1215 Security courses in Pyle delivered Live Online

Duration 5 Days 30 CPD hours This course is intended for The CCSP is ideal for IT and information security leaders responsible for applying best practices to cloud security architecture, design, operations and service orchestration. Overview Upon completing this course, the participants will gain valuable knowledge and skills including the ability to: - Successfully pass the CCSP exam. - Understand the fundamentals of the cloud computing architecture framework. - Understand security challenges associated with different types of cloud services. - Identify and evaluate security risks for their organization?s cloud environments. - Select and implement appropriate controls to ensure secure implementation of cloud services. - Thoroughly understand the 6 essential core domains of the CCSP common body of knowledge: 1. Architectural Concepts & Design Requirements 2. Cloud Data Security 3. Cloud Platform & Infrastructure Security 4. Cloud Application Security 5. Operations 6. Legal & Compliance The goal of the course is to prepare professionals for the challenging CCSP exam by covering the objectives of the exam based on the six domains as defined in the (ISC)2 CCSP common body of knowledge. 1 - Architectural Concepts and Design Requirements Cloud Computing Concepts Cloud Reference Architecture Cloud Computing Security Concepts Design Principles of Secure Cloud Computing Trusted Cloud Services 2 - Cloud Data Security CSA (Cloud Security Alliance) Cloud Data Lifecycle Cloud Data Storage Architectures Data Security Strategies Data Discovery and Classification Technologies Protecting Privacy and PII (Personally Identifiable Information) Data Rights Management Data Retention, Deletion, and Archiving Policies Auditability, Traceability, and Accountability of Data Events 3 - Cloud Platform and Infrastructure Security Cloud Infrastructure Components Cloud Infrastructure Risks Designing and Planning Security Controls Disaster Recovery and Business Continuity Management 4 - Cloud Application Security The Need for Security Awareness and Training in application Security Cloud Software Assurance and Validation Verified Secure Software SDLC (Software Development Life Cycle) Process Secure SDLC Specifics of Cloud Application Architecture Secure IAM (Identity and Access Management) Solutions 5 - Operations Planning Process for the Data Center Design Installation and Configuration of Physical Infrastructure for Cloud Environment Running Physical Infrastructure for Cloud Environment Managing Physical Infrastructure for Cloud Environment Installation and Configuration of Logical Infrastructure for Cloud Environment Running Logical Infrastructure for Cloud Environment Managing Logical Infrastructure for Cloud Environment Compliance with Regulations and Controls Risk Assessment for Logical and Physical Infrastructure Collection, Acquisition, and Preservation of Digital Evidence Managing Communication with Stakeholders 6 - Legal and Compliance Legal Requirements and Unique Risks within the Cloud Environment Relevant Privacy and PII Laws and Regulations Audit Process, Methodologies, and Required Adaptions for a Cloud Environment Implications of Cloud to Enterprise Risk Management Outsourcing and Cloud Contract Design Vendor Management

Duration 4 Days 24 CPD hours This course is intended for This course is designed for the aspiring or sitting upper-level manager striving to advance his or her career by learning to apply their existing deep technical knowledge to business problems. In this course, students will learn in-depth content in each of the 5 CCISO Domains Domain 01 - Governance Define, Implement, Manage, and Maintain an Information Security Governance Program Information Security Drivers Establishing an information security management structure Laws/Regulations/Standards as drivers of Organizational Policy/Standards/Procedures Managing an enterprise information security compliance program Risk Management Risk mitigation, risk treatment, and acceptable risk Risk management frameworks NIST Other Frameworks and Guidance (ISO 31000, TARA, OCTAVE, FAIR, COBIT, and ITIL) Risk management plan implementation Ongoing third-party risk management Risk management policies and processes Conclusion Domain 2 - Security Risk Management, Controls, & Audit Management INFORMATION SECURITY CONTROLS COMPLIANCE MANAGEMENT GUIDELINES, GOOD AND BEST PRACTICES AUDIT MANAGEMENT SUMMARY Domain 03 - Security Program Management and Operations PROGRAM MANAGEMENT OPERATIONS MANAGEMENT Summary Domain 04 - Information Security Core Concepts ACCESS CONTROL PHYSICAL SECURITY NETWORK SECURITY ENDPOINT PROTECTION APPLICATION SECURITY ENCRYPTION TECHNOLOGIES VIRTUALIZATION SECURITY CLOUD COMPUTING SECURITY TRANSFORMATIVE TECHNOLOGIES Summary Domain 05 - Strategic Planning, Finance, Procurement and Vendor Management STRATEGIC PLANNING Designing, Developing, and Maintaining an Enterprise Information Security Program Understanding the Enterprise Architecture (EA) FINANCE PROCUREMENT VENDOR MANAGEMENT Summary

