IT-kurs
Sikkerhetskurs for IT
Hordaland
Du har valgt: Bergen
Nullstill
Filter
Ferdig

-

Nettkurs 5 dager 19 850 kr
01 Feb
Instructor-Led Virtual - Live Online Training - 5 halve dager 10.00 - 14.00 [+]
The course is three days of instructor-led training that will help you: Investigate networking issues using firewall tools including the CLI Follow proven troubleshooting methodologies specific to individual features Analyze advanced logs to resolve various real-life scenarios Solve advanced, scenario-based challenges   COURSE OBJECTIVESSuccessful completion of this three-day, instructor-led course will enhance the participant’s understanding of how to troubleshoot the full line of Palo Alto Networks® next-generation firewalls. Participants will receive hands-on opportunities to troubleshoot common problems related to the configuration and operation of the security features of the Palo Alto Networks® PAN-OS® operating system. Completion of this class will help participants develop an in-depth knowledge of how to troubleshoot visibility and control over applications, users, and content.   SCOPE Course level: Advanced Course duration: 3 days Course format: Lecture and hands-on labs Platform support: Palo Alto Networks® next-generation enterprise firewalls running the PAN-OS® operating system Language: Undervisning og dokumentasjon er på engelsk [-]
Les mer
Nettkurs 5 900 kr
Kurset gir en viktig og grunnleggende innføring i de mest sentrale juridiske og praktiske forhold styremedlemmer i aksjeselskaper bør kjenne til - herunder GDPR. [+]
Bli autorisert styremedlem Trenger du eller ditt styre å øke sin kompetanse og profesjonalitet innen styrearbeid? Gjennom Styreskolen tilbyr Foreningen for bedre styrearbeid et nettbasert autorisasjonskurs i styrearbeid. Kurset gir en grunnleggende innføring i de mest sentrale juridiske og praktiske forhold daglig leder og styremedlemmer i et aksjeselskap bør kjenne til. Du vil gjennom kurset få en kompetansetilførsel som gjør at du kan utøve ditt verv mer korrekt og profesjonelt.  Kurset passer blant annet for de som ønsker å: Styrke sin kompetanse innen styrearbeid Oppdatere seg på styrerelaterte endringene i aksjeloven og GDPR Kontrollere at de kan det mest elementære innen styrearbeid Dokumentere sin basiskompetanse i styrearbeid gjennom et autorisasjonsbevis Kurset Kurset er 100 prosent nettbasert (tilpasset både mobil, nettbrett og/eller PC) og består av følgende 20 seksjoner: Selskapsformer Generalforsamling Forvaltning- og tilsynsansvar Inhabilitet Sammensetning av styret Ansatterepresentanter Styrets leder Styreinstruks Daglig leder og styret Taushetsplikt Innkalling til styremøte Styrehonorar Behandling av styresaker GDPR for styret Styreprotokoll Styrets årsplan Erstatningsansvar Styreevaluering Årsregnskap Før du takker ja til nytt styreverv Eksamen Kurset avsluttes med en nettbasert eksamen som består av 40 flervalgsoppgaver. Du kan ta eksamen flere ganger. Autorisasjonsbevis Ved bestått eksamen vil du automatisk motta autoriseringsbevis fra Foreningen for bedre styrearbeid. Flere kursdeltakere Ta styrearbeidet på alvor og la hele styret og daglig leder ta kurs i styrearbeid på selskapets regning. Pris for hele styret + daglig leder er kr 15.000 + mva. Dersom flere personer i samme organisasjon tar autoriseringskurset kan daglig leder eller styrets leder be om å få sendt faktura og innloggingskoder til selskapet ved å kontakte på post@styreskolen.org.   Om Styreskolen Styreskolen er utviklet av Foreningen for bedre styrearbeid og Orgbrain - som er spesialist innen utvikling av digitale løsninger innen styrearbeid. Selskapets arbeid støttes av Innovasjon Norge og Norges Forskningsråd. «Styreskolen er blant annet basert på praktiske problemstillinger jeg har opplevd som både daglig leder, styremedlem og styreleder i en rekke selskaper gjennom 20 år. Dersom du lærer deg pensumet i Styreskolen har du et godt grunnlag for å kunne håndtere mange av de utfordringer du vil møte som både styreleder og styremedlem.» - Dag Asheim, Styreleder i Foreningen for bedre styrearbeid Varighet Kurset vil være tilgjengelig i 12 måneder fra betalingstidspunkt. Det må påregnes at det tar rundt 20 timer å gjennomføre kurset og eksamen. Starter du kurset i dag kan du være autorisert styremedlem innen neste uke.    Besøk oss på www.styreskolen.org   [-]
Les mer
Nettkurs 5 dager 19 850 kr
Instructor-Led Virtual - Live Online Training 5 x half-day sessions [+]
