ict regional program for african missions rpa - fy 2012-2013 rpa.pdf · regional program for...

Information and Communications Technology Division

ICT REGIONAL PROGRAM

FOR AFRICAN MISSIONS

RPA

asdf July 2012 – June 2013

1

TABLE OF CONTENTS

DATA CENTER DESIGN, MANAGEMENT AND AUDIT ..................................................................... 3

SUSE LINUX ESSENTIALS FOR LOTUS DOMINO ADMINISTRATORS ............................................. 4

VMWARE VIEW: DESKTOP FAST TRACK V5.0 ............................................................................... 5

BICSI ITS INSTALLER 2, OPTICAL FIBER…………………………………………………………………………..6

BICSI ITS INSTALLER 2, COPPER……………… …………………………………………………………………….7

CODAN HF RADIO EQUIPMENT .................................................................................................... 8

RE-CERTIFICATION RIGGING REFRESHER .................................................................................. 9

HEIGHT SAFETY AND TELECOMMUNICATIONS RIGGING ........................................................... 10

ITIL FOUNDATION v3................................................................................................................ 12

ITIL v3 INTERMEDIATE LEVEL – SERVICE LIFECYCLE ............................................................... 13

ITIL v3 INTERMEDIATE LEVEL – SERVICE CAPABILITY STREAMS ............................................. 14

HELP DESK SUPPORT AND STRUCTURED PROBLEM SOLVING………………………………………..……15

REGIONAL ASSET MANAGEMENT CONFERENCE ......................................................................... 16

MANAGEMENT OF RISK FOUNDATION ....................................................................................... 17

MANAGEMENT OF RISK PRACTITIONER .................................................................................... 18

PRINCE2 FOUNDATION ............................................................................................................. 19

PRINCE2 PRACTITIONER .......................................................................................................... 20

IMPLEMENTING AND AUDITING THE TWENTY CRITICAL SECURITY CONTROLS ........................ 22

LOG MANAGEMENT .................................................................................................................... 23

BASIC PROTECTION OF WEB APPLICATIONS ............................................................................ 23

DEVELOP .NET SECURE APPLICATIONS ..................................................................................... 24

WEBSENSE WSGA ...................................................................................................................... 25

2

ICT Infrastructure

Systems

TITLE VENUE DATE DURATION

RPA - DATA CENTER DESIGN, MANAGEMENT AND AUDIT

RSC Entebbe 15/10 – 19/10/2012 5 Days

RPA – SUSE LINUX ESSENTIALS FOR LOTUS DOMINO ADMINISTRATORS

RSC Entebbe Cancelled 5 Days

RPA - VMWARE VIEW: DESKTOP FAST TRACK V5.0

RSC Entebbe 25/2 – 1/3/2013 5 Days

RPA – BICSI ITS INSTALLER 2, OPTICAL FIBER RSC Entebbe 15/4 – 19/4/2013 5 Days

RPA - BICSI ITS INSTALLER 2, COPPER RSC Entebbe 8/4 – 12/4/2013 5 Days

Radio


RPA – CODAN HF RADIO EQUIPMENT RSC Entebbe 16/7 – 20/7/2012 5 Days

RPA – RE-CERTIFICATION RIGGING REFRESHER

OTHER To be advised 2 Days

RPA - HEIGHT SAFETY AND TELECOMMUNICATIONS RIGGING


3

Systems DATA CENTER DESIGN, MANAGEMENT AND AUDIT 5 days

Classroom-based

Category: ICT Infrastructure/Systems Objectives: This training course is aimed at providing CIT staff with the required knowledge and skills to implement the consolidation plan of data centres in field missions as well as with the tools to identify issues and improve UN data centre facilities in line with ICTD initiative. Course agenda combines a session in data centre design and management with a session in data centre audit.

The design and management part covers the elements that should be incorporated and applied into the management practices for Data Centres, in order to ensure consistency and adherence to procedures especially with reference to health and safety issues. It is also aimed at teaching best practice design and operational principles as well as at transferring knowledge of data centre management issues and meth-ods that will enable students to make critical decisions in order to promote sustainability and reliability. The auditing part consists of a physical study of a specific UN data centre facility to be carried out by the students and the instructor by reviewing the existing power distribution, cooling, earthing and bonding, cabling, safety and security as well as lighting, by measuring the facility key components, by discussing and practicing in the class to identify issues and improvements. The program, which primarily complies with TIA 942 and BICSI international standards, will include a final exam leading to the achievement of the BICSI-recognized Data Centre Designer (DCD) certification as well as a final audit report.

