Duration 5 Days 30 CPD hours This course is intended for IS Security Officers IS Managers Risk Managers Auditors Information Systems Owners IS Control Assessors System Managers Government Employees Overview The person who carries this certification should be able to acquire necessary resources, advise senior leadership, collaborate with stakeholders, evaluate effectiveness, identify cybersecurity problems, manage threats, oversee information security awareness programs, participate in risk assessments, support compliance activities, and define or implement policies and procedures to ensure protection of critical infrastructure within an information security environment. If you are looking for the ?gotta have it? cybersecurity course, then the Certified Information Systems Security Officer is for you.ÿ The C)ISSO will prepare you for multiple managerial roles inside the INFOSEC community by covering a broad range of topics. You will learn theories in security concepts, practices, monitoring and compliance in IS management. An Information Systems Security Officer is able to implement and maintain cost-effective security controls that are closely aligned with business and industry standards. The C)ISSO certification course is an idealÿway to increaseÿknowledge, expertise, and skill for managers, auditors, and INFOSEC professionals.ÿ At Mile2 we consider the C)ISSO to be one of our flagship courses.The things you learn in this course can be applied to management, prevention teams, and recovery professionals. Material learned in the Live Class or Self-Study options will apply directly to the certification exam. Course Outline Risk Management Security Management Identification and Authentication Access Control Security Models and Evaluation Operations Security Vulnerability Assessments Symmetric Cryptography and Hashing Network Connections Network Protocols and Devices Telephony, VPNs, and Wireless Security Architecture and Attacks Software Development Security Database Security Malware and Software Attacks Business Continuity Disaster Recovery Incident Management, Law, and Ethics Physical Security Additional course details: Nexus Humans C)ISSO - Certified Information Security Systems Officer Mile 2 training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the C)ISSO - Certified Information Security Systems Officer Mile 2 course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.
Duration 4 Days 24 CPD hours This course is intended for This is an intermediate -level programming course, designed for experienced Java developers who wish to get up and running on developing well defended software applications. Familiarity with Java and JEE is required and real world programming experience is highly recommended. Ideally students should have approximately 6 months to a year of Java and JEE working knowledge. Overview Students who attend Attacking and Securing Java Web Applications will leave the course armed with the skills required to recognize actual and potential software vulnerabilities and implement defenses for those vulnerabilities. This course begins by developing the skills required to fingerprint a web application and then scan it for vulnerabilities and bugs. Practical labs using current tools and techniques provide students with the experience needed to begin testing their own applications. Students also gain a deeper understanding of how attackers probe applications to understand the runtime environment as well as find potential weaknesses. This course the introduces developers to the most common security vulnerabilities faced by web applications today. Each vulnerability is examined from a Java/JEE perspective through a process of describing the threat and attack mechanisms, recognizing associated vulnerabilities, and, finally, designing, implementing, and testing effective defenses. Practical labs reinforce these concepts with real vulnerabilities and attacks. Students are then challenged to design and implement the layered defenses they will need in defending their own applications. There is an emphasis on the underlying vulnerability patterns since the technologies, use cases, and methods of attack as constantly changing. The patterns remain the same through all the change and flux. This 'skills-centric' course is about 50% hands-on lab and 50% lecture, designed to train attendees in secure web application development, coding and design, coupling the most current, effective techniques with the soundest industry practices. Our engaging instructors and mentors are highly experienced practitioners who bring years of current 'on-the-job' experience into every classroom. This lab-intensive course provides hands-on Java / JEE security training that offers a unique look at Java application security. Beginning with penetration testing and hunting for bugs in Java web applications, you embrace best practices for defensively coding web applications, covering all the OWASP Top Ten as well as several additional prominent vulnerabilities. You will repeatedly attack and then defend various assets associated with fully functional web applications and services, allowing you to experience the mechanics of how to secure JEE web applications in the most practical of terms. Bug Hunting Foundation Why Hunt Bugs? Safe and Appropriate Bug Hunting/Hacking Scanning Web Applications Scanning Applications Overview Moving Forward from Hunting Bugs Removing Bugs Foundation for Securing Applications Principles of Information Security Bug Stomping 101 Unvalidated Data Broken Authentication Sensitive Data Exposure XML External Entities (XXE) Broken Access Control Bug Stomping 102 Security Misconfiguration Cross Site Scripting (XSS) Deserialization/Vulnerable Components Insufficient Logging and Monitoring Spoofing, CSRF, and Redirects Moving Forward with Application Security Applications: What Next? Making Application Security Real