Course Information Join our comprehensive three-day programme designed as an invaluable external training opportunity for auditors, audit programme managers, and individuals subject to audits. This course is tailored to foster a deep understanding and cultivate essential skills for auditing the validation of computer systems intended for GxP environments (GLP, GCP, GMP, GDP, GPvP). Commencing with an overview of regulatory prerequisites and the system life cycle, the course swiftly transitions to focus on the pragmatic aspects of auditing computer system validation. Experience a blend of presentations, interactive discussions, and immersive practical workshops throughout the duration of the course. Delegates will benefit from practical examples of how to understand the framework of applicable regulations and guidance. Apply risk management techniques to audit planning Plan and conduct computerised system audits Assess system validation documentation to verify compliance Evaluate data integrity and security issues Prepare for regulatory inspection. The course is structured to encourage delegates to: Discuss and develop ideas Solve specific problems Understand the vulnerabilities of computerised systems Learn how to create a compliance checklist Link system development with good business practice. Is this course for you? Auditors Audit programme managers Individuals subject to audits. Tutors Tutors will be comprised of (click the photos for biographies): Nichola Stevens Director and Principal Consultant, Nuncius Compliance Solutions Ltd Barry McManus Consultancy Partner, Empowerment Quality Engineering Ltd Programme Please note timings may be subject to alteration. Day 1 09:00 Welcome and Introductions 09:45 Why We Validate and Regulatory Trends 10:30 Break 10:45 Audit Overview, High Level Process and Scheduling 11:30 System Lifecycle 12:30 Lunch 13:15 Exercise 1 - Audit Scheduling 14:45 Exercise 1 - Feedback 15:15 Break 15:30 Validation Deliverables 16:30 Risk Assessments 17:30 Close of Day 1 Day 2 09:00 Supplier Assessment 10:30 Break 10:45 Exercise 2 - Planning a Supplier Audit 12:00 Exercise 2 - Feedback 12:30 Lunch 13:15 Exercise 3 - Auditing a Computerised System Validation Package 15:30 Break 15:45 Exercise 3 - Feedback 16:30 Change Control 17:15 Close of Day Day 3 09:00 Infrastructure Qualification 09:45 Maintaining a Validated State - Operational Processes 11:00 Break 11:15 Exercise 4 - Auditing Systems in Operational Use 12:45 Lunch 13:30 Exercise 4 - Feedback 14:15 Exercise 5 - Auditing Trail Review 15:30 Break 15:45 Exercise 5 - Feedback 16:15 Course Objectives Summary and Any Additional Questions 16:45 Close of Course Extra Information Face-to-face course Course Material Course material will be available in PDF format for delegates attending this course. The advantages of this include: Ability for delegates to keep material on a mobile device Ability to review material at any time pre and post course Environmental benefits – less paper being used per course. The material will be emailed in advance of the course and RQA will not be providing any printed copies of the course notes during the training itself. Delegates wishing to have a hard copy of the notes should print these in advance to bring with them. Alternatively delegates are welcome to bring along their own portable devices to view the material during the training sessions. Remote course Course Material This course will be run completely online. You will receive an email with a link to our online system, which will house your licensed course materials and access to the remote event. Please note this course will run in UK timezone. The advantages of this include: Ability for delegates to keep material on a mobile device Ability to review material at any time pre and post course Environmental benefits – less paper being used per course Access to an online course group to enhance networking. You will need a stable internet connection, a microphone and a webcam. CPD Points 19 Points Development Level Develop

Explore "International Security in a Changing World" through live online learning. Join expert-led sessions to understand global security dynamics, emerging threats, and strategic solutions in an interactive, real-time format. Enroll now to stay informed and engaged.

This is the perfect launch pad for a technical career in Cyber Security and fully prepares every delegate for the prestigious Certified Ethical Hacking (CEH) Course that comes next on the Cyber & Hacking Learning Pathways by Nemstar.

Learners will be introduced to the design, installation, commissioning, and maintenance of intruder and hold-up alarm systems.

