Course Overview

Maintaining security of computing systems is a process of managing risk through the implementation of processes and standards backed by technologies and tools. In this course, you will learn about resources that can be used to help you implement and comply with your security requirements.

Course Objectives

  • Manage compliance with OpenSCAP.
  • Enable SELinux on a server from a disabled state, perform basic analysis of the system policy, and mitigate risk with advanced SELinux techniques.
  • Proactively identify and resolve issues with Red Hat Insights.
  • Monitor activity and changes on a server with Linux Audit and AIDE.
  • Protect data from compromise with USBGuard and storage encryption.
  • Manage authentication controls with PAM.
  • Manually apply provided Ansible Playbooks to automate mitigation of security and compliance issues.
  • Scale OpenSCAP and Red Hat Insights management with Red Hat Satellite and Red Hat Ansible Tower.

Course Content

  • Manage security and risk: Define strategies to manage security on Red Hat Enterprise Linux servers.
  • Automate configuration and remediation with Ansible: Remediate configuration and security issues with Ansible Playbooks.
  • Protect data with LUKS and NBDE: Encrypt data on storage devices with LUKS and use NBDE to manage automatic decryption when servers are booted.
  • Restrict USB device access: Protect system from rogue USB device access with USBGuard
  • .Control authentication with PAM: Manage authentication, authorization, session settings, and password controls by configuring pluggable authentication modules (PAMs).
  • Record system events with audit: Record and inspect system events relevant to security, using the Linux kernel’s audit subsystem and supporting tools.
  • Monitor file system changes: Detect and analyze changes to a server’s file systems and their contents using AIDE.
  • Mitigate risk with SELinux: Improve security and confinement between processes by using SELinux and advanced SELinux techniques and analyses.
  • Manage compliance with OpenSCAP: Evaluate and remediate a server’s compliance with security policies by using OpenSCAP.
  • Automate compliance with Red Hat Satellite: Automate and scale your ability to perform OpenSCAP checks and remediate compliance issues using Red Hat Satellite.
  • Analyze and remediate issues with Red Hat Insights: Identify, detect, and correct common issues and security vulnerabilities with Red Hat Enterprise Linux systems by using Red Hat Insights.
  • Perform a comprehensive reviewReview the content covered in this course by completing hands-on review exercises.

Course Overview

Manage security of Red Hat Enterprise Linux systems deployed in bare-metal, virtual, and cloud environments

Red Hat Security: Linux in Physical, Virtual, and Cloud (RH415) is designed for security administrators and system administrators who need to manage the secure operation of servers running Red Hat® Enterprise Linux®, whether deployed on physical hardware, as virtual machines, or as cloud instances.

This course is based on Red Hat Enterprise Linux 7.5, Red Hat Satellite 6.3, Red Hat Ansible® Engine 2.5, Red Hat Ansible Tower 3.2, and Red Hat Insights.

Maintaining security of computing systems is a process of managing risk through the implementation of processes and standards backed by technologies and tools. In this course, you will learn about resources that can be used to help you implement and comply with your security requirements.

Course Objectives

This course is intended to develop the skills needed to reduce security risk and to implement, manage, and remediate compliance and security issues in an efficient way. The tools and techniques can be used to ensure that systems are configured and deployed in a way that meets security and compliance needs, that they continue to meet those requirements, and that all existing systems can be audited and remediations and changes consistently applied as those requirements are revised. This flexibility may help the business to efficiently reduce risk of security breaches, which have a high cost in business disruption, brand erosion, loss of customer and shareholder trust, and financial costs for post-incident remediation. In addition, the organization may be able to use the tools in this course to help demonstrate that compliance requirements set by customers, auditors, or other stakeholders have been met.

As a result of attending this course, you should be able to use security technologies included in Red Hat Enterprise Linux to manage security risk and help meet compliance requirements.

After completing this course you  should be able to demonstrate these skills:

  • Analyze and remediate system compliance using OpenSCAP and SCAP Workbench, employing and customizing baseline policy content provided with Red Hat Enterprise Linux.
  • Monitor security-relevant activity on your systems with the kernel’s audit infrastructure.
  • Explain and implement advanced SELinux techniques to restrict access by users, processes, and virtual machines.
  • Confirm the integrity of files and their permissions with AIDE.
  • Prevent unauthorized USB devices from being used with USBGuard.
  • Protect data at rest but provide secure automatic decryption at boot using NBDE.
  • Proactively identify risks and misconfigurations of systems and remediate them with Red Hat Insights.
  • Analyze and remediate compliance at scale with OpenSCAP, Red Hat Insights, Red Hat Satellite, and Red Hat Ansible Tower.

