Lewati ke konten utama

Enterprise Security Fundamentals

About this course

This course is part of the Microsoft Professional Program in Cybersecurity.

According to the Wall Street Journal, "All IT Jobs Are Cybersecurity Jobs Now."

In this course, we examine the concept of Red team – Blue team security professionals. You will practice Red team versus Blue team exercises, where one group of security pros--the red team--attacks some part or parts of a company’s security infrastructure, and an opposing group--the blue team--defends against the attack. Both teams work to strengthen a company's defenses.

You'll learn how both the red and blue teams help the business attain a higher level of security, something the security industry is now calling the Purple team.

What you'll learn

After completing this course, students will be able to:

  • Describe the current enterprise security landscape
  • Define the Assume Compromise approach
  • Practice Red team versus Blue team exercises
  • Develop organizational security preparation, processes, and responses

Prerequisites

  • A understanding of the current cybersecurity ecosystem.

Course Syllabus

Module 1 Understanding the cybersecurity landscape

  • The current cybersecurity landscape
  • The evolution of attacks
  • Understanding "Assume Compromise"
  • Examples of compromises

Module 2 Red Team: Penetration, lateral movement, escalation, and exfiltration

  • Red Team versus Blue Team
  • Red Team kill chain
  • Beachhead
  • Lateral movement
  • Privileged escalation
  • Execution of attacker’s mission

Module 3 Blue Team: Detection, investigation, response, and mitigation

  • The Blue Team kill chain
  • Restricting privilege escalation
  • On-premises network security
  • Restrict lateral movement
  • Attack detection

Module 4

  • Organizational preparations
  • Processes
  • CIA Triad
  • Developing a strategic roadmap
  • Microsoft Security Response Center Exploitability Index

Meet the instructors

Orin Thomas

Orin Thomas

Microsoft Cloud/Datacenter Specialist. Author. Microsoft MVP & Regional Director.
Technical Raconteur. Microsoft

Orin Thomas is an MVP, a Microsoft Regional Director, an MCT, and has a string of Microsoft MCSE and MCITP certifications. He has written more than 3 dozen books for Microsoft Press on topics including Windows Server, Windows Client, Azure, System Center, Exchange Server, Security, and SQL Server. He is an author at PluralSight and is a candidate in the Doctor of Information Technology program at Charles Sturt University.

Enroll