Advanced Security Essentials - Enterprise Defender

Advanced Security Essentials - Enterprise Defender

 

Laptop RequiredFree

Cyber Security Survival Course - Security Enterprise Defender
Cyber security continues to be a critical area for organizations and will continue to increase in importance as attacks become stealthier, have a greater financial impact on an organization, and cause reputational damage. While Security Essentials lays a solid foundation for the security practitioner, there is only so much that can be packed into a six-day course. Security 501 is a follow up to SEC401: SANS Security Essentials (with no overlap) and continues to focus on more technical areas that are needed to protect an organization. The core focus of the course is on:

• Prevention - configuring a system or network correctly
• Detection - identifying that a breach has occurred at the system or network level
• Reaction - responding to an incident and moving to evidence collection/forensics

A key theme is that prevention is ideal, but detection is a must. We need to be able to ensure that we constantly improve our security to prevent as many attacks as possible. This prevention/protection occurs on two fronts - externally and internally. Attacks will continue to pose a threat to an organization as data becomes more portable and networks continue to be porous. Therefore a key focus needs to be on data protection, securing our critical information no matter whether it resides on a server, in a robust network architecture, or on a portable device.
Despite an organization's best effort at preventing attacks and protecting their critical data, some attacks will still be successful. Therefore we need to be able to detect attacks in a timely fashion. This is accomplished by understanding the traffic that is flowing on your networks and looking for indication of an attack. It also includes performing penetration testing and vulnerability analysis against an organization to identify problems and issues before a compromise occurs.
Finally, once an attack is detected we must react to it in a timely fashion and perform forensics. By understanding how the attacker broke in, this can be fed back into more effective and robust preventive and detective measures, completing the security lifecycle.

If you want to be a technology and security leader, this is the course for you!
-Andrew Longsworth, Priscoll's

Author Statement

It is always a thrill after I finish teaching SEC401 to see students leave with a fire in their eyes and an excitement about them. They walked into class feeling overwhelmed that security is a lost cause, but now they leave class understanding what they need to do and have a focus and drive to do the right thing to secure their organizations. However the next question we receive on a constant basis is, what course should I take next? How do I continue my journey? Well, it depends on what your focus area is. Do you want to get more into perimeter protection, IDS, operating system security, etc? The challenge is that many students have positions that do not allow them to focus on one area — they need to understand all of the key areas across security. What students are telling us is that they want a Security Essentials part 2 or a 500-level continuation of Security Essentials covering the next level of technical knowledge. In Security 501, SANS has decided to give students just what they have been asking for, and I am beyond thrilled with the results. We have identified core foundation areas that compliment SEC401 with no overlap and continue to build a solid security foundation for network practitioners.

This is illustrated by one student who after a recent class ran up to me, gave me a big hug (he was a retired football player, so I did not argue), and said, "SANS is awesome. I have been frustrated in my job for over a year and had lost hope that you really could secure an organization and that anything I did made a difference. Just as my light of hope was burning out, I decided to take the Security Essentials course, figuring it was a lost cause. After this class the fire is burning brighter than it ever was. I feel like a kid again and cannot wait to go back to my company and make a difference. However, I think my boss is scared because I called him eight times throughout the week, telling him all of the great information and practical knowledge I learned."

After teaching thousands of students, I am confident you will have similar results and be just as excited. However, just for reference, hugs are optional.

- Eric Cole