homepage
Open menu

SEC510: Public Cloud Security: AWS, Azure, and GCP

GIAC Public Cloud Security (GPCS)
GIAC Public Cloud Security (GPCS)
Register Now Course Demo
  • In Person (5 days)
  • Online
38 CPEs

Organizations are becoming multi cloud by choice or by chance. However, although cloud providers are responsible for the security of the cloud, their customers are responsible for what they do in the cloud. Unfortunately, the providers have made the customer's job difficult by offering hundreds of different services, many of which are insecure by default. Worse yet, with organizations opting to use multiple providers, security teams need a deep understanding of the underlying details of each cloud's services in order to lock them down. As the multicloud landscape rapidly evolves and development teams eagerly adopt the next big thing, security is constantly playing catch-up in order to avert disaster. SEC510: Public Cloud Security: AWS, Azure, and GCP teaches you how the Big 3 cloud providers work and how to securely configure and use their services and PaaS / IaaS offerings. 20 Hands-On Labs + CloudWars

Course Authors:
Brandon Evans
Brandon Evans
Certified Instructor
Eric Johnson
Eric Johnson
Senior Instructor
What You Will LearnSyllabusCertificationPrerequisitesLaptop RequirementsAuthor StatementReviewsTraining & Pricing

What You Will Learn

Multiple Clouds Require Multiple Solutions

SEC510 provides cloud security practitioners, analysts, and researchers with an in-depth understanding of the inner workings of the most popular public cloud providers: Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). Students will learn industry-renowned standards and methodologies, such as the MITRE ATT&CK Cloud Matrix and CIS Cloud Benchmarks, then apply that knowledge in hands-on exercises to assess a modern web application that leverages the cloud native offerings of each provider. Students will launch unhardened services, analyze the security configuration, validate that they are insufficiently secure, deploy patches, and validate the remediation. Through this process students will learn the philosophies that undergird each provider and how these have influenced their services and will leave the course confident that they have the knowledge they need when adopting services and Platform as a Service (PaaS) / Infrastructure as a Service (IaaS) offerings in each cloud.

The Big 3 cloud providers alone provide more services than any one company can consume. As security professionals, it can be tempting to block unfamiliar cloud providers. Unfortunately, this approach will inevitably fail as the product development organization sidelines a security entity that is unwilling to change. Functionality drives adoption, not security, and if a team discovers a service offering that can help get its product to market quicker than the competition, it can and should use it. SEC510 gives you the ability to provide relevant and modern guidance and guardrails to these teams to enable them to move both quickly and safely.

"This class was an excellent investment. I learned a great deal about the various strengths and weaknesses in the 3 largest cloud providers' default services and default configurations as well as inherent insecurities that can't be easily mitigated. There is a great deal of actionable content that I can take back to my team as we work to monitor and help our clients secure their cloud environments."- John Senn, EY

BUSINESS TAKEAWAYS

  • Be proactive in embracing the multi cloud trend safely. It is impossible for an organization to standardize on a single cloud provider. A survey from Forrester shows that 86% of organizations identify as multi cloud. Even if you do not want to use multiple clouds, mergers and acquisitions makes this inevitable. So-called "cloud-agnostic" technologies cannot solve the related security challenges alone.
  • Effective cloud security practitioners need to know how the Big 3 providers differ. Security concepts do not always translate from cloud-to-cloud. A great strategy for one can be catastrophic for another.
  • All security-minded organizations require professional reconfiguration as most cloud services are highly insecure by default.
  • Storage security is much more than just closing public buckets. Even private assets can be compromised by competent attackers.
  • Security is 5+ years behind development and needs to play catch-up. Technologies that security considers to be cutting-edge, like serverless, have been used in production for a very long time.

SKILLS LEARNED

  • Understand the inner workings of cloud services and Platform as a Service (PaaS) / Infrastructure as a Service (IaaS) offerings in order to make more informed decisions in the cloud
  • Understand the design philosophies that undergird each provider and how these have influenced their services in order to properly prescribe security solutions for them
  • Discover the unfortunate truth that many cloud services are adopted before their security controls are fully fleshed out
  • Understand Amazon Web Services (AWS), Azure, and Google Cloud Platform (GCP) in depth.
  • Evaluate the pros and cons of deploying cloud-agnostic workloads across multiple cloud providers
  • Understand the intricacies of Identity and Access Management, one of the most fundamental concepts in the cloud and yet one of the last understood
  • Understand cloud networking and how locking it down is a critical aspect of defense-in-depth in the cloud
  • Analyze how each provider handles encryption at rest and in transit in order to prevent sensitive data loss
  • Apply defense-in-depth techniques to protect data in cloud storage
  • Compare and contrast the serverless platforms of each provider
  • Explore the service offering landscape to discover what is driving the adoption of multiple cloud platforms and to assess the security of services at the bleeding edge, such as serverless platforms
  • Utilize multicloud IAM and cloud Single Sign-On to provide secure access to resources across cloud accounts and providers
  • Automate security and compliance checks using cloud-native platforms and open-source solutions
  • Understand Terraform Infrastructure-as-Code well enough to share it with your engineering team as a starting point for implementing the controls discussed in the course

HANDS-ON TRAINING

SEC510: Public Cloud Security: AWS, Azure, and GCP consolidates all of the concepts discussed in the lectures through hands-on labs. In the labs, students will assess a modern, cloud-agnostic, web application written with Next.js, React, and Sequelize that leverages the cloud native offerings of each provider. Each lab includes step-by-step guide as well as a "no hints" option for students who want to test their skills without further assistance. This allows students to choose the level of difficulty that is best for them and fall back to the step-by-step guide as needed.

