About this course
According to the Wall Street Journal, "All IT Jobs Are Cybersecurity Jobs Now."
In this course, we examine the concept of Red team – Blue team security professionals. You will practice Red team versus Blue team exercises, where one group of security pros--the red team--attacks some part or parts of a company’s security infrastructure, and an opposing group--the blue team--defends against the attack. Both teams work to strengthen a company's defenses.
You'll learn how both the red and blue teams help the business attain a higher level of security, something the security industry is now calling the Purple team.
Please Note: Learners who successfully complete this course can earn a CloudSwyft digital certificate and skill badge - these are detailed, secure and blockchain authenticated credentials that profile the knowledge and skills you’ve acquired in this course.
What you'll learn
After completing this course, students will be able to:
- Describe the current enterprise security landscape
- Define the Assume Compromise approach
- Practice Red team versus Blue team exercises
- Develop organizational security preparation, processes, and responses
Prerequisites
- A understanding of the current cybersecurity ecosystem.
Course Syllabus
Module 1 Understanding the cybersecurity landscape
- The current cybersecurity landscape
- The evolution of attacks
- Understanding "Assume Compromise"
- Examples of compromises
Module 2 Red Team: Penetration, lateral movement, escalation, and exfiltration
- Red Team versus Blue Team
- Red Team kill chain
- Beachhead
- Lateral movement
- Privileged escalation
- Execution of attacker’s mission
Module 3 Blue Team: Detection, investigation, response, and mitigation
- The Blue Team kill chain
- Restricting privilege escalation
- On-premises network security
- Restrict lateral movement
- Attack detection
Module 4
- Organizational preparations
- Processes
- CIA Triad
- Developing a strategic roadmap
- Microsoft Security Response Center Exploitability Index
Meet the instructors
Orin Thomas
Microsoft Cloud/Datacenter Specialist. Author. Microsoft MVP & Regional Director.
Technical Raconteur.
Microsoft
Orin Thomas is an MVP, a Microsoft Regional Director, an MCT, and has a string of Microsoft MCSE and MCITP certifications. He has written more than 3 dozen books for Microsoft Press on topics including Windows Server, Windows Client, Azure, System Center, Exchange Server, Security, and SQL Server. He is an author at PluralSight and is a candidate in the Doctor of Information Technology program at Charles Sturt University.
