Skip to main content

Enterprise Security Fundamentals


Cloudstreet
Enrollment in this course is by invitation only
×

About this course

According to the Wall Street Journal, "All IT Jobs Are Cybersecurity Jobs Now."

In this course, we examine the concept of Red team – Blue team security professionals. You will practice Red team versus Blue team exercises, where one group of security pros--the red team--attacks some part or parts of a company’s security infrastructure, and an opposing group--the blue team--defends against the attack. Both teams work to strengthen a company's defenses.

You'll learn how both the red and blue teams help the business attain a higher level of security, something the security industry is now calling the Purple team.

What you'll learn

After completing this course, students will be able to:

  • Describe the current enterprise security landscape
  • Define the Assume Compromise approach
  • Practice Red team versus Blue team exercises
  • Develop organizational security preparation, processes, and responses

Prerequisites

  • A understanding of the current cybersecurity ecosystem.

Course Syllabus

Module 1 Understanding the cybersecurity landscape

  • The current cybersecurity landscape
  • The evolution of attacks
  • Understanding "Assume Compromise"
  • Examples of compromises

Module 2 Red Team: Penetration, lateral movement, escalation, and exfiltration

  • Red Team versus Blue Team
  • Red Team kill chain
  • Beachhead
  • Lateral movement
  • Privileged escalation
  • Execution of attacker’s mission

Module 3 Blue Team: Detection, investigation, response, and mitigation

  • The Blue Team kill chain
  • Restricting privilege escalation
  • On-premises network security
  • Restrict lateral movement
  • Attack detection

Module 4

  • Organizational preparations
  • Processes
  • CIA Triad
  • Developing a strategic roadmap
  • Microsoft Security Response Center Exploitability Index

Meet the instructors

Orin Thomas

Orin Thomas

Microsoft Cloud/Datacenter Specialist. Author. Microsoft MVP & Regional Director.
Technical Raconteur. Microsoft

Orin Thomas is an MVP, a Microsoft Regional Director, an MCT, and has a string of Microsoft MCSE and MCITP certifications. He has written more than 3 dozen books for Microsoft Press on topics including Windows Server, Windows Client, Azure, System Center, Exchange Server, Security, and SQL Server. He is an author at PluralSight and is a candidate in the Doctor of Information Technology program at Charles Sturt University.

  1. Course Number

    INF246x
  2. Classes Start

  3. Classes End

  4. Estimated Effort

    Total 8 to 16 hours