Duration 4 Days 24 CPD hours This course is intended for This is an intermediate-level programming course, designed for experienced .Net developers who wish to get up and running on developing well defended software applications. Real world programming experience with .Net is required. Overview Students who attend Attacking and Securing .Net Web Applications will leave the course armed with the skills required to recognize actual and potential software vulnerabilities and implement defenses for those vulnerabilities. This course begins by developing the skills required to fingerprint a web application and then scan it for vulnerabilities and bugs. Practical labs using current tools and techniques provide students with the experience needed to begin testing their own applications. Students also gain a deeper understanding of how attackers probe applications to understand the runtime environment as well as find potential weaknesses. This course the introduces developers to the most common security vulnerabilities faced by web applications today. Each vulnerability is examined from a .Net perspective through a process of describing the threat and attack mechanisms, recognizing associated vulnerabilities, and, finally, designing, implementing effective defenses. Practical labs reinforce these concepts with real vulnerabilities and attacks. Students are then challenged to design and implement the layered defenses they will need in defending their own applications. There is an emphasis on the underlying vulnerability patterns since the technologies, use cases, and methods of attack as constantly changing. The patterns remain the same through all the change and flux. This 'skills-centric' course is about 50% hands-on lab and 50% lecture, designed to train attendees in secure web application development, coding and design, coupling the most current, effective techniques with the soundest industry practices. Our instructors and mentors are highly experienced practitioners who bring years of current 'on-the-job' experience into every classroom. This lab-intensive course provides hands-on .Net security training that offers a unique look at .Net application security. Beginning with penetration testing and hunting for bugs in .Net web applications, you thoroughly examine best practices for defensively coding web applications, covering all the OWASP Top Ten as well as several additional prominent vulnerabilities. You will repeatedly attack and then defend various assets associated with fully functional web applications and services, driving home the mechanics of how to secure .Net web applications in the most practical of terms. Bug Hunting Foundation Why Hunt Bugs? Safe and Appropriate Bug Hunting/Hacking Scanning Web Applications Scanning Applications Overview Moving Forward from Hunting Bugs Removing Bugs Foundation for Securing Applications Principles of Information Security Bug Stomping 101 Unvalidated Data Injection Broken Authentication Sensitive Data Exposure XML External Entities (XXE) Broken Access Control Bug Stomping 102 Security Misconfiguration Cross Site Scripting (XSS) Deserialization/Vulnerable Components Insufficient Logging and Monitoring Spoofing, CSRF, and Redirects Moving Forward with Application Security Applications: What Next? .NET Issues and Best Practices Making Application Security Real Time Permitting Topics Cryptography Overview .NET Cryptographic Services
Duration 2 Days 12 CPD hours This course is intended for The audience for this course is an AWS Sysops Administrator Associate or equivalent. This person has one to two years of experience in AWS deployment, management, and operations. Students taking this course are interested in learning how Azure is different from AWS, and how Azure is administered. Students may also be interested in taking the AZ-103 Microsoft Azure Administrator certification exam, or the AZ-900 Azure Fundamentals exam. This two-day course is designed for AWS Sysops administrators interested in learning how Azure is administered. In this workshop which combines lecture with hands-on practical exercises and discussion/review, you will be introduced to Azure Administration, Azure Networking, Azure Compute, Azure Storage, and Azure Governance. During the workshop, you will apply this knowledge - building end-to-end architecture that demonstrates the main features discussed. Azure Administration In this module, you?ll learn about the tools and principle concepts needed to administer Azure. Topics include: Resource Manager, Resource Groups, Azure Portal, Azure CLI, Azure Templates, Cloud Shell, Azure Marketplace, and Azure PowerShell. Azure Networking In this module, you?ll learn about Azure networking features. Topics include: Azure Regions, Virtual Networks and Subnets, IP Addressing, Network Security Groups, Virtual Network Peering, VNet-to-VNet Connections, ExpressRoute, Load Balancers, and Network Watcher. Azure Compute In this module, you?ll learn about configuring and monitoring Azure virtual machines. Topics include: Azure Virtual Machines, Creating Virtual Machines, Virtual Machine Sizes, Virtual Machine Disks, Availability Zones, Availability Sets, Windows VM Connections, Linux VM Connections, Azure Monitor, and Azure Alerts. Azure Storage In this module, you?ll learn about Azure storage features and implementation. Topics include: Storage Accounts, Blob Storage, Blob Performance Tiers, File Shares, File Sync, Data Box, Content Delivery Network, Shared Access Signatures, and Service Endpoints. Azure Identity In this module, you?ll learn about Azure identity solutions. Topics include: Azure Domains, Role-based Access Control, Azure Active Directory, Multi-Factor Authentication, Azure AD Identity Protection, and Azure Policy. Additional course details: Nexus Humans AZ-010T00 Azure Administration for AWS SysOps training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the AZ-010T00 Azure Administration for AWS SysOps course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.
