Nitroxis Partner/Reseller Training Catalogue 2021 – V4

NITROXIS 2021 V4.1 (15/05/2021) - 1

Nitroxis Partner/Reseller Training Catalogue 2021 – V4.1

Table of Contents

The Agile Corner ...................................................................................................................... 3 Introduction to Agility ................................................................................................................... 3 The Scrum Framework ................................................................................................................. 4 Management 3.0 – Jurgen Appelo Certification .................................................................... 6 Professional Scrum Foundations .............................................................................................. 9 Professional Scrum Master I ..................................................................................................... 11 Professional Scrum Master II ................................................................................................... 13 Professional Scrum Product Owner ....................................................................................... 16 Professional Scrum Product Owner - Advanced ................................................................ 18 Professional Scrum with UX ..................................................................................................... 20

The Blockchain Corner ......................................................................................................... 22 Blockchain Essentials for decision makers ..................................................................... 22 Introduction to Blockchain ................................................................................................... 25

The Cloud Corner .................................................................................................................. 29 Amazon Official Trainings ......................................................................................................... 29 Amazon Essentials ...................................................................................................................... 30

AWS Business Essentials ..................................................................................................... 30 AWS Cloud Practitioner Essentials .................................................................................... 31 (New) AWS Security Essentials ........................................................................................... 32 (New) AWS Technical Essentials ........................................................................................ 34

Amazon Architecting .................................................................................................................. 36 Architecting on AWS .............................................................................................................. 36 Advanced architecting on AWS ........................................................................................... 38

Amazon Operations/Developer ................................................................................................ 41 System Operations on AWS ................................................................................................. 41 (New) - Developing on AWS .................................................................................................. 43 DevOps engineering on AWS ............................................................................................... 44

Amazon Specialty ........................................................................................................................ 46 (New) Big Data on AWS ......................................................................................................... 47

Microsoft ........................................................................................................................................ 56 Microsoft Azure Fundamentals (AZ-900T01-A) ............................................................... 56

Nutanix ............................................................................................................................................ 58 Enterprise Cloud Administration 5.15 ............................................................................... 58

The Business Continuity Corner .......................................................................................... 61 TRECCERT ..................................................................................................................................... 61

(NEW) BCMS Foundation ISO/IEC 22301 .......................................................................... 61

The Information Security Corner ........................................................................................ 62 (NEW) OWASP Top 10, Secure Coding Fundamentals ................................................. 62 Preparation to the HDS Certification .................................................................................. 67 Introduction to managing Cybersecurity .......................................................................... 68 Introduction to Cloud Officer (CSSF Circular 19/714 in Lux) ...................................... 69 Introduction to BCP/DRP ....................................................................................................... 70

TRECCERT ..................................................................................................................................... 73

NITROXIS 2021 V4.1 (15/05/2021) - 2

Information Security Specialist in Remote Work ............................................................ 73 ISMS Foundation ISO/IEC 27001 ......................................................................................... 75 ISO/IEC 27001 Lead Implementer ........................................................................................ 77 ISO/IEC 27001 Lead Auditor ................................................................................................. 81

ISACA .............................................................................................................................................. 84 CISA® (Certified Information Systems Auditor) ............................................................. 84 CISM® (Certified Information Security Manager) ........................................................... 88 CRISC® (Certified in Risk ad Information System Control) ......................................... 90

(ISC)2 ............................................................................................................................................... 93 CISSP (Certified Information Systems Security Professional) ................................... 93 CCSP (Certified Cloud Security Professional) ................................................................ 97

Miscellaneous (Audit) .......................................................................................................... 101 Integrated Management System (5-Day Training) ........................................................ 101

Project Management ............................................................................................................ 103 Préparation à la certification PMP du PMI - PMBOK v6 ................................................... 103

NITROXIS 2021 V4.1 (15/05/2021) - 3

The Agile Corner Introduction to Agility Description Agility and its related techniques, considered by some as the new Project Management Paradigm, are often view as an alternative to “classic” methodologies such as PRINCE2 or PMBOK. These techniques can help organizations to concrete their projects, organize their work, their business. In this 1-day training, the attendees will discover the Agile Manifesto by themselves, learn how and why it has emerged. They will also experiment some Serious Games which will teach them to live the Agility and understand the merits of this set of values and principles. Objectives At the end of the training, the attendees will be able to:

Understand the concept of changing environment Understand the fundamentals of the Manifesto for Agile Software Development Understand the benefits of Agility Apply the Agile principles in several contexts Understand the main principles of:

The Scrum framework The Kanban Method

Target Audience

Everyone

Prerequisites None

Course Content

Agile Manifesto: let’s think about it together (the Why) The origins The brainstorming The mindset The movement

Applying the mindset (the How) The Scrum Framework The Kanban Method

NITROXIS 2021 V4.1 (15/05/2021) - 4

The Scrum Framework Master the most used Agile tool in the world Description After this training you will have all the cards in hand to use Scrum optimally in order to allow your teams to offer quality achievements with high added value for the end user. Objective -Understand the concept of uncertain environments -Understand the links and differences between Agile and Scrum -Transpose the principles carried by the Agile manifesto within the Scrum Framework -Understand the difference between method and framework -Master the fundamentals of the framework and how to implement them -Be able to support a project team with Scrum -Understand and take on the role of a Scrum Master and his position as Servant Leader -Understand and take on the role of a Product Owner -Manage development requests (Backlog, Epics, User Stories, Tasks,…) -Prepare to take your first Scrum certification -Be able to facilitate a retrospective -Manage team indicators Target Audience Managers, Project Managers, Sales, Developers, Analysts, … and anyone interested in setting up and using the Scrum Framework. Prerequisites No prior knowledge is necessary for this course Course Content History of agility Analysis of the Manifesto for Agile Software Development The Scrum Framework in detail The Backlog and its content in detail Agile estimation methods Plan and monitor a Scrum project: organization, indicators, production, etc. The role of the Scrum Master: the servant leader The role of the Product Owner: the value Optimizer

NITROXIS 2021 V4.1 (15/05/2021) - 5

The role of the developer Scrum and other roles : architects, database administrators, analysts, testers, etc. IT: UX / UI in the Scrum cycle IT: Frontend and Backend developments in Scrum Exercises Duration 2 days

NITROXIS 2021 V4.1 (15/05/2021) - 6

Management 3.0 – Jurgen Appelo Certification Objective This 2-day Foundation workshop aims at helping people become better managers and better workers. It’s filled with games, tools and hands-on practices to learn how to build highly motivated, self-organizing teams (that can do more with less and thrive under change). Management 3.0 Foundation Workshops are all about principles and practices. Combining the best of classical thinking with a fresh approach and new insights. All embedded in a social context and in the networked businesses we work in today. Much of our Management 3.0 Foundation workshops include storytelling from employees and managers sharing their own experiences. Because of this, each Management 3.0 leadership training is different as each person that wants to change management is different. Target Audience -Highly recommended for all change managers, Team leaders, Projects managers, Development Directors Scrum masters, Agile Coaches, Product managers and product owners who want to improve their leadership skills. -For teams under ever-increasing pressure to get more done with less people and resources. -For Project managers with multiple teams that need to share knowledge and work together towards shared goal. -For Agile Trainers and Facilitators Prerequisites No practical experience with Agile approaches is necessary. It can however be useful to know Agile principles and practices. Course Content -Performance management -Team collaboration and project management -Employee empowerment -Developing purpose and value inside an organization -Organizational hierarchy -Competence development -Agile methodologies -Self-organization and delegation

NITROXIS 2021 V4.1 (15/05/2021) - 7

-Change management and organizational transformation -Extrinsic motivation vs. intrinsic motivation Certification -Participants receive an official attendance certificate from Management 3.0 -Participants can follow their own path and become also Facilitator and deliver the training afterwards. Delivery Physical : as described above Online : 4x 2,5 hours (10 hours) with attendance certificate only

NITROXIS 2021 V4.1 (15/05/2021) - 8

NITROXIS 2021 V4.1 (15/05/2021) - 9

Professional Scrum Foundations Course Details

Professional Scrum Foundations provides you the foundational skills and knowledge you need to know and understand to work with Scrum in a highly practical way. The Professional Scrum Foundations class focusses on gaining a clear understanding of the mechanics of Scrum and their coherence from the empirical foundation of Scrum.

Scrum.org selects only the most qualified instructors to deliver this course. Scrum.org maintains the defined curriculum and materials to assure consistency and quality for students worldwide.

Course topics

Fundamentals of Scrum / The Scrum Framework / Mastering Scrum / Planning with Scrum /Getting started / Keeping Scrum healthy

Objectives

Students will have a clear understanding of the foundational elements of Scrum and their coherence. Students will experience the Scrum framework and will gain insights into overcoming complexity. Students will understand that team-based collaboration and self-organization are essential elements in mastering Scrum. Students will be exposed to common missteps and misunderstandings so students grow a higher awareness of the associated symptoms, while the class guidance will avoid going off track and keeping Scrum healthy. Students will be able to be effective members of a Scrum Team or be able to support those who are on a Scrum Team.

Target Audience

For anyone interested in being part of, collaborating with, or growing and leading a Scrum Team.

The Professional Scrum Foundations class is excellent for organizations, teams and anyone wanting to experience the way of working in Scrum.

The course does provide the foundation of knowledge needed for role-focused training for Product Owners, Scrum Masters, Developers, and Leaders within the organization.

Whether you are getting started on your first Scrum effort or refreshing your knowledge, this course gives students the knowledge and direction to start using Scrum immediately after the class.

NITROXIS 2021 V4.1 (15/05/2021) - 10

Format

Students work together as a team in a series of Sprints to build a product, thereby facing real-life problems. Students will actively work with a realistic Product Backlog, decompose requirements into actionable Product Backlog items, estimate Product Backlog items and planning a Sprint, review the work done in a Sprint and retrospect to find valuable improvements. For building the product, be sure to bring a laptop or tablet with an application installed that allows to create webpages (i.e. save your work in html format, for example MS Word, Google Docs, etc.).

This course will be taught in English.

Prerequisites

No particular knowledge is required, although you make the most of the class if you:

Have studied the Scrum Guide / Took the Scrum Open assessment.

Assessment and Certification

The Professional Scrum Foundations course has the Professional Scrum Master level I (PSM I) credential associated with it. All participants completing the Professional Scrum Master course receive a password to take the PSM I assessment. PSF class participants who attempt the PSM I assessment within 14 days of receiving their free password and do not score at least 85% will be granted a 2nd attempt at no additional cost. This industry-recognized certificate require a minimum passing score on the associated rigorous assessment. Scrum.org maintains public lists of all PSM I certificate holders. Students are able to claim Project Management Institute (PMI) PDU credits: 14 PDUs after attending a two-day Professional Scrum Foundations (PSF) course. Please note that PMI PDUs are earned for course attendance and not for passing a PSM I assessment. Students can claim PDUs under PMI's "Education courses provided by other third-party providers” category.

NITROXIS 2021 V4.1 (15/05/2021) - 11

Professional Scrum Master I Course Details

Professional Scrum Master is the cutting-edge course for effective Scrum Masters and for anyone coaching a software development team toward increased efficiency and effectiveness. The course includes advanced thinking for host-leadership and behavioral shifts.

Scrum.org selects only the most qualified instructors to deliver this course.

Scrum.org maintains the defined curriculum and materials to assure consistency and quality for students worldwide.

Course topics

Scrum theory and principles The Scrum Framework The Definition of Done Running a Scrum project Working with people and teams Scrum in your organization The role of the Scrum Master

Objectives

Students are challenged to think within the Scrum Framework and the underlying values and principles to better understand what to do when returning to the workplace and facing complex decisions. Students will have a clear understanding of the rules of Scrum through the empirical foundation of Scrum. Students can act as a Scrum Master for Scrum Teams as well as stakeholders from an in-depth understanding of host-leadership. Students are effectively be able to start up Scrum or increase its effectiveness if already underway.

Target Audience

The training may be interesting to all involved in software development upon the Scrum framework, but has been specifically conceived for those responsible for the successful use and/or rollout of Scrum.

Format

Students work in teams. They learn through team assignments, discussions and hands-on exercises. This course will be taught in English.

Prerequisites

Attendees make the most of the class if they:

NITROXIS 2021 V4.1 (15/05/2021) - 12

Have studied the Scrum Guide (required).

Passed the Scrum Open assessment.

Have a solid understanding of Scrum either through working on a Scrum Team, or through taking part in a Professional Scrum Foundations or similar course. Have been on or are closely involved in building or enhancing a software product or application. Have read one of the Scrum books of Ken Schwaber or the book “Scrum – A Pocket Guide” by Gunther Verheyen.


The Professional Scrum Master course has two associated credentials : Professional Scrum Master level I (PSM I) and Professional Scrum Master level II (PSM II). All participants completing the Professional Scrum Master course receive a password to take the PSM I assessment and are entitled to a discount on the PSM II assessment. These industry-recognized certifications require a minimum passing score on the associated rigorous assessment. Scrum.org maintains public lists of all PSM I certificate holders and PSM II certificate holders. Microsoft® uses the PSM I assessment to validate knowledge as part of its Silver and Gold Application Lifecycle Management (ALM) competencies. Students are able to claim Project Management Institute (PMI) PDU credits: 14 PDUs after attending a two-day Professional Scrum Foundations (PSF) course. Please note that PMI PDUs are earned for course attendance and not for passing a PSM I assessment. Students can claim PDUs under PMI's "Education courses provided by other third-party providers” category.

NITROXIS 2021 V4.1 (15/05/2021) - 13

Professional Scrum Master II Course Details

Advance your Scrum Master skills! No doubt you have faced tough challenges that left you wonder. Now take a deep dive into your role as a Scrum Master. How can you serve your Development Team, Product Owner, and the wider organization better?

The PSM II is an advanced course that will raise your understanding of the stances that characterize an effective Scrum Master and Servant Leader. The class will teach you about complementary practices and the needed skills to enable you to have the right types of conversations and how to apply them to become an even better Scrum Master. Unlike the Professional Scrum Master (PSM) course which, mainly from a Scrum Master perspective, focuses on how to use Scrum, the Scrum framework and the role of the Scrum Master within it, the PSM II aims to clarify the desired mindset and behavior that is necessary to become an effective Scrum Master.

Course Topics

Scrum? Not Scrum? The broad role of the Scrum Master - stances and skills Serving the Development Team better Serving the Product Owner better Serving the Organization better

Throughout these modules you will learn about areas critical to growing as a successful Scrum Master. You'll learn how the principles and values of Scrum help guide Scrum Masters in the decisions they make and how the Scrum Master can help change the environment of Scrum Teams, creating an environment for agility to thrive. The Scrum Master role is complex and often, a Scrum Master must be able to apply different stances in order to be effective, such as teacher, coach & mentor, facilitator and change agent.

