1450 Privacy courses

Duration 3 Days 18 CPD hours This course is intended for This course is designed for software developers, testers, and architects who design and develop software in various programming languages and platforms, including desktop, web, cloud, and mobile, and who want to improve their ability to deliver software that is of high quality, particularly regarding security and privacy. This course is also designed for students who are seeking the CertNexus Cyber Secure Coder (CSC) Exam CSC-210 certification Overview In this course, you will employ best practices in software development to develop secure software.You will: Identify the need for security in your software projects. Eliminate vulnerabilities within software. Use a Security by Design approach to design a secure architecture for your software. Implement common protections to protect users and data. Apply various testing methods to find and correct security defects in your software. Maintain deployed software to ensure ongoing security... The stakes for software security are very high, and yet many development teams deal with software security only after the code has been developed and the software is being prepared for delivery. As with any aspect of software quality, to ensure successful implementation, security and privacy issues should be managed throughout the entire software development lifecycle. This course presents an approach for dealing with security and privacy throughout the entire software development lifecycle. You will learn about vulnerabilities that undermine security, and how to identify and remediate them in your own projects. You will learn general strategies for dealing with security defects and misconfiguration, how to design software to deal with the human element in security, and how to incorporate security into all phases of development. Identifying the Need for Security in Your Software Projects Identify Security Requirements and Expectations Identify Factors That Undermine Software Security Find Vulnerabilities in Your Software Gather Intelligence on Vulnerabilities and Exploits Handling Vulnerabilities Handle Vulnerabilities Due to Software Defects and Misconfiguration Handle Vulnerabilities Due to Human Factors Handle Vulnerabilities Due to Process Shortcomings Designing for Security Apply General Principles for Secure Design Design Software to Counter Specific Threats Developing Secure Code Follow Best Practices for Secure Coding Prevent Platform Vulnerabilities Prevent Privacy Vulnerabilities Implementing Common Protections Limit Access Using Login and User Roles Protect Data in Transit and At Rest Implement Error Handling and Logging Protect Sensitive Data and Functions Protect Database Access Testing Software Security Perform Security Testing Analyze Code to find Security Problems Use Automated Testing Tools to Find Security Problems Maintaining Security in Deployed Software Monitor and Log Applications to Support Security Maintain Security after Deployment

  The GDPR Foundation training enables delegates to understand how to define and implement a privacy compliance framework aligned to best practice. During this training course, you will be able to understand the fundamental privacy principles and become familiar with the role of the Data Protection team and the DPO. About This Course   At Foundational level, candidates prove they have understood the fundamental methodologies, requirements, best practice and management approach of a Privacy Compliance Framework. Learning principles;   Understand the General Data Protection Regulation requirements and the fundamental principles of privacy Understand the obligations, roles and responsibilities of the Data Protection Officer Understand the concepts, approaches, methods and techniques to effectively participate in the implementation process of a compliance framework with regard to the protection of personal data.   Educational approach; Lecture sessions are illustrated with practical questions and examples Practical exercises include examples and discussions Practice tests are similar to the Certification Exam   Course Agenda Day 1: Introduction to GDPR and Data Protection Principles Day 2: The General Data Protection Regulation requirements and Certification Exam Prerequisites   There are no prerequisites for this course. What's Included?   Refreshments & Lunch (Classroom courses only Course Slide Deck CPD Certificate   Who Should Attend?   Individuals involved in the processing of Personal Data and Information Security Individuals seeking to gain knowledge about the main privacy principles Individuals interested to pursue a career in Data Protection Provided by   This course is Accredited by NACS and Administered by the IECB Assessment   Delegates sit a combined exam, consisting of in-course quizzes and exercises, as well as a final 40 question, multiple choice exam on Day 2 of the course. The overall passing score is 70%, to be achieved within the 60 minute time allowance. Exam results are provided within 24 hours, with both a Certificate and a digital badge provided as proof of success.

Take your basic cyber security knowledge to a new level with this exciting course that promises to be educational, informative, and fun-filled. Build upon a basic foundation in cyber security with a strong focus on networking, privacy and anonymity, malware, email security, backups and encryption, and Windows 10 Hardening.

