357 Security courses in Rickmansworth

Event Planning 1 Day Training in Heathrow

Securing Linux systems training course description This course teaches you everything you need to know to build a safe Linux environment. The first section handles cryptography and authentication with certificates, openssl, mod_ssl, DNSSEC and filesystem encryption. Then Host security and hardening is covered with intrusion detection, and also user management and authentication. Filesystem Access control is then covered. Finally network security is covered with network hardening, packet filtering and VPNs. What will you learn Secure Linux accounts. Secure Linux file systems. Secure Linux access through the network. Securing Linux systems training course details Who will benefit: Linux technical staff needing to secure their systems. Prerequisites: Linux system administration (LPIC-1) Duration 5 days Securing Linux systems training course contents Cryptography Certificates and Public Key Infrastructures X.509 certificates, lifecycle, fields and certificate extensions. Trust chains and PKI. openssl. Public and private keys. Certification authority. Manage server and client certificates. Revoke certificates and CAs. Encryption, signing and authentication SSL, TLS, protocol versions. Transport layer security threats, e.g. MITM. Apache HTTPD with mod_ssl for HTTPS service, including SNI and HSTS. HTTPD with mod_ssl to authenticate users using certificates. HTTPD with mod_ssl to provide OCSP stapling. Use OpenSSL for SSL/TLS client and server tests. Encrypted File Systems Block device and file system encryption. dm-crypt with LUKS to encrypt block devices. eCryptfs to encrypt file systems, including home directories and, PAM integration, plain dm-crypt and EncFS. DNS and cryptography DNSSEC and DANE. BIND as an authoritative name server serving DNSSEC secured zones. BIND as an recursive name server that performs DNSSEC validation, KSK, ZSK, Key Tag, Key generation, key storage, key management and key rollover, Maintenance and resigning of zones, Use DANE. TSIG. Host Security Host Hardening BIOS and boot loader (GRUB 2) security. Disable useless software and services, sysctl for security related kernel configuration, particularly ASLR, Exec-Shield and IP / ICMP configuration, Exec-Shield and IP / ICMP configuration, Limit resource usage. Work with chroot environments, Security advantages of virtualization. Host Intrusion Detection The Linux Audit system, chkrootkit, rkhunter, including updates, Linux Malware Detect, Automate host scans using cron, AIDE, including rule management, OpenSCAP. User Management and Authentication NSS and PAM, Enforce password policies. Lock accounts automatically after failed login attempts, SSSD, Configure NSS and PAM for use with SSSD, SSSD authentication against Active Directory, IPA, LDAP, Kerberos and local domains, Kerberos and local domains, Kerberos tickets. FreeIPA Installation and Samba Integration FreeIPA, architecture and components. Install and manage a FreeIPA server and domain, Active Directory replication and Kerberos cross-realm trusts, sudo, autofs, SSH and SELinux integration in FreeIPA. Access Control Discretionary Access Control File ownership and permissions, SUID, SGID. Access control lists, extended attributes and attribute classes. Mandatory Access Control TE, RBAC, MAC, DAC. SELinux, AppArmor and Smack. etwork File Systems NFSv4 security issues and improvements, NFSv4 server and clients, NFSv4 authentication mechanisms (LIPKEY, SPKM, Kerberos), NFSv4 pseudo file system, NFSv4 ACLs. CIFS clients, CIFS Unix Extensions, CIFS security modes (NTLM, Kerberos), mapping and handling of CIFS ACLs and SIDs in a Linux system. Network Security Network Hardening FreeRADIUS, nmap, scan methods. Wireshark, filters and statistics. Rogue router advertisements and DHCP messages. Network Intrusion Detection ntop, Cacti, bandwidth usage monitoring, Snort, rule management, OpenVAS, NASL. Packet Filtering Firewall architectures, DMZ, netfilter, iptables and ip6tables, standard modules, tests and targets. IPv4 and IPv6 packet filtering. Connection tracking, NAT. IP sets and netfilter rules, nftables and nft. ebtables. conntrackd Virtual Private Networks OpenVPN server and clients for both bridged and routed VPN networks. IPsec server and clients for routed VPN networks using IPsec-Tools / racoon. L2TP.

This course presents an approach for dealing with security and privacy throughout the entire software development lifecycle. You will learn about vulnerabilities that undermine security, and how to identify and remediate them in your own projects.