Course Content

Manage security and risk

  • Define strategies to manage security on Red Hat Enterprise Linux servers.

Automate configuration and remediation with Ansible

  • Remediate configuration and security issues with Ansible Playbooks.

Protect data with LUKS and NBDE

  • Encrypt data on storage devices with LUKS and use NBDE to manage automatic decryption when servers are booted.

Restrict USB device access

  • Protect system from rogue USB device access with USBGuard.

Control authentication with PAM

  • Manage authentication, authorization, session settings, and password controls by configuring pluggable authentication modules (PAMs).

Record system events with audit

  • Record and inspect system events relevant to security, using the Linux kernel’s audit subsystem and supporting tools.

Monitor file system changes

  • Detect and analyze changes to a server’s file systems and their contents using AIDE.

Mitigate risk with SELinux

  • Improve security and confinement between processes by using SELinux and advanced SELinux techniques and analyses.

Manage compliance with OpenSCAP

  • Evaluate and remediate a server’s compliance with security policies by using OpenSCAP.

Automate compliance with Red Hat Satellite

  • Automate and scale your ability to perform OpenSCAP checks and remediate compliance issues using Red Hat Satellite.

Analyze and remediate issues with Red Hat Insights

  • Identify, detect, and correct common issues and security vulnerabilities with Red Hat Enterprise Linux systems by using Red Hat Insights.

Perform a comprehensive review

  • Review the content covered in this course by completing hands-on review exercises.

Course Overview

Provide help to secure, centralized identity management services to coordinate user authentication and authorization with client systems, network services, and Windows domains.

Course Description

Red Hat Security: Identity Management and Authentication (RH362) provides the skills to configure and manage Identity Management (IdM), the comprehensive identity management component bundled with Red Hat Enterprise Linux. This course helps students to gain the skills with this technology most requested by customers.

Some topics covered in this course are central management and provisioning of user accounts; design and installation of IdM server topologies; operation of the integrated DNS and TLS Certificate Authority services; management of two-factor authentication, smart card authentication, and operation as a single-sign on provider; integration and management of two-way trusts with Active Directory; and troubleshooting and disaster recovery planning. Registration of Linux clients to IdM and operation in enterprise environments that use both Linux and Microsoft Windows clients and servers is discussed.

Note: This course is five days. Durations may vary based on the delivery. For full course details, scheduling, and pricing, select your location then “get started” on the right hand menu.


Course Content Summary

– Design an Identity Management topology for scale and resiliency.

– Describe key technologies used by IdM, including SSSD, PAM, Kerberos, and PKI.

– Install Identity Management (IdM) servers, replicas, and clients using Ansible Playbooks.

– Manage IdM services, including integrated DNS and CA.

– Configure and manage Kerberos authentication and secure services.

– Configure and manage TLS certificates.

– Create and manage a trust relationship with Microsoft Active Directory.

– Configure to help secure user authentication, including two-factor authentication and single sign-on.

– Configure and manage Sudo, HBAC, and RBAC policies.

– Manage secrets, vaults, certificates, and keys.

– Troubleshoot identity management.

– Integrate Satellite 6 and Red Hat Ansible Automation Platform with IdM.

– Configure IdM backup and recovery.

Course Objectives

Impact on the organization

Businesses will be able to integrate and centralize lifecycle management and security policy implementation and enforcement, and extend that consolidated management to additional enterprise configuration management products from the Red Hat portfolio, including Red Hat Ansible Automation Platform and Red Hat Satellite Server.

Impact on the individual

As a result of attending this course, you will gain an understanding of the architecture of an identity management realm and trusted relationships using both Identity Management in Red Hat Enterprise Linux and Microsoft Active Directory. You will be able to create, manage, and troubleshoot user management structures, security policies, local and remote secure access methods, and implementation technologies such as SSSD, Kerberos, PKI, and certificates.