    Successful completion of this instructor-led course with hands-on lab activities should enhance the student’s understanding of how to activate a Cortex XDR instance.   Differentiate the architecture and components of the Cortex XDR family Describe Cortex, Cortex Data Lake, the Customer Support Portal, and the hub Activate Cortex XDR, deploy the agents, and work with the management console Work with the Cortex XDR management console, describe a typical management page, and work with the tables and filters Create Cortex XDR agent installation packages, endpoint groups, policies, and profiles Create and manage exploit and malware profiles, and perform response actions Describe detection challenges with behavioral threats Differentiate the Cortex XDR rules BIOC and IOC, and create and manage them Describe the Cortex XDR causality analysis and analytics concepts Triage and investigate alerts and incidents, and create alert starring and exclusion policies Work with the Causality and Timeline Views and investigate threats in the Query Center   ObjectivesSuccessful completion of this instructor-led course with hands-on lab activities should enhance the student’s understanding of how to activate a Cortex XDR instance; create agent installation packages to install the Cortex XDR agents; create security policies and profiles to protect endpoints against multi-stage, fileless attacks built using malware and exploits; respond to attacks using response actions; understand behavioral threat analysis, log stitching, agent-provided enhanced endpoint data, and causality analysis; investigate and triage attacks using the incident management page of Cortex XDR and analyze alerts using the Causality and Timeline analysis views; use API to insert alerts; create BIOC rules; and search a lead in raw data sets in Cortex Data Lake using Cortex XDR Query Builder.   Course Modules1. Cortex XDR Family Overview2. Working with the Cortex Apps3. Getting Started with Endpoint Protection4. Malware Protection5. Exploit Protection6. Exceptions and Response Actions7. Behavioral Threat Analysis8. Cortex XDR Rules9. Incident Management10. Alert Analysis Views11. Search and Investigate12. Basic Troubleshooting   [-]
Les mer
3 dager 18 000 kr
22 Mar
31 May
ISO/IEC 27005 Risk Manager training enables you to develop the competence to master the risk management process related to all assets of relevance for Information Securit... [+]
ISO/IEC 27005 Risk Manager training enables you to develop the competence to master the risk management process related to all assets of relevance for Information Security using the ISO/IEC 27005 standard as a reference framework. During this training course, you will also gain a thorough understanding of best practices of risk assessment methods such as OCTAVE, EBIOS, MEHARI and harmonized TRA. This training course corresponds with the implementation process of the ISMS framework presented in the ISO/IEC 27001 standard. Course Objectives Acknowledge the correlation between Information Security risk management and security controls Understand the concepts, approaches, methods and techniques that enable an effective risk management process according to ISO/IEC 27005 Learn how to interpret the requirements of ISO/IEC 27001 in Information Security Risk Management Acquire the competence to effectively advise organizations in Information Security Risk Management best practices Content Day 1:  Introduction to Information Security controls as recommended by ISO/IEC 27002 Course objectives and structure Concepts and definitions of risk Standard and regulatory framework Implementing a risk management programme Understanding the organization and its context Day 2:  Implementation of a risk management process based on ISO/IEC 27005 Risk identification Risk analysis and risk evaluation Risk assessment with a quantitative method Risk treatment Risk acceptance and residual risk management Information Security Risk Communication and Consultation Risk monitoring and review Day 3:  Overview of other Information Security risk assessment methods and Certification Exam OCTAVE Method MEHARI Method EBIOS Method Harmonized Threat and Risk Assessment(TRA) Method Certification test [-]
Les mer
Nettstudier 2 semester 4 980 kr
På forespørsel
Trusselbildet, styringssystemer, rammer for sikkerhetsarbeidet, sikkerhetsstandardene ISO27001 og 27002, gap-analyse, risikoanalyse, sikkerhetspolicy, ulike sikringstilta... [+]
