Skip to main content
Security Techniques in Security Management

Security Techniques in Security Management

$249.00
Your guarantee:
30-day money-back guarantee — no questions asked
Who trusts this:
Trusted by professionals in 160+ countries
Toolkit Included:
Includes a practical, ready-to-use toolkit containing implementation templates, worksheets, checklists, and decision-support materials used to accelerate real-world application and reduce setup time.
How you learn:
Self-paced • Lifetime updates
When you get access:
Course access is prepared after purchase and delivered via email
Adding to cart… The item has been added

This curriculum spans the design and operationalization of enterprise security controls across governance, identity, network, endpoint, cloud, and human risk domains, comparable in scope to a multi-phase security transformation program involving policy development, technology integration, and cross-functional process alignment.

Module 1: Security Governance and Risk Management Frameworks

  • Establishing a risk appetite statement aligned with executive leadership and board oversight requirements
  • Selecting and customizing a regulatory compliance framework (e.g., NIST CSF, ISO 27001) to match organizational maturity and industry obligations
  • Conducting third-party risk assessments for vendors with access to critical systems or data
  • Implementing a formal risk register with quantified likelihood and impact scoring for prioritization
  • Defining roles and responsibilities across RACI matrices for security policies and incident response
  • Reviewing and updating security policies annually with legal, compliance, and IT stakeholders

Module 2: Identity and Access Management (IAM) Architecture

  • Designing role-based access control (RBAC) structures that reflect organizational hierarchy and least privilege principles
  • Integrating multi-factor authentication (MFA) across cloud and on-premises applications with fallback mechanisms for break-glass accounts
  • Implementing just-in-time (JIT) access for privileged users using identity governance tools
  • Automating user provisioning and deprovisioning workflows across Active Directory, SaaS platforms, and HR systems
  • Enforcing periodic access reviews for high-privilege roles with documented attestation from managers
  • Migrating legacy shared accounts to individual accountable identities with session monitoring

Module 3: Network Security Infrastructure Design

  • Segmenting network zones using firewalls and VLANs to isolate critical assets (e.g., PCI, R&D)
  • Deploying next-generation firewalls with deep packet inspection and application-layer filtering rules
  • Configuring secure remote access via IPsec or SSL VPNs with endpoint compliance checks
  • Implementing netflow or packet capture systems for forensic network traffic analysis
  • Managing firewall rule lifecycle including change control, rule deprecation, and audit logging
  • Hardening perimeter DNS servers against cache poisoning and DDoS amplification attacks

Module 4: Endpoint Detection and Response (EDR) Operations

  • Selecting EDR agents based on OS coverage, telemetry depth, and resource consumption benchmarks
  • Creating custom detection rules for suspicious behaviors such as process injection or lateral movement
  • Responding to EDR alerts with live memory and disk acquisition for compromised hosts
  • Integrating EDR telemetry with SIEM for centralized correlation and case management
  • Managing agent deployment, patching, and rollback procedures across global endpoints
  • Conducting purple team exercises to validate EDR detection efficacy and reduce false positives

Module 5: Security Information and Event Management (SIEM) Configuration

  • Normalizing and parsing log sources from heterogeneous systems (firewalls, servers, cloud services)
  • Developing correlation rules to detect multi-stage attack patterns (e.g., failed logins followed by success)
  • Archiving raw logs in compliance with data retention policies and legal hold requirements
  • Optimizing SIEM performance by filtering low-value events and tuning data ingestion rates
  • Mapping MITRE ATT&CK techniques to detection rules for threat-informed monitoring
  • Granting tiered access to SIEM consoles with audit trails for analyst activity

Module 6: Cloud Security Posture and Workload Protection

  • Configuring cloud provider security services (e.g., AWS GuardDuty, Azure Security Center) with alerting to SOC
  • Enforcing Infrastructure-as-Code (IaC) scanning in CI/CD pipelines to prevent misconfigurations
  • Implementing workload protection platforms (CWP) for runtime threat detection in containers
  • Managing encryption keys for cloud storage using customer-managed key (CMK) services
  • Establishing secure cross-account access patterns using role chaining and boundary policies
  • Monitoring public cloud storage buckets and databases for unintended exposure via automated scanners

Module 7: Incident Response and Digital Forensics

  • Activating incident response playbooks based on incident classification (e.g., ransomware, data exfiltration)
  • Preserving volatile data from affected systems using forensically sound collection methods
  • Coordinating communication with legal, PR, and regulatory bodies during active incidents
  • Conducting root cause analysis using timeline reconstruction and artifact correlation
  • Engaging external forensic firms under legal privilege for breach investigations
  • Updating detection and prevention controls based on post-incident review findings

Module 8: Security Awareness and Insider Threat Programs

  • Designing phishing simulation campaigns with escalating complexity and targeted user groups
  • Developing role-specific training content for finance, HR, and executive staff
  • Deploying user and entity behavior analytics (UEBA) to detect anomalous data access patterns
  • Integrating DLP systems with email and cloud storage to prevent unauthorized data transfers
  • Establishing cross-functional review boards for investigating potential insider threats
  • Logging and reviewing privileged user activity, including database queries and file access
!