Overview Objective Understand the requirement of Information Security Concepts and Definitions of Information Security Management Systems Deeply Analysing the policies, Standards and procedures How to deliver a balanced ISMS and following its security procedures Analysing the Information risk management Evaluating the organisational responsibilities Understanding the Information security controls Scrutinising Legal framework Techniques of Cryptographic models

Penetration testing training course description An advanced technical hands on course focusing on hacking and counter hacking. The course revolves around a series of exercises based on "hacking" into a network (pen testing the network) and then defending against the hacks. What will you learn Perform penetration tests. Explain the technical workings of various penetration tests. Produce reports on results of penetration tests. Defend against hackers. Penetration testing training course details Who will benefit: Technical support staff, auditors and security professionals. Staff who are responsible for network infrastructure integrity. Prerequisites: IP Security IP VPNs Duration 5 days Penetration testing training course contents Introduction Hacking concepts, phases, types of attacks, 'White hacking', What is penetration testing? Why use pen testing, black box vs. white box testing, equipment and tools, security lifecycles, counter hacking, pen testing reports, methodologies, legal issues. Physical security and social engineering Testing access controls, perimeter reviews, location reviews, alarm response testing. Request testing, guided suggestions, trust testing. Social engineering concepts, techniques, counter measures, Identity theft, Impersonation on social media, Footprints through social engineering Reconnaissance (discovery) Footprinting methodologies, concepts, threats and countermeasures, WHOIS footprinting, Gaining contacts and addresses, DNS queries, NIC queries, ICMP ping sweeping, system and server trails from the target network, information leaks, competitive intelligence. Scanning pen testing. Gaining access Getting past passwords, password grinding, spoofed tokens, replays, remaining anonymous. Scanning (enumeration) Gaining OS info, platform info, open port info, application info. Routes used, proxies, firewalking, Port scanning, stealth port scanning, vulnerability scanning, FIN scanning, Xmas tree scanning, Null scanning, spoofed scanning, Scanning beyond IDS. Enumeration concepts, counter measures and enumeration pen testing. Hacking Hacking webservers, web applications, Wireless networks and mobile platforms. Concepts, threats, methodology, hacking tools and countermeasures. Trojan, Backdoors, Sniffers, Viruses and Worms Detection, concepts, countermeasures, Pen testing Trojans, backdoors, sniffers and viruses. MAC attacks, DHCP attacks, ARP poisoning, DNS poisoning Anti-Trojan software, Malware analysis Sniffing tools. Exploiting (testing) vulnerabilities Buffer overflows,, simple exploits, brute force methods, UNIX based, Windows based, specific application vulnerabilities. DoS/DDoS Concepts, techniques, attack tools, Botnet, countermeasures, protection tools, DoS attack pen testing. SQL Injection Types and testing, Blind SQL Injection, Injection tools, evasion and countermeasures. Securing networks 'Hurdles', firewalls, DMZ, stopping port scans, IDS, Honeypots, Router testing, firewall testing, IDS testing, Buffer Overflow. Cryptography PKI, Encryption algorithms, tools, Email and Disk Encryption. Information security Document grinding, privacy.

Kerberos for engineers training course description This hands on course covers the details of Kerberos, from installation and administration through to how it all works including the protocols. What will you learn Describe what Kerberos is. Explain how Kerberos works. Install Kerberos. Configure Kerberos. Troubleshoot Kerberos. Kerberos for engineers training course details Who will benefit: Engineers interested in security. Prerequisites: TCP/IP foundation for engineers Duration 2 days Kerberos for engineers training course contents What is Kerberos? Single Sign On, The protocol, the standard, history, v4, v5, RFCs, Linux, Windows. Kerberos concepts and technology AAA, Authentication, Authorization, Accounting. Kerberos vs LDAP and directories. Privacy, integrity. Kerberos realms, principles, instances. Keys, salts, passwords. Key Distribution Centre, Authentication server, ticket granting server. Tickets. Installation and administration of Kerberos Installing Kerberos, creating realms, testing. DNS and Kerberos, Kerberos clients. Hands on Windows and Linux Kerberos. Kerberos protocols The Needham-Schroeder protocol, Kerberos v4. Authentication server, ticket granting server, Kerberos v5, encryption options, ticket options, other protocol features and extensions. Related protocols: GSSAPI, SPNEGO. Hands on Using Wireshark to 'see' Kerberos. Troubleshooting Kerberos Approach, debugging tools, errors and solutions. Hands on Kerberos troubleshooting. Kerberos security concerns Kerberos attacks, protocol security issues. Dictionary attacks, brute force attacks, replay attacks, MITM attacks, security solutions, protecting the KDC, firewalls, NAT and Kerberos. Hands on Kerberos logging. Software which uses Kerberos Kerberos logins, Kerberos and web based applications, Directory services. Advanced Kerberos issues Cross realm authentication, Windows issues, Windows and UNIX interoperability, Hands on Using a Windows DC for UNIX clients.

