1215 Security courses in Sandy delivered Live Online

This training is for lawyers and covers key topics to ensure compliance with the Lexcel standard and other regulations.

Total PHP training course description PHP provides for the creation of dynamic web sites. This hands on training course looks at programming with PHP with an emphasis of building dynamic websites. Forms, state management and database integration are all covered with practicals used throughout the course to reinforce theory sessions. What will you learn Create dynamic web sites using PHP. Write PHP programs. Debug PHP programs. Examine existing code and determine its function. Total PHP training course details Who will benefit: Anyone creating dynamic web sites. Prerequisites: Software development fundamentals Duration 3 days Total PHP training course contents What is PHP? PHP history, dynamic web pages, how PHP works, alternatives to PHP. Downloading and installing PHP. Installing MySQL, installing Apache, platform issues. A first PHP web page A basic PHP script, PHP page structure. PHP comments. Integrating PHP and HTML. PHP forms HTML forms, taking values from forms. PHP and HTML Page inputs, environment inputs. phpinfo(), other form elements, sticky fields, generalised code, tables, forms, form elements, style sheets, JavaScript. Variables operators and expressions Expressions, data types, assignments, scope, constants, HTTP environment variables, getting data from forms using variables. Operators Arithmetic, logical, relational, Boolean, others. Control statements Conditional: if, else, elseif, switch. Loops: while, do while, for, break, continue, exit. Functions Built in functions, declaration, arguments, scope, loading functions from other files, defaulting parameters, call by value/ name. Arrays Indexes, array initialisation, array manipulation, multi dimensional arrays, array functions. String handling What is a string, string functions, matching, extraction, replacement. String operations, cleansing, sprintf, formatting web pages, strops and others, splitting strings, REs. PHP and databases Database structure, Database APIs, MySQL, Creating tables, Editing tables, simple SQL queries using PHP, building HTML tables using SQL queries, SQL injection, security issues, error handling. File I/O Opening, reading, writing files. Permissions, ownership, locking, directories. PHP, cookies and sessions State, Cookie properties, setting cookies, retrieving cookies, expiring/deleting cookies. Sessions, session variables, session IDs. PHP and email Emailing from servers, attachments. Objects OOP, PHP classes, constructors, instances.

Internet of Things training course description A concise overview course covering The Internet of Things and the technologies involved. Particular emphasis is placed on the high level architecture of IoT and the benefits achievable. What will you learn Describe the structure of the IoT List the technologies involved in IoT. Explain how IoT works. Internet of Things training course details Who will benefit: Non-technical staff working with IoT. Prerequisites: None. Duration 1 day Internet of Things training course contents What is IoT The Internet, what is IoT? IoT and M2M, IoT technologies, IoT architecture. Wired and wireless communication. IoT applications; Smart houses, smart cities, smart cars, wearable, environment, other domain specific IoTs. IoT architecture Physical objects, virtual objects, cloud computing, data capture, communications. Big data. Components Hardware, sensors, actuators, chips, firmware, embedded systems. Open source platforms. Power options: Battery, solar, PoE. IoT communication RF, ZigBee, Bluetooth, Bluetooth LE, RFID, WiFi, 802.11ah, mobile technologies. Wired. Arduino (as an example) Microcontrollers, the platform, development, Arduino software, reading from sensors, I2C, SPI. Arduino and the Internet, HTTP, WiFi, GSM. The cloud and IoT: Pachube, nimbits, ThingSpeak Security in IoT Authentication, Encryption, secure booting, firewalls.

