Opleidingen

Training Assertiviteit - Assertief handelen Durven, doen, spreken Ben je vaak terughoudend in het uiten van je gedachten en gevoelens? Wil je graag voor jezelf opkomen zonder anderen te kwetsen? Onze Training Assertiviteit is dé sleutel tot het ontwikkelen van zelfvertrouwen en effectieve communicatie. Leer hoe je jouw mening op een directe, eerlijke en respectvolle manier kunt uiten, terwijl je toch in harmonie blijft met je gesprekspartners. Aan het einde van deze training zul je in staat zijn om zelfverzekerd te communiceren in groepen en zul je weten hoe je jouw mening krachtiger kunt overbrengen aan anderen.  Ook weet jij aan het einde van de training de antwoorden op belangrijke vragen, zoals: Hoe kan ik mijn grenzen duidelijker aangeven? Hoe verminder ik mijn gevoel van afhankelijkheid? Hoe kom ik (beter) voor mezelf op? Hoe spreek ik anderen aan op hun gedrag? Onderwerpen Hoofdaspecten communicatie • Je mond open durven doen • Hoe met stiltes om te gaan • Leren loslaten • Leren nee zeggen • Actief en niet reactief reageren Doelgericht communiceren • Communicatie technieken • Het stellen van open en gesloten vragen • Het gesprek sturen Creëren van zelfvertrouwen • Gedrag in een groep (voel je op je gemak in een gezelschap) • Je respectvol uiten zonder anderen nodeloos te kwetsen • Je niet laten overspoelen door anderen of omstandigheden Inzicht krijgen in je eigen functioneren • Hoe reageren op anderen • Niet te veel hooi op je vork nemen • Omgaan met conflicten – Gedrag lokt gedrag uit – Roos van Leary Inclusief • Trainingsmaterialen en syllabus. • Cursisten ontvangen na afloop een ingelijst certificaat. • Voor trainingen in Nootdorp: lunch, koffie/thee/water en gratis parkeren voor de deur. Exclusief • Het tarief is exclusief BTW en reiskosten a € 0,19 per gereden kilometer.

Binnen één dag op de hoogte met de cursus BTW in één dag Deze eendaagse opfriscursus BTW is gericht op het updaten/verbeteren van uw kennis en vaardigheden op het gebied van BTW. Zo bent u in één dag weer helemaal bij. De Btw-wetgeving is er de afgelopen jaren niet eenvoudiger op geworden. De BTW heeft zich zelfs tot een zeer complexe en boeiende materie ontwikkeld. Tijdens deze cursus, BTW in één dag, wordt u bijgepraat over de nieuwe wet- en regelgeving, rechtspraak en ontwikkelingen in de Btw-praktijk. Kortom: alle highlights van de btw komen aan de orde. Belangrijk is de vertaalslag naar de dagelijkse praktijk zodat u direct aan de slag kunt en u zich zeker voelt als u met collega’s spreekt over de Btw-onderwerpen. Jouw eigen BTW vraagstukken staan centraal. Het is mogelijk om voorafgaand aan het programma zelf onderwerpen aan te dragen zodat deze besproken zullen worden. Dé toegevoegde waarde op BTW kennisgebied! BTW is een complexe materie. De ene keer worden de regels zo uitgelegd, de volgende keer geldt een andere interpretatie. BTW-expert Carola van Vilsteren kan zich dat goed voorstellen: ‘De feiten zijn bepalend en die zijn altijd net weer even anders. Dat maakt het vakgebied juist zo veelzijdig. Maar als BTW niet je specialisme is, kan het knap lastig zijn. Bij de Finance academy van VMN Media maak ik financials daarom snel en praktisch wegwijs in de BTW.’

MfN erkende opleiding tot register mediator Deze afwisselende en interactieve mediation opleiding kan jouw eerste stap zijn op weg om professioneel mediator te worden en je in te laten schrijven in het register van de (MfN) Mediatorsfederatie Nederland. Maar ook als je (nog) niet de wens koestert om als mediator aan de slag te gaan is dit een zeer effectieve en waardevolle opleiding. De verkregen inzichten en vaardigheden zijn onmiddellijk inzetbaar en uiterst effectief toe te passen in je dagelijks werk, bijvoorbeeld als managementvaardigheid. Trainers en didactiek De ervaren trainers, minimaal twee gedurende de gehele opleiding, zijn actief MfN-Register Mediator, met veel mediation praktijkervaring die zij graag met je delen. De MTi opleiding tot mediator is erkend door de Stichting Kwaliteit Mediation (SKM, ten behoeve van het MfN register) worden gesteld. Didactisch wordt rekening gehouden met de verschillende leerstijlen van mensen, zodat ook uw leerstijl wordt ingezet. Wij volgen namelijk het systeem-Kolb voor volwassenen­educatie, waarbij veel aandacht is voor uw persoonlijke ontwikkeling. Onderwerpen onder meer: Onderhandelingsaspecten aan de hand van 5 ijkpunten (ENS-Harvard-model). Plaats van mediation ten opzichte van andere vormen van conflicthantering. Communicatieaspecten in mediation. Conflictpatronen, escalatie en de-escalatie specifieke mediationtechnieken en -vaardigheden. De verschillende fasen in een mediation. Hoe om te gaan met emoties van partijen. Voor- en nadelen van mediation. Voorwaarden voor een succesvolle mediation. De mediationovereenkomst en de vaststellingsovereenkomst. Juridische aspecten van mediation. Attitude van de mediator. De valkuilen voor de mediator. Onze mediation opleiding kent drie pijlers: Basishouding, hoe blijf je neutraal en uit de inhoud Kennis, theoretische achtergronden in belangrijke mate via zelfstudie (totaal 80 uur studiebelasting) Cursisten worden goed voorbereid op theorie-examen. Vaardigheden, de focus van de opleiding tot mediator ligt op het aanleren van nieuwe vaardigheden door oefening en ervaren Doelgroep – ook voor niet-juristen De MTi opleiding tot mediator is voor zeer uiteenlopende (beroeps)achter­gronden geschikt: managers, psychologen, maatschappelijk werkers, directeuren, politiemensen, HRM’ers, (arbo- en bedrijfs)artsen, advocaten, notarissen, arbeids­deskundigen, interim-managers, piloten, burgemeesters enz. Dat biedt veelgeschakeerde invalshoeken tijdens de opleiding. Allen zijn werkzaam op  HBO+ / WO-niveau en hebben enige levenservaring. Duur van de opleiding De opleiding bestaat uit 20 dagdelen, verdeeld over 4 blokken van telkens twee opeenvolgende dagen, tussendoor enkele huiswerkopdrachten met on-line ondersteuning. Intervisie in kleine groepjes wordt geëntameerd. Locatie De opleiding vindt doorgaans plaats in het inspirerende conferentieoord van ISVW, te  Leusden (Amersfoort). In verband met het intensieve programma en de groepsvorming én het nut van de individuele contacten met de trainers en de cursisten én het netwerken ’s avonds, wordt door de cursisten bij voorkeur in het hotel van het conferentieoord overnacht (per blok 1 nacht). Overige informatie De opleiding wordt gegeven door minimaal twee trainers, partners van het MTi, te weten: mr Toos Bik mr Leon Hoornweg mr Carine van Cleeff mr Elena Jacz drs. Cora van de Put-van Hooijdonk mr Jeanette de Vries In een persoonlijk gesprek, voorafgaand aan de opleiding, worden verwachtingen op elkaar afgestemd en besproken welke condities er gesteld worden aan een vak dat betrouwbaarheid, onafhankelijkheid en neutraliteit hoog in het vaandel heeft staan. Een plezierig effect van deze gesprekken is dat er niemand met verkeerde verwachtingen aan de opleiding meedoet, hetgeen de sfeer en de effectiviteit training buitengewoon positief beïnvloedt. Co-mediation Na afloop van de opleiding, wanneer u geslaagd bent voor de kennistoets, mag u op verzoek een keer als co-mediator met een van onze ervaren mediators een mediation meelopen. Bent u van plan een eigen  praktijk op te bouwen, dan denken wij graag met u mee over opzet en marktbenadering. De voor het Kennisexamen voorgeschreven literatuur: Handboek Mediation – A.F.M. Brenninkmeijer, H.J. Bonenkamp, K. van Oyen, H.C.M. Prein, c.a., Sdu Uitgevers, Den Haag. Juridische aspecten van mediation: mr. Eva Schutte, mr. Jacqueline Spierdijk – Sdu Uitgevers Beroepsvaardigheden en interventietechnieken van de mediator: H. Prein – Sdu Uitgevers Bij de opleiding ontvangt u een uitgebreide cursusmap van MTi en enkele, tijdens de training te verstrekken extra’s, ter waarde van in totaal ruim € 250,–.

