Overview

SEC530: Defensible Security Architecture and Engineering is designed to help students establish and maintain a holistic and layered approach to security. Effective security requires a balance between detection, prevention, and response capabilities, but such a balance demands that controls be implemented on the network, directly on endpoints, and within cloud environments.

The strengths and weaknesses of one solution complement another solution through strategic placement, implementation, and fine-tuning. To address these issues, this course focuses on combining strategic concepts of infrastructure and tool placement while also diving into their technical application. We will discuss and identify what solutions are available and how to apply them successfully. Most importantly, we'll evaluate the strengths and weaknesses of various solutions and how to layer them cohesively to achieve defense-in-depth.

Learning Outcome

In this course, students will learn the fundamentals of up-to-date defensible security architecture and how to engineer it. There will be a heavy focus on leveraging current infrastructure (and investment), including switches, routers, and firewalls. Students will learn how to reconfigure these devices to significantly improve their organisations' prevention capabilities in the face of today's dynamic threat landscape.

The course will also delve into the latest technologies and their capabilities, strengths, and weaknesses. You will come away with recommendations and suggestions that will aid in building a robust security infrastructure. While this is not a monitoring course, it will dovetail nicely with continuous security monitoring, ensuring that security architecture not only supports prevention but also provides the critical logs that can be fed into a Security Information and Event Management (SIEM) system in a Security Operations Centre. Multiple hands-on labs conducted daily will reinforce key points in the course and provide actionable skills that students will be able to leverage as soon as they return to work.

Who should Attend?

  • Security Architects
  • Network Engineers
  • Network Architects
  • Security Analysts
  • Senior Security Engineers
  • System Administrators
  • Technical Security Managers
  • CND Analysts
  • Security Monitoring Specialists
  • Cyber Threat Investigators

Eligibility Criteria

  • Basic understanding of network protocols and devices
  • Experience with Linux from the command line
This course is endorsed under Critical Infocomm Technology Resource Programme Plus (CITREP+) Programme.
To find out more about CITREP+ Funding, please refer to Programme Support under CITREP+ page

Information is accurate as of 13 June 2020