Main › Managing Modern Desktops

Managing Modern Desktops

Managing Modern Desktops

Course description:

During MD-101, Managing Modern Desktops participants discuss how to implement and plan an operating system deployment strategy using modern deployment techniques and how to implement strategy updates. The course explores what it takes to connect Microsoft Intune to your organization. In the course of training and methods of deployment of management of applications and browser applications are studied.

Module 1: Modern Management

This module explains the concepts of supporting the desktop through it’s entire lifecycle. Finally, students will be introduced to the tools and strategies used for desktop deployment. Students well be introduced to the concept of directory in the cloud with Azure AD. Students will learn the similarities and differences between Azure AD and Active Directory DS and how to synchronize between the two. Students will explore identity management in Azure AD and learn about identity protection using Windows Hello for Business, as well as Azure AD Identity Protection and multi-factor authentication.Lesson

  • The Enterprise Desktop
  • Azure AD Overview
  • Managing Identities in Azure AD

Lab : Managing identities in Azure ADLab : Using Azure AD Connect to connect Active Directories

After completing this module, students will be able to:

  • Describe the enterprise desktop lifecycle.
  • Describe the capabilities of Azure AD.
  • Manage users using Azure AD with Active Directory DS.
  • Implement Windows Hello for Business.
  • Join devices to Azure AD.

Module 2: Device Enrollment

This module will also cover Azure AD join and will be introduced to Microsoft Endpoint Manager, as well as learn how to configure policies for enrolling devices to Endpoint Manager and Intune.Lesson

  • Manage Device Authentication
  • Device Enrollment using Microsoft Endpoint Configuration Manager
  • Device Enrollment using Microsoft Intune

Lab : Configuring and managing Azure AD JoinLab : Manage Device Enrollment into IntuneLab : Enrolling devices into Microsoft Intune

After completing this module, students will be able to:

  • Configure and join devices to Azure AD
  • Configure device enrollment in Microsoft Endpoint Manager
  • Enroll devices in Endpoint Configuration Manager and Intune

Module 3: Configuring Profiles

This module dives deeper into Intune device profiles including the types of device profiles and the difference between built-in and custom profiles. The student will learn about assigning profiles to Azure AD groups and monitoring devices and profiles in Intune. You will be introduced to the various user profile types that exist in Windows for on-premises devices. You will learn about the benefits of various profiles and how to switch between types of profiles. You will examine how Folder Redirection works and how to set it up. The lesson will then conclude with an overview of Enterprise State roaming and how to configure it for Azure AD devices.

Lesson

  • Configuring Device Profiles
  • Managing User Profiles

Lab : Creating and Deploying Configuration ProfilesLab : Monitor device and user activity in IntuneLab : Configuring Enterprise State RoamingAfter completing this module, you should be able to:

  • Describe the various types of device profiles in Intune
  • Create, manage and monitor profiles
  • Manage PowerShell scripts in Intune
  • Explain the various user profile types that exist in Windows.
  • Explain how to deploy and configure Folder Redirection.
  • Configure Enterprise State Roaming for Azure AD devices.

Module 4: Application Management

In this module, students learn about application management on-premise and cloud-based solutions. This module will cover how to manage Office 365 ProPlus deployments in Endpoint Manager as well as how to manage apps on non-enrolled devices. The module will also include managing Win32 apps and deployment using the Microsoft Store for Business. This module will conclude with an overview of Microsoft Edge and Enterprise Mode.

Lesson

  • Implement Mobile Application Management (MAM)
  • Deploying and updating applications
  • Administering applications

Lab : Deploying cloud apps using IntuneLab : Configure App Protection Policies for Mobile DeviceLab : Deploy Apps using Endpoint Configuration ManagerLab : Deploy Apps using Microsoft Store for Business

After completing this module, students will be able to:

  • Describe the methods for application management.
  • Deploy applications using Endpoint Manager and Group Policy.
  • Configure Microsoft Store for Business.
  • Deploy Office365 ProPlus using Intune.
  • Manage and report application inventory and licenses.

Module 5: Managing Authentication in Azure AD

This module covers the various solutions for managing authentication. The student will also learn about the different types of VPNs. This module also covers compliance policies and how to create conditional access policies.

Lesson

  • Protecting Identities in Azure AD
  • Enabling Organization Access
  • Implement Device Compliance Policies
  • Using Reporting

Lab : Configuring Multi-factor AuthenticationLab : Configuring Self-service password reset for user accounts in Azure ADLab : Configuring and validating device complianceLab : Creating device inventory reports

After completing this module, students will be able to:

  • Describe Windows Hello for Business
  • Describe Azure AD Identity Protection
  • Describe and manage multi-factor authentication
  • Describe VPN types and configuration
  • Deploy device compliance and conditional access policies
  • Generate inventory reports and Compliance reports using Endpoint Manager

 

Module 6: Managing Security

In this module, students will learn about data protection. Topics will include Windows & Azure Information Protection, and various encryption technologies supported in Windows 10. This module also covers key capabilities of Windows Defender Advanced Threat Protection and how to implement these capabilities on devices in your organization. The module concludes using Windows Defender and using functionalities such as antivirus, firewall and Credential Guard.

