Evaluating Your Organization’s Security Posture

سرفصل های دوره

This course will teach you about completing a holistic security evaluation, and how to shape it into a repeatable practice that helps raise the IT security posture for the whole company.

Exercise Files

evaluating-organizations-security-posture.zip

Module 01 - Course Overview

1. Course Overview

Module 02 - The Case for Evaluating Your Organizations Security

1. Overview

2. Practices of an Evaluation

3. Metrics and Measurements Primer

4. Introduction to the Scenario

5. Demo - Risk Assessment in Eramba

6. Summary

Module 03 - Planning and Organizing the Evaluation

1. Overview

2. Logical Areas of IT

3. New and Evolving Areas of IT

4. Basics of Planning and Organizing Your Evaluation

5. Demo - Building a Project Plan in Trello

6. The Info Gathering Cycle

7. Frameworks for Guiding Evaluations

8. Demo - Review the Top 20 CIS Controls in Eramba

9. Summary

Module 04 - Collecting Data and Conducting Interviews

1. Overview

2. Types of Evidence

3. Policies and Procedures

4. Tips and Tricks for Interviews

5. Maintaining Evidence Integrity

6. Demo - Generating a Hash with PowerShell

7. Summary

Module 05 - Evaluating Your Organizations Physical Security

01. Overview

02. Understanding Layers of Physical Security

03. Threats and Vulnerabilities

04. Outer Perimeter Controls and Countermeasures

05. Inner Perimeter Controls and Countermeasures

06. Locks, Badges, and CCTV

07. Work Center Security

08. Inventory and Vendor Management

09. Testing and Assessing Physical Controls

10. Summary

Module 06 - Evaluating the External Footprint

01. Overview

02. Why You Should Map Your External Footprint

03. The Process of Evaluating Your External Environment

04. Enumerating Subdomains & Demo

05. Email Addresses Are a Target

06. Evaluating Your Cloud Tenant

07. Assessing Web Apps

08. Assessing Bug Tracking & Release Cycles

09. Questions for Penetration Testing and Vulnerability Scanning

10. Considerations for SaaS

11. Demo - Finding Secrets in GitHub

12. Summary

Module 07 - Evaluating the Internal IT Security Posture

01. Overview

02. Assessing AD and Administrators

03. IT Services and Account Lifecycle

04. Investigating Email Security

05. Assessing NTP

06. Evaluating Log Practices

07. Digging into Fileshares

08. DNS Security Posture

09. Evaluating Networking

10. Vulnerability Management

11. All About Incident Response

12. Summary

Module 08 - Evaluating the Weakest Link - Social Engineering

1. Overview

2. Assessing Employee Security Training

3. Avenues of Social Engineering

4. Why to Focus Efforts on Phishing

5. Gophish Demo

6. Summary

Module 09 - Setting the Benchmark and the Concept of Iterative Evaluations

01. Overview

02. Creating Measurements and Metrics

03. Planning and Organizing Measures

04. Evidence Measures

05. Physical Measures

06. External Measures

07. Internal Measures

08. Social Engineering Measures

09. Dashboard Example

10. Summary

Module 10 - Wrapping the Security Evaluation

1. Completing the Evaluation

139,000 تومان

افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: PluralSight