Course Content

  1. Identity Management in Red Hat Enterprise Linux Introduce Identity Management in Red Hat Enterprise Linux (IdM) and its high-level architecture.
  2. Identity Management Core Technologies Review the core technologies of Identity Management (IdM) in Red Hat Enterprise Linux.
  3. Installing Identity Management in Red Hat Enterprise Linux Install Identity Management servers, replicas, and clients on Red Hat Enterprise Linux 9.
  4. Implementing an Identity Management Topology Implement continuous functionality and high availability of IdM services in single-site and geographically distributed topologies.
  5. Managing the CA and DNS Integrated Services Manage the Certificate Authority (CA) and the Domain Name System (DNS) services that are integrated with Identity Management.
  6. Managing Users and Controlling User Access Configure users for authorized access to services and resources.
  7. Configuring Alternative Authentication Services Configure and manage smart card authentication, secrets, and two-factor authentication.
  8. Integrating Identity Management with Active Directory Implement a cross-forest trust between Identity Management and Active Directory, and configure ID views to map POSIX attributes to Active Directory users.
  9. Integrating Identity Management with Red Hat Utilities Integrate an Identity Management deployment with Red Hat Satellite and Red Hat Ansible Automation Platform.
  10. Troubleshooting and Disaster Recovery Planning for IdM Troubleshooting and preparing for disaster recovery with Identity Management.
  11. Comprehensive Review Build a small, resilient Identity Management topology to include multiple replicas and clients, populated with multiple users, credentials, policies, and access rights.

Course Overview

Provide help to secure, centralized identity management services to coordinate user authentication and authorization with client systems, network services, and Windows domains.

Course Description

Red Hat Security: Identity Management and Authentication (RH362) provides the skills to configure and manage Identity Management (IdM), the comprehensive identity management component bundled with Red Hat Enterprise Linux. This course helps students to gain the skills with this technology most requested by customers.

Some topics covered in this course are central management and provisioning of user accounts; design and installation of IdM server topologies; operation of the integrated DNS and TLS Certificate Authority services; management of two-factor authentication, smart card authentication, and operation as a single-sign on provider; integration and management of two-way trusts with Active Directory; and troubleshooting and disaster recovery planning. Registration of Linux clients to IdM and operation in enterprise environments that use both Linux and Microsoft Windows clients and servers is discussed.

Note: This course is five days. Durations may vary based on the delivery. For full course details, scheduling, and pricing, select your location then “get started” on the right hand menu.


Course Content Summary

– Design an Identity Management topology for scale and resiliency.

– Describe key technologies used by IdM, including SSSD, PAM, Kerberos, and PKI.

– Install Identity Management (IdM) servers, replicas, and clients using Ansible Playbooks.

– Manage IdM services, including integrated DNS and CA.

– Configure and manage Kerberos authentication and secure services.

– Configure and manage TLS certificates.

– Create and manage a trust relationship with Microsoft Active Directory.

– Configure to help secure user authentication, including two-factor authentication and single sign-on.

– Configure and manage Sudo, HBAC, and RBAC policies.

– Manage secrets, vaults, certificates, and keys.

– Troubleshoot identity management.

– Integrate Satellite 6 and Red Hat Ansible Automation Platform with IdM.

– Configure IdM backup and recovery.

Course Objectives

Impact on the organization

Businesses will be able to integrate and centralize lifecycle management and security policy implementation and enforcement, and extend that consolidated management to additional enterprise configuration management products from the Red Hat portfolio, including Red Hat Ansible Automation Platform and Red Hat Satellite Server.

Impact on the individual

As a result of attending this course, you will gain an understanding of the architecture of an identity management realm and trusted relationships using both Identity Management in Red Hat Enterprise Linux and Microsoft Active Directory. You will be able to create, manage, and troubleshoot user management structures, security policies, local and remote secure access methods, and implementation technologies such as SSSD, Kerberos, PKI, and certificates.

Course Content

  1. Identity Management in Red Hat Enterprise Linux Introduce Identity Management in Red Hat Enterprise Linux (IdM) and its high-level architecture.
  2. Identity Management Core Technologies Review the core technologies of Identity Management (IdM) in Red Hat Enterprise Linux.
  3. Installing Identity Management in Red Hat Enterprise Linux Install Identity Management servers, replicas, and clients on Red Hat Enterprise Linux 9.
  4. Implementing an Identity Management Topology Implement continuous functionality and high availability of IdM services in single-site and geographically distributed topologies.
  5. Managing the CA and DNS Integrated Services Manage the Certificate Authority (CA) and the Domain Name System (DNS) services that are integrated with Identity Management.
  6. Managing Users and Controlling User Access Configure users for authorized access to services and resources.
  7. Configuring Alternative Authentication Services Configure and manage smart card authentication, secrets, and two-factor authentication.
  8. Integrating Identity Management with Active Directory Implement a cross-forest trust between Identity Management and Active Directory, and configure ID views to map POSIX attributes to Active Directory users.
  9. Integrating Identity Management with Red Hat Utilities Integrate an Identity Management deployment with Red Hat Satellite and Red Hat Ansible Automation Platform.
  10. Troubleshooting and Disaster Recovery Planning for IdM Troubleshooting and preparing for disaster recovery with Identity Management.
  11. Comprehensive Review Build a small, resilient Identity Management topology to include multiple replicas and clients, populated with multiple users, credentials, policies, and access rights.