Take The SIA Instructor Course This Will Take You 7 Days To Complete. Enroll Now On To The Course! What is the SIA Instructor Course? SIA Instructor Course is a comprehensive training program designed to empower individuals with the knowledge and skills necessary to become certified instructors in the security industry. With a blend of classroom instruction and hands-on training, this program equips you to educate and guide aspiring security professionals in obtaining their SIA licenses. SIA Trainer Instructor Course LEVEL 3: SIA Trainer / Instructor Combined 7-Day Course – £1250 Embark on the SIA Trainer/Instructor course covering Security Guarding, Door Supervision, CCTV, and Conflict Management. This comprehensive 7-day program equips you to teach various SIA courses. The course is conducted weekly, concluding with a thorough examination. Combined Course Options SIA Combined AET + Conflict Management + Physical Intervention Level 3 – £1250 AET (Award in Education Training) + Conflict Management Delivery – £850 Conflict Management Delivery + Physical Intervention Delivery Level 3 – £950 SIA Instructor Course Road Map Becoming an SIA instructor is a rewarding career path that not only allows you to contribute to the growth and development of the security industry but also opens up new opportunities for personal and professional growth. Here are some compelling reasons to consider our SIA Instructor Course: 01 Make A Difference As an SIA instructor, you have the power to shape the future of security professionals. Your expertise and guidance will directly impact the knowledge and skills of individuals entering the security industry, ultimately enhancing the safety and security of our communities. 02 Professional Growth Becoming a certified SIA instructor is a mark of excellence in your career. It not only validates your expertise but also opens doors to a wide range of teaching and training opportunities in the security sector. 03 Rewarding Career Being an SIA instructor is not just a job; it’s a rewarding career where you get to see your students grow and succeed in the security industry. The satisfaction of knowing you’ve played a role in their success is immeasurable. Embark On A Fulfilling Career As An SIA-Certified Instructor Enrolling in our SIA Instructor Course is the first step toward a fulfilling career as an SIA-certified instructor. Whether you’re a seasoned security professional or just beginning your journey in the industry, this course equips you with the knowledge and skills needed to guide the next generation of security personnel. To enroll in our SIA Instructor Course or to obtain more information, please contact us at [Insert Contact Information]. We are committed to assisting you in your journey to become an SIA-certified instructor and contribute to the development of skilled security professionals. Why Choose SIA Instructor Course? Instructional Techniques You’ll learn effective instructional methods and techniques to deliver training content in a clear and engaging manner. Whether you’re teaching new security personnel or conducting refresher courses, you’ll have the tools to make learning effective and enjoyable. Adult Learning Principles Understanding how adults learn is crucial for effective teaching. Our course equips you with the principles of adult learning, enabling you to tailor your teaching to the needs of your students. Effective Communication Communication is at the heart of successful teaching. You’ll gain insight into effective communication strategies, ensuring that your students understand and retain the material you present. SIA Training Content As an SIA instructor, you’ll be responsible for delivering specific training content to prepare security personnel for their roles. Our course covers the core content required for SIA licensing, giving you a deep understanding of the subject matter.

Firewalls training course description A technical hands on training course covering firewall technologies. This focuses on the whys and hows of firewall technology rather than looking at manufacturer specific issues. What will you learn Design secure firewall protected networks. Test firewalls. Evaluate firewalls Configure firewalls Firewalls training course details Who will benefit: Technical staff wanting to learn about Filrewalls including: Technical network staff. Technical security staff. Prerequisites: IP security foundation for engineers Duration 2 days Firewalls training course contents Firewall introduction Security review, what is a firewall? What do firewalls do? Firewall benefits, concepts. Hands on Configuring the network to be used in later labs, launching various attacks on a target. Firewall types Packet filtering, SPI, Proxy, Personal. Software firewalls, hardware firewalls, blade based firewalls, personal firewalls, which firewall should you use? Firewall products. Hands on Configuring a simple firewall. Packet filtering firewalls Things to filter in the IP header, stateless vs. stateful filtering. ACLs. Advantages of packet filtering. Hands on Configuring packet filtering firewalls. Stateful packet filtering Stateful algorithms, packet-by-packet inspection, application content filtering, tracks, special handling (fragments, IP options), sessions with TCP and UDP. Firewall hacking detection: SYN attacks, SSL, SSH interception. Hands on Stateful packet inspection firewalls. Proxy firewalls Circuit level, application level, SOCKS. Proxy firewall advantages and disadvantages. Hands on Proxy firewalls. Personal firewalls The role of personal firewalls, Windows XP, Zonealarm. Hands on Configuring a personal firewall. Firewall architectures Home based, small office, enterprise, service provider, what is a DMZ? DMZ architectures, bastion hosts, multi DMZ. Virtual firewalls, transparent firewalls. Dual firewall design, high availability, load balancing, VRRP. Hands on Resilient firewall architecture. Securing communications VPNs, IPsec. Firewall configuration of VPNs, integration of dedicated VPN devices and firewalls. Hands on IPSec VPN configuration. Testing firewalls Configuration checklist, testing procedure, monitoring firewalls, logging, syslog. Hands on Testing firewalls.

