1965 Testing courses delivered Online

Duration 4 Days 24 CPD hours This course is intended for This is an intermediate -level programming course, designed for experienced Java developers who wish to get up and running on developing well defended software applications. Familiarity with Java and JEE is required and real world programming experience is highly recommended. Ideally students should have approximately 6 months to a year of Java and JEE working knowledge. Overview Students who attend Attacking and Securing Java Web Applications will leave the course armed with the skills required to recognize actual and potential software vulnerabilities and implement defenses for those vulnerabilities. This course begins by developing the skills required to fingerprint a web application and then scan it for vulnerabilities and bugs. Practical labs using current tools and techniques provide students with the experience needed to begin testing their own applications. Students also gain a deeper understanding of how attackers probe applications to understand the runtime environment as well as find potential weaknesses. This course the introduces developers to the most common security vulnerabilities faced by web applications today. Each vulnerability is examined from a Java/JEE perspective through a process of describing the threat and attack mechanisms, recognizing associated vulnerabilities, and, finally, designing, implementing, and testing effective defenses. Practical labs reinforce these concepts with real vulnerabilities and attacks. Students are then challenged to design and implement the layered defenses they will need in defending their own applications. There is an emphasis on the underlying vulnerability patterns since the technologies, use cases, and methods of attack as constantly changing. The patterns remain the same through all the change and flux. This 'skills-centric' course is about 50% hands-on lab and 50% lecture, designed to train attendees in secure web application development, coding and design, coupling the most current, effective techniques with the soundest industry practices. Our engaging instructors and mentors are highly experienced practitioners who bring years of current 'on-the-job' experience into every classroom. This lab-intensive course provides hands-on Java / JEE security training that offers a unique look at Java application security. Beginning with penetration testing and hunting for bugs in Java web applications, you embrace best practices for defensively coding web applications, covering all the OWASP Top Ten as well as several additional prominent vulnerabilities. You will repeatedly attack and then defend various assets associated with fully functional web applications and services, allowing you to experience the mechanics of how to secure JEE web applications in the most practical of terms. Bug Hunting Foundation Why Hunt Bugs? Safe and Appropriate Bug Hunting/Hacking Scanning Web Applications Scanning Applications Overview Moving Forward from Hunting Bugs Removing Bugs Foundation for Securing Applications Principles of Information Security Bug Stomping 101 Unvalidated Data Broken Authentication Sensitive Data Exposure XML External Entities (XXE) Broken Access Control Bug Stomping 102 Security Misconfiguration Cross Site Scripting (XSS) Deserialization/Vulnerable Components Insufficient Logging and Monitoring Spoofing, CSRF, and Redirects Moving Forward with Application Security Applications: What Next? Making Application Security Real

أساليب التقويم والتقييم ونظم الامتحانات Testing, Assessment and Evaluation

Traibcert Awareness online course is a comprehensive package that delves into every nook and corner you deserve to know about ISO 13528, including all the erstwhile requirements and pragmatic impeccability for compliance. The course is durably defined for novices who exhibit great affinity towards Proficiency testing by inter laboratory comparison management and ISO standards.

This course delves into the rudiments of unit testing, including the red-green-refactor cycle, and provides in-depth knowledge on testing and implementing business logic in a .NET Core application, Develop the ability to design, write, and execute unit tests using xUnit and Moq for robust and scalable .NET Core applications.