Duration 2 Days 12 CPD hours This course is intended for Networking and security professionals involved in the design, implementation, and administration of a network infrastructure using FortiGate devices should attend this course. This course assumes knowledge of basic FortiGate fundamentals. You should have a thorough understanding of all the topics covered in the FortiGate Security course before attending the FortiGate Infrastructure course. Overview After completing this course, the successful student should be able to: Analyze a FortiGate route table Route packets using policy-based and static routes for multipath and load-balanced deployments Divide FortiGate into two or more virtual devices, each operating as an independent FortiGate, by configuring virtual domains (VDOMs) Understand the fundamentals and benefits of using ZTNA Offer an SSL VPN for secure access to your private network Establish an IPsec VPN tunnel between two FortiGate devices Implement a meshed or partially redundant VPN Diagnose failed IKE exchanges Offer Fortinet Single Sign-On (FSSO) access to network services, integrated with Microsoft Active Directory (AD) Deploy FortiGate devices as an HA cluster for fault tolerance and high performance Diagnose and correct common problems In this two-day course, you will learn how to use the most common FortiGate networking and infrastructure features. Topics include features commonly applied in complex or larger enterprise or MSSP networks, such as advanced routing, redundant infrastructure, virtual domains (VDOMs), zero trust network access (ZTNA), SSL VPN, site-to-site IPsec VPN, single sign-on (SSO), and diagnostics. Course Outline 1. Routing 2. Virtual Domains 3. Fortinet Single Sign-On 4. ZTNA 5. SSL VPN 6. IPsec VPN 7. High Availability 8. Diagnostics

Duration 2 Days 12 CPD hours This course is intended for Data Protection OfficersData Protection ManagersAuditorsLegal Compliance OfficersSecurity ManagerInformation ManagersAnyone involved with data protection processes and programs Overview It will show the world that students know privacy laws and regulations and how to apply them, and that students know how to secure your place in the information economy. When students earn a CIPP credential, it means they?ve gained a foundational understanding of broad global concepts of privacy and data protection law and practice, including: jurisdictional laws, regulations and enforcement models; essential privacy concepts and principals; legal requirements for handling and transferring data and more. It will show the world that students know privacy laws and regulations and how to apply them, and that students know how to secure their place in the information economy. When students earn a CIPP credential, it means they've gained a foundational understanding of broad global concepts of privacy and data protection law and practice, including: jurisdictional laws, regulations and enforcement models; essential privacy concepts and principals; legal requirements for handling and transferring data and more. Common Principles and Approaches to Privacy This unit includes a brief discussion about the modern history of privacy, an introduction to types of information, an overview of information risk management and a summary of modern privacy principles. Jurisdiction and Industries This unit introduces the major privacy models employed around the globe and provides an overview of privacy and data protection regulation by jurisdictions and industry sectors. Information Security: Safeguarding Personal Information This unit presents introductions to information security, including definitions, elements, standards, and threats/ vulnerabilities, as well as introductions to information security management and governance, including frameworks, controls, cryptography and identity and access management (IAM). Online Privacy: Using Personal Information on Websites and with Other Internet-related Technologies This unit focuses on the web as a platform, as well as privacy considerations for sensitive online information, including policies and notices, access, security, authentication and data collection. Additional topics include children?s online privacy, email, searches, online marketing and advertising, social media, online assurance, cloud computing and mobile devices. Canadian Legal Framework This unit provides an introduction to the Canadian legal system. It includes enforcement agencies and their powers, privacy basics from a Canadian perspective and the underlying framework for Canadian privacy law and practice. Canadian Private-sector