OVERVIEW Active Directory Federation Services and Claims workshop is the best way to learn how to implement the most business oriented server role! Federated Identity and claims based applications are becoming more and more popular – they simplify the resource access both for your employees and business partners. The course focuses on implementation scenarios, including practice in the newest technologies and solutions delivered with Windows Server 2019. When the world becomes more focused on solving ‘Bring Your Own Device’ issues, it is time to become more up to date with the newest technology capabilities: Active Directory Federation Services and Active Directory Domain Services have been extended to comprehend the most popular mobile devices and provide conditional access and access policies. With these policies in place, you can control access based on users, devices, locations, and access times. Come and learn how to establish partnerships with your business parties, how to implement Single Sign On to access corporate resources, how to manage access to devices and how to implement capabilities to work from anywhere in the world! OBJECTIVES Design AD Federation Services infrastructure and identify the implementation requirements Deploy AD Federation Services to provide claims-aware authentication in a single organization Implement AD Federation Services high availability Deploy Web Application Proxy (previous: AD Federation server proxy) to securely publish web applications Deploy Device Registration Service to enable control of user devices  Deploy Claims-enabled ACLs on File Servers AUDIENCE Enterprise administrators, infrastructure architects, security professionals, systems engineers, network administrators, IT professionals, security consultants and other people responsible for implementing network and perimeter security. NEXT STEP ADS https://www.globalknowledge.com/nl-NL/Trainingen/Security/Security/ADS CONTENT Module 1: a) Introduction b) Legacy and modern authentication protocols c) What are Claims d) Dynamic Access Control e) Services Accounts threats, attack and working with GMSA Module 2: a) PKI overview and ADFS certificate consideration b) Working with certificates and ADFS c) Designing Modern Authentication Module 3: a) ADFS Overview b) Installation, availability and security consideration c) Working with ADFS Cluster Module 4: a) Working with ADFS – claims aware applications b) SAML passive client flow c) ADFS Basics – Rules and Rule flow d) Configuring Issuing rules e) Claim rules language Module 5: a) Thick applications, and working with multiple Relaying Parties b) Troubleshooting thick applications c) Additional attribute Stores d) Using groups in authorization rules Module 6: a) Web Application Proxy b) Working with claims-aware application in WAP c) Configure pass-through application in WAP d) WAP advanced scenarios Module 7: a) Modern ADFS customization b) Advanced troubleshooting ADFS c) Monitoring ADFS security and performance Module 8: a) Working with MFA b) Enabling Device Registration Service c) Windows Hello for business d) Integration with Azure cloud

OVERVIEW Adviseren is meer dan alleen het demonstreren van je deskundigheid. Je moet in staat zijn om een relatie op te bouwen waarbinnen jouw adviezen worden gewaardeerd en geaccepteerd. Deze training gaat over de ‘consulting lifecycle’, een model dat je helpt om als adviseur te analyseren, adviseren en implementeren. OBJECTIVES Na afloop van de cursus zijn de cursisten bekend met het volgende: Het vijfstappenplan van de Consulting Engagement Life Cycle en de belangrijkste bijbehorende acties, om succesvolle adviessessies te kunnen houden met klanten De waarde van technische adviezen voor de klant, voor het adviesbureau en voor de adviseur Het beoordelen van de eigen activiteiten ten opzichte van de deskundigheid die technisch adviseurs nodig hebben, en het bepalen hoe sterke punten kunnen worden benut en gaten kunnen worden gedicht Het vergroten van de technische geloofwaardigheid en de technische meerwaarde door adviesvaardigheden toe te voegen aan de bestaande competenties AUDIENCE Het programma is bedoeld voor projectmanagers, businessanalisten, IT-professionals, ingenieurs en andere technisch professionals die de resultaten van hun adviessessies willen verbeteren via: het verdiepen van hun kennis en vaardigheden met betrekking tot de hele adviescyclus; het gebruik van een set bewezen hulpmiddelen voor betere resultaten in huidige en toekomstige projecten; het gebruik van communicatietechnieken om wensen en voorkeuren van klanten beter te begrijpen; het op één lijn krijgen van besluitvormers, zodat deze bereid zijn tot aanschaf van systemen en tot betrokkenheid bij een project; het voorbereiden van projectteams op een succesvolle implementatie van de systemen. CONTENT INTRODUCTIE Inleiding in de cursus Persoonlijke leerdoelen De Consulting Life Cycle De definitie en waarde van technisch adviseren Het Consulting Competency Model Module 1: DE KLANT BETREKKEN De samenwerking opstarten Een voorlopige behoeftenanalyse maken Het Strategic Questioning Process – wensen van de klant beter begrijpen Actief luisteren Weerstand bij de klant herkennen en hiermee omgaan De mate van betrokkenheid vastleggen – toestemming krijgen van de klant Module 2: INFORMATIE VERZAMELEN EN ANALYSEREN Data verzamelen en organiseren Een duidelijke definitie opstellen van de gewenste resultaten Succescriteria bepalen Data analyseren De beste oplossing bepalen De voorlopige aanbevolen oplossing ontwikkelen en testen Module 3: BEVINDINGEN EN AANBEVELINGEN PRESENTEREN Uw aanbevelingsboodschap voorbereiden Communicatie structureren met het oog op uw doelstellingen Een aantrekkelijke presentatie geven Zorgen of bezwaren van de klant herkennen en afhandelen Module 4: AANBEVELINGEN VOORBEREIDEN EN IMPLEMENTEREN Implementatierisico’s herkennen en beperken Verantwoordelijkheden overdragen aan projectteams Tijdens de implementatie zorgen voor klanttevredenheid Module 5: RESULTATEN EVALUEREN EN BETROKKENHEID LATEN DOORGROEIEN Een bepaald adviesproject afronden Het project evalueren en de geleerde lessen vaststellen Successen vieren De relatie verder uitbouwen AANSLUITEND Uw persoonlijke actieplan

