1215 Security courses in Thame delivered Live Online

Microsoft security training course description A hands on training course focusing on security in the Microsoft environment. The course progresses from patch management onto the use of Microsoft security tools. Then server, desktop and network security are studied in the Microsoft environment. What will you learn Use Microsoft security tools. Secure Microsoft servers. Secure Microsoft desktops. Secure Microsoft networks. Microsoft security training course details Who will benefit: Technical server support staff. Technical desktop support staff. Technical network staff. Technical security staff. Prerequisites: Supporting Windows server 2016 Networking Microsoft systems. Duration 3 days Microsoft security training course contents Introduction Security threats, Microsoft defaults, admin accounts, security patches, patch management, patch tools. Hands on: Studying Microsoft defaults, applying security patches. Microsoft security tools Microsoft updates, WSUS, Inventory tool, baseline security analyser, URLscan, EventCombMT, Cipher security tool, Port reporter, PortQry. Tools hackers use. Hands on: Using Microsoft security tools. Server security Checklists, core server security, AD, Member server security, Domain controller security, Specific roles. Hands on Hardening Microsoft servers, security templates. Active Directory Admin authority in AD, group policy, trust and authentication. Desktop security Checklists, core client security, anti virus software, anti spyware software, firewalls, securing clients with AD, securing clients with group policy, software restriction policies. Hands on Securing Microsoft desktops. Network security Checklist, IP security, VPNs, PKI, certificate authorities, RAS, RRAS, IAS. Hands on: VPN configuration, IAS configuration. Monitoring Auditing, authorisation and logons, tracking, system monitoring, detecting attacks. Hands on: Monitoring Microsoft systems. Summary Microsoft security response centre, security advisories.

Duration 2 Days 12 CPD hours This course is intended for Security professionals, System engineers, channel partners, service partners, and end users with one-or-more years of experience in implementing IT security technologies (Network, Applications, and Systems) Overview This course will enable students to configure, monitor, manage, and optimize the SonicWall Next-Gen firewall appliances running SonicOS to effectively defend against evolving and emerging network and cyber security threats. Upon completion of the course, the students will be able to configure the SonicWall firewall for Secure and Remote Connectivity, Network Optimization, and Advanced Threat Protection. The SonicWall Network Security Administration course provides students the required background, knowledge and hand-on experience to begin designing, implementing and troubleshooting SonicWall Network Security Appliances running SonicOS firmware. ÿThe SNSA course and certification replaces the NSBA course and the CSSA certification. The NSBA course will End-of-Life on June 30th, 2018. The CSSA certification will continue to be valid for 2 years after successfully passing the examination. Course Outline The instructor-guided portion of theÿcurriculum provides a suite of intensive ILTÿscenario-based sessions, wherein you learn to configure, manage, and monitor aÿSonicWall Next-Gen firewall in a risk-free lab environment Additional course details: Nexus Humans SonicWALL Network Security Administrator - SNSA - NA training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the SonicWALL Network Security Administrator - SNSA - NA course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for This course is recommended for technical professionals who need to install, configure, and manage multiple security domains within their network security environment. Overview Discuss challenges associated with securing large-scale business organizations with distributed network environments. Describe the Check Point Multi-Domain Security Management solution and its benefits. Understand the components of MDSM and how they work together to help administrators manage multiple network security environments within a single management framework. Understand how to install and configure the Multi-Domain Security Management environment. Describe how to implement Management High Availability within the MDSM environment. Discuss the two types of log server options used to store logs in the Multi-Domain Security Management environment, and how they differ. Understand how to manage and view Multi-Domain activity logs in SmartConsole. Understand how to configure and implement Global Policy to manage rules for multiple domains. Identify various MDSM command line tools commonly used to retrieve information and perform configuration changes on a MDSM Server. Describe troubleshooting tools to use for addressing MDSM Server issues. Understand how VSX works and how to integrate the technology within the MDSM environment. This course provides a comprehensive understanding of the Check Point Multi-Domain Security Management solution and describes how to deploy it within the corporate network environment. Course Outline Multi-Domain Security Management MDSM Installation and Configuration MDSM Log Management Global Policy Management MDSM Troubleshooting Incorporating VSX