Duration 3 Days 18 CPD hours This course is intended for This course is intended for security engineers, security architects, and information security professionals. Overview Identify security benefits and responsibilities of using the AWS Cloud Build secure application infrastructures Protect applications and data from common security threats Perform and automate security checks Configure authentication and permissions for applications and resources Monitor AWS resources and respond to incidents Capture and process logs Create and configure automated and repeatable deployments with tools such as AMIs and AWS CloudFormation This course demonstrates how to efficiently use AWS security services to stay secure in the AWS Cloud. The course focuses on the security practices that AWS recommends for enhancing the security of your data and systems in the cloud. The course highlights the security features of AWS key services including compute, storage, networking, and database services. You will also learn how to leverage AWS services and tools for automation, continuous monitoring and logging, and responding to security incidents. Prerequisites We recommend that attendees of this course have: Working knowledge of IT security practices and infrastructure concepts Familiarity with cloud computing concepts Completed AWS Security Essentials and Architecting on AWS courses 1 - Security on AWS Security in the AWS cloud AWS Shared Responsibility Model Incident response overview DevOps with Security Engineering 2 - Identifying Entry Points on AWS Identify the different ways to access the AWS platform Understanding IAM policies IAM Permissions Boundary IAM Access Analyzer Multi-factor authentication AWS CloudTrail 3 - Security Considerations: Web Application Environments Threats in a three-tier architecture Common threats: user access Common threats: data access AWS Trusted Advisor 4 - Application Security Amazon Machine Images Amazon Inspector AWS Systems Manager 5 - Data Security Data protection strategies Encryption on AWS Protecting data at rest with Amazon S3, Amazon RDS, Amazon DynamoDB Protecting archived data with Amazon S3 Glacier Amazon S3 Access Analyzer Amazon S3 Access Points 6 - Securing Network Communications Amazon VPC security considerations Amazon VPC Traffic Mirroring Responding to compromised instances Elastic Load Balancing AWS Certificate Manager 7 - Monitoring and Collecting Logs on AWS Amazon CloudWatch and CloudWatch Logs AWS Config Amazon Macie Amazon VPC Flow Logs Amazon S3 Server Access Logs ELB Access Logs 8 - Processing Logs on AWS Amazon Kinesis Amazon Athena 9 - Security Considerations: Hybrid Environments AWS Site-to-Site and Client VPN connections AWS Direct Connect AWS Transit Gateway 10 - Out-Of-Region Protection Amazon Route 53 AWS WAF Amazon CloudFront AWS Shield AWS Firewall Manager DDoS mitigation on AWS 11 - Security Considerations: Serverless Environments Amazon Cognito Amazon API Gateway AWS Lambda 12 - Threat Detection and Investigation Amazon GuardDuty AWS Security Hub Amazon Detective 13 - Secrets Management on AWS AWS KMS AWS CloudHSM AWS Secrets Manager 14 - Automation and Security by Design AWS CloudFormation AWS Service Catalog 15 - Account Management and Provisioning on AWS AWS Organizations AWS Control Tower AWS SSO AWS Directory Service

Securing Linux systems training course description This course teaches you everything you need to know to build a safe Linux environment. The first section handles cryptography and authentication with certificates, openssl, mod_ssl, DNSSEC and filesystem encryption. Then Host security and hardening is covered with intrusion detection, and also user management and authentication. Filesystem Access control is then covered. Finally network security is covered with network hardening, packet filtering and VPNs. What will you learn Secure Linux accounts. Secure Linux file systems. Secure Linux access through the network. Securing Linux systems training course details Who will benefit: Linux technical staff needing to secure their systems. Prerequisites: Linux system administration (LPIC-1) Duration 5 days Securing Linux systems training course contents Cryptography Certificates and Public Key Infrastructures X.509 certificates, lifecycle, fields and certificate extensions. Trust chains and PKI. openssl. Public and private keys. Certification authority. Manage server and client certificates. Revoke certificates and CAs. Encryption, signing and authentication SSL, TLS, protocol versions. Transport layer security threats, e.g. MITM. Apache HTTPD with mod_ssl for HTTPS service, including SNI and HSTS. HTTPD with mod_ssl to authenticate users using certificates. HTTPD with mod_ssl to provide OCSP stapling. Use OpenSSL for SSL/TLS client and server tests. Encrypted File Systems Block device and file system encryption. dm-crypt with LUKS to encrypt block devices. eCryptfs to encrypt file systems, including home directories and, PAM integration, plain dm-crypt and EncFS. DNS and cryptography DNSSEC and DANE. BIND as an authoritative name server serving DNSSEC secured zones. BIND as an recursive name server that performs DNSSEC validation, KSK, ZSK, Key Tag, Key generation, key storage, key management and key rollover, Maintenance and resigning of zones, Use DANE. TSIG. Host Security Host Hardening BIOS and boot loader (GRUB 2) security. Disable useless software and services, sysctl for security related kernel configuration, particularly ASLR, Exec-Shield and IP / ICMP configuration, Exec-Shield and IP / ICMP configuration, Limit resource usage. Work with chroot environments, Security advantages of virtualization. Host Intrusion Detection The Linux Audit system, chkrootkit, rkhunter, including updates, Linux Malware Detect, Automate host scans using cron, AIDE, including rule management, OpenSCAP. User Management and Authentication NSS and PAM, Enforce password policies. Lock accounts automatically after failed login attempts, SSSD, Configure NSS and PAM for use with SSSD, SSSD authentication against Active Directory, IPA, LDAP, Kerberos and local domains, Kerberos and local domains, Kerberos tickets. FreeIPA Installation and Samba Integration FreeIPA, architecture and components. Install and manage a FreeIPA server and domain, Active Directory replication and Kerberos cross-realm trusts, sudo, autofs, SSH and SELinux integration in FreeIPA. Access Control Discretionary Access Control File ownership and permissions, SUID, SGID. Access control lists, extended attributes and attribute classes. Mandatory Access Control TE, RBAC, MAC, DAC. SELinux, AppArmor and Smack. etwork File Systems NFSv4 security issues and improvements, NFSv4 server and clients, NFSv4 authentication mechanisms (LIPKEY, SPKM, Kerberos), NFSv4 pseudo file system, NFSv4 ACLs. CIFS clients, CIFS Unix Extensions, CIFS security modes (NTLM, Kerberos), mapping and handling of CIFS ACLs and SIDs in a Linux system. Network Security Network Hardening FreeRADIUS, nmap, scan methods. Wireshark, filters and statistics. Rogue router advertisements and DHCP messages. Network Intrusion Detection ntop, Cacti, bandwidth usage monitoring, Snort, rule management, OpenVAS, NASL. Packet Filtering Firewall architectures, DMZ, netfilter, iptables and ip6tables, standard modules, tests and targets. IPv4 and IPv6 packet filtering. Connection tracking, NAT. IP sets and netfilter rules, nftables and nft. ebtables. conntrackd Virtual Private Networks OpenVPN server and clients for both bridged and routed VPN networks. IPsec server and clients for routed VPN networks using IPsec-Tools / racoon. L2TP.