SEC510 also offers students an opportunity to participate in CloudWars Bonus Challenges each day in a gamified environment, while also providing more hands-on experience with the cloud security and relevant tools.

  • SECTION 1: VM credential exposure, Hardening AWS IAM policies, Hardening Azure and GCP policies, Advanced IAM features, CloudWars Section 1
  • SECTION 2: Network lockdown, Analyzing network traffic, private endpoint security, Cloud VPN and Managed SSH, CloudWars Section 2
  • SECTION 3: Audit decryption events, Encrypt all the things!, Storage service lockdown, Unauthorized file sharing, CloudWars Section 3
  • SECTION 4: Serverless prey, Hardening serverless functions, App service security, Firebase access control, CloudWars Section 4
  • SECTION 5: Multicloud integration, Login with Azure AD, Automated benchmarking, Lab teardown, CloudWars Section 5

"Labs are amazing, they cover all the content we review over the lecture."- Enrique Gamboa, ALG

"Labs are insane. Such a great setup. I'm learning a ton and plus will be able to build upon this great foundation." - Kevin Sahota, 604 Security

"Labs are very well structured and detailed to explain exactly what is happening and why."- Gareth Johnson, Close Brothers

SYLLABUS SUMMARY

  • Section 1: Securely Using Identity and Access Management (IAM) and Defending IAM Credentials
  • Section 2: Restricting Infrastructure and Data Access to Trusted Networks
  • Section 3: Encrypting Data at Rest and In-Transit, Locking Down Storage, and Auditing Logs
  • Section 4: Exploring Serverless Functions, App Services, and the Firebase Platform
  • Section 5: Securely Integrating Across Cloud Accounts and Automating Misconfiguration Benchmarking

ADDITIONAL FREE RESOURCES

WHAT YOU WILL RECEIVE

  • Printed and Electronic courseware
  • MP3 audio files of the course
  • Course virtual machine (VM) with all lab exercises that can be redone outside of class
  • Thousands of lines of Infrastructure-as-Code for each cloud platform that you can use at your organization

WHAT COMES NEXT

Multi cloud security is a major component of many cloud-specific job roles. For additional cloud security training courses, please visit our main SANS Cloud Security curriculum page.

Syllabus (38 CPEs)

Download PDF
  • Overview

    SEC510 starts with a brief overview of the Big 3 cloud providers. We will examine the factors driving adoption of multiple cloud providers and the rise in popularity of Azure and GCP, which historically have lagged far behind AWS. Students will then initialize their multi-cloud lab environment and deploy a cloud-agnostic modern web application to each of the Big 3 providers.

    This leads into an analysis of the intricacies of Identity and Access Management (IAM), one of the most fundamental and misunderstood concepts in cloud security. Playing the role of an attacker in their lab environment, students will compromise real IAM credentials using application vulnerabilities and then use them to access sensitive data.

    The remainder of this section will focus on how to leverage well-written IAM policies to minimize the damage caused by such attacks. Although the ultimate solution is to fix the bug in the application, these strategies can prevent a minor incident from becoming front-page news.

    Exercises
    • VM Credential Exposure
    • Hardening AWS IAM Policies
    • Hardening Azure and GCP Policies
    • Advanced IAM Features
    • CloudWars (Section 1): Public Cloud Security DevOps Challenges
    Topics

    The Multicloud Movement

    • Cloud Market Trends
    • Multicloud Considerations
    • Shadow Cloud Accounts

    Multicloud Security Assessment

    • MITRE ATT&CK Cloud Matrix
    • Lab Environment Introduction
    • HashiCorp Terraform Overview

    Identity and Access Management

    • Identities
    • Policies
    • Organization-Wide Controls
    • AWS IAM
    • Azure Active Directory
    • GCP IAM

    Cloud Credential Management

    • Cloud Instance Metadata APIs
    • Credential Management Postmortems (Case Studies)

    Application Vulnerability Overviews

    • Overly Permissive Permissions
    • Command Injection
    • Server-Side Request Forgery
    • Supply-Chain Attacks
  • Overview

    Section 2 covers how to lock down infrastructure within a virtual private network. As the public cloud IP address blocks are well known and default network security is often lax, millions of sensitive assets are unnecessarily accessible to the public Internet. This section will ensure that none of these assets belong to your organization.

