Security Essentials Training Course with hands-on labs
Security Essentials Training Workshop is focused on teaching you the essential information security skills and techniques you need to protect and secure your organization’s critical information assets and business systems. Our Security Essentials Training Workshop will show you how to prevent your organization’s security problems from being headline news in the Wall Street Journal!
With the rise in advanced persistent threats, it is almost inevitable that organizations will be targeted. Whether the attacker is successful in penetrating an organization’s network depends on the effectiveness of the organization’s defense. Defending against attacks is an ongoing challenge, with new threats emerging all of the time, including the next generation of threats. Organizations need to understand what really works in cybersecurity. What has worked, and will always work, is taking a risk-based approach to cyber defense.
Duration: 5 days
Security Essentials Training - Customize It!
• We can adapt this Security Essentials Training course to your group’s background and work requirements at little to no added cost.
• If you are familiar with some aspects of this Security Essentials Training course, we can omit or shorten their discussion.
• We can adjust the emphasis placed on the various topics or build the Security Essentials Training course around the mix of technologies of interest to you (including technologies other than those included in this outline).
• If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the Security Essentials Training course in manner understandable to lay audiences.
Security Essentials Training - Audience / Target Group
Anyone who works in security, is interested in security, or has to understand security should take this course, including:
• Security professionals who want to fill the gaps in their understanding of technical information security
• Managers who want to understand information security beyond simple terminology and concepts
• Operations personnel who do not have security as their primary job function but need an understanding of security to be effective
• IT engineers and supervisors who need to know how to build a defensible network against attacks
• Administrators responsible for building and maintaining systems that are being targeted by attackers
• Forensic analysts, penetration testers, and auditors who need a solid foundation of security principles so they can be as effective as possible at their jobs
• Anyone new to information security with some background in information systems and networking.
Security Essentials Training - Class Prerequisites
• Security Essentials Training Bootcamp Style covers all of the core areas of security and assumes a basic understanding of technology, networks, and security. For those who are brand new to the field with no background knowledge, Intro to Information Security would be the recommended starting point. While Intro to Information Security is not a prerequisite, it will provide the introductory knowledge that will help maximize the experience with Security Essentials Training.
Security Essentials Training - Objectives:
This Security Essentials Training course meets both of the key promises ENO Institute makes to our students: (1) You will learn up-to-the-minute skills you can put into practice immediately upon returning to work; and (2) You will be taught by the best security instructors in the industry.
• Apply what you learned directly to your job when you go back to work
• Design and build a network architecture using VLANs, NAC, and 802.1x based on advanced persistent threat indicators of compromise
• Run Windows command line tools to analyze the system looking for high-risk items
• Run Linux command line tools (ps, ls, netstat, etc.) and basic scripting to automate the running of programs to perform continuous monitoring of various tools
• Install VMWare and create virtual machines to create a virtual lab to test and evaluate tools/security of systems
• Create an effective policy that can be enforced within an organization and design a checklist to validate security and create metrics to tie into training and awareness
• Identify visible weaknesses of a system using various tools and, once vulnerabilities are discovered, cover ways to configure the system to be more secure
• Build a network visibility map that can be used for hardening of a network – validating the attack surface and covering ways to reduce that surface by hardening and patching
• Sniff open protocols like telnet and ftp and determine the content, passwords, and vulnerabilities using WireShark.
Security Essentials Training - Course Content:
Network Security Essentials – Module Outline
Module 1: Defensible Network Architecture
Module 2: Virtualization and Cloud Security
Module 3: Network and Device Security
Module 4: Networking and Protocols
Module 5: Securing Wireless Networks
Module 6: Securing Web Communications
Defense-In-Depth and Attacks – Module Outline
Module 1: Defense-in-Depth
Module 2: Access Control & Password Management: Involves understanding understand the fundamental theory of access control
Module 3: Security Privacy
Module 4: Critical Security Controls
Module 5: Malicious Code and Exploit Mitigation
Module 6: Advanced Persistent Threat (APT)
Threat Management – Module Outline
Module 1: Vulnerability Scanning and Penetration Testing
Module 2: Network Security Devices
Module 3: Endpoint Security
Module 4: SIEM/Log Management
Module 5: Active Defense
Cryptography, Risk Management and Response – Module Outline
Module 1: Cryptography
Module 2: Cryptography Algorithms and Deployment
Module 3: Applying Cryptography
Module 4: Incident-Handling Foundations
Module 5: Contingency Planning – BCP/DRP
Module 6: Risk Management
Windows Security – Module Outline
Module 1: The Windows Security Infrastructure
Module 2: Service Packs, Hotfixes, and Backups:
Module 3: Windows Access Controls
Module 4: Enforcing Security Policy
Module 5: Securing Windows Network Services
Module 6: Automation, Auditing, and Forensics
Linux Security – Module Outline
Module 1: Linux Security: Structure, Permissions and Access
Module 2: Hardening and Securing Linux Services
Module 3: Monitoring and Attack Detection
Module 4: Security Utilities
Security Essentials Training Workshop course Wrap-Up