Overview

This course is designed to help students establish and maintain a holistic and layered approach to security. Effective security requires a balance between detection, prevention, and response capabilities, but such a balance demands that controls be implemented on the network, directly on endpoints, and within cloud environments. The strengths and weaknesses of one solution complement another solution through strategic placement, implementation, and fine-tuning. To address these issues, this course focuses on combining strategic concepts of infrastructure and tool placement while also diving into their technical application. We will discuss and identify what solutions are available and how to apply them successfully. Most importantly, we'll evaluate the strengths and weaknesses of various solutions and how to layer them cohesively to achieve defense-in-depth.

Learning Outcome

  • Analyze a security architecture for deficiencies
  • Implement technologies for enhanced prevention, detection, and response capabilities
  • Comprehend deficiencies in security solutions and understand how to tune and operate them
  • Apply the principles learned in the course to design a defensible security architecture
  • Determine appropriate security monitoring needs for organizations of all sizes
  • Maximize existing investment in security architecture by reconfiguring existing assets
  • Determine capabilities required to support continuous monitoring of key Critical Security Controls
  • Configure appropriate logging and monitoring to support a Security Operations Center and continuous monitoring program

Who should Attend?

  • Security Architects
  • Network Engineers
  • Network Architects
  • Security Analysts
  • Senior Security Engineers
  • System Administrators
  • Technical Security Managers
  • CND Analysts
  • Security Monitoring Specialists
  • Cyber Threat Investigators

Eligibility Criteria

  • Basic understanding of network protocols and devices
  • Experience with Linux from the command line
This course is endorsed under Critical Infocomm Technology Resource Programme Plus (CITREP+) Programme.
To find out more about CITREP+ Funding, please refer to Programme Support under CITREP+ page

Information is accurate as of 11 August 2020