Securing UNIX systems training course description This course teaches you everything you need to know to build a safe Linux environment. The first section handles cryptography and authentication with certificates, openssl, mod_ssl, DNSSEC and filesystem encryption. Then Host security and hardening is covered with intrusion detection, and also user management and authentication. Filesystem Access control is then covered. Finally network security is covered with network hardening, packet filtering and VPNs. What will you learn Secure UNIX accounts. Secure UNIX file systems. Secure UNIX access through the network. Securing UNIX systems course details Who will benefit: Linux technical staff needing to secure their systems. Prerequisites: Linux system administration (LPIC-1) Duration 5 days Securing UNIX systems course contents Cryptography Certificates and Public Key Infrastructures X.509 certificates, lifecycle, fields and certificate extensions. Trust chains and PKI. openssl. Public and private keys. Certification authority. Manage server and client certificates. Revoke certificates and CAs. Encryption, signing and authentication SSL, TLS, protocol versions. Transport layer security threats, e.g. MITM. Apache HTTPD with mod_ssl for HTTPS service, including SNI and HSTS. HTTPD with mod_ssl to authenticate users using certificates. HTTPD with mod_ssl to provide OCSP stapling. Use OpenSSL for SSL/TLS client and server tests. Encrypted File Systems Block device and file system encryption. dm-crypt with LUKS to encrypt block devices. eCryptfs to encrypt file systems, including home directories and, PAM integration, plain dm-crypt and EncFS. DNS and cryptography DNSSEC and DANE. BIND as an authoritative name server serving DNSSEC secured zones. BIND as an recursive name server that performs DNSSEC validation, KSK, ZSK, Key Tag, Key generation, key storage, key management and key rollover, Maintenance and resigning of zones, Use DANE. TSIG. Host Security Host Hardening BIOS and boot loader (GRUB 2) security. Disable useless software and services, sysctl for security related kernel configuration, particularly ASLR, Exec-Shield and IP / ICMP configuration, Exec-Shield and IP / ICMP configuration, Limit resource usage. Work with chroot environments, Security advantages of virtualization. Host Intrusion Detection The Linux Audit system, chkrootkit, rkhunter, including updates, Linux Malware Detect, Automate host scans using cron, AIDE, including rule management, OpenSCAP. User Management and Authentication NSS and PAM, Enforce password policies. Lock accounts automatically after failed login attempts, SSSD, Configure NSS and PAM for use with SSSD, SSSD authentication against Active Directory, IPA, LDAP, Kerberos and local domains, Kerberos and local domains, Kerberos tickets. FreeIPA Installation and Samba Integration FreeIPA, architecture and components. Install and manage a FreeIPA server and domain, Active Directory replication and Kerberos cross-realm trusts, sudo, autofs, SSH and SELinux integration in FreeIPA. Access Control Discretionary Access Control File ownership and permissions, SUID, SGID. Access control lists, extended attributes and attribute classes. Mandatory Access Control TE, RBAC, MAC, DAC. SELinux, AppArmor and Smack. etwork File Systems NFSv4 security issues and improvements, NFSv4 server and clients, NFSv4 authentication mechanisms (LIPKEY, SPKM, Kerberos), NFSv4 pseudo file system, NFSv4 ACLs. CIFS clients, CIFS Unix Extensions, CIFS security modes (NTLM, Kerberos), mapping and handling of CIFS ACLs and SIDs in a Linux system. Network Security Network Hardening FreeRADIUS, nmap, scan methods. Wireshark, filters and statistics. Rogue router advertisements and DHCP messages. Network Intrusion Detection ntop, Cacti, bandwidth usage monitoring, Snort, rule management, OpenVAS, NASL. Packet Filtering Firewall architectures, DMZ, netfilter, iptables and ip6tables, standard modules, tests and targets. IPv4 and IPv6 packet filtering. Connection tracking, NAT. IP sets and netfilter rules, nftables and nft. ebtables. conntrackd Virtual Private Networks OpenVPN server and clients for both bridged and routed VPN networks. IPsec server and clients for routed VPN networks using IPsec-Tools / racoon. L2TP.

The Alarm Installation Course is designed to teach participants how to install an intruder alarm system in domestic, commercial or industrial premises. The Alarm Installation Course simulates the practical installation of many different alarm control panels. The course is designed to equip students with the skills and expertise to competently install a wide variety of Alarm systems on the market.