Lesson

  • Implement device data protection
  • Managing Windows Defender ATP
  • Managing Windows Defender in Windows 10

Lab : Configure and Deploy Windows Information Protection Policies by using IntuneLab : Configuring Endpoint security using IntuneLab : Configuring Disk Encryption Using Intune

After completing this module, students will be able to:

  • Describe the methods protecting device data.
  • Describe the capabilities and benefits of Windows ATP.
  • Deploy and manage settings for Windows Defender clients.

Module 7: Deployment using Microsoft Endpoint Manager – Part 1

In this two-part module, students well be introduced to deployment using Microsoft Endpoint Manager. Part 1 will cover the tools for assessing the infrastructure and planning a deployment, followed by deployment using the Microsoft Deployment Toolkit and Endpoint Configuration Manager.

Lesson

  • Assessing Deployment Readiness
  • On-Premise Deployment Tools and Strategies

Lab : Deploying Windows 10 using Microsoft Deployment ToolkitLab : Deploying Windows 10 using Endpoint Configuration Manager

After completing this module, students will be able to:

  • Describe the tools for planning a deployment.
  • Deploy Windows 10 using the Microsoft Deployment Toolkit
  • Deploy Windows 10 using Endpoint Configuration Manager

Module 8: Deployment using Microsoft Endpoint Manager – Part 2

This module continues with deployment using Microsoft Endpoint Manager. In part two, the student will learn about using Windows Autopilot and deployment using Microsoft Intune. This module will also include dynamic OS deployment methods, such as Subscription Activation. The module will conclude learning how Co-Management can be used to transitioning to modern management.

Lesson

  • Deploying New Devices
  • Dynamic Deployment Methods
  • Planning a Transition to Modern Management

Lab : Deploying Windows 10 with AutopilotLab : Configuring Co-Management Using Configuration Manager

After completing this module, students will be able to:

  • Deploy Windows 10 using Autopilot
  • Configure OS deployment using subscription activation and provisioning packages
  • Upgrade, migrate and manage devices using modern management methods

Module 9: Managing Updates for Windows 10

This module covers managing updates to Windows. This module introduces the servicing options for Windows 10. Students will learn the different methods for deploying updates and how to configure windows update policies. Finally, students will learn how to ensure and monitor updates using Desktop Analytics.

Lesson

  • Updating Windows 10
  • Windows Update for Business
  • Desktop Analytics

Lab : Managing Windows 10 security and feature updates

After completing this module, students will be able to:

  • Describe the Windows 10 servicing channels.
  • Configure a Windows update policy using Group Policy settings.
  • Configure Windows Update for Business to deploy OS updates.
  • Use Desktop Analytics to assess upgrade readiness.

The course price is $ 800

Main › Windows Server 2019 Administration

Windows Server 2019 Administration

Windows Server 2019 Administration

This five-day instructor-led course is designed primarily for IT professionals who have some experience with Windows Server. It is designed for professionals who will be responsible for managing identity, networking, storage and compute by using Windows Server 2019, and who need to understand the scenarios, requirements, and options that are available and applicable to Windows Server 2019. The course teaches IT professionals the fundamental administration skills required to deploy and support Windows Server 2019 in most organizations.

Audience profile

This course is intended for Information Technology (IT) Professionals who have some experiencing working with Windows Server and are looking for a single five-day course that covers core administration components and technologies in Windows Server 2019. This course also helps server administrators from previous Windows Server versions to update their knowledge and skills related to Windows Server 2019. Additionally, this course can help individuals looking for preparation materials to pass exams related to Windows Server. The course is also to individuals from a service desk role who wish to transition into server maintenance.

Skills gained

  • Use administrative techniques and tools in Windows Server 2019.
  • Implement identity Services.
  • Manage network infrastructure services.

Prerequisites

  • Some exposure to and experience with Active Directory Domain Services (AD DS) concepts and technologies in Windows Server 2012 or Windows Server 2016.
  • Some exposure to and experience with Active Directory Domain Services (AD DS) concepts and technologies in Windows Server 2012 or Windows Server 2016.
  • Experience and an understanding of core networking technologies such as IP addressing, name resolution, and Dynamic Host Configuration Protocol (DHCP).
  • Experience working with and an understanding of Microsoft Hyper-V and basic server virtualization concepts.
  • An awareness of basic security best practices.
  • Experience working hands-on with Windows client operating systems such as Windows 8, Windows 8.1 or Windows 10.
  • Basic experience with Windows PowerShell.

Course outline

Module 1: Windows Server Administration Overview

This module describes how to distinguish different Windows Server 2019 editions and techniques for deployment, servicing and activation. The module also introduces Windows Server Core and compares it with the Desktop Experience version. The module describes tools and concepts for adminstering Windows Server, such as Windows Admin Center, PowerShell, and delegation of privileges.

Lessons

  • Overview of Windows Server administration principles and tools
  • Introducing Windows Server 2019
  • Windows Server Core Overview

Lab : Deploying and configuring Windows Server

  • Deploying and configuring Server Core
  • Implementing and using remote server administration

After completing this module, students will be able to:

  • Describe Windows Server as well as techniques for deployment, servicing and activation.
  • Describe Windows Server Core, its specifics and ways to administer it.

