• Professional Development
  • Medicine & Nursing
  • Arts & Crafts
  • Health & Wellbeing
  • Personal Development

1215 Security courses delivered Live Online

Cisco Implementing Cisco Tetration Analytics v1.0 (DCITET)

By Nexus Human

Duration 3 Days 18 CPD hours This course is intended for Network Security Operations Workload Application Administrators Security Operations Field Engineers Network Engineers Systems Engineers Technical Solutions Architects Cisco Integrators and Partners Overview After taking this course, you should be able to: Define the Cisco telemetry and analytics approach. Explore common scenarios that Cisco Tetration Analytics can solve. Describe how the Cisco Tetration Analytics platform collects telemetry and other context information. Discuss how relative agents are installed and configured. Explore the operational aspects of the Cisco Tetration Analytics platform. Describe the Cisco Tetration Analytics support for application visibility or application insight based on the Application Dependency Mapping (ADM) feature. List the concepts of the intent-based declarative network management automation model. Describe the Cisco Tetration policy enforcement pipeline, components, functions, and implementation of application policy. Describe how to use Cisco Tetration Analytics for workload protection in order to provide a secure infrastructure for business-critical applications and data. Describe Cisco Tetration Analytics platform use cases in the modern heterogeneous, multicloud data center. List the options for the Cisco Tetration Analytics platform enhancements. Explain how to perform the Cisco Tetration Analytics administration. This course teaches how to deploy, use, and operate Cisco© Tetration Analytics? platform for comprehensive workload-protection and application and network insights across a multicloud infrastructure. You will learn how the Cisco Tetration Analytics platform uses streaming telemetry, behavioral analysis, unsupervised machine learning, analytical intelligence, and big data analytics to deliver pervasive visibility, automated intent-based policy, workload protection, and performance management. Exploring Cisco Tetration Data Center Challenges Define and Position Cisco Tetration Cisco Tetration Features Cisco Tetration Architecture Cisco Tetration Deployment Models Cisco Tetration GUI Overview Implementing and Operating Cisco Tetration Explore Data Collection Install the Software Agent Install the Hardware Agent Import Context Data Describe Cisco Tetration Operational Concepts Examining Cisco Tetration ADM and Application Insight Describe Cisco Tetration Application Insight Perform ADM Interpret ADM Results Application Visibility Examining Cisco Tetration Intent-Based Networking Describe Intent-Based Policy Examine Policy Features Implement Policies Enforcing Tetration Policy Pipeline and Compliance Examine Policy Enforcement Implement Application Policy Examine Policy Compliance Verification and Simulation Examining Tetration Security Use Cases Examine Workload Security Attack Prevention Attack Detection Attack Remediation Examining IT Operations Use Cases Key Features and IT Operations Use Cases Performing Operations in Neighborhood App-based Use Cases Examining Platform Enhancement Use Cases Integrations and Advanced Features Third-party Integration Examples Explore Data Platform Capabilities Exploring Cisco Tetration Analytics Administration Examine User Authentication and Authorization Examine Cluster Management Configure Alerts and Syslog Additional course details: Nexus Humans Cisco Implementing Cisco Tetration Analytics v1.0 (DCITET) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Cisco Implementing Cisco Tetration Analytics v1.0 (DCITET) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Cisco Implementing Cisco Tetration Analytics v1.0 (DCITET)
Delivered OnlineFlexible Dates
Price on Enquiry

