Joseph Holbrook, Cloud Consulting Architect and Technical Trainer
CompTIA Subject Matter Expert (SME)
Cloudbursting Corp(AWS Partner) in Jacksonville, FL.
05/27/2017
COMPTIA SECURITY + CERTIFICATION
(EXAM SYO-401)
SHORT REVIEW SESSION
• Joe Holbrook, owner of Cloudbursting Corp in Jacksonville, FL.
• Cloud Consulting Architect & Technical Trainer who has been consulting in
the Cloud Computing, IT Security Data Storage areas for over 15 years.
• Government contractor and consultant for 10 years. DOD 8570
• IT Security mainly around Cryptography and secure communications for
Federal Gov.
• CompTIA Subject Matter Expert (SME)
• Holds numerous vendor and CompTIA Certs
ABOUT YOUR INSTRUCTOR
CLOUDBURSTING CORP 5/27/2017 2
1. In IT industry – You going to need a security certification
2. In the US Military or a government contractor- required in most cases
3. (DoD 8570.01-M) / State Department Skills Incentive Program
4. Short Video about Security +
5. Exam Objectives
6. Exam Content
7. Taking the exam
8. Practice Questions
9. Tips to Prepare
COMPTIA SECURITY PLUS
CYBERSECURITY CAREER PATH
CloudBursting Corp
5/27/2017 4
IN IT INDUSTRY – YOU GOING TO NEED A SECURITY
CERTIFICATION
WHY YOU NEED A SECURITY CERTIFICATION?
• Why
• Critical to establishing a baseline knowledge
• Establishes you as “knowledgeable”
• Required for accessing IT Resources
• Government mandate in some cases.
Some IT Security Certifications
• CompTIA Security +
• CompTIA CASP
• CompTIA CSA +
• CISSP
• CISA (ISC)
• CCNA – Security (CISCO)
5/27/2017CLOUDBURSTING CORP 6
IN THE US MILITARY OR A GOVERNMENT
CONTRACTOR- REQUIRED IN MOST CASES FOR IT PROS
The DoD 8570 Information Assurance
Training, Certification and Workforce
Management program addresses this
threat by proactively educating and
certifying commercial contractors, and
military and civilian personnel to perform
their critical duties as Information
Assurance professionals.
Under the 8570 Mandate, all personnel
with "privileged access" to DoD systems
must obtain an ANSI-approved
commercial certification.
DOD 8570 & ISO/ANSI 17024
CLOUDBURSTING CORP 5/27/2017 8
US MILITARY DOD 8570-M
 Department of Defense Directive 8570 (DoDD 8570) provides guidance and
procedures for the training, certification, and management of all government
employees who conduct Information Assurance functions in assigned duty
positions. These individuals are required to carry an approved certification for
their particular job classification. GIAC certifications are among those required
for Technical, Management, CND, and IASAE classifications. SANS courses
prepare you to take a GIAC exam.
 DoD 8570 Requires:
 •By the end of CY 2010, all personnel performing IAT and IAM functions must be
certified.
 •By the end of CY 2011 all personnel performing CND-SP and IASAE roles must
be certified.
 •All IA jobs will be categorized as 'Technical' or 'Management' Level I, II, or III,
and to be qualified for those jobs, you must be certified
5/27/2017CLOUDBURSTING CORP 9
SHORT VIDEO ON SECURITY +
SECURITY PLUS VIDEO
https://certification.comptia.org/certifications/security
5/27/2017CLOUDBURSTING CORP 11
EXAM OBJECTIVES
COMPTIA SECURITY PLUS EXAM OBJECTIVES
SAMPLE TOPIC FOR EXAM
Preparing for the
CompTIA Security+
Examination
Chapter 1
Network Device Configuration
NETWORK DEVICES
Chapter 1 Network Device Configuration
Networks are comprised of devices and are
configured via software to perform the desired
activities. The correct configuration of network devices
is a key element of securing the network infrastructure.
Proper configuration can greatly assist in the network
security posture. Learning how to properly configure
network devices is important for passing the CompTIA
Security+ exam
A complete network computer solution in today’s business environment consists
of more than just client computers and servers.
• Devices are used to connect the clients and servers and to regulate the
traffic between them.
• Devices are also needed to expand this network beyond simple client
computers and servers to include yet other devices, such as wireless
and handheld systems.
