About the course
Instructor: Greg Scheidel
SEC530: Defensible Security Architecture is designed to help students build and maintain a truly defensible security architecture. "The perimeter is dead" is a favorite saying in this age of mobile, cloud, and the Internet of Things, and we are indeed living in new a world of "de-perimeterization" where the old boundaries of "inside" and "outside" or "trusted" and "untrusted" no longer apply.
This changing landscape requires a change in mindset, as well as a repurposing of many devices. Where does it leave our classic perimeter devices such as firewalls? What are the ramifications of the "encrypt everything" mindset for devices such as Network Intrusion Detection Systems?
In this course, students will learn the fundamentals of up-to-date defensible security architecture. There will be a heavy focus on leveraging current infrastructure (and investment), including switches, routers, and firewalls. Students will learn how to reconfigure these devices to better prevent the threat landscape they face today. The course will also suggest newer technologies that will aid in building a robust security infrastructure.
While this is not a monitoring course, this course will dovetail nicely with continuous security monitoring, ensuring that security architecture not only supports prevention, but also provides the critical logs that can be fed into a Security Information and Event Management (SIEM) system in a Security Operations Center.
Hands-on labs will reinforce key points in the course and provide actionable skills that students will be able to leverage as soon as they return to work.
You Will Learn To:
Analyze a security architecture for deficiencies
Apply the principles learned in the course to design a defensible security architecture
Maximize the current investment by reconfiguring existing equipment to become more defensible
Configure computer systems and network components to support proper logging and continuous monitoring
Improve both preventive and detective capabilities
Improve the security of devices from layer 1 (physical) through layer 7 (application)
SEC530.1: Defensible Security Architecture
SEC530.2: Network Security Architecture
SEC530.3: Network-Centric Application Security Architecture
SEC530.4: Data-Centric Application Security Architecture
SEC530.5: Zero Trust Architecture: Addressing the Adversaries Already in Our Networks
SEC530.6: Hands-On Secure the Flag Challenge