Duration 3 Days 18 CPD hours This course is intended for Experienced system administrators or network administrators and security professionals Overview By the end of the course, you should be able to meet the following objectives: Describe NSX Advanced Load Balancer architecture Describe the NSX Advanced Load Balancer components and main functions Explain the NSX Advanced Load Balancer key features and benefits Describe NSX Advanced Load Balancer Web Application Firewall architecture Describe the NSX Advanced Load Balancer Web Application Firewall components and main functions Explain the NSX Advanced Load Balancer Web Application Firewall key features and benefits Explain and configure Local Load Balancing constructors such as Virtual Services, Pools, Health Monitors and related components Understand and modify application behavior leveraging Profiles, Policies and DataScripts Configure and customize the NSX Advanced Load Balancer Web Application Firewall Describe and leverage NSX Advanced Load Balancer REST API interfaces and related automation capabilities Describe and configure NSX Advanced Load Balancer Web Application Firewall application and infrastructure monitoring Gather relevant information and perform basic troubleshooting of Web Application Firewall applications leveraging built-in NSX Advanced Load Balancer tooling This three-day course provides comprehensive training on how to configure, maintain and troubleshoot the Web Application Firewall component of the VMware NSX Advanced Load Balancer (Avi Networks) solution as well as provide an understanding of additional security related functionality. This course covers key NSX Advanced Load Balancer (Avi Networks) Web Application Firewall features and functionality offered in the NSX Advanced Load Balancer 18.2 release, including the overall infrastructure, virtual services and application components as well as application troubleshooting and solution monitoring. Access to a software-defined data center environment is provided through hands-on labs to reinforce the skills and concepts presented in the course. Course Introduction Introductions and course logistics Course objectives Introduction to NSX Advanced Load Balancer Introduce NSX Advanced Load Balancer Discuss NSX Advanced Load Balancer use cases and benefits Explain NSX Advanced Load Balancer architecture and components Explain the management, control, data, and consumption planes and their respective functions Introduction to NSX ALB Web Application Firewall Introduce the NSX Advanced Load Balancer Web Application Firewall Discuss NSX Advanced Load Balancer Web Application Firewall use cases and benefits Virtual Services Configuration Concepts Explain Virtual Service components Explain Virtual Service types Explain and configure basic virtual services components such as Application Profiles, Network Profiles, Pools and Health Monitors Attacking and Defending Web Applications Introduce the processes and methodologies used when attacking and defending web applications Introduce the tools used to attack web applications Explain with examples terminology such as Reflected XSS and SQL injection Profiles and Policies Explain and deep dive on Advanced Virtual Service creation Explain and deep dive on Application Profiles and Types such as L4, DNS, Syslog and HTTP Explain and configure advanced application HTTP Profile options Deep dive on Network Profiles and Types Explain and configure SSL Profiles and Certificates Explain and Configure HTTP and DNS policies DDOS Protection Introduce the NSX Advanced Load Balancer rate limiting functionality Explain the NSX Advanced Load Balancer rate limiting functionality Hands on examples of rate limiting in action Customizing Application Delivery with Datascripts Introduce the concept of datascripts to manipulate data Explain the various components and inspection points IWAF Deep Dive Describe the building blocks of the iWAF implementation Explain the various iWAF components Introduce both Positive and Negative security models Explain the iWAF Policies, profiles and rule sets IWAF Core Rule Set Explain the history and rationale of the core rule set Describe the NSX ALB (Avi) Core Rule Set IWAF Custom Rules Describe the power and complexity available via custom rules Explain the rule language Implement various use cases Explain common errors and possible solutions IWAF Operations Describe the iWAF application onboarding process Tuning the iWAF policies Working with iWAF logs and analytics Explaining false positive mitigation tactics IWAF Best Practices Provide guidance on how to get the best results Additional course details:Notes Delivery by TDSynex, Exit Certified and New Horizons an VMware Authorised Training Centre (VATC) Nexus Humans VMware NSX Advanced Load Balancer: Web Application Firewall Security training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the VMware NSX Advanced Load Balancer: Web Application Firewall Security course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 4 Days 24 CPD hours This course is intended for This course is for experienced cloud security engineers who have taken a previous certification in the security, compliance and identity portfolio. Specifically, students should have advanced experience and knowledge in a wide range of security engineering areas, including identity and access, platform protection, security operations, securing data, and securing applications. They should also have experience with hybrid and cloud implementations. Beginning students should instead take the course SC-900: Microsoft Security, Compliance, and Identity Fundamentals. This is an advanced, expert-level course. Although not required