Module 2: Identity Services in Windows Server

This module introduces identity services and describes Active Directory Domain Services (AD DS) in a Windows Server environment. The module describes how to deploy domain controllers in AD DS, as well as the Azure Active Directory (AD) and the benefits of integrating Azure AD with AD DS. The module also covers Group Policy basics and how to configure group policy objects (GPOs) in a domain environment. Finally, the modules describes the role of Active Directory certificate services and certificate usage.

Lessons

  • Overview of AD DS
  • Deploying Windows Server domain controllers
  • Overview of Azure AD
  • Implementing Group Policy
  • Overview of Active Directory Certificate Services

Lab : Implementing identity services and Group Policy

  • Deploying a new domain controller on Server Core
  • Configuring Group Policy
  • Deploying and using certificate services

After completing this module, students will be able to:

  • Describe AD DS in a Windows Server environment.
  • Deploy domain controllers in AD DS.
  • Describe Azure AD and benefits of integrating Azure AD with AD DS.
  • Explain Group Policy basics and configure GPOs in a domain environment
  • Describe the role of Active Directory certificate services and certificate usage

Module 3: Network Infrastructure services in Windows Server

This module describes how to implement core network infrastructure services in Windows Server. The modules covers how to deploy, configure and manage DNS and IPAM. The modules also describes how to use Remote Access Services.

Lessons

  • Deploying and managing DHCP
  • Deploying and managing DNS services
  • Deploying and managing IPAM

Lab : Implementing and configuring network infrastructure services in Windows Server

  • Deploying and configuring DHCP
  • Deploying and configuring DNS

After completing this module, students will be able to:

  • Describe, deploy and configure DHCP service.
  • Deploy, configure and manage DNS.
  • Describe, deploy and manage IPAM.

Module 4: File Servers and Storage management in Windows Server

This modules describes how to configure file servers and storage in Windows Server. The module covers file sharing and deployment of Storage Spaces technology. The module describes how to implement data deduplication, iSCSI based storage in Windows Server, and finally, how to deploy DFS.

Lessons

  • Volumes and file systems in Windows Server
  • Implementing sharing in Windows Server
  • Implementing Storage Spaces in Windows Server
  • Implementing Data Deduplication
  • Implementing iSCSI
  • Deploying Distributed File System

Lab : Implementing storage solutions in Windows Server

  • Implementing Data Deduplication
  • Configuring iSCSI storage
  • Configuring redundant storage spaces
  • Implementing Storage Spaces Direct

After completing this module, students will be able to:

  • Implement sharing in Windows Server
  • Deploy Storage Spaces technology
  • Implement the data deduplication feature
  • Implement iSCSI based storage
  • Deploy and manage Distributed File System (DFS)

Module 5: Hyper-V virtualization and containers in Windows Server

This modules describes how to implement and configure Hyper-V VMs and containers. The module covers key features of Hyper-V in Windows Server, describes VM settings, and how to configure VMs in Hyper-V. The module also covers security technologies used with virtualization, such as shielded VMs, Host Guardian Service, admin-trusted and TPM-trusted attestation, and KPS.

Lessons

  • Hyper-V in Windows Server
  • Configuring VMs
  • Securing virtualization in Windows Server
  • Containers in Windows Server
  • Overview of Kubernetes

Lab : Implementing and configuring virtualization in Windows Server

  • Creating and configuring VMs
  • Installing and configuring containers

After completing this module, students will be able to:

  • Describe the key features of Hyper-V in Windows Server.
  • Describe VM settings and deploy and configure VMs in Hyper-V.
  • Explain the use of security technologies for virtualization.
  • Describe and deploy containers in Windows Server.
  • Explain the use of Kubernetes on Windows.

Module 6: High Availablity in Windows Server

This module describes current high availability technologies in Windows Server. The module describes failover clustering and considerations for implementing it, and how to create and configure failover clustering. The module also explains stretch clusters and options for achieving high availability with Hyper-V VMs.

Lessons

  • Planning for failover clustering implementation
  • Creating and configuring failover cluster
  • Overview of stretch clusters
  • High availability and disaster recovery solutions with Hyper-V VMs

Lab : Implementing failover clustering

  • Configuring iSCSI storage
  • Configuring a failover cluster
  • Deploying and configuring a highly available file server
  • Validating the deployment of the highly available file server

After completing this module, students will be able to:

  • Describe failover clustering and the considerations for implementing it.
  • Create and configure failover clusters.
  • Describe stretch clusters.
  • Describe options to achieve high availability with Hyper-V VMs.

Module 7: Disaster recovery in Windows Server

This module describes disaster recovery technologies in Windows Server and how to implement them. The module covers how to configure and use Hyper-V Replica and describes Azure Site Recovery. The module also covers how to implement Windows Server backup and describes the Azure Backup service.

Lessons

  • Hyper-V Replica
  • Backup and restore infrastructure in Windows Server

Lab : Implementing Hyper-V Replica and Windows Server Backup

  • Implementing Hyper-V Replica
  • Implementing backup and restore with Windows Server Backup

After completing this module, students will be able to:

  • Describe and implement Hyper-V Replica.
  • Describe Azure Site Recovery.
  • Describe and implement Windows Server backup.
  • Describe the Azure Backup service.