Privacy Laws This unit focuses on the Canadian legal system. It includes enforcement agencies and their powers, privacy basics from a Canadian perspective and the underlying framework for Canadian privacy law and practice. Canadian Public-sector Privacy Laws This unit highlights key concepts and practices related to the collection, retention, use, disclosure and disposal of personal information by federal, provincial and territorial governments. Health Information Privacy Laws This unit touches on the applicability and purpose of health information privacy laws. Private-sector Compliance Practices This unit delves into the components that make up compliance regulations, including Generally Accepted Privacy Principals and security breach notification, and also examines compliance track records and Federal Commissioner Findings. Public-sector Compliance Practices This unit presents the various methods that can be implemented for compliance in the public sector, such as privacy impact assessments and data sharing agreements. In addition, it discusses the challenges presented by digital information exchanges, as well as non-legislative considerations. Health-sector Compliance Practices This unit covers the issues presented with digital compliance in the health sector. Additional course details: Nexus Humans Certified Information Privacy Professional (CIPP/CAN) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Certified Information Privacy Professional (CIPP/CAN) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Linux engineer certification training course description LPIC-2 is the second certification in LPI's multi level professional certification program. This course teaches the skills necessary to pass the LPI 201 exam; the first of two LPIC-2 exams. Specifically, the course covers the administration of Linux systems in small to medium sized mixed networks. What will you learn Perform advanced administration tasks. Perform advanced file system administration. Linux engineer certification training course details Who will benefit: Linux administrators. Prerequisites: Linux system administration (LPIC-1) Duration 5 days Linux engineer certification fundamentals training course contents Part I The LPI 201 Exam Starting a System The Linux Boot Process, Firmware Startup, BIOS Startup, UEFI Startup, Linux Bootloaders, GRUB Legacy, GRUB 2, Alternative Bootloaders, Secure Bootloaders, Process Initialization, SysV Method, systemd Method, Upstart Method, System Recovery, Kernel Failures, Root Drive Failure. Maintaining the System Fluid Messaging, Static Messaging, System backups, Backup Strategies, Performing Backups, Installing Programs from Source, Obtaining and unpacking Installation Files, Compiling Programs, Resource Usage: Managing, measuring, predicting and troubleshooting. Mastering the Kernel What Is the Kernel? Kernel Features, Parts of the Kernel, Kernel Versions, Obtaining Source Code, Creating the Configuration File, Compiling and Installing the Kernel, Compiling and Installing Modules, Creating an Initial RAM Disk, Booting the New Kernel, Creating a Kernel Package, Maintaining the Kernel, Working with Module Files, Module Commands, Working with Hardware, Automatically Detecting Hardware, Troubleshooting the Kernel. Managing the Filesystem The Linux Filesystem, Filesystem Structures, Filesystem Types, Making Filesystems, Attaching Filesystems, Memory-Based Linux Filesystems, the Btrfs Filesystem, Btrfs Subvolumes, Btrfs Snapshots, Optical Filesystems, Swap Filesystems, Network-Based Filesystems, Auto-Mounting, Encrypted Filesystems, Maintaining Linux Filesystems, Adjusting a Filesystem, Checking and Repairing a Filesystem, SMART. Administering Advanced Storage Devices Configuring RAID, Implementing RAID on Linux, Managing a RAID Array, Adjusting Storage Devices, Looking at Drive Interface Concepts, Testing and Tuning Drives, Implementing iSCSI, Managing Logical Volumes, LVM, Creating Logical Volumes, Supporting Logical Volumes, Understanding the Device Mapper. Navigating Network Services Networking Basics, The Physical Layer, The Network Layer, The Transport Layer, The Application Layer, Configuring Network Features, Network Configuration Files, Graphical Tools, Command-Line Tools, Basic Network Troubleshooting, Checking the Log Files, the ARP Cache, Sending Test Packets, Testing Network Routes, Testing Client/Server Connectivity, Finding Host Information, Network Security, Advanced Network Troubleshooting, Viewing Open Network Connections, Viewing Network Statistics, Scanning the Network, Capturing Network Traffic.