JEX - Junos Enterprise Switching using Enhanced Layer 2 Software

By Nexus Human

Duration 2 Days 12 CPD hours This course is intended for This program is designed for students who have attended successfully the IJOS and JRE courses (prior to April 1, 2017) or the IJOS course (since April 3, 2017) and are working toward JNCIA-JUNOS certification. Overview The objectives for this course follow the requirements for the current JNCIA-JUNOS. At the end of this course, the successful student will be able to: Identify the concepts and functionality of various fundamental elements of networking Identify the concepts, benefits and functionality of the core elements of the Junos OS Identify the concepts, operation and functionality of the Junos user interfaces Identify the main elements for configuring Junos devices Describe how to configure basic components of a Junos device Identify methods of monitoring and maintaining Junos devices Describe monitoring and maintenance procedures for a Junos device Identify basic routing concepts and functionality for Junos devices Describe how to configure and monitor basic routing elements for a Junos device Identify the concepts and functionality of routing policy and firewall filters on Junos devices Describe how to configure and monitor routing policies and firewall filters on a Junos device Apply knowledge of Junos operating system configuration, operations, and functionality to real-world scenarios This two-day course provides students with intermediate switching knowledge and configuration examples using Junos Enhanced Layer 2 Software. Chapter 1: Course Introduction Course Introduction Chapter 2: Layer 2 Switching Ethernet Bridging Basics Terminology and Design Considerations Overview of Enterprise Switching Platforms Enabling and Monitoring Layer 2 Switching Operations Lab 1: Implementing Layer 2 Switching Chapter 3: Virtual Networks Overview of VLANs Configuring and Monitoring VLANs Voice VLAN Native VLAN Routed VLAN Interfaces Lab 2: Implementing Virtual Networks Chapter 4: Routing Instances Routing Instances Overview Configuring and Monitoring Virtual Switches Chapter 5: Spanning Tree Spanning Tree Protocol Rapid Spanning Tree Protocol Configuring and Monitoring STP and RSTP Protection Features: BPDU Protection Protection Features: Loop Protection Protection Features: Root Protection Lab 3: Implementing Spanning Tree Chapter 6: Port Security MAC Limiting Persistent MAC Learning DHCP Snooping Dynamic ARP Inspection (DAI) IP Source Guard Lab 4: Implementing Port Security Chapter 7: Device Security and Firewall Filters Storm Control Firewall Filters Lab 5: Implementing Storm Control and Firewall Filters Chapter 8: Virtual Chassis Overview of Virtual Chassis Configuring and Monitoring a Virtual Chassis Lab 6: Implementing a Virtual Chassis System Chapter 9: High Availability Features Overview of High Availability Networks Link Aggregation Groups Redundant Trunk Groups Graceful Routing Engine Switchover (GRES) Nonstop Active Routing (NSR) Nonstop Bridging (NSB) Lab 7: Implementing High Availability Features

JEX - Junos Enterprise Switching using Enhanced Layer 2 Software
Delivered OnlineFlexible Dates
Price on Enquiry

Cisco Securing Cisco Networks with Open Source Snort v2.1 (SSFSNORT)

By Nexus Human

Duration 4 Days 24 CPD hours This course is intended for This course is for technical professionals who need to know how to deploy open source intrusion detection systems (IDS) and intrusion prevention systems (IPS), and how to write Snort rules. Security administrators Security consultants Network administrators System engineers Technical support personnel Channel partners and resellers Overview After taking this course, you should be able to: Describe Snort technology and identify resources available for maintaining a Snort deployment Install Snort on a Linux-based operating system Describe the Snort operation modes and their command-line options Describe the Snort intrusion detection output options Download and deploy a new rule set to Snort Describe and configure the snort.conf file Configure Snort for inline operation and configure the inline-only features Describe the Snort basic rule syntax and usage Describe how traffic is processed by the Snort engine Describe several advanced rule options used by Snort Describe OpenAppID features and functionality Describe how to monitor Snort performance and how to tune rules The Securing Cisco Networks with Open Source Snort (SSFSNORT) v2.1 course shows you how to deploy a network intrusion detection system based on Snort. You?ll learn how to install, configure, operate, and manage a Snort system, rules writing with an overview of basic options, advanced rules writing, how to configure Pulled Pork, and how to use OpenAppID to provide protection of your network from malware. You will learn techniques of tuning and performance monitoring, traffic flow through Snort rules, and more Course outline Introduction to Snort Technology Snort Installation Snort Operation Snort Intrusion Detection Output Rule Management Snort Configuration Inline Operation and Configuration Snort Rule Syntax and Usage Traffic Flow Through Snort Rules Advanced Rule Options OpenAppID Detection Tuning Snort Additional course details: Nexus Humans Cisco Securing Cisco Networks with Open Source Snort v2.1 (SSFSNORT) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Cisco Securing Cisco Networks with Open Source Snort v2.1 (SSFSNORT) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Cisco Securing Cisco Networks with Open Source Snort v2.1 (SSFSNORT)
Delivered OnlineFlexible Dates
Price on Enquiry

