Opleidingen

OVERVIEW With this bundle you will receive instant access to 10 classes and corresponding material, over 100 hours of content One year of unlimited access Sample quiz questions Class slides and lab guides for all courses 5 PDF exam study guides Access to BTA portal with free content available monthly Access to new courses development within that year OBJECTIVES Train at your own pace on the most trendy Blockchain subjects. With 10 training classes, over 100 hours of content you are getting the most comprehensive Blockchain education available. CONTENT With the bundle you have one year of access to: Blockchain Overview: Business Foundations On Demand Blockchain Solution Architecture Training On Demand Blockchain Security Training On Demand Ethereum Developer Training On Demand    Data Science and Blockchain On Demand   Corda Distributed Ledger Architecture On Demand  Blockchain for Healthcare Professionals On Demand Hyperledger Developer Training On Demand Hyperledger Fabric v1.4: Architecting, Designing and Deploying a Network On Demand IoT and Blockchain

OVERVIEW With this bundle you will receive instant access to 10 classes and corresponding material, over 100 hours of content, and 6 Certifications vouchers One year of unlimited access Sample quiz questions Class slides and lab guides for all courses 5 PDF exam study guides Access to BTA portal with free content available monthly Access to new courses development within that year Access to 5 Tests and 1 retake OBJECTIVES Train at your own pace on the most trendy Blockchain subjects. With 10 training classes, over 100 hours of content you are getting the most comprehensive Blockchain education available. CONTENT With the bundle you have one year of access to: Blockchain Overview: Business Foundations On Demand Blockchain Solution Architecture Training On Demand Blockchain Security Training On Demand Ethereum Developer Training On Demand    Data Science and Blockchain On Demand   Corda Distributed Ledger Architecture On Demand  Blockchain for Healthcare Professionals On Demand Hyperledger Developer Training On Demand Hyperledger Fabric v1.4: Architecting, Designing and Deploying a Network On Demand IoT and Blockchain

OVERVIEW The CASE credential tests the critical security skills and knowledge required throughout a typical software development life cycle (SDLC), focusing on the importance of the implementation of secure methodologies and practices in today’s insecure operating environment. The CASE certified training program is developed concurrently to prepare software professionals with the necessary capabilities that are expected by employers and academia globally.It is designed to be a hands-on, comprehensive application security course that will help software professionals create secure applications. The training program encompasses security activities involved in all phases of the Software Development Lifecycle (SDLC): planning, creating, testing, and deploying an application. Unlike other application security trainings, CASE goes beyond just the guidelines on secure coding practices and includes secure requirement gathering, robust application design, and handling security issues in post development phases of application development. Java is the premier platform independent programming language. Java programs can run on Windows, Linux, or Macintosh. Beyond that, Java is the programming language for Java apps. These facts make Java an important programming language. Secure Java programming is becoming increasingly important. Particularly with Java being the language of Android apps. CASE Java will give you the skills you need to write secure Java applications. OBJECTIVES CONTENT Understanding Application Security, Threats, and Attacks Security Requirements Gathering Secure Application Design and Architecture Secure Coding Practices for Input Validation Secure Coding Practices for Authentication and Authorization Secure Coding Practices for Cryptography Secure Coding Practices for Session Management Secure Coding Practices for Error Handling Static and Dynamic Application Security Testing (SAST & DAST) Secure Deployment and Maintenance

OVERVIEW The Certified Application Security Engineer (CASE .NET) credential tests the critical security skills and knowledge required throughout a typical software development life cycle (SDLC), focusing on the importance of the implementation of secure methodologies and practices in today’s insecure operating environment. The CASE certified training program is developed concurrently to prepare software professionals with the necessary capabilities that are expected by employers and academia globally. It is designed to be a hands-on, comprehensive application security course that will help software professionals create secure applications. The training program encompasses security activities involved in all phases of the Software Development Lifecycle (SDLC): planning, creating, testing, and deploying an application. Unlike other application security trainings, CASE goes beyond just the guidelines on secure coding practices and includes secure requirement gathering, robust application design, and handling security issues in post development phases of application development. .Net is the Microsoft programming platform for both Windows applications and Web programming. The ubiquitous nature of Windows, secure .Net programming is clearly a critical skillset. CASE.Net will teach you the skills to write secure .Net applications. OBJECTIVES CONTENT Understanding Application Security, Threats, and Attacks Security Requirements Gathering Secure Application Design and Architecture Secure Coding Practices for Input Validation Secure Coding Practices for Authentication and Authorization Secure Coding Practices for Cryptography Secure Coding Practices for Session Management Secure Coding Practices for Error Handling Static and Dynamic Application Security Testing (SAST & DAST) Secure Deployment and Maintenance