Duration 5 Days 30 CPD hours This course is intended for The primary audiences for this course are the following: • Operators of Juniper Networks security solutions, including network engineers, administrators, support personnel, and resellers. Overview After successfully completing this course, you should be able to: Identify security challenges in today's networks. Identify products that are incorporated into the Juniper Connected Security solution. Explain the value of implementing security solutions. Explain how Juniper Connected Security solves the cyber security challenges of the future. Explain SRX Series session management. Explain Junos ALG functions and when to use them. Describe policy logging on the SRX series device. Explain security policy scheduling. Describe application security theory. Explain application signature usage in AppID. Describe the AppTrack service. Describe the AppFW service. Describe the AppQoS service. Configure security policies using the AppSecure suite of services. Explain unified security policies. Describe IPS signatures. Configure an IPS policy using pre-defined templates. Describe how to update the IPS attack object database. Describe IPS rules and rule bases. Configure custom attack objects. Describe Junos Space and Security Director. Configure policy management using Security Director. Describe Security Director objects. Explain the different licensing options for Sky ATP List Sky ATP's features and benefits. Configure Sky ATP profiles and enroll an SRX Series device. Configure file scanning on Sky ATP. Configure Sky ATP to scan email Configure GeoIP on Sky ATP. Describe the JATP features and benefits List the JATP device options. Explain the JATP architecture. List 3rd party support options for JATP. Explain JATP SmartCore analytics processes. Describe Policy Enforcer configuration options. Describe Policy Enforcer integration with Sky ATP. Configure Policy Enforcer to block lateral malware movement. Explain Juniper Secure Analytics features and benefits. Describe JSA log collection. Describe JSA network flow collection. Describe the JSA Offense Management workspace. Explain the JSA Risk Manager features. Configure JSA to collect network and log collection. Explain the features of JIMS. Describe JIMS integration into the current AD network. Describe the Sky Enterprise service and how it can save resources. Explain the Sky Enterprise monitoring service. Explain the vSRX Series device benefits. Describe use cases for the vSRX. Explain the cSRX Series device benefits. Describe use cases for the cSRX. Describe SSL Proxy Concepts. Explain Forward and Reverse Proxy and the limitations of each. Configure both Forward and Reverse Proxy. This five-day course uses the Junos J-Web, CLI, Junos Space, and other user interfaces to introduce students to the concept of Juniper Connected Security. Chapter 1: Course Introduction Course Introduction Chapter 2: CLI Overview User Interface Options Command-Line Interface Initial Configuration Interface Configuration Lab 1: CLI Overview Chapter 3: Advanced Security Policy Session Management Junos ALGs Policy Scheduling Policy Logging Lab 2: Advanced Security Policy Chapter 4: Application Security Theory Application ID Application Signatures App Track App Firewall App QoS App QoE Chapter 5: Application Security Implementation AppTrack Implementation AppFW Implementation AppQos Implementation APBR Implementation Lab 3: Application Security Chapter 6: Intrusion Detection and Prevention IPS Overview IPS Policy Attack Objects IPS Configuration IPS Monitoring Lab 4: Implementing IPS Chapter 7: Security Director Overview Security Director Objects Security Director Policy Management Lab 5: Security Director Chapter 8: Sky ATP Implementation Architecture and Key Components Features and Benefits Configuration Compromised Hosts Command and Control File Scanning E-mail Scanning Geo IP Security Policy Integration Troubleshooting Lab 6: Sky ATP Implementation Chapter 9: Policy Enforcer Policy Enforcer Concepts Configuration Options Policy Enforcer Installation Lab 7: Policy Enforcer Chapter 10: JATP Overview Traffic Inspection Threat Detection Threat Analysis JATP Architecture