Target Audience: The course is intended for communications and IT field staff involved in the design, construction and maintenance of data centers of different size in field missions.

Note: Dedicated sessions of this course can be organized upon request at the mission level.

VENUE DATE

RSC Entebbe 15/10 – 19/10/2012

4

SUSE LINUX ESSENTIALS FOR LOTUS DOMINO ADMINISTRATORS 5 days

Classroom-based

Category: ICT Infrastructure/Systems Objectives: The course agenda includes the following topics: • Installation of Linux OS • Installation of Domino 8.5.3 on SUSE Linux 11 • Hardware Requirement • System, Packages, and Update Requirements: Domino 8.5.3 and SUSE Linux 11 • Virtualization Requirement • How to use VI text editor to update notes.ini and domino.st • Use of domino.st to start and stop Domino Optimizing Linux to Run Domino: • Basic Linux commands to copy/delete/move, create folder/navigation between folders • Best Practices in Fine Tuning System Resources • Best practices for migration from Windows to Linux Linux: • Partitions and File Systems, File Sharing • Use of Yast2 to adjust time/network settings and so forth • Date and Time Setting and Sync with Domino • Kernel Parameters • Use of chown. chmod, rm, cp, mv, ls, du, df commands • Understand the concept of file ownership and access level • How to verify port availability on a Linux System • Use of SSH or Putty client • Antivirus and Security

• Backup Domino: • TuneKrnl • Server_Pool_Task • NSF_DbCache_MaxEntries • Spam Filters

Networking Essentials for both IPv4 and IPv6 Performance Monitoring and Troubleshooting (very important) Interaction of Linux, VMWare and Notes

Target Audience: This course is intended for Domino administrators who are responsible for managing Domino server on Suse Linux.

Prerequisites: Students attending this course should have basic knowledge of Domino administration, Operative Systems and Servers.

VENUE DATE

RSC Entebbe Cancelled

5

VMWARE VIEW: DESKTOP FAST TRACK V5.0 5 days

Classroom-based

Category: ICT Infrastructure/Systems Objectives: This course will provide systems administrators in the field with knowledge and skills to virtualize Windows Applications and to chose the best deployment and updating processes for their environment. By the end of the course, students should learn the features and operation of View, View design principles, and ThinApp operation and be able to perform the following tasks: • Install and configure View components • Create and manage dedicated and floating desktop pools • Deploy and manage linked-clone virtual desktops • Configure and manage desktops that run in local mode • Configure secure access to desktops through a public network • Use ThinApp to package applications • Describe the major components of the ThinApp architecture • Troubleshoot problems with ThinApp packages • Identify design goals, requirements, and constraints • Identify information that is required for design decisions • Recognize situations that benefit from best-practice recommendations • Use the recommended design process • Construct a comprehensive View solution

Target Audience: This course is intended to system and network administrators in field missions.

Prerequisites: Students attending this course must have completed the VMware vSphere: Install, Configure, Manage training course or have equivalent knowledge and experience.

VENUE DATE

RSC Entebbe 25/2 – 1/3/2013

6

BICSI ITS INSTALLER 2, OPTICAL FIBER 5 days

Classroom-based

Category: ICT Infrastructure/Systems Objectives: This course focuses on setting the groundwork for optical fiber-based structured cabling system installa-tion. The course will open with an overview of fiber transmission principles, professionalism, life safety and industry best practices, as related to fiber. A significant amount of course time will then be spent on in-stallation, splicing, termination, testing and retrofitting of optical fiber cable. Additional topics covered will include pathways and spaces, firestopping and an introduction to field coordination. This training course will provide students with the knowledge and skills to take the ITS Installer 2, Optical Fiber certification exam. This course will cover the following topics: • Codes and standards⁄industry best practices • Optical fiber transmission principles • Safety • Professionalism • Telecommunication pathways • Telecommunication spaces • Firestopping • Installation/pulling optical fiber cable • Termination of optical fiber cable • Testing/troubleshooting of optical fiber cable • Retrofitting • Field coordination

Target Audience: Communications and information technology technicians involved in implementing fibre-optic cabling and data, voice or video networks.