As a Scrum Master, part of your role is to help management and other stakeholders across your organization understand the benefits of Scrum and Agile. Therefore, it is imperative that you have the information and background that is needed to gain credibility in order to be an effective change agent. Throughout the class, we will provide stories, exercises, facilitation techniques, resources and more that will give you just that. There will also be time to provide peer-coaching on challenges that you and your classmates may be experiencing today.

Objectives

The objectives of the PSM II class are to help you learn:

What practices, tools, skills and stances make an effective Scrum Master How the Scrum principles and values help guide Scrum Masters in the decisions they

NITROXIS 2021 V4.1 (15/05/2021) - 14

make How the Scrum Master acts as a servant-leader and improves their ability in this role What the Scrum Master can do to support Development Teams and Product Owners to become more effective.

Ways that the Scrum Master can help to change the environment making it more conducive for Scrum Teams to be successful with greater agility.

Provide tips and techniques for the Scrum Master to work with the rest of the organization in support of their Scrum Teams

Target Audience

You have at least one year of experience as Scrum Master and you want to step up your game as a Professional Scrum Master? Then this is the training you are looking for.

Format

The PSM II class is designed to be by Scrum Masters for Scrum Masters. Through facilitating, teaching, coaching and mentoring, together with the other students you will discover and achieve the learning objectives together.

Prerequisites


Have a thorough understanding of the Scrum framework through practical experience (required). It is strongly recommended to have at least one year of Scrum Master experience.

Have studied the Scrum Guide (required).

Passed the Scrum Open assessment and the Product Owner Open assessment. Have taken part in a Professional Scrum Master (PSM) course or similar course.


The Professional Scrum Master II (PSM II) course is an advanced Scrum Master class designed to support Scrum Masters in their professional development. Upon completing the Professional Scrum Master II course you will receive a password to attempt the PSM II assessment.

If you pass the assessment, you will gain the industry recognized PSM II certification.

NITROXIS 2021 V4.1 (15/05/2021) - 15

This certification doesn’t expire and makes you part of an elite community of less than 1,800 PSM II badge holders worldwide.

You will also be entitled to a 40% discount on the PSM III assessment. Students attending Scrum.org training classes learn the importance of inspection, adaptation, and fast feedback cycles. To reinforce those concepts, if you attempt the PSM II certification assessment within 14 days after the class but do not achieve a score of at least 85% you will be given a 2nd attempt at no cost. Students are able to claim Project Management Institute (PMI) PDU credits: 14 PDUs after attending a two-day Professional Scrum Master II (PSM II) course. Please note that PMI PDUs are earned for course attendance and not for passing a PSM II assessment. Students can claim PDUs under PMI's "Education courses provided by other third-party providers” category.

NITROXIS 2021 V4.1 (15/05/2021) - 16

Professional Scrum Product Owner Description

With the “Professional Scrum Product Owner” (PSPO) course, you learn the basics of Scrum and the role of the PO in order to maximize your return on investment.

Professional Scrum Product Owner is THE cutting-edge course for effective Product Ownership. It explores the worldwide challenge that many Scrum implementations run into, i.e. how should business people and product managers engage in Scrum and collaborate with Scrum Development Teams?

The Professional Scrum Product Owner class focuses on the core expectation for Product Owners to maximize the value of the work done for a software product, thereby serving customers, users and the organization.

Scrum.org selects only the most qualified instructors to deliver this course.

Scrum.org maintains the defined curriculum and materials to assure consistency and quality for students worldwide.

Objective

The PSPO course teaches people how to maximize the return on investment (ROI) and optimize the total cost of ownership (TCO) of products and systems. Agile product ownership today requires more than knowledge of how to write a user story or manage a product backlog. Professional Product Owners need to have a concrete understanding of everything that drives value from their products. PSPO helps participants develop and solidify this understanding from early stakeholder management to release planning and delivery.

Students are challenged to think in terms of Scrum and the Scrum principles to better understand what to do when they return to their workplaces. Students will have a clear understanding of the mechanics of Scrum and how the role of the Product Owner fits in.

Students can act as a Product Owner for Scrum Teams and stakeholders. Students can effectively increase the business agility of their organization

Course topics

Value driven development The Scrum framework Product Management Managing Requirements, Products and Releases The Scrum Product Owner

NITROXIS 2021 V4.1 (15/05/2021) - 17

Target Audience

The training may be interesting to all involved in software development upon the Scrum framework, but has been specifically conceived for those responsible over products from a business perspective and taking up the highly accountable role of Scrum Product Owner

Format

Students work in teams. They learn through team assignments, discussions and hands-on exercises. This course will be taught in English.

Prerequisites


Have studied the Scrum Guide (required). Passed the Scrum Open assessment.

Have a solid understanding of Scrum either through working on a Scrum Team, or through taking part in a Professional Scrum Foundations or similar course.

Have been on or are closely involved in building or enhancing a software product or application using Scrum.

Have read one of the Scrum books of Ken Schwaber or the book “Scrum – A Pocket Guide” by Gunther Verheyen.


The Professional Scrum Product Owner course has two associated credentials: Professional Scrum Product Owner level I (PSPO I) and Professional Scrum Product Owner level II (PSPO II).

All participants completing the Professional Scrum Product Owner course receive a password to take the PSPO I assessment and are entitled to a discount on the PSPO II assessment. These industry-recognized certifications require a minimum passing score on the associated rigorous assessment. Scrum.org maintains a public list with everyone holding a PSPO I and PSPO II credentials.

NITROXIS 2021 V4.1 (15/05/2021) - 18

Professional Scrum Product Owner - Advanced

Mastering the product owner stances

This 2-day Professional Product Owner - Advanced (PSPO-A) course focuses on helping experienced practitioners expand their ability to establish a solid vision, validate their hypotheses, and ultimately deliver more value to their stakeholders. The PSPO-A course is intended for Product Owners who are looking to grow their knowledge and abilities. The course goes beyond the topics explored in the Professional Scrum Product Owner (PSPO) class by deepening the attendee's understanding of the role through the exploration of the many stances of a professional Product Owner.

What you will learn

The Product Owner's role is multifaceted, requiring the practitioner to engage in behaviors and adopt mindsets beyond the core of Agility and the Scrum Framework. This course surfaces these behaviors by challenging the student to adopt several different Product Owner stances:

Customer Representative - focused on understanding customer problems, challenges and potential opportunities

Visionary - communicating the vision, future state and possibilities in ways that foster common understanding

Experimenter - focusing on innovation, hypothesis testing and validating potential value to spark product innovation

Influencer - communicating with and influencing stakeholders, customers and the Scrum Team to act with common purpose

Collaborator - seeking input, ideas and feedback from others

Decision Maker - focusing on creating maximum impact by making clear choices and decisions

Over the 2 days, students will learn about areas critical to growing as a successful Product Owner and through a series of exercises combined with instruction, students gain a better understanding of what it means to deliver value and how to express that value inside and outside of the organization.

Course Format

This course is an interactive, experiential, no-slideware workshop where attendees explore topics through a series of exercises and discussions.

NITROXIS 2021 V4.1 (15/05/2021) - 19

Course Objectives

Practicing Product Owners will learn different stances a Product Owner takes in order to navigate everyday challenges.

Attendees leave knowing how to best identify and serve various groups of stakeholders and what competencies are expected. In order to aid in this journey, modern complementary practices will be introduced through discussions, case studies, and exercises.

Students will leave with a clear path to moving forward in their Product Owner journey.

Gain a better understanding of how to use vision, value, and validation to create a competitive advantage for any product.

Learn about the various types of stakeholders that Product Owners represent and how to best work with them.

Who should attend

The Professional Product Owner-Advanced course is an advanced course specifically designed for Product Owners and product managers who have practical experience managing or owning a product.

It is also beneficial to Scrum Masters and stakeholders who work with Product Owners. It is particularly beneficial for those with at least one year of building products with a Scrum Team.

Course Topics

Understanding your products

Who are your customers?

Connecting product features to customer outcomes

Communicating the product vision and strategy

Value and pricing models

Innovation and experimentation

Stakeholders and stakeholder management

Agile governance, budgeting and contracting in relation to Scrum

Scaling the Product Owner role

NITROXIS 2021 V4.1 (15/05/2021) - 20

Prerequisites

Have studied the Scrum Guide

Students should have at least one year of Product Owner experience and a practical knowledge of Scrum in order to participate in and benefit from these exercises.

Having previously taken the PSPO class is recommended, but not required.

Professional Scrum Product Owner Certification

All participants completing the Professional Scrum Product Owner Advanced course will receive a password to attempt the Professional Scrum Product Owner II (PSPO II) certification assessment. PSPO-A class participants who attempt the PSPO II assessment within 14 days of receiving their free password and do not score at least 85% will be granted a 2nd attempt at no additional cost.

And participants are also entitled to a 40% discount on the PSPO III assessment.

Professional Scrum with UX Course Details

Professional Scrum with UX bridges the gap between Scrum, User eXperience and Design practices. The Professional Scrum with UX class focusses on learning how to integrate modern UX practices into the way you and your team are working in Scrum and how to work most effectively within Scrum teams. Scrum.org selects only the most qualified instructors to deliver this course. Scrum.org maintains the defined curriculum and materials to assure consistency and quality for students worldwide.

Course topics

Understand how Scrum with UX enhance continuous learning / Framing work as problems to solve / Outcomes over outputs / Managing UX work in Scrum /Focus on users/ Experimentation

Objectives

Students will learn UX techniques that work most effectively with Scrum Teams. Students will also learn practical tools and practices to best work with customers and their feedback to deliver higher value in the customer’s eyes. Students will understand how to reconcile UX work with Scrum essentials such as the Definition of “Done”,

NITROXIS 2021 V4.1 (15/05/2021) - 21

Product Backlog ordering and delivering “Done” Increments every Sprint. Students will learn how to handle design work that may extend beyond a single Sprint, continuing to deliver value each and every Sprint using Scrum.

Target Audience

Scrum Masters, Product Owners and anyone involved in delivering the product (engineers, product managers, etc.) as technology teams work better when they’re collaborating across disciplines and specialties.

People who know UX will learn how to work more effectively inside Scrum, managing work in Sprints and visualizing it in the Product Backlog.

Format

Students work in teams. They learn through team assignments, discussions and hands-on exercises.

This course will be taught in English.

Prerequisites


Have studied the Scrum Guide (required). Passed the Scrum Open assessment.

Have a solid understanding of Scrum either through working on a Scrum Team, or through taking part in a Professional Scrum Foundations or similar course. Have been on or are closely involved in building or enhancing a software product or application. Have read one of the Scrum books of Ken Schwaber or the book “Scrum – A Pocket Guide” by Gunther Verheyen.


The Professional Scrum with UX class has the PSU I credential associated with it All participants completing the Professional Scrum with UX class receive a password to take the PSU I assessment. Class participants who attempt the PSU I assessment within 14 days of receiving their free password and do not score at least 85% will be granted a 2nd attempt at no additional cost. This industry-recognized certificate requires a minimum passing score on the associated rigorous assessment. Scrum.org maintains public lists of all PSU I certificate holders. Students are able to claim Project Management Institute (PMI) PDU credits: 14 PDUs after attending a two-day Professional Scrum with UX class. Please note that PMI PDUs are earned for course attendance and not for passing a PSU I assessment. Students can claim PDUs under PMI's "Education courses provided by other third-party providers” category.

NITROXIS 2021 V4.1 (15/05/2021) - 22

The Blockchain Corner Blockchain Essentials for decision makers In partnership with the Blockchain Academy® whose mission consists in supporting decision makers and their teams in acquiring a fundamental understanding of the Blockchain phenomenon and becoming autonomous in their reasoning on the Blockchain subject. The Blockchain Academy® proposes an extensive range of Blockchain related courses categorized in 3 modules: Blockchain Fundamentals, Blockchain Implications and Blockchain Implementations. The Blockchain Academy® wants to take part in the formation of the Blockchain-future by delivering commercially neutral courses, allowing leaders to prepare for the near future and act on the subject of Blockchain Summary The training treats a large range of topics from Blockchain’s history to its design, functioning, business implications, applications, smart contracts, crypto assets and Blockchain roadblocks. An interactive creative session handles the Blockchain features and characteristics by combining them into innovative use cases. Who should attend? Non-technical, corporate decision makers and their teams, government agencies, policy makers, investors Learning objectives This one-day Blockchain training program has ONE SINGLE OBJECTIVE: acquire a fundamental understanding of what Blockchain is and develop autonomy in one’s reasoning on the subject of Blockchain. Course Agenda Blockchain Fundamentals

The Basics

Protocol Design Principles

Individual Independency

Collective agreement

Wallets, Nodes & Miners

Consensus Creation

NITROXIS 2021 V4.1 (15/05/2021) - 23

Identification & Ownership

Digital Signatures, Authenticity & Integrity

Tokens of Ownership

Smart Contracts

Oracles Decentralized Applications & Organizations

Blockchain Simulation (Bring your laptop!)

Hash, Nonce, Trial & Error

Hash Chains & Chain Immutability

Transaction Signing

Blockchain Operational Overview

Blockchain Simulation (bring your laptop!)

Role of a Wallet

Role of a Node

Role of a Miner

Blockchain’s Core Value Proposition

Power of Incentives

Transaction Costs

The Internet of Value

Value through collaboration

Blockchain Functionalities & Features

Creative with Blockchain in Business

Processes & Product Development

Crypto Assets

Token Evolution

NITROXIS 2021 V4.1 (15/05/2021) - 24

Initial Coin Offerings / Token Generation

Events / Security Token Offerings

Utility Tokens: New Market Signaling

Mechanism

Blockchains

Public vs Private Blockchains

Short Term vs Long Term Business

Considerations

Do I Need a Blockchain?

Meunier Model

RMIT Model

Blockchain Initiatives

European Commission

Rest of the World

Prerequisites

None, entry level

Educational approach

This training is based on both theory and practice

The objective is realized through a balanced mix of theoretical interactive sessions and hands-on Blockchain experiments with a Blockchain Serious Game and a Blockchain Simulation, allowing the participants to absorb the fundamental nature of Blockchain and grasp the functioning of Blockchain wallets, nodes and miners.

To benefit from the practical exercises, the number of training participants is limited to 10.

General Information

You need an individual laptop with internet connection or a Workstation.

Slides are in English.

NITROXIS 2021 V4.1 (15/05/2021) - 25

Introduction to Blockchain Objective This 2-day Blockchain training program has One Single Objective: acquire a fundamental understanding of what Blockchain is and develop autonomy in one’s reasoning on the subject of Blockchain. The objective is realized through a balanced mix of theoretical interactive sessions and hands-on Blockchain experiments with a Blockchain Serious Game and a Blockchain Simulation, allowing the participants to absorb the fundamental nature of Blockchain and grasp the functioning of Blockchain wallets, nodes and miners. The training treats a large range of topics from Blockchain’s history to its design, functioning, business implications, applications, smart contracts, crypto assets and Blockchain roadblocks. An interactive creative session handles the Blockchain features and characteristics by combining them into innovative use cases. Target Audience

Non-technical, corporate decision makers and their teams, government agencies, policy makers, investors.