OVERVIEW The Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) course teaches you security concepts, common network and application operations and attacks, and the types of data needed to investigate security incidents. This training teaches you how to monitor alerts and breaches, and how to understand and follow established procedures for response to alerts converted to incidents. Through a combination of lecture, hands-on labs, and self-study, you will learn the essential skills, concepts, and technologies to be a contributing member of a Cybersecurity Operations Center (SOC) including understanding the IT infrastructure, operations, and vulnerabilities. This course prepares you for the Cisco Certified Cybersecurity Associate certification. Please note that this course is a combination of Instructor-Led and Self-Paced Study - 5 days in the classroom and approx 1 day of self study. The self-study content will be provided as part of the digital courseware that you will recieve at the beginning of the course and should be part of your preparation for the exam. This course is worth 30 Continuing Education (CE) Credits towards recertification. e-Learning Interactive self-paced content that provides flexibility in terms of pace, place and time to suit individuals and organisations. These resources also consist of online books, educational podcasts and vodcasts, and video-based learning. OBJECTIVES After completing this course you should be able to: Explain how a Security Operations Center (SOC) operates and describe the different types of services that are performed from a Tier 1 SOC analyst's perspective. Explain Network Security Monitoring (NSM) tools that are available to the network security analyst. Explain the data that is available to the network security analyst. Describe the basic concepts and uses of cryptography. Describe security flaws in the TCP/IP protocol and how they can be used to attack networks and hosts. Understand common endpoint security technologies. Understand the kill chain and the diamond models for incident investigations, and the use of exploit kits by threat actors. Identify resources for hunting cyber threats. Explain the need for event data normalization and event correlation. Identify the common attack vectors. Identify malicious activities. Identify patterns of suspicious behaviors. Conduct security incident investigations. Explain the use of a typical playbook in the SOC. Explain the use of SOC metrics to measure the effectiveness of the SOC. Explain the use of a workflow management system and automation to improve the effectiveness of the SOC. Describe a typical incident response plan and the functions of a typical Computer Security Incident Response Team (CSIRT). Explain the use of Vocabulary for Event Recording and Incident Sharing (VERIS) to document security incidents in a standard format. CONTENT Defining the Security Operations Center Types of Security Operations Centers SOC Analyst Tools Data Analytics Understanding Network Infrastructure and Network Security Monitoring Tools NAT Fundamentals Packet Filtering with ACLs Hybrid Installations: Automated Reports, Anomaly Alerts Staffing an Effective Incident Response Team Rules in a Security Operations Center Developing Key Relationships with External Resources ACLs with the Established Option Access Control Models Authentication, Authorization and Accounting Load Balancing Network-Based Malware Protection Network Security Monitoring Tools Exploring Data Type Categories Network Security Monitoring Data Types Security Information and Event Management Systems Security Orchestration, Automation and Response Security Onion Overview Full Packet Capture Packet Captures Packet Capture Using Tcpdump Session Data Transaction Data Alert data Other Data Types Correlating NSM Data Information Security Confidentiality, Integrity and Availability Personally Identifiable Information Regulatory Compliance Intellectual Property Understanding Basic Cryptography Concepts Impact of Cryptography on Security Investigations Cryptography Overview Hash Algorithms Encryption Overview Cryptanalysis Symmetric Encryption Algorithms Asymmetric Encryption Algorithms Diffie-Helman Key Agreement Use Case: SSH Digital Signatures PKI Overview PKI Operations Use Case: SSL/TLS Cipher Suite Key Management NSA Suite B Understanding Common TCP/IP Attacks Address Resolution Protocol Legacy TCP/IP Vulnerabilties IP Vulnerabilities ICMP Vulnerabilities TCP Vulnerabilities UDP Vulnerabilities Attack Surface and Attack Vectors Reconnaissance Attacks Access Attacks Man-in-the-Middle Attacks Denial of Service and Distributed Denial of Service Reflection and Amplification Attacks Spoofing Attacks DHCP Attacks Understanding Endpoint Security Technologies Host-Based Personal Firewall Host-Based Antivirus Host Intrusion Prevention System Application Allowed Lists and Blocked Lists Host-Based Malware Protection Sandboxing File Integrity Checking Lab Set-Up Video: Explore Endpoint Security Understanding Incident Analysis in a Threat-Centric SOC Classic Kill Chain Model Overview Kill Chain Phase 1: Reconnaissance Kill Chain Phase 2: Weaponization Kill Chain Phase 3: Delivery Kill Chain Phase 4: Exploitation Kill Chain Phase 5: Installation Kill Chain Phase 6: Command-and-Control Kill Chain Phase 7: Actions on Objectives Applying the Kill Chain Model Diamond Model Overview Applying the Diamond Model MITRE ATTACK Framework Identifying Resources for Hunting Cyber Threats Cyber-Threat Hunting Concepts Hunting Maturity Model Cyber Threat Hunting Cycle Common Vulnerability Scoring System CVSS v3.0 Scoring CVSS v3.0 Example Hot Threat Dashboard Publicly Available Threat Awareness Resources Other External Threat Intelligence Sources and Feed Reference Security Intelligence Threat Analytic Systems Security Tools Reference Understanding Event Correlation and Normalization Event Sources Evidence Chain of Custody Security Data Normalization Event Correlation Other Security Data Manipulation Identifying Common Attack Vectors DNS Operations Dynamic DNS Recursive DNS Query HTTP Operations HTTPS Operations HTTP/2 Operations SQL Operations SMTP Operations Web Scripting Obfuscated JavaScript Shellcode and Exploits Common Metasploit Payloads Directory Traversal SQL Injection Cross-Site Scripting Punycode DNS Tunneling Pivoting HTTP 302 Cushioning Gaining Access Via Web-Based Attacks Exploit Kits Emotet Advanced Persistant Threat Identifying Malicious Activity Understanding the Network Design Zero Trust Model Identifying Possible Threat Actors Log Data Search System Logs Windows Event Viewer Firewall Log DNS Log Web Proxy Log Email Proxy Log AAA Server Log Next Generation Firewall Log Application Log NetFlow NetFlow as a Security Tool Network Behavior Anomaly Detection Data Loss Detection Using NetFlow example DNS Risk and Mitigation Tool IPS Evasion Techniques The Onion Router Gaining Access and Control Peer-to-Peer Networks Encapsulation Altered Disk Image Identifying Patterns of Suspicious Behavior Network Baselining Identifying Anomalies and Suspicious Behaviors PCAP Analysis Delivery