Prerequisites: Participants should have at least two years of installation experience.

Note: This course will be held in conjuction with BICSI ITS Installer 2, Copper.

VENUE DATE

RSC Entebbe 15/4 – 19/4/2013

7

BICSI ITS INSTALLER 2, COPPER 5 days

Classroom-based

Category: ICT Infrastructure/Systems

Objectives: This course sets the foundation of a copper-based structured cabling system installation. The course be-

gins with an overview of copper transmission principles, professionalism, life safety and general industry best practices, as related to copper. A significant amount of course time will then be spent on BICSI best practices for the installation, termination, testing and retrofitting of copper cable. Additional topics covered will include BICSI best practices for pathways and spaces; grounding, bonding and protection; and firestopping. This training course will provide students with the knowledge and skills to take the ITS In-staller 2, Copper certification exam. This course will include the following topics: • Codes and standards/BICSI best practices • Copper transmission principles • Safety • Professionalism • Telecommunication pathways • Telecommunication spaces • Bonding, grounding and protection • Firestopping • Installation/pulling copper cable • Termination of copper cable • Testing/troubleshooting of copper cable • Retrofitting • Field coordination

Target Audience: Communications and information technology technicians involved in implementing fibre-optic cabling and data, voice or video networks.

Prerequisites: Students attending this course must have completed the VMware vSphere: Install, Configure, Manage training course or have equivalent knowledge and experience.

Note: This course will be held in conjuction with BICSI ITS Installer 2, Optical Fiber

VENUE DATE

RSC Entebbe 9/4 – 12/4/2013

8

Radio CODAN HF RADIO EQUIPMENT 5 days

Classroom-based

Category: ICT Infrastructure/Radio Objectives: The focus of the event will be preliminary on operation and programming of NGT and 2110 HF transceiv-ers. Course agenda will primarily cover the following topics: • Understand the different HF transceivers and their components and accessories • Have a clear understanding of the concepts and terminology used in Codan transceivers • Understand how to program a Codan transceivers • Understand how to operate a Codan transceivers • Show interoperability between Codan and OEM transceivers • Give practical hand on operation of the NGT and 2110 HF transceivers • Have a clear understanding of what features the accessory products supply • Show competency in operation and programming of Codan NGT and 2110 transceivers

Target Audience: This course is intended for communications technicians responsible for all aspects of radio communica-tions.

Prerequisites: Students attending this class should preferably have a good understanding of how HF works i.e. frequency selection, propagation, importance of antenna selection and experience in use of an HF radio.

VENUE DATE

RSC Entebbe 16/7 – 20/7/2012

9

RE-CERTIFICATION RIGGING REFRESHER 2 days

Classroom-based

Category: ICT Infrastructure/Radio

Objectives: This training needs to be completed by all certified riggers every 3 years. Course agenda will cover the following topics: • Personal Protective Equipment for telecommunications rigging update • Risk assessment and method statements for rigging update • Inspection of PPE refresher • High structure rescue and self-evacuation reassessment

Target Audience: Course is intended for certified riggers whose credential is going to expire.

Prerequisites: This course can be arranged upon request at the mission level.

VENUE DATE

IN MISSION Upon request

10

HEIGHT SAFETY AND TELECOMMUNICATIONS RIGGING 10 days

Classroom-based

Category: ICT Infrastructure/Radio

Objectives: At the end of this course and upon successful completion of the exam, participants will become Certified Riggers and will receive an ID card. This course will introduce participants to the equipment, tools and safety techniques required to climb a tower and will provide an overview of the issues of constructing and maintaining wireless communications sites. During the course participants will acquire the required knowledge on: • Relevant law and regulations pertaining work at height • Assessment and management of risk for work at height • Selection and correct usage of safe systems and suitable Personal Protective Equipment • Tower climbing • Fixed and temporary fall arrest systems • Lanyard and work positioning systems • Rescue from height • RF hazards and its effects on people • Regulations governing lifting and lowering activities • Selection of suitable equipment • Safe systems for raising and lowering loads • Use of load directional control systems • Principles and practice on tower building • Principles and practice on feeders installation • Lifting of antennas

• Correct installation orientation of common antennas • Grounding principles • Earthing fundamentals and theory • Practical systems for structures and communication equipment and testing

Target Audience: This training course is intended for communications technicians who are required to climb wireless com-munication installations and are responsible for building, inspecting, monitoring and maintaining wireless communications towers.