OVERVIEW Het CRISC - Certified Risk and Information System Control - certificaat geeft u internationale erkenning (vanuit ISACA) als security professional. Het CRISC uitgebreide set online oefenvragen (QAE) zijn inbegrepen in de cursusprijs. The CRISC - Certified Risk and Information System Control - certificate gives you international recognition (from ISACA) as a security professional. The CRISC extensive set of online practice questions (QAE) are included in the courseprice. Continuing Professional Education (CPE) : 31 Practice questions (QAE = Questions, Answers and Explanations) : 12 month access OBJECTIVES The Certified in Risk and Information Systems Control certification is designed for IT professionals who have hands-on experience with risk identification, assessment, and evaluation; risk response; risk monitoring; IS control design and implementation; and IS control monitoring and maintenance. The CRISC designation will not only certify professionals who have knowledge and experience identifying and evaluating entity-specific risk, but also aid them in helping enterprises accomplish business objectives by designing, implementing, monitoring and maintaining risk-based, efficient and effective IS controls. Governance (25%) IT Risk Assessment (20%) Risk Response and Reporting (32%) Information Technology and Security (22%) AUDIENCE CRISC is bedoeld voor IT-professionals, risicoprofessionals, business analysts en projectmanagers en/of complianceprofessionals, en verder voor iedereen die verantwoordelijk is voor risico-identificatie, -beoordeling en -evaluatie, risicorespons, risicomonitoring en het ontwerpen, monitoren, implementeren en onderhouden van IS-controls. CRISC is for IT professionals, risk professionals, business analysts, and project manager and/or compliance professionals and anyone who has job responsibilities in the following areas: Risk identification, assessment, evaluation, risk response, monitoring and IS control design/monitoring and implementation/maintenance. CERTIFICATION Oefenvragen (QAE = Questions, Answers and Explanations) zijn online beschikbaar via een voucher. Het voucher is onderdeel van het cursusmateriaal. Hiermee kunt u tijdens de training oefenen. Om officieel CRISC gecertificeerd te worden dient u aan de onderstaande eisen te voldoen: slagen voor het officiële CRISC-examen beschikken over ten minste 3 jaar relevante werkervaring in ten minste twee CRISC-domeinen waarvan een in Domain 1 of 2. Er zijn geen alternatieven of vrijstellingen voor deze ervaringseis. Het daadwerkelijke examen duurt 4 uur en bestaat uit 150 Engelstalige multiplechoicevragen. Het examenvoucher voor het officiële CRISC examen is niet inbegrepen in de prijs. ----- QAE (Questions, Answers and Explanations) is online available via a voucher which is part of the courseware. The requirements for certification are: Pass the official  CRISC-exam Three (3) or more years of cumulative work experience performing the tasks of a CRISC professional across at least two (2) CRISC domains, of which one must be in Domain 1 or 2, is required for certification. There are no substitutions or experience waivers. The exam lasts 4 hours and consists of 150 English Multiple Choice questions. The examenvoucher for the official CRISC exam is not included in the price. CONTENT DOMAIN 1—Governance 26% Organizational Governance A Organizational Strategy, Goals, and Objectives Organizational Structure, Roles, and Responsibilities Organizational Culture Policies and Standards Business Processes Organizational Assets Risk Governance B Enterprise Risk Management and Risk Management Framework Three Lines of Defense Risk Profile Risk Appetite and Risk Tolerance Legal, Regulatory, and Contractual Requirements Professional Ethics of Risk Management DOMAIN 2—IT Risk Assessment 20% IT Risk Identification A Risk Events (e.g., contributing conditions, loss result) Threat Modelling and Threat Landscape Vulnerability and Control Deficiency Analysis (e.g., root cause analysis) Risk Scenario Development IT Risk Analysis and Evaluation B Risk Assessment Concepts, Standards, and Frameworks Risk Register Risk Analysis Methodologies Business Impact Analysis Inherent and Residual Risk DOMAIN 3—Risk Response and Reporting 32% Risk Response A Risk Treatment / Risk Response Options Risk and Control Ownership Third-Party Risk Management Issue, Finding, and Exception Management Management of Emerging Risk Control Design and Implementation B Control Types, Standards, and Frameworks Control Design, Selection, and Analysis Control Implementation Control Testing and Effectiveness Evaluation Risk Monitoring and Reporting C Risk Treatment Plans Data Collection, Aggregation, Analysis, and Validation Risk and Control Monitoring Techniques Risk and Control Reporting Techniques (heatmap, scorecards, dashboards) Key Performance Indicators Key Risk Indicators (KRIs) Key Control Indicators (KCIs) DOMAIN 4—Information Technology and Security 22% Information Technology Principles A Enterprise Architecture IT Operations Management (e.g., change management, IT assets, problems, incidents) Project Management Disaster Recovery Management (DRM) Data Lifecycle Management System Development Life Cycle (SDLC) Emerging Technologies Information Security Principles B Information Security Concepts, Frameworks, and Standards Information Security Awareness Training Business Continuity Management Data Privacy and Data Protection Principles

OVERVIEW DevOps Engineering on AWS teaches you how to use the combination of DevOps cultural philosophies, practices, and tools to increase your  organization's ability to develop, deliver, and maintain applications and services at high velocity on AWS. This course covers Continuous Integration (CI), Continuous Delivery (CD), infrastructure as code, microservices, monitoring and logging, and communication and collaboration. Hands-on labs give you experience building and deploying AWS CloudFormation templates and CI/CD pipelines that build and deploy applications on Amazon Elastic Compute Cloud (Amazon EC2), serverless applications, and container-based applications. Labs for multi-pipeline workflows and pipelines that deploy to multiple environments are also included. Course level: Intermediate Duration: 3 days   Activities This course includes presentations, group exercises, and hands-on labs. OBJECTIVES In this course, you will: Use DevOps best practices to develop, deliver, and maintain applications and services at high velocity on AWS List the advantages, roles and responsibilities of small autonomous DevOps teams Design and implement an infrastructure on AWS that supports DevOps development projects Leverage AWS Cloud9 to write, run and debug your code Deploy various