Support

Elevate Your Expertise: Learn More, Save More, and Achieve More with Our Exclusive Training Deals!

Course Summary

This course provides defenders with the crucial knowledge, skills, and abilities required to effectively protect and monitor a modern hybrid enterprise. It covers key concepts like Defensible Security Architecture, Network Security Monitoring (NSM), Continuous Diagnostics and Mitigation (CDM), and Continuous Security Monitoring (CSM). These practices empower your organization or Security Operations Center (SOC) to detect threats and anomalies that may signal cybercriminal activity. The course applies these essential techniques to environments such as AWS, Azure, and on-premises systems.

Securing and monitoring a modern enterprise means addressing the challenges posed by multiple cloud providers, maintaining on-premises infrastructure, and managing remote workforces outside traditional security boundaries.

Security architecture and the role of Security Operations Centers (SOCs)
Network security architecture and monitoring techniques
Endpoint security, automation, and continuous monitoring strategies

Account & Privilege Monitoring & Authentication
You will learn how to effectively manage and control the privilege levels of accounts and applications.

Attack Techniques
You will develop the skills to distinguish between traditional and modern attack techniques.

Configuration Monitoring
You will become proficient in using tools and techniques to monitor configuration changes within your environment.

Cyber Defense Principles
You will gain a solid understanding of both traditional and modern cyber defense strategies.

Device Monitoring
You will learn how to monitor endpoints for potential security threats using a variety of tools and techniques.

Discovery and Vulnerability Scanning
You will gain expertise in the tools and techniques used for network and endpoint discovery, as well as vulnerability scanning.

Exploit Methodology and Analysis
You will learn how to analyze network traffic and apply exploit detection methods to rapidly identify intrusions.

HIDS/HIPS/Endpoint Firewalls
You will understand the functionality of host intrusion detection/prevention systems (HIDS/HIPS) and endpoint firewalls, as well as their role in continuous monitoring.

Network Data Encryption
You will learn how to detect encrypted intrusions by applying principles of exploit detection.

Network Security Monitoring Tools
You will become familiar with the various network monitoring tools used to enhance intrusion detection on your network.

NIDS/NIPS/NGFW
You will understand how network intrusion detection/prevention systems (NIDS/NIPS) and next-generation firewalls (NGFW) operate and their role in continuous monitoring.

Patching & Secure Baseline Configurations
You will learn how to apply configuration auditing and patching to enhance the resilience of your endpoints.

Perimeter Protection Devices
You will learn how to identify points of access into your network perimeter and the devices that can protect it.

Proxies & SIEM
You will gain an understanding of how proxies and security information and event managers (SIEMs) work, their capabilities, and how they contribute to continuous monitoring.

Security Architecture Overview
You will learn about traditional and modern security architecture frameworks, and how Security Operations Centers (SOCs) play a critical role.

Software Inventories and Application Control
You will learn the importance of maintaining software inventories and managing application allow and deny lists.

Threat-Informed Defense
You will learn to analyze adversary tactics and techniques, and how to use attack frameworks to defend against threats in both on-premise and cloud environments.

There are no formal prerequisites for this course. However, a basic understanding of network protocols and devices, as well as experience using Linux and Windows from the command line, is recommended.

proctored exam 82 questions 3 hours Minimum passing score of 74%

Following your booking, a confirmation message will be sent to all participants, ensuring you're well-informed of your successful enrollment. Calendar placeholders will also be dispatched to assist you in scheduling your commitments around the course. Rest assured, all course materials and access to necessary labs or platforms will be provided no later than one week before the course begins, allowing you ample time to prepare and engage fully with the learning experience ahead.

Our comprehensive training package includes all the necessary materials and resources to facilitate a full learning experience. Enrollees will be provided with detailed course content, encompassing a wide array of topics to ensure a thorough understanding of the subject matter. Additionally, participants will receive a certificate of completion to recognize their dedication and hard work. It's important to note that while the course fee covers all training materials and experiences, the examination fee for certification is not included but can be purchased separately.
Send as a Prefilled Cart
Request Custom Delivery

Questions About This Course?







    Other Popular Courses

    CompTIA: SecurityX
    • Duration: 5 Days
    • Language: English
    • Level: Advanced
    • Exam: CAS-005
    Course Details This product has multiple variants. The options may be chosen on the product page
    Dates & Details
    Executive Cyber Risk Certification (ECRC)
    • Duration: 2 Days
    • Language: English
    • Level: Advanced
    • Exam: ECRC
    Course Details This product has multiple variants. The options may be chosen on the product page
    Dates & Details
    Mastering Communication & Presentation Te...
    • Duration: 5 Days
    • Language: Danish
    • Level: Intermediate
    • Exam: MCPT
    Course Details This product has multiple variants. The options may be chosen on the product page
    Dates & Details