Note: This course can be arranged upon request at the mission level.

VENUE DATE

RSC Entebbe 6/5 – 17/5/2013

Information and Communication Technology Division

11

ICT Management

Service Management


ITIL FOUNDATION v3 OTHER To be advised 3 Days

ITIL v3 INTERMEDIATE LEVEL – SERVICE LIFECYCLE

OTHER To be advised 4 Days each module

ITIL v3 INTERMEDIATE LEVEL – SERVICE CAPABILITY STREAMS

OTHER To be advised 3 Days each module

HELP DESK SUPPORT AND STRUCTURED PROBLEM SOLVING

OTHER 21/5 – 24/5/2013 4 Days

Governance


REGIONAL ASSET MANAGEMENT CONFERENCE RSC Entebbe 11/9 – 13/9/2012 3 Days

MANAGEMENT OF RISK FOUNDATION RSC Entebbe 10/6 – 12/6/2013 3 Days

MANAGEMENT OF RISK PRACTITIONER RSC Entebbe 13/6 – 14/6/2012 2 Days

Project Management


PRINCE2 FOUNDATION OTHER Upon request 3 Days

PRINCE2 PRACTITIONER OTHER Upon request 2 Days


12

Service Management ITIL FOUNDATION v3 3 days

Classroom-based Virtual Self-paced

Category: ICT Management/Service Management

Objectives: This course provides comprehensive first-level training for field staff involved in the provision, support, and delivery of IT Services. It is a 3-day training course leading to the v3 Foundation Certificate in IT Ser-vice Management. During the course, delegates will gain knowledge of best practice terminology, the structure and basic concepts of ITIL v3 Service Management. The course syllabus will focus on the following topics: • Service Management as a practice • The service lifecycle • Key concepts and definitions • Key principles and models: service strategy; service design; service transition; service operation • Functions • Roles • Technology and architecture

Target Audience: This course is intended for CIT staff holding support roles and who need a basic understanding of the ITIL framework.

Note: This course can be arranged upon request within the mission area in classroom-based, online and virtual formats.

VENUE DATE



13

ITIL v3 INTERMEDIATE LEVEL – SERVICE LIFECYCLE 3 days each module

Classroom-based Virtual


Objectives: The ITIL v3 Intermediate Lifecycle stream consists of five individual certifications or modules; each mod-ule covers an introduction to the Service Lifecycle, the principles, processes, functions and activities within that stage of the ITIL Service Management Lifecycle, along with technology and implementation consid-erations. Service Lifecycle modules: • Service Strategy • Service Design • Service Transition • Service Operation • Continual Service Improvement At the end of each module participants are expected to take final certification exam.

Target Audience: These courses are intended to those participants who need to get the knowledge, skills and competencies required to apply or manage the application of specific areas of ITIL Best Practice in a Service Manage-ment environment.

Prerequisites: Participants must hold the ITIL Foundation Certificate v3.

Note: Any of the modules mentioned above can be arranged upon request within the mission area in classroom-based and virtual formats.

VENUE DATE



14

ITIL v3 INTERMEDIATE LEVEL – SERVICE CAPABILITY STREAMS 5 days each module



Objectives: The ITIL Capability stream consists of four individual certifications which focus on a series of clustered process activities, their execution and use throughout specific phases of the ITIL Service Lifecycle. Each module of the Capability series covers an introduction to the Service Lifecycle and it provides extensive detailed coverage of the processes, functions, roles and responsibilities and activities pertaining to the specific cluster grouping along with technology and implementation considerations. Service Capability modules: • Service Offerings and Agreements • Release Control and Validation • Operational Support and Analysis • Planning, Protection and Optimization At the end of each module participants are expected to take final certification exam.

Target Audience: These courses are intended to those participants who need to get the knowledge, skills and competencies required to apply or manage the application of specific areas of ITIL Best Practice in a Service Manage-ment environment.

Prerequisites: Participants must hold the ITIL Foundation Certificate v3.

Note: Any of the modules mentioned above can be arranged upon request within the mission area in classroom-based and virtual formats.