Conducting Security Incident Investigations Security Incident Investigation Procedures Threat Investigation Example: China Chopper Remote Access Trojan Using a Playbook Model to Organize Security Monitoring Security Analytics Playbook Definition What is a Play? Playbook Management System Understanding SOC Metrics Security Data Aggregation Time to Detection Security Controls Detection Effectiveness SOC Metrics Understanding SOC Workflow and Automation SOC WMS Concepts Incident Response Workflow SOC WMS Integration SOC Workflow Automation Example Describing Incident Response Incident Response Planning Incident Response Life Cycle Incident Response Policy Elements Incident Attack Categories Reference US-CERT Incident Categories Regulartory Compliance Incident Response Requirements CSIRT Categories CSIRT Framework CSIRT Incident Handling CSIRT Incident Handling Services Understanding the Use of VERIS (Self-Study) VERIS Overview VERIS Incidents Structure VERIS  4 A's VERIS Records VERIS Community Database Verizon Data Breach Investigation Report and Cisco Annual Security Report Understanding Windows Operating System Basics (Self-Study) Windows Operating System History Windows Operating System Architecture Windows Processes, Threads and Handles Windows Virtual Memory Address Space Windows Services Windows File System Overview Windows File System Structure Windows Domains and Local user Accounts Windows GUI Run as Administrator Windows CLI Windows Powershell Windows net Command Controlling Startup Services and Executing System shutdown Controlling Services and Processes Monitoring System Resources Windows Boot Process Windows Networking Windows netstat Command Accessing Network Resources with Windows Windows Registry Windows Management Instrumentation Common Windows Server Functions Common Third-Party Tools Lab Set-up Video: Explore the Windows Operating System Understanding Linux Operating System Basics (Self-Study) History and Benefits of Linux Linux Architecture Linux File System Overview Basic File System Navigation and Management Commands File Properties and Permissions Editing File Properties Root and Sudo Disks and File Systems System Initialization Emergency/Alternate Startup Options Shutting Down the System System Processes Interacting with Linux Linux Command Shell Concepts Piping Command Output Other Useful Command-Line Tools Overview of Secure Shell Protocol Networking Managing Services in SysV Environments Viewing Running Network Services Name Resolution: DNS Testing Name Resolution Viewing Network Traffic Configuring Remote Syslog Running Software on Linux Executables vs Interpreters Using Package Managers to Install Software in Linux System Applications Lightweight Directory Access Protocol Lab Set-Up Video: Explore the Linux Operating System Labs Discovery Lab 1: Use NSM Tools to Analyze Data Categories Discovery Lab 2: Explore Cryptographic Technologies Discovery Lab 3: Explore TCP/IP Attacks Discovery Lab 4: Explore Endpoint Security Discovery Lab 5: Investigate Hacker Methodology Discovery Lab 6: Hunt Malicious Traffic Discovery Lab 7: Correlate Event Logs, PCAPs, and Alerts of an Attack Discovery Lab 8: Investigate Browser-Based Attacks Discovery Lab 9: Analyze Suspicious DNS Activity Discovery Lab 10: Explore Security Data for Analysis Discovery Lab 11: Investigate Suspicious Activity Using Security Onion Discovery Lab 12: Investigate Advanced Persistent Threats Discovery Lab 13: Explore SOC Playbooks Discovery Lab 14: Explore the Windows Operating System Discovery Lab 15: Explore the Linux Operating System

OVERVIEW The Implementing and Administering Cisco Solutions course provides a broad range of fundamental knowledge for all IT careers. Through a combination of lecture and hands-on labs, you will learn how to install, operate, configure, and verify a basic IPv4 and IPv6 network. The course covers configuring network components such as switches, routers, and Wireless LAN Controllers; managing network devices; and identifying basic security threats. Network programmability, automation, and software-defined networking are also covered at a foundational level. This course helps you prepare to take the 200-301 Cisco Certified Network Associate (CCNA) exam. Please note that this course is a combination of Instructor-Led and Self-Paced Study - 5 days in the classroom and approx 3 days of self study. The self-study content will be provided as part of the digital courseware that you recieve at the beginning of the course and should be part of your preparation for the exam. Lab access is provided for both the class and the self- study sections, lab access is valid for 60 hours or 90 days whichever is the shorter, so please ensure you exit the lab exercises when not in use. This course is worth 30 CE credits towards recertification OBJECTIVES After completing this course you should be able to: Identify the components of a computer network and describe their basic characteristics Understand the model of host-to-host communication Describe the features and functions of the Cisco Internetwork Operating System (IOS®) software Describe LANs and the role of switches within LANs Describe Ethernet as the network access layer of TCP/IP and describe the operation of switches Install a switch and perform the initial configuration Describe the TCP/IP Internet layer, IPv4, its addressing scheme, and subnetting Describe the TCP/IP Transport layer and Application layer Explore functions of routing Implement basic configuration on a Cisco router Explain host-to-host communications across switches and routers Identify and resolve common switched network issues and common problems associated with IPv4 addressing Describe IPv6 main features and addresses, and configure and verify basic IPv6 connectivity Describe the operation, benefits, and limitations of static routing Describe, implement, and verify virtual local area networks (VLANs) and trunks Describe the application and configuration of inter-VLAN routing Explain the basics of dynamic routing protocols and describe components and terms of Open Shortest Path First (OSPF) Explain how Spanning Tree Protocol (STP) and Rapid Spanning Tree Protocol (RSTP) work Configure link aggregation using EtherChannel Describe the purpose of Layer 3 redundancy protocols Describe basic WAN and VPN concepts Describe the operation of access control lists (ACLs) and their applications in the network Configure Internet access using Dynamic Host Configuration Protocol (DHCP) clients and explain and configure network address