About this Virtual Instructor Led Training (VILT) This Virtual Instructor Led Training (VILT) course presents advanced methodologies that implement demand response and energy conservation programs in light of the integration of new technologies, regulatory changes and the accelerated penetration of renewable energy resources. This VILT course provides examples and case studies from North American and European jurisdictions covering the operational flexibilities on the demand side including requirements for new building codes to achieve zero net energy. The course describes a public agency's goals and objectives for conserving and otherwise reducing energy consumption and managing its demand for energy. This course presents the demand response implemented for economics and system security such as system balancing and relieving transmission congestion, or for system adequacy. The course also presents the principal attributes of conservation programs and the associated success criteria. In a system with increased penetration of renewable resources, demand response provides flexibility to system operators, helping them to maintain the reliability and the security of supply. Demand response is presented as a competitive alternative to additional power sources, enhancing competition and liquidity in electricity markets. The unique characteristics are discussed from a local, consumer centric and also from a system perspective bringing to life the ever changing paradigm for delivery energy to customers. Interoperability aspects and standards are discussed, as well as the consumer centric paradigm of Transactive Energy with IOT enabled flexibilities at system level, distribution networks and microgrids. The VILT course introduces the blockchain as a new line of defense against cyber threats and its increasing application in P2P transactions and renewable certificates. Our trainer's industry experience spans three decades with one of the largest Canadian utilities where she led or contributed to large operational studies and energy policies and decades of work with IEEE, NSERC and CIGRE. Our key expert also approaches to the cross sectional, interdisciplinary state of the art methodologies brings real life experience of recent industry developments. Training Objectives Innovative Digital Technologies How systems Facilitate Operational Flexibility on the Demand Side The Ecosystem of Demand Side Management Programs Advanced Machine Learning techniques with examples from CAISO Regulatory Policy Context and how to reduce regulatory barriers Industry Examples from NERC and ENTSO Relevant Industry standards: IEEE and IEC Manage Congestion with Distributed Operational Flexibilities: Grid to Distribution Controls; examples from NERC (NA) and ENTSO (Europe) Grid solutions with IEC 61850 communication protocols Decentralized grid controls The New Grid with accelerated V2G and Microgrids How DSM is and will be applied in Your System: Examples and discussions Target Audience Regulators and government agencies advising on public energy conservation programs All professionals interested in expanding their expertise, or advancing their career, or take on management and leadership roles in the rapidly evolving energy sector Energy professionals implementing demand side management, particularly in power systems with increased renewable penetration, to allow the much needed operational flexibility paramount to maintaining the reliability and stability of the power system and in the same time offering all classes of customers flexible and economical choices Any utility professional interested in understanding the new developments in the power industry Course Level Basic or Foundation Training Methods The VILT course will be delivered online in 5 half-day sessions comprising 4 hours per day, with 2 x 10 minutes break per day, including time for lectures, discussion, quizzes and short classroom exercises. Course Duration: 5 half-day sessions, 4 hours per session (20 hours in total). Trainer Your first expert course leader is a Utility Executive with extensive global experience in power system operation and planning, energy markets, enterprise risk and regulatory oversight. She consults on energy markets integrating renewable resources from planning to operation. She led complex projects in operations and conducted long term planning studies to support planning and operational reliability standards. Specializing in Smart Grids, Operational flexibilities, Renewable generation, Reliability, Financial Engineering, Energy Markets and Power System Integration, she was recently engaged by the Inter-American Development Bank/MHI in Guyana. She was the Operations Expert in the regulatory assessment in Oman. She is a registered member of the Professional Engineers of Ontario, Canada. She is also a contributing member to the IEEE Standards Association, WG Blockchain P2418.5. With over 25 years with Ontario Power Generation (Revenue $1.2 Billion CAD, I/S 16 GW), she served as Canadian representative in CIGRE, committee member in NSERC (Natural Sciences and Engineering Research Council of Canada), and Senior Member IEEE and Elsevier since the 90ties. Our key expert chaired international conferences, lectured on several continents, published a book on Reliability and Security of Nuclear Power Plants, contributed to IEEE and PMAPS and published in the Ontario Journal for Public Policy, Canada. She delivered seminars organized by the Power Engineering Society, IEEE plus