Studieår: 2013-2014   Gjennomføring: Høst og vår Antall studiepoeng: 5.0 Forutsetninger: IFUD1012 Internett og sikkerhet Innleveringer: Øvinger: 3 av 5 må være godkjent. Vurderingsform: Skriftlig eksamen, 3 timer (60 %). Det gjennomføres 3 obligatoriske større øvingsarbeider gruppevis underveis i kurset. Disse får en midlertidig vurdering/tilbakemelding og kan deretter leveres på nytt til en samlet sluttvurdering som teller 40 % på karakteren. Ansvarlig: Ole Christian Eidheim Eksamensdato: 12.12.13 / 26.05.14         Læremål: Etter å ha gjennomført emnet Informasjonssikkerhetsstyring skal studenten ha følgende samlede læringsutbytter: KUNNSKAPER:Kandidaten:- kan gjøre rede for hva informasjonssikkerhet betyr for en bedrifts økonomi og omdømme- kan gjøre rede for hva standardene ISO 27001 og ISO 27002 inneholder og hvordan de benyttes i sikkerhetsarbeidet- kjenner til prinsippene i Demmings sirkel og kunne redegjøre for betydningen av disse for det kontinuerlige sikkerhetsarbeidet- kjenner til en trinnvis plan for innføring av et styringssystem for informasjonssikkerhet (ISMS) og kunne redegjøre for de kritiske suksessfaktorene i hver av fasene- kan redegjøre for forutsetninger og tiltak for å skape en sikkerhetskultur i en bedrift- kan redegjøre for den trinnvise prosessen frem mot sertifisering av et ISMS eller produkt- kan redegjøre for rollen til målinger og evalueringer i sikkerhetsarbeidet FERDIGHETER:Kandidaten kan:- kartlegge trusselbildet for en konkret bedrift- gjennomføre en risikoanalyse for en bedrift på en strukturert og systematisk måte- innføre tiltak for å redusere risikoverdien for kartlagte trusler som har for høy risikoverdi- velge og utarbeide relevante sikkerhetspolicyer for en konkret bedrift- utarbeide forslag til en organisasjonsstruktur for sikkerhetsarbeidet i en konkret bedrift- analysere behovet for sertifisering av ISMS for en konkret bedrift og gi anbefalinger om veien dit GENERELL KOMPETANSE:Kandidaten kan:- kommunisere med og forstå brukernes behov- involvere de ansatte i endringsprosesser i bedriften og vite hvilke ressurser/kompetanse disse kan bidra med- involvere eksterne konsulenter i endringsprosesser i bedriften og vite hvilke ressurser/kompetanse disse kan bidra med Innhold:Trusselbildet, styringssystemer, rammer for sikkerhetsarbeidet, sikkerhetsstandardene ISO27001 og 27002, gap-analyse, risikoanalyse, sikkerhetspolicy, ulike sikringstiltak, sikkerhetskultur, sikkerhet i informasjonssystemer, veien til sertifisering, måling og evaluering, kontinuerlig forbedringLes mer om faget her Påmeldingsfrist: 25.08.13 / 25.01.14         Velg semester:  Høst 2013    Vår 2014     Fag Informasjonssikkerhetsstyring 4980,-         Semesteravgift og eksamenskostnader kommer i tillegg.    [-]
Les mer
4 dager 20 000 kr
This 4-day course teaches the skills required to design, operate, and maintain your PKI system. [+]
Public Key Infrastructure (PKI) is a core service that facilitates authentication, encryption, and digital signing. This 4-day course teaches the skills required to design, operate, and maintain your PKI system. The training begins with an overview of cryptography and the working principals of algorithms. After gaining an understanding of certificates, you will learn about the considerations for designing a highly reliable Certification Authority structure. Practical implementation examples are given in both Windows and Linux environments. Use-cases show how PKI can be used for, among others, securing websites, encrypting storage, validating executable code, and protecting communication.   Course outline: Cryptography Basics: Introduction to Cryptography: Symmetric Cryptography Asymmetric Cryptography Hash Functions Security Goals Usage Scenarios Encryption Signing Components of PKI Algorithms, Protocols and Standards DES and 3DES RSA Object Identifiers X.500, X.509 PKCS#10, PKCS# Understanding Certificates Structure and Content Extensions Getting Started with CAs: Using External CAs Self-signed Certificates CA Hierarchy Writing Policies Certificate Policy Certification Practice Statement Windows Server Certificate Security Choosing an Architecture Implementing a CA Hierarchy Certificate Templates Issuing Certificates Certificate Renewal OpenSSL on Linux Maintaining a CA Verifying and Monitoring Backup Certificate Revocation Reasons for Revocation Methods of Revocation Checking Practical Applications: SSL for Web Server Internet Information Services (IIS) Apache (optional) Certificate-based Authentication Authentication User Authentication vs Server Authentication Considering Smart Card Logon Virtual Private Networking (optional) Wi-Fi with 802.1x Encrypting File System (EFS) Local EFS Encryption EFS Within a Domain Recovery Securing E-Mail Certificate Requirements Signing in Outlook Encryption in Outlook Code Signing Time Stamping Signing PowerShell Scripts (optional) Signing Visual Studio Files (optional) Signing Office VBScript Code Other PKI-Enable Applications   [-]