translation (NAT) on Cisco routers Describe basic quality of service (QoS) concepts Describe the concepts of wireless networks, which types of wireless networks can be built, and how to use Wireless LAN Controllers (WLCs) Describe network and device architectures and introduce virtualization Explain Software-Defined Networks Configure basic IOS system monitoring tools Describe the management of Cisco devices Describe the current security threat landscape Describe threat defense technologies Implement a basic security configuration of the device management plane Implement basic steps to harden network devices Discuss the need of network programmability in Enterprise Networks, common programmability protocols, and configuration management tools. Introducing AI and ML in Network Operations CONTENT Exploring the Functions of Networking What is a Computer Network? Common Usage of a Computer Network Components of a Network Characteristics of a Network Physical vs. Logical Topologies Interpreting a Network Diagram Impact of User Applications on the Network Introducing the Host-To-Host Communications Model Host-To-Host Communications Overview ISO OSI Reference Model TCP/IP Protocol Suite Peer-To-Peer Communications Encapsulation and De-Encapsulation TCP/IP Stack vs OSI Reference Model Operating Cisco IOS Software Cisco IOS Software Features and Functions Cisco IOS Software CLI Functions Cisco IOS Software Modes   Introducing LANs Local Area Networks LAN Components Need for Switches Characteristics and Features of Switches Exploring the TCP/IP Link Layer Ethernet LAN Connection Media Ethernet Frame Structure LAN Communication Types MAC Addresses Frame Switching Duplex Communication Starting a Switch Switch Installation Connecting to a Console Port Switch Components Switch LED Indicators Basic show Commands and Information Implement the Initial Switch Configuration Introducing the TCP/IP Internet Layer, IPv4 Addressing, and Subnets Internet Protocol Decimal and Binary Number Systems Binary-to-Decimal Conversion Decimal-to-Binary Conversion IPv4 Address Representation IPv4 Header Fields IPv4 Address Classes Subnet Masks Subnets Implementing Subnetting: Borrowing Bits Implementing Subnetting: Determining the Addressing Scheme Benefits of VLSM and Implementing VLSM Private vs. Public IPv4 Addresses Reserved IPv4 Addresses Verifying IPv4 Address of a Host Explaining the TCP/IP Transport Layer and Application Layer TCP/IP Transport Layer Functions Reliable vs.Best-Effort Transport TCP Characteristics UDP Characteristics TCP/IP Application Layer Introducing HTTP Domain Name System Explaining DHCP for IPv4 Exploring the Functions of Routing Role of a Router Router Components Router Functions Routing Table Path Determination Cisco Router Models Routing Hierarchy on Internet Configuring a Cisco Router Initial Router Setup Configuring Router Interfaces Configuring IPv4 Addresses on Router Interfaces Checking Interface Configuration and Status Exploring Connected Devices Using Cisco Discovery Protocol Configure and Verify LLDP Implement an Initial Router Configuration Exploring the Packet Delivery Process Layer 2 Addressing Layer 3 Addressing Default Gateways Address Resolution Protocol Host-To-Host Packet Delivery Troubleshooting a Simple Network Troubleshooting Methods Troubleshooting Tools Troubleshooting Common Switch Media Issues Troubleshooting Common Switch Port Issues Troubleshooting Common Problems Associated with IPv4 Addressing Introducing Basic IPv6 IPv4 Address Exhaustion Workarounds IPv6 Features IPv6 Addresses and Address Types Comparison of IPv4 and IPv6 Headers Internet Contorl Message Protocol Version 6 Neighbor Discovery IPv6 Address Allocation Verification of End-To-End IPv6 Connectivity Configuring Static Routing Routing Operation Static and Dynamic Routing Comparison When to Use Static Routing IPv4 Static Route Configuration Default Routes Verifying Static and Default Route Configuration IPv6 Static Route Configuration Implement IPv4 Static Routing Implement IPv6 Static Routing Implementing VLANs and Trunks VLAN Introduction Creating a VLAN Assigning a Port to a VLAN Trunking with 802.1Q  Configuring an 802.1Q Trunk VLAN Design Considerations Troubleshoot VLANS and Trunks Routing Between VLANs Purpose of Inter-VLAN Routing Options for Inter-VLAN Routing Implement Multiple VLANS and Basic Routing Between the VLANs Introducing OSPF Dynamic Routing Protocols Path Selection Link-State Routing Protocol Overview Link-State Routing Protocol Data Structures Introducing OSPF Establishing OSPF Neighbor Adjacencies OSPF Neighbor States SPF Algorithm Building a Link-State Database Routing for IPv6 Building Redundant Switched Topologies Physical Redundancy in a LAN Issues in Redundant Toplogies Spanning Tree Operation Types of Spanning Tree Protocols PortFast, BPDU Guard and BPDU Filter Rapid Spanning Tree Protocol STP Loop Guard STP Root Guard Improving Redundant Switched Topologies with EtherChannel EtherChannel Overview EtherChannel Configuration Options Configuring and Verifying EtherChannel Improve Redundant Switched Toplogies with EtherChannel Explaining the Basics of ACL ACL Overview ACL Operation ACL Wildcard Masking Wildcard Mask Abbreviations Types of Basic ACLs Configuring Standard IPv4 ACLs Configuring Extended IPv4 ACLs Verifying and Modifying IPv4 ACLs Applying IPv4 ACLs to Filter Network Traffic Implement Numbered and Named IPv4 ACLs Enabling Internet Connectivity Introducing Network Address Translation NAT Terminology and Translation Mechanisms Benefits and Drawbacks of NAT Static NAT and Port Forwarding Dynamic NAT Port Address Translation Configuring and Verifying Inside IPv4 NAT Implement PAT Introducing AL and ML in Network Operations Basics of AI and ML Advanced AI Concepts Retrieval-Augmented Generation Role of AI and ML in Network Operations Introducing System Monitoring Introducing Syslog Syslog Message Format SNMP Overview Enabling Network Time Protocol Configure System Message Logging Managing Cisco Devices Cisco IOS Integrated File System and Devices Stages of the Router Power-On Boot Sequence Loading and Managing System Images Files Loading Cisco IOS Configuration Files Validating Cisco IOS Images Using MD5/SHA512 Managing Cisco IOS Images and Device Configuration Files Cisco IOS WebUI Securing Administrative Access Network Device Security Overview Securing Access to Priviliged EXEC Mode Securing Console Access Securing Remote Access Configuring the Login Banner Limiting Remote Access with ACLs External Authentication Options Secure Device