Pg. 3
5/27/2017CLOUDBURSTING CORP 16
FIREWALLS
Chapter 1 Network Device Configuration
A firewall can be hardware, software, or a combination whose purpose is to
enforce a set of network security policies across network connections. A
firewall is a filtering device that has two or more interfaces to determine the
traffic that is allowed to flow through the interfaces. A dual-homed
firewall has two network interfaces. An embedded firewall is
integrated into a router. A hardware firewall is also referred to as an
appliance firewall. There are software firewalls and hardware
firewalls. A hardware firewall is purchased with a fixed number of
interfaces available and a software firewall is configurable.
Security policies are rules that define what traffic is permissible and what
traffic is to be blocked or denied. These are not universal rules, and many
different sets of rules are created for a single company with multiple
connections. A firewall is used to create a demilitarized zone (DMZ) Pg. 3
5/27/2017CLOUDBURSTING CORP 17
HOW DO FIREWALLS WORK
Chapter 1 Network Device Configuration
Firewalls enforce the established security policies through a variety of
mechanisms, including the following:
• Network Address Translation (NAT). NAT router/firewalls act as
the interface between a local area network and the Internet
using one IP address.
• Basic Packet Filtering - A packet-filtering firewall only looks at a
data packet to obtain the source and destination addresses
and the protocol and port used
• Stateful Packet Filtering. The firewall maintains, or knows, the
context of a conversation
• Access Control Lists (ACLs). A list of permissions used to access
an object.
• Application Layer Proxies. Packets are not allowed to traverse the
firewall, but data instead flows up to an application that in turn
decides what to do with it
Pg. 5
5/27/2017CLOUDBURSTING CORP 18
CONFIGURING A FIREWALL
Part I Network Security Chapter 1 Network Device Configuration
You need to configure the firewall to meet the following requirements:
Pg. 5
• The Research computer should only be allowed to connect to the file server using SCP.
• The Sales computer should only be allowed to connect to the Web server using HTTPS.
• No other connections from the server network to the DMZ should be allowed.
5/27/2017CLOUDBURSTING CORP 19
CONFIGURING A FIREWALL
Chapter 1 Network Device Configuration
Pg. 5
<SOURCE IP> <DESTINATION IP> <PORT> <PROTOCOL><ALLOW/DENY>
Source: 192.168.0.2 - Destination: 172.16.0.2 - Port: 22 - TCP – Allow
Source: 192.168.0.3 - Destination: 172.16.0.3 - Port: 443 - TCP – Allow
Source: 192.168.0.0/16 - Destination: 172.16.0.0/12 - Port: Any - TCP/UDP - Deny
5/27/2017CLOUDBURSTING CORP 20
ROUTERS
Chapter 1 Network Device Configuration
Routers are network traffic management devices used to connect
different network segments together. Routers operate at the network
layer (layer 3) of the Open Systems Interconnection (OSI) reference
model (discussed in Chapter 3), routing traffic using the network
address utilizing routing protocols to determine optimal paths across a
network. Routers form the backbone of the Internet, moving traffic from
network to network, inspecting packets from every communication as they
move traffic in optimal paths.
Routers operate by examining each packet, looking at the destination
address, and using algorithms and tables to determine where to send the
packet next. This process of examining the header to determine the next
hop can be done in quick fashion. A router is a device that is designed
to transmit all data that is not specifically denied between networks,
and to do so in the most efficient manner possible. Pg. 7
5/27/2017CLOUDBURSTING CORP 21
ROUTERS
Chapter 1 Network Device Configuration
Routers use ACLs as a method of deciding whether a packet is
allowed to enter the network. With ACLs, it is also possible to examine
the source address and determine whether or not to allow a packet to
pass. This allows routers equipped with ACLs to drop packets
according to rules built in the ACLs. The ACLs will improve network
security by confining sensitive data traffic to computers on a
specific subnet.
One serious operational security issue with routers concerns the
access to a router and control of its internal functions. Routers can be
accessed using the Simple Network Management Protocol (SNMP)
and Telnet and can be programmed remotely
Pg. 7
5/27/2017CLOUDBURSTING CORP 22
SWITCHES
Chapter 1 Network Device Configuration
Switches form the basis for connections in most Ethernet-based local
area networks (LANs). Although hubs and bridges still exist, in today’s
high-performance network environment, switches have replaced both.