VENUE DATE

OTHER Upon request


15

HELP DESK SUPPORT AND STRUCTURED PROBLEM

SOLVING 4 Days



Objectives: During this course students will learn methods for effective customer service, procedures for efficient han-dling of calls, incident management, communication skills, basic components of ITIL processes as well as problem-solving and troubleshooting techniques. Course will also cover concepts of critical thinking and listening skills and will help students to understand core help desk processes and best practices in service and support centers. The training course will include a final certification exam.

Topics covered will include: • Role of a Support Centre and of the Help Desk Support Analyst • Understanding the strategic perspective • Service Level Agreements • Standard Operating Procedures • Service delivery methods and technologies • Service management systems • Best practices in IT service management • ITIL Service Support • Security management • Quality assurance • Handling of calls • Communication aspects • Systematic Problem solving • Structured troubleshooting • Root cause analysis • Understanding customer's needs • Open- and close-ended questions • Appropriate selection of information • Handling difficult customers • Documentation

Target Audience: Course is addressed to help desk technicians and support center personnel in the field who provide primary contact and front-line support to internal and external customers.

VENUE DATE

RSC Entebbe 21/5 – 24/5/2013


16

Governance REGIONAL ASSET MANAGEMENT CONFERENCE 3 days

Classroom-based

Category: ICT Management/Governance

Objectives: In line with the Regional Asset Management activities and CITS Common Resource Management (CCRM) initiative, this course is intended for CITS Field staff working on the asset management units of the Great Lake region. The workshop is aimed at strengthening the understanding of Asset management, warehous-

ing and Inventory for CITS Asset management staff throughout the region. Subjects to be covered will include: • Budget Preparation • AMU involvement • Business Objects BOXI • Expendable codification and warehousing

Target Audience: The event is targeted to junior CITS asset managers up to FS4, UNVs and national staff members. Only staff currently working in Asset management within CITS will be eligible to participate in this workshop.

VENUE DATE

RSC Entebbe 11/9 – 13/9/2012


17

MANAGEMENT OF RISK FOUNDATION 2 Days

Classroom-based


Objectives: The M_o_R® considers risk from different perspectives within an organisation: strategic, programme, pro-ject and operational. The purpose of the M_o_R® Foundation is to provide candidate with knowledge and comprehension of the four elements of the M_o_R framework: Principles, Approach, Processes, Embedding

and reviewing and how they support corporate governance. By the end of this course delegates will be able to use the M_o_R® approach to risk management to im-prove performance by contributing to: • Increased certainty and fewer surprises • Better Service Delivery • More effective management of change • More efficient use of resources • Better Management at all levels through improved decision making • Reducing waste and fraud • Better value for money • Innovation • Management of contingent and maintenance activities

Target Audience: This course is aimed at any management roles within the organization which need to develop their knowl-edge and capabilities in the M_o_R®. Prerequisites: Students attending this course should have experience in Operational or Project Management. Note: This course will be held in conjunction with M_o_R® Practitioner training course.

VENUE DATE

RSC Entebbe 10/6 – 12/6/2013


18

MANAGEMENT OF RISK PRACTITIONER 2 Days

Classroom-based


Objectives: The purpose of the Practitioner qualification is to confirm whether the candidate has achieved sufficient understanding of how to apply and tailor M_o_R® in a scenario situation and will include understanding of how to apply M_o_R® from the Strategic, Programme, Project and Operational perspectives. By the end of this course, students need to exhibit the competence required for the Foundation qualifica-tion, show that they can apply M_o_R® to address the needs and problems of a specific scenario and they will be able to: • Show they understand the framework of M_o_R® and how that might be applied to address the par-

ticular circumstances of a given project scenario • Show they understand the relationships between the four core concepts and can apply this under-

standing • Demonstrate an understanding of how the M_o_R® Principles can be applied to a set of circum-

stances • Demonstrate that they understand the specific process steps to identify, assess and control risks and

how those steps can be supported by the Common Techniques • Understand the application of the documents within the M_o_R® Approach • Show that they can understand how to Embed & Review M_o_R® within a business environment

Target Audience: This course is aimed at any management roles within the organization which need to develop their knowl-edge and capabilities in the Management of Risk. Prerequisites:

Students attending this course must have passed the M_o_R® Foundation exam. Note: This course will be held in conjunction with M_o_R® Foundation training course.