Prerequisites None, entry level

Language English Material needs

Individual laptop with internet connection Course Content

Day 1:

Blockchain Background Traditional Transaction Databases

Fundamental Trust Problem & Trusted Third Parties Centralised Transactional Consensus Infrastructure & Protection Features of Centralised Consensus Drawbacks of Centralised Consensus

NITROXIS 2021 V4.1 (15/05/2021) - 26

Blockchain Emergence Early Research: Failures & Successes Key Ideas Leading up to Bitcoin Satoshi Nakamoto: Solution to Double Spending Problem Blockchain Terminology A Brief History of Blockchain Since Bitcoin

Blockchain Serious Game Economy, Money & Pricing Ownership Rights & Proof of Ownership Trusted Social Environments, Central Databases, Blockchains Creating Your Own Blockchain with Paper & Plastic Boxes

Creating Transactions Digital Signatures Pool of Unconfirmed Transactions Verifying New Transactions Creating Consensus and Mining Race New Blocks: Verification of the Nonce Sealing Your Blockchain Proofing Your Ownership

Understanding Blockchain Functioning

Basic Elements What is Blockchain? Infrastructure & Content Creation Protection

Protocol Design Principles Individual Independency Collective Agreement / Consensus

Proof of Work, Majority voting & Longest-Chain 51% Attack Mining Reward

Integrity Open Source & Game Theoretic Aspect Integrity Alerts Possible & Impossible Dishonest Behavior

Protocol Functions

NITROXIS 2021 V4.1 (15/05/2021) - 27

Wallets Nodes Miners

Features of Consensus Creation Identification & Ownership

Public-Private Key Pairs, Digital Signatures & Authenticity Transaction Authorization Tokens of Ownership Smart Contracts

Definition Oracles DAPPs & DAOs

Intersection Between Blockchain Technology & Legal Compliance

Relativity of Guarantee of Registry Liability & Blockchain’s Borderless Nature GDPR & Blockchain’s Immutable Nature Crypto-Assets & Security Offering Regulation

Day 2:

Blockchain Simulation Hash, Nonce, Trial & Error Blockchain Operational Overview Online Blockchain Simulation

Role of a Wallet Role of a Node Role of a Miner

Business Implementation Considerations Blockchain Functionalities & Features Blockchain Implementations: Creative with Functionalities & Features High Level Implementation Considerations Short Term Business Considerations

NITROXIS 2021 V4.1 (15/05/2021) - 28

Crypto-Assets Definitions Token Generations Initial Coin Offering / Security Token Offering / Token Generation Event Utility Tokens: Paradigm Shift TGE Launch Process TGE Advantages & Disadvantages

Case Studies Axa: Flight Delay Insurance Ibisa: Mutual Micro Farming Insurance Bext360: Coffee on The Blockchain Nightfall: Business on Ethereum

Do I Need a Blockchain?

Suichies Model Meunier Model RMIT model

NITROXIS 2021 V4.1 (15/05/2021) - 29

The Cloud Corner

Amazon Official Trainings

NITROXIS 2021 V4.1 (15/05/2021) - 30

Amazon Essentials

AWS Business Essentials

In this 1-day official course, you will learn about the benefits of cloud computing and how a cloud strategy can help you achieve your business goals. This course covers the benefits that cloud computing can bring to your business and the basics of AWS, including the financial benefits. This course also introduces the concepts of compliance and security to help you consider integrating the AWS platform into your cloud computing strategy. Course Objectives At the end of this course, you will be able to: identify the value and benefits of the AWS cloud identify interesting ways you can use the AWS platform understand the robust security capabilities, controls and assurances in place to ensure data and network protection define the financial impact that the AWS cloud can have on an organization's cost management, while minimizing the risks associated with consumption-based pricing models Intended Audience -IT business decisions makers and people who are just starting the AWS services

NITROXIS 2021 V4.1 (15/05/2021) - 31

AWS Cloud Practitioner Essentials

In this 1-day, digital, you’ll gain an overall understanding of AWS Cloud, independent of specific technical roles. It provides a detailed overview of cloud concepts, AWS services, security, architecture, pricing, and support. This course also helps you prepare for the AWS Certified Cloud Practitioner exam. Course objectives

In this course, you will learn how to:

Define what the AWS Cloud is and the basic global infrastructure Describe the key services on the AWS platform and their common use cases Describe basic AWS Cloud architectural principles Describe basic security and compliance aspects of the AWS platform and the shared security model Define the billing, account management, and pricing models Identify sources of documentation or technical assistance (e.g., whitepapers, support tickets) Describe the AWS Cloud value proposition Describe basic/core characteristics of deploying and operating in the AWS Cloud

Intended audience

Sales Legal Marketing Business analysts Project managers C-level executives AWS Academy students Other IT-related professionals

Schedule

Cloud Concepts Introduction AWS Core Services AWS Enhanced Services AWS Architecting Security Pricing and Support

NITROXIS 2021 V4.1 (15/05/2021) - 32

(New) AWS Security Essentials

In this 1-day training you will learn the fundamentals of AWS Cloud security concepts, including AWS access control, data encryption methods, and how network access to your AWS infrastructure can be secured. We will discuss your security responsibilities in the AWS Cloud and the various services available in the field.

Course Objectives

In this training you will learn to:

Identify Your Responsibilities and Security Benefits of Using the AWS Cloud Describe the integrated access management and control features of AWS. Understand data encryption methods to protect sensitive data Explain how to secure network access to your AWS resources. Determine which AWS services to use for security logging and monitoring

Prerequisites

Knowledge of IT security practices and infrastructure concepts Be familiar with cloud computing

Intended Audience

IT Executives, Operations Professionals, Professionals with basic knowledge of AWS who wish to acquire fundamental knowledge about the secure use of data in the AWS Cloud

Targeted Skills

Deploy, manage and operate scalable, highly available, and fault-tolerant systems on AWS

Implement and control data flow from/to AWS Select the appropriate AWS service based on compute, data, or security requirements

Know the correct use of AWS best-operating practices Troubleshoot Basic Definition of an AWS CloudFormation Stack

Delivery Method

NITROXIS 2021 V4.1 (15/05/2021) - 33

Official AWS course material delivered electronically at the start of the session Practical and corrected exercises or sharing of real experience depending on the case Digital marking by half-day of presence Live assessment of participants' satisfaction at the end of the session Attendance certificate and training certificate is given to participants at the end of the session

Course Schedule

Module 1: Security in AWS

AWS Cloud Security Design Principles AWS Shared Responsibility Model

Module 2: Cloud Security AWS Global Infrastructure Datacenter security Compliance and governance

Module 3: Security IN the Cloud - Part 1 Identity and access management Data Protection Fundamentals

Module 4: Security IN the Cloud - Part 2 Secure your infrastructure Surveillance and detective controls

Module 5: Security IN the Cloud - Part 3 Denial of service (DDoS) mitigation Fundamentals of incident response

Recommended Certification

N/A

NITROXIS 2021 V4.1 (15/05/2021) - 34

(New) AWS Technical Essentials

In this 1-day official training introductory course, you will learn about AWS products, services, and common solutions. You will learn the fundamentals of identifying AWS services so that you can make informed decisions about IT solutions based on your business requirements. Course Objectives In this course, you will learn to:

- Terminology and concepts related to the AWS platform

- How to navigate the AWS Management Console

- Key concepts of AWS security measures and AWS Identity and Access Management (IAM)

Intended Audience This course is intended for:

-Individuals responsible for articulating the technical benefits of AWS services to customers

-Individuals interested in learning how to get started with AWS

-SysOps administrators, Solutions architects, Developers

Targeted Skills Understand AWS services and how they integrate with cloud solutions Prerequisites N/A Course Schedule

Module 1: The Origins of AWS The history of AWS

NITROXIS 2021 V4.1 (15/05/2021) - 35

The global AWS infrastructure Navigate the AWS Management Console

Module 2: Basic Services - EC2, VPC and S3 Amazon Elastic Compute Cloud (EC2) concepts Amazon Virtual Private Cloud (VPC) concepts AWS Storage Concepts

Module 3: Security, Identity and Access Management (IAM) The AWS Shared Responsibility model Security measures offered by AWS The concepts of AWS Identity and Access Management (IAM)

Module 4: Databases - DynamoDB and RDS Database models (NoSQL vs SQL) The concepts of Amazon Relational Database Service (RDS) DynamoDB Concepts

Module 5: Elasticity and Management in AWS Auto Scaling concepts Elastic Load Balancing accounts AWS management tools (CloudWatch, Trusted Advisor)

Module 6: How to Continue: AWS Certifications and Support Overview of other AWS training AWS certifications AWS support options

Module 7: Appendices to previous module

Recommended certification AWS Certified Cloud Practitioner

NITROXIS 2021 V4.1 (15/05/2021) - 36

Amazon Architecting

Architecting on AWS

This 3-day official course covers the fundamentals of building IT infrastructure on the AWS platform. Students learn how to optimize the AWS Cloud by understanding how AWS services fit into cloud-based solutions. In addition, students explore AWS Cloud best practices and design patterns for architecting optimal IT solutions on AWS, and build a variety of infrastructures in guided, hands-on activities. The course also covers how to create fledgling architectures and build them into robust and adaptive solutions. Course Objectives In this course, you will learn to:

- Make architectural decisions based on AWS architectural principles and best practices

- Leverage AWS services to make your infrastructure scalable, reliable, and highly available

- Leverage AWS Managed Services to enable greater flexibility and resiliency in an infrastructure

- Make an AWS-based infrastructure more efficient to increase performance and reduce costs

- Use the Well-Architected Framework to improve architectures with AWS solutions

Intended Audience This course is intended for: Solutions architects, Solution design engineers, anyone who needs to understand the scope of cloud architecture

Prerequisites

We recommend that attendees of this course have the following prerequisites:

NITROXIS 2021 V4.1 (15/05/2021) - 37

- AWS Cloud Practitioner Essentials - Working knowledge of distributed systems - Familiarity with general networking concepts - Working knowledge of multi-tier architectures - Familiarity with cloud computing concepts

Course outline

This course covers the following concepts:

-The Well-Architected Framework

-Networking with AWS

-Core AWS concepts, knowledge, and services, including designing your environment and making your environment highly available

-Event-driven scaling

- Automation

-Decoupling

-Serverless designs

-How to grow your architecture from small to extremely large

NITROXIS 2021 V4.1 (15/05/2021) - 38

Advanced architecting on AWS

In this 3-day official course, you will build on concepts introduced in Architecting on AWS. You will learn how to build complex solutions that incorporate data services, governance, and security on the AWS platform. You will also learn about specialized AWS services, including AWS Direct Connect and AWS Storage Gateway, that support hybrid architecture, and you will learn about best practices for building scalable, elastic, secure, and highly available applications on AWS. Course Objectives In this course, you will learn to:

• Apply the AWS Well-Architected Framework

• Manage multiple AWS accounts for your organization

• Connect an on-premises data center to the AWS Cloud

• Discuss billing implications of connecting multi-region VPCs

• Move large data from an on-premises data center to AWS

• Design large data stores for the AWS Cloud

• Understand different architectural designs for scaling a large website

• Protect your infrastructure from distributed denial of service (DDOS) attacks

• Secure your data on AWS with encryption

• Design protection of data at rest and data in transit

• Enhance the performance of your solutions

• Select the most appropriate AWS deployment mechanism

Intended Audience

• Individuals who are experienced with designing scalable and elastic applications on the AWS platform

Prerequisite

To attend this course, it is recommended to have taken the Architecture course on AWS.

Course Schedule Day 1

AWS Account Policies

NITROXIS 2021 V4.1 (15/05/2021) - 39

Advanced network architecture

Big Data Center Design for AWS

Day 2

Web-wide applications

Development of resilience

Full cloud security

Day 3

Encryption and key management on AWS

Security Data on AWS

Design to optimize performance Certification

This training prepares you for the AWS Solution Architect Professional certification exam.

NITROXIS 2021 V4.1 (15/05/2021) - 40

NITROXIS 2021 V4.1 (15/05/2021) - 41

Amazon Operations/Developer

System Operations on AWS In this 3-day official course, you will learn how to create automatable and repeatable deployments of networks and systems on the AWS platform. We will explore the AWS features and tools related to, and best practices for, configuration and deployment. Course Objectives In this course, you will learn to:

• Use standard AWS infrastructure features such as Amazon Virtual Private Cloud (Amazon VPC), Amazon Elastic Compute Cloud (Amazon EC2), Elastic Load Balancing (ELB), and AWS Auto Scaling from the command line

• Use AWS CloudFormation and other automation technologies to produce stacks of AWS resources

• Build virtual private networks with Amazon VPC

• Deploy Amazon EC2 instances using command line calls and troubleshoot common problems with instances

• Monitor the health of Amazon EC2 instances and other AWS services

• Manage identity, AWS permissions, and security in the AWS Cloud

• Manage resource consumption in an AWS account using tags, Amazon CloudWatch, and AWS Trusted Advisor

• Determine the best strategy for creating reusable Amazon EC2 instances

• Configure a set of Amazon EC2 instances that launch behind a load balancer

• Troubleshoot a basic AWS CloudFormation stack definition Intended Audience

• Systems administrators

• Software developers, especially those in a DevOps role Course Schedule Day 1 Overview of System Administrator Tasks in AWS The Network in the cloud Cloud computing Day 2 Cloud storage and archiving Cloud monitoring Manage resource consumption in the Cloud Day 3

NITROXIS 2021 V4.1 (15/05/2021) - 42

Configuration management in the cloud Creation of scalable deployments in the Cloud Creation of automated and repeatable deployments Prerequisite Have experience with other development systems or systems administration. Experience in command line operating system maintenance (CLI) is desired; basic knowledge of TCP/IP and HTTP protocols is required Certification This training partially prepares for AWS Certified Sysops administrator - associate certification

NITROXIS 2021 V4.1 (15/05/2021) - 43

(New) - Developing on AWS

In this official, certifying 3-day course, you will learn how to use the AWS SDK to develop secure and scalable cloud applications. We'll see how to interact with AWS using code, and discuss key concepts, best practices, and troubleshooting tips. Course Objectives

• Configure the AWS SDK and Developer Credentials for Java, C # /. Net, Python, and JavaScript

• Interact with AWS Services and Develop Solutions Using the AWS SDK • Use AWS Identity and Access Management (IAM) for Service Authentication • Use Amazon Simple Storage Service (Amazon S3) and Amazon DynamoDB

as datastores • Integrate applications and data using AWS Lambda, Amazon API Gateway,

Amazon Simple Queue Service (Amazon SQS), Amazon Simple Notification Service (Amazon SNS), and AWS Step Functions

• Use Web Identity Framework and Amazon Cognito for User Authentication • Use Amazon ElastiCache to improve application scalability • Use containers in the development process • Leverage the CI / CD pipeline to deploy applications on AWS