    The section begins by demonstrating how ingress and egress traffic can be restricted within each provider. Students will analyze the damage that can be done without these controls by accessing a public-facing database and creating a reverse shell session in each environment. We will then eliminate both attack vectors with secure cloud configuration.

    In addition to introducing additional network defense-in-depth mechanisms, we will discuss cloud-based intrusion detection capabilities to address the network-based attacks we cannot eliminate. Students will analyze cloud traffic and search for indicators of compromise.

    Exercises
    • Network Lockdown
    • Analyzing Network Traffic
    • Private Endpoint Security
    • Cloud VPN and Managed SSH
    • CloudWars (Section 2): Public Cloud Security DevOps Challenges
    Topics

    Cloud Virtual Networks

    • Network Service Scanning
    • Default Network Configuration
    • Network Security Groups

    Network Traffic Analysis

    • Flow Logging
    • Traffic Mirroring

    Private Endpoints

    • AWS PrivateLink
    • Azure Private Link
    • GCP VPC Service Controls

    Advanced Remote Access

    • Managed SSH
    • Hybrid VPN Gateway
    • Session Manager
    • Azure Bastion
    • OS Login
    • Identity-Aware Proxy (IAP)

    Command and Control Servers

    • Reverse Shells
  • Overview

    The first half of Section 3 covers all topics related to encryption in the cloud. Students will learn about each provider's cryptographic key solution and how it can be used to encrypt data at rest. Students will also learn how in-transit encryption is performed throughout the cloud, such as the encryption between clients, load balancers, applications, and database servers.

    Proper encryption is not only critical for security; it is also an important legal and compliance consideration. This section will ensure that your organization has all of the information at its disposal to send the auditors packing.

    The second half of Section 3 covers storing data in the cloud, defense-in-depth mechanisms, access logging, filesystem persistence, and more.

    Exercises
    • Audit Decryption Events
    • Encrypt All The Things!
    • Storage Service Lockdown
    • Unauthorized File Sharing
    • CloudWars (Section 3): Public Cloud Security DevOps Challenges
    Topics

    Cloud Key Management

    • AWS KMS
    • Azure Key Vault
    • Google Cloud KMS

    Encryption with Cloud Services

    • Disk-Level Encryption
    • Record-Level Encryption
    • In-Transit Encryption

    Cloud Storage Platforms

    • Access Control
    • Audit Logs
    • Data Retention

    Data Exfiltration Paths

  • Overview

    This course section tackles the ever-changing trends in technology by providing in-depth coverage of a paradigm taking the industry by storm: Serverless. It balances the discussion of the challenges serverless introduces with the advantages it provides in securing product development and security operations.

    The first half of the section covers serverless cloud functions in AWS Lambda, Azure Functions, and Google Cloud Functions. After introspecting the serverless runtime environments using Serverless Prey (a popular open-source tool written by the course authors), students will examine and harden practical serverless functions in a real environment.

    The second half of the course section covers App Services, which often interplay with cloud functions. The section concludes with a detailed analysis of Firebase, an application platform with serverless offerings that has been loosely integrated with the Google Cloud Platform since its acquisition by Google in 2014.

    Exercises
    • Serverless Prey
    • Hardening Serverless Functions
    • App Service Security
    • Firebase Access Control
    • CloudWars (Section 4): Public Cloud Security DevOps Challenges
    Topics

    Cloud Serverless Functions

    • Security Advantages
    • Function as a Service Defense

    Persistence with Serverless

    App Services

    • AWS Elastic Beanstalk
    • Azure App Service
    • Google App Engine

    Firebase

    • Realtime Database
    • Cloud Firestore
    • Authentication
  • Overview

    The course concludes with practical guidance on how to operate an organization across multiple cloud accounts and providers. Many of the topics discussed in the earlier course sections are significantly complicated when moving from a single account to multiple accounts, as well as when the providers are integrated with each other. We begin by discussing how using multiple accounts and clouds changes Identity and Access Management (IAM).

    No discussion of secure user identity management would be complete without mentioning Single Sign-On (SSO). With it, members of an organization can use the same credential set to sign onto a variety of applications. When a member leaves the organization, an administrator can terminate their all of their access with a single command. The second half of Section 5 covers each cloud's native SSO solution, how AWS SSO is key for managing multiple AWS accounts, and each cloud's end-user identification service.

    We conclude by introducing tools and services that can be used to automate compliance checks against the benchmarks we have covered throughout the course. This includes open-source solutions as well as cloud-based security services. With these capabilities, an organization can take the lessons learned in SEC510 and apply them at scale.