seminars to power companies worldwide, including Oman, Thailand, Saudi Arabia, Malaysia, Indonesia, Portugal, South Africa, Japan, Romania, and Guyana. Your second expert course leader is the co-founder and Director of Research at Xesto Inc. Xesto is a spatial computing AI startup based in Toronto, Canada and it has been voted as Toronto's Best Tech Startup 2019 and was named one of the top 10 'Canadian AI Startups to Watch' as well as one of 6th International finalists for the VW Siemens Startup Challenge, resulting in a partnership. His latest app Xesto-Fit demonstrates how advanced AI and machine learning is applied to the e-commerce industry, as a result of which Xesto has been recently featured in TechCrunch. He specializes in both applied and theoretical machine learning and has extensive experience in both industrial and academic research. He is specialized in Artificial Intelligence with multiple industrial applications. At Xesto, he leads projects that focus on applying cutting edge research at the intersection of spatial analysis, differential geometry, optimization of deep neural networks, and statistics to build scalable rigorous and real time performing systems that will change the way humans interact with technology. In addition, he is a Ph.D candidate in the Mathematics department at UofT, focusing on applied mathematics. His academic research interests are in applying advanced mathematical methods to the computational and statistical sciences. He earned a Bachelor's and MSc in Mathematics, both at the University of Toronto. Having presented at research seminars as well as instructing engineers on various levels, he has the ability to distill advanced theoretical concept to diverse audiences on all levels. In addition to research, our key expert is also an avid traveler and plays the violin. POST TRAINING COACHING SUPPORT (OPTIONAL) To further optimise your learning experience from our courses, we also offer individualized 'One to One' coaching support for 2 hours post training. We can help improve your competence in your chosen area of interest, based on your learning needs and available hours. This is a great opportunity to improve your capability and confidence in a particular area of expertise. It will be delivered over a secure video conference call by one of our senior trainers. They will work with you to create a tailor-made coaching program that will help you achieve your goals faster. Request for further information about post training coaching support and fees applicable for this. Accreditions And Affliations

Advanced TCP/IP training course description An intensive advanced TCP/IP course focusing on the details of the protocols according to the RFCs. This course is designed to go into the technical details of the protocols and is not for those that are new to TCP/IP. A particular focus is on TCP and performance. Those more interested in routing protocols should see our Definitive IP routing for engineers course. It is expected that delegates are totally familiar with configuration addressing. Hands on sessions consist of protocol analysis using Wireshark. What will you learn Analyse packets and protocols in detail. Troubleshoot networks using Wireshark. Find performance problems using Wireshark. Perform network forensics. Advanced TCP/IP training course details Who will benefit: Advanced technical staff. Prerequisites: TCP/IP Foundation for engineers Duration 5 days Advanced TCP/IP training course contents IP Fragmentation and MTU issues, Path MTU discovery, Geolocation, unusual IP addresses, forwarding broadcasts, DiffServ, DSCP, ECN, assured and expedited forwarding. TTL usage in traceroute, Protocol field. Sanitising IP addresses in trace files. Wireshark and checksum errors. IPv6 The header. Extension headers. Traffic class and flow labels. Tunnelling. IPv6 and fragmentation. ARP Requests, responses, gratuitous ARP, Proxy ARP, ARP poisoning. ICMP ping, Round Trip Times, ICMP redirect, ICMP router advertisement and solicitation, Time Exceeded, Destination unreachable. ICMPv6: Similarity to ICMPv4, Neighbor discovery and the replacement of ARP. MLD. First hop redundancy ICMP discovery, HSRP, VRRP, GLBP. IGMP Multicast overview, multicast architecture, multicast addresses, IGMP v1, IGMPv2, IGMPv3. UDP Use in broadcasts and multicasts. Port numbers. TCP Connections, RST, FIN, sequence numbering, packet loss recovery, Fast recovery, RTO timeout, SACK, TCP flow control, receive window, congestion window, van Jacobsen, nagle, delayed ACKs, PSH, URG, TCP options, MSS, Window scaling, TCP timestamps. Congestion notification. Hands on Troubleshooting with sequence numbers, Wireshark IO and TCP graphs to analyse performance. Window size issues. DHCP DHCP header. Relationship to BOOTP. Discover, offer, request, decline, ACK, release. Lease, renewal and rebind times. Relay agents. DHCPv6 DNS Names and addresses, Resource Records, queries, responses, problems. MDNS. HTTP Requests, methods, request modifiers, response codes. HTTPS. SSL, TLS. Proxies. Hands on Redirects, recreating pages from packets. FTP Commands, responses, passive/active mode. Email SMTP, POP3, IMAP, commands responses. Voice and Video RTP, RTCP, SIP. IP PBXs. Traffic flows. Hands on Voice playback. SNMP MIBs, GET, TRAP, polling. Performance Baselining, high latency, Wireshark and timings, packet loss, redirections, small packets, congestion, name resolution. Security Network forensics, scanning and discovery, suspect traffic. IPsec, SSH.