Module 8: Windows Server security

This module describes Windows Server security features and how to implement them. The module covers credentials used in Windows Server and explains how to implement privileged access protection. In addition to describing methods and technologies for hardening Windows Server security, the module explains how to configure Just Enough Administration (JEA) and how to secure SMB traffic. Finally, the module covers Windows Update, its deployment and management options.

Lessons

  • Credentials and privileged access protection in Windows Server
  • Hardening Windows Server
  • Just Enough Administration in Windows Server
  • Securing and analyzing SMB traffic
  • Windows Server update management

Lab : Configuring sercurity in Windows Server

  • Configuring Windows Defender Credential Guard
  • Locating problematic accounts
  • Implementing LAPS

After completing this module, students will be able to:

  • Describe credentials used in Windows Server.
  • Explain how to implement privileged access protection.
  • Describe methods and technologies to harden security in Windows Server.
  • Describe and configure Just Enough Administration (JEA).
  • Secure SMB traffic in Windows Server.
  • Describe Windows Update and its deployment and management options.

Module 9: Remote Desktop Services in Windows Server

This module describes key Remote Desktop Protocol (RDP) and Virtual Desktop Infrastructure (VDI) features in Windows Server. The modules covers how to deploy session-based desktops and describes personal and poled virtual desktops.

Lessons

  • Remote Desktop Services Overview
  • Configuring a session-based desktop deployment
  • Overview of personal and pooled virtual desktops

Lab : Implementing RDS in Windows Server

  • Implementing RDS
  • Configuring RemoteApp collection settings
  • Configuring a virtual desktop template

After completing this module, students will be able to:

  • Describe Remote Desktop Services (RDS) in Windows Server.
  • Describe and deploy session-based desktops.
  • Describe personal and pooled virtual desktops.

Module 10: Remote access and web services in Windows Server

This module describes how to implement virtual private networks (VPNs), Network Policy Server (NPS), and Microsoft Internet Information Services (IIS). The module provides an overview of remote access services and describes Always On VPN functionality, as well as how to configure NPS and Web Server (IIS) in Windows Server.

Lessons

  • Overview of RAS in Windows Server
  • Implementing VPNs
  • Implementing NPS
  • Implementing Always On VPN
  • Implementing Web Server in Windows Server

Lab : Deploying network workloads

  • Implementing Web Application Proxy
  • Implementing VPN in Windows Server
  • Deploying and Configuring Web Server

After completing this module, students will be able to:

  • Describe VPN options in Windows Server.
  • Describe Always On VPN functionality.
  • Describe and configure NPS.
  • Describe and configure Web Server (IIS).

Module 11: Monitoring, performance, and troubleshooting

This module describes how to implement service and performance monitoring, and apply troubleshooting in Windows Server. The module highlights monitoring tools and describes how to monitor performance, including event logging and how to perform event logging monitoring for troubleshooting purposes.

Lessons

  • Overview of Windows Server monitoring tools
  • Using Performance Monitor
  • Monitoring event logs for troubleshooting

Lab : Monitoring and troubleshooting Windows Server

  • Establishing a performance baseline
  • Identifying the source of a performance problem
  • Viewing and configuring centralized event logs
  • Identifying the source of a performance problem
  • Describe monitoring tools in Windows Server.
  • Describe performance monitoring and use it in Windows Server.
  • Describe event logging and perform event logging monitoring for troubleshooting purposes.

Module 12: Upgrade and migration in Windows Server

This module describes how to perform upgrades and migrations for AD DS, Storage, and Windows Server. The module covers tools to use for AD DS migration. The module also covers the Storage Migration Service, and finally, Windows Server migration tools and usage scenarios.

Lessons

  • AD DS migration
  • Storage Migration Service
  • Windows Server migration tools

Lab : Migrating Server workloads

  • Selecting a process to migrate server workloads
  • Planning how to migrate files by using Storage Migration Service

After completing this module, students will be able to:

  • Describe tools to use for AD DS migration.
  • Describe the Storage Migration Service.
  • Describe Windows Server migration tools and their usage scenarios.

Main › Architecting on AWS

Architecting on AWS

Architecting on AWS

Architecting on AWS covers the fundamentals of building IT infrastructure on AWS. The course is designed to teach solutions architects how to optimise the use of the AWS Cloud by understanding AWS services and how these services fit into cloud-based solutions. This course emphasises AWS Cloud best practices and recommended design patterns to help students think through the process of architecting optimal IT solutions on AWS. It also presents case studies throughout the course that showcase how some AWS customers have designed their infrastructures and the strategies and services they implemented. Opportunities to build a variety of infrastructures via a guided, hands-on approach are also provided.

Course objectives
This course teaches you how to:
  • Make architectural decisions based on the AWS-recommended architectural principles and best practices
  • Leverage AWS services to make your infrastructure scalable, reliable, and highly available
  • Leverage AWS-managed services to enable greater flexibility and resiliency in an infrastructure
  • Make an AWS-based infrastructure more efficient in order to increase performance and reduce costs
  • Use the Well-Architected Framework to improve architectures with AWS solutions
Intended audience
This course is intended for:
  • Solutions architects
  • Solution design engineers
Course outline

Day 1

  • Core AWS Concepts
  • Core AWS Knowledge
  • Core AWS Services
  • Designing Your Environment
  • Making Your Environment Highly Available

Day 2

  • Forklifting an Existing Application onto AWS
  • Event-Driven Scaling
  • Automating
  • Decoupling
  • Build a New Environment

Day 3

  • Well-Architected Framework
  • Troubleshooting YourEnvironment
  • Large-Scale Design Patterns and Case Studies

Training materials: AWS digital kit, iLabs.