    Exercises
    • Multi cloud Integration
    • Login with Azure AD
    • Automated Benchmarking
    • Lab Teardown
    • CloudWars (Section 5): Public Cloud Security DevOps Challenges
    Topics

    Multicloud Access Management

    Cloud Single Sign-On

    • AWS SSO
    • Microsoft Identity Platform and Azure AD
    • Google Cloud Identity

    End-User Identity Management

    • Amazon Cognito User Pools
    • Microsoft Identity Platform and Azure AD B2C
    • Google CICP and Firebase Authentication

    Automated Benchmarking

    • AWS Security Hub
    • Azure Security Center
    • GCP Security Command Center
    • Open-Source Solutions

    Summary

    Additional Resources

GIAC Public Cloud Security

The GPCS certification validates a practitioner's ability to secure the cloud in both public cloud and multi cloud environments. GPCS-certified professionals are familiar with the nuances of AWS, Azure, and GCP and have the skills needed to defend each of these platforms.

  • Evaluation and comparison of public cloud service providers
  • Auditing, hardening, and securing public cloud environments
  • Introduction to multi-cloud compliance and integration
More Certification Details

Prerequisites

Although SEC510 uses Terraform Infrastructure-as-Code to deploy and configure services in each cloud for the labs, students will not need in-depth knowledge of Terraform or need to understand any of the syntax used. However, students will be introduced at a high level to what this code accomplishes.

The following are courses or equivalent experiences that are prerequisites for SEC510:

For those looking to prepare ahead of time, check out the Terraform Getting Started Guide: https://learn.hashicorp.com/terraform/getting-started/install

This class requires a basic understanding of web application technology and concepts such as HTML and JavaScript. To maximize the benefit for a wider range of audiences, the discussions in this course will be programming language agnostic. Attendees should have some understanding of concepts like databases (SQL) and scripting languages used in modern web applications.

Laptop Requirements

Important! Bring your own system configured according to these instructions.

A properly configured system is required to fully participate in this course. If you do not carefully read and follow these instructions, you will not be able to fully participate in hands-on exercises in your course. Therefore, please arrive with a system meeting all of the specified requirements.

Back up your system before class. Better yet, use a system without any sensitive/critical data. SANS is not responsible for your system or data.

MANDATORY SEC510 SYSTEM HARDWARE REQUIREMENTS

  • CPU: 64-bit Intel i5/i7 (8th generation or newer), or AMD equivalent. A x64 bit, 2.0+ GHz or newer processor is mandatory for this class.
  • CRITICAL: Apple systems using the M1/M2 processor line cannot perform the necessary virtualization functionality and therefore cannot in any way be used for this course.
  • BIOS settings must be set to enable virtualization technology, such as "Intel-VTx" or "AMD-V" extensions. Be absolutely certain you can access your BIOS if it is password protected, in case changes are necessary.
  • 16GB of RAM or more is required.
  • 50GB of free storage space or more is required.
  • At least one available USB 3.0 Type-A port. A Type-C to Type-A adapter may be necessary for newer laptops. Some endpoint protection software prevents the use of USB devices, so test your system with a USB drive before class.
  • Wireless networking (802.11 standard) is required. There is no wired Internet access in the classroom.

Additional requirements for this course:

  • Students can complete the labs in this course using AWS, Azure, or GCP. Most labs can be performed with any provider, but we suggest completing them with all three providers to better understand how the services differ.
  • AWS Accounts: Live and Live Online students will be provided with an AWS account to use. OnDemand Students must create a new AWS account at https://aws.amazon.com.
  • Azure Accounts: Live, Live Online, and OnDemand students must create a new Azure account and paid subscription at https://azure.microsoft.com.
  • GCP Accounts: Live, Live Online, and OnDemand students must create a new GCP account at https://cloud.google.com.
  • The estimated cost to run labs with all three cloud providers is less than $5 per day when following the lab instructions.

MANDATORY SEC510 HOST CONFIGURATION AND SOFTWARE REQUIREMENTS

  • Your host operating system must be the latest version of Windows 10, Windows 11, or macOS 10.15.x or newer.
  • Fully update your host operating system prior to the class to ensure you have the right drivers and patches installed.
  • Linux hosts are not supported in the classroom due to their numerous variations. If you choose to use Linux as your host, you are solely responsible for configuring it to work with the course materials and/or VMs.
  • Local Administrator Access is required. (Yes, this is absolutely required. Don't let your IT team tell you otherwise.) If your company will not permit this access for the duration of the course, then you should make arrangements to bring a different laptop.
  • You should ensure that antivirus or endpoint protection software is disabled, fully removed, or that you have the administrative privileges to do so. Many of our courses require full administrative access to the operating system and these products can prevent you from accomplishing the labs.
  • Any filtering of egress traffic may prevent accomplishing the labs in your course. Firewalls should be disabled or you must have the administrative privileges to disable it.
  • Download and install VMware Workstation Pro 16.2.X+ or VMware Player 16.2.X+ (for Windows 10 hosts), VMware Workstation Pro 17.0.0+ or VMware Player 17.0.0+ (for Windows 11 hosts), or VMWare Fusion Pro 12.2+ or VMware Fusion Player 11.5+ (for macOS hosts) prior to class beginning. If you do not own a licensed copy of VMware Workstation Pro or VMware Fusion Pro, you can download a free 30-day trial copy from VMware. VMware will send you a time-limited serial number if you register for the trial at their website. Also note that VMware Workstation Player offers fewer features than VMware Workstation Pro. For those with Windows host systems, Workstation Pro is recommended for a more seamless student experience.
  • On Windows hosts, VMware products might not coexist with the Hyper-V hypervisor. For the best experience, ensure VMware can boot a virtual machine. This may require disabling Hyper-V. Instructions for disabling Hyper-V, Device Guard, and Credential Guard are contained in the setup documentation that accompanies your course materials.
  • Download and install 7-Zip (for Windows Hosts) or Keka (for macOS hosts). These tools are also included in your downloaded course materials.