GPON and FTTx networks training course description Designed to benefit those requiring an in depth knowledge of the principles and applications of Ten Gigabit and Gigabit Passive Optical Networking and Fibre to the X in NG Networks applications and their associated equipment, its flexibility and function within a modern transmission network. Using an effective mix of 'hands on' equipment instruction and correlation to theory based learning the delegate will gain a complete understanding of the equipment and the tasks to be undertaken in a real life situation. What will you learn Compare PON/FTTx systems. Explain network elements and designs. Support applications and network interfaces. List circuit provisioning and bandwidth requirements. Understand upstream & downstream issues. Describe headend & network elements/OLT-ONT. Perform network testing with OTDR test sets. GPON and FTTx networks training course details Who will benefit: Anyone working with GPON and FTTx. Prerequisites: Introduction to data communications and networking. Duration 5 days GPON and FTTx training course contents FTTN, FTTC, FTTH SMF, MMF, Fibre safety and properties (dispersion/attenuation), Fibre reel cables and types, Fibre installation and air blown fibre, Transmitters and receivers - power budget/laser classes. Fibre to the home (FTTH), FTTC (Fibre to the Cabinet), FTTN (Fibre to the node) , FTTD (Fibre to the desk), FFTH topologies and wavelengths, Active or passive optical network. WDM equipment and GPON OSP design Wavelength considerations, WDM/DWDM/CWDM, EDFA optical amplification, AWG (Arrayed Waveguide Grating) splitters , Couplers (splitters) and losses, Optical splitters 1x2, 1x4, 1x8, 1x16, 1x32, 1x64, 2x64. PON variants Gigabit passive optical network (GPON), Gigabit Ethernet passive optical network (GEPON), Time division PON (TDM-PON), Wave Division Multiplexing PON (WDM-PON), 1Gbps, 10Gbps, 40Ggps, 100Gbps FSAN (Full Service Access Network) NGA (Next Generation Access), Strategies for TDM-PON to WDM-PON migration, Architecture of NG-PON (hybrid WDM/TDM PON), Additional services than triple play. GEPON design GPON OSP centralized and distributed design, GPON PON splitters x4 x8 x32, Fibre splice trays /cassette trays & enclosures, GPON field testing and installation verification, GPON physical layer testing, Optical time domain reflectometer (OTDR), Optical power source & meter, Optical return loss (ORL), APON/BPON/GPON/EPON comparisons. GPON ITU-T G.984.1 Reference model, terminology & architecture, Access network system management functions. ONT & OLT functional block examples. FTTx scenarios, 4 switching arrangements for external access network backup. GPON ITU-T G.984.2 Physical layer, Enhancement band, Bit rate and wavelengths, FEC and RAMAN. GPON ITU-T G.984.3 Frame structure, GPON encapsulation method (GEM), GTC adaptation and framing sublayer protocol stack, Status reporting & traffic monitoring DBA (SR-DBA & TM-DBA), Transmission container (T-CONT) types, Downstream & upstream multiplexing, GEM port identifier, Media access control and ONU registration, Extended bandwidth assignment model scheduling architecture, PLOAM & alarm messages, Downstream & Upstream FEC, Process order in a GTC transmit flow. GPON ITU-T G.984.4 and G.988 ONT management and control interface (OMCI) Management interface, Reference model, Typical ONT with SCTE 55-1 or SCTE 55-2 compliancy. GPON ITU-T G.984.5 enhancement band Band options, GPON NGA, Wavelength allocation. GPON ITU-T G.984.6 optical reach extension (G.984.re) Reach extension (RE), OA-based and OEO-based reach extenders, Protection, Reach extender with OTDR blocking filters (BF) and bypass (BYP) filters. GPON ITU-T G.984.7 long reach Quiet Window. 10-GPON ITU-T G.987.1 (XG-PON) Scenarios, reference access network architecture, XG-PON with G-PON through WDM1r, G-PON and XG-PON wavelength allocation, G-PON and XG-PON co-existence with video overlay option, RE migration scenarios. G.989 40Gbps XG-PON2 Functional reference architecture, NG-PON2 system coexistence with legacy systems, Definitions of legacy compatibility terminology. GPON issues and standards GPON components GPON OLT / GPON ONT, GPON management, Operational support systems (OSS), Network management systems (NMS), OMCI (ONT Management control interface), RG (Residential gateway), Data and prioritised voice channel product, GPON broadband-forum standards, Broadband-forum , TR-069 and TR-156, HPNA (home phone network alliance), Powerline carrier (PLC), GPON DLNI G.hn or G.9960, MOCA, FTTH council certification standard for network certification. Fibre-connected home badge, Ethernet in the first mile (EFM), GPON frame synchronization to network timing, Direct clock synchronization interface (BITS), Multiservice access platform (MSAP), Software planning tool, Superconnected cities / voucher scheme. Hands on practical assignments Single and multimode fibre recognition, Fibre Cleaning methods, Checking cleaning with an optical microscope, Optical light source and optical power meter referencing, PON splitter and fibre drum testing with an optical power meter, 6km classroom passive optical network testing with an OTDR at 1310/1550nm, Using decibels (dB's) and decibel milliwats (dBm's), Designing networks up to 20km long using vendor specifications (power budget), Fault finding with a visible fault locator.