Supporting Microsoft IIS training course description This course provides students with the fundamental knowledge and skills to configure and manage Internet Information Services. This course is intended to help provide pre-requisite skills supporting a broad range of Internet web applications, security, and knowledge to help support other products that use IIS such as Exchange and SharePoint. What will you learn Install IIS. Configure IIS. Secure websites. Maintain IIS. Supporting Microsoft IIS training course details Who will benefit: Technical staff working with Microsoft IIS. Prerequisites: TCP/IP foundation for engineerss Supporting Windows ( XP or 2000 or 2003) Duration 5 days Supporting Microsoft IIS course contents Overview and Installing IIS Web Server infrastructure, installing IIS. Hands on Default install of IIS, verify and test.. Configuring the default website Default website, IIS Manager, default IIS file structure, configuring DNS records for a website, creating virtual directories and Applications. Hands on Configuring the Default website for public access. Creating Virtual Directories and Applications. Application Pools Application Pool Architecture, Application Pool recycling. Hands on Creating and managing Application Pools. Creating additional websites Multiple websites on a single server, website bindings. Hands on Creating new websites. Website and Web application support Configuring Common features, adding support for web applications. Hands on Adding support for web applications. Securing Websites and applications Access control, sites, applications, authentication and permissions. URL authorization rules. Hands on Configuring Authentication and permissions. Securing Data Transmissions with SSL Certificates and SSL, creating certificates for a web server, adding a certificate to a website. Hands on Certificates and HTTPS. Using the Central Certificate Store The Central Certificate Store. Hands on Install and configure the Central Certificate Store. Configuring Remote Administration Installing and Configuring the Management Service. Connecting to remote web servers and websites. Delegating Management Access. Hands on Remote administration. Implementing FTP Implementing FTP, configuring an FTP site. Hands on Install and configure a secured FTP site. Monitoring IIS IMonitoring IIS logs with Log Parser. Hands on Analyze a set of IIS log files for possible issues using Log Parser. Analyze performance data for performance related problems using PerfMon. Backing up and Restoring IIS The IIS environment. Hands on Performing a backup and restore of a website. Building Load-Balanced Web Farms Load-balancing mechanisms, building a Load-Balanced Web Farm using ARR, sharing content to a Web Farm using a network share, Sharing content to a Web Farm using DFS-R, Sharing IIS Configurations in a Web Farm. Hands on Installing and configuring ARR, sharing content to a Web Farm using network share and DFS-R, sharing IIS Configurations in a Web Farm.

Duration 4 Days 24 CPD hours This course is intended for This course is intended for security and network administrators who will be responsible for the installation, deployment, tuning, and day-to-day maintenance of the F5 Advanced Web Application Firewall. In this 4 day course, students are provided with a functional understanding of how to deploy, tune, and operate F5 Advanced Web Application Firewall to protect their web applications from HTTP-based attacks. The course includes lecture, hands-on labs, and discussion about different F5 Advanced Web Application Firewall tools for detecting and mitigating threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero day exploits. Module 1: Setting Up the BIG-IP System Introducing the BIG-IP System Initially Setting Up the BIG-IP System Archiving the BIG-IP System Configuration Leveraging F5 Support Resources and Tools Module 2: Traffic Processing with BIG-IP Identifying BIG-IP Traffic Processing Objects Overview of Network Packet Flow Understanding Profiles Overview of Local Traffic Policies Visualizing the HTTP Request Flow Module 3: Web Application Concepts Overview of Web Application Request Processing Web Application Firewall: Layer 7 Protection F5 Advanced WAF Layer 7 Security Checks Overview of Web Communication Elements Overview of the HTTP Request Structure Examining HTTP Responses How F5 Advanced WAF Parses File Types, URLs, and Parameters Using the Fiddler HTTP Proxy Module 4: Common Web Application Vulnerabilities A Taxonomy of Attacks: The Threat Landscape What Elements of Application Delivery are Targeted? Common Exploits Against