Your course media is delivered via download. The media files for class can be large. Many are in the 40-50GB range, with some over 100GB. You need to allow plenty of time for the download to complete. Internet connections and speed vary greatly and are dependent on many different factors. Therefore, it is not possible to give an estimate of the length of time it will take to download your materials. Please start your course media downloads as soon as you get the link. You will need your course media immediately on the first day of class. Do not wait until the night before class to start downloading these files.

Your course materials include a "Setup Instructions" document that details important steps you must take before you travel to a live class event or start an online class. It may take 30 minutes or more to complete these instructions.

Your class uses an electronic workbook for its lab instructions. In this new environment, a second monitor and/or a tablet device can be useful for keeping class materials visible while you are working on your course's labs.

If you have additional questions about the laptop specifications, please contact laptop_prep@sans.org

Author Statement

The move to leveraging multiple public cloud providers introduces new challenges and opportunities for security and compliance professionals. As the service offering landscape is constantly evolving, it is far too easy to prescribe security solutions that are not accurate in all cases. While it is tempting to dismiss the multicloud movement or block it at the enterprise level, this will only make the problem harder to control.

Why do teams adopt additional cloud solutions in the first place? To make their jobs easier or more enjoyable. Developers are creating products that make money for the business, not for the central security team. If a team discovers a service offering that can help get its product to market quicker than the competition, it can and should use it. Security should embrace the inevitability of the multicloud movement and take on the hard work of implementing guardrails that enable the organization to move quickly and safely.

The multicloud storm is coming, whether you like it or not.

- Brandon Evans and Eric Johnson

Ways to Learn

  • OnDemand

Cybersecurity learning – at YOUR pace! OnDemand provides unlimited access to your training wherever, whenever. All labs, exercises, and live support from SANS subject matter experts included.

  • Live Online

The full SANS experience live at home! Get the ultimate in virtual, interactive SANS courses with leading SANS instructors via live stream. Following class, plan to kick back and enjoy a keynote from the couch.

  • In Person (5 days)

Did someone say ALL-ACCESS? On-site immersion via in-classroom course sessions led by world-class SANS instructors fill your day, while bonus receptions and workshops fill your evenings.

Who Should Attend SEC510?

Security analysts, security engineers, security researchers, cloud engineers, DevOps engineers, security auditors, system administrators, operations personnel, and anyone who is responsible for:

  • Evaluating and adopting new cloud offerings
  • Researching new vulnerabilities and developments in cloud security
  • Handling Identity and Access Management
  • Managing a cloud-based virtual network
  • Secure configuration management

NICE Framework Work Roles

  • Security Control Assessor (OPM 612)
  • Enterprise Architect (OPM 651)
  • Security Architect (OPM 652)
  • Research & Development Specialist (OPM 661)
  • Information Systems Security Developer (OPM 631)

"Yes, I would definitely recommend this course. I consider the security topics covered to be critical knowledge for companies that are hosting in the cloud. The course content has been very well put together, well researched, and is very applicable."

- Dan Van Wingerden, Radiology Partners

See prerequisites

Need to justify a training request to your manager?

Use this justification letter template to share the key details of this training and certification opportunity with your boss.

Download the Letter

Related Programs

DoDD 8140
DoDD 8140 (0)
See how this and other SANS Courses and GIAC Certifications align with the Department of Defense Directive 8140.