Definitive Puppet training course description Puppet is a framework and toolset for configuration management. This course covers Puppet to enable delegates to manage configurations. Hands on sessions follow all the major sections. What will you learn Deploy Puppet. Manage configurations with Puppet. Build hosts with Puppet. Produce reports with Puppet. Definitive Puppet training course details Who will benefit: Anyone working with Puppet. Prerequisites: Linux fundamentals. Duration 2 days Definitive Puppet training course contents Getting started with Puppet What is Puppet, Selecting the right version of Puppet, Installing Puppet, Configuring Puppet. Developing and deploying Puppet The puppet apply command and modes of operation, Foreground Puppet master, Developing Puppet with Vagrant, Environments, Making changes to the development environment, Testing the new environments with the Puppet agent, Environment branching and merging, Dynamic Puppet environments with Git branches, Summary, Resources. Scaling Puppet Identifying the challenges, Running the Puppet master with Apache and Passenger, Testing the Puppet master in Apache, Load balancing multiple Puppet masters, Scaling further, Load balancing alternatives. Measuring performance, Splay time, Summary, Going further, Resources. Externalizing Puppet configuration External node classification, Storing node configuration in LDAP, Summary, Resources. Exporting and storing configuration Virtual resources, Getting started with exported and stored configurations, Using exported resources, Expiring state resources, Summary, Resources. Puppet consoles The foreman, Puppet enterprise console, Puppetboard, Summary, Resources. Tools and integration Puppet forge and the module tool, Searching and installing a module from the forge, Generating a module, Managing module dependencies, Testing the modules, Developing Puppet modules with Geppetto, Summary, Resources. Reporting with Puppet Getting started, Configuring reporting, Report processors, Custom reporting, Other Puppet reporters, Summary, Resources. Extending Facter and Puppet Writing and distributing custom facts, Developing custom types, providers and functions, Summary, Resources, Complex data structures, Additional backends, Hiera functions in depth, Module data bindings, Hiera examples. Jiera-2, Summary, Resources. Mcollective Installing and configuring Mcollective, testing, Mcollective plugins, accessing hosts with Metadata. Hiera Lists, initial Hiera configuration, Hiera command line utility, complex data structures, additional backends, Hiera functions in depth, module data bindings. Hiera-2.