Certificate of ettendence: AWS Certificate

Main › IT Audit. Practical Cases

IT Audit. Practical Cases

IT Audit. Practical Cases

The “IT AUDIT” trainings will allow participants to gain a wide set of knowledge to plan, perform IT audits and manage IT audit enterprise programs.

You will have all required skills to face the most difficult problems, which include:

  • audit planning and reporting
  • business continuity audit
  • software development and system implementation lifecycle audit
  • operating systems, databases, network equipment configuration audit

This is solely practical training! You immediately will work. The training adopted for an audience which represents students with completely different background. If you just a novice, you will be solving simple tasks. If you’re professional, you will have a set of very sophisticated tasks.

The obtained experience will mandatory increase your value for employees and customers, and bring a tremendous level of a professional confidence to you personally.

We recommend this training for:

  • IT auditors
  • IT security specialists
  • IT quality specialists
  • IT managers
COURSE AGENDA

Section 1: IT audit

  • IT assurance framework (ITAF).
  • Audit charter/mandate for the audit.
  • Auditor independence.
  • Professional due care.
  • Audit assertions.
  • Audit criteria.
  • ISACA audit programs.
  • IIA audit guidelines.
  • Trust services principles and criteria
  • Cobit 5
  • ISO27001
  • Other sources of criteria
  • Audit planning. Risk-based planning.
  • Audit performance.
  • Materiality of audit findings.
  • Audit evidence.
  • Evidence collection methods
  • Audit sampling.
  • Using the work of other experts.
  • Reporting.
  • Handling illegal acts.
  • Audit follow-up.
  • Control environment
  • Control design
  • Control effectiveness
  • Control monitoring
  • Practical workshop.

Section 2: IT governance and management

  • IT strategy
  • IT architecture
  • IT metrics
  • IT organization
  • IT service management
  • Service catalog
  • Incident management
  • Change management
  • Release management
  • Problem management
  • IT investments
  • IT risks
  • End-user computing.
  • Shadow IT
  • Cloud IT
  • BYOD
  • IT outsourcing
  • Practical workshop.

Section 3: Information systems development and implementation

  • System implementation and development lifecycle.
  • Project management control frameworks.
  • System development methodologies.
  • Project business case.
  • Feasibility study.
  • Requirements specification.
  • Design and Architecture.
  • Procurement process.
  • Coding.
  • Implementation.
  • Testing
  • Handover to production.
  • Operational support.
  • Decommissioning.
  • Migrations.
  •  Project closure.
  •  Practical workshop.

Section 4: IT operations

  • Inventory and asset management.
  • Patch management.
  • Hardware maintenance.
  •  Licensing.
  • Capacity planning.
  • Performance and availability monitoring.
  • Utilities
  •  Datacenter management
  •  Network physical infrastructure
  •  Practical workshop.

Section 5: Business continuity and disaster recovery

  • Business continuity management
  • Business continuity project initiation and management.
  •  Business impact assessment.
  • RTO/RPO
  • Recovery strategies.
  • Business continuity plan testing.
  • Disaster phases:
  • Preparation.
  •  Initial response
  • Restoration
  • Recovery
  • Post-incident activities
  • Practical workshop.

Section 6: Information security assurance

  • Information security policies, standards and procedures
  • Information security roles and organizational structures.
  • Human resource security
  •  Data classification and handling
  •  Key processes.
  • Information security risk management.
  •  Incident handling.
  • Awareness programs.
  •  Identity and access management.
  • IDS/IPS
  • DLP
  • SIEM
  •  PKI
  • 802.11x, NAP and network access control
  • Remote access and teleworking risks
  • Rights management
  • Antimalware solutions
  •  Physical security controls
  • Fraud controls
  • Practical workshop.

Section 7: Audit considerations

  • ERP audit
  • CRM audit
  • VOIP
  • Virtualization
  • Practical workshop.

Labs:

  • Windows audit
  • Linux audit
  • Networking, VPN and Firewall audit
  • PKI audit
  • Database audit (MySQL and Oracle)
  • Web application audit (PHP)
  • Mobile application audit (android)

Main › Microsoft Public Key Infrastructure 2015 (ERC-A9)

Microsoft Public Key Infrastructure 2015 (ERC-A9)

Microsoft Public Key Infrastructure 2015 (ERC-A9)

Main › СЕН| CERTIFIED ETHICAL HACKER V9

СЕН| CERTIFIED ETHICAL HACKER V9

СЕН| CERTIFIED ETHICAL HACKER V9

Main › CHFI| COMPUTER HACKING FORENSIC INVESTIGATOR V9

CHFI| COMPUTER HACKING FORENSIC INVESTIGATOR V9

CHFI| COMPUTER HACKING FORENSIC INVESTIGATOR V9

Main › CompTIA Security +

CompTIA Security +

CompTIA Security +

Course description
CompTIA Security + (SY0-501 exam) is a basic course you will need to take if your job responsibilities include providing network services, devices, and traffic to your organization. You can also take this course to prepare for the CompTIA Security + certification exam. In this course, you will build on your knowledge and expertise in the basics of security, networking, and organizational security, gaining the specific skills needed to implement basic security services in any type of computer network.