environments with AWS CloudFormation Host secure, highly scalable, and private Git repositories with AWS CodeCommit Integrate Git repositories into CI/CD pipelines Automate build, test, and packaging code with AWS CodeBuild Securely store and leverage Docker images and integrate them into your CI/CD pipelines Build CI/CD pipelines to deploy applications on Amazon EC2, serverless applications, and container-based applications Implement common deployment strategies such as “all at once,” “rolling,” and “blue/green” Integrate testing and security into CI/CD pipelines Monitor applications and environments using AWS tools and technologies AUDIENCE This course is intended for: DevOps engineers DevOps architects Operations engineers System administrators Developers CONTENT Day 1 Module 0: Course overview Course objective Suggested prerequisites Course overview breakdown Module 1: Introduction to DevOps What is DevOps? The Amazon journey to DevOps Foundations for DevOps Module 2: Infrastructure Automation Introduction to Infrastructure Automation Diving into the AWS CloudFormation template Modifying an AWS CloudFormation template Demonstration: AWS CloudFormation template structure, parameters, stacks, updates, importing resources, and drift detection Module 3: AWS Toolkits Configuring the AWS CLI AWS Software Development Kits (AWS SDKs) AWS SAM CLI AWS Cloud Development Kit (AWS CDK) AWS Cloud9 Demonstration: AWS CLI and AWS CDK Hands-on lab: Using AWS CloudFormation to provision and manage a basic infrastructure Module 4: Continuous integration and continuous delivery (CI/CD) with development tools CI/CD Pipeline and Dev Tools Demonstration: CI/CD pipeline displaying some actions from AWS CodeCommit, AWS CodeBuild, AWS CodeDeploy and AWS CodePipeline Hands-on lab: Deploying an application to an EC2 fleet using AWS CodeDeploy Day 2 Module 4: Continuous integration and continuous delivery (CI/CD) with development tools AWS CodePipeline Demonstration: AWS integration with Jenkins Hands-on lab: Automating code deployments using AWS CodePipeline Module 5: Introduction to Microservices Introduction to Microservices Module 6: DevOps and containers Deploying applications with Docker Amazon Elastic Container Service and AWS Fargate Amazon Elastic Container Registry and Amazon Elastic Kubernetes service Demonstration: CI/CD pipeline deployment in a containerized application Module 7: DevOps and serverless computing AWS Lambda and AWS Fargate AWS Serverless Application Repository and AWS SAM AWS Step Functions Demonstration: AWS Lambda and characteristics Demonstration: AWS SAM quick start in AWS Cloud9 Hands-on lab: Deploying a serverless application using AWS Serverless Application Model (AWS SAM) and a CI/CD Pipeline Module 8: Deployment strategies Continuous Deployment Deployments with AWS Services Module 9: Automated testing Introduction to testing Tests: Unit, integration, fault tolerance, load, and synthetic Product and service integrations Day 3 Module 10: Security automation Introduction to DevSecOps Security of the Pipeline Security in the Pipeline Threat Detection Tools Demonstration: AWS Security Hub, Amazon GuardDuty, AWS Config, and Amazon Inspector Module 11: Configuration management Introduction to the configuration management process AWS services and tooling for configuration management Hands-on lab: Performing blue/green deployments with CI/CD pipelines and Amazon Elastic Container Service (Amazon ECS) Module 12: Observability Introduction to observability AWS tools to assist with observability Hands-on lab: Using AWS DevOps tools for CI/CD pipeline automations Module 13: Reference architecture (Optional module) Reference architectures Module 14: Course summary Components of DevOps practice CI/CD pipeline review AWS Certification

OVERVIEW In this course, each module presents a scenario with an architectural challenge to be solved. You will examine available AWS services and features as solutions to the problem. You will gain insights by participating in problem-based discussions and learning about the AWS services that you could apply to meet the challenges. Over 3 days, the course goes beyond the basics of a cloud infrastructure and covers topics to meet a variety of needs for AWS customers. Course modules focus on managing multiple AWS accounts, hybrid connectivity and devices, networking with a focus on AWS Transit Gateway connectivity, container services, automation tools for continuous integration/continuous delivery (CI/CD), security and distributed denial of service (DDoS) protection, data lakes and data stores, edge services, migration options, and managing costs. The course concludes by presenting you with scenarios and challenging you to identify the best solutions. Course level: Advanced Duration: 3 days Activities This course includes presentations, group discussions, use cases, videos, assessments, and hands-on labs. OBJECTIVES In this course, you will learn to: Review the AWS Well-Architected Framework to ensure understanding of best cloud design practices by responding to poll questions while following a graphic presentation Demonstrate the ability to secure Amazon Simple Storage Service (Amazon S3) virtual private cloud (VPC) endpoint connections in a lab environment Identify how to implement centralized permissions management and reduce risk using AWS Organizations organizational units (OUs) and service control policies (SCPs) with AWS Single Sign[1]On Compare the permissions management capabilities of OUs, SCPs, and AWS SSO with and without AWS Control Tower to determine best practices based on use cases Discuss AWS hybrid network designs to address traffic increases and streamline remote work while ensuring FIPS 140-2 Level 2, or Level 3 security compliance Explore the solutions and products available to design a hybrid infrastructure, including access to 5G networks, to optimize service and reduce latency while maintaining high security for critical on[1]premises applications Explore ways to simplify the connection configurations between applications and high[1]performance workloads across global networks Demonstrate the ability to configure a transit gateway in a lab environment Identify and discuss container solutions and define container management options Build and test a container in a lab environment Examine how the AWS developer tools optimize the CI/CD pipeline with updates based on near[1]real-time data Identify the anomaly detection and protection services that AWS offers to defend against DDoS attacks Identify ways to secure data in transit, at rest, and in use with AWS Key Management Service (AWS KMS) and AWS Secrets Manager Determine the best data management solution based on frequency of access, and data query and analysis needs Set up a data lake and examine the advantages of this type of storage configuration to crawl and query data in a lab environment Identify solutions to optimize edge services to