Intended Audience Mid-level software developer Prerequisite Have a solid knowledge of software development Have basic knowledge of .Net (C #) or Java Master the concepts of cloud computing Course schedule Day 1: Introduction to AWS Introduction to Developing on AWS Introduction to IAM Introduction to the workshop Developing Solutions with Amazon S Day 2: Developing Flexible NoSQL Solutions with Amazon DynamoDB Developing Solutions with AWS Lamba Developing Solutions with AWS API Gateway Development of solutions with ASS SQS and SNS Developing Solutions with AWS Step Functions

NITROXIS 2021 V4.1 (15/05/2021) - 44

Day 3: Caching Information with Amazon ElastiCache Getting started with containers Development of secure solutions Deployment of applications Course conclusion

DevOps engineering on AWS

NITROXIS 2021 V4.1 (15/05/2021) - 45

The 3-day official course DevOps Engineering on AWS teaches you how to use the combination of DevOps cultural philosophies, practices, and tools to increase your organization’s ability to develop, deliver, and maintain applications and services at high velocity on AWS. This course covers continuous integration (CI), continuous delivery (CD), infrastructure as code, microservices, monitoring and logging, and communication and collaboration. Hands-on labs give you experience building and deploying AWS CloudFormation templates and CI/CD pipelines that build and deploy applications on Amazon Elastic Compute Cloud (Amazon EC2), serverless applications, and container-based applications. Labs for multi-pipeline workflows and pipelines that deploy to multiple environments are also included. Course Objectives In this course, you will learn to: -Use DevOps best practices to develop, deliver, and maintain applications and services at high velocity on AWS -List the advantages, roles, and responsibilities of small, autonomous DevOps teams -Design and implement an infrastructure on AWS that supports DevOps development projects -Leverage AWS Cloud9 to write, run, and debug your code -Deploy various environments with AWS CloudFormation -Host secure, highly scalable, and private Git repositories with AWS CodeCommit -Integrate Git repositories into CI/CD pipelines -Automate build, test, and packaging code with AWS CodeBuild Securely store and leverage Docker images and integrate them into your CI/CD pipelines -Build CI/CD pipelines to deploy applications on Amazon EC2, serverless applications, and container-based applications Implement common deployment strategies such as “all at once,” “rolling,” and “blue/green” -Integrate testing and security into CI/CD pipelines -Monitor applications and environments using AWS tools and technologies Intended Audience This course is intended for: DevOps engineers/architects Operations engineers System administrators Developers Prerequisite Working knowledge of programming languages (C #, java, Python, PHP, ..) Knowledge in systems administration (via CLI) Practical experience on AWS (Console and CLI) Having followed the Systems operations on AWS or Developing on AWS Certification

NITROXIS 2021 V4.1 (15/05/2021) - 46

This course is not associated with any certification

Amazon Specialty

NITROXIS 2021 V4.1 (15/05/2021) - 47

(New) Big Data on AWS

In this 3-day course, you'll learn about cloud-based Big Data solutions such as Amazon EMR, Amazon Redshift, Amazon Kinesis, and the rest of the AWS Big Data platform. You'll discover how to use Amazon EMR to process data using the broad ecosystem of Hadoop tools like Hive and Hue. The course also teaches you how to create Big Data environments, work with Amazon DynamoDB, Amazon Redshift, Amazon QuickSight, Amazon Athena, and Amazon Kinesis, and leverage best practices to design Big Data environments for security and cost-effectiveness. Course Objectives

In this course, you will learn how to:

• Fit AWS Solutions inside of a big data ecosystem • Leverage Apache Hadoop in the context of Amazon EMR • Identify the components of an Amazon EMR cluster • Leverage common programming frameworks available for Amazon EMR

including Hive, Pig et Streaming • Leverage Hue to improve the ease-of-use of Amazon EMR • Use in-memory analytics with Spark on Amazon EMR • Choose appropriate AWS data storage options • Identify the benefits of using Amazon Kinesis for near real-time Big Data

processing • Leverage Amazon Redshift to efficiently store and analyze data • Leverage AWS Glue for ETL workloads • Comprehend and manage costs and security for a Big Data solution • Secure a Big Data solution • Identify options for ingesting, transferring, and compressing data • Leverage Amazon Athena for ad hoc query analytics • Use visualization software to depict data and queries using Amazon

QuickSight • Orchestrate big data workflows using AWS Data Pipeline

Intended Audience

Individuals responsible for designing and implementing big data solutions, namely Solutions Architects.Data Scientists and Data Analysts interested in learning about the services and architecture patterns behind big data solutions on AWS.

NITROXIS 2021 V4.1 (15/05/2021) - 48

Prerequisite

• Basic familiarity with big data technologies, including Apache Hadoop, HDFS, and SQL/NoSQL querying

• Students should complete the free Big Data Technology Fundamentals web-based training or have equivalent experience

• Working knowledge of core AWS services and public cloud implementation • Students should complete the AWS Technical Essentials course or have

equivalent experience • Basic understanding of data warehousing, relational database systems, and

database design Skills

• Implement core AWS Big Data services according to basic architecture best practices

• Design and maintain Big Data • Leverage tools to automate data analysis

Delivery Method

• AWS official training ebook • Hands-On labs • Digital signing twice a day • Class Evaluation • Certificate of attendance

Course Schedule Day 1:

Module 1 : Overview of Big Data

• Define Big Data • Identify some sources of big data • List examples of big data use cases • Describe the big data ecosystem

Module 2 : Big Data Ingestion and Transfer

• Describe options for ingesting data into AWS • Describe AWS solutions for transferring data

Module 3 : Real-Time Data Ingestion

• Explain the need for stream processing and analytics • List features of stream processing and analytics • Explain the architecture of an Amazon kinesis • Streams application

NITROXIS 2021 V4.1 (15/05/2021) - 49

• List the benefits of Amazon Kinesis Video Streams, • Amazon Kinesis Firehose and Amazon Kinesis Analytics

Module 4 : Big Data Storage Solutions

• Identify the data storage options available in AWS • Explain storage solution concepts like Data Lake and NoSQL • Describe AWS solutions for data lakes and NoSQL databases • Describe the factors to consider when choosing a data store

Module 5 : Big Data Processing and Analytics

• Introduce big data processing/analytics • List cases for big data processing and use cases for Amazon EMR and

Amazon Redshift • Contrast Hadoop and data warehouse solutions for simple querying

Day 2:

Module 6 : Apache Hadoop and Amazon EMR

• Define the purpose and business value of Apache Hadoop • Contrast Apache Hadoop with relational databases • List the components of Apache Hadoop and the Apache Hadoop ecosystem • Contrast on-premises Apache Hadoop with Amazon EMR • List the advantages of using Amazon EMR for big data • Detail the improvements made to Hadoop with YARN • Explain the architecture of a typical Amazon EMR environment

Module 7 : Using Amazon EMR

• List the steps to launch an Amazon EMR cluster • Describe when to use long-running versus transient clusters • Detail the differences between the Quick and Advanced consoles in Amazon

EMR cluster creation • Explain the Amazon Machine Image options for your cluster • Identify which instance types are suitable for your workload • Explain how to resize a cluster • Define the purpose of bootstrap actions • Identify methods of sending work to an Amazon EMR cluster

Module 8 : Hadoop Programming Frameworks

• Detail how programming frameworks work • Hadoop frameworks and use cases • Discuss the most popular Hadoop applications

Module 9 : Web Interfaces on Amazon EMR

NITROXIS 2021 V4.1 (15/05/2021) - 50

• Describe web interfaces available on Amazon EMR • Identify what Hue is and how it makes using Hadoop on Amazon EMR easier • Describe the Hadoop applications that Hue supports • Detail the advantages of using Hue vs traditional command-line Hive queries

and Pig scripts

Module 10 : Apache Spark on Amazon EMR

• Describe the motivation for using Spark • Identify use cases for Spark • Describe the Spark programming model • Detail the modules included with Spark • Explain how Spark is deployed on Amazon EMR • Name the advantages of running Spark on Amazon EMR

Day 3:

Module 11 : Using Amazon guide to automate ETL workloads

• Describe the importance of serverless technology in a big data platform • Describe AWS Glue for serverless ETL • Analyze use cases for using AWS glue

Module 12 : Amazon Redshift and Big Data

• Contrast data warehouses with traditional databases • Describe common data warehouse design approaches • Illustrate the differences between common data schemas used in data

warehouses • Identify common use cases for Amazon Redshift • Describe the architecture

of Amazon Redshift

Module 13 : Securing your Amazon EMR deployments

• Explain the AWS shared responsibility model • Describe how Amazon EMR integrates with Amazon Virtual Private Cloud • Detail how a basic implementation of AWS Identity and Access Management

works • Explain how Amazon EMR leverages Amazon EC2 Security Groups and IAM • List options for securing data at rest and data in transit • Security overview: Amazon Kinesis, Amazon DynamoDB and Amazon

Redshift

Module 14 : Managing Big Data Costs

• List the cost considerations for Amazon EMR • Detail the various pricing models and cost considerations for Amazon EC2

instances, Amazon Kinesis, Amazon DynamoDB, and Amazon Redshift

NITROXIS 2021 V4.1 (15/05/2021) - 51

• Present use cases and strategies for leveraging Spot Instances with big data • Describe methods of managing Amazon EC2 costs for Amazon EMR • Explain how to leverage more than one pricing model with Amazon EMR * • Explain the factors to consider when planning for storage and data transfer

costs • Provide the best practices for a cost-efficient infrastructure

Module 15 : Visualizing and orchestrating Big Data

• Explain the purpose of visualizing big data • Describe AWS solutions for visualizing big data • Describe how AWS Data Pipeline can orchestrate big data workflows

Module 16 : Big Data Design Patterns

• Review how to leverage multiple AWS solutions to perform analysis and processing jobs

Certification AWS Certified Big Data – Specialty

NITROXIS 2021 V4.1 (15/05/2021) - 52

(New) Security Engineering on AWS This 3-day course explains how to effectively use AWS security services to work securely in AWS Cloud. This course focuses on the security practices recommended by AWS to improve the security of your data and systems in the cloud. This course highlights the security features built into core AWS services, including compute, storage, networking, and database services. You will also learn how to take advantage of AWS tools and services to automate, monitor, and log your activities on an ongoing basis, and respond to security incidents. Course Objectives In this course, you will learn how to:

• Understand and leverage the AWS shared security model • Design and integrate AWS application infrastructures protected against the

most common security threats • Protect data at rest and in transit with encryption • Apply security checks and analyzes in an automated and repeatable manner • Configure the authentication of resources and applications in the AWS cloud • Gather event information by capturing, monitoring, processing and analyzing

logs • Identify and mitigate inbound threats to applications and data • Perform security assessments to ensure common vulnerabilities are addressed

and security best practices are applied Audience Security Engineers, Security Architects, Security Operations, Information Security Prerequisites

• At least two years of practical experience securing AWS workloads • Security control for AWS workloads • At least five years of experience in IT security, in the design and

implementation of security solutions Skills

• Understand the specialized data classifications and data protection mechanisms of AWS

• Understand data encryption methods and the mechanisms AWS uses to implement them

• Understand secure Internet protocols and the mechanisms AWS uses to implement them

• Have a working knowledge of AWS security services and their functionality to create a secure production environment

NITROXIS 2021 V4.1 (15/05/2021) - 53

• Have skills acquired from at least two years of production deployment experience with AWS security features and services

• Know how to balance the cost, security and complexity of deployment based on the requirements of an application

• Understand security operations and risks

Delivery Method

• Official AWS course material delivered electronically at the start of the session • Practical and corrected exercises or sharing of real experience depending on

the case • Digital marking by half-day of attendance • Live assessment of participants' satisfaction at the end of the session • Attendance certificate and training certificate given to participants at the end

of the session Course schedule Day 1: Module 0: Introduction Module 1: Security in AWS

• AWS Cloud Security Design Principles • The Shared Responsibility-model • DevOps with security engineering

Module 2: Identifying Entry Points into AWS

• Best practices for user identifiers • IAM strategy analyzes • Multi-factor authentication • AWS CloudTrail

Module 3: Security Considerations: Web Application Environments

• Threats in a three-tier architecture • AWS Trusted Advisor

Module 4: Application Security

• Amazon EC2 security considerations • Amazon Inspector • AWS Systems Manager

Module 5: Data security

• Data protection with Amazon S3 • Amazon RDS and Amazon DynamoDB security considerations • Protection of archival data

NITROXIS 2021 V4.1 (15/05/2021) - 54

Day 2: Module 6: Securing Network Communications

• Amazon VPC security considerations • Amazon Elastic Load Balancing security considerations • AWS Certificate Manager

Module 7: Monitoring and Logging in AWS

• AWS Config • Amazon CloudWatch • Amazon Macie • Collection of logs on AWS

Module 8: Processing Logs in AWS •

• Amazon Kinesis • Amazon Athena

Module 9: Security Considerations: Hybrid Environments

• AWS VPN connections • AWS Direct Connect • AWS Transit Gateway •

Module 10: Protection outside the region (global services) • Amazon Route 53 • Amazon CloudFront • AWS WAF • AWS Shield • AWS Firewall Manager

Day 3: Module 11: Security Considerations: Serverless Environments

• Amazon Cognito • Amazon API Gateway • AWS Lambda

Module 12: Threat Detection and Investigation

• Amazon GuardDuty • AWS Security Hub • Amazon Detective

Module 13: Managing Secrets in AWS

• AWS KMS • AWS CloudHSM • AWS Secrets Manager

Module 14: Automation and Security by Design

• AWS Security by Design approach • • AWS CloudFormation • AWS Service Catalog

NITROXIS 2021 V4.1 (15/05/2021) - 55

Module 15: Account Management and Deployment in AWS • AWS Organizations • AWS Control Tower • Access of federated users

Certification AWS Certified Security - Specialty

NITROXIS 2021 V4.1 (15/05/2021) - 56

Microsoft

Microsoft Azure Fundamentals (AZ-900T01-A)

This one-day course will provide foundational level knowledge on Azure concepts; core Azure services; core solutions and management tools; general security and network security; governance, privacy, and compliance features; Azure cost management and service level agreements. Course Objectives

This course is suitable for program managers and technical sales, with a general IT background.

This course does not provide an Azure pass or time in the classroom for students to do any hands-on activities. Students can get a free trial and do the walkthroughs outside of class. This course is primarily lecture and demonstrations.

If you are interested in a more interactive hands-on lab experience, consider the AZ-900T00: Microsoft Azure Fundamentals (2 day) course, which includes trainer-directed hands-on labs. The content for both courses align to the AZ-900 exam objective domain. Audience Administrator, AI Engineer, Data Analyst, Data Engineer, Data Scientist, Database Administrator, Developer, Security Engineer, CISO, Information Security Manager, Auditor Course Schedule Module 1: Describe core Azure concepts

You'll take an entry level end-to-end look at Azure and its capabilities, which will provide you with a solid foundation for completing the available modules for Azure Fundamentals.