to attend, students are strongly encouraged to have taken and passed another associate level certification in the security, compliance and identity portfolio (such as AZ-500, SC-200 or SC-300) before attending this class. This course prepares students with the expertise to design and evaluate cybersecurity strategies in the following areas: Zero Trust, Governance Risk Compliance (GRC), security operations (SecOps), and data and applications. Students will also learn how to design and architect solutions using zero trust principles and specify security requirements for cloud infrastructure in different service models (SaaS, PaaS, IaaS). Prerequisites Highly recommended to have attended and passed one of the associate level certifications in the security, compliance and identity portfolio (such as AZ-500T00 Microsoft Azure Security Technologies, SC-200T00: Microsoft Security Operations Analyst, or SC-300T00: Microsoft Identity and Access Administrator.) Advanced experience and knowledge in identity and access, platform protection, security operations, securing data and securing applications. Experience with hybrid and cloud implementations. 1 - Introduction to Zero Trust and best practice frameworks Zero Trust initiatives Zero Trust technology pillars part 1 Zero Trust technology pillars part 2 2 - Design solutions that align with the Cloud Adoption Framework (CAF) and Well-Architected Framework (WAF) Define a security strategy Cloud Adoption Framework secure methodology Design security with Azure Landing Zones The Well-Architected Framework security pillar 3 - Design solutions that align with the Microsoft Cybersecurity Reference Architecture (MCRA) and Microsoft cloud security benchmark (MCSB) Design solutions with best practices for capabilities and controls Design solutions with best practices for attack protection 4 - Design a resiliency strategy for common cyberthreats like ransomware Common cyberthreats and attack patterns Support business resiliency Ransomware protection Configurations for secure backup and restore Security updates 5 - Case study: Design solutions that align with security best practices and priorities Case study description Case study answers Conceptual walkthrough Technical walkthrough 6 - Design solutions for regulatory compliance Translate compliance requirements into a security solution Address compliance requirements with Microsoft Purview Address privacy requirements with Microsoft Priva Address security and compliance requirements with Azure policy Evaluate infrastructure compliance with Defender for Cloud 7 - Design solutions for identity and access management Design cloud, hybrid and multicloud access strategies (including Azure AD) Design a solution for external identities Design modern authentication and authorization strategies Align conditional access and Zero Trust Specify requirements to secure Active Directory Domain Services (AD DS) Design a solution to manage secrets, keys, and certificates 8 - Design solutions for securing privileged access The enterprise access model Design identity governance solutions Design a solution to secure tenant administration Design a solution for cloud infrastructure entitlement management (CIEM) Design a solution for privileged access workstations and bastion services 9 - Design solutions for security operations Design security operations capabilities in hybrid and multicloud environments Design centralized logging and auditing Design security information and event management (SIEM) solutions Design solutions for detection and response Design a solution for security orchestration, automation, and response (SOAR) Design security workflows Design threat detection coverage 10 - Case study: Design security operations, identity and compliance capabilities Case study description Case study answers Conceptual walkthrough Technical walkthrough 11 - Design solutions for securing Microsoft 365 Evaluate security posture for collaboration and productivity workloads Design a Microsoft 365 Defender solution Design configurations and operational practices for Microsoft 365 12 - Design solutions for securing applications Design and implement standards to secure application development Evaluate security posture of existing application portfolios Evaluate application threats with threat modeling Design security lifecycle strategy for applications Secure access for workload identities Design a solution for API management and security Design a solution for secure access to applications 13 - Design solutions for securing an organization's data Design a solution for data discovery and classification using Microsoft Purview Design a solution for data protection Design data security for Azure workloads Design security for Azure Storage Design a security solution with Microsoft Defender for SQL and Microsoft Defender for Storage 14 - Case study: Design security solutions for applications and data Case study description Case study answers Conceptual walkthrough Technical walkthrough 15 - Specify requirements for securing SaaS, PaaS, and IaaS services Specify security baselines for SaaS, PaaS, and IaaS services Specify security requirements for web workloads Specify security requirements for containers and container orchestration 16 - Design solutions for security posture management in hybrid and multicloud environments Evaluate security posture by using Microsoft Cloud Security Benchmark Design integrated posture management and workload protection Evaluate security posture by using Microsoft Defender for Cloud Posture evaluation with Microsoft Defender for Cloud secure score Design cloud workload protection with Microsoft Defender for Cloud Integrate hybrid and multicloud