A switch, like a bridge, can connect two or more LAN segments
together.
A switch has separate collision domains for each port. This means that
for each port, two collision domains exist: one from the port to the
client on the downstream side and one from the switch to the network
upstream. When full duplex is employed, collisions are virtually
eliminated from the two nodes, host and client. This also acts as a
security factor in that a sniffer can see only limited traffic, as opposed
to a hub-based system, where a single sniffer can see all of the traffic
to and from connected devices. Pg. 8
5/27/2017CLOUDBURSTING CORP 23
SWITCHES
Chapter 1 Network Device Configuration
Switches operate at the data link layer of the OSI model, while routers
act at the network layer. For intranets, switches have become what
routers are on the Internet—the device of choice for connecting
machines. As switches have become the primary net-work connectivity
device, additional functionality has been added to them. A switch is
usually a layer 2 device, but layer 3 switches incorporate routing
functionality.
Switches can also perform a variety of security functions.
Port address security based on Media Access Control
(MAC) addresses can determine whether a packet is
allowed or blocked from a connection. You should
replace the hub with a switch. This will provide some
protection against traffic sniffing. In a network that
uses hubs, packets are visible to every node on the
network
Pg. 8
5/27/2017CLOUDBURSTING CORP 24
SWITCHES
Chapter 1 Network Device Configuration
Simple Network Management Protocol (SNMP) provides management
functions to many network devices. SNMPv1 and SNMPv2
authenticate using a cleartext password, allowing anyone monitoring
packets to capture the password and have access to the network
equipment. SNMPv3.
To secure a switch, you should disable all
access protocols other than a secure serial line
or a secure protocol such as Secure Shell
(SSH). Using only secure methods to access a
switch will limit the exposure to hackers and
malicious users.
Three Best Practices for securing a switch
• Ensure that wiring closets are locked.
• Ensure that TCP and UDP ports are
managed properly.
• Ensure that the MAC address of
connected devices are monitored. Pg. 9
5/27/2017CLOUDBURSTING CORP 25
1. The CompTIA Security Plus Bootcamp is 3-5 days of training.
2. The cost of this training is around $2000.00 -$3000.00 for the week
3. Hundreds of training providers
4. Ill be hosting a special bootcamp over in Late July or early August so pay attention to the
http://www.meetup.com/JaxFISG/
5. Cost will be around $500 -$ 800.00 depending on venue and number of attendees.
6. Thank you
COMPTIA SECURITY PLUS COURSES
TAKING THE EXAM
COMPTIA SECURITY PLUS EXAM
https://certification.comptia.org/testing/schedule-exam
SHORT FUNNY VIDEO – IT SUPERHERO
• Funny Video… Its so true about IT Users. https://www.youtube.com/watch?v=hgeaya7Yg4A
ARE YOU AN IT SUPERHERO?
QUESTIONS?
MOCK QUESTIONS
1. What network design elements allows for many internal devices to share
one public IP address
- NAT
- PAT
- DHCP
- BGP
MOCK QUESTIONS
2. While working as a security administrator, you observed some suspicious
activity on your network and believe you have a breach. Which appliance is
designed to stop an intrusion on the network?
- IDS
- NIPS
- Firewall
- Honeypot
MOCK QUESTIONS
3. Which of the following flags are used for TCP to establish a connection?
- ACK
- SYN
-Reboot
-FIN
MOCK QUESTIONS
4. You organization has witness a rogue application that appears to push out
unusual HTML tags and they are filtering content. What Layer of the TCP
stack are we dealing with?
- Layer 1
- Layer 2
-Layer 5
-Layer 7
MOCK QUESTIONS
5. You are a newly minted Security Plus expert. Your new role you are
expected to block web traffic from Iceland because of numerous issues from
that country. How do you block specific countries such as Iceland? Select
Three choices
- URL Filtering
- Proxy
- HIDS
- Spam Filter
- Firewall
MOCK QUESTIONS
GOOD LUCK AND THANK YOU
1. Available for Consulting
- VMWare, HDS Storage, Brocade Communications, Cloud Computing and ITIL
• Data Center Transformation and Cloud Migrations.
1. Available Training
• - CompTIA, Cloud Credential Council, ITIL and major storage vendors.
• - Google Cloud Platform and Amazon Web Services.