WiMax training course description Broadband wireless access is an emerging technology area. This course looks at WiMAX, where it can be used, how it works and the alternative technologies. What will you learn Describe WiMAX. Explain how WiMAX works. Compare and contrast WiMAX with alternative broadband wireless access technologies. WiMax training course details Who will benefit: Anyone wishing to know more about WiMAX. Prerequisites: None. Duration 2 days WiMax training course contents Introduction What is WiMAX? WiMAX applications, The Internet, Internet access choices, wireless broadband access, WiMAX benefits. WiMAX overview Spectrums, LOS vs. non-LOS, bit rates, modulation, mobility, channel bandwidth, cell radius. WiMAX standards The WiMAX forum, IEEE, ETSI, HIPERACCESS, HIPERMAN, 802.16, 802.16-2004, 802.16a, 802.16e, 802.16f. WiMAX architecture Subscriber Stations (SS), Indoors, outdoors, antennas, Radio Base Stations (BS), LOS, Non LOS BackHaul, Point to multipoint, mesh support. Physical layer 10 - 66GHz, TDMA, TDD, FDD, 2 -11 GHz, SC2, OFDM, OFDMA, QPSK, QAM, Radio Link Control (RLC), uplink, downlink. MAC layer Traffic types (continuous, bursty), QoS, service types. MAC operations, connection oriented, frame structure, addressing. Convergence sublayers, service specific, common part, profiles (IP, ATM). Bandwidth request-grant, ARQ, Management messages. Security MAC privacy sublayer, network access authentication, AAA, 802.1x, key exchange and privacy. WiMAX alternatives WiMAX vs. 3G, WiMAX vs. 802.20.

Security+ training course description A hands on course aimed at getting delegates successfully through the CompTia Security+ examination. What will you learn Explain general security concepts. Describe the security concepts in communications. Describe how to secure an infrastructure. Recognise the role of cryptography. Describe operational/organisational security. Security+ training course details Who will benefit: Those wishing to pass the Security+ exam. Prerequisites: TCP/IP foundation for engineers Duration 5 days Security+ training course contents General security concepts Non-essential services and protocols. Access control: MAC, DAC, RBAC. Security attacks: DOS, DDOS, back doors, spoofing, man in the middle, replay, hijacking, weak keys, social engineering, mathematical, password guessing, brute force, dictionary, software exploitation. Authentication: Kerberos, CHAP, certificates, usernames/ passwords, tokens, biometrics. Malicious code: Viruses, trojan horses, logic bombs, worms. Auditing, logging, scanning. Communication security Remote access: 802.1x, VPNs, L2TP, PPTP, IPsec, RADIUS, TACACS, SSH. Email: S/MIME, PGP, spam, hoaxes. Internet: SSL, TLS, HTTPS, IM, packet sniffing, privacy, Javascript, ActiveX, buffer overflows, cookies, signed applets, CGI, SMTP relay. LDAP. sftp, anon ftp, file sharing, sniffing, 8.3 names. Wireless: WTLS, 802.11, 802.11x, WEP/WAP. Infrastructure security Firewalls, routers, switches, wireless, modems, RAS, PBX, VPN, IDS, networking monitoring, workstations, servers, mobile devices. Media security: Coax, UTP, STP, fibre. Removable media. Topologies: Security zones, DMZ, Intranet, Extranet, VLANs, NAT, Tunnelling. IDS: Active/ passive, network/host based, honey pots, incident response. Security baselines: Hardening OS/NOS, networks and applications. Cryptography basics Integrity, confidentiality, access control, authentication, non-repudiation. Standards and protocols. Hashing, symmetric, asymmetric. PKI: Certificates, policies, practice statements, revocation, trust models. Key management and certificate lifecycles. Storage: h/w, s/w, private key protection. Escrow, expiration, revocation, suspension, recovery, destruction, key usage. Operational/Organisation security Physical security: Access control, social engineering, environment. Disaster recovery: Backups, secure disaster recovery plans. Business continuity: Utilities, high availability, backups. Security policies: AU, due care, privacy, separation of duties, need to know, password management, SLAs, disposal, destruction, HR policies. Incident response policy. Privilege management: Users, groups, roles, single sign on, centralised/decentralised. Auditing. Forensics: Chain of custody, preserving and collecting evidence. Identifying risks: Assets, risks, threats, vulnerabilities. Role of education/training. Security documentation.