Les mer
Nettstudier 2 semester 4 980 kr
På forespørsel
Skadelig programvare: sikkerhetshull, informasjonskapsler, virus og antivirus Nettverk: Virtuelle private nett (VPN), brannmur, demilitarisert sone (DMZ), tjenestenektang... [+]
Studieår: 2013-2014   Gjennomføring: Høst og vår Antall studiepoeng: 5.0 Forutsetninger: Ingen. Innleveringer: For å kunne gå opp til eksamen må 8 av 12 øvinger være godkjent. Personlig veileder: ja Vurderingsform: Skriftlig, individuell, 3 timer,  Ansvarlig: Olav Skundberg Eksamensdato: 16.12.13 / 26.05.14         Læremål: KUNNSKAPER:Kandidaten kan:- forklare hvordan en datamaskin utsettes for angrep gjennom skadelig programvare og hvordan man kan beskytte seg mot dette- beskrive ulike typer nettbaserte angrep og hvordan man kan beskytte seg mot dette- beskrive ulike krypteringsmekanismer og forklare hvordan digitale sertifikat brukes for å oppnå sikre tjenester.- referere til aktuelle lover og retningslinjer innen sikkerhet- gjøre greie for en organisasjonsmessig informasjonssikkerhetssikkerhetspolicy FERDIGHETER:Kandidaten kan:- kontrollere egen PC for skadelig programvare- kontrollere at installert programvare er oppdatert- utføre pakkefangst med Wireshark og tolke resultatet GENERELL KOMPETANSE:Kandidaten:- er bevisst på å holde programvare oppdatert og å bruke nettvett Innhold:Skadelig programvare: sikkerhetshull, informasjonskapsler, virus og antivirus Nettverk: Virtuelle private nett (VPN), brannmur, demilitarisert sone (DMZ), tjenestenektangrep Sikre tjenester: Krypteringsmetoder og sjekksum. Digitale sertifikater og Public Key Infrastructure (PKI) Samfunn og virksomhet: ekom-loven og personvernloven. Sikkerhetshåndbok og ISO27001Les mer om faget herDemo: Her er en introduksjonsvideo for faget Påmeldingsfrist: 25.08.13 / 25.01.14         Velg semester:  Høst 2013    Vår 2014     Fag Internett og sikkerhet 4980,-         Semesteravgift og eksamenskostnader kommer i tillegg.  [-]
Les mer
Nettkurs 1 050 kr
Personvernregler i praksis ved opphør av arbeidsforhold [+]
Alle nåværende arbeidstakere såvel som tidligere ansatte har rettigheter som får betydning i forhold til i hvilken grad, hvordan og hvor lenge en arbeidsgiver kan behandle personlig informasjon. På dette times nettkurset setter vi fokus på regler og problemstillinger som oppstår når arbeidstaker skal slutte.  Personvernerklæring  Informasjon i personalmappen og andre steder Oppbevaringsplikt - hvilke opplysninger er arbeidsgiver pålagt å oppbevare etter utløpet av oppsigelsestiden og hvor lenge skal slike opplysninger oppbevares.  Kan vi oppbevare personopplysninger av historisk interesse? Sletting - hvilke opplysninger skal arbeidsgiver slette Innsyn i epost og filer etter arbeidsforholdet opphør Praktisk informasjon Dette er et nettbasert kurs. En beskrivelse av hvordan oppkobling skjer vil bli sendt i forkant av kurset. Webinaret forutsettes vist på egen PC på din arbeidsplass. Vi anbefaler deg å sitte avskjermet i eget rom, eller sammen med andre som tar samme kurset. Du må logge deg på webinaret lokalt (ikke via terminalserver/Citrix) og ha på lyd. [-]
Les mer
Oslo 5 dager 25 000 kr
15 Feb
15 Feb
19 Apr
Now completely updated for 2020 with the latest material. (ISC)2 Certified Information Systems Security Professional (CISSP) is an independent information security certif... [+]
Now completely updated for 2020 with the latest material. (ISC)2 Certified Information Systems Security Professional (CISSP) is an independent information security certification governed by the not-for-profit International Information Systems Security Certification. The certification itself is seen as the world’s premier certification for information security professionals. The CISSP Bootcamp includes in-depth & intense coverage of all ten domains plus tips and advice to prepare yourself for the new 2020 (ISC)2 exam. CISSP certification is not only an objective measure of excellence, but a globally recognized standard of achievement.   Course format Lecture based, Self-Study & Classroom Discussions.   Courseware All students receive a copy of: The Official (ISC)2 Guide to the CISSP CBK V5 CISSP Exam Self-Practice Review Questions.  Also provided are practice test and tip sheets. All designed to fine tune your skills in preparation to take the exam.  * Exam & exam fees not included.   