EC-Council Certified Threat Intelligence Analyst (C|TIA)

By Nexus Human

Duration 3 Days 18 CPD hours This course is intended for Organizations today demand a professional-level cybersecurity threat intelligence analyst who can extract the intelligence from data by implementing various advanced strategies. Such professional-level programs can only be achieved when the core of the curricula maps with and is compliant to government and industry published threat intelligence frameworks. Ethical Hackers Security Practitioners, Engineers, Analysts, Specialist, Architects, and Managers Threat Intelligence Analysts, Associates, Researchers, Consultants Threat Hunters SOC Professionals Digital Forensic and Malware Analysts Incident Response Team Members Any mid-level to high-level cybersecurity professionals with a minimum of 2 years of experience. Individuals from the information security profession and who want to enrich their skills and knowledge in the field of cyber threat intelligence. Individuals interested in preventing cyber threats. Overview This program will benefit students who are looking to build effective threat intelligence for their organization in order to combat modern-day cyber-attacks and prevent future attacks. Certified Threat Intelligence Analyst (C|TIA) is designed and developed in collaboration with cybersecurity and threat intelligence experts across the globe to help organizations identify and mitigate business risks by converting unknown internal and external threats into known threats. It is a comprehensive, specialist-level program that teaches a structured approach for building effective threat intelligence. Introduction to Threat Intelligence Understanding Intelligence Understanding Cyber Threat Intelligence Overview of Threat Intelligence Lifecycle and Frameworks Cyber Threats and Kill Chain Methodology Understanding Cyber Threats Understanding Advanced Persistent Threats (APTs) Understanding Cyber Kill Chain Understanding Indicators of Compromise (IoCs) Requirements, Planning, Direction, and Review Understanding Organization?s Current Threat Landscape Understanding Requirements Analysis Planning Threat Intelligence Program Establishing Management Support Building a Threat Intelligence Team Overview of Threat Intelligence Sharing Reviewing Threat Intelligence Program Data Collection and Processing Overview of Threat Intelligence Data Collection Overview of Threat Intelligence Collection Management Overview of Threat Intelligence Feeds and Sources Understanding Threat Intelligence Data Collection and Acquisition Understanding Bulk Data Collection Understanding Data Processing and Exploitation Data Analysis Overview of Data Analysis Understanding Data Analysis Techniques Overview of Threat Analysis Understanding Threat Analysis Process Overview of Fine-Tuning Threat Analysis Understanding Threat Intelligence Evaluation Creating Runbooks and Knowledge Base Overview of Threat Intelligence Tools Intelligence Reporting and Dissemination Overview of Threat Intelligence Reports Introduction to Dissemination Participating in Sharing Relationships Overview of Sharing Threat Intelligence Overview of Delivery Mechanisms Understanding Threat Intelligence Sharing Platforms Overview of Intelligence Sharing Acts and Regulations Overview of Threat Intelligence Integration

EC-Council Certified Threat Intelligence Analyst (C|TIA)
Delivered OnlineFlexible Dates
Price on Enquiry

LANs demystified

5.0(3)