Module 2: Describe core Azure services

You learn about core Azure services like Azure database, Azure compute, Azure storage, and Azure Networking.

Module 3: Describe core solutions and management tools on Azure

NITROXIS 2021 V4.1 (15/05/2021) - 57

You'll learn about AI machine learning, Azure DevOps, monitoring fundamentals, management fundamentals, serverless computing fundamentals. and IoT fundamentals.

Module 4: Describe general security and network security features

In this module, you will learn how to protect yourself against security threats, and secure your networks with Azure.

Module 5: Describe identity, governance, privacy, and compliance features

In this module, you will learn about Azure identity services, how to build a cloud governance strategy, and privacy, compliance and data protection standards on Azure.

Module 6: Describe Azure cost management and service level agreements

In this module, you will learn how to plan and manage Azure costs, and how to choose the right Azure services though SLAs and service lifecycle.

Prerequisite

There are no prerequisites for taking this course. However, the more technical knowledge a student has, the more they will understand about the cloud.

Certification Preparation for exam: AZ-900

NITROXIS 2021 V4.1 (15/05/2021) - 58

Nutanix

Enterprise Cloud Administration 5.15

This 4-day official Nutanix Enterprise Cloud Administrator (ECA) 5.15 course enables administrators (system, network, and storage) to successfully configure and manage Nutanix in the datacenter. The course covers many of the tasks Nutanix administrators perform through the use of Graphical User Interfaces (GUIs) and command line interface (CLI’s). It also provides insight into a Nutanix cluster’s failover and self-healing capabilities, offers tips for solving common problems, and provides guidelines for collecting information when interacting with Nutanix Support. Audience Administrators, architects and business leaders who manage Nutanix clusters in the datacenter, managers and technical staff seeking information to drive purchase decisions and anyone who is seeking the Nutanix Certified Professional (NCP) certification. Course Objectives This training prepares you for the Nutanix Certified Professional (NCP) certification exam, which is the first level of Nutanix certification for professionals. Completion of this training is mandatory to validate your certification title. Pre-requisite To attend this Nutanix course in the best possible conditions, it is necessary to be familiar with traditional storage virtualization architectures, and have skills in Unix / Linux command line. Included -Include hand-on labs -The price of the exam is NOT included in the training price. Course Schedule 1: Introduction to Nutanix Enterprise Cloud Administration 5.15 - The section describes the Nutanix HCI solution, walks you through the components of the Nutanix Enterprise Cloud, and explains the relationship between physical and logical cluster components. 2: Managing the Nutanix Cluster - In this section, you will use the Prism console to monitor a cluster, configure a cluster using various interfaces, use the REST API Explorer to manage the cluster, and learn how to deploy Nutanix-specific PowerShell

NITROXIS 2021 V4.1 (15/05/2021) - 59

cmdlets. 3: Securing the Nutanix Cluster - This section shows how to secure a Nutanix cluster through user authentication, SSL certificate installation, and cluster access control. 4: Networking - This section explains how to configure managed and unmanaged Acropolis networks and describes the use of Open vSwitch (OVS) in Acropolis. You will learn how to display and manage network details, differentiate between supported OVS bond modes, and gain insight into default network configuration. 5: VM Management - This section shows you how to upload images, and how to create and manage virtual machines. 6: Health Monitoring and Alerts - In this section, you will use the Health Dashboard to monitor a cluster’s health and performance. You will also use Analysis Dashboard to create charts that you can export with detailed information on a variety of components and metrics. 7: Distributed Storage Fabric This section discusses creating and configuring storage containers, including the storage optimization features: deduplication, compression, and erasure coding. 8: AHV Workload Migration Using Nutanix Move, this section shows how to migrate workloads to a cluster running AHV. This is followed by a lab where a VM running on a Nutanix cluster configured with ESXi is migrated to a Nutanix cluster running AHV. 9: Acropolis Services This section gives you detailed information on Nutanix Volumes, which provides highly available, high-performance block storage through a few easy configuration steps. It also discusses Nutanix Files. 10: Data Resiliency This section shows how Nutanix provides comprehensive data protection at all levels of the virtual datacenter: logical and physical. 11: Data Protection Data can be replicated between Nutanix clusters, synchronously and asynchronously. This section shows how to configure a Protection Domain (PD) and Remote Sites, recover a VM from a PD, and perform a planned failover of a PD. 12: Prism Central Having discussed and used Prism Element earlier, this section looks at the capabilities of Prism Central. With the added functionality provided by a Pro license, the focus is on features related to monitoring and managing multiple activities across a set of clusters. 13: Monitoring the Nutanix Cluster This section shows you where to locate and how to interpret cluster-related log files. In addition, you will take a closer look at the Nutanix Support Portal and online help. 14: Cluster Management and Expansion This section outlines essential life-cycle

NITROXIS 2021 V4.1 (15/05/2021) - 60

operations, including starting/stopping a Nutanix cluster, as well as starting/shutting down a node. You will also learn how to expand a cluster, manage licenses, and upgrade the cluster’s software and firmware. 15: Remote Office Branch Office (ROBO) Deployments In this section, you will understand various configurations and requirements specific to a ROBO site. This includes hardware/software, Witness VM, networking, failure and recovery scenarios for two-node clusters, and the seeding process. Length 4 days.

NITROXIS 2021 V4.1 (15/05/2021) - 61

The Business Continuity Corner TRECCERT

(NEW) BCMS Foundation ISO/IEC 22301

The BCMS Foundation training course is an entry-level course developed based on the ISO/IEC 22301 requirements. In this two-day course, participants are provided with a fundamental understanding of the Business Continuity Management System (BCMS). Individuals will have the opportunity to gain a basic understanding of ISO/IEC 22301 requirements, controls, and associated terminology and concepts.

Educational Objectives

-Become familiar with the vocabulary of the ISO/IEC 22301.

-Understand the structure of the ISO/IEC 22301, the components and the operation of a BCMS based on ISO/IEC 22301 and its principal processes

-Become familiar with the mandatory clauses of the ISO/IEC 22301.

-Acknowledge the correlation between ISO/IEC 22301 and other standards and regulatory frameworks.

Targeted Audience

For individual interested in joining a BCMS team and personnel involved in BCMS intending to complement their on-the-job training related to business continuity.

Prerequisites

No Prerequisites.

Length

2 days.

Examination and Certification

Candidates interested to obtain Certified ISO 22301 credentials are required to successfully pass the exam. The ISO 22301 Foundation exam consists of 50 multiple choices questions, including the stem and four alternatives (only one correct answer).

After the successful completion of the exam and compliance with all-related requirements, you will receive a certificate under Certified ISO 22301 Foundation credential.

NITROXIS 2021 V4.1 (15/05/2021) - 62

The Information Security Corner (NEW) OWASP Top 10, Secure Coding Fundamentals

Writing web applications can be rather complex – reasons range from dealing with legacy technologies or under documented third-party components to sharp deadlines and code maintainability. Yet, beyond all that, what if we told you that attackers were trying to break into your code right now? How likely would they be to succeed?

This 2-day course will change the way you look at your code. We'll teach you the common weaknesses and their consequences that can allow hackers to attack your system, and – more importantly – best practices you can apply to protect yourself. We cover typical Web vulnerabilities with a focus on how they affect web apps on the entire stack – from the base environment to modern AJAX and HTML5- based frontends. In addition, we discuss the security aspects of different platforms as well as typical programming mistakes you need to be aware of. We present the entire course through live practical exercises to keep it engaging and fun.

Writing secure code will give you a distinct edge over your competitors. It is your choice to be ahead of the pack – take a step and be a game-changer in the fight against cybercrime.

Participants attending this course will

-Understand basic concepts of security, IT security and secure coding -Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them Learn about XML security -Learn client-side vulnerabilities and secure coding practices -Learn about typical coding mistakes and how to avoid them -Get information about some recent vulnerabilities in different frameworks -Get sources and further readings on secure coding practices

Audience

Web Developers

Related courses

Java and Web application security master course (Onsite / Virtual classroom, 5 days)

C# and Web application security master course (Onsite / Virtual classroom, 5 days)

Web application security (Onsite / Virtual classroom, 3 days)

Web application security testing (Onsite / Virtual classroom, 3 days)

OWASP TOP 10, Java secure coding follow up (Onsite / Virtual, 1 day)

OWASP TOP 10, C# secure coding follow up (Onsite / Virtual, 1 day)

NITROXIS 2021 V4.1 (15/05/2021) - 63

Prerequisites

General Web Development

Outline Day 1

IT security and secure coding

Nature of security

What is risk?

IT security vs. secure coding

From vulnerabilities to botnets and cybercrime

Nature of security flaws

From an infected computer to targeted attacks

The Seven Pernicious Kingdoms

OWASP Top Ten 2017

Web application security

Injection

Injection principles

SQL injection

Exercise–SQL injection

Typical SQL Injection attack methods

Blind and time-based SQL injection

SQL injection protection methods

Effect of data storage frameworks on SQL injection

Other injection flaws

Command injection

Case study – Image Magick

HTTP parameter pollution

Cookie injection/HTTP parameter pollution

Exercise–Value shadowing

Broken authentication

Session handling threats

Session handling best practices

Session handling examples in different languages

Setting cookie attributes - best practices

Cross site request forgery (CSRF)

CSRF prevention

CSRF prevention examples

XML external entity (XXE)

XML Entity introduction

XML external entity attack (XXE)–resource inclusion

XML external entity attack – URL invocation

XML external entity attack – parameter entities

Exercise – XXE attack

NITROXIS 2021 V4.1 (15/05/2021) - 64

Preventing entity-related attacks

Case study – XXE in Google Toolbar

Broken access control Typical access control weaknesses

Insecure direct object reference (IDOR)

Exercise – Insecure direct object reference

Protection against IDOR

Case study – Facebook Notes

Cross-Site Scripting (XSS)

Persistent XSS

Reflected XSS

DOM-based XSS

Exercise–CrossSite Scripting

XSS prevention

XSS prevention tools

HTML5 security

New XSS possibilities in HTML5

HTML5 clickjacking attack – text field injection

HTML5clickjacking – content extraction

Form tampering

Exercise – Form tampering

Cross-origin requests

HTML proxy with cross-origin request

Exercise–Client-side include

Insecure deserialization

Serialization and deserialization basics

Security challenges of deserialization

Deserialization examples

Denial-of-service via deserialization

From deserialization to code execution

POP payload targeting

Real-world deserialization vulnerabilities

Issues with alternative object deserialization methods

Secure deserialization with FST

Secure deserialization with Kryo

Issues with deserialization – JSON

Best practices against deserialization vulnerabilities

Case study – XML deserialization in Apache Struts leading to RCE

CVE-2017-9805–Apache Struts RCE when deserializing XML Example XML triggering the RCE

Using components with known vulnerabilities Vulnerability attributes Common Vulnerability Scoring System – CVSS

Insufficient logging and monitoring Detection and response Logging and log analysis Intrusion detection systems and Web application firewalls

NITROXIS 2021 V4.1 (15/05/2021) - 65

Day 2

Common coding errors and vulnerabilities

Input validation

Input validation concepts

Integer problems

Representation of negative integers

Integer overflow

Exercise Int Overflow

What is the value of Math.abs (Integer.MIN_VALUE)?

Integer problem–best practices

Path traversal vulnerability

Path traversal – weak protections

Path traversal–best practices

Unvalidated redirects and forwards

Log forging

Some other typical problems with log files?

Improper use of security features

Typical problems related to the use of security features

Password management

Exercise – Weakness of hashed passwords

Password management and storage

Special purpose hash algorithms for password storage

Argon2 and PBKDF2 implementations in Java

bcrypt and scrypt implementations in Java

Case study – the Ashley Madison data breach

Typical mistakes in password management

Exercise – Hard coded passwords

Accessibility modifiers

Accessing private fields with reflection in Java

Exercise Reflection – Accessing private fields with reflection

Exercise Scademy Pay– Integrity protection weakness

Improper error and exception handling

Typical problems with error and exception handling

Empty catch block

Overly broad throws

Overly broad catch

Using multi-catch

Returning from finally block – spot the bug!

Catching Exceptions

NITROXIS 2021 V4.1 (15/05/2021) - 66

Exception handling – spot the bug!

Exercise ScademyPay – Error handling

Time and state problems

Concurrency and threading

Concurrency examples

Omitted synchronization–spot the bug!?

Exercise – Omitted synchronization

Incorrect granularity– spot the bug!

Exercise–Incorrect granularity

Deadlocks

Avoiding deadlocks

Exercise–Avoiding deadlocks

Lock statement

Code quality problems

Dangers arising from poor code quality

Poor code quality – spot the bug!

Unreleased resources

Serialization–spot the bug!

Exercise–Serializable sensitive

Private arrays–spot the bug!

Private arrays – typed field returned from a public method

Exercise-Object hijacking

Public method without final –object hijacking

Immutable String–spot the bug!

Exercise Immutable Strings

Immutability and security

Principles of security and secure coding

Matt Bishop’s principles of robust programming

The security principles of Saltzer and Schroeder

Knowledge sources

Secure coding sources – a starter kit

Vulnerability databases

Java secure coding sources

.NET secure coding guidelines at MSDN

.NET secure coding cheat sheets

NITROXIS 2021 V4.1 (15/05/2021) - 67

Recommended books – .NET and ASP.NET

Recommended books – Java

Introduction Trainings (1 Day) Preparation to the HDS Certification The HDS certification (personal health data hoster – « Hébergeur de Données de Santé à caractère personnel ») Objectives This training will enable you to become acquainted with the concepts and good practices for the implementation and audit of the certification « Hébergeur de Données de Santé à caractère personnel », HDS, compliant with the French decree n° 2018-137 of February 26, 2018. Educational goals -Understand the key concepts, aspects and definitions of an HDS certification. -Understand the challenges of implementing the ISO 27001, 27018 and 20000 prerequisites. -Understand the link with the GDPR (General Regulation on Data Protection). -Know the essential aspects of an HDS implementation and Certification Audit. Training Approach and materials -Theoretical and practical phases are organized alternately. -Training can be given in both English, French and Dutch.