This course can benefit you in two ways.
If you intend to take the CompTIA Security + certification exam (SY0-501 exam), this course can be an important part of your preparation. But certification is not the only key to professional success in computer security. Today’s job market requires people to demonstrate skills, and the information and activities in this course can help you build a set of computer security skills so that you can confidently perform your duties in any security-related role.

Target audience
This course is aimed at an information technology (IT) professional with network and administrative skills in Windows-based Transmission Control / Internet Protocol (TCP / IP) networks; familiarity with other operating systems, such as mac OS, Unix or Linux; and who wants to pursue a career in IT by gaining fundamental knowledge of security; preparation for the CompTIA Security + certification exam; or use Security + as a basis for advanced security certificates or career roles.

Knowledge that you will gain during the course:
• basics of authentication and authorization;
• types of attacks and malicious code;
• how to ensure security when working with remote access;
• security of e-mail and web applications;
• wireless network security;
• design of security systems;
• security control and intrusion detection;
• physical security;
• security expertise.

What is included in the course:
• 5 online lectures from 10:00 to 18:00
• practical work
• laboratory work

Promotional price: UAH 12,000 without VAT (old price UAH 24,000)

* if desired, each participant of the course will be able to buy a voucher for certification separately.

Main › CISSP| CERTIFIED INFORMATION SYSTEM SECURITY PROFESSIONAL

CISSP| CERTIFIED INFORMATION SYSTEM SECURITY PROFESSIONAL

CISSP| CERTIFIED INFORMATION SYSTEM SECURITY PROFESSIONAL

Domain 1:Security and Risk Management

1.1 Understand and apply concepts of confidentiality, integrity and availability

1.2 Apply security governance principles through:

1.3 Compliance:

– Legislative and regulatory compliance

– Privacy requirements compliance

1.4 Understand legal and regulatory issues that pertain to information security in a global context

1.5 Understand professional ethics

– Exercise (ISC)² Code of Professional Ethics

– Support organization’s code of ethics

1.6 Develop and implement documented security policy, standards, procedures, and guidelines

1.7 Understand business continuity requirements

– Develop and document project scope and plan

– Conduct business impact analysis

– Alignment of security function to strategy, goals, mission, and objectives (e.g., business case, budget and resources)

– Organizational processes (e.g., acquisitions,divestitures, governance committees)

– Security roles and responsibilities

– Control frameworks

– Due care

– Due diligence

– Computer crimes

– Licensing and intellectual property (e.g., copyright, trademark, digital-rights management)

– Import/export controls

– Trans-border data flow

– Privacy

– Data breaches

1.8 Contribute to personnel security policies

1.9 Understand and apply risk management concepts

1.10 Understand and apply threat modeling

1.11 Integrate security risk considerations into acquisition strategy and practice

1.12 Establish and manage information security education, training, and awareness

– Appropriate levels of awareness, training, and education required within organization

– Periodic reviews for content relevancy

– Employment candidate screening (e.g., reference checks, education verification)

– Employment agreements and policies

– Employment termination processes

– Vendor, consultant, and contractor controls

– Compliance

– Privacy

– Identify threats and vulnerabilities

– Risk assessment/analysis (qualitative, quantitative,hybrid)

– Risk assignment/acceptance (e.g., system authorization)

– Countermeasure selection

– Implementation

– Types of controls (preventive, detective, corrective, etc.)

– Control assessment

– Monitoring and measurement

– Asset valuation

– Reporting

– Continuous improvement

– Risk frameworks

– Identifying threats (e.g., adversaries, contractors, employees, trusted partners)

– Determining and diagramming potential attacks (e.g., social engineering, spoofing)

– Performing reduction analysis

– Technologies and processes to remediate threats (e.g., software architecture and operations)

– Hardware, software, and services

– Third-party assessment and monitoring (e.g., onsite assessment, document exchange and review, process/policy review)

– Minimum security requirements

– Service-level requirements

Domain 2:Asset Security

2.1 Classify information and supporting assets (e.g., sensitivity, criticality)

2.2 Determine and maintain ownership (e.g., data owners, system owners, business/mission owners)

2.3 Protect privacy

2.4 Ensure appropriate retention (e.g., media, hardware, personnel)

2.5 Determine data security controls (e.g., data at rest, data in transit)

2.6 Establish handling requirements (markings, labels, storage, destruction of sensitive information)

– Data owners

– Data processers

– Data remanence

– Collection limitation

– Baselines

– Scoping and tailoring

– Standards selection

– Cryptography

Domain 3:Security Engineering

3.1 Implement and manage engineering processes using secure design principles

3.2 Understand the fundamental concepts of security models (e.g., Confidentiality, Integrity, and Multi-level Models)

3.3 Select controls and countermeasures based upon systems security evaluation models 3.4 Understand security capabilities of information systems (e.g., memory protection, virtualization, trusted platform module, interfaces, fault tolerance)