environments with Azure Arc Design a solution for external attack surface management 17 - Design solutions for securing server and client endpoints Specify server security requirements Specify requirements for mobile devices and clients Specify internet of things (IoT) and embedded device security requirements Secure operational technology (OT) and industrial control systems (ICS) with Microsoft Defender for IoT Specify security baselines for server and client endpoints Design a solution for secure remote access 18 - Design solutions for network security Design solutions for network segmentation Design solutions for traffic filtering with network security groups Design solutions for network posture management Design solutions for network monitoring 19 - Case study: Design security solutions for infrastructure Case study description Case study answers Conceptual walkthrough Technical walkthrough Additional course details: Nexus Humans SC-100T00 Microsoft Cybersecurity Architect training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the SC-100T00 Microsoft Cybersecurity Architect course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for Cloud Architects, Security Experts, and Network Administrators requiring in depth knowledge on CloudGuard Network Security products. Overview Discuss Azure Platform Components and their relationship to Check Point CloudGuard Network Security. Explain how to maintain a secure, efficient, and stable cloud environment. Describe the components and constraints of a hub and spoke cloud security environment. Describe the function of the Cloud Management Extension Explain the purpose of identity and access controls and constraints in different cloud platforms. Explain the steps required to configure Identity and Access controls in Azure. Describe the purpose and function of the CloudGuard Controller, its processes, and how it is tied to the Identity Awareness feature. Explain how to design and configure Cloud Adaptive Policies. Discuss the purpose and function of Data Center Objects. Describe the function and advantages of Cloud Service Provider (CSP) automation templates for instance and resource deployments. Explain how CSP templates can be used for maintenance tasks in the cloud environment. Discuss Third-Party Automation tools, how they can simplify deployment and maintenance tasks, and the constraints associated with them. Discuss Scaling Solutions and Options for Cloud Environments. Explain the Scaling Options in Azure. Describe the workflow for configuring scaling solutions in Azure. Discuss how ClusterXL operates and what elements work together to permit traffic failover. Explain how ClusterXL functions differently in a Cloud Environment. Describe how clusters are created and function in Azure. Discuss the elements involved in Hybrid Data Center deployments, the advantages of them, and the constraints involved. Explain the nature of a 'Greenfield' deployment, the advantages of it, and the constraints involved. Describe the components and constraint involved in deploying a Disaster Recovery Site in the cloud. Discuss the steps required for troubleshooting automation in Azure. Explain the steps required for troubleshooting Scaling Solution issues in Azure. Describe the steps required for troubleshooting clusters in Azure. Learn advanced concepts and develop skills needed to design and administer CloudGuard Network Security Environments. Course Outline Deploy a Security Management Server. Connect to SmartConsole. Configure Azure Active Directory and the Service Principle. Install the Cloud Management Extension. Configure the Cloud Management Extension. Configure the Access Control Policy. Assign the Service Principle. Create the CloudGuard Controller Object. Configure Access Control Policy with a Data Center Object. Deploy the Spoke vNets. Create the Spoke Route Table. Deploy Web Servers into the Spoke vNets. Deploy the Virtual Machine Scale Set. Assign the Service Principle to the VMSS Resource Group. Enable Indentity Awareness on the VMSS. Create Load Balancer Rules. Create vNet Peers. Create Web Server Access Control policy. Deploy the Azure High Availability Solution. Create the Cluster Object. Configure the vNet Peering. Create the Internal User Defined Routes. Create the Security Policy for Internal Traffic. Test the Internal Traffic. Troubleshoot the CloudGuard Controller. Debugs the CloudGuard Controller. Debug the Cloud Management Extension. Additional course details: Nexus Humans CNSE-Azure Check Point Network Security Expert for Azure training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the CNSE-Azure Check Point Network Security Expert for Azure course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Securing Kubernetes training course description This course introduces concepts, procedures, and best practices to harden Kubernetes based systems and container-based applications against security threats. It deals with the main areas of cloud-native security: Kubernetes cluster setup, Kubernetes cluster hardening, hardening the underlying operating system and networks, minimizing microservices vulnerabilities, obtaining supply chain security as well as monitoring, logging, and runtime security. What will you learn Harden Kubernetes systems and clusters. Harden containers. Configure and use Kubernetes audit logs. Securing Kubernetes training course details Who will benefit: Technical staff working with Kubernetes Prerequisites: Kubernetes_for_engineers_course.htm Definitive Docker for engineers Duration 2 days Securing Kubernetes training course contents This course does not only deal with the daily security administration of Kubernetes-based systems but also