NITROXIS 2021 V4.1 (15/05/2021) - 68

-Course materials are available in French or English. -Statement of Applicability Template in French and English. -A copy in French of the decree n ° 2018-137 of February 26, 2018. -A copy in French of the HDS certification requirements and controls. -A copy in French of the HDS accreditation reference. Targeted audience Responsible for the security of the information systems. Responsible for the hosting of health data. Responsible for the management system according to ISO 27001, 9001, 13485, etc. IT Security Consultant. DPO - Data Protection Officer Prerequisites No particular knowledge Considering the context, a good knowledge of the French language is a bonus. Introduction to managing Cybersecurity A pragmatic 360º introduction to cyber security, GDPR, NIS and how to manage all this thanks to ISO 27001. Objectives You will acquire a sound management knowledge on cybersecurity that will allow you to apply appropriate measures to your IT security management, GDPR and NIS compliance. Educational goals Understand the appropriate management practices and measures for cybersecurity. Understand the pragmatic key attention points of cybersecurity management. Understand the dos and don’ts of : integrating security with the family ISO 27000 standards; integrating security into projects; GDPR (EU Privacy regulation) and the fundamentals of privacy; NIS (EU Cybersecurity regulation) and the fundamentals of cybersecurity; Transforming into an organization where security enables your business; Changing the organizational culture and awareness about security. Training Approach and materials Theoretical and practical phases are organized alternately. Q&A sessions on all the course subjects. Training can be given in English, French and Dutch. Course materials are available in English, French and Dutch. Targeted audience

NITROXIS 2021 V4.1 (15/05/2021) - 69

Management professionals. IT professionals. Prerequisites No particular knowledge Length 1 day Introduction to Cloud Officer (CSSF Circular 19/714 in Lux) This course aims to provide a general introduction to cloud computing, within the context of IT outsourcing. The goal is to prepare someone to assume the role of “Cloud Officer” as per CSSF Circular 17/654 and be responsible for the use of cloud services, understanding the competences of the staff managing cloud computing resources Objectives At the end of the training, participants will be able to: 1 describe different governance models supporting IT outsourcing to a public cloud

provider 2 explain the different cloud platform service delivery models 3 describe how risk is managed within the context of a “shared security model” with

a cloud provider Outline -The role of Cloud Officer - Risk Management (Territoriality,…) - GDPR journey - Outsourcing Framework - Governance -Sourcing Models -Overview of Cloud Technologies -Cloud risks (and shared security/Responsibility models) -Vendor/Supplier Management/Third Party Risk Management - Notification to the CSSF (authorization request, discontinuation, etc.) -Applicability of the Circular -Requirements of the CSSF Proportionality Signatory Resource Operation (IT) GRC (Governance Risk Compliance) Client Notification and Consent

NITROXIS 2021 V4.1 (15/05/2021) - 70

-GDPR -ISCR complies with data protection regulations Necessity to inform the Competent Authority Management of outsourced risks Business Continuity System Security Monitoring Activities Contractual Clauses Right to Audit Performance of the right to audit Establishing and completing the Register Particular case of Investment fund managers Targeted audience -Individuals who are going to be a Cloud Officer -IT supervisors of organizations using or contemplating cloud use -CISO -Internal Audit (as requested by CSSF) -Member of Credit Institution and PFS within the meaning of the Law of 5 April 1993 on the Financial Sector (“LFS”). -Member of payment institution and electronic money institutions within the meaning of the Law of 10 November 2009 on payment services (“LFS”) -Member of investment fund partners subjects to circular CSSF 18/698. Prerequisites N/A Length 1 day Introduction to BCP/DRP The purpose of this introductory session is to connect the different puzzle pieces of a BCP and a DRP in order to make participants understand the challenges of good governance in terms of BCP and DRP management while respecting the cycle. PDCA quality. It helps to understand why BIAs must come from business and offers an extended vision of the different stakeholders to a BCP / DRP.

NITROXIS 2021 V4.1 (15/05/2021) - 71

Objectives To become acquainted with the main components of a BCMS, BCP and DRP. Educational goals -Understand the basic operations of an BCMS and a DRP as well as the main processes. -Understand the purpose, content and correlation between the different elements of a BCMS (DRP). -Interpret the key elements of a business and link them with the key elements of a BCP-DRP -Develop the basic knowledge to help an organization to plan, do check, act and maintain a DRP -Acquire sufficient knowledge to advise an organization on the importance of managing a DRP as a whole. -Reinforce the personal qualities necessary to act with the professionalism required when conducting a DRP project. Course Content -BCMS -Fundamental concepts and principles of Business Continuity -Initiating the BCMS Implementation -BIA (Business Impact Assessment) -Risk Assessment -Recovery Strategies -Incident Response -Exercising and Testing -Project (Steps of a DRP) Training Approach and materials - BIA Exercise - Identifying Business Continuity & Recovery Strategies for a department of an Organization - Multiple Choices Questions Targeted audience DBA Product Owner CISO System Engineer Backup and Storage Engineer

NITROXIS 2021 V4.1 (15/05/2021) - 72

IT Security Consultant Information Security consultant Prerequisites No particular knowledge Length 1 day

NITROXIS 2021 V4.1 (15/05/2021) - 73

TRECCERT Information Security Specialist in Remote Work Description TRECCERT Information Security Specialist in Remote Working (ISSRW) is a course developed to provide trainees with solid knowledge of information security applications in remote working. The training course provides an in-depth explanation of guidelines and controls mandated to establish, manage and improve information security practices in remote working. Objectives -Become familiar with the concept and application of remote work. -Understand remote work management during unexpected events. -Understand the interrelation of remote work with business continuity. -Become familiar with concepts related to IT infrastructure. -Understand the impact of remote work in information security. -Understand the risk management processes to identify threats related to remote work. -Learn how to safeguard organizational assets by implementing security -controls. Target Audience The Information Security Specialist in Remote Work (ISSRW) training course is developed for any professional who works outside of a traditional work environment and is committed to maintaining the remote work environment secure. Prerequisites None Length 4 hours Course Content Introduction to Remote Working IT Aspects of Remote Work Secure working Environment Security Controls for Remote Work Examination and Certification

NITROXIS 2021 V4.1 (15/05/2021) - 74

Candidates interested to obtain Certified Information Security Specialist in Remote Work credential are required to successfully pass the exam. The Information Security Specialist in Remote Work exam consists of 40 multiple choice questions, including the stem and four alternatives (only one correct answer). After the successful completion of the exam and compliance with all related requirements, you will receive a certificate under Certified Information Security Specialist in Remote Work credential.

NITROXIS 2021 V4.1 (15/05/2021) - 75

ISMS Foundation ISO/IEC 27001

The ISMS Foundation training course is an entry-level course developed based on the ISO/IEC 27001 requirements. In this two-day course, participants are provided with a fundamental understanding of the Information Security Management System (ISMS). Individuals will have the opportunity to gain a basic understanding of ISO/IEC 27001 requirements, controls, and associated terminology and concepts.

Educational Objectives

-Become familiar with the vocabulary of the ISO/IEC 27001.

-Understand the structure of the ISO/IEC 27001.

-Become familiar with the mandatory clauses of the ISO/IEC 27001.

-Become familiar with the controls of the ISO/IEC 27001.

Training Approach

-Trainer Slides

-Quizzes

Targeted Audience

-Entry-level professionals of an information security team.

-Personnel of organizations intending to complement their on-the-job training related to information security.

-New ICT professionals wanting to increase their competency in information security.

Prerequisites

No Prerequisites.

Length

2 days.

Training Course Outline

NITROXIS 2021 V4.1 (15/05/2021) - 76

Day One

Introduction to ISO/IEC 27001 Requirements

-Context of the Organization

-Leadership

-Planning

-Support

-Operation

-Performance Evaluation

-Improvement

Introduction to ISO/IEC 27001 Controls

-Information Security Policies

-Organization of Information Security

-Human Resource Security

-Asset Management

-Access Control

-Cryptography

-Physical and Environmental Security

Day Two

Introduction to ISO/IEC 27001 Controls (continued)

-Operations Security

-Communications Security

-System Development and Maintenance

-Supplier Relationships

-Information Security Incident Management

-Information Security Aspects of Business Continuity Management

NITROXIS 2021 V4.1 (15/05/2021) - 77

-Compliance

Exam


Individuals interested in ISO/IEC 27001 Foundation certification will have the opportunity to undergo TreccerT examination and pursue certification. Candidates can take TreccerT certification exam as part of our training sessions, which are provided by TreccerT partners, including Nitroxis.

The ISMS Foundation exam consists of 40 multiple-choice questions. Candidates have 1 hour to complete the exam.

The ISMS Foundation certification demonstrates that an individual comprehends the structure and approach of an Information Security Management System (ISMS) based on the requirements of the ISO/IEC 27001. Being TreccerT ISMS Foundation Certified provides you with the opportunity to further advance your credentials or certification level within the TreccerT Certification Path

ISO/IEC 27001 Lead Implementer

NITROXIS 2021 V4.1 (15/05/2021) - 78

Fast Track for ISMS Professional (ISO/IEC 27001) and Lead Implementer (ISO 19600). TreccerT offers the ISO/IEC 27001 Lead Implementer fast track course for candidates that want to learn intensively to achieve their goals. The ISO/IEC 27001 Lead Implementer consists of two TreccerT training courses, the ISMS Professional (ISO/IEC 27001) and Lead Implementer (ISO 19600). These training courses are professional-level courses developed based on the pertinent ISO standards’ requirements or guidelines. In this four-day course, participants are provided with a practical understanding of ISO/IEC 27001 requirements and controls, and how to establish, implement, manage and improve an information security management system (ISMS) based on ISO/IEC 27001 and ISO 19600. Participants will also gain a thorough understanding of best practices used to implement information security controls based on ISO/IEC 27002. Educational Objectives

Understand the basic concepts of information security. Become familiar with information security frameworks. Understand the mandatory requirements of ISO/IEC 27001. Understand the information security controls of ISO/IEC 27001: Annex A. Learn how to implement an information security management system (ISMS). Learn how to audit an information security management system (ISMS). Become familiar with management systems (MSs). Become familiar with integrated management systems (IMSs). Understand the processes of the initiation phase. Understand the processes of the establishment phase. Understand the processes of the implementation and operation phase. Understand the processes of the maintaining and improving phase.

Training Approach Trainer Slides Quizzes Case Study Exercises

Targeted Audience Members of an information security management system (ISMS) team. Personnel involved in information security management system (ISMS) implementation Professionals wanting to increase their competency in implementing an information security management system (ISMS).

Prerequisites None. However, it is recommended to have a basic knowledge of the ISO/IEC 27001 standard and guidelines or to have read the standard once prior the course. Length Four (4) days.

NITROXIS 2021 V4.1 (15/05/2021) - 79

Day One

Information Security Management System (ISMS) Introduction to Information Security Information Security Management System (ISMS) Overview Information Security Frameworks and Best Practices

Information Security Management System (ISMS) Requirements Context of the Organization Leadership Planning Support Operation Performance Evaluation Improvement

Day Two

Information Security Management System (ISMS) Controls (Annex A) Information Security Policies Organization of Information Security Human Resource Security Asset Management Access Control Cryptography Physical and Environmental Security

Day Three

Information Security Management System (ISMS) Controls (continued) Operations Security Communications Security System Development and Maintenance Supplier Relationships Information Security Incident Management Information Security Aspects of Business Continuity Management Compliance

Plan Phase Initiation Phase

Create a MS Project Charter Ensure Management Commitment Identify Interested Parties Conduct a Gap Analysis

Establishment Phase Determine the Context of the Organization

NITROXIS 2021 V4.1 (15/05/2021) - 80

Determine the Scope and Boundaries Identify and Maintain Compliance Obligations The Governance Principles and the Establishment of a Compliance Policy Establish the Objectives, Processes and Procedures Define the Risk Assessment Approach Create a Management System Implementation Plan Management Authorization to Implement and Operate the Management System

Day Four

Do Phase Implementation and Operation Phase

Risk Treatment Phase Implement the Compliance Policy Implement the Controls and Procedures Measure the Effectiveness of the Implemented Controls Implement Awareness and Training Programs Manage Management System Operations Manage Resources

Check Phase Monitor and Review Phase

Monitoring the Management System Conducting Internal Audits Reviewing the Management System

Act Phase Maintenance and Improvement Phase

Implementing the Identified Improvements Corrective and Preventive Actions Communicating the Actions and Improvements Ensuring Continual Improvement of the Management System

Examination and Certification Individuals interested in ISO/IEC 27001 Lead Implementer certification will have the opportunity to undergo TreccerT examination and pursue certification. Candidates can take TreccerT certification exam as part of our training sessions, which are provided by TreccerT partners. The ISO/IEC 27001 Lead Implementer certification consists of the ISMS Professional and Lead Implementer examinations. The ISMS Professional exam has 100 multiple-choice questions, whereas the Lead Implementer exam has 60 multiple-choice questions. Candidate have 4 hours to complete the exams. The ISO/IEC 27001 Lead Implementer certification demonstrates that a professional is specialized in information security management system (ISMS) implementation based on the requirements of the ISO/IEC 27001 and common implementation approach based on the ISO 19600 guidelines.

NITROXIS 2021 V4.1 (15/05/2021) - 81

ISO/IEC 27001 Lead Auditor

Fast Track for ISMS Professional (ISO/IEC 27001) and Lead Auditor (ISO 19011) TreccerT offers the ISO/IEC 27001 Lead Auditor fast track course for candidates that want to learn intensively to achieve their goals. The ISO/IEC 27001 Auditor consists of two TreccerT training courses, the ISMS Professional (ISO/IEC 27001) and Lead Auditor (ISO 19011). These training courses are professional-level courses developed based on the pertinent ISO standards’ requirements or guidelines. In this four-day course, participants are provided with a practical understanding of ISO/IEC 27001 requirements and controls, and how to establish and manage an audit program, and conduct an information security management system (ISMS) audit. Educational Objectives

Understand the basic concepts of information security. Become familiar with information security frameworks. Understand the mandatory requirements of ISO/IEC 27001. Understand the information security controls of ISO/IEC 27001: Annex A. Learn how to implement an information security management system (ISMS). Learn how to audit an information security management system (ISMS). Become familiar with management systems (MSs). Become familiar with management system auditing based on ISO 19011. Understand the types of audit and auditing principles. Become familiar with the auditor behavior and performance. Understand how to establish, implement and manage a management system (MS) audit program. Understand how to initiate, plan, execute, report and complete a management system (MS) audit.

Training Approach Trainer Slides Quizzes Case Study Exercises

Targeted Audience Members of an information security management system (ISMS) team. Personnel involved in information security management system (ISMS) and auditing. Professionals wanting to increase their competency in auditing an information security management system (ISMS).

Prerequisites None. However, it is recommended to have a sound knowledge of the ISO/IEC 27001 standard and guidelines. Length Four (4) days. Day one

NITROXIS 2021 V4.1 (15/05/2021) - 82

Information Security Management System (ISMS)

Introduction to Information Security Information Security Management System (ISMS) Overview Information Security Frameworks and Best Practices

Information Security Management System (ISMS) Requirements Context of the Organization Leadership Planning Support Operation Performance Evaluation Improvement

Day Two Information Security Management System (ISMS) Controls

Information Security Policies Organization of Information Security Human Resource Security Asset Management Access Control Cryptography Physical and Environmental Security

Day Three Information Security Management System (ISMS) Controls (continued)

Operations Security Communications Security System Development and Maintenance Supplier Relationships Information Security Incident Management Information Security Aspects of Business Continuity Management Compliance

Auditor Roles and Responsibilities Key Roles in MS Auditing Audit Team Audit Practices and Relationships

Day Four Audit Program Structure and Management

Creating an Audit Program Establishing an Audit Program Audit Program Implementation

NITROXIS 2021 V4.1 (15/05/2021) - 83

Audit Program Monitoring and Reviewing

Management System (MS) Audit Process Initiation of Audit Audit Planning Audit Execution Audit Reporting Completing Audit Follow-Up Audit


Individuals interested in ISO/IEC 27001 Lead Auditor certification will have the opportunity to undergo TreccerT examination and pursue certification. Candidates can take TreccerT certification exam as part of our training sessions, which are provided by TreccerT partners. The ISO/IEC 27001 Lead Auditor certification consists of the ISMS Professional and Lead Auditor examinations. The ISMS Professional exam has 100 multiple-choice questions, whereas the Lead Auditor exam has 60 multiple-choice questions. Candidate have 4 hours to complete the exams. The ISO/IEC 27001 Lead Auditor certification demonstrates that a professional is specialized in information security management system (ISMS) implementation based on the requirements of the ISO/IEC 27001 and a defined auditing approach based on the ISO 19011 guidelines.