Learning objectives  Understand and apply the concepts of risk assessment, risk analysis, data classification, and security awareness and Implement risk management and the principles used to support it (Risk avoidance, Risk acceptance, Risk mitigation, Risk transference) Apply a comprehensive and rigorous method for describing a current and/or future structure and behavior for an organization's security processes, information security systems, personnel, and organizational sub-units so that these practices and processes align with the organization's core goals and strategic direction and address the frameworks and policies, concepts, principles, structures, and standards used to establish criteria for the protection of information assets, as well as to assess the effectiveness of that protection and establish the foundation of a comprehensive and proactive security program to ensure the protection of an organization’s information assets. Apply a comprehensive and rigorous method for describing a current and/or future structure and behavior for an organization's security processes, information security systems, personnel, and organizational sub-units so that these practices and processes align with the organization's core goals and strategic direction and examine the principles, means, and methods of applying mathematical algorithms and data transformations to information to ensure its integrity, confidentiality, and authenticity. Understand the structures, transmission methods, transport formats, and security measures used to provide confidentiality, integrity, and availability for transmissions over private and public communications networks and media, and identify risks that can be quantitatively and qualitatively measured to support the building of business cases to drive proactive security in the enterprise. Offer greater visibility into determining who or what may have altered data or system information, potentially affecting the integrity of those assets and match an entity, such as a person or a computer system, with the actions that entity takes against valuable assets, allowing organizations to have a better understanding of the state of their security posture. Plan for technology development, including risk, and evaluate the system design against mission requirements, and identify where competitive prototyping and other evaluation techniques fit in the process. Protect and control information processing assets in centralized and distributed environments and execute the daily tasks required to keep security services operating reliably and efficiently. Understand the Software Development Life Cycle (SDLC) and how to apply security to it, and identify which security control(s) are appropriate for the development environment, and assess the effectiveness of software security. Course overview The CISSP draws from a comprehensive, up-to-date, global common body of knowledge that ensures security leaders have a deep knowledge and understanding of new threats, technologies, regulations, standards, and practices. The CISSP exam tests one's competence in the 8 domains of the CISSP CBK, which cover: Domain 1: Security and Risk Management (Security, Risk, Compliance, Law, Regulations, Business Continuity) Domain 2: Asset Security (Protecting Security of Assets) Domain 3: Security Engineering (Engineering and Management of Security) Domain 4: Communications and Network Security (Designing and Protecting Network Security) Domain 5: Identity and Access Management (Controlling Access and Managing Identity) Domain 6: Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing) Domain 7: Security Operations (Foundational Concepts, Investigations, Incident Management, Disaster Recovery) Domain 8: Software Development Security (Understanding, Applying, and Enforcing Software Security) Module 9: CISSP Test Review Module 10: EU 2019 GDPR Update Module 11: CISSP Exam Preparation & Review Questions [-]
Les mer
Nettkurs 4 timer 13 200 kr
08 Feb
Instructor-Led Virtual - Live Online Training - 4 halve dager 15.00 - 18.30 [+]
This course is intended for people in the fields of public cloud security and cybersecurity, or for anyone who wants to learn how to secure remote networks and mobile users. Successful completion of this two-day, instructor-led course will help enhance your understanding of how to better protect your applications, remote networks, and mobile users using a SASE implementation. You will get detailed instruction on configuring, managing, and troubleshooting Prisma Access in a production environment.   Target Audience Security Engineers, Security Administrators, Security Operations Specialists, Security Analysts, and Network Engineers    Course Modules 1 - Prisma Access Overview 2 - Planning and Design 3 - Activate and Configure 4 - Security Processing Nodes 5 - Panorama Operations for Prisma Access 6 - Remote Networks 7 - Mobile Users 8 - Tune, Monitor, and Troubleshoot 9 - Manage Multiple Tenants 10 - Next Steps [-]