Reviews

He has been fantastic. No words. Brilliant! Such energy and wisdom.
Rav Goindi
GResearch
The course content has been very well put together, well researched, and is very applicable.
Dan Van Wingerden
Radiology Partners
Excellent depth and explanation of the different cloud environments.
Robert Jones
Educational Testing Services
Amazingly put together course. Very actionable material at each page turn.
Jordan N.
US Federal Government
It is amazing how the lab was able to talk to three live cloud providers at the same time. It was impressive.
Christopher Hearn
Harris County
    Africa/Abidjan
    Africa/Accra
    Africa/Addis Ababa
    Africa/Algiers
    Africa/Asmara
    Africa/Asmera
    Africa/Bamako
    Africa/Bangui
    Africa/Banjul
    Africa/Bissau
    Africa/Blantyre
    Africa/Brazzaville
    Africa/Bujumbura
    Africa/Cairo
    Africa/Casablanca
    Africa/Ceuta
    Africa/Conakry
    Africa/Dakar
    Africa/Dar es Salaam
    Africa/Djibouti
    Africa/Douala
    Africa/El Aaiun
    Africa/Freetown
    Africa/Gaborone
    Africa/Harare
    Africa/Johannesburg
    Africa/Juba
    Africa/Kampala
    Africa/Khartoum
    Africa/Kigali
    Africa/Kinshasa
    Africa/Lagos
    Africa/Libreville
    Africa/Lome
    Africa/Luanda
    Africa/Lubumbashi
    Africa/Lusaka
    Africa/Malabo
    Africa/Maputo
    Africa/Maseru
    Africa/Mbabane
    Africa/Mogadishu
    Africa/Monrovia
    Africa/Nairobi
    Africa/Ndjamena
    Africa/Niamey
    Africa/Nouakchott
    Africa/Ouagadougou
    Africa/Porto-Novo
    Africa/Sao Tome
    Africa/Timbuktu
    Africa/Tripoli
    Africa/Tunis
    Africa/Windhoek
    America/Adak
    America/Anchorage
    America/Anguilla
    America/Antigua
    America/Araguaina
    America/Argentina/Buenos Aires
    America/Argentina/Catamarca
    America/Argentina/ComodRivadavia
    America/Argentina/Cordoba
    America/Argentina/Jujuy
    America/Argentina/La Rioja
    America/Argentina/Mendoza
    America/Argentina/Rio Gallegos
    America/Argentina/Salta
    America/Argentina/San Juan
    America/Argentina/San Luis
    America/Argentina/Tucuman
    America/Argentina/Ushuaia
    America/Aruba
    America/Asuncion
    America/Atikokan
    America/Atka
    America/Bahia
    America/Bahia Banderas
    America/Barbados
    America/Belem
    America/Belize
    America/Blanc-Sablon
    America/Boa Vista
    America/Bogota
    America/Boise
    America/Buenos Aires
    America/Cambridge Bay
    America/Campo Grande
    America/Cancun
    America/Caracas
    America/Catamarca
    America/Cayenne
    America/Cayman
    America/Chicago
    America/Chihuahua
    America/Coral Harbour
    America/Cordoba
    America/Costa Rica
    America/Creston
    America/Cuiaba
    America/Curacao
    America/Danmarkshavn
    America/Dawson
    America/Dawson Creek
    America/Denver
    America/Detroit
    America/Dominica
    America/Edmonton
    America/Eirunepe
    America/El Salvador
    America/Ensenada
    America/Fort Nelson
    America/Fort Wayne
    America/Fortaleza
    America/Glace Bay
    America/Godthab
    America/Goose Bay
    America/Grand Turk
    America/Grenada
    America/Guadeloupe
    America/Guatemala
    America/Guayaquil
    America/Guyana
    America/Halifax
    America/Havana
    America/Hermosillo
    America/Indiana/Indianapolis
    America/Indiana/Knox
    America/Indiana/Marengo
    America/Indiana/Petersburg
    America/Indiana/Tell City
    America/Indiana/Vevay
    America/Indiana/Vincennes
    America/Indiana/Winamac
    America/Indianapolis
    America/Inuvik
    America/Iqaluit
    America/Jamaica
    America/Jujuy
    America/Juneau
    America/Kentucky/Louisville
    America/Kentucky/Monticello
    America/Knox IN
    America/Kralendijk
    America/La Paz
    America/Lima
    America/Los Angeles
    America/Louisville
    America/Lower Princes
    America/Maceio
    America/Managua
    America/Manaus
    America/Marigot
    America/Martinique
    America/Matamoros
    America/Mazatlan
    America/Mendoza