prepares delegates for the official Certified Kubernetes Security Specialist (CKS) exams of the Cloud Native Computing Foundation (CNCF). Structure: 50% theory 50% hands on lab exercise Module 1: User and authorization management Users and service accounts in Kubernetes Authenticating users Managing authorizations with RBAC Module 2: Supply chain security Vulnerabilit checking for images Image validation in Kubernetes Reducing image footprint Secure image registries Module 3: Validating cluster setup and penetration testing Use CIS benchmark to review the security configuration of Kubernetes components. Modify the cluster components' configuration to match the CIS Benchmark. Penetration testing Kubernetes for known vulnerabilities. Module 4: System hardening Use kernel hardening tools Setup appropriate OS level security domains Container runtime sandboxes Limit network access Module 5: Monitoring and logging Configure Kubernetes audit logs Configure Audit Policies Monitor applications behaviour with Falco

Duration 5 Days 30 CPD hours This course is intended for This course is intended for Enterprise network staff responsible for help desk support, system administration, and network design. Overview At Course Completion: - Features and functions of Group Policy - Use Group Policy management tools to manage security policies - Design a Group Policy infrastructure - Group Policy processing architecture - Back up, restore, import, and copy Group Policy Objects through the Group Policy - Management Console - Use Windows PowerShell to manage Group Policy - Implement security using Group Policy - Configure the desktop environment with Group Policy - Configure roaming profiles and Folder Redirection - Assign and publish software packages - Implement AppLocker and software restriction policies - Create and deploy Administrative Templates - Configure Group Policy preferences In this course, you will learn how to reduce costs and increase efficiencies in your network. You will discover how to consolidate the administration of an enterprise IT infrastructure with Group Policy, and you will learn to control and manage computer systems and domain users running Windows Server 2016 and Windows clients. Create Group Policies, implement administrative and security templates, and determine best practices when deploying software packages. Walk away with the experience and tools needed to optimize your enterprise systems and networks, implement administrative and security templates, and determine best practices when deploying software packages. 1 - Introduction to Configuration Management Configuration Management Overview Configuration Management Using Group Policy Group Policy Features Introduced with Later Versions of Windows Using Windows PowerShell in the Configuration Management Process 2 - Using Group Policy Management Tools Local and Domain Policies Using Group Policy Management Console Understanding Group Policy Refresh 3 - Designing a Group Policy Infrastructure Design Stages for a Group Policy Infrastructure Planning your Group Policy Design Designing Your Group Policy Solution Deploying Your Group Policy Solution Managing Your Group Policy Solution 4 - Understanding the Architecture of Group Policy Processing Group Policy Components in AD DS Understanding the Group Policy Deployment Order Modifying Group Policy Processing 5 - Troubleshooting and Backing Up GPOs Using Group Policy Troubleshooting Tools Integration of RSoP Functionality Group Policy Logging Options Backing Up, Restoring, Importing, and Copying GPOs Building Migration Tables 6 - Securing Windows Using Group Policy Exploring the Windows Security Architecture Securing User Accounts Exploring Security Policies Windows Firewall with Advanced Security Implementing Domain Security Security Policy Options for Window Client and Windows Server 7 - Implementing Application Security Using Group Policy Managing UAC Settings Defending Against Malware Using AppLocker to Restrict Software Implementing Windows App Security Settings 8 - Configuring the Desktop Environment with Group Policy Exploring Script Types and Controlling Script Execution Defining the Desktop, Start Menu, and Taskbar Settings Defining the Control Panel Settings Defining the Windows Components Settings Configuring the Printer Management and Pruning Settings Defining the Network Settings Discovering the new Group Policy Settings 9 - Implementing User State Virtualization Configuring Folder Redirection Managing Offline Files Implementing User Experience Virtualization OneDrive for Business 10 - Assigning and Publishing Software Packages Using MSI Packages to Distribute Software Using Group Policy as a Software Deployment Method Deploying Software Setting Up Distribution Points Using the Systems Center Configuration Manager to Distribute Software 11 - Configuration Management with Windows PowerShell Introducing Windows PowerShell Using Windows PowerShell Writing PowerShell Scripts Windows PowerShell Library for Group Policy Windows PowerShell-Based Logon Scripts 12 - Implementing PowerShell Desired State Configuration Introducing Group Policy Preferences Comparing Preferences and Policy Settings Options for Applying Preferences Configure Preference Settings 13 - Configuring Group Policy Preferences Introducing Group Policy Preferences Comparing Preferences and Policy Settings Options for Applying Preferences Configuring Preferences Settings Additional course details: Nexus Humans 50255 Managing Windows Environments with Group Policy training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the 50255 Managing Windows Environments with Group Policy course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.