Defensive Security Policies
Setting policies to secure information within a modern enterprise is a growing challenge. At all levels of information, security requires planning, participation and hands-on skills. The landscape is evolving each day, requiring management and staff to work together from the same policy. Cybersecurity threats are a global epidemic and are growing increasingly sophisticated. In response, the cybersecurity community has developed a wide range of resources, methods and best practices to help today’s enterprises address the challenges. However, these tools demand a high level of understanding, training and practical skills to implement.
This course is designed to teach mid-level Cybersecurity practitioners how to engage all functional stages within the enterprise GPO, encryption, and user/directory permissions to deliver information system security using Microsoft Server 2019 pre and post active directory. This course will also engage the practitioner in Linux policy planning, implementation and management.
This course is intended for Cybersecurity practitioners holding either one of these certificates:
Objectives /Student Outcomes:
At the end of this course, students will be expected to:
- Assess the current enterprise landscape; plan appropriate GPO settings within the enterprise framework, understanding of threats, identify potential breach points for the status of common vulnerabilities and the likely consequences of security failures.
- Assess the roles of strategy and planning policies.
- Critique and assess the strengths and weakness of the cybersecurity models, including the AIC (Availability Integrity and Confidentiality) triad.
- Estimate the possible consequences of misleading enterprise strategy, security policies, and security plans.
- Create a custom GPO template and implement it to an OU (organizational units) within Windows 2019 active directory.
- Assess the difference between security groups and distribution groups within AD.
- Create a security group within Active Directory; assign and critique GPO settings to manage security group.
- Understand the difference between
the native Active Directory groups and what roles they play.
- Understand how users, groups and directory permissions work; Create users, and groups to implement access to directories.
- Understand how Linux password policies work.
- Configure password policy by implementing stringent password security measures on a Linux Server.
- Enforce password change policy
- Implement complex passwords on Linux
- Create users and groups
- Enforce role-based access controls.
- Create user account enforce account expiration
- Enforce the proper principle of least privilege with contractors and temporary workers/consultants.
- Understand how firewalld works, implement firewall policies and rules.
Certification earned upon passing:
CSPM+ - Certified Security Policy Manager Level 1
This is an online class, with training guides designed to work in SCI’s live cloud environment, allowing the student(s) to demonstrate practical hands-on experience. Students experience real world scenarios, which are delivered in an interactive, virtualized desktop training ecosystem. Starting with the vDesktop, students will have the ability to use software applications to configure and manage a multiple VM configuration. Each student will work in their own secure, isolated session to complete assignments.
Start Date: August 9th 6PM-8PM (access to instructor) Online class:
Week One online class 2 hours a day on Aug 9th and 11th
Week Two online class 2 hours a day on Aug 16th and Aug 18th
General Course Requirements On Premises:
- All students will be required to bring their own laptop for on prem classroom
- WIFI access capable
- Functional web browser for HTML5 access to online workshop
- Internet access outside of Security Centric Inc. premises.
Summer Academy Defensive Security Policies
- Product Code: Academy
- Availability: In Stock