    America/Menominee
    America/Merida
    America/Metlakatla
    America/Mexico City
    America/Miquelon
    America/Moncton
    America/Monterrey
    America/Montevideo
    America/Montreal
    America/Montserrat
    America/Nassau
    America/New York
    America/Nipigon
    America/Nome
    America/Noronha
    America/North Dakota/Beulah
    America/North Dakota/Center
    America/North Dakota/New Salem
    America/Nuuk
    America/Ojinaga
    America/Panama
    America/Pangnirtung
    America/Paramaribo
    America/Phoenix
    America/Port-au-Prince
    America/Port of Spain
    America/Porto Acre
    America/Porto Velho
    America/Puerto Rico
    America/Punta Arenas
    America/Rainy River
    America/Rankin Inlet
    America/Recife
    America/Regina
    America/Resolute
    America/Rio Branco
    America/Rosario
    America/Santa Isabel
    America/Santarem
    America/Santiago
    America/Santo Domingo
    America/Sao Paulo
    America/Scoresbysund
    America/Shiprock
    America/Sitka
    America/St Barthelemy
    America/St Johns
    America/St Kitts
    America/St Lucia
    America/St Thomas
    America/St Vincent
    America/Swift Current
    America/Tegucigalpa
    America/Thule
    America/Thunder Bay
    America/Tijuana
    America/Toronto
    America/Tortola
    America/Vancouver
    America/Virgin
    America/Whitehorse
    America/Winnipeg
    America/Yakutat
    America/Yellowknife
    Antarctica/Casey
    Antarctica/Davis
    Antarctica/DumontDUrville
    Antarctica/Macquarie
    Antarctica/Mawson
    Antarctica/McMurdo
    Antarctica/Palmer
    Antarctica/Rothera
    Antarctica/South Pole
    Antarctica/Syowa
    Antarctica/Troll
    Antarctica/Vostok
    Arctic/Longyearbyen
    Asia/Aden
    Asia/Almaty
    Asia/Amman
    Asia/Anadyr
    Asia/Aqtau
    Asia/Aqtobe
    Asia/Ashgabat
    Asia/Ashkhabad
    Asia/Atyrau
    Asia/Baghdad
    Asia/Bahrain
    Asia/Baku
    Asia/Bangkok
    Asia/Barnaul
    Asia/Beirut
    Asia/Bishkek
    Asia/Brunei
    Asia/Calcutta
    Asia/Chita
    Asia/Choibalsan
    Asia/Chongqing
    Asia/Chungking
    Asia/Colombo
    Asia/Dacca
    Asia/Damascus
    Asia/Dhaka
    Asia/Dili
    Asia/Dubai
    Asia/Dushanbe
    Asia/Famagusta
    Asia/Gaza
    Asia/Harbin
    Asia/Hebron
    Asia/Ho Chi Minh
    Asia/Hong Kong
    Asia/Hovd
    Asia/Irkutsk
    Asia/Istanbul
    Asia/Jakarta
    Asia/Jayapura
    Asia/Jerusalem
    Asia/Kabul
    Asia/Kamchatka
    Asia/Karachi
    Asia/Kashgar
    Asia/Kathmandu
    Asia/Katmandu
    Asia/Khandyga
    Asia/Kolkata
    Asia/Krasnoyarsk
    Asia/Kuala Lumpur
    Asia/Kuching
    Asia/Kuwait
    Asia/Macao
    Asia/Macau
    Asia/Magadan
    Asia/Makassar
    Asia/Manila
    Asia/Muscat
    Asia/Nicosia
    Asia/Novokuznetsk
    Asia/Novosibirsk
    Asia/Omsk
    Asia/Oral
    Asia/Phnom Penh
    Asia/Pontianak
    Asia/Pyongyang
    Asia/Qatar
    Asia/Qostanay
    Asia/Qyzylorda
    Asia/Rangoon
    Asia/Riyadh
    Asia/Saigon
    Asia/Sakhalin
    Asia/Samarkand
    Asia/Seoul
    Asia/Shanghai
    Asia/Singapore
    Asia/Srednekolymsk
    Asia/Taipei
    Asia/Tashkent
    Asia/Tbilisi
    Asia/Tehran
    Asia/Tel Aviv
    Asia/Thimbu
    Asia/Thimphu
    Asia/Tokyo
    Asia/Tomsk
    Asia/Ujung Pandang
    Asia/Ulaanbaatar
    Asia/Ulan Bator
    Asia/Urumqi
    Asia/Ust-Nera
    Asia/Vientiane
    Asia/Vladivostok
    Asia/Yakutsk
    Asia/Yangon
    Asia/Yekaterinburg
    Asia/Yerevan
    Atlantic/Azores
    Atlantic/Bermuda
    Atlantic/Canary
    Atlantic/Cape Verde
    Atlantic/Faeroe
    Atlantic/Faroe
    Atlantic/Jan Mayen
    Atlantic/Madeira
    Atlantic/Reykjavik
    Atlantic/South Georgia
    Atlantic/St Helena
    Atlantic/Stanley
    Australia/ACT
    Australia/Adelaide
    Australia/Brisbane
    Australia/Broken Hill
    Australia/Canberra
    Australia/Currie
    Australia/Darwin
    Australia/Eucla
    Australia/Hobart
    Australia/LHI
    Australia/Lindeman
    Australia/Lord Howe
    Australia/Melbourne
    Australia/NSW
    Australia/North