Cyber security training course description This cyber security course focusses on the network side of security. Technologies rather than specific products are studied focussing around the protection of networks using firewalls and VPNs. What will you learn Describe: - Basic security attacks - RADIUS - SSL - VPNs Deploy firewalls and secure networks Explain how the various technologies involved in an IP VPN work. Describe and implement: - L2TP - IPsec - SSL - MPLS, L3, VPNs. Cyber security training course details Who will benefit: Anyone working in the security field. Prerequisites: TCP/IP foundation for engineers Duration 5 days Cyber security training course contents Security review Denial of service, DDOS, data manipulation, data theft, data destruction, security checklists, incident response. Security exploits IP spoofing, SYN attacks, hijacking, reflectors and amplification, keeping up to date with new threats. Hands on port scanning, use a 'hacking' tool. Client and Server security Windows, Linux, Log files, syslogd, accounts, data security. Hands on Server hardening. Firewall introduction What is a firewall? Firewall benefits, concepts. HAnds on launching various attacks on a target. Firewall types Packet filtering, SPI, Proxy, Personal. Software firewalls, hardware firewalls. Firewall products. Hands on Simple personal firewall configuration. Packet filtering firewalls Things to filter in the IP header, stateless vs. stateful filtering. ACLs. Advantages of packet filtering. Hands on Configuring packet filtering firewalls. Stateful packet filtering Stateful algorithms, packet-by-packet inspection, application content filtering, tracks, special handling (fragments, IP options), sessions with TCP and UDP. Firewall hacking detection: SYN attacks, SSL, SSH interception. Hands on SPI firewalls. Proxy firewalls Circuit level, application level, SOCKS. Proxy firewall plusses and minuses. Hands on Proxy firewalls. Firewall architectures Small office, enterprise, service provider, what is a DMZ? DMZ architectures, bastion hosts, multi DMZ. Virtual firewalls, transparent firewalls. Dual firewall design, high availability, load balancing, VRRP. Hands on Resilient firewall architecture. Testing firewalls Configuration checklist, testing procedure, monitoring firewalls, logging, syslog. Hands on Testing firewalls. Encryption Encryption keys, Encryption strengths, Secret key vs Public key, algorithms, systems, SSL, SSH, Public Key Infrastructures. Hands on Password cracking. Authentication Types of authentication, Securid, Biometrics, PGP, Digital certificates, X.509 v3, Certificate authorities, CRLs, RADIUS. Hands on Using certificates. VPN overview What is a VPN? What is an IP VPN? VPNs vs. Private Data Networks, Internet VPNs, Intranet VPNs, Remote access VPNs, Site to site VPNs, VPN benefits and disadvantages. VPN Tunnelling VPN components, VPN tunnels, tunnel sources, tunnel end points, tunnelling topologies, tunnelling protocols, which tunnelling protocol? Requirements of tunnels. L2TP Overview, components, how it works, security, packet authentication, L2TP/IPsec, L2TP/PPP, L2 vs L3 tunnelling. Hands on Implementing a L2TP tunnel. IPsec AH, HMAC, ESP, transport and tunnel modes, Security Association, encryption and authentication algorithms, manual vs automated key exchange, NAT and other issues. Hands on Implementing an IPsec VPN. SSL VPNs Layer 4 VPNs, advantages, disadvantages. SSL. TLS. TLS negotiation, TLS authentication. TLS and certificates. Hands on Implementing a SSL VPN. MPLS VPNs Introduction to MPLS, why use MPLS, Headers, architecture, label switching, LDP, MPLS VPNs, L2 versus L3 VPNs. Point to point versus multipoint MPLS VPNs. MBGP and VRFs and their use in MPLS VPNs. Hands on Implementing a MPLS L3 VPN. Penetration testing Hacking webservers, web applications, Wireless networks and mobile platforms. Concepts, threats, methodology. Hands on Hacking tools and countermeasures.

Duration 5 Days 30 CPD hours This course is intended for Pen Testers Ethical Hackers Network Auditors Cybersecurity Professionals Vulnerability Assessors Cybersecurity Managers IS Managers Overview A Certified Penetration Testing Engineer imagines all of the ways that a hacker can penetrate a data system. You have to go beyond what you learned as an Ethical Hacker because pen testing explores technical and non-technical ways of breaching security to gain access to a system. Our C)PTE course is built on proven hands-on methods utilized by our international group of vulnerability consultants. In this course you will learn 5 Key Elements of Pen Testing; Information Gathering, Scanning, Enumeration, Exploitation and Reporting. Plus, discover the latest vulnerabilities and the techniques malicious hackers are using to acquire and destroy data. Additionally, you will learn more about the business skills needed to identify protection opportunities, justify testing activities and optimize security controls appropriate to the business needs in order to reduce business risk. Once you have completed this course, you will have learned everything you need know know to move forward with a career in penetration testing. A Certified Penetration Testing Engineer imagines all of the ways that a hacker can penetrate a data system.ÿ You have to go beyond what you learned as an Ethical Hacker because pen testing explores technical and non-technical ways of breaching security to gain access to a system.ÿ ÿ Our C)PTE course is built on proven hands-on methods utilized by our international group of vulnerability consultants.ÿ In this course you will learn 5 Key Elements of Pen Testing; Information Gathering, Scanning, Enumeration, Exploitation and Reporting. Plus, discover the latest vulnerabilities and the techniques malicious hackers are using to acquire and destroy data. Additionally, you will learn more about the business skills needed to identify protection opportunities, justify testing activities and optimize security controls appropriate to the business needs in order to reduce business risk. Once you have completed this course, you will have learned everything you need know know to move forward with a career in penetration testing. Course Outline Business & Technical Logistics of Pen Testing Information Gathering Reconnaissance ? Passive (External Only) Detecting Live Systems ? Reconnaissance (Active) Banner Grabbing and Enumeration Automated Vulnerability Assessment Hacking Operating Systems Advanced Assessment and Exploitation Techniques Evasion Techniques Hacking with PowerShell Networks and Sniffing Accessing and Hacking Web Techniques Mobile and IoT Hacking Report Writing Basics