• Customized and Content Development
CONSULTING AND TRAINING

CompTIA Security Plus Mini Bootcamp Session

  • 1.
    Joseph Holbrook, CloudConsulting Architect and Technical Trainer CompTIA Subject Matter Expert (SME) Cloudbursting Corp(AWS Partner) in Jacksonville, FL. 05/27/2017 COMPTIA SECURITY + CERTIFICATION (EXAM SYO-401) SHORT REVIEW SESSION
  • 2.
    • Joe Holbrook,owner of Cloudbursting Corp in Jacksonville, FL. • Cloud Consulting Architect & Technical Trainer who has been consulting in the Cloud Computing, IT Security Data Storage areas for over 15 years. • Government contractor and consultant for 10 years. DOD 8570 • IT Security mainly around Cryptography and secure communications for Federal Gov. • CompTIA Subject Matter Expert (SME) • Holds numerous vendor and CompTIA Certs ABOUT YOUR INSTRUCTOR CLOUDBURSTING CORP 5/27/2017 2
  • 3.
    1. In ITindustry – You going to need a security certification 2. In the US Military or a government contractor- required in most cases 3. (DoD 8570.01-M) / State Department Skills Incentive Program 4. Short Video about Security + 5. Exam Objectives 6. Exam Content 7. Taking the exam 8. Practice Questions 9. Tips to Prepare COMPTIA SECURITY PLUS
  • 4.
  • 5.
    IN IT INDUSTRY– YOU GOING TO NEED A SECURITY CERTIFICATION
  • 6.
    WHY YOU NEEDA SECURITY CERTIFICATION? • Why • Critical to establishing a baseline knowledge • Establishes you as “knowledgeable” • Required for accessing IT Resources • Government mandate in some cases. Some IT Security Certifications • CompTIA Security + • CompTIA CASP • CompTIA CSA + • CISSP • CISA (ISC) • CCNA – Security (CISCO) 5/27/2017CLOUDBURSTING CORP 6
  • 7.
    IN THE USMILITARY OR A GOVERNMENT CONTRACTOR- REQUIRED IN MOST CASES FOR IT PROS
  • 8.
    The DoD 8570Information Assurance Training, Certification and Workforce Management program addresses this threat by proactively educating and certifying commercial contractors, and military and civilian personnel to perform their critical duties as Information Assurance professionals. Under the 8570 Mandate, all personnel with "privileged access" to DoD systems must obtain an ANSI-approved commercial certification. DOD 8570 & ISO/ANSI 17024 CLOUDBURSTING CORP 5/27/2017 8
  • 9.
    US MILITARY DOD8570-M  Department of Defense Directive 8570 (DoDD 8570) provides guidance and procedures for the training, certification, and management of all government employees who conduct Information Assurance functions in assigned duty positions. These individuals are required to carry an approved certification for their particular job classification. GIAC certifications are among those required for Technical, Management, CND, and IASAE classifications. SANS courses prepare you to take a GIAC exam.  DoD 8570 Requires:  •By the end of CY 2010, all personnel performing IAT and IAM functions must be certified.  •By the end of CY 2011 all personnel performing CND-SP and IASAE roles must be certified.  •All IA jobs will be categorized as 'Technical' or 'Management' Level I, II, or III, and to be qualified for those jobs, you must be certified 5/27/2017CLOUDBURSTING CORP 9
  • 10.
    SHORT VIDEO ONSECURITY +
  • 11.
  • 12.
  • 13.
    COMPTIA SECURITY PLUSEXAM OBJECTIVES
  • 14.
  • 15.
    Preparing for the CompTIASecurity+ Examination Chapter 1 Network Device Configuration
  • 16.
    NETWORK DEVICES Chapter 1Network Device Configuration Networks are comprised of devices and are configured via software to perform the desired activities. The correct configuration of network devices is a key element of securing the network infrastructure. Proper configuration can greatly assist in the network security posture. Learning how to properly configure network devices is important for passing the CompTIA Security+ exam A complete network computer solution in today’s business environment consists of more than just client computers and servers. • Devices are used to connect the clients and servers and to regulate the traffic between them. • Devices are also needed to expand this network beyond simple client computers and servers to include yet other devices, such as wireless and handheld systems. Pg. 3 5/27/2017CLOUDBURSTING CORP 16
  • 17.