eliminate latency, reduce inefficiencies, and mitigate risks Identify the components used to automate the scaling of global applications using geolocation and traffic control Deploy and activate an AWS Storage Gateway file gateway and AWS DataSync in a lab environment Review AWS cost management tools to optimize costs while ensuring speed and performance Review migration tools, services, and processes that AWS provides to implement effective cloud operation models based on use cases and business needs Provide evidence of your ability to apply the technical knowledge and experience gained in the course to improve business practices by completing a Capstone Project   AUDIENCE This course is intended for: - Cloud architects - Solutions architects - Anyone who designs solutions for cloud infrastructures CONTENT Module 1: Course Overview Logistics Student resources Agenda Introductions Module 2: Building a Web Application on AWS Discuss the architecture of the application you are going to build during this course Explore the AWS services needed to build your web application Discover how to store, manage, and host your web application Module 3: Getting Started with Development on AWS Describe how to access AWS services programmatically List some programmatic patterns and how they provide efficiencies within AWS SDKs and AWS CLI Explain the value of AWS Cloud9 Module 4: Getting Started with Permissions Review AWS Identity and Access Management (IAM) features and components permissions to support a development environment Demonstrate how to test AWS IAM permissions Configure your IDEs and SDKs to support a development environment Demonstrate accessing AWS services using SDKs and AWS Cloud9 Lab 1: Configure the Developer Environment Connect to a developer environment Verify that the IDE and the AWS CLI are installed and configured to use the application profile Verify that the necessary permissions have been granted to run AWS CLI commands Assign an AWS IAM policy to a role to delete an Amazon S3 bucket Module 5: Getting Started with Storage Describe the basic concepts of Amazon S3 List the options for securing data using Amazon S3 Define SDK dependencies for your code Explain how to connect to the Amazon S3 service Describe request and response objects Module 6: Processing Your Storage Operations Perform key bucket and object operations Explain how to handle multiple and large objects Create and configure an Amazon S3 bucket to host a static website Grant temporary access to your objects Demonstrate performing Amazon S3 operations using SDKs Lab 2: Develop Solutions Using Amazon S3 Interact with Amazon S3 programmatically using AWS SDKs and the AWS CLI Create a bucket using waiters and verify service exceptions codes Build the needed requests to upload an Amazon S3 object with metadata attached Build requests to download an object from the bucket, process data, and upload the object back to the bucket Configure a bucket to host the website and sync the source files using the AWS CLI Add IAM bucket policies to access the S3 website. Day 2 Module 7: Getting Started with Databases Describe the key components of DynamoDB Explain how to connect to DynamoDB Describe how to build a request object Explain how to read a response object List the most common troubleshooting exceptions Module 8: Processing Your Database Operations Develop programs to interact with DynamoDB using AWS SDKs Perform CRUD operations to access tables, indexes, and data Describe developer best practices when accessing DynamoDB Review caching options for DynamoDB to improve performance Perform DynamoDB operations using SDK Lab 3: Develop Solutions Using Amazon DynamoDB Interact with Amazon DynamoDB programmatically using low-level, document, and highlevel APIs in your programs Retrieve items from a table using key attributes, filters, expressions, and paginations Load a table by reading JSON objects from a file Search items from a table based on key attributes, filters, expressions, and paginations Update items by adding new attributes and changing data conditionally Access DynamoDB data using PartiQL and object-persistence models where applicable Module 9: Processing Your Application Logic Develop a Lambda function using SDKs Configure triggers and permissions for Lambda functions Test, deploy, and monitor Lambda functions Lab 4: Develop Solutions Using AWS Lambda Functions Create AWS Lambda functions and interact programmatically using AWS SDKs and AWS CLI Configure AWS Lambda functions to use the environment variables and to integrate with other services Generate Amazon S3 pre-signed URLs using AWS SDKs and verify the access to bucket objects Deploy the AWS Lambda functions with .zip file archives through your IDE and test as needed Invoke AWS Lambda functions using the AWS Console and AWS CLI Module 10: Managing the APIs Describe the key components of API Gateway Develop API Gateway resources to integrate with AWS services Configure API request and response calls for your application endpoints Test API resources and deploy your application API endpoint Demonstrate creating API Gateway resources to interact with your application APIs Lab 5: Develop Solutions Using Amazon API Gateway Create RESTful API Gateway resources and configure CORS for your application Integrate API methods with AWS Lambda functions to process application data Configure mapping templates to transform the pass-through data during method integration Create a request model for API methods to ensure that the pass-through data format complies with application rules Deploy the API Gateway to a stage and validate the results using the API endpoint Day 3 Module 11: Building a Modern Application Describe the challenges with traditional architectures Describe the microservice architecture and benefits Explain various approaches for designing microservice applications Explain steps involved in decoupling monolithic applications Demonstrate the orchestration of Lambda Functions using AWS Step Functions Module 12: Granting Access to Your Application Users Analyze the evolution of security protocols Explore the authentication process using Amazon Cognito Manage user access and authorize serverless APIs Observe best practices for implementing Amazon Cognito Demonstrate the integration of Amazon Cognito and review JWT tokens Lab 6: Capstone – Complete the Application Build Create a Userpool and an Application Client for your web application using Add new users and confirm their ability to sign-in using the Amazon Cognito CLI Configure API Gateway methods to use Amazon Cognito as an authorizer Verify JWT authentication tokens are generated during API Gateway calls Develop API Gateway resources rapidly using a Swagger importing strategy Set up your web application frontend to use Amazon Cognito and API Gateway configurations and verify the entire application functionality Module 13: Deploying Your Application Identify