By Systems & Network Training

LAN training course description A concise overview course covering Local Area Networks with particular emphasis on the use of Ethernet and Wireless LANS. As well as explaining buzzwords we cover how the technology works at a simple level. After defining LANs the course moves onto Ethernet and switching also covering VLANs. WiFi is then covered, with coverage of 802.11 standards and frequencies along with integrating WiFi with Ethernet. The course then covers routers and their role in connecting networks and the course finishes with a comparison of Ethernet vs WiFi and when to use them. What will you learn Describe how Ethernet works (in simple terms) and when to use Ethernet. Explain the difference between a switch and a router. Describe how WiFi works (in simple terms). Describe the role of Access points. Evaluate wireless technologies and when to use them. List the speeds of various LAN technologies. LAN training course details Who will benefit: Sales staff, managers and other non technical staff. Prerequisites: None. Duration 1 day LAN training course contents LANS What is a LAN? LAN standards, LAN choices, choosing the media, copper, UTP, cat5e, fibre, RF, bandwidth speeds, link aggregation, Full/half duplex. Ethernet What is Ethernet? 802.3, parts of Ethernet, Ethernet evolution, MAC addresses, frames, broadcasts. Ethernet switches What are switches, switches versus hubs, how switches work, ways to configure switches, Loops, STP. VLANs What are VLANs? Why have VLANs, impact of VLANs, Tagging (aka trunking), 802.1Q Wireless LANS Type of wireless LAN, RF frequencies, 2.4GHz, 5GHz, others, interference, standards, 802.11 and variants, CSMA/CA. Wireless LANS NICs, Access points, integration with Ethernet, multiple access points, mesh networks, WiFi security. Interconnecting LANs Routers, connecting networks, interconnecting VLANs, IP addressing, Layer 3 switches. Summary WiFi vs Ethernet.

LANs demystified
Delivered in Internationally or OnlineFlexible Dates
£797

Palo Alto Networks : Cortex XSOAR 6.8: Automation and Orchestration (EDU-380)

By Nexus Human

Duration 5 Days 30 CPD hours This course is intended for Security-operations (SecOps), or security, orchestration, automation, and response (SOAR) engineers, managed security service providers (MSSPs), service delivery partners, system integrators, and professional services engineers Overview This training is designed to enable a SOC, CERT, CSIRT, or SOAR engineer to start working with Cortex XSOAR integrations, playbooks, incident-page layouts, and other system features to facilitate resource orchestration, process automation, case management, and analyst workflow.The course includes coverage of a complete playbook-development process for automating a typical analyst workflow to address phishing incidents. This end-to-end view of the development process provides a framework for more focused discussions of individual topics that are covered in the course. The Cortex? XSOAR 6.2: Automation and Orchestration (EDU-380) course is four days of instructor-led training that will help you: Configure integrations, create tasks, and develop playbooks.Build incident layouts that enable analysts to triage and investigate incidents efficientlyIdentify how to categorize event information and map that information to display fields.Develop automations, manage content, indicator data, and artifact stores, schedule jobs, organize users and user roles, oversee case management, and foster collaboration Course Outline 1 - Core functionality and Feature Sets 2 - Enabling and Configuring Integrations 3 - Playbook Development 4 - Classification and Mapping 5 - Layout Builder 6 - Solution Architecture - Docker 8 - Automation Development & Debugging 9 - Content Management 10 - Indicators 11 - Jobs and Job Scheduling 12 - Users and Role Management 13 - Integration Development Additional course details: Nexus Humans Palo Alto Networks : Cortex XSOAR 6.8: Automation and Orchestration (EDU-380) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Palo Alto Networks : Cortex XSOAR 6.8: Automation and Orchestration (EDU-380) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Palo Alto Networks : Cortex XSOAR 6.8: Automation and Orchestration (EDU-380)
Delivered OnlineFlexible Dates
Price on Enquiry

Cisco Integrated Threat Defense Investigation and Mitigation v1.0 (SECUR202)

By Nexus Human

Duration 2 Days 12 CPD hours This course is intended for Network analysts Network investigators Cisco integrators and partners Overview After taking this course, you should be able to: Describe the stages of the network attack lifecycle and identify ITD solution platform placement based on a given stage Detail how to locate and mitigate email malware attacks Describe email phishing attacks and the steps taken to locate and mitigate them on the network Identify and mitigate data exfiltration threats on the network Identify malware threats on the network and mitigate those threats after investigation The Cisco Integrated Threat Defense Investigation and Mitigation (SECUR202) v1.0 course shows you how to identify, isolate, and mitigate network threats using the Cisco© Integrated Threat Defense solution platform. Through expert instruction and lab-based scenarios, you will be introduced to network threat investigation, and learn how to identify relationships between Cisco products and the stages of the attack lifecycle. This course is the second in a pair of courses (SECUR201) covering the Cisco Integrated Threat Defense (ITD) solution. Network Threat Investigation Introduction Network Attack Introduction Hunting Network Threats in the Enterprise Investigation and Mitigation of Email Malware Threats Examining Email Malware Threats Investigating and Verifying Email Malware Threat Mitigation Investigation and Mitigation of Email Phishing Threats Examining Email Phishing Attacks Configuring Cisco Email Security Appliance (ESA) for URL and Content Filtering Investigating and Verifying Email Phishing Threat Mitigation Investigation and Mitigation of Data Exfiltration Threats Exploiting Vulnerable Network Servers Investigating Data Exfiltration Threats Mitigating and Verifying Data Exfiltration Threats nvestigation and Mitigation of Malware Threats Examining Endpoint Malware Protection Investigating and Mitigating Endpoint Malware Threats