Les mer
Oslo 5 dager 25 000 kr
18 Jan
18 Jan
08 Mar
ISO/IEC 27001 Lead Implementer training enables you to develop the necessary expertise to support an organization in establishing, implementing, managing and maintaining ... [+]
ISO/IEC 27001 Lead Implementer training enables you to develop the necessary expertise to support an organization in establishing, implementing, managing and maintaining an Information Security Management System (ISMS) based on ISO/IEC 27001. Course description During this training course, you will also gain a thorough understanding of the best practices of Information Security Management Systems to secure the organization`s sensitive information and improve the overall performance and effectiveness. Course objectives Acknowledge the correlation between ISO/IEC 27001, ISO/IEC 27002 and other standards and regulatory frameworks Master the concepts, approaches, methods and techniques used for the implementation and effective management of an ISMS Learn how to interpret the ISO/IEC 27001 requirements in the specific context of an organization Learn how to support an organization to effectively plan, implement, manage, monitor and maintain an ISMS Acquire the expertise to advise an organization in implementing Information Security Management System best practices   Course outline Day 1:  Introduction to ISO/IEC 27001 and initiation of an ISMS Course objectives and structure Standards and regulatory frameworks Information Security Management System (ISMS) Fundamental principles of Information Security Management Systems Initiating the implementation of an ISMS Understanding the organization and clarifying the Information Security objectives Analysis of the existing management system Day 2:  Plan the implementation of an ISMS Leadership and approval of the ISMS project ISMS scope Information Security policies Risk assessment Statement of Applicability and top management`s decision to implement the ISMS Definition of the organizational structure of Information Security Day 3:  Implementation of an ISMS Definition of the document management process Design of security controls and drafting of specific policies & procedures Communication plan Training and awareness plan Implementation of security controls Incident Management Operations Management Day 4:  ISMS monitoring, measurement, continuous improvement and preparation for a certification audit Monitoring, measurement, analysis and evaluation Internal audit Management review Treatment of non-conformities Continual improvement Preparing for the certification audit Competence and evaluation of implementers Day 5:  Certification Exam Preparation for exam Exam   [-]
Les mer
Nettstudier 2 semester 4 980 kr
På forespørsel
Generell nettverkssikkerhet. Hvordan planlegge, organisere og sette sikkerhet i små og store nettverk. Brannmurer, VPN, IDS/IPS. Sikkerhet rundt epost, trådløse nett og r... [+]
  Studieår: 2013-2014   Gjennomføring: Høst og vår Antall studiepoeng: 5.0 Forutsetninger: Faget «Datakommunikasjon» eller tilsvarende grunnleggende fag. (TCP/IP forutsettes kjent). Faget «Nettverksteknologi» Innleveringer: Øvinger: 8 av 12 må være godkjent. Øvingene må dekke en bred del av pensum. Vurderingsform: Skriftlig, individuell, 3 timer, Ansvarlig: Helge Hafting Eksamensdato: 04.12.13 / 07.05.14         Læremål: KUNNSKAPER:Kandidaten:- kan forklare en del protokollbaserte farer/angrep i kablede og trådløse nett- kan gjøre rede for mottiltak mot angrepene over- kan gjøre rede for andre farer og mottiltak, som fysiske sikringstiltak og «social engineering»- kan gjøre rede for og planlegge bruk av vanlige sikringstiltak som IDS, IPS, VPN og proxyer FERDIGHETER:Kandidaten kan:- sette i drift et VPN- installere brannmur- Observere nettverkstrafikk med pakkesniffer GENERELL KOMPETANSE:Kandidaten:- kan granske sikkerheten i et nettverk, og velge passende tiltak.Innhold:Generell nettverkssikkerhet. Hvordan planlegge, organisere og sette sikkerhet i små og store nettverk. Brannmurer, VPN, IDS/IPS. Sikkerhet rundt epost, trådløse nett og rutere. En del vanlige angrep, og mottiltak.Les mer om faget her Påmeldingsfrist: 25.08.13 / 25.01.14         Velg semester:  Høst 2013    Vår 2014     Fag Nettverkssikkerhet 4980,-         Semesteravgift og eksamenskostnader kommer i tillegg.    [-]