risks associated with traditional software development practices Understand DevOps methodology Configure an AWS SAM template to deploy a serverless application Describe various application deployment strategies Demonstrate deploying a serverless application using AWS SAM Module 14: Observing Your Application Differentiate between monitoring and observability Evaluate why observability is necessary in modern development and key components Understand CloudWatch’s part in configuring the observability Demonstrate using CloudWatch Application Insights to monitor applications Demonstrate using X-Ray to debug your applications Lab 7: Observe the Application Using AWS X-Ray Instrument your application code to use AWS X-Ray capabilities Enable your application deployment package to generate logs Understand the key components of an AWS SAM template and deploy your application Create AWS X-Ray service maps to observe end-to-end processing behavior of your application Analyze and debug application issues using AWS X-Ray traces and annotations Module 15: Course Wrap-up Course overview AWS training courses Certifications Course feedback

OVERVIEW Het Linux Professional Institute (LPI) heeft zichzelf gevestigd als de standaard voor distributie-onafhankelijke Linux-certificering. LPI biedt drie certificeringsniveaus aan: LPI 1, LPI 2 en LPI 3. LPI 1 is het basisniveau van certificering dat wordt gezocht door professionals die hun vaardigheden op Linux-gebied willen valideren, maar niet voor één specifieke Linux-distributie. Deze cursus zal deelnemerw helpen zich voor te bereiden op het LPIC 101 examen, het eerste van de 2 LPI examens die kandidaten moeten afleggen om het certificaat te behalen. The Linux Professional Institute (LPI) has established itself as the standard for distribution independent Linux certification. LPI offers three levels of certification: LPI 1, LPI 2 and LPI 3. LPI 1 is the base level certification that is looked for by professionals that want to validate their skills on Linux but not to one specific Linux distribution. This course will help candidates preparing for the LPIC 101 exam, which is the first out of 2 LPI exams candidates have to take to obtain the certificate.  Topics System Architecture Linux Installation and Package Management GNU and Unix Commands Devices, Linux Filesystems, Filesystem Hierarchy Standard OBJECTIVES To become LPIC-1 certified the candidate must be able to: understand the architecture of a Linux system; install and maintain a Linux workstation, including X11 and setup it up as a network client; work at the Linux command line, including common GNU and Unix commands; handle files and access permissions as well as system security; and perform easy maintenance tasks: help users, add users to a larger system, backup and restore, shutdown and reboot.   AUDIENCE This course is for IT staff that want to acquire Linux skills. Any experience with the Linux operating system is not required. Typical functions for attendees of this course include support staff and junior system administration.   CERTIFICATION  This course prepares for the LPI LPIC-101 (101-500) exam.   NEXT STEP   CONTENT Topic 101: System Architecture 101.1 Determine and configure hardware settings Description: Candidates should be able to determine and configure fundamental system hardware Key Knowledge Areas: Enable and disable integrated peripherals. Differentiate between the various types of mass storage devices. Determine hardware resources for devices. Tools and utilities to list various hardware information (e.g. lsusb, lspci, etc.). Tools and utilities to manipulate USB devices. Conceptual understanding of sysfs, udev and dbus.  101.2 Boot the system Description: Candidates should be able to guide the system through the booting process. Key Knowledge Areas: Provide common commands to the boot loader and options to the kernel at boot time. Demonstrate knowledge of the boot sequence from BIOS/UEFI to boot completion. Understanding of SysVinit and systemd. Awareness of Upstart. Check boot events in the log files. 101.3 Change runlevels / boot targets and shutdown or reboot system Description: Candidates should be able to manage the SysVinit runlevel or systemd boot target of the system. This objective includes changing to single user mode, shutdown or rebooting the system. Candidates should be able to alert users before switching runlevels / boot targets and properly terminate processes. This objective also includes setting the default SysVinit runlevel or systemd boot target. It also includes awareness of Upstart as an alternative to SysVinit or systemd. Key Knowledge Areas: Set the default runlevel or boot target. Change between runlevels / boot targets including single user mode. Shutdown and reboot from the command line. Alert users before switching runlevels / boot targets or other major system events. Properly terminate processes. Awareness of acpid. Topic 102: Linux Installation and Package Management 102.1 Design hard disk layout Description: Candidates should be able to design a disk partitioning scheme for a Linux system. Key Knowledge Areas: Allocate filesystems and swap space to separate partitions or disks. Tailor the design to the intended use of the system. Ensure the /boot partition conforms to the hardware architecture requirements for booting. Knowledge of basic features of LVM. 102.2 Install a boot manager Description: Candidates should be able to select, install and configure a boot manager. Key Knowledge Areas: Providing alternative boot locations and backup boot options. Install and configure a boot loader such as GRUB Legacy. Perform basic configuration changes for GRUB 2. Interact with the boot loader. 102.3 Manage shared libraries Description: Candidates should be able to determine the shared libraries that executable programs depend on and install them when necessary. Key Knowledge Areas: Identify shared libraries. Identify the typical locations of system libraries. Load shared libraries. 