• Online, Instructor-Led
  • Online, Self-Paced
  • Classroom
Course Description

This course will show you the most effective steps to prevent attacks and detect adversaries with actionable techniques that can be used as soon as you get back to work. You'll learn tips and tricks designed to help you win the battle against the wide range of cyber adversaries that want to harm your environment.

Is SEC401: Security Essentials Bootcamp Style the right course for you?

STOP and ask yourself the following questions:

  • Do you fully understand why some organizations become compromised and others do not?
  • If there were compromised systems on your network, are you confident that you would be able to find them?
  • Do you know the effectiveness of each security device and are you certain that they are all configured correctly?
  • Are proper security metrics set up and communicated to your executives to drive security decisions?

SEC401 provides you with the information security knowledge needed to help you answer these questions for your environment, delivered in a bootcamp-style format reinforced with hands-on labs.

You will learn:

  • To develop effective security metrics that provide a focused playbook that the IT department can implement, auditors can validate, and executives can understand
  • To analyze the risk to your environment in order to drive the creation of a security roadmap that focuses on the right areas of security
  • Practical tips and tricks that focus on addressing high-priority security problems within your organization and doing the right things that lead to security solutions that work
  • Why some organizations win and why some lose when it comes to security and, most importantly, how to be on the winning side
  • The core areas of security and how to create a security program that is anchored on a PREVENT-DETECT-RESPOND strategy.

LEARN TO BUILD A SECURITY ROADMAP THAT CAN SCALE TODAY AND INTO THE FUTURE

SEC401: Security Essentials Bootcamp Style is focused on providing you the essential information security skills and techniques you need to protect and secure your organization's critical information assets and business systems. The course will show you how to prevent your organization's security problems from becoming headline news in the Wall Street Journal!

PREVENTION IS IDEAL BUT DETECTION IS A MUST

With the rise in advanced persistent threats, it is almost inevitable that organizations will be targeted. Whether the attacker is successful in penetrating an organization's network depends on the effectiveness of the organization's defense. Defending against attacks is an ongoing challenge, with new threats emerging all of the time, including the next generation of threats. Organizations need to understand what really works in cybersecurity. What has worked, and will always work, is taking a risk-based approach to cyber defense. Before your organization spends a dollar of its IT budget or allocates any resources or time to anything in the name of cybersecurity, three questions must be answered:

  1. What is the risk?
  2. Is it the highest priority risk?
  3. What is the most cost-effective way to reduce the risk?

Security is all about making sure you focus on the right areas of defense. In SEC401 you will learn the language and underlying theory of computer and information security. You will gain the essential and effective security knowledge you will need if you are given the responsibility to secure systems and/or organizations. This course meets both of the key promises SANS makes to our students: (1) You will learn up-to-the-minute skills that you can put into practice immediately upon returning to work; and (2) You will be taught by the best security professionals in the industry.

Assessment Available

Test your security knowledge with our free SANS Security Essentials Assessment Test.

Learning Objectives

  • Apply what you learn directly to your job when you go back to work
  • Design and build a network architecture using VLANs, NAC, and 802.1x based on advanced persistent threat indicators of compromise
  • Run Windows command line tools to analyze the system looking for high-risk items
  • Run Linux command line tools (ps, ls, netstat, etc.) and basic scripting to automate the running of programs to perform continuous monitoring of various tools
  • Create an effective policy that can be enforced within an organization and design a checklist to validate security and create metrics to tie into training and awareness
  • Identify visible weaknesses of a system using various tools and, once vulnerabilities are discovered, configure the system to be more secure
  • Build a network visibility map that can be used for hardening of a network - validating the attack surface and covering ways to reduce that surface by hardening and patching
  • Sniff network communication protocols to determine the content of network communication (including unprotected access credentials), using tools such as tcpdump and Wireshark.

Framework Connections

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.