Administrative Access Implementing Device Hardening Securing Unused Ports Infrastructure ACL Disabling Unused Services Port Security Mitigating VLAN Attacks Dynamic ARP Inspection Mitigating STP Attacks Implement Device Hardening Exploring Layer 3 Redundancy (Self-Study) Need for Default Gateway Redundancy Understanding FHRP Understanding HSRP Introducing WAN Technologies (Self-Study) Introduction to WAN Technologies WAN Devices and Demarcation Point WAN Topology Options WAN Connectivity Options Virtual Private Networks Enterprise-Managed VPNs Introducing QoS (Self-Study) Converged Networks QoS Defined QoS Policy QoS Mechanisms QoS Models Deploying End-to-End QoS Explaining Wireless Fundamentals (Self-Study) Wireless Technologies Wireless Radio Communication WLAN Architectures WI-FI Channels AP and WLC Management Introducing Architectures and Virtualization (Self-Study) Introduction to Network Design Enterprise Three-Tier Hierarchical Network Design Spine - Leaf Network Design Cisco Enterprise Architecture Model Underlay and Overlay Network Concepts Cloud Computing Overview Network Device Architecture Virtualization Fundamentals Explaining Software-Defined Networking (Self-Study) Software-Defined Networking Traditional versus Software-Defined Networks Software-Defined Network Layers Introducing Cisco Catalyst Center Cisco Catalyst Center Dashboard and Tools Introducing Cisco SD-Access Introducing Cisco Catayst SD-WAN Introducing Cisco Meraki Introducing Network Programmability (Self-Study) Traditional Network Management Network Automation and Programmability Network Automation Use Cases Model-Driven Programmability Data Encoding Formats JavaScript Object Notation Extensible Markup Language YAML Data Serialisation Standard Network Management Protocols Configuration Management Tools Overview Ansible Terraform Examining the Security Threat Landscape (Self-Study) Security Threat Landscape Overview Malware Hacking Tools DoS and DDoS Spoofing Reflection and Amplification Attacks Social Engineering Evolution of Phishing Password Attacks Reconnaissance Attacks Buffer Overflow Attacks Man-in-the-Middle Attacks Vectors of Data Loss and Exfiltration Other Considerations Implementing Threat Defense Technologies (Self-Study) Information Security Overview Firewalls Intrusion Preventions Systems Protection Against Data Loss and Phishing Attacks Defending against DoS and DDoS Attacks Introduction to Cryptographic Technologies IPsec Security Services Secure Sockets Layer and Transport Layer Security Wireless Security Protocols Labs: Discovery 1: Get Started with Cisco Command-Line Interface (CLI) Discovery 2: Observe How a Switch Operates Discovery 3: Perform Basic Switch Configuration FAST Lab 1: Implement the Initial Switch Configuration Discovery 4: Inspect TCP/IP Applications Discovery 5: Configure an Interface on a Cisco Router Discovery 6: Configure and Verify Layer 2 Discovery Protocols FAST Lab 2: Implement an Initial Router Configuration Discovery 7: Configure Default Gateway Discovery 8: Explore Packet Forwarding Discovery 9: Troubleshoot Switch Media and Port Issues Discovery 10: Troubleshoot Port Duplex Issues Discovery 11: Configure Basic IPv6 Connectivity Discovery 12: Configure and Verify IPv4 Static Routes Discovery 13: Configure IPv6 Static Routes FAST Lab 3: Implement IPv4 Static Routing FAST Lab 4: Implement IPv6 Static Routing Discovery 14: Configure VLANs and Trunk FAST Lab 5: Troubleshoot VLANs and Trunk Discovery 15: Configure Inter-VLAN Routing FAST Lab 6:  Implement Multiple VLANs and Basic Routing Between the VLANs Discovery 16: Configure and Verify Single-Area OSPF Discovery 17: Configure and Verify EtherChannel FAST Lab 7: Improve Redundant Switched Topologies with EtherChannel Discovery 18: Configure and Verify IPv4 ACLs FAST Lab 8: Implement Numbered and Named IPv4 ACLs Discovery 19: Configure a Provider-Assigned IPv4 Address Discovery 20: Configure Static NAT Discovery 21: Configure Dynamic NAT and Port Address Translation (PAT) FAST Lab 9: Implement PAT Discovery 22: Configure and Verify NTP FAST Lab 10: Configure System Message Logging Discovery 23: Create the Cisco IOS Image Backup Discovery 24: Upgrade Cisco IOS Image Discovery 25: Secure Console and Remote Access Discovery 26: Enable and Limit Remote Access Connectivity FAST Lab 11: Secure Device Administrative Access Discovery 27: Configure and Verify Port Security FAST Lab 12: Implement Device Hardening Discovery 28: Log into and Monitor the WLC Discovery 29: Configure an Open Wireless Network Discovery 30: Define a RADIUS Server and Enable SNMP and Syslog Discovery 31: Configure a WLAN to Use WPA2 PSK

OVERVIEW Nederlands:  In deze cursus doet u basiskennis op van privacy- en gegevensbeschermingswetten en van hun toepassing in de praktijk. U maakt kennis met gemeenschappelijke principes en benaderingen van privacy  en met de belangrijkste privacymodellen die wereldwijd worden toegepast. Ook krijgt u een introductie in informatiebeveiligingsconcepten en in het beheer en het toezicht op informatiebeveiliging. Denk hierbij onder meer aan raamwerken, controle-instrumenten en identiteits- en toegangsbeheer. Ook doet u kennis op over online-privacy, dat sterk gerelateerd is aan het gebruik van persoonsgegevens op websites en voor andere internettechnologieën. U leert hoe u een privacyprogramma opzet op organisatieniveau, een raamwerk ontwikkelt en implementeert en resultaten verzamelt om de effectiviteit van het programma te meten. De cursus heeft een interactieve opbouw, waarbij u het geleerde in de praktijk brengt via levensechte scenario's. Hierbij beoordeelt u de praktische uitvoering van het privacyprogramma door middel van de privacy-lifecycle: beoordelen, beveiligen, handhaven en reageren Het  CIPM-programma is ontwikkeld door de International Association of Privacy Professionals (IAPP), 's werelds grootste community en informatiebron voor de meest uiteenlopende privacyonderwerpen. Dit tweedaagse programma gaat in op de principes achter informatieprivacy en privacybeheer in de Europese private sector. Het programma omvat onder meer: · Officiële digitale IAPP  CIPM-werkboeken · Officiële digitale IAPP CIPM-tekstboeken · Officiële IAPP CIPM-praktijktoetsen · Voucher voor het IAPP  CIPM-certificeringsexamen · Eenjarig lidmaatschap van de IAPP Om gebruik te kunnen maken van de lidmaatschapsdiensten van de IAPP, moeten uw contactgegevens aan de IAPP worden verstrekt. ==================================== English: In this course, you will gain foundational knowledge on concepts of privacy