    FIREWALLS Chapter 1 NetworkDevice Configuration A firewall can be hardware, software, or a combination whose purpose is to enforce a set of network security policies across network connections. A firewall is a filtering device that has two or more interfaces to determine the traffic that is allowed to flow through the interfaces. A dual-homed firewall has two network interfaces. An embedded firewall is integrated into a router. A hardware firewall is also referred to as an appliance firewall. There are software firewalls and hardware firewalls. A hardware firewall is purchased with a fixed number of interfaces available and a software firewall is configurable. Security policies are rules that define what traffic is permissible and what traffic is to be blocked or denied. These are not universal rules, and many different sets of rules are created for a single company with multiple connections. A firewall is used to create a demilitarized zone (DMZ) Pg. 3 5/27/2017CLOUDBURSTING CORP 17
  • 18.
    HOW DO FIREWALLSWORK Chapter 1 Network Device Configuration Firewalls enforce the established security policies through a variety of mechanisms, including the following: • Network Address Translation (NAT). NAT router/firewalls act as the interface between a local area network and the Internet using one IP address. • Basic Packet Filtering - A packet-filtering firewall only looks at a data packet to obtain the source and destination addresses and the protocol and port used • Stateful Packet Filtering. The firewall maintains, or knows, the context of a conversation • Access Control Lists (ACLs). A list of permissions used to access an object. • Application Layer Proxies. Packets are not allowed to traverse the firewall, but data instead flows up to an application that in turn decides what to do with it Pg. 5 5/27/2017CLOUDBURSTING CORP 18
  • 19.
    CONFIGURING A FIREWALL PartI Network Security Chapter 1 Network Device Configuration You need to configure the firewall to meet the following requirements: Pg. 5 • The Research computer should only be allowed to connect to the file server using SCP. • The Sales computer should only be allowed to connect to the Web server using HTTPS. • No other connections from the server network to the DMZ should be allowed. 5/27/2017CLOUDBURSTING CORP 19
  • 20.
    CONFIGURING A FIREWALL Chapter1 Network Device Configuration Pg. 5 <SOURCE IP> <DESTINATION IP> <PORT> <PROTOCOL><ALLOW/DENY> Source: 192.168.0.2 - Destination: 172.16.0.2 - Port: 22 - TCP – Allow Source: 192.168.0.3 - Destination: 172.16.0.3 - Port: 443 - TCP – Allow Source: 192.168.0.0/16 - Destination: 172.16.0.0/12 - Port: Any - TCP/UDP - Deny 5/27/2017CLOUDBURSTING CORP 20
  • 21.
    ROUTERS Chapter 1 NetworkDevice Configuration Routers are network traffic management devices used to connect different network segments together. Routers operate at the network layer (layer 3) of the Open Systems Interconnection (OSI) reference model (discussed in Chapter 3), routing traffic using the network address utilizing routing protocols to determine optimal paths across a network. Routers form the backbone of the Internet, moving traffic from network to network, inspecting packets from every communication as they move traffic in optimal paths. Routers operate by examining each packet, looking at the destination address, and using algorithms and tables to determine where to send the packet next. This process of examining the header to determine the next hop can be done in quick fashion. A router is a device that is designed to transmit all data that is not specifically denied between networks, and to do so in the most efficient manner possible. Pg. 7 5/27/2017CLOUDBURSTING CORP 21
  • 22.
    ROUTERS Chapter 1 NetworkDevice Configuration Routers use ACLs as a method of deciding whether a packet is allowed to enter the network. With ACLs, it is also possible to examine the source address and determine whether or not to allow a packet to pass. This allows routers equipped with ACLs to drop packets according to rules built in the ACLs. The ACLs will improve network security by confining sensitive data traffic to computers on a specific subnet. One serious operational security issue with routers concerns the access to a router and control of its internal functions. Routers can be accessed using the Simple Network Management Protocol (SNMP) and Telnet and can be programmed remotely Pg. 7 5/27/2017CLOUDBURSTING CORP 22
  • 23.