Chapter 11: JATP Implementation Data Collectors Configure SmartCore Analytics Engine Log Ingestion Incident Management SRX Threat Prevention 3rd Party support for Threat Prevention Reporting Lab 8: JATP Chapter 12: Juniper Secure Analytics (JSA) JSA Overview Data Collection Log Analytics Threat Analytics Vulnerability Management Risk Management Lab 9: JSA Chapter 13: JIMS JIMS Overview JIMS Integration Lab 10: JIMS Chapter 14: vSRX and cSRX vSRX Overview vSRX Supported Features vSRX Use Cases cSRX Overview Lab 11: vSRX Installation Chapter 15: SSL Proxy SSL Proxy Overview SSL Concepts SSL Proxy Configurations Troubleshooting Lab 12: SSL Proxy Chapter 16: Cluster Concepts Chassis Cluster Concepts Chassis Cluster Operation Chapter 17: Chassis Cluster Implementation Chassis Cluster Configuration Chassis Cluster Advanced Options Lab 13: Chassis Cluster Implementation Chapter 18: Chassis Cluster Troubleshooting Chassis Cluster Case Studies Troubleshooting Examples Lab 14: Chassis Cluster Troubleshooting Additional course details: Nexus Humans JSEC - Junos Security training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the JSEC - Junos Security course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 3 Days 18 CPD hours This course is intended for This course is designed for software developers, testers, and architects who design and develop software in various programming languages and platforms, including desktop, web, cloud, and mobile, and who want to improve their ability to deliver software that is of high quality, particularly regarding security and privacy. This course is also designed for students who are seeking the CertNexus Cyber Secure Coder (CSC) Exam CSC-210 certification Overview In this course, you will employ best practices in software development to develop secure software.You will: Identify the need for security in your software projects. Eliminate vulnerabilities within software. Use a Security by Design approach to design a secure architecture for your software. Implement common protections to protect users and data. Apply various testing methods to find and correct security defects in your software. Maintain deployed software to ensure ongoing security... The stakes for software security are very high, and yet many development teams deal with software security only after the code has been developed and the software is being prepared for delivery. As with any aspect of software quality, to ensure successful implementation, security and privacy issues should be managed throughout the entire software development lifecycle. This course presents an approach for dealing with security and privacy throughout the entire software development lifecycle. You will learn about vulnerabilities that undermine security, and how to identify and remediate them in your own projects. You will learn general strategies for dealing with security defects and misconfiguration, how to design software to deal with the human element in security, and how to incorporate security into all phases of development. Identifying the Need for Security in Your Software Projects Identify Security Requirements and Expectations Identify Factors That Undermine Software Security Find Vulnerabilities in Your Software Gather Intelligence on Vulnerabilities and Exploits Handling Vulnerabilities Handle Vulnerabilities Due to Software Defects and Misconfiguration Handle Vulnerabilities Due to Human Factors Handle Vulnerabilities Due to Process Shortcomings Designing for Security Apply General Principles for Secure Design Design Software to Counter Specific Threats Developing Secure Code Follow Best Practices for Secure Coding Prevent Platform Vulnerabilities Prevent Privacy Vulnerabilities Implementing Common Protections Limit Access Using Login and User Roles Protect Data in Transit and At Rest Implement Error Handling and Logging Protect Sensitive Data and Functions Protect Database Access Testing Software Security Perform Security Testing Analyze Code to find Security Problems Use Automated Testing Tools to Find Security Problems Maintaining Security in Deployed Software Monitor and Log Applications to Support Security Maintain Security after Deployment