Become a Specflow and Cucumber expert for .NET with this course. Master BDD automation from scratch and elevate your testing skills. This definitive course is designed for .NET C# professionals who want to harness the full potential of Specflow for automated testing. Unleash the power of Specflow and Cucumber and become a testing pro.

Linux engineer certification training course description LPIC-2 is the second certification in LPI's multi level professional certification program. This course teaches the skills necessary to pass the LPI 201 exam; the first of two LPIC-2 exams. Specifically, the course covers the administration of Linux systems in small to medium sized mixed networks. What will you learn Perform advanced administration tasks. Perform advanced file system administration. Linux engineer certification training course details Who will benefit: Linux administrators. Prerequisites: Linux system administration (LPIC-1) Duration 5 days Linux engineer certification fundamentals training course contents Part I The LPI 201 Exam Starting a System The Linux Boot Process, Firmware Startup, BIOS Startup, UEFI Startup, Linux Bootloaders, GRUB Legacy, GRUB 2, Alternative Bootloaders, Secure Bootloaders, Process Initialization, SysV Method, systemd Method, Upstart Method, System Recovery, Kernel Failures, Root Drive Failure. Maintaining the System Fluid Messaging, Static Messaging, System backups, Backup Strategies, Performing Backups, Installing Programs from Source, Obtaining and unpacking Installation Files, Compiling Programs, Resource Usage: Managing, measuring, predicting and troubleshooting. Mastering the Kernel What Is the Kernel? Kernel Features, Parts of the Kernel, Kernel Versions, Obtaining Source Code, Creating the Configuration File, Compiling and Installing the Kernel, Compiling and Installing Modules, Creating an Initial RAM Disk, Booting the New Kernel, Creating a Kernel Package, Maintaining the Kernel, Working with Module Files, Module Commands, Working with Hardware, Automatically Detecting Hardware, Troubleshooting the Kernel. Managing the Filesystem The Linux Filesystem, Filesystem Structures, Filesystem Types, Making Filesystems, Attaching Filesystems, Memory-Based Linux Filesystems, the Btrfs Filesystem, Btrfs Subvolumes, Btrfs Snapshots, Optical Filesystems, Swap Filesystems, Network-Based Filesystems, Auto-Mounting, Encrypted Filesystems, Maintaining Linux Filesystems, Adjusting a Filesystem, Checking and Repairing a Filesystem, SMART. Administering Advanced Storage Devices Configuring RAID, Implementing RAID on Linux, Managing a RAID Array, Adjusting Storage Devices, Looking at Drive Interface Concepts, Testing and Tuning Drives, Implementing iSCSI, Managing Logical Volumes, LVM, Creating Logical Volumes, Supporting Logical Volumes, Understanding the Device Mapper. Navigating Network Services Networking Basics, The Physical Layer, The Network Layer, The Transport Layer, The Application Layer, Configuring Network Features, Network Configuration Files, Graphical Tools, Command-Line Tools, Basic Network Troubleshooting, Checking the Log Files, the ARP Cache, Sending Test Packets, Testing Network Routes, Testing Client/Server Connectivity, Finding Host Information, Network Security, Advanced Network Troubleshooting, Viewing Open Network Connections, Viewing Network Statistics, Scanning the Network, Capturing Network Traffic.