3.5 Assess and mitigate the vulnerabilities of security architectures, designs, and solution elements

3.6 Assess and mitigate vulnerabilities in web-based systems (e.g., XML, OWASP)

3.7 Assess and mitigate vulnerabilities in mobile systems

3.8 Assess and mitigate vulnerabilities in embedded devices and cyber-physical systems (e.g., network-enabled devices, Internet of things (loT))

3.9 Apply cryptography

– Client-based (e.g., applets, local caches)

– Server-based (e.g., data flow control)

– Database security (e.g., inference, aggregation, data mining, data analytics, warehousing)

– Large-scale parallel data systems

– Distributed systems (e.g., cloud computing, grid computing, peer to peer)

– Cryptographic systems

– Industrial control systems (e.g., SCADA)

– Cryptographic life cycle (e.g., cryptographic limitations, algorithm/protocol governance)

– Cryptographic types (e.g., symmetric, asymmetric, elliptic curves)

– Public Key Infrastructure (PKI)

– Key management practices

– Digital signatures

– Digital rights management

– Non-repudiation

– Integrity (hashing and salting)

– Methods of cryptanalytic attacks (e.g., brute force, cipher-text only, known plaintext)

3.10 Apply secure principles to site and facility design

3.11 Design and implement physical security

– Wiring closets

– Server rooms

– Media storage facilities

– Evidence storage

– Restricted and work area security (e.g., operations centers)

– Data center security

– Utilities and HVAC considerations

– Water issues (e.g., leakage, flooding)

– Fire prevention, detection and suppression

Domain 4:Communications and Network Security

4.1 Apply secure design principles to network architecture (e.g., IP & non-IP protocols, segmentation)

4.2 Secure network components

4.3 Design and establish secure communication channels

4.4 Prevent or mitigate network attacks

– OSI and TCP/IP models

– IP networking

– Implications of multilayer protocols (e.g., DNP3)

– Converged protocols (e.g., FCoE, MPLS, VoIP, iSCSI)

– Software-defined networks

– Wireless networks

– Cryptography used to maintain communication security

– Operation of hardware (e.g., modems, switches, routers, wireless access points, mobile devices)

– Transmission media (e.g., wired, wireless, fiber)

– Network access control devices (e.g., firewalls, proxies)

– Endpoint security

– Content-distribution networks

– Physical devices

– Voice

– Multimedia collaboration (e.g., remote meeting technology, instant messaging)

– Remote access (e.g., VPN, screen scraper, virtual application/desktop, telecommuting)

– Data communications (e.g., VLAN, TLS/SSL)

– Virtualized networks (e.g., SDN, virtual SAN, guest operating systems, port isolation)

Domain 5:Identity and Access Management

5.1 Control physical and logical access to assets

– Information

– Systems

– Devices

– Facilities

5.2 Manage identification and authentication of people and devices

5.3 Integrate identity as a service (e.g., cloud identity)

5.4 Integrate third-party identity services (e.g., on-premise)

5.5 Implement and manage authorization mechanisms

– Role-Based Access Control (RBAC) methods

– Rule-based access control methods

– Mandatory Access Control (MAC)

– Discretionary Access Control (DAC)

5.6 Prevent or mitigate access control attacks

5.7 Manage the identity and access provisioning lifecycle (e.g., provisioning, review)

– Identity management implementation (e.g., SSO, LDAP)

– Single/multi-factor authentication (e.g., factors, strength, errors)

– Accountability

– Session management (e.g., timeouts, screensavers)

– Registration and proofing of identity

– Federated identity management (e.g., SAML)

– Credential management systems

Domain 6:Security Assessment and Testing

6.1 Design and validate assessment and test strategies

6.2 Conduct security control testing

6.3 Collect security process data (e.g., management and operational controls)

6.4 Analyze and report test outputs (e.g., automated, manual)

6.5 Conduct or facilitate internal and third party audits

– Vulnerability assessment

– Penetration testing

– Log reviews

– Synthetic transactions

– Code review and testing (e.g., manual, dynamic, static, fuzz)

– Misuse case testing

– Test coverage analysis

– Interface testing (e.g., API, UI, physical)

– Account management (e.g., escalation, revocation)

– Management review

– Key performance and risk indicators

– Backup verification data

– Training and awareness

– Disaster recovery and business continuity

Domain 7:Security Operations

7.1 Understand and support investigations

7.2 Understand requirements for investigation types

7.3 Conduct logging and monitoring activities

7.4 Secure the provisioning of resources

7.5 Understand and apply foundational security operations concepts

7.6 Employ resource protection techniques

– Media management

– Hardware and software asset management

– Evidence collection and handling (e.g., chain of custody, interviewing)

– Reporting and documenting

– Investigative techniques (e.g., root-cause analysis, incident handling)

– Digital forensics (e.g., media, network, software, and embedded devices)

– Intrusion detection and prevention

– Security information and event management

– Continuous monitoring

– Egress monitoring (e.g., data loss prevention, steganography, watermarking)

– Asset inventory (e.g., hardware, software)

– Configuration management

– Physical assets

– Virtual assets (e.g., software-defined network, virtual SAN, guest operating systems)

