385 Security courses in Edinburgh

OpenSSL for engineers training course description A hands on course covering OpenSSL. The course focusses on the use of OpenSSL from the command line as opposed to using its extensive libraries. Certificate authorities are configured along with key generation, HTTPS and a SSL VPN. What will you learn Describe OpenSSL. Use OpenSSL. Describe and implement: Explain how the various technologies involved in an OpenSSL work. OpenSSL for engineers training course details Who will benefit: Network personnel. Prerequisites: IP security foundation for engineers Duration 2 days OpenSSL for engineers training course contents What is OpenSSL? What is SSL? SSL versions, TLS, TLS negotiation, TLS authentication, What is OpenSSL, Command line tool, SSL library. OpenSSH, OpenVPN. Hands on TLS packet analysis. Getting started with OpenSSL Downloading, source code, packages, installing, versions, configuration, openssl command. Cipher suite selection. Hands on Encrypting a file with openssl. Public and private keys Algorithms, creating keys, public keys, private keys, encrypting the private key. Hands on Encrypting a file with keys. Digital signatures Creating signatures, checking validity of signatures, Self signing SSL certificates. Viewing certificates. Certificate files. Converting between formats. Hands on Securing a web server with HTTPS. Simple PKI with OpenSSL Root CA, signing CA, configuration files, Certificate signing requests. Email certificates, TLS server certificates. Hands on Implementing a simple PKI with OpenSSL.

About this Virtual Instructor Led Training (VILT) This 3 half-day Virtual Instructor Led Training (VILT) course will help participants grasp the idea of real-world risk management and how this relates to the cyber world. The VILT course will cover topics surrounding identifying cyber risks and vulnerabilities, guidance on applying administrative actions, and comprehensive solutions to ensure your organization is adequately secure and protected. The VILT course will guide participants on how to conduct a security risk assessment for their organization, and equip them with the skills to develop a risk compliance assessment plan as well as methods to develop risk management strategies which can improve their organization's security posture. The VILT course has at least a 30% hands-on approach through the use of Table Top Exercises. The VILT course will cover the following modules: Introduction to Risk Assessments (RA) Threat Actors and Their Motivations Threat and Risk Assessment Critical Controls Identification Maturity Assessment Treated Cyber Risk Profile Target Cyber Risk Profile and Strategy Target Audience The VILT course is intended for professionals responsible for organizational information and security system and those involved in operating and maintenance of critical information and IT network & sotware systems. Professionals who are designated as the Single Point of Accountability (SPoA) as well as system auditors will find this course useful. Course Level Basic or Foundation Training Methods The VILT course will be delivered online in 3 half-day sessions comprising 4 hours per day, with 2 x 10 minutes break per day, including time for lectures, discussion, quizzes and short classroom exercises. Course Duration: 3 half-day sessions, 4 hours per session (12 hours in total). This VILT course is delivered in partnership with ENGIE Laborelec. Trainer Your expert course leader is a is specialized in cybersecurity risk management. Before joining ENGIE, she worked for The National Cybersecurity Agency of France (ANSSI) based in Paris (France) and for Deloitte Belgium located in Zaventem (Belgium). She has been involved in cybersecurity projects focusing on the principle of protecting critical infrastructures. Her different experiences in Cyber Security, Anti-Money Laundering and Global Trade Compliance (including Export Control and Customs) gave her the opportunity to use methodologies tackling strategic, operational and financial control issues at all levels of an organization: people, business processes, IT applications and infrastructure, legal and regulatory compliance. She was an EBIOS Risk Manager (RM) trainer while she worked for the French government; EBIOS RM is the French method for assessing and treating digital risks. She also had the opportunity to represent France towards European institutions and other relevant stakeholders for topics related to cybersecurity risk management. POST TRAINING COACHING SUPPORT (OPTIONAL) To further optimise your learning experience from our courses, we also offer individualized 'One to One' coaching support for 2 hours post training. We can help improve your competence in your chosen area of interest, based on your learning needs and available hours. This is a great opportunity to improve your capability and confidence in a particular area of expertise. It will be delivered over a secure video conference call by one of our senior trainers. They will work with you to create a tailor-made coaching program that will help you achieve your goals faster. Request for further information about post training coaching support and fees applicable for this. Accreditions And Affliations

Learners will be introduced to the design, installation, commissioning, and maintenance of intruder and hold-up alarm systems.