NITROXIS 2021 V4.1 (15/05/2021) - 84

ISACA CISA® (Certified Information Systems Auditor) This 5-day course prepares the CISA® Certified Information Systems Auditor exam by covering the entire Common Body of Knowledge (CBK) course, a common core of knowledge in security defined by the ISACA® Information Systems Audit and Control Association. CISA® certification is recognized around the world. It is aligned with the 27th Edition of the CBK, updated for 2019 Job Practice. Educational Objective: -Know the five major areas covered by CISA® certification -Understand the concepts of IT audit and IT governance -Preparing the CISA® Certification Exam, ISACA Certified Security Auditor Certification: A 5-Year experience is required to obtain CISA® certification after passing the exam. You can still take the exam first, and must register on the ISACA website. Participants: - Information System Directors - Auditors, - Responsible for Business Continuity - CISO - people for which the control of Information Security is fundamental in achieving their goals Prerequisites: Basic Knowledge in the Information System Chapter 1: Information System Auditing Process Part A: Planning -IS Audit Standards, Guidelines and Code of Ethics -Business Processes -Type of controls -Risk-Based Audit Planning -Types of audits and Assessments Part B: Execution -Audit Project Management

NITROXIS 2021 V4.1 (15/05/2021) - 85

-Sampling Methodology -Audit Evidence Collection Techniques -Data Analytics -Reporting and communication Techniques -Quality Assurance and Improvement of the Audit Process Exercises: Multiple Choices Questions from previous CISA sessions (or comparable exams) Chapter 2: Governance and Management of IT Part A: IT Governance -IT governance and IT Strategy -IT-related frameworks -IT Standards, Policies and Procedure -Organizational Structure -Enterprise Architecture -Enterprise Risk Management -Maturity Models -Laws, Regulations and Industry Standards Affecting the organization Part B: IT Management -IT Resource Management -IT Service Provider Acquisition and Management -IT Performance Monitoring and Reporting -Quality Assurance and Quality Management of IT Exercises: Multiple Choices Questions from previous CISA sessions (or comparable exams) Chapter 3: Information Systems Acquisition, Development and Implementation Part A: Information Systems Acquisition and Development -Project Governance and Management -Business Case and Feasibility Analysis -System Development Methodologies -Control Identification and Design Part B: Information System Implementation - Testing Methodologies - System Migration, Infrastructure Deployment and Data Conversion - Post-implementation Review Exercises: Multiple Choices Questions from previous CISA sessions (or comparable exams)

NITROXIS 2021 V4.1 (15/05/2021) - 86

Chapter 4: Information Systems Operations and Business Resilience Part A: Information Systems Operations -Common Technology Components -IT Asset Management -Job Scheduling and Production Process Automation -System interfaces -End-User Computing -Data Governance -System Performance Management -Problem and Incident Management -Change, Configuration, Release and Patch Management -IT Service Level Management -Database Management Part B: Business Resilience -Business Impact Analysis -System resiliency -Data Backup, Storage and Restoration -Business Continuity Plan -Disaster Recovery Plan Exercise: Multiple Choices Questions from previous CISA sessions (or comparable exams) Chapter 5: Protection of Information Assets Part A: Information Asset Security and Control -Information Asset Security Frameworks, Standard and Guidelines -Privacy Principles -Physical Access and Environmental Controls -Identity and Access Management -Network and Endpoint Security -Data Classification -Data Encryption and Encryption-related Techniques -Public Key Infrastructure -Web-based Communication Technologies -Virtualized environment -Mobile, Wireless and Internet-of-things Devices Part B: Security Event Management -Security Awareness Training and Programs -Information System Attack Methods and Techniques -Security Testing Tools and Techniques -Security Monitoring Tools and Techniques

NITROXIS 2021 V4.1 (15/05/2021) - 87

-Incident Response Management -Evidence Collection and Forensics Exercices Multiple Choices Questions from previous CISA sessions (or comparable exams) Preparation to the Exam Blank Exam - Partial simulation of the examination carried out at the end of the training. Registration to be made on the site www.isaca.org, the closing of the registrations is done 2 months before the date of the examination. Presentation of the event: 3 hours of multiple choices questions with 150 questions to be chosen beforehand in French or in English.

NITROXIS 2021 V4.1 (15/05/2021) - 88

CISM® (Certified Information Security Manager) This 3-day course will prepare for the CISM® exam Certified Information Security Manager, covering the entire CBK (Common Body of Knowledge) common core of knowledge in security defined ISACA®, Information Systems Audit and Control Association. The CISM certification is recognized worldwide. Content Domain 1: Information Security Governance Domain 2: Information Risk Management and Compliance Domain 3: Information Security Program Development and Management Domain 4: Information Security Incident Management Preparation and Certification Participants Information System (IS) Directors, auditors, responsible for business continuity or security, or for which the control of IS is fundamental in achieving their goals. Prerequisites Basic knowledge in Information Systems. Understanding English is necessary because the documentation is in English (the training is in French or English). Program Domain 1: Information Security Governance -Alignment of policy security information on the business strategy and direction. -Policy security information development. -Commitment of senior management and support for information security across the enterprise. -Roles and responsibilities in the governance of information security. -Hands-on work -Questions from previous sessions (CISM or comparable examinations). Domain 2: Information Risk Management and Compliance -Development of a systematic and analytical approach and the ongoing process of risk management. -Identification, analysis and risk assessment. -Definition of strategies risk treatment. -Risk management communication. -Questions from previous sessions (CISM or comparable examinations). Domain 3: Information Security Program Development and Management -The safety information architecture. -Methods to define the required security measures. -Contract management and information security requirements. -Metrics and evaluation of IT security performance. -Questions from previous sessions (CISM or comparable examinations).

NITROXIS 2021 V4.1 (15/05/2021) - 89

Domain 4: Information Security Incident Management -Components of a security incident management plan. -Concepts and practices in the management of security incidents. -Method classification. -Notification and escalation process. -Detection techniques and incidents analysis. -Questions from previous sessions (CISM or comparable examinations). Preparation and Certification Partial simulation of the review conducted at the end of training. Subscribe to the www.isaca.org site, the registration deadline was made two months before the date of the examination. Duration and conduct of the exam: 3 hours with 150 questions (review available only in English).

NITROXIS 2021 V4.1 (15/05/2021) - 90

CRISC® (Certified in Risk ad Information System Control) This 3-Day training prepares the professionals who want to pass the ISACA’s Certified in Risk and Information System Control CRISC®® exam. The program covers the four key areas covered in the exam: IT risk identification, IT Risk Assessment, Risk and Response and Mitigation, Risk and Control Monitoring and Reporting The program is aligned on the latest Edition (6th) of the CBK (Common Body of Knowledge) from the ISACA(R) CRISC® certification is recognised around the world. Educational objectives Master the risk management approach according the CRISC® Apply the best responses strategies to the risks weighing on the information system Use best risk monitoring practices Define information system controls Use best practices to monitor and maintain these controls Certification -Candidates must apply for certification within 5 years of having passed the exam. -A minimum of 3-year experience of cumulative work experience performing the tasks of a CRISC® professional across at least two of the four CRISC® domains is required for the certification. Of these two domains, one must be in either domain 1 or 2. -Adhere to the ISACA(R) code of Professional Ethics -Agree to comply with the CRISC® continuing education policy. Audience ⁃ Job roles that can benefit from CRISC® training include, but are not limited to: ⁃ CISO ⁃ Information Security consultants ⁃ Governance Consultants ⁃ Cybersecurity Consultants ⁃ IT professionals ⁃ Risk professionals

NITROXIS 2021 V4.1 (15/05/2021) - 91

⁃ Control professionals ⁃ Project managers ⁃ Business analysts ⁃ Compliance professionals ⁃ Auditors ⁃ CRISC®(R) exam candidates and anyone keen to improve their knowledge in the field of risk management and IS control. ⁃ Participants who have completed an ISO 27005 or ISO 31000 course ⁃ People working with an ERM (Enterprise Risk Management) framework Prerequisite There is no prerequisite to take the CRISC®(R) exam; however, in order to apply for CRISC®(R) certification you must meet the necessary experience requirements as determined by ISACA. Participants should have a basic knowledge of the areas to be covered. The course consists of intense preparation for the certification exam. English required for the exam. Course Schedule Chapter 1 : IT Risk Identification Risk Capacity, Risk Appetite, and Risk Tolerance Risk Culture and Communication Elements of risks Information security Risk Concepts and principles The IT Risk Strategy of the Business IT Concepts and Areas of concern for the Risk Practitioner Methods of risk identification IT Risk Scenarios Ownership and Accountability The IT Risk Register Risk Awareness Chapter 2 : IT Risk Assessment Risk Assessment Techniques Analysing Risk Scenarios Current State of Controls Change in the Risk Environment Project and Program Management Risk and Controls Analysis Risk Analysis Methodologies Risk Ranking Documenting Risk Assessments Chapter 3 : Risk Response and Mitigation Aligning, Risk Response with Business Objectives

NITROXIS 2021 V4.1 (15/05/2021) - 92

Risk Response Options Analysis Techniques Vulnerabilities Associated with New Controls Developing a Risk Action Plan Business Process Review Tools and Techniques Control Design and Implementation Control Monitoring and Effectiveness Types of Risk Control Activities, Objectives, Practices and Metrics Systems Control Design and Implementation Impact of Emerging Technologies on Design and Implementation of Controls Control Ownership Risk Management Procedures and Documentation Chapter 4 : Risk and Control Monitoring and Reporting Key Risk Indicators Key Performance Indicators Data Collection and Extraction Tools and Techniques Monitoring Controls Control Assessment Types Results of Control Assessment Changes of the IT Risk Profile Preparation to the exam Multiple Choice Questions (MCQ) similar to the exam and correction performed together Discussion and exchanges, hints and tips to pass the exam. Registration to be made on the sitewww.isaca.org, the closing of the registration is done 2 months before the date of the examination. The exam consists of 150 MCQ that cover the CRISC® job practice domains.

NITROXIS 2021 V4.1 (15/05/2021) - 93

(ISC)2

CISSP (Certified Information Systems Security Professional) This 5-day course will prepare for the CISSP exam Certified Information Systems Security Professional, covering the entire CBK (Common Body of Knowledge) as defined by (ISC)2. The Certified Information Systems Security Professional (CISSP) is the most globally recognized certification in the information security market. CISSP validated an information security professional’s deep technical and managerial knowledge and experience to effectively design, engineer, and manage the overall security posture of an organization Learning Objectives The broad spectrum of topics included in the CISSP Common Body of Knowledge (CBK) ensure its relevancy across all disciplines in the field of information security. Successful candidates are competent in the following 8 domains:

- Security and Risk Management - Asset Security - Security Architecture and Engineering - Communication and Network Security - Identity and Access Management (IAM) - Security Assessment and Testing - Security Operations - Software Development Security

Who should attend

- Security (Consultant, Manager, Auditor, Architect, Analyst, System Engineer) - IT Director/Manager - CISO - Director of Security - Network Architect

Prerequisites Basic knowledge of the Information System is recommended. Strong English is necessary because the documentation is in English Description This training provides a comprehensive review of information security concepts and industry best practices, covering the 8 domains of CISSP CBK (Common Body of

NITROXIS 2021 V4.1 (15/05/2021) - 94

Knowledge). Several types of activities are used throughout the course to reinforce topics and increase knowledge retention. These activities include open ended questions from the instructor to the students, matching and poll questions, group activities, open/closed questions, and group discussions. the interactive learning technique is based on sound adult learning theories. This training course will help candidates review and refresh their information security knowledge and help identify areas they need to study for the CISSP exam and features Course Agenda Domain 1: Security and Risk Management

- Understand and apply concepts of confidentiality, integrity and availability - Evaluate and apply security governance principles - Determine compliance requirements - Understand legal and regulatory issues that pertain to information security in a

global context - Understand, adhere to, and promote professional ethic - Develop, document, and implement security policy, standards, procedures, and

guidelines - Identify, analyze, and prioritize Business Continuity (BC) requirements - Contribute to and enforce personnel security policies and procedures - Understand and apply risk management concepts - Understand and apply threat modeling concepts and methodologies - Apply risk-based management concepts to the supply chain - Establish and maintain a security awareness, education, and training program

Domain 2: Asset Security

- Identify and classify information and assets - Determine and maintain information and asset ownership - Protect privacy - Ensure appropriate asset retention - Determine data security controls - Establish information and asset handling requirements

Domain 3: Security Engineering

- Implement and manage engineering processes using secure design principles - Understand the fundamental concepts of security models - Select controls based upon systems security requirements - Understand security capabilities of information systems (e.g., memory

protection, Trusted Platform Module, encryption/Decryption) - Assess and mitigate the vulnerabilities of security architectures, designs and

solution elements - Assess and mitigate vulnerabilities in Web-based systems

NITROXIS 2021 V4.1 (15/05/2021) - 95

- Assess and mitigate vulnerabilities in mobile systems - Assess and mitigate vulnerabilities in embedded devices - Apply cryptography - Apply security principles to site and facility design - Implement site and facility security controls

Domain 4: Communications and Network Security

- Implement secure design principle in network architectures - Secure network components - Implement secure communication channels according to design

Domain 5: Identity and Access Management

- Control physical and logical access to assets - Manage identification and authentication of people, devices, and services - Integrate identity as a third-party service - Implement and manage authorization mechanisms - Manage the identity and access provisioning lifecycle

Domain 6: Security Assessment and Testing

- Design and validate assessment, test, and audit strategies - Conduct security control testing - Collect security process data (e.g., technical and administrative) - Analyze test output and generate report - Conduct or facilitate security audits

Domain 7: Security Operations

- Understand and support investigations - Understand requirements for investigation types - Conduct logging and monitoring activities - Securely provisioning resources - Understand and apply foundational security operations concepts - Apply resources protection techniques - Conduct incident management - Operate and maintain detective and preventive measures - Implement and support patch and vulnerability management - Understand and participate in change management processes - Implement recovery strategies - Implement Disaster Recovery (DR) processes - Test Disaster Recovery Plans (DRP) - Participate in Business Continuity (BC) planning and exercises - Implement and manage physical security - Address personnel safety and security concerns