Duration 2 Days 12 CPD hours This course is intended for The primary audience for this course is as follows:Anyone interested in knowing about DNA Center and SD-AccessPersonnel involved in SD-Access Design and ImplementationNetwork Operations team with SD-Access solutionNetwork admin staff that deal with User AccessChannel Partner SEs and other sales supportNetwork Access Control administrationNetwork AdministratorsNetwork ArchitectsNetwork Engineers Overview Upon completing this course, the learner will be able to meet these overall objectives:Know and understand Cisco?s SD-Access concepts, features, benefits, terminology and the way this approach innovates common administrative tasks on today?s networks.Differentiate and explain each of the building blocks of SD-Access SolutionExplain the concept of ?Fabric? and the different node types that conform it (Fabric Edge Nodes, Control Plane Nodes, Border Nodes)Describe the role of LISP in Control Plane and VXLAN in Data Plane for SD-Access SolutionUnderstand the role of DNA Center as solution orchestrator and Intelligent GUIBe familiar with workflow approach in DNA Center and its 4 Steps: Design, Policy, Provision and Assurance DNA Center and SD-Access offer Cisco?s next-generation programmable digital network to help automate common network access security features and streamline the redundant, complex configuration required to allow different groups of users access to the network infrastructure. This network security training course allows network administrators to quickly allow differentiated access for end users on the network while allowing the network to react automatically to day zero and other types of attacks. Introduction to Cisco?s Software Defined Access (SD-Access) SD-Access Overview SD-Access Benefits SD-Access Key Concepts SD-Access Main Components SD-Access Campus Fabric The concept of Fabric Node types Fabric Edge Nodes Control Plane Nodes Border Nodes LISP as protocol for Control Plane VXLAN as protocol for Data Plane Concept of Virtual Network Fabric-enabled WLAN DNA Center and Workflow for SD-Access Introduction to DNA Center Workflow for SD-Access in DNA Center Integration with Cisco ISE for Policy Enforcement Integration with Cisco NDP for Analytics and Assurance Relationship with APIC-EM controller DNA Center Workflow First Step - Design Creating Enterprise and Sites Hierarchy Discuss and Demonstrate General Network Settings Loading maps into the GUI IP Address Administration Administering Software Images Network Device Profiles DNA Center Workflow Second Step - Policy 2-level Hierarchy Policy Types ISE Integration with DNA Center Cross Domain Policies DNA Center Workflow Third Step - Provision Devices Onboarding Fabric Domains Adding Nodes DNA Center Workflow Fourth Step ? Assurance Introduction to Analytics NDP Fundamentals Overview of DNA Assurance Components of DNA Assurance DNA Center Assurance Dashboard Implementing WLAN in SD-Access Solution WLAN Integration Strategies in SD-Access Fabric SD-Access Wireless Architecture Sample Design for SD-Access Wireless Campus Fabric External Connectivity for SD-Access Enterprise Sample Topology for SD-Access Role of Border Nodes Types of Border Nodes Single Border vs. Multiple Border Designs Collocated Border and Control Plane Nodes Distributed (separated) Border and Control Plane Nodes
Duration 5 Days 30 CPD hours This course is intended for Ideal candidates include network professionals who are looking to build their foundational knowledge of the ClearPass product portfolio. Overview After you successfully complete this course, expect to be able to: Ability to setup ClearPass as a AAA server Demonstrate Configuration Guest, OnGurad, Onboard and Profiling features Integrate with External AD Server Understand Monitoring and Reporting Demonstrate Scaling and deployment of best practices Configure AAA services for both wired and wireless networks Demonstrate the configuration of Aruba Downloadable User Roles. Demonstrate the configuration of Dynamic Segmentation with Aruba switches. This course prepares participants with foundational skills in Network Access Control using the ClearPass product portfolio. This 5-day classroom session includes both instructional modules and labs to teach participants about the major features of the ClearPass portfolio. Participants will learn how to setup ClearPass as an AAA server, and configure the Policy Manager, Guest, OnGuard and Onboard feature sets. In addition, this course covers integration with external Active Directory servers, Monitoring and Reporting, as well as deployment best practices. The student will gain insight into configuring authentication with ClearPass on both wired and wireless networks. Intro to ClearPass BYOD High Level Overview Posture and Profiling Guest and Onboard ClearPass for AAA Policy Service Rules Authentication Authorization and Roles Enforcement Policy and Profiles Authentication and Security Concepts