Duration 5 Days 30 CPD hours This course is intended for The CCSP is ideal for IT and information security leaders responsible for applying best practices to cloud security architecture, design, operations and service orchestration. Overview Upon completing this course, the participants will gain valuable knowledge and skills including the ability to: - Successfully pass the CCSP exam. - Understand the fundamentals of the cloud computing architecture framework. - Understand security challenges associated with different types of cloud services. - Identify and evaluate security risks for their organization?s cloud environments. - Select and implement appropriate controls to ensure secure implementation of cloud services. - Thoroughly understand the 6 essential core domains of the CCSP common body of knowledge: 1. Architectural Concepts & Design Requirements 2. Cloud Data Security 3. Cloud Platform & Infrastructure Security 4. Cloud Application Security 5. Operations 6. Legal & Compliance The goal of the course is to prepare professionals for the challenging CCSP exam by covering the objectives of the exam based on the six domains as defined in the (ISC)2 CCSP common body of knowledge. 1 - Architectural Concepts and Design Requirements Cloud Computing Concepts Cloud Reference Architecture Cloud Computing Security Concepts Design Principles of Secure Cloud Computing Trusted Cloud Services 2 - Cloud Data Security CSA (Cloud Security Alliance) Cloud Data Lifecycle Cloud Data Storage Architectures Data Security Strategies Data Discovery and Classification Technologies Protecting Privacy and PII (Personally Identifiable Information) Data Rights Management Data Retention, Deletion, and Archiving Policies Auditability, Traceability, and Accountability of Data Events 3 - Cloud Platform and Infrastructure Security Cloud Infrastructure Components Cloud Infrastructure Risks Designing and Planning Security Controls Disaster Recovery and Business Continuity Management 4 - Cloud Application Security The Need for Security Awareness and Training in application Security Cloud Software Assurance and Validation Verified Secure Software SDLC (Software Development Life Cycle) Process Secure SDLC Specifics of Cloud Application Architecture Secure IAM (Identity and Access Management) Solutions 5 - Operations Planning Process for the Data Center Design Installation and Configuration of Physical Infrastructure for Cloud Environment Running Physical Infrastructure for Cloud Environment Managing Physical Infrastructure for Cloud Environment Installation and Configuration of Logical Infrastructure for Cloud Environment Running Logical Infrastructure for Cloud Environment Managing Logical Infrastructure for Cloud Environment Compliance with Regulations and Controls Risk Assessment for Logical and Physical Infrastructure Collection, Acquisition, and Preservation of Digital Evidence Managing Communication with Stakeholders 6 - Legal and Compliance Legal Requirements and Unique Risks within the Cloud Environment Relevant Privacy and PII Laws and Regulations Audit Process, Methodologies, and Required Adaptions for a Cloud Environment Implications of Cloud to Enterprise Risk Management Outsourcing and Cloud Contract Design Vendor Management

Lawful Intercept training course description Packet based networks require a different approach to Lawful Intercept (LI) than that used in circuit switched networks. This course focuses on what Lawful Interception and Data Retention (DR) means to communications service providers in the IP and NGN areas. The course assumes a basic knowledge of IP networking (i.e. DNS, TCP/UDP, IP, RTP) and the building of services on an IP platform (e.g. SIP, SDP, FTP, HTTP). The course first looks at the regulatory context for LI and DR and how this is translated to a practical architecture. What will you learn Recognise the legal and regulatory obligations to provide LI and DR. Identify the components of the handover architecture for each of LI and DR. Identify the preferred location of points of interception and points of retention in the IP network. Map intercepted material to handover protocols. Understand the data mapping defined in the available standards for both LI and DR. Lawful Intercept training course details Who will benefit: Technical and managerial staff needing to implement public networks. Prerequisites: TCP/IP Foundation Duration 1 day Lawful Intercept training course contents What is meant by LI and DR? Review of regulation: Data protection Directive; Data Retention Directive; RIPA. LI architectures Handover and Interception: ETSI standards ES 201 671 and TS 102 232. LI handover protocol IRI and CC handover; correlation; manual interfaces. DR architectures Handover of query results; points of retention. DR query command set Retrieval of retained records. Security concerns Operation privacy; target privacy; storage and transmission integrity. Implementation Identifying PoI and PoR for provided services. LI and DR wrap up Interaction with other services, storage obligations (volume, time, availability).

5-day intensive data protection course, delivered by a specialist.