VENUE DATE

RSC Entebbe 13/6 – 14/6/2013


19

Project Management PRINCE2 FOUNDATION 3 days


Category: ICT Management/Project Management

Objectives: The Prince2 Foundation qualification is the first of two PRINCE2 qualifications required to become a PRINCE2 Practitioner. The PRINCE2 Foundation examination is aiming to measure whether a candidate would be able to act as an informed member of a project management team using the PRINCE2 methodology within a project environment supporting PRINCE2. To this end they need to show they understand the principles and terminology of the method. Specifically, candidates must be able to: • Describe the purpose and major content of all roles, the eight components, the eight processes and

the sub-processes, and the techniques • State which management products are input to and output from the eight processes • State the main purpose and key contents of the major management products • State the relationships between processes, deliverables, roles and the management dimensions of a

project

Target Audience: This course is intended for field staff working in project environments.


VENUE DATE



20

PRINCE2 PRACTITIONER 2 days


Category: ICT Management/Project Management

Objectives: The Prince2 Practitioner is the second of the two PRINCE2 examinations students are required to pass to become a PRINCE2 Practitioner. This PRINCE2 examination is aiming to measure whether a candidate would be able to apply PRINCE2 to the running and managing of a project within an environment supporting PRINCE2. To this end they need to exhibit the competence required for the Foundation qualification, and show that they can apply and tune PRINCE2 to address the needs and problems of a specific project scenario. Specifically candidates must be able to: • Produce detailed explanations of all processes, components and techniques, and worked examples of

all PRINCE2 products as they might be applied to address the particular circumstances of a given pro-ject scenario

• Show they understand the relationships between processes, components, techniques and PRINCE2 products and can apply this understanding

• Demonstrate that they understand the reasons behind the processes, components and techniques of PRINCE2, and that they understand the principles underpinning these elements

• Demonstrate their ability to tune PRINCE2 to different project circumstances

Target Audience: This course is intended for CIT field managers and team members working in project environments.

Prerequisites: Participants attending this course must hold PRINCE2 Foundation exam.


VENUE DATE



21

ICT Security

Security Management


IMPLEMENTING AND AUDITING THE TWENTY CRITICAL SECURITY CONTROLS


LOG MANAGEMENT RSC Entebbe Cancelled 5 Days

Security Systems


BASIC PROTECTION OF WEB APPLICATIONS RSC Entebbe 15/4 – 19/4/2013 5 Days

DEVELOP .NET SECURE APPLICATIONS RSC Entebbe 22/4 – 25/4/2013 4 Days

WEBSENSE WSGA RSC Entebbe 23/4 – 26/4/2013 4 Days


22

Security Management IMPLEMENTING AND AUDITING THE TWENTY CRITICAL SECURITY CONTROLS

5 days


Category: ICT Security/Security Management

Objectives: This intense technical course is designed for security officers and/or experienced system administrators who need to keep abreast of information security issues and developments. Students should better under-stand how to create a strategy for successfully defending their data, implement controls to prevent their data from being compromised and audit their systems to ensure compliance with the standard. This course helps participants master specific, proven techniques and tools needed to implement and audit the Top Twenty Most Critical Security Controls. These Top 20 Security Controls, listed below, are rapidly be-coming accepted as the highest priority list of what must be done and proven before anything else at nearly all serious and sensitive organizations. Topics covered will include: • Introduction to security controls

• The process • Preventing physical intrusions • Laptop and PC configurations • SIEM • IDS/IPS • Web content protection and filtering • Email protection and filtering • VPN security • Endpoint security

• Penetration test and red team exercises

• Implementing identity and access manage-ment

• Creating backups, BCP and DRP • Compliance • Security metrics • Incident responses • Creating and audit • Conclusions

Target Audience: Course is intended for mission ICT security Officers and/or focal points in the field, as well as for systems and network administrators.

Note: Dedicated sessions of this course can be also arranged upon request in classroom-based and virtual for-mats.