    Australia/Perth
    Australia/Queensland
    Australia/South
    Australia/Sydney
    Australia/Tasmania
    Australia/Victoria
    Australia/West
    Australia/Yancowinna
    Brazil/Acre
    Brazil/DeNoronha
    Brazil/East
    Brazil/West
    CET
    CST6CDT
    Canada/Atlantic
    Canada/Central
    Canada/Eastern
    Canada/Mountain
    Canada/Newfoundland
    Canada/Pacific
    Canada/Saskatchewan
    Canada/Yukon
    Chile/Continental
    Chile/EasterIsland
    Cuba
    EET
    EST
    EST5EDT
    Egypt
    Eire
    Etc/GMT
    Etc/GMT+0
    Etc/GMT+1
    Etc/GMT+10
    Etc/GMT+11
    Etc/GMT+12
    Etc/GMT+2
    Etc/GMT+3
    Etc/GMT+4
    Etc/GMT+5
    Etc/GMT+6
    Etc/GMT+7
    Etc/GMT+8
    Etc/GMT+9
    Etc/GMT-0
    Etc/GMT-1
    Etc/GMT-10
    Etc/GMT-11
    Etc/GMT-12
    Etc/GMT-13
    Etc/GMT-14
    Etc/GMT-2
    Etc/GMT-3
    Etc/GMT-4
    Etc/GMT-5
    Etc/GMT-6
    Etc/GMT-7
    Etc/GMT-8
    Etc/GMT-9
    Etc/GMT0
    Etc/Greenwich
    Etc/UCT
    Etc/UTC
    Etc/Universal
    Etc/Zulu
    Europe/Amsterdam
    Europe/Andorra
    Europe/Astrakhan
    Europe/Athens
    Europe/Belfast
    Europe/Belgrade
    Europe/Berlin
    Europe/Bratislava
    Europe/Brussels
    Europe/Bucharest
    Europe/Budapest
    Europe/Busingen
    Europe/Chisinau
    Europe/Copenhagen
    Europe/Dublin
    Europe/Gibraltar
    Europe/Guernsey
    Europe/Helsinki
    Europe/Isle of Man
    Europe/Istanbul
    Europe/Jersey
    Europe/Kaliningrad
    Europe/Kiev
    Europe/Kirov
    Europe/Lisbon
    Europe/Ljubljana
    Europe/London
    Europe/Luxembourg
    Europe/Madrid
    Europe/Malta
    Europe/Mariehamn
    Europe/Minsk
    Europe/Monaco
    Europe/Moscow
    Europe/Nicosia
    Europe/Oslo
    Europe/Paris
    Europe/Podgorica
    Europe/Prague
    Europe/Riga
    Europe/Rome
    Europe/Samara
    Europe/San Marino
    Europe/Sarajevo
    Europe/Saratov
    Europe/Simferopol
    Europe/Skopje
    Europe/Sofia
    Europe/Stockholm
    Europe/Tallinn
    Europe/Tirane
    Europe/Tiraspol
    Europe/Ulyanovsk
    Europe/Uzhgorod
    Europe/Vaduz
    Europe/Vatican
    Europe/Vienna
    Europe/Vilnius
    Europe/Volgograd
    Europe/Warsaw
    Europe/Zagreb
    Europe/Zaporozhye
    Europe/Zurich
    GB
    GB-Eire
    GMT
    GMT+0
    GMT-0
    GMT0
    Greenwich
    HST
    Hongkong
    Iceland
    Indian/Antananarivo
    Indian/Chagos
    Indian/Christmas
    Indian/Cocos
    Indian/Comoro
    Indian/Kerguelen
    Indian/Mahe
    Indian/Maldives
    Indian/Mauritius
    Indian/Mayotte
    Indian/Reunion
    Iran
    Israel
    Jamaica
    Japan
    Kwajalein
    Libya
    MET
    MST
    MST7MDT
    Mexico/BajaNorte
    Mexico/BajaSur
    Mexico/General
    NZ
    NZ-CHAT
    Navajo
    PRC
    PST8PDT
    Pacific/Apia
    Pacific/Auckland
    Pacific/Bougainville
    Pacific/Chatham
    Pacific/Chuuk
    Pacific/Easter
    Pacific/Efate
    Pacific/Enderbury
    Pacific/Fakaofo
    Pacific/Fiji
    Pacific/Funafuti
    Pacific/Galapagos
    Pacific/Gambier
    Pacific/Guadalcanal
    Pacific/Guam
    Pacific/Honolulu
    Pacific/Johnston
    Pacific/Kiritimati
    Pacific/Kosrae
    Pacific/Kwajalein
    Pacific/Majuro
    Pacific/Marquesas
    Pacific/Midway
    Pacific/Nauru
    Pacific/Niue
    Pacific/Norfolk
    Pacific/Noumea
    Pacific/Pago Pago
    Pacific/Palau
    Pacific/Pitcairn
    Pacific/Pohnpei
    Pacific/Ponape
    Pacific/Port Moresby
    Pacific/Rarotonga
    Pacific/Saipan
    Pacific/Samoa
    Pacific/Tahiti
    Pacific/Tarawa
    Pacific/Tongatapu
    Pacific/Truk
    Pacific/Wake
    Pacific/Wallis
    Pacific/Yap
    Poland
    Portugal
    ROC
    ROK
    Singapore
    Turkey
    UCT
    US/Alaska
    US/Aleutian
    US/Arizona
    US/Central
    US/East-Indiana
    US/Eastern
    US/Hawaii
    US/Indiana-Starke
    US/Michigan
    US/Mountain
    US/Pacific
    US/Samoa
    UTC
    Universal
    W-SU
    WET
    Zulu
    Filters:
    Training Formats
          Location
          Dates

          Register for SEC510

          Loading...