Duration 1 Days 6 CPD hours This course is intended for This course is designed for candidates looking to demonstrate foundational-level knowledge of cloud-based solutions to facilitate productivity and collaboration on-site, at home, or a combination of both.ÿCandidates may have knowledge of cloud-based solutions or may be new to Microsoft 365. Overview After completing this course, students will be able to: Describe cloud concepts Describe core Microsoft 365 services and concepts Describe security, compliance, privacy, and trust in Microsoft 365 Describe Microsoft 365 pricing and support This course introduces Microsoft 365, an integrated cloud platform that delivers industry-leading productivity apps along with intelligent cloud services, and world-class security. You?ll learn foundational knowledge on the considerations and benefits of adopting cloud services and the Software as a Service (SaaS) cloud model, with a specific focus on Microsoft 365 cloud service offerings. You will begin by learning about cloud fundamentals, including an overview of cloud computing. You will be introduced to Microsoft 365 and learn how Microsoft 365 solutions improve productivity, facilitate collaboration, and optimize communications. The course then analyzes how security, compliance, privacy, and trust are handled in Microsoft 365, and it concludes with a review of Microsoft 365 subscriptions, licenses, billing, and support. 1 - Describe cloud computing What is cloud computing Describe the shared responsibility model Define cloud models Describe the consumption-based model 2 - Describe the benefits of using cloud services Describe the benefits of high availability and scalability in the cloud Describe the benefits of reliability and predictability in the cloud Describe the benefits of security and governance in the cloud Describe the benefits of manageability in the cloud 3 - Describe cloud service types Describe Infrastructure as a Service Describe Platform as a Service Describe Software as a Service 4 - What is Microsoft 365? Describe the differences between Office 365 and Microsoft 365 Describe Windows 365 Describe how Microsoft 365 empowers workers in this hybrid world of work Explore Microsoft 365 tenant 5 - Describe productivity solutions of Microsoft 365 Describe the productivity capabilities and benefits of Microsoft 365 Describe Microsoft 365 Apps Describe work management tools in Microsoft 365 Describe additional Microsoft 365 productivity apps 6 - Describe collaboration solutions of Microsoft 365 Describe the collaboration capabilities and benefits of Microsoft 365 Describe how Microsoft Teams promotes collaboration and enhances teamwork Describe the Microsoft Viva apps Describe how Yammer helps communities connect and grow 7 - Describe endpoint modernization, management concepts, and deployment options in Microsoft 365 Describe the endpoint management capabilities of Microsoft 365 Compare the differences of Windows 365 and Azure Virtual Desktop Describe the deployment and release models for Windows-as-a-Service (WaaS) Identify deployment methods and update channels for Microsoft 365 Apps 8 - Describe analytics capabilities of Microsoft 365 Describe the capabilities of Viva Insights Describe the capabilities of the Microsoft 365 admin center and Microsoft 365 user portal Describe the reports available in the Microsoft 365 admin center and other admin centers 9 - Describe the services and identity types of Azure AD Describe Azure Active Directory Describe the available Azure AD editions Describe Azure AD identity types Describe the types of external identities Describe the concept of hybrid identity 10 - Describe the access management capabilities of Azure AD Describe Conditional Access in Azure AD Describe the benefits of Azure AD roles and role-based access control 11 - Describe threat protection with Microsoft 365 Defender Describe Microsoft 365 Defender services Describe Microsoft Defender for Office 365 Describe Microsoft Defender for Endpoint Describe Microsoft Defender for Cloud Apps Describe Microsoft Defender for Identity Describe the Microsoft 365 Defender portal 12 - Describe security capabilities of Microsoft Sentinel Describe how Microsoft Sentinel provides integrated threat management Understand Sentinel costs 13 - Describe the compliance management capabilities in Microsoft Purview Describe the Microsoft Purview compliance portal Describe Compliance Manager Describe use and benefits of compliance score 14 - Describe the Service Trust Portal and privacy at Microsoft Describe the Service Trust Portal Describe Microsoft's privacy principles Describe Microsoft Priva 15 - Describe Microsoft 365 pricing, licensing, and billing options Explore pricing models for Microsoft cloud services Explore the billing and bill management options Explore the available licensing and management options 16 - Describe support offerings for Microsoft 365 services Explore support options for Microsoft 365 services Explain service level agreement (SLAs) concepts Identify how to track the service health status Explore how organizations can share feedback on Microsoft 365 services

Implement and manage a compliance framework to protect personal data using GDPR Foundation training.