– Cloud assets (e.g., services, VMs, storage, networks)

– Applications (e.g., workloads or private clouds, web services, software as a service)

– Need-to-know/least privilege (e.g., entitlement, aggregation, transitive trust)

– Separation of duties and responsibilities

– Monitor special privileges (e.g., operators, administrators)

– Job rotation

– Information lifecycle

– Service-level agreements

– Operational

– Criminal

– Civil

– Regulatory

– Electronic discovery (eDiscovery)

7.7 Conduct incident management

7.8 Operate and maintain preventative measures

7.9 Implement and support patch and vulnerability management

7.10 Participate in and understand change management processes (e.g., versioning, baselining, security impact analysis)

7.11 Implement recovery strategies

7.12 Implement disaster recovery processes

7.13 Test disaster recovery plans

7.14 Participate in business continuity planning and exercises

7.15 Implement and manage physical security

– Perimeter (e.g., access control and monitoring)

– Internal security (e.g., escort requirements/visitor control, keys and locks)

7.16 Participate in addressing personnel safety concerns (e.g., duress, travel, monitoring)

– Detection

– Response

– Mitigation

– Reporting

– Recovery

– Remediation

– Lessons learned

– Firewalls

– Intrusion detection and prevention systems

– Whitelisting/Blacklisting

– Third-party security services

– Sandboxing

– Honeypots/Honeynets

– Anti-malware

– Backup storage strategies (e.g., offsite storage, electronic vaulting, tape rotation)

– Recovery site strategies

– Multiple processing sites (e.g., operationally redundant systems)

– System resilience, high availability, quality of service, and fault tolerance

– Response

– Personnel

– Communications

– Assessment

– Restoration

– Training and awareness

– Read-through

– Walkthrough

– Simulation

– Parallel

– Full interruption

Domain 8:Software Development Security

8.1 Understand and apply security in the software development lifecycle

8.2 Enforce security controls in development environments

8.3 Assess the effectiveness of software security

– Auditing and logging of changes

– Risk analysis and mitigation

– Acceptance testing

8.4 Assess security impact of acquired software

Main › Cryptography Intro

Cryptography Intro

Cryptography Intro

Cryptography is an indispensable tool for protecting information in computer systems. In this course you will learn the inner workings of cryptographic systems and how to correctly use them in real-world applications. The course begins with a detailed discussion of how two parties who have a shared secret key can communicate securely when a powerful adversary eavesdrops and tampers with traffic. We will examine many deployed protocols and analyze mistakes in existing systems. The second half of the course discusses public-key techniques that let two parties generate a shared secret key. Throughout the course participants will be exposed to many exciting open problems in the field and work on fun (optional) programming projects.

COURSE AGENDA

1. Basics

  • Course Overview
  • What is Cryptography?
  • History of Cryptography
  • Discrete Probability (Crash Course)
  • Discrete Probability (Crash Course, Cont.)
  • Information Theoretic Security and The One Time Pad
  • Stream Ciphers and Pseudo Random Generators
  • Attacks on Stream Ciphers and The One Time Pad
  • Real-World Stream Ciphers
  • PRG Security Definitions
  • Semantic Security
  • Stream Ciphers are Semantically Secure

2. Block Ciphers

  • What are Block Ciphers?
  • The Data Encryption Standard
  • Exhaustive Search Attacks
  • More Attacks on Block Ciphers
  • The AES Block Cipher
  • Block Ciphers From PRGs
  • Review: PRPs and PRFs
  • Modes of Operation: One Time Key
  • Security for Many-Time Key (CPA security)
  • Modes of Operation: Many Time Key (CBC)
  • Modes of Operation: Many Time Key (CTR)

3. Message Integrity

  • Message Authentication Codes
  • MACs Based On PRFs
  • CBC-MAC and NMAC
  • MAC Padding
  • PMAC and the Carter-Wegman MAC
  • Introduction
  • Generic Birthday Attack
  • The Merkle-Damgard Paradigm
  • Constructing Compression Functions
  • HMAC
  • Timing attacks on MAC verification

4. Authenticated Encryption

  • Active Attacks on CPA-Secure Encryption
  • Definitions
  • Chosen Ciphertext Attacks
  • Constructions From Ciphers and MACs
  • Case Study: TLS 1.2
  • CBC Padding Attacks
  • Attacking Non-Atomic Decryption
  • Key Derivation
  • Deterministic Encryption
  • Deterministic Encryption: SIV and Wide PRP
  • Tweakable Encryption
  • Format Preserving Encryption

5. Basic Key Exchange

  • Trusted 3rd Parties
  • Merkle Puzzles
  • The Diffie-Hellman Protocol
  • Public-Key Encryption
  • Notation
  • Fermat and Euler
  • Modular e’th Roots
  • Reading: More background on number theory
  • Arithmetic algorithms
  • Intractable Problems

6. Public-Key Encryption

  • Definitions and Security
  • Constructions
  • The RSA Trapdoor Permutation
  • PKCS 1
  • Is RSA a One-Way Function?
  • RSA in Practice
  • The ElGamal Public-key System
  • ElGamal Security
  • ElGamal Variants With Better Security
  • A Unifying Theme