Cisco Integrated Threat Defense Investigation and Mitigation v1.0 (SECUR202)
Delivered OnlineFlexible Dates
Price on Enquiry

IT Fundamentals Plus

By Nexus Human

Duration 2.5 Days 15 CPD hours This course is intended for This course is intended to help participants learn basic principles and techniques of providing PC, mobile, applications, and network support. Overview Upon successful completion of this course, students will have introductory knowledge of computer systems and mobile devices. In this course, students will identify and set up: computer hardware, software, networks, files, wireless devices and discuss safety. Identifying Computer Hardware Identify Types of Computing Devices Identify Internal Computer Components Common Computer Connector Types Identify Common Peripheral Devices Identifying Computer Software Compare Functions and Features of Common Operating Systems Identify Application Software Setting Up a Basic Workstation Connect Hardware Install and Configure Operating Systems Install and Configure Applications Configure Accessibility Options Configuring Network Access Network Connection Types Install and Configure a SOHO Router Network and Alternative Technologies Sharing and Storage Methods Working with Files, Folders, and Applications Create Files Navigate a File Structure Manage Files and Folders Compress and Extract Files Create Screen Captures Configuring and Using Wireless Devices Configuring Wireless Devices Use Wireless Devices Securing Computing Devices Identify Security Threats Apply Security Best Practices Perform Secure Web Browsing Supporting Computers and Users Environmental and Safety Concepts Back Up and Restore Data Manage Software Implement Basic Support Measures