Course Overview

Learn how to detect insider threats triggered by anomalous or malicious user behavior. Get ready to install, configure, and tune IBM Security® QRadar UBA and the Machine Learning app. Improve your skill to investigate user behavior with UBA and expand your threat detection capabilities across your network with the QRadar® Advisor with Watson app.

Virtual Learning

This interactive training can be taken from any location, your office or home and is delivered by a trainer. This training does not have any delegates in the class with the instructor, since all delegates are virtually connected. Virtual delegates do not travel to this course, Global Knowledge will send you all the information needed before the start of the course and you can test the logins.

Course Objectives

  • Analyze UBA concepts, such as the senseValue variable, risk scores, and the IBM Sense DSM.
  • Identify how QRadar rules are connected to UBA and how user information is imported into the app.
  • Install and configure the app, as well as the User Import tool and the the Machine Learning app.
  • Tune UBA settings to improve the application’s behavior and performance.
  • Analyze how UBA can help you detect and investigate insider threats.
  • Analyze how to use the UBA Dashboard.
  • Investigate how to detect malicious user behavior.

Course Content

Unit 1: Architecture and Overview

Unit 2: Setup

  • Installation
  • Configuration
  • User Import
  • Machine Learning configuration

Unit 3: Tuning

Unit 4: An overview to detecting and investigating insider threats

Unit 5: Student exercise

Course Overview

In this course, you learn about the IBM Security® QRadar® SOAR architecture, and how to position the product in your company’s security architecture design. You gain hands-on experience with the SOAR interface, by investigating and managing cases and users with the SOAR Breach Response module, playbooks, and email integration.

Virtual Learning

This interactive training can be taken from any location, your office or home and is delivered by a trainer. This training does not have any delegates in the class with the instructor, since all delegates are virtually connected. Virtual delegates do not travel to this course, Global Knowledge will send you all the information needed before the start of the course and you can test the logins.

Course Objectives

In this course, you learn about the following topics:

  • QRadar SOAR architectural patterns
  • Install the product, and configure license and access
  • Review the SOAR Console
  • Manage cases
  • Utilize the concept of artifacts
  • Utilize case management capabilities
  • Integrate email system for users and case management
  • Focus on the Breach Response module
  • Gain hands-on experience with the SOAR platform
  • Design playbooks
  • Integrate IBM and third-party solutions with SOAR

Course Content

Getting started

  • Describe architectural patterns
  • Install the product and configure license and access
  • Review the SOAR Console
  • Manage cases and use Breach Response add-on
  • Utilize the concept of artifacts

Case management and email integration

  • Utilize case management capabilities
  • Integrate email system for users and case management
  • Focus on the Breach Response module

Playbooks and integrations

  • Gain hands-on experience with the SOAR platform
  • Design playbooks
  • Integrate IBM and third-party solutions with SOAR

Course Overview

In this course, you learn about the IBM Security® QRadar® EDR architecture and how to position the product within your company’s landscape of security solutions. You gain skills around how to install the QRadar EDR Hive on your premises and the EDR Agents on your endpoints. You can review the user interface and how to navigate the EDR Dashboard while investigating endpoint threats.

This course applies to version 3.12 of the on-premises QRadar EDR offering.

Virtual Learning

This interactive training can be taken from any location, your office or home and is delivered by a trainer. This training does not have any delegates in the class with the instructor, since all delegates are virtually connected. Virtual delegates do not travel to this course, Global Knowledge will send you all the information needed before the start of the course and you can test the logins.

Course Objectives

In this course, you learn to perform the following tasks:

  • Navigate the QRadar EDR Dashboard
  • Describe the QRadar EDR architecture
  • Install the on-premises QRadar EDR Hive and configure the initial setup
  • Deploy the QRadar EDR Agent on your endpoints
  • Investigate threats on endpoints
  • Manage endpoints
  • Understand and respond to alerts and trends
  • Act upon behavioral malware and ransomware attacks
  • Configure notifications and Simple Mail Transfer Protocol
  • Set up forwarding alerts
  • Define policies
  • Handle downloaded and quarantined files from your endpoints
  • Set up users, groups, and clients
  • Configure Hive-Cloud Score
  • Create applications
  • Monitor audit logs

Course Content

Getting started

  • Dashboard overview
  • Architecture
  • QRadar EDR on-prem installation
  • Downloading, installing, and updating the QRadar EDR Agent

Protecting your endpoints

  • Investigating threats on endpoints
  • Managing endpoints
  • Understanding and responding to alerts and trends
  • Acting upon behavioral malware and ransomware attacks
  • Hunting for threats on your endpoint using a QRadar EDR lab

Administering your environment

  • Configuring notifications and Simple Mail Transfer Protocol (SMTP)
  • Setting up forwarding alerts
  • Defining policies
  • Handling downloaded and quarantined files from your endpoints
  • Setting up users, groups, and clients
  • Configuring Hive-Cloud Score
  • Creating applications
  • Monitoring audit logs

Course Overview

This two-day course provides the opportunity for students to develop the knowledge and skills required to configure, operate, monitor, and maintain Paragon Active Assurance deployments. 