VENUE DATE

RSC Entebbe 14/1 – 18/1/2013


23

LOG MANAGEMENT 5 days


Category: ICT Security/ Security Management

Objectives: Objective of the course is to provide fundamentals and hands-on/practical knowledge on setting up securi-ty logs, log analysis as part of both day-to-day technical monitoring and incident response activities, and their overall management. Participants will learn a phased approach to implementing a company-wide log management program and the necessary skills required to deal with various log types as well as with specific log-related tasks that need to be done on a daily, weekly and monthly basis in regards to log review and monitoring. They will also learn to leverage logs for critical tasks related to incident response, forensics and operation-al monitoring and how to utilize various log types in the frenzy of an incident investigation. Topics covered will include: • Log management terminology • Determining organizational requirements • List/mapping of log generating devices • System sizing • Key differentiators • Complying with laws and regulations • How to use log files • Implementing centralized log management

systems • The log management market • Challenges with log management

• Traditional approach to computer man-agement

• Reacting to events • Examples of log analysis from several log

sources • Case studies from real business cases • Forensics • Reporting • Log management in the cloud • Considerations for in-house log manage-

ment

Target Audience: Course is intended for ICT security Officers and/or security focal points in the field as well as systems and network administrators.

Note: Dedicated sessions of this course can be also arranged upon request in classroom-based and virtual for-mats.

VENUE DATE

RSC Entebbe Cancelled


24

Security Management BASIC PROTECTION OF WEB APPLICATIONS 5 days


Category: ICT Security/ Security Systems

Objectives: This course will help students to better understand vulnerabilities in web applications and to protect data entrusted therein more efficiently. By attending this course, trainees will acquire the required knowledge and skills to deal with web security issues from an infrastructure, architecture and coding perspective. Course agenda will explore Web 2.0 technologies, like AJAX and web services, as well as techniques to defend applications from attackers, such as various protective HTTP headers and new generation of browser-based web application protections. This course will cover the following topics: • Infrastructure Security • Server Configuration • Authentication mechanisms • Application language configuration • Application coding errors like SQL Injection and Cross-Site Scripting • Cross-Site Request Forging • Authentication Bypass • Web services and related flaws • Web 2.0 and its use of web services • XPATH and XQUERY languages and injection • Business logic flaws • Protective HTTP Headers

Target Audience: This course is intended for system and security administrators in the field, responsible for implementing, managing, or protecting Web applications.

Prerequisites: Participants must possess web application development and web systems administration/operations skills and knowledge.

VENUE DATE

RSC Entebbe 15/4 – 19/4/2013


25

Security Management DEVELOP .NET SECURE APPLICATIONS 4 days



Objectives: During this course attendees will learn about the defensive strategies and technically-related elements of the ASP.NET framework from a development perspective. They will acquire the required knowledge and skills to intervene on defensive technologies in the ASP.NET environment and to secure .NET applications.

Target Audience: Course is targeted at system and security administrators who are responsible for support and mainte-nance of applications in the field.

Prerequisites: Experience with programming in ASP.NET using either Visual Basic or C#.

Note: This course will be held in conjunction with Basic Protection of Web Applications

VENUE DATE

RSC Entebbe 22/4 – 25/4/2013


26

Security Management WEBSENSE WSGA 4 days



Objectives: The objective of this course is to configure the WSGA (Web Security Gateway Anywhere) advanced fe-tures, perform basic troubleshooting, deploy and manage the TruHybrid component. Participants will learn how to manage advanced integration with Web data loss prevention (DLP) and the roll out the Websense TruHybrid functionality. Upon completion of this course, participants will understand the Web Security Gateway Anywhere architecture and how to implement TruHybrid; they will also be able to configure ex-plicit and transparent proxy, multiple methods of identification and authentication, advanced scanning features, tunneled protocol detection, SSL content inspection and category bypass, policies and filters. Topics covered will include: • Architecture • Appliance Overview, Installation and Configuration • Understanding HTTP • Explicit Proxy and Proxy High Availability • Understanding WCCP • Transparent Proxy and Proxy High Availability • Identification and Authentication • XID Agents • Proxy Authentication • Authentication Realms • Integrated Windows Authentication • Understanding Network Agent • WSGA Management

• Content Scanning • Managing SSL Traffic • TruHybridWebDLP • Reporting

Target Audience: This training course is intended for system and network administrators in the field who are responsible for configuring and tailoring Websense WSGA.

Prerequisites: Participants in this course should have basic knowledge of security and networking.

Note: This course will be held in conjunction with Log Management

VENUE DATE

RSC Entebbe 23/4 – 26/4/2013

ict regional program for african missions rpa - fy 2012-2013 rpa.pdf · regional program for...

Documents