Learners will be introduced to the design, installation, commissioning, and maintenance of Access Control systems.

Lawful Intercept training course description Packet based networks require a different approach to Lawful Intercept (LI) than that used in circuit switched networks. This course focuses on what Lawful Interception and Data Retention (DR) means to communications service providers in the IP and NGN areas. The course assumes a basic knowledge of IP networking (i.e. DNS, TCP/UDP, IP, RTP) and the building of services on an IP platform (e.g. SIP, SDP, FTP, HTTP). The course first looks at the regulatory context for LI and DR and how this is translated to a practical architecture. What will you learn Recognise the legal and regulatory obligations to provide LI and DR. Identify the components of the handover architecture for each of LI and DR. Identify the preferred location of points of interception and points of retention in the IP network. Map intercepted material to handover protocols. Understand the data mapping defined in the available standards for both LI and DR. Lawful Intercept training course details Who will benefit: Technical and managerial staff needing to implement public networks. Prerequisites: TCP/IP Foundation Duration 1 day Lawful Intercept training course contents What is meant by LI and DR? Review of regulation: Data protection Directive; Data Retention Directive; RIPA. LI architectures Handover and Interception: ETSI standards ES 201 671 and TS 102 232. LI handover protocol IRI and CC handover; correlation; manual interfaces. DR architectures Handover of query results; points of retention. DR query command set Retrieval of retained records. Security concerns Operation privacy; target privacy; storage and transmission integrity. Implementation Identifying PoI and PoR for provided services. LI and DR wrap up Interaction with other services, storage obligations (volume, time, availability).

It is a requirement within codes of practice e.g., BS 5839-1, and within legislation e.g., Health & Safety at Work Act 1974, that duties are placed upon employers and employees regarding health & safety and in particular electrical safety.

Regardless of your computer experience, this class will help you become more aware of technology-related risks and what you can do to protect yourself and your organization from them.

Learners will be introduced to the design, installation, commissioning, and maintenance of CCTV systems.

Microsoft security training course description A hands on training course focusing on security in the Microsoft environment. The course progresses from patch management onto the use of Microsoft security tools. Then server, desktop and network security are studied in the Microsoft environment. What will you learn Use Microsoft security tools. Secure Microsoft servers. Secure Microsoft desktops. Secure Microsoft networks. Microsoft security training course details Who will benefit: Technical server support staff. Technical desktop support staff. Technical network staff. Technical security staff. Prerequisites: Supporting Windows server 2016 Networking Microsoft systems. Duration 3 days Microsoft security training course contents Introduction Security threats, Microsoft defaults, admin accounts, security patches, patch management, patch tools. Hands on: Studying Microsoft defaults, applying security patches. Microsoft security tools Microsoft updates, WSUS, Inventory tool, baseline security analyser, URLscan, EventCombMT, Cipher security tool, Port reporter, PortQry. Tools hackers use. Hands on: Using Microsoft security tools. Server security Checklists, core server security, AD, Member server security, Domain controller security, Specific roles. Hands on Hardening Microsoft servers, security templates. Active Directory Admin authority in AD, group policy, trust and authentication. Desktop security Checklists, core client security, anti virus software, anti spyware software, firewalls, securing clients with AD, securing clients with group policy, software restriction policies. Hands on Securing Microsoft desktops. Network security Checklist, IP security, VPNs, PKI, certificate authorities, RAS, RRAS, IAS. Hands on: VPN configuration, IAS configuration. Monitoring Auditing, authorisation and logons, tracking, system monitoring, detecting attacks. Hands on: Monitoring Microsoft systems. Summary Microsoft security response centre, security advisories.