Les mer
5 dager 30 000 kr
This course is just a great workshop that teaches how to implement securing technologies one at a time. [+]
This course is just a great workshop that teaches how to implement securing technologies one at a time. The course covers all aspects of Windows infrastructure security that everybody talks about and during the course you will learn how to implement them! Our goal is to teach you how to design and implement secure infrastructures based on the reasonable balance between security and comfort with great knowledge of attacker’s possibilities. This is a deep dive course on infrastructure services security, a must-go for enterprise administrators, security officers and architects. It is delivered by one of the best people in the market in the security field – with practical knowledge from tons of successful projects, many years of real-world experience, great teaching skills and no mercy for misconfigurations or insecure solutions. In this workshop you will investigate the critical tasks for a high-quality penetration test. We will look at the most efficient ways to map a network and discover target systems and services. Once it has been done, we will search for vulnerabilities and reduce false positives with manual vulnerability verification. At the end we will look at exploitation techniques, including the use of authored and commercial tools. In the attack summary we will always go through the securing techniques.   Exploits are not the only way to get to systems! We will go through the operating systems’ build in problems and explore how they can be beneficial for hackers! One of the most important things to conduct a successful attack is to understand how the targets work. To the bones! Afterwards everything is clear and the tool is just a matter of our need. The course covers all aspects of Windows infrastructure security from the hacker’s mind perspective! Our goal is to show and teach you what kind of mechanisms are allowing to get inside the infrastructure and how to get into operating systems. After the course you will gain penetration tester’s knowledge and tools. To get more practice we offer three extra weeks of labs online! All exercises are based on Windows Server 2016 and 2019, Windows 10 and Kali Linux. This course is based on practical knowledge from tons of successful projects, many years of real-world experience and no mercy for misconfigurations or insecure solutions!   Course content: Module 1: Hacking Windows Platform a) Detecting unnecessary servicesb) Misusing service accountsc) Implementing rights, permissions and privileges  Module 2: Top 50 tools: the attacker's best friends a) Practical walkthrough through toolsb) Using tools against scenariosc) Tools for Red Team / Pentestersd) Tools for Blue Team Module 3: Modern Malware a) Techniques used by modern malwareb) Advanced Persistent Threatsc) Fooling common protection mechanisms Module 4: Physical Access a) Misusing USB and other portsb) Offline Access techniquesc) BitLocker unlocking Module 5: Intercepting Communication a) Communicating through firewallsb) Misusing Remote Accessc) DNS based attacks Module 6: Hacking Web Server a) Detecting unsafe serversb) Hacking HTTPSc) Distributed Denial of Service attacks Module 7: Data in-Security a) Using incorrect file servers’ configurationb) Basic SQL Server attacksc) Detecting and attacking common network servers Module 8: Identity attacks a) Pass-the-Hash attacksb) Stealing the LSA Secretsc) Modern identity attacks techniques Module 9: Hacking automation a) Misusing administrative scriptsb) Script based scanningc) PowerShell for pen-testers Module 10: Designing Secure Windows Infrastructure a) Modern attacks and prevention techniquesb) Malware execution preventionc) Enterprise scale security challenges Module 11: Securing Windows Platform a) Defining and disabling unnecessary servicesb) Implementing secure service accountsc) Implementing rights, permissions and privilegesd) Code signing Module 12: Malware Protection a) Malware investigation techniquesb) Analyzing cases of real malwarec) Implementing protection mechanisms Module 13: Managing Physical Security a) Mitigating Offline Accessb) Implementing and managing BitLocker Module 14: Public Key Infrastructure Security a) Role and capabilities of the PKI in the infrastructureb) Designing PKI architecture overviewc) PKI security – Best practices Module 15: Securing Network Communication a) Deploying and managing Windows Firewall – advanced and useful featuresb) Deploying and configuring IPsecc) Deploying DNS and DNSSEC Module 16: Securing Web Server a) Configuring IIS features for securityb) Working with SSL Certificate Supportc) Monitoring Web Server resources and performanced) Deploying Distributed Denial of Service attack preventione) Deploying Network Load Balancing and Web FarmsModule Module 17: Mitigating the identity attacks a) Pass-the-Hash attack preventionb) LSA protection c) Credential Guard [-]