and data protection laws and practice. You will learn common principles and approaches to privacy as well as understand the major privacy models employed around the globe. An introduction to information security concepts and information security management and governance will be covered including frameworks, controls, and identity and access management. You will also learn about online privacy as it relates to using personal information on websites and other internet-related technologies. You will learn how to create a privacy program at an organizational level, develop and implement a framework, and establish metrics to measure program effectiveness. In an interactive format applying practices to a real-world scenario, you will review privacy program practices through the privacy life cycle: assess, protect, sustain and respond. The CIPM program was developed by the International Association of Privacy Professionals (IAPP), which is the world’s largest comprehensive global information privacy community and resource. This two-day programme covering the principals of information privacy and privacy management in the EU private-sector includes: Official digital IAPP CIPM Participant Guides Official digital IAPP CIPM Textbooks Official IAPP  CIPM Practice Tests IAPP CIPM Certification Exam Vouchers One-Year IAPP Membership Your contact information must be provided to the IAPP for membership services fulfilment OBJECTIVES Nederlands: Domein I biedt een degelijke basis voor het beheer van een privacyprogramma, en omschrijft hoe het programma kan worden ontwikkeld, gemeten en verbeterd. Domein II gaat in detail in op het beheer en de operations van het beheermodel voor het privacyprogramma, binnen de context van de privacystrategie van de organisatie. Het domein 'Operationele lifecycle van het privacyprogramma' bouwt voort op een gemeenschappelijk raamwerk dat in de hele branche wordt geaccepteerd. Dit raamwerk bestaat uit het beoordelen of analyseren van het privacybeleid van een organisatie, het beveiligen van informatiemiddelen via het implementeren van toonaangevende privacy- en beveiligingsmiddelen en -technologie, het handhaven van het privacyprogramma via communicatie, training en managementacties, en het reageren op privacy-incidenten. ================================= English Domain I provides a solid foundation for the governance of a privacy program and defines how the privacy program may be developed, measured and improved. Domain II details the management and operations of the privacy program governance model within the context of the organization’s privacy strategy. The Privacy Program Operational Life Cycle domain is built upon a common industry-accepted framework of: Assessing or analyzing an organization’s privacy regime; Protecting information assets through the implementation of industry-leading privacy and security controls and technology; Sustaining the privacy program through communication, training and management actions; and Responding to privacy incidents. CONTENT Nederlands:  I. Beheer van het privacyprogramma Organisatieniveau Een bedrijfsvisie creëren Kennis opdoen over privacybenaderingen Het beoogde doel evalueren Goedkeuring voor deze visie krijgen van 'executive sponsors' Een privacyprogramma opzetten Het bereik en handvest van het programma vastleggen De bron, de soorten en het gebruik van persoonsgegevens bepalen binnen de organisatie, en de toepasselijke wetten bepalen Een privacystrategie ontwikkelen Het privacyteam opbouwen Beheermodellen Een organisatorisch model, verantwoordelijkheden en een rapportagestructuur opzetten die passen bij de grootte van de organisatie Een aanspreekpunt aanwijzen voor privacyzaken Een manier opzetten/goedkeuren om professionele deskundigheid te meten Het raamwerk voor het privacyprogramma ontwikkelen Privacyregels, -standaarden en/of -richtlijnen ontwikkelen voor de organisatie Activiteiten binnen het privacyprogramma definiëren Het raamwerk voor het privacyprogramma implementeren Het raamwerk communiceren naar interne en externe belanghebbenden Zorgen voor continue uitlijning met toepasselijke wetten en regels, om zo de ontwikkeling van een privacyprogramma-raamwerk voor de organisatie te stimuleren Resultaten De beoogde doelgroep voor de resultaten bepalen Rapportagemiddelen bepalen Per doelgroep de privacyresultaten bepalen voor overzicht en beheer Verzamelpunten aanwijzen voor systemen/applicaties II. Operationele lifecycle van het privacyprogramma Uw organisatie beoordelen De huidige baseline van uw privacy documenteren Beoordelingen van verwerkers en externe leveranciers Fysieke beoordelingen Fusies, overnames en afstotingen Analyses en beoordelingen uitvoeren wanneer dat noodzakelijk of gepast is Beveiligen De lifecycle van gegevens (van aanmaken tot verwijderen) Werkwijzen voor informatiebeveiliging Privacy by Design Handhaven Meten Uitlijnen Auditeren Communiceren Monitoren Reageren Informatieverzoeken Privacy-incidenten ======================================== English: I. Privacy Program Governance Organization Level Create a company vision Acquire knowledge on privacy approaches Evaluate the intended objective Gain executive sponsor approval for this vision Establish a privacy program Define program scope and charter Identify the source, types, and uses of personal information (PI) within the organization and the applicable laws Develop a privacy strategy Structure the privacy team Governance models Establish the organizational model, responsibilities and reporting structure appropriate to the size of the organization Designate a point of contact for privacy issues Establish/endorse the measurement of professional competency Develop the Privacy Program Framework Develop organizational privacy policies, standards and/or guidelines Define privacy program activities Implement the Privacy Policy Framework Communicate the framework to internal and external stakeholders Ensure continuous alignment to applicable laws and regulations to support the development of an organizational privacy program framework Metrics Identify intended audience for metrics Define reporting resources Define privacy metrics for oversight and governance per audience Identify systems/application collection points II. Privacy Operational Life Cycle Assess Your Organization Document current baseline of your privacy Processors and third-party vendor assessment Physical assessments Mergers, acquisitions and divestitures Conduct analysis and assessments, as needed or appropriate Protect Data life cycle (creation to deletion) Information security practices Privacy by Design Sustain Measure Align Audit Communicate Monitor Respond Information requests Privacy incidents