102.4 Use Debian package management Description: Candidates should be able to perform package management using the Debian package tools. Key Knowledge Areas: Install, upgrade and uninstall Debian binary packages. Find packages containing specific files or libraries which may or may not be installed. Obtain package information like version, content, dependencies, package integrity and installation status (whether or not the package is installed). Awareness of apt. 102.5 Use RPM and YUM package management Description: Candidates should be able to perform package management using RPM, YUM and Zypper. Key Knowledge Areas: Install, re-install, upgrade and remove packages using RPM, YUM and Zypper. Obtain information on RPM packages such as version, status, dependencies, integrity and signatures. Determine what files a package provides, as well as find which package a specific file comes from. Awareness of dnf. 102.6 Linux as a virtualization guest Description: Candidates should understand the implications of virtualization and cloud computing on a Linux guest system. Key Knowledge Areas: Understand the general concept of virtual machines and containers. Understand common elements virtual machines in an IaaS cloud, such as computing instances, block storage and networking. Understand unique properties of a Linux system which have to changed when a system is cloned or used as a template. Understand how system images are used to deploy virtual machines, cloud instances and containers. Understand Linux extensions which integrate Linux with a virtualization product. Awareness of cloud-init. Topic 103: GNU and Unix Commands 103.1 Work on the command line Description: Candidates should be able to interact with shells and commands using the command line. The objective assumes the Bash shell. Key Knowledge Areas: Use single shell commands and one line command sequences to perform basic tasks on the command line. Use and modify the shell environment including defining, referencing and exporting environment variables. Use and edit command history. Invoke commands inside and outside the defined path. 103.2 Process text streams using filters Description: Candidates should be able to apply filters to text streams. Key Knowledge Areas: Send text files and output streams through text utility filters to modify the output using standard UNIX commands found in the GNU textutils package. 103.3 Perform basic file management Description: Candidates should be able to use the basic Linux commands to manage files and directories. Key Knowledge Areas: Copy, move and remove files and directories individually. Copy multiple files and directories recursively. Remove files and directories recursively. Use simple and advanced wildcard specifications in commands. Using find to locate and act on files based on type, size, or time. Usage of tar, cpio and dd. 103.4 Use streams, pipes and redirects Description: Candidates should be able to redirect streams and connect them in order to efficiently process textual data. Tasks include redirecting standard input, standard output and standard error, piping the output of one command to the input of another command, using the output of one command as arguments to another command and sending output to both stdout and a file. Key Knowledge Areas: Redirecting standard input, standard output and standard error. Pipe the output of one command to the input of another command. Use the output of one command as arguments to another command. Send output to both stdout and a file. 103.5 Create, monitor and kill processes Description: Candidates should be able to perform basic process management. Key Knowledge Areas: Run jobs in the foreground and background. Signal a program to continue running after logout. Monitor active processes. Select and sort processes for display. Send signals to processes. 103.6 Modify process execution priorities Description: Candidates should should be able to manage process execution priorities. Key Knowledge Areas: Know the default priority of a job that is created. Run a program with higher or lower priority than the default. Change the priority of a running process. 103.7 Search text files using regular expressions Description: Candidates should be able to manipulate files and text data using regular expressions. This objective includes creating simple regular expressions containing several notational elements as well as understanding the differences between basic and extended regular expressions. It also includes using regular expression tools to perform searches through a filesystem or file content. Key Knowledge Areas: Create simple regular expressions containing several notational elements. Understand the differences between basic and extended regular expressions. Understand the concepts of special characters, character classes, quantifiers and anchors. Use regular expression tools to perform searches through a filesystem or file content. Use regular expressions to delete, change and substitute text. 103.8 Basic file editing Description: Candidates should be able to edit text files using vi. This objective includes vi navigation, vi modes, inserting, editing, deleting, copying and finding text. It also includes awareness of other common editors and setting the default editor. Key Knowledge Areas: Navigate a document using vi. Understand and use vi modes. Insert, edit, delete, copy and find text in vi. Awareness of Emacs, nano and vim. Configure the standard editor. Topic 104: Devices, Linux Filesystems, Filesystem Hierarchy Standard 104.1 Create partitions and filesystems Description: Candidates should be able to configure disk partitions and then create filesystems on media such as hard disks. This includes the handling of swap partitions. Key Knowledge Areas: Manage MBR and GPT partition tables Use various mkfs commands to create various filesystems such as: ext2/ext3/ext4 XFS VFAT exFAT Basic feature knowledge of Btrfs, including multi-device filesystems, compression and subvolumes. 104.2 Maintain the integrity of filesystems Description: Candidates should be able to maintain a standard filesystem, as well as the extra data associated with a journaling filesystem. Key Knowledge Areas: Verify the integrity of filesystems. Monitor free space and inodes. Repair simple filesystem problems. 104.3 Control mounting and unmounting of filesystems Description: Candidates should be able to configure the mounting of a filesystem. Key Knowledge Areas: Manually mount and unmount filesystems. Configure filesystem mounting on bootup. Configure user mountable removable filesystems. Use of labels and UUIDs for identifying and mounting file systems. Awareness of systemd mount units.  104.4 Removed  104.5 Manage file permissions and ownership Description: Candidates should be able to control file access through the proper use of permissions and ownerships. Key Knowledge Areas: Manage access permissions on regular and special files as well as directories. Use access modes such as suid, sgid and the sticky bit to maintain security. Know how to change the file creation mask. Use the group field to grant file access to group members. 104.6 Create and change hard and symbolic links Description: Candidates should be able to create and manage hard and symbolic links to a file. Key Knowledge Areas: Create links. Identify hard and/or soft links. Copying versus linking files. Use links to support system administration tasks. 104.7 Find system files and place files in the correct location Description: Candidates should be thoroughly familiar with the Filesystem Hierarchy Standard (FHS), including typical file locations and directory classifications. Key Knowledge Areas: Understand the correct locations of files under the FHS. Find files and commands on a Linux system. Know the location and purpose of important file and directories as defined in the FHS.  