Les mer
Nettkurs 4 dager 13 200 kr
16 Feb
This is a specialised course for the Panorama centralized management solution. It not only teaches the features and functionalities of Panorama but also provides guidance... [+]
The training not only teaches the features and functionalities of Panorama but also provides guidance on how to design a distributed firewall network that is managed from a central location.  If you are or planning to use Panorama to manage multiple FireWalls in your infrastructure then you should take this course. The Panorama management is very similar to the FireWall but it has a additional concepts like device-groups and templates that are essential to understand. The main focus of this course, besides all the Panorama concepts and initial configuration, is to show how you design and manage an infrastructure with many FireWalls because if the structure isn't setup right from the beginning, then this usually means a lot of extra work and complications at a later stage. If you are using Panorama only for centralised logging and reporting then you might skip this course.   COURSE OBJECTIVES This course will help students to gain in-depth knowledge about how to configure and manage their Palo Alto Networks® PanoramaTM management server. Upon completion of this course, administrators should be familiar with the PanoramaTM management server’s role in managing and securing their overall network. Network professionals will be shown how to use PanoramaTM aggregated reporting to provide them with a holistic view of a network of Palo Alto Networks® next-generation firewalls.   SCOPE Course level: Intermediate Course duration: 2 days Course format: Combines lecture with hands-on labs Language: Undervisningen er på engelsk og dokumentasjonen på engelsk.   KURSINNHOLD Module 1: Panorama™ Overview Module 2: Initial Configuration Module 3: Adding Firewalls to Panorama™ Module 4: Panorama™ High Availability Module 5: Templates Module 6: Device Groups Module 7: Administrative Accounts Module 8: Log Forwarding and Collection Module 9: Aggregated Monitoring and Reporting Module 10: Troubleshooting   Kurset tilbys også som bedriftsinternt kurs, og arrangeres hos dere eller i våre lokaler, alt etter hva som passer best. Ta kontakt med oss og vi kan finne en god løsning sammen. [-]
Les mer
Nettstudier 1 dag 4 900 kr
17 Feb
03 Mar
25 Mar
Hvordan fylle rollen som personvernombud, og hva må du kunne. Ett kurs for deg som DPO og vil bli bedriftens kompetanse person på GDPR [+]
Personvernforordningen / General Data Protection Regulation (GDPR) Vi går gjennom de deler du må ha kompetanse om, og du får fyldig kursmateriale med deg hjem, slik at du enklere kan mester fagområdet etter kurset. Men på ettdagskurs er det ikke dybdegejnnomgang av områder som DPIA, teknologi og prosess rundt GAP planer. Du får alikevel med deg materiale så du kan lese etterpå. Hva er formålet med forordninga og hvordan forordningen er strukturert. Vi går gjennom  tilsynsmyndighet og hvilke innvirkninger den loven har på Norge, EU og andre land.  Du får kompetanse om hovedpunkter i forordningen med de viktige nøkkelkonsepter, kategorier for personlig informasjon og prinsipper for databeskyttelse. Den registrertes rettigheter og hvordan analyser utfordringer og problemer En viktig kompetanse som mange ikke kjenner godt nok er hvilke roller, forpliktelser og behandlingsaktiviteter som må mestres, så vi ser på personvernombudets betegnelser  Konsekvensanalyse av databeskyttelse og personvernombudet Behandlingsaktiviteter og personvernombudet  Kontrollers ansvar Personvernombudet sitt ansvarRegistrering av behandlingsaktiviteterSamarbeid med tilsynsmyndighetHvordan starte program for å etterleve personvernforordningenHvem må forholde seg til personvernforordningenMetoder og tilnærmingForbered program for personvernforordningenHvordan avdekke mangler  og i dentifiser strategiske målLedelsens ansvar og godkjenning [-]
Les mer

Lukk Denne siden benytter seg av informasjonskapsler (cookies).
Du kan fortsette å bruke siden som vanlig hvis du godtar dette. Les mer om bruk av informasjonskapsler i vår personvernerklæring.