OVERVIEW WHAT'S INCLUDED WITH THE BUNDLE Note: Please allow up to 72 hours for processing of bundle products European Data Protection Online Training CIPP/E Certification Exam Sample Questions European Data Protection: Law and Practice (Electronic Copy) 1 Year Complimentary IAPP Membership WHAT'S NEW: The IAPP's European Data Protection Online Training provides an in-depth review of the GDPR and critical data protection concepts!   Chock-full of rich imagery, video, and text, the training is a robust, self-paced course. It incorporates IAPP faculty presentations, interactive scenarios, and annotated quizzes to guide you through the complexities of the GDPR in an easy-to-follow, thorough format.   WHAT TO EXPECT:  The training comprises 11 modules with an audio run-time of approximately 2-3 hours. To get the greatest benefit from the course, however, you may wish to spend approximately an hour reviewing and exploring the content of each module.   The course offers learners an opportunity to learn about critical privacy concepts that are also integral to the CIPP/E exam. It is not purely a "test prep" class, nor does taking the training guarantee you'll pass your exam. It's appropriate for professionals who plan to certify, as well for those who want to deepen their privacy knowledge.   Give yourself the best chance of passing an exam by studying for 30 hours. As the IAPP training team revises or adds to the course content, your purchase will be automatically updated to reflect these changes. WHAT YOU'LL GET:    Your course includes everything you need to get started. And if you decide to aim for a credential, you'll have a head start!  Unlimited access to interactive online training, complete with video, interactive scenarios and full transcripts that you can review at your own pace with an internet connection Interactive quizzes to check your mastery of the subject matter Video clips of IAPP faculty describing and applying key course concepts Course textbook: European Data Protection: Law and Practice (Electronic Copy) CIPP/E Sample Questions (immediately accessible through your MyIAPP portal) WHAT YOU'LL TAKE AWAY: Instruction based on the Body of Knowledge for the globally recognized Certified Information Privacy Professional/Europe (CIPP/E) credential  Sought-after skills you can start applying right away Know-how you need to advance your career OBJECTIVES CONTENT Module 1: Data Protection Laws Introduces key European data protection laws and regulatory bodies, describing the evolution toward a harmonised legislative framework. Module 2: Personal Data Defines and differentiates between types of data, including personal, anonymous, pseudo-anonymous and special categories. Module 3: Controllers and Processors Describes the roles and relationships of controllers and processors. Module 4: Processing Personal Data Defines data processing and GDPR processing principles, explains the application of the GDPR and outlines the legitimate bases for processing personal data. Module 5: Information Provision Explains controller obligations for providing information about data processing activities to data subjects and supervisory authorities. Module 6: Data Subjects’ Rights Describes data subjects’ rights, applications of rights and controller and processor obligations. Module 7: Security of Processing Discusses considerations and duties of controllers and processors for ensuring security of personal data and providing notification of data breaches. Module 8: Accountability Investigates accountability requirements, including data protection management systems, data protection impact assessments, privacy policies and the role of the data protection officer. Module 9: International Data Transfers Outlines options and obligations for transferring data outside the European Economic Area, including adequacy decisions and appropriate safeguards and derogations. Module 10: Supervisions and Enforcement Describes the role, powers and procedures of supervisory authorities; the composition and tasks of the European DataProtection Board; the role of the European Data Protection Supervisor; and remedies, liabilities and penalties for non-compliance. Module 11: Compliance Discusses the applications of European data protection law, legal bases and compliance requirements for processing personal data in practice, including employers processing employee data, surveillance, direct marketing, Internet technology and communications and outsourcing

OVERVIEW Aligned with the ANAB-accredited CIPT certification program, Privacy in Technology instructs technology and data professionals on understanding and integrating strategies and techniques to minimize privacy threats. The training curriculum includes privacy-by-design principles; implementing data- and process-oriented strategies to support privacy policies; and managing threats from AI, location tracking and more. Please note: the CIPT exam is not included in this training and needs to be purchased separately. OBJECTIVES This course will enable you to: Identify the risks to privacy that are inherent throughout the data life cycle and explain how software security helps to mitigate privacy threats.   Outline how technical measures and privacy-enhancing technologies may be used to enhance privacy throughout all steps of the data life cycle. Explain the role of privacy engineering in an organization. Describe the process and methodology of the privacy-by-design model. Examine the unique challenges that come from online privacy issues. CONTENT Accessible online through your MyIAPP portal, seven interactive training modules present the content from highly experienced faculty through video, audio, text and interactive annotated quizzes. With an estimated duration of eight hours, you can start, stop and re-watch modules whenever it is convenient for you.   Privacy in Technology training teaches technology and data professionals how to understand and integrate strategies and techniques to minimize privacy threats. The curriculum includes privacy-by-design principles; implementing data- and process-oriented strategies to support privacy policies; and managing threats from AI, location tracking, etc. Made available digitally in your MyIAPP portal: Review questions to check your mastery of the subject matter. A printable certificate of attendance, available after you complete the training.