NITROXIS 2021 V4.1 (15/05/2021) - 96

Domain 8: Software Development Security

- Understand and integrate security in the Software Development Life Cycle (SDLC)

- Identify and apply security controls in development environments - Assess the effectiveness of software security - Assess security impact of acquired software - Define and apply secure coding guidelines and standards

Preparation to the Exam The online CISSP exam (CAT: computerized adaptive testing) is available for all the exams in English. In the other languages, the exam is linearly managed. You will have more information on the online exam on the link below: https://www.isc2.org/certifications/CISSP/CISSP-CAT Duration of the exam: 3 hours Number of questions: 100 – 150 Types of questions: Multiple Choice and Innovative Advanced questions Pass Mark: 700 out of1000 points Available Language: English Exam Center: PPC and PVTC, Pearson View Authorized Testing Centers (ISC)2 The linear CISSP exam: Duration of the exam: 6 hours Number of questions: 250 Types of questions: Multiple Choice and Innovative Advanced questions Pass Mark: 700 out of 1000 points Available Language: French, German, Brazilian Portuguese, Spanish, Japanese, Simplified Chinese, Korean Exam Center: PPC and PVTC, Pearson View Authorized Testing Centers (ISC)2

NITROXIS 2021 V4.1 (15/05/2021) - 97

CCSP (Certified Cloud Security Professional)

This 5-day course will prepare you for the CCSP Certified Cloud Security Professional Exam, which covers the entire (ISC)2 CCSP CBK - Common Body of Knowledge. (ISC)2 developed the CCSP credential to ensure that cloud security professionals have the required knowledge, skills and abilities in cloud security design, implementation, architecture, operations, controls, and compliance with regulated frameworks. Learning Objectives The topics included in the CCSP Common Body of Knowledge (CBK) ensure its relevancy across all disciplines in the field of cloud security. Successful candidates are competent in the following 6 domains:

- Cloud concepts, Architecture and Design - Cloud Data Security - Cloud Platform & Infrastructure Security - Cloud Application Security - Cloud Security Operations - Legal, Risk and Compliance

Who should attend? Responsible for the security of the information systems. Responsible for the management system according to ISO 27001. CIO, CISO Director of Security Information Security Officer IT Director/Manager Business security manager Enterprise Architect, Network Architect, Security Administrator, Security Analyst, Security Architect. Security Auditor, Security Consultant, Security Engineer, Security Manager, Security Systems Engineer, Systems Architect, Systems Engineer.

NITROXIS 2021 V4.1 (15/05/2021) - 98

Prerequisites

Good knowledge of English since it is advisable to take the certification exam in English. At least five years of professional experience in information security and a minimum of one year in one of the six CCSP domains mentioned above. You can meet one year of professional experience in one of six CCSP domains if you have CSA CCSK certification. You can meet all the prerequisites of professional experience if you have the CISSP certification. A candidate who does not have the required experience to become a CCSP can become an ISC2 Associate by passing the CCSP exam. The (ISC)2 Associate will then have six years to acquire the five years of required experience.

Course Agenda Domain 1: Cloud concept, Architecture and Design

- Understand cloud Computing Concepts - Describe Cloud Reference Architecture - Understand Security Concepts Relevant to Cloud Computing - Understand the Design Principles of Secure Cloud Computing - Evaluate Cloud Service Providers

Domain 2: Cloud Data Security

- Articulate Legal requirements and Unique Risks within the Cloud Environment - Support Digital Forensics - Understand Privacy Issues - Understand Audit Process, Methodologies, and Required Adaptations for a

Cloud Environment - Understand Implications of Cloud to Enterprise Risk Management - Understand Outsourcing and Cloud Contract Design

Domain 3: Cloud Platforms and Infrastructure Security

- Cloud Data Security Concepts - Design and Implement Cloud Data Storage Architectures - Design and Apply Data Security Technologies and Strategies - Cryptography - Understand and Implement Data Discovery and Classification Technologies - Design and Implement Information Rights Management (IRM) - Plan and Implement Data Retention, Deletion, and Archival Policies

NITROXIS 2021 V4.1 (15/05/2021) - 99

- Design and Implement Auditability, Traceability, and Accountability of Data Events

Domain 4: Cloud Application Security - Comprehend Cloud Infrastructure Components - Secure Cloud Data Center Design - Analyze Risks Associated with Cloud Infrastructure - Design and Plan Security controls for Physical and Logical Cloud Infrastructure - Design Appropriate Identity and Access Management (IAM) solutions - Plan Disaster Recovery (DR) and Business Continuity (BC)

Domain 5: Cloud Security Operations

- Discuss Training and Awareness for Application Security - Describe the Secure Software Development Lifecycle (SDLC) process - Apply the Secure Software Development Lifecycle (SDLC) - Apply Cloud Software Assurance and Validation - Use Verified Source Software - Explain the Specifics of a Cloud Application Architecture

Domain 6: Legal, Risk and Compliance

- Operate and Manage Physical and Logical Infrastructure for Cloud Environment

- Implement Operational Controls and Standards - Manage Communication with Relevant Parties - Manage Security Operations

Preparation to the Exam Duration of the exam: 3 hours Number of questions: 125 Types of questions: Multiple Choice Pass Mark: 700 out of 1000 points Available Language: English Exam Center: Pearson View Testing Center

NITROXIS 2021 V4.1 (15/05/2021) - 100

NITROXIS 2021 V4.1 (15/05/2021) - 101

Miscellaneous (Audit)

Integrated Management System (5-Day Training)

This five-day course provides an overview to the structure of an Integrated Management System (IMS) based on ISO/IEC Annex L, and how to audit the same internally or in the context of certification. Overview This five-day course introduces the structure of an Integrated Management System (IMS) derived from ISO/IEC's normative Annex L (Proposals for management system standards) as well as specific requirements of relevant ISO Standards implementing Annex L, namely ISO 9001:2015, ISO 14001:2015, ISO 45001:2018, ISO/IEC 20000-1:2018, ISO 22301:2019 and ISO/IEC 27001:2013, and how to add any further applicable requirements, eg PCI-DSS, SOX, GDPR etc. At the same time, the course explains processes, methods and skills required to allow an auditor to assess such an IMS all the way through to certification in line with relevant ISO (certification) standards, in particular ISO/IEC 17021-1:2015 and ISO 19011:2018. The course consists of a mix of presentation, discussion and exercises based on real-world examples. Outline Introducing IMS-Auditing

Setting the Scene: ISO Management Systems The ISO Management System Audit Approach Audit Methods

Assessing Elements of an IMS IMS Elements 1: leadership (Annex L clause 5) IMS Elements 2: Context of the Organization (Annex L clause 4) Audit Methods – Part 1: documents review, Interview

IMS Elements 3: Support (Annex L clause 7) IMS Elements 4: Planning (Annex L clause 6) Audit Methods – Part 2: Observing, Sampling IMS Elements 5: Operation (Annex L clause 8) IMS Elements 6: Performance Evaluation (Annex L clause 9) Audit Methods – Part 3: Corroboration IMS Elements 7: Improvement (Annex L clause 10) ILS Element 8: Management Review (Annex L clause 9.3)

Auditing an IMS Audit Principles Overview of the different types of audits Certification process per ISO/IEC 17021-1:2015 Audit skills Objectives

NITROXIS 2021 V4.1 (15/05/2021) - 102

Completion of this course will enable students to - Describe core processes of an Annex L based IMS - Identify additional specific requirements based on the chosen IMS scope - Recognize the range of different audit types, criteria and objectives - Understand applicable audit methods and develop skills to apply these - Execute audit aspect of the certification process - Manage IMS audit teams

Audience This course is aimed at students tasked with

- Assessing an organisation’s processes as part of implementing an IMS - Performing self-assessment, pre-cert or internal audits of an IMS - Acting as (lead) auditor on behalf of a certification body

Prerequisites General understanding of common business processes. Same past exposure to management systems and / or audits helpful, but not required. Acting as (lead) auditor on behalf of a certification body This course is aimed at students tasked with

- Assessing an organisation’s processes as part of implementing an IMS Examination and Certification This course ends with a three hour written essay-style exam on the last day available in multiple languages. This course has been designed by Softqualm and partners, who also mark the exam and issue the IMS Lead Auditor Certification in accordance with ISO/IEC 17024:2012.Exam and first year certification fees are included in the course fees.

NITROXIS 2021 V4.1 (15/05/2021) - 103

Project Management

Préparation à la certification PMP du PMI - PMBOK v6

Le PMI® est la plus importante association professionnelle en gestion de projet au monde, avec plus de 650.000 membres et des certifiés répartis dans plus de 185 pays. Parmi ses certifications, le PMP® – Project Management Professional – est la certification en management de projet la plus reconnue mondialement et exigée. Elle démontre aux employeurs, aux clients et aux collègues que celle/celui qui la possède est un gestionnaire de projet ayant des connaissances en gestion de projet, et justifiant de l'expérience et des compétences nécessaires pour conduire les projets. Le PMP® reconnaît par ailleurs la compétence d'un individu à remplir le rôle d'un chef de projet, en particulier l'expérience dans la conduite et la direction de projets

Objectifs de la formation

Cette formation a pour objectif d’accompagner les candidats dans la préparation à la certification PMP de PMI, d'acquérir les connaissances en Management de Projet conformes au Corpus de connaissances du PMI®, le PMBOK®.

C’est aussi une opportunité pour le partage et l’échange d’expérience et de connaissance entre les participants et les professionnels du milieu dans une optique:

D’acquérir les connaissances en Management de Projet conformes au Corpus de connaissances du PMI®, le PMBOK®.

Se préparer à l'examen de certification du PMI® : PMP® en vous aidant à définir la meilleure stratégie de préparation et le meilleur plan d'étude pour réussir cet examen.

Durée de la formation

5 jours: 5 séances d’une durée de 35 heures (7h/séance)

30 jours de coaching avec:

-11 séances de coaching à distance par Zoom répartie sur les 30 jours la durée de chacune est de 2 heures.

-Un suivi par mail durant les 30 Jours

Pré-requis

Connaissances élémentaires en Management

NITROXIS 2021 V4.1 (15/05/2021) - 104

Public-cible

Chefs de projets débutants ou chefs de projets expérimentés désirant obtenir une reconnaissance internationale de leurs compétences en gestion de projet. Et d'une façon générale cette formation Certification PMP s'adresse à tout acteur souhaitant conforter un rôle de manager de projet ou se préparer à la certification PMP.

Details

A la fin de la formation, un certificat de participation et un certificat mentionnant les 35 PDU sont remis à chaque participant

Un manuel de formation (support de cours et exercices pratiques)

Feuille de route de préparation à la certification PMP

1°) Suivre ce cours

2°) coaching pendant 30 jours qui suit la formation (avec accès au simulateur d'examens)

Un planning sera communiqué au candidat le jour qui suit le dernier jour de cours

11 séances de coaching de 2h chacune via l'application Zoom

Le formateur est également joignable par email pour échanger

3°) accompagnement dans la remise du dossier PMI pour le passage de l'examen PMP

Programme détaillé de le formation

Formation de 35h sur les 10 domaines de PMBOK 6ème edition

NITROXIS 2021 V4.1 (15/05/2021) - 105

Jour 1:

Jour 2:

1. INTRODUCTION 3.4 Compétences du chef de projet 1.1 Présentation et objectif de ce guide 3.5 Intégration 1.2 Éléments fondamentaux EXERCICES

2. ENVIRONNEMENT DU PROJET 4. GESTION DE L’INTÉGRATION DU PROJET

2.1 Présentation 4.1 Élaborer la charte du projet 2.2 Facteurs environnementaux de l'organisation 4.2 Élaborer le plan de management du projet

2.3 Actifs organisationnels 4.3 Diriger et gérer le travail du projet 2.4 Systèmes de l’organisation 4.4 Gérer les connaissances du projet 3. LE RÔLE DU CHEF DE PROJET 4.5 Maîtriser le travail du projet 3.1 Présentation 4.6 Maîtriser les changements 3.2 Définition du chef de projet 4.7 Clore le projet ou la phase 3.3 La sphère d’influence du chef de projet EXERCICES

5. GESTION DU PÉRIMÈTRE DU PROJET 6. GESTION DE L’ÉCHÉANCIER DU PROJET 5.1 Planifier la gestion du périmètre 6.1 Planifier la gestion de l’échéancier 5.2 Recueillir les exigences 6.2 Définir les activités 5.3 Définir le périmètre 6.3 Organiser les activités en séquence 5.4 Créer le WBS 6.4 Estimer la durée des activités 5.5 Valider le périmètre 6.5 Élaborer l’échéancier 5.6 Maîtriser le périmètre 6.6 Maîtriser l’échéancier EXERCICES

NITROXIS 2021 V4.1 (15/05/2021) - 106

Jour 3

7. GESTION DES COÛTS DU PROJET 8. GESTION DE LA QUALITÉ DU PROJET 7.1 Planifier la gestion des coûts 8.1 Planifier la gestion de la qualité 7.2 Estimer les coûts 8.2 Gérer la qualité 7.3 Déterminer le budget 8.3 Maîtriser la qualité 7.4 Maîtriser les coûts EXERCICES

Jour 4

Jour 5

12. GESTION DES APPROVISIONNEMENTS DU PROJET 13.1 Identifier les parties prenantes

12.1 Planifier la gestion des approvisionnements 13.2 Planifier l’engagement des parties prenantes

12.2 Procéder aux approvisionnements 13.3 Gérer l’engagement des parties prenantes

12.3 Maîtriser les approvisionnements 13.4 Maîtriser l’engagement des parties prenantes

9. GESTION DES RESSOURCES DU PROJET 10.3 Maîtriser les communications 9.1 Planifier la gestion des ressources 11. GESTION DES RISQUES DU PROJET 9.2 Estimer les ressources des activités 11.1 Planifier la gestion des risques 9.3 Obtenir les ressources 11.2 Identifier les risques

9.4 Développer l’équipe 11.3 Effectuer l’analyse qualitative des risques

9.5 Gérer l’équipe 11.4 Effectuer l’analyse quantitative des risques

9.6 Maîtriser les ressources 11.5 Planifier les réponses aux risques 10. GESTION DES COMMUNICATIONS DU PROJET 11.6 Exécuter les réponses aux risques

10.1 Planifier la gestion des communications 11.7 Maîtriser les risques 10.2 Gérer les communications EXERCICES

NITROXIS 2021 V4.1 (15/05/2021) - 107

13. GESTION DES PARTIES PRENANTES DU PROJET EXERCICES

NITROXIS 2021 V4.1 (15/05/2021) - 108

Nitroxis Partner/Reseller Training Catalogue 2021 – V4

Documents

Transcript of Nitroxis Partner/Reseller Training Catalogue 2021 – V4