OVERVIEW The Linux Professional Institute (LPI) has established itself as the standard for distribution independent Linux certification. LPI offers three levels of certification: LPI 1, LPI 2 and LPI 3. LPI 1 is the base level certification that is looked for by professionals that want to validate their skills on Linux but not to one specific Linux distribution. This course will help candidates preparing for the LPIC 102 exam, which is the second out of 2 LPI exams candidates have to take to obtain the certificate. Topics: Shells and Shell Scripting Interfaces and Desktops Administrative Tasks Essential System Services Networking Fundamentals Security OBJECTIVES Shells and Shell Scripting Interfaces and Desktops Administrative Tasks Essential System Services Networking Fundamentals Security To become LPIC-1 certified the candidate must be able to: understand the architecture of a Linux system; install and maintain a Linux workstation, including X11 and setup it up as a network client; work at the Linux command line, including common GNU and Unix commands; handle files and access permissions as well as system security; and perform easy maintenance tasks: help users, add users to a larger system, backup and restore, shutdown and reboot. AUDIENCE This course is for IT staff that want to acquire Linux skills. Typical functions for attendees of this course include support staff and junior system administration.    CERTIFICATION This course prepares for the LPI LPIC-102 (102-500) exam.   NEXT STEP   CONTENT Topic 105: Shells and Shell Scripting 105.1 Customize and use the shell environment Description: Candidates should be able to customize shell environments to meet users' needs. Candidates should be able to modify global and user profiles. Key Knowledge Areas: Set environment variables (e.g. PATH) at login or when spawning a new shell. Write Bash functions for frequently used sequences of commands. Maintain skeleton directories for new user accounts. Set command search path with the proper directory. 105.2 Customize or write simple scripts Description: Candidates should be able to customize existing scripts, or write simple new Bash scripts. Key Knowledge Areas: Use standard sh syntax (loops, tests). Use command substitution. Test return values for success or failure or other information provided by a command. Execute chained commands. Perform conditional mailing to the superuser. Correctly select the script interpreter through the shebang (#!) line. Manage the location, ownership, execution and suid-rights of scripts. Topic 106: User Interfaces and Desktops 106.1 Install and configure X11 Description: Candidates should be able to install and configure X11. Key Knowledge Areas: Understanding of the X11 architecture. Basic understanding and knowledge of the X Window configuration file. Overwrite specific aspects of Xorg configuration, such as keyboard layout. Understand the components of desktop environments, such as display managers and window managers. Manage access to the X server and display applications on remote X servers. Awareness of Wayland. 106.2 Graphical Desktops Description: Candidates should be aware of major Linux desktops. Furthermore, candidates should be aware of protocols used to access remote desktop sessions. Key Knowledge Areas: Awareness of major desktop environments Awareness of protocols to access remote desktop sessions 106.3 Accessibility Description: Demonstrate knowledge and awareness of accessibility technologies. Key Knowledge Areas: Basic knowledge of visual settings and themes. Basic knowledge of assistive technology. The following is a partial list of the used files, terms and utilities: High Contrast/Large Print Desktop Themes. Screen Reader. Braille Display. Screen Magnifier. On-Screen Keyboard. Sticky/Repeat keys. Slow/Bounce/Toggle keys. Mouse keys. Gestures. Voice recognition. Topic 107: Administrative Tasks 107.1 Manage user and group accounts and related system files Description: Candidates should be able to add, remove, suspend and change user accounts. Key Knowledge Areas: Add, modify and remove users and groups. Manage user/group info in password/group databases. Create and manage special purpose and limited accounts. 107.2 Automate system administration tasks by scheduling jobs Description: Candidates should be able to use cron and systemd timers to run jobs at regular intervals and to use at to run jobs at a specific time. Key Knowledge Areas: Manage cron and at jobs. Configure user access to cron and at services. Understand systemd timer units. 107.3 Localisation and internationalisation Description: Candidates should be able to localize a system in a different language than English. As well, an understanding of why LANG=C is useful when scripting. Key Knowledge Areas: Configure locale settings and environment variables. Configure timezone settings and environment variables. Topic 108: Essential System Services 108.1 Maintain system time Description: Candidates should be able to properly maintain the system time and synchronize the clock via NTP. Key Knowledge Areas: Set the system date and time. Set the hardware clock to the correct time in UTC. Configure the correct timezone. Basic NTP configuration using ntpd and chrony. Knowledge of using the pool.ntp.org service. Awareness of the ntpq command. 108.2 System logging Description: Candidates should be able to configure rsyslog. This objective also includes configuring the logging daemon to send log output to a central log server or accept log output as a central log server. Use of the systemd journal subsystem is covered. Also, awareness of syslog and syslog-ng as alternative logging systems is included. Key Knowledge Areas: Basic configuration of rsyslog. Understanding of standard facilities, priorities and actions. Query the systemd journal. Filter systemd journal data by criteria such as date, service or priority. Configure persistent systemd journal storage and journal size. Delete old systemd journal data. Retrieve systemd journal data from a rescue system or file system copy. Understand interaction of rsyslog with systemd-journald. Configuration of logrotate. Awareness of syslog and syslog-ng. 108.3 Mail Transfer Agent (MTA) basics Description: Candidates should be aware of the commonly available MTA programs and be able to perform basic forward and alias configuration on a client host. Other configuration files are not covered. Key Knowledge Areas: Create e-mail aliases. Configure e-mail forwarding. Knowledge of commonly available MTA programs (postfix, sendmail, exim) (no configuration). 108.4 Manage printers and printing Description: Candidates should be able to manage print queues and user print jobs using CUPS and the LPD compatibility interface. Key Knowledge Areas: Basic CUPS configuration (for local and remote printers). Manage user print queues. Troubleshoot general printing problems. Add and remove jobs from configured printer queues. Topic 109: Networking Fundamentals 109.1 Fundamentals of internet protocols Description: Candidates should demonstrate a proper understanding of TCP/IP network fundamentals. Key Knowledge Areas: Demonstrate an understanding of network masks and CIDR notation. Knowledge of the differences between private and public "dotted quad" IP addresses. Knowledge about common TCP and UDP ports and services (20, 21, 22, 23, 25, 53, 80, 110, 123, 139, 143, 161, 162, 389, 443, 465, 514, 636, 993, 995). Knowledge about the differences and major features of UDP, TCP and ICMP. Knowledge of the major differences between IPv4 and IPv6. Knowledge of the basic features of IPv6. 109.2 Persistent network configuration Description: Candidates should be able to manage the persistent network configuration of a Linux host. Key Knowledge Areas: Understand basic TCP/IP host configuration. Configure ethernet and wi-fi network using NetworkManager. Awareness of systemd-networkd. 109.3 Basic network troubleshooting Description: Candidates should be able to troubleshoot networking issues on client hosts. Key Knowledge Areas: Manually configure network interfaces, including viewing and changing the configuration of network interfaces using iproute2. Manually configure routing, including viewing and changing routing tables and setting the default route using iproute2. Debug problems associated with the network configuration. Awareness of legacy net-tools commands.  109.4 Configure client side DNS Description: Candidates should be able to configure DNS on a client host. Key Knowledge Areas: Query remote DNS servers. Configure local name resolution and use remote DNS servers. Modify the order in which name resolution is done. Debug errors related to name resolution. Awareness of systemd-resolved. Topic 110: Security 110.1 Perform security administration tasks Description: Candidates should know how to review system configuration to ensure host security in accordance with local security policies. Key Knowledge Areas: Audit a system to find files with the suid/sgid bit set. Set or change user passwords and password aging information. Being able to use nmap and netstat to discover open ports on a system. Set up limits on user logins, processes and memory usage. Determine which users have logged in to the system or are currently logged in. Basic sudo configuration and usage. 110.2 Setup host security Description: Candidates should know how to set up a basic level of host security. Key Knowledge Areas: Awareness of shadow passwords and how they work. Turn off network services not in use. Understand the role of TCP wrappers. 110.3 Securing data with encryption Description: The candidate should be able to use public key techniques to secure data and communication. Key Knowledge Areas: Perform basic OpenSSH 2 client configuration and usage. Understand the role of OpenSSH 2 server host keys. Perform basic GnuPG configuration, usage and revocation. Use GPG to encrypt, decrypt, sign and verify files. Understand SSH port tunnels (including X11 tunnels).