OVERVIEW The course covers all five of the CISA domains, and each section corresponds directly to the CISA job practice. It uses proven instructional design techniques, incorporating an online pre-assessment, narrated interactive eLearning modules, downloadable job aids, and a practice exam. You will be able to navigate the course at your own pace following a recommended structure or target preferred job practice areas. You may also start and stop the course based on your preferred study schedule, picking up exactly where you left off the next time you return. Learners will have access to the course for one year from date of purchase and will earn 28 CPE upon completion. This course has a seat time of approximately 22 hours and is accessed via the Learning Access tab of your MyISACA dashboard. Please note : The exam is not included with the course but can be purchased seperately. Included Materials: Online course Downloadable job aids Online self-assessment (50 questions) Online practice exam (75 questions) OBJECTIVES By the end of this course, you will: Gain a better understanding of IS audit and assurance guidelines and standards. Develop a working knowledge of the five domains of CISA. CONTENT Course Outline Domain 1 — Information System Auditing Process Plan an audit to determine whether information systems are protected, controlled, and provide value to the organization. Conduct an audit in accordance with IS audit standards and a risk-based IS audit strategy. Communicate audit progress, findings, results and recommendations to stakeholders. Conduct audit follow-up to evaluate whether risk has been sufficiently addressed. Evaluate IT management and monitoring of controls. Utilize data analytics tools to streamline audit processes. Provide consulting services and guidance to the organization in order to improve the quality and control of information systems. Identify opportunities for process improvement in the organization’s IT policies and practices. Domain 2 – Governance & Management of IT Evaluate the IT strategy for alignment with the organization’s strategies and objectives. Evaluate the effectiveness of IT governance structure and IT organizational structure. Evaluate the organization’s management of IT policies and practices. Evaluate the organization’s IT policies and practices for compliance with regulatory and legal requirements. Evaluate IT resource and portfolio management for alignment with the organization’s strategies and objectives. Evaluate the organization’s risk management policies and practices. Evaluate IT management and monitoring of controls. Evaluate the monitoring and reporting of IT key performance indicators (KPIs). Evaluate whether IT supplier selection and contract management processes align with business requirements. Evaluate whether IT service management practices align with business requirements. Conduct periodic review of information systems and enterprise architecture. Evaluate data governance policies and practices. Evaluate the information security program to determine its effectiveness and alignment with the organization’s strategies and objectives. Evaluate potential opportunities and threats associated with emerging technologies, regulations, and industry practices Domain 3 – Information Systems Acquisition, Development, & Implementation Evaluate whether the business case for proposed changes to information systems meet business objectives. Evaluate the organization’s project management policies and practices. Evaluate controls at all stages of the information systems development life cycle. Evaluate the readiness of information systems for implementation and migration into production. Conduct post-implementation review of systems to determine whether project deliverables, controls and requirements are met. Evaluate change, configuration, release, and patch management policies and practices. Domain 4 – Information Systems Operations and Business Resilience Evaluate the organization’s ability to continue business operations. Evaluate whether IT service management practices align with business requirements. Conduct periodic review of information systems and enterprise architecture. Evaluate IT operations to determine whether they are controlled effectively and continue to support the organization’s objectives. Evaluate IT maintenance practices to determine whether they are controlled effectively and continue to support the organization’s objectives. Evaluate database management practices. Evaluate data governance policies and practices. Evaluate problem and incident management policies and practices. Evaluate change, configuration, release, and patch management policies and practices. Evaluate end-user computing to determine whether the processes are effectively controlled. Domain 5 – Protection of Information Assets Conduct audit in accordance with IS audit standards and a risk-based IS audit strategy. Evaluate problem and incident management policies and practices. Evaluate the organization’s information security and privacy policies and practices. Evaluate physical and environmental controls to determine whether information assets are adequately safeguarded. Evaluate logical security controls to verify the confidentiality, integrity, and availability of information. Evaluate data classification practices for alignment with the organization’s policies and applicable external requirements. Evaluate policies and practices related to asset life cycle management. Evaluate the information security program to determine its effectiveness and alignment with the organization’s strategies and objectives. Perform technical security testing to identify potential threats and vulnerabilities. Evaluate potential opportunities and threats associated with emerging technologies, regulations, and industry practices.