Securing UNIX systems training course description This course teaches you everything you need to know to build a safe Linux environment. The first section handles cryptography and authentication with certificates, openssl, mod_ssl, DNSSEC and filesystem encryption. Then Host security and hardening is covered with intrusion detection, and also user management and authentication. Filesystem Access control is then covered. Finally network security is covered with network hardening, packet filtering and VPNs. What will you learn Secure UNIX accounts. Secure UNIX file systems. Secure UNIX access through the network. Securing UNIX systems course details Who will benefit: Linux technical staff needing to secure their systems. Prerequisites: Linux system administration (LPIC-1) Duration 5 days Securing UNIX systems course contents Cryptography Certificates and Public Key Infrastructures X.509 certificates, lifecycle, fields and certificate extensions. Trust chains and PKI. openssl. Public and private keys. Certification authority. Manage server and client certificates. Revoke certificates and CAs. Encryption, signing and authentication SSL, TLS, protocol versions. Transport layer security threats, e.g. MITM. Apache HTTPD with mod_ssl for HTTPS service, including SNI and HSTS. HTTPD with mod_ssl to authenticate users using certificates. HTTPD with mod_ssl to provide OCSP stapling. Use OpenSSL for SSL/TLS client and server tests. Encrypted File Systems Block device and file system encryption. dm-crypt with LUKS to encrypt block devices. eCryptfs to encrypt file systems, including home directories and, PAM integration, plain dm-crypt and EncFS. DNS and cryptography DNSSEC and DANE. BIND as an authoritative name server serving DNSSEC secured zones. BIND as an recursive name server that performs DNSSEC validation, KSK, ZSK, Key Tag, Key generation, key storage, key management and key rollover, Maintenance and resigning of zones, Use DANE. TSIG. Host Security Host Hardening BIOS and boot loader (GRUB 2) security. Disable useless software and services, sysctl for security related kernel configuration, particularly ASLR, Exec-Shield and IP / ICMP configuration, Exec-Shield and IP / ICMP configuration, Limit resource usage. Work with chroot environments, Security advantages of virtualization. Host Intrusion Detection The Linux Audit system, chkrootkit, rkhunter, including updates, Linux Malware Detect, Automate host scans using cron, AIDE, including rule management, OpenSCAP. User Management and Authentication NSS and PAM, Enforce password policies. Lock accounts automatically after failed login attempts, SSSD, Configure NSS and PAM for use with SSSD, SSSD authentication against Active Directory, IPA, LDAP, Kerberos and local domains, Kerberos and local domains, Kerberos tickets. FreeIPA Installation and Samba Integration FreeIPA, architecture and components. Install and manage a FreeIPA server and domain, Active Directory replication and Kerberos cross-realm trusts, sudo, autofs, SSH and SELinux integration in FreeIPA. Access Control Discretionary Access Control File ownership and permissions, SUID, SGID. Access control lists, extended attributes and attribute classes. Mandatory Access Control TE, RBAC, MAC, DAC. SELinux, AppArmor and Smack. etwork File Systems NFSv4 security issues and improvements, NFSv4 server and clients, NFSv4 authentication mechanisms (LIPKEY, SPKM, Kerberos), NFSv4 pseudo file system, NFSv4 ACLs. CIFS clients, CIFS Unix Extensions, CIFS security modes (NTLM, Kerberos), mapping and handling of CIFS ACLs and SIDs in a Linux system. Network Security Network Hardening FreeRADIUS, nmap, scan methods. Wireshark, filters and statistics. Rogue router advertisements and DHCP messages. Network Intrusion Detection ntop, Cacti, bandwidth usage monitoring, Snort, rule management, OpenVAS, NASL. Packet Filtering Firewall architectures, DMZ, netfilter, iptables and ip6tables, standard modules, tests and targets. IPv4 and IPv6 packet filtering. Connection tracking, NAT. IP sets and netfilter rules, nftables and nft. ebtables. conntrackd Virtual Private Networks OpenVPN server and clients for both bridged and routed VPN networks. IPsec server and clients for routed VPN networks using IPsec-Tools / racoon. L2TP.