Authentication Types Servers Radius COA Active Directory Certificates Intro to NAD NAD Devices Adding NAD to ClearPass Network Device Groups Network Device Attributes Aruba Controller as NAD Aruba Switch Aruba Instant Monitoring and Troubleshooting Monitoring Troubleshooting Logging Policy Simulation ClearPass Insight Insight Dashboard Insight Reports Insight Alerts Insight Search Insight Administration Insight Replication Active Directory Adding AD as Auth Source Joining AD domain Using AD services External Authentication Multiple AD domains LDAP Static Host Lists SQL Database External Radius Server Guest Guest Account creation Web Login pages Guest Service configuration Self-registration pages Configuring NADS for Guest Guest Manager Deep Dive Web Login Deep Dive Sponsor Approval MAC Caching Onboard Intro to Onboard Basic Onboard Setup Onboard Deepdive Single SSID Onboarding Dual SSID Onboarding Profiling Intro to Profiling Endpoint Analysis Deep Dive Posture Intro to Posture Posture Deployment Options OnGuard Agent Health Collection OnGuard workflow 802.1x with Posture using Persistent/dissolvable agent OnGuard web Login Monitoring and Updates Operation and Admin Users Operations Admin Users Clustering and Redundancy Clustering Redundancy LAB Licensing ClearPass Licensing Base License Applications ClearPass Exchange Intro Examples General HTTP Palo Alto Firewall Configuration Case Study Objectives Discussion Advanced Labs Overview Wired Port Authentication 802.1X for access layer switch ports Profiling on Wired Network Configuration of Dynamic Segmentation Aruba Downloadable User Roles Downloadable User Role Enforcement in ClearPass Aruba Controller/Gateway configuration Aruba Switch configuration Troubleshooting
Duration 3.5 Days 21 CPD hours This course is intended for This course is for AWS Cloud Architects with expertise in designing and implementing solutions running on AWS who now want to design for Microsoft Azure. Overview After completing this course, students will be able to: Secure identities with Azure Active Directory and users and groups. Implement identity solutions spanning on-premises and cloud-based capabilities Apply monitoring solutions for collecting, combining, and analyzing data from different sources. Manage subscriptions, accounts, Azure policies, and Role-Based Access Control. Administer Azure using the Resource Manager, Azure portal, Cloud Shell, and CLI. Configure intersite connectivity solutions like VNet Peering, and virtual network gateways. Administer Azure App Service, Azure Container Instances, and Kubernetes. This course teaches Solutions Architects who have previously designed for Amazon Web Services how to translate business requirements into secure, scalable, and reliable solutions for Azure. Introduction to Azure Subscriptions and accounts Resource groups and templates in Azure Resource Manager Azure global infrastructure Azure regions Azure Availability Zones Comparison with AWS Implement Azure Active Directory Introduction to Azure Active Directory Domains and custom domains Safety features Guest users in Azure Active Directory Manage multiple directories Comparison with AWS Implement and manage hybrid identities Introduction to Azure AD Connect Comparison with AWS Implement virtual networking Azure Virtual Network and VNet peering VPN and ExpressRoute connections Comparison with AWS Implement VMs for Windows and Linux Configure high availability Comparison with AWS Implement load balancing and network security Implement Azure Load Balancer Implement an Azure Application Gateway Implement Azure Firewall Implement network security groups and application security groups Comparison with AWS Implement container-based applications Configure Azure Kubernetes Service Publish a solution on an Azure Container Instance Comparison with AWS Implement an application infrastructure Create an App Service plan Create and configure Azure App Service Configure networking for an App Service Introduction to Logic Apps and Azure Functions Comparison with AWS Implement storage accounts Azure Storage core concepts Managing the Azure Blob storage lifecycle Working with Azure Blob storage Comparison with AWS Implement NoSQL databases Introduction to Azure Cosmos DB Consistency Select appropriate CosmosDB APIs Set up replicas in CosmosDB Comparison with AWS DynamoDB Implement Azure SQL databases Configure Azure SQL database settings Implement Azure SQL Database managed instances Configure high availability for an Azure SQL database Comparison with AWS Implement cloud infrastructure monitoring Monitor security Monitor cost Configure a Log Analytics workspace Comparison with AWS Implement and manage Azure governance solutions Assign RBAC roles Configure management access to Azure Implement and configure an Azure Policy Comparison with AWS Manage security for applications Implement Azure Key Vault Implement and configure Azure AD Managed Identities Register and manage applications in Azure AD Comparison with AWS Migration, backup, and disaster recovery management Migrate workloads Implement Azure Backup for VMs Implement disaster recovery Comparison with AWS