IT Fundamentals Plus
Delivered OnlineFlexible Dates
Price on Enquiry

Cisco SISE Implementing and Configuring Cisco Identity Services Engine v3.0

By Nexus Human

Duration 5 Days 30 CPD hours This course is intended for Network security engineers ISE administrators Wireless network security engineers Cisco integrators and partners Overview After taking this course, you should be able to: Describe Cisco ISE deployments, including core deployment components and how they interact to create a cohesive security architecture. Describe the advantages of such a deployment and how each Cisco ISE capability contributes to these advantages. Describe concepts and configure components related to 802.1X and MAC Authentication Bypass (MAB) authentication, identity management, and certificate services. Describe how Cisco ISE policy sets are used to implement authentication and authorization, and how to leverage this capability to meet the needs of your organization. Describe third-party Network Access Devices (NADs), Cisco TrustSec, and Easy Connect. Describe and configure web authentication, processes, operation, and guest services, including guest access components and various guest access scenarios. Describe and configure Cisco ISE profiling services, and understand how to monitor these services to enhance your situational awareness about network-connected endpoints. Describe best practices for deploying this profiler service in your specific environment. Describe BYOD challenges, solutions, processes, and portals. Configure a BYOD solution, and describe the relationship between BYOD processes and their related configuration components. Describe and configure various certificates related to a BYOD solution. Describe the value of the My Devices portal and how to configure this portal. Describe endpoint compliance, compliance components, posture agents, posture deployment and licensing, and the posture service in Cisco ISE. Describe and configure TACACS+ device administration using Cisco ISE, including command sets, profiles, and policy sets. Understand the role of TACACS+ within the Authentication, Authentication, and Accounting (AAA) framework and the differences between the RADIUS and TACACS+ protocols. Migrate TACACS+ functionality from Cisco Secure Access Control System (ACS) to Cisco ISE, using a migration tool. Implementing and Configuring Cisco Identity Services Engine (SISE) v3.0 is a Cisco ISE training program that discusses the Cisco Identity Services Engine, an identity and access control policy platform that provides a single policy plane across the entire organization, combining multiple services, including authentication, authorization, and accounting (AAA), posture, profiling, device onboarding, and guest management, into a single context-aware identity-based platform. This CCNA course provides students with the knowledge and skills to enforce security posture compliance for wired and wireless endpoints as well as enhance infrastructure security using the Cisco ISE. Introducing Cisco ISE Architecture and Deployment Using Cisco ISE as a Network Access Policy Engine Cisco ISE Use Cases Describing Cisco ISE Functions Cisco ISE Deployment Models Context Visibility Cisco ISE Policy Enforcement Using 802.1X for Wired and Wireless Access Using MAC Authentication Bypass for Wired and Wireless Access Introducing Identity Management Configuring Certificate Services Introducing Cisco ISE Policy Implementing Third-Party Network Access Device Support Introducing Cisco TrustSec Cisco TrustSec Configuration Easy Connect Web Authentication and Guest Services Introducing Web Access with Cisco ISE Introducing Guest Access Components Configuring Guest Access Settings Configuring Sponsor and Guest Portals Cisco ISE Profiler Introducing Cisco ISE Profiler Profiling Deployment and Best Practices Cisco ISE BYOD Introducing the Cisco ISE BYOD Process Describing BYOD Flow Configuring the My Devices Portal Configuring Certificates in BYOD Scenarios Cisco ISE Endpoint Compliance Services Introducing Endpoint Compliance Services Configuring Client Posture Services and Provisioning in Cisco ISE Working with Network Access Devices Review TACACS+ Cisco ISE TACACS+ Device Administration Configure TACACS+ Device Administration TACACS+ Device Administration Guidelines and Best Practices Migrating from Cisco ACS to Cisco ISE Lab outline Access the SISE Lab and Install ISE 2.4 Configure Initial Cisco ISE Setup, GUI Familiarization, and System Certificate Usage Integrate Cisco ISE with Active Directory Configure Basic Policy on Cisco ISE Configure Policy Sets Configure Access Policy for Easy Connect Configure Guest Access Configure Guest Access Operations Create Guest Reports Configure Profiling Customize the Cisco ISE Profiling Configuration Create Cisco ISE Profiling Reports Configure BYOD Blacklisting a Device Configure Cisco ISE Compliance Services Configure Client Provisioning Configure Posture Policies Test and Monitor Compliance-Based Access Test Compliance Policy Configure Cisco ISE for Basic Device Administration Configure TACACS+ Command Authorization

Cisco SISE Implementing and Configuring Cisco Identity Services Engine v3.0
Delivered OnlineFlexible Dates
Price on Enquiry

VMware Carbon Black EDR Advanced Analyst

By Nexus Human

Duration 1 Days 6 CPD hours This course is intended for Security operations personnel, including analysts and incident responders Overview By the end of the course, you should be able to meet the following objectives: Utilize Carbon Black EDR throughout an incident Implement a baseline configuration for Carbon Black EDR Determine if an alert is a true or false positive Fully scope out an attack from moment of compromise Describe Carbon Black EDR capabilities available to respond to an incident Create addition detection controls to increase security This course teaches you how to use the VMware Carbon Black© EDR? product during incident response. Using the SANS PICERL framework, you will configure the server and perform an investigation on a possible incident. This course provides guidance on using Carbon Black EDR capabilities throughout an incident with an in-depth, hands-on, scenariobased lab. Course Introduction Introductions and course logistics Course objectives VMware Carbon Black EDR & Incident Response Framework identification and process Preparation Implement the Carbon Black EDR instance according to organizational requirements Identification Use initial detection mechanisms Process alerts Proactive threat hunting Incident determination Containment Incident scoping Artifact collection Investigation Eradication Hash banning Removing artifacts Continuous monitoring Recovery Rebuilding endpoints Getting to a more secure state Lessons Learned Tuning Carbon Black EDR Incident close out

VMware Carbon Black EDR Advanced Analyst
Delivered OnlineFlexible Dates
Price on Enquiry