RESILIA™ Foundation: In-House Training AXELOS RESILIA™: Cyber Resilience Best Practice is designed to help commercial and government organizations around the world prevent, detect, and correct any impact cyber attacks will have on the information required to do business. Adding RESILIA to the existing AXELOS global best practice portfolio, including ITIL® and PRINCE2®, brings a common cyber resilience best practice for security, IT service management, and business. Active cyber resilience is achieved through people, process, and technology. The RESILIA™ Foundation course starts with the purpose, key terms, the distinction between resilience and security, and the benefits of implementing cyber resilience. It introduces risk management and the key activities needed to address risks and opportunities. Further, it explains the relevance of common management standards and best practice frameworks to achieve cyber resilience. Subsequently, it identifies the cyber resilience processes, the associated control objectives, interactions, and activities that should be aligned with corresponding ITSM activities. In the final part of the course, it describes the segregation of duties and dual controls related to cyber resilience roles and responsibilities. What you will Learn At the end of this course, you will be able to: Demonstrate your knowledge of the purpose, benefits, and key terms of cyber resilience Demonstrate your knowledge of the risk management and the key activities needed to address risks and opportunities Demonstrate your knowledge of the purpose of a management system and how best practices and standards can contribute Demonstrate your knowledge of the cyber resilience strategy, the associated control objectives, and their interactions with ITSM activities Demonstrate your knowledge of cyber resilience design, the associated control objectives, and their interactions with ITSM activities Demonstrate your knowledge of cyber resilience transition, the associated control objectives, and their interactions with ITSM activities Demonstrate your knowledge of cyber resilience operation, the associated control objectives, and their interactions with ITSM activities Demonstrate your knowledge of cyber resilience continual improvement, the associated control objectives, and their interactions with ITSM activities Demonstrate your knowledge of the purpose and benefits of segregation of duties and dual controls Course Introduction Course Learning Objectives Course Agenda Activities Course Book Structure RESILIA Certification Introduction to Cyber Resilience What is Cyber Resilience? Defining Cyber Resilience Balancing in Cyber Resilience Characteristics of Cyber Resilience Risk Management Understanding Risk Management: Discussion Defining Risk Management Addressing Risks and Opportunities Managing Cyber Resilience Why and What of Management Systems? Management Systems Common Management Standards and Frameworks Cyber Resilience Strategy What is Strategy? Cyber Resilience Strategy and Activities Security Controls at Cyber Resilience Strategy Interaction Between ITSM Processes and Cyber Resilience Cyber Resilience Design Why Cyber Resilience Design? Cyber Resilience Design Activities Security Controls at Cyber Resilience Design Aligning ITSM Processes with Cyber Resilience Processes Cyber Resilience Transition Why Cyber Resilience Transition? Basics of Cyber Resilience Transition Cyber Resilience Transition: Controls Interaction Between ITSM Processes and Cyber Resilience Cyber Resilience Operation The Purpose of Cyber Resilience Operation Security Controls in Cyber Resilience Operation Interaction Between IT Processes and Cyber Resilience Interaction Between ITSM Functions and Cyber Resilience Cyber Resilience Continual Improvement Continual or Continuous Improvement Maturity Models Continual Improvement Controls The Seven-Step Improvement Process The ITIL CSI Approach Cyber Resilience Roles & Responsibilities Segregating Duties Dual Controls

OpenSSL for engineers training course description A hands on course covering OpenSSL. The course focusses on the use of OpenSSL from the command line as opposed to using its extensive libraries. Certificate authorities are configured along with key generation, HTTPS and a SSL VPN. What will you learn Describe OpenSSL. Use OpenSSL. Describe and implement: Explain how the various technologies involved in an OpenSSL work. OpenSSL for engineers training course details Who will benefit: Network personnel. Prerequisites: IP security foundation for engineers Duration 2 days OpenSSL for engineers training course contents What is OpenSSL? What is SSL? SSL versions, TLS, TLS negotiation, TLS authentication, What is OpenSSL, Command line tool, SSL library. OpenSSH, OpenVPN. Hands on TLS packet analysis. Getting started with OpenSSL Downloading, source code, packages, installing, versions, configuration, openssl command. Cipher suite selection. Hands on Encrypting a file with openssl. Public and private keys Algorithms, creating keys, public keys, private keys, encrypting the private key. Hands on Encrypting a file with keys. Digital signatures Creating signatures, checking validity of signatures, Self signing SSL certificates. Viewing certificates. Certificate files. Converting between formats. Hands on Securing a web server with HTTPS. Simple PKI with OpenSSL Root CA, signing CA, configuration files, Certificate signing requests. Email certificates, TLS server certificates. Hands on Implementing a simple PKI with OpenSSL.