Duration 5 Days 30 CPD hours This course is intended for This course will help you: Configure, troubleshoot, and manage enterprise wired and wireless networks Implement security principles within an enterprise network Overview Upon completing this course, students will be able to meet these objectives: Illustrate the hierarchical network design model and architecture using the access, distribution, and core layers. Compare and contrast the various hardware and software switching mechanisms and operation, while defining the TCAM and CAM, along with process switching, fast switching, and Cisco Express Forwarding concepts. Troubleshoot layer 2 connectivity using VLANs, trunking. Implementation of redundant switched networks using spanning tree protocol. Troubleshooting link aggregation using Etherchannel. Describe the features, metrics, and path selection concepts of EIGRP. Implementation and optimization of OSPFv2 and OSPFv3, including adjacencies, packet types, and areas, summarization and route filtering for IPv4 and IPv6. Implementing EBGP interdomain routing, path selection and single and dual-homed networking. Implementing network redundacy using protocols like HSRP and VRRP. Implementing internet connectivity within Enterprise using static and dynamic NAT. Describe the virtualization technology of servers, switches, and the various network devices and components. Implementing overlay technologies like VRF, GRE, VPN and LISP. Describe the components and concepts of wireless networking including RF, antenna characteristics, and define the specific wireless standards. Describe the various wireless deployment models available, include autonomous AP deployments and cloud-based designs within the centralized Cisco WLC architecture. Describe wireless roaming and location services. Describe how APs communicate with WLCs to obtain software, configurations, and centralized management. Configure and verify EAP, WebAuth, and PSK wireless client authentication on a WLC. Troubleshoot wireless client connectivity issues using various tools available. Troubleshooting Enterprise networks using services like NTP, SNMP , Cisco IOS IP SLAs, NetFlow and Cisco IOS Embedded Event Manager. Explain the use of available network analysis and troubleshooting tools, which include show and debug commands, as well as best practices in troubleshooting The Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) v1.2 course provides the knowledge and skills needed to configure, troubleshoot, and manage enterprise wired and wireless networks. You?ll learn to implement security principles within an enterprise network and how to overlay network design by using solutions such as SD-Access and SD-WAN Course Outline Examining Cisco Enterprise Network Architecture Understanding Cisco Switching Paths Implementing Campus Lan Connectivity Building Redundant Switched Topology Implementing Layer 2 Port Aggregation Understanding EIGRP Implementing OSPF Optimizing OSPF Exploring EBGP Implementing Network Redundancy Implementing NAT Introducing Virtualization Protocols And Techniques Understanding Virtual Private Networks And Interfaces Understanding Wireless Principles Examining Wireless Deployment Options Understanding Wireless Roaming And Location Services Examining Wireless AP Operation Understanding Wireless Client Authentication Troubleshooting Wireless Client Connectivity Introducing Multicast Protocols Introducing QoS Implementing Network Services Using Network Analysis Tools Implementing Infrastructure Security Implementing Secure Access Control Understanding Enterprise Network Security Architecture Exploring Automation and Assurance Using Cisco DNA Center Examining the Cisco SD-Access Solution Understanding the Working Principles of the Cisco SD-WAN Solution Understanding the Basics of Python Programming Introducing Network Programmability Protocols Introducing APIs in Cisco DNA Center and vManage
Duration 4 Days 24 CPD hours This course is intended for Data center architects Cloud infrastructure architects Network engineers System administrators Storage administrators Engineers requiring advanced configuration skills Cisco integrators and partners Overview After taking this course, you should understand: Data center challenges and cloud solutions Cisco UCS Director architecture Cisco UCS Director setup and configuration Cisco ACI Multitenancy in FlexPod Cisco ACI infrastructure Resource groups and service offerings Tenant onboarding Self-service provisioning Application containers The Designing and Deploying Cisco UCS Director with ACI (UCSDACI) v6.6 course shows you how to use Cisco UCS© Director software to manage physical and virtual infrastructure elements, including Cisco Application Centric Infrastructure (Cisco ACI?). You will learn