft Defender XDR Describe Microsoft Defender XDR services Describe Microsoft Defender for Office 365 Describe Microsoft Defender for Endpoint Describe Microsoft Defender for Cloud Apps Describe Microsoft Defender for Identity Describe Microsoft Defender Vulnerability Management Describe Microsoft Defender Threat Intelligence Describe the Microsoft Defender portal 11 - Describe Microsoft?s Service Trust portal and privacy capabilities Describe the offerings of the Service Trust portal Describe Microsoft's privacy principles Describe Microsoft Priva 12 - Describe the compliance management capabilities in Microsoft Purview Describe the Microsoft Purview compliance portal Describe Compliance Manager Describe use and benefits of compliance score 13 - Describe information protection, data lifecycle management, and data governance capabilities in Microsoft Purview Know your data, protect your data, and govern your data Describe the data classification capabilities of the compliance portal Describe sensitivity labels and policies Describe data loss prevention Describe retention policies and retention labels Describe records management Describe the Microsoft Purview unified data governance solution 14 - Describe the insider risk capabilities in Microsoft Purview Describe insider risk management Describe communication compliance 15 - Describe the eDiscovery and Audit capabilities in Microsoft Purview Describe the eDiscovery solutions in Microsoft Purview Describe the audit solutions in Microsoft Purview