    SWITCHES Chapter 1 NetworkDevice Configuration Switches form the basis for connections in most Ethernet-based local area networks (LANs). Although hubs and bridges still exist, in today’s high-performance network environment, switches have replaced both. A switch, like a bridge, can connect two or more LAN segments together. A switch has separate collision domains for each port. This means that for each port, two collision domains exist: one from the port to the client on the downstream side and one from the switch to the network upstream. When full duplex is employed, collisions are virtually eliminated from the two nodes, host and client. This also acts as a security factor in that a sniffer can see only limited traffic, as opposed to a hub-based system, where a single sniffer can see all of the traffic to and from connected devices. Pg. 8 5/27/2017CLOUDBURSTING CORP 23
  • 24.
    SWITCHES Chapter 1 NetworkDevice Configuration Switches operate at the data link layer of the OSI model, while routers act at the network layer. For intranets, switches have become what routers are on the Internet—the device of choice for connecting machines. As switches have become the primary net-work connectivity device, additional functionality has been added to them. A switch is usually a layer 2 device, but layer 3 switches incorporate routing functionality. Switches can also perform a variety of security functions. Port address security based on Media Access Control (MAC) addresses can determine whether a packet is allowed or blocked from a connection. You should replace the hub with a switch. This will provide some protection against traffic sniffing. In a network that uses hubs, packets are visible to every node on the network Pg. 8 5/27/2017CLOUDBURSTING CORP 24
  • 25.
    SWITCHES Chapter 1 NetworkDevice Configuration Simple Network Management Protocol (SNMP) provides management functions to many network devices. SNMPv1 and SNMPv2 authenticate using a cleartext password, allowing anyone monitoring packets to capture the password and have access to the network equipment. SNMPv3. To secure a switch, you should disable all access protocols other than a secure serial line or a secure protocol such as Secure Shell (SSH). Using only secure methods to access a switch will limit the exposure to hackers and malicious users. Three Best Practices for securing a switch • Ensure that wiring closets are locked. • Ensure that TCP and UDP ports are managed properly. • Ensure that the MAC address of connected devices are monitored. Pg. 9 5/27/2017CLOUDBURSTING CORP 25
  • 26.
    1. The CompTIASecurity Plus Bootcamp is 3-5 days of training. 2. The cost of this training is around $2000.00 -$3000.00 for the week 3. Hundreds of training providers 4. Ill be hosting a special bootcamp over in Late July or early August so pay attention to the http://www.meetup.com/JaxFISG/ 5. Cost will be around $500 -$ 800.00 depending on venue and number of attendees. 6. Thank you COMPTIA SECURITY PLUS COURSES
  • 27.
  • 28.
    COMPTIA SECURITY PLUSEXAM https://certification.comptia.org/testing/schedule-exam
  • 29.
    SHORT FUNNY VIDEO– IT SUPERHERO
  • 30.
    • Funny Video…Its so true about IT Users. https://www.youtube.com/watch?v=hgeaya7Yg4A ARE YOU AN IT SUPERHERO?
  • 31.
  • 32.
  • 33.
    1. What networkdesign elements allows for many internal devices to share one public IP address - NAT - PAT - DHCP - BGP MOCK QUESTIONS
  • 34.
    2. While workingas a security administrator, you observed some suspicious activity on your network and believe you have a breach. Which appliance is designed to stop an intrusion on the network? - IDS - NIPS - Firewall - Honeypot MOCK QUESTIONS
  • 35.
    3. Which ofthe following flags are used for TCP to establish a connection? - ACK - SYN -Reboot -FIN MOCK QUESTIONS
  • 36.
    4. You organizationhas witness a rogue application that appears to push out unusual HTML tags and they are filtering content. What Layer of the TCP stack are we dealing with? - Layer 1 - Layer 2 -Layer 5 -Layer 7 MOCK QUESTIONS
  • 37.
    5. You area newly minted Security Plus expert. Your new role you are expected to block web traffic from Iceland because of numerous issues from that country. How do you block specific countries such as Iceland? Select Three choices - URL Filtering - Proxy - HIDS - Spam Filter - Firewall MOCK QUESTIONS
  • 38.
    GOOD LUCK ANDTHANK YOU
  • 39.
    1. Available forConsulting - VMWare, HDS Storage, Brocade Communications, Cloud Computing and ITIL • Data Center Transformation and Cloud Migrations. 1. Available Training • - CompTIA, Cloud Credential Council, ITIL and major storage vendors. • - Google Cloud Platform and Amazon Web Services. • Customized and Content Development CONSULTING AND TRAINING