to use orchestration and automation functions of Cisco UCS Director to effectively manage infrastructure and automate IT processes. The course offers hands-on experience installing and configuring Cisco UCS Director software. You will also learn about features such as bare-metal provisioning; compute, network, and storage management; orchestration, including Application Policy Infrastructure Controller (APIC); Cisco UCS Director custom tasks, and more. Introducing Cisco UCS Director Understanding Data Center Challenges Understanding the Benefits of Cisco UCS Director Understanding Cisco UCS Director Components Explaining Cisco UCS Director Architecture Explaining Bare-Metal Agent Introducing Cisco Application Centric Infrastructure Understanding Cisco ACI Overview Understanding Cisco ACI Terms and Constructs Understanding Cisco UCS Director Infrastructure Management Understanding Cisco UCS Director Deployment Introducing Role-Based Access Control Explaining User Groups/Roles/Users Introducing Orchestration Understanding Orchestration Introducing Cisco UCS Director ACI Explaining Cisco UCS Director with ACI So Understanding Multitenancy with Cisco UCS Director ACI Explaining Multitenancy with Cisco UCS Director ACI Understanding Resource Groups and Service Offerings Introducing Advanced Tenant Onboarding Onboarding a Tenant Tagging Resources Introducing Application Containers Understanding Application Profiles Understanding Service Container Catalog Understanding Deployment Through Self-Service Portal Understanding Self-Service Provisioning Portal Understanding Service Request Understanding Virtual Data Center Understanding Policies Understanding vDC and Groups Use Case Additional course details: Nexus Humans CiscoDesigning and Deploying Cisco UCS Director with ACI (UCSDACI) v6.6 training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the CiscoDesigning and Deploying Cisco UCS Director with ACI (UCSDACI) v6.6 course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.
Duration 2 Days 12 CPD hours This course is intended for Application developers who want to increase their understanding of Spring Security with hands-on experience and build secure Spring and Spring Boot applications. Overview By the end of the course, you should be able to meet the following objectives: Use Spring Security in Spring and Spring Boot applications Configure the Spring Security filter chain Protect HTTP endpoints with expression-based access control and the AuthorizationManager API Protect method execution Use different authentication mechanisms Handle passwords in an efficient way Integrate Spring Security with Junit 5 and MockMVC to test HTTP and method security Protect against common vulnerabilities and threats Understand what OAuth2 is Use and configure the Spring Authorization Server Implement a resource server and client This 2-day course offers hands-on experience with the major features of Spring Security, which includes configuration, authentication, authorization, password handling, testing, protecting against security threats, and the OAuth2 support to secure applications. On completion, participants will have a foundation for securing enterprise and microservices applications. Security Introduction Need for security Basic security concepts Common security vulnerabilities Spring Security Basics Introduction to Spring Security High-level architecture Overview of SecurityContext Spring Security with Spring Boot Customizing Authentication Building blocks for authentication Authentication mechanisms based on user name and password Other authentication mechanisms Authentication events Securing Web Applications Configuring authorization Using AccessDecisionsManager for authorization Using AuthorizationManager for authorization Bypassing security Method Security Method security architecture Declarative method security with annotations Security Testing Spring Security Testing Support Security mock annotations and meta-annotations Using MockMvc to test security Handling Passwords Password hashing Upgrading passwords (Optional) Protecting Against Common Vulnerabilities Hardening web applications with security headers Preventing cross-site request forgery Encrypting data in transit OAuth5 and OIDC Concepts Need for OAuth Overview of OAuth5 and OIDC OAuth5 grant types Types of tokens Spring Security OAuth5 support and OAuth5 login Spring Authorization Server Introduction to Authorization Server Spring Authorization Server endpoints Spring Authorization Server configuration Protecting and accessing resources with OAuth5 Resource server Using JWT tokens Using opaque tokens Configuring an OAuth5 client Additional course details:Notes Delivery by TDSynex, Exit Certified and New Horizons an VMware Authorised Training Centre (VATC) Nexus Humans VMware Spring Security training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the VMware Spring Security course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.