Web Applications Module 5: Security Policy Deployment Defining Learning Comparing Positive and Negative Security Models The Deployment Workflow Policy Type: How Will the Policy Be Applied Policy Template: Determines the Level of Protection Policy Templates: Automatic or Manual Policy Building Assigning Policy to Virtual Server Deployment Workflow: Using Advanced Settings Selecting the Enforcement Mode The Importance of Application Language Configure Server Technologies Verify Attack Signature Staging Viewing Requests Security Checks Offered by Rapid Deployment Defining Attack Signatures Using Data Guard to Check Responses Module 6: Policy Tuning and Violations Post-Deployment Traffic Processing Defining Violations Defining False Positives How Violations are Categorized Violation Rating: A Threat Scale Defining Staging and Enforcement Defining Enforcement Mode Defining the Enforcement Readiness Period Reviewing the Definition of Learning Defining Learning Suggestions Choosing Automatic or Manual Learning Defining the Learn, Alarm and Block Settings Interpreting the Enforcement Readiness Summary Configuring the Blocking Response Page Module 7: Attack Signatures & Threat Campaigns Defining Attack Signatures Attack Signature Basics Creating User-Defined Attack Signatures Defining Simple and Advanced Edit Modes Defining Attack Signature Sets Defining Attack Signature Pools Understanding Attack Signatures and Staging Updating Attack Signatures Defining Threat Campaigns Deploying Threat Campaigns Module 8: Positive Security Policy Building Defining and Learning Security Policy Components Defining the Wildcard Defining the Entity Lifecycle Choosing the Learning Scheme How to Learn: Never (Wildcard Only) How to Learn: Always How to Learn: Selective Reviewing the Enforcement Readiness Period: Entities Viewing Learning Suggestions and Staging Status Violations Without Learning Suggestions Defining the Learning Score Defining Trusted and Untrusted IP Addresses How to Learn: Compact Module 9: Cookies and Other Headers F5 Advanced WAF Cookies: What to Enforce Defining Allowed and Enforced Cookies Configuring Security Processing on HTTP headers Module 10: Reporting and Logging Overview: Big Picture Data Reporting: Build Your Own View Reporting: Chart based on filters Brute Force and Web Scraping Statistics Viewing F5 Advanced WAF Resource Reports PCI Compliance: PCI-DSS 3.0 The Attack Expert System Viewing Traffic Learning Graphs Local Logging Facilities and Destinations How to Enable Local Logging of Security Events Viewing Logs in the Configuration Utility Exporting Requests Logging Profiles: Build What You Need Configuring Response Logging Module 11: Lab Project 1 Lab Project 1 Module 12: Advanced Parameter Handling Defining Parameter Types Defining Static Parameters Defining Dynamic Parameters Defining Dynamic Parameter Extraction Properties Defining Parameter Levels Other Parameter Considerations Module 13: Automatic Policy Building Overview of Automatic Policy Building Defining Templates Which Automate Learning Defining Policy Loosening Defining Policy Tightening Defining Learning Speed: Traffic Sampling Defining Track Site Changes Lesson 14: Web Application Vulnerability Scanner Integration Integrating Scanner Output Importing Vulnerabilities Resolving Vulnerabilities Using the Generic XML Scanner XSD file Lesson 15: Deploying Layered Policies Defining a Parent Policy Defining Inheritance Parent Policy Deployment Use Cases Lesson 16: Login Enforcement and Brute Force Mitigation Defining Login Pages for Flow Control Configuring Automatic Detection of Login Pages Defining Session Tracking Brute Force Protection Configuration Source-Based Brute Force Mitigations Defining Credentials Stuffing Mitigating Credentials Stuffing Lesson 17: Reconnaissance with Session Tracking Defining Session Tracking Configuring Actions Upon Violation Detection Lesson 18: Layer 7 DoS Mitigation Defining Denial of Service Attacks Defining the DoS Protection Profile Overview of TPS-based DoS Protection Creating a DoS Logging Profile Applying TPS Mitigations Defining Behavioral and Stress-Based Detection Lesson 19: Advanced Bot Protection Classifying Clients with the Bot Defense Profile Defining Bot Signatures Defining Proactive Bot Defense Defining Behavioral and Stress-Based Detection Defining Behavioral DoS Mitigation Lesson 20: Form Encryption using DataSafe Targeting Elements of Application Delivery Exploiting the Document Object Model Protecting Applications Using DataSafe The Order of Operations for URL Classification Lesson 21: Review and Final Labs Review and Final Labs