• Online, Self-Paced
Course Description

Applying security best practices to IT system creation and deployment can go a long way in reducing the attack surface. In this course, you will learn about the SDLC, penetration testing, how to mitigate threats, and the security frameworks on which these countermeasure are based.

Learning Objectives

Software Development Life Cycle

  • start the course
  • identify SDLC phases
  • apply secure coding practices
  • properly test technology solutions for security

Threat Countermeasures

  • reduce the attack surface of a network host
  • recognize the importance of keeping hardware and software up to date
  • apply patches properly to secure network hosts
  • set the correct access to file systems while adhering to the principle of least privilege
  • recognize the purpose of controlling network access with NAC
  • recognize the purpose of network segregation using VLANs
  • identify various conditions that control access to resources
  • recognize the purpose of intentionally creating vulnerable hosts to monitor malicious use
  • recognize the purpose of a jump box

Security Frameworks

  • explain how proper IT governance results in secured IT resources
  • recognize how regulatory compliance can influence security controls
  • apply NIST's Cybersecurity Framework to your digital assets
  • apply ISO security standards to harden your environment
  • recognize how the TOGAF enterprise IT architecture can increase efficiency of security controls
  • recognize how to assess risk and apply effective security controls to mitigate that risk
  • recognize how to apply ITIL to increase the efficiency of IT service delivery

Securing the Corporate Environment

  • identify physical security controls
  • identify logical security controls
  • configure router ACL rules to block ICMP traffic
  • identify administrative security controls
  • identify compensating security controls
  • recognize the importance of continuous monitoring
  • explain how firmware must be accredited before universal trust is established
  • identify factors related to conducting penetration tests

Practice: Hardening and Threat Mitigation

  • list categories of security controls and threat mitigations

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • All-Source Analysis
  • Cyber Defense Analysis
  • Cyber Defense Infrastructure Support
  • Cybersecurity Management
  • Exploitation Analysis
  • Systems Analysis
  • Systems Architecture
  • Vulnerability Assessment and Management