The goal of the Paragon Active Assurance course is to give students hands-on experience with the tools they require to effectively use and manage Paragon Active Assurance Control Center and the Test Agents.

The Paragon Active Assurance for Automated WAN (PAAW) course is an intermediate level course.

Relevant Juniper Product

• Paragon Active Assurance

Course Objectives

• Deploy and administer Paragon Active Assurance.

• Monitor and test network performance using Paragon Active Assurance.

• Integrate Paragon Active Assurance into OSS.

• Test site activation using Paragon Active Assurance.

Course Content

Day 1

Course Introduction

PAA Solution Components

• PAA Overview

• Passive and Active Monitoring

• Use Cases

Test Agent Architecture

• Test Agents Overview

• Appliance

• Application

Lab 1: Test Agent Registration

Tests

• Overview

• Types of Tests

• Test Status

Lab 2: Site Activation Testing

Day 2

Monitors

• Overview

• Types of Monitors

• Monitor Status

Lab 3: Continuous Network Performance Monitoring

Testing and Monitoring Templates

• Overview

• Types of Templates

Lab 4: Working with Templates

Getting Ready with REST APIs

• Overview

• Main Concepts

• SWAGGER tool

• Use Cases

Lab 5: Automation via REST APIs

Management and Integration with OSS

• Inventory

• Alarms

• SNMP

• Applications

• OSS Integration

The following Appendices be covered, if time permits, and are requested by the delegate/s prior to booking:

Appendix A: NETCONF and YANG APIs

• NETCONF

• YANG

Appendix B: Lifecycle Management

• Overview

• Fundamentals for the PAA Installation

• Service Configuration

• Monitoring System Health

• System Troubleshooting

Course Overview

The Prisma Access SASE Security: Design and Operation (EDU-318) course describes Panorama Managed Prisma Access Secure Access Service Edge (SASE) and how it helps organizations embrace cloud and mobility by providing network and network security services from the cloud. This course is intended for people in public cloud security and cybersecurity or anyone wanting to learn how to secure remote networks and mobile users.

Course Objectives

Successful completion of this four-day, instructor-led course will help:

  • Enhance your understanding of how to protect better your applications,remote networks, and  mobile users using a SASE implementation.
  • You will get hands-on experience configuring, managing, and troubleshooting Prisma Access ina lab environment.

Course Content

1- Prisma AccessOverview
2- Planning and Design
3- Routing and SD-WANDesign
4- Zero Trust Network Access (ZTNA) Connector
5- Activate and Configure
6- Security Processing Nodes
7- Panorama Operations for Prisma Access
8- Remote Networks
9- Mobile Users
10- Cloud Secure Web Gateway
11- Tune,Optimize, and Troubleshoot
12- Manage Multiple Tenants
13- Insights
14- ADEM
15- Next Steps

Schedule

Day 1 Chapters 1,2 and 3
Day 2 Chapters 4,5 and6
Day 3 Chapters 7, 8, 9, and 10
Day 4 Chapters 11, 12, 13, and 14

Course Overview

The Palo Alto Networks Panorama: NGFW Management course is two days of instructor-led training that should help you to:

– Learn how to configure and manage the next-generation Panorama management server

– Gain experience configuring templates (including template variables) and device groups

– Gain experience with administration, log collection, and logging and reporting

– Become familiar with planning and design considerations for Panorama deployment

Course Objectives

This course should help students gain in-depth knowledge about configuring and managing a Palo Alto Networks Panorama management server. Administrators that complete this course should become familiar with the Panorama management server’s role in managing and securing the overall network.

Network professionals will be shown how to use Panorama aggregated reporting to provide them with a holistic view of a network of Palo Alto Networks next[1]generation firewalls

Course Content

Course Modules

1 – Initial Configuration

2 – Adding Firewalls

3 – Templates

4 – Device Groups

5 – Log Collection and Forwarding

6 – Using Panorama Logs

7 – Panorama Administrative Accounts

8 – Reporting

9 – Troubleshooting