Description

This training program teaches professionals about security workshop provides insight into security practices to optimize the security posture of an organization. The training program examines the concept of Red team and Blue team, red team attacks some parts of a company’s security infrastructure, and an opposing group, the blue team defends against the attack. Both teams work to strengthen the company’s defenses. Because the goal of two teams is to help the business attain a higher level of security, the security industry is calling this function, the Purple team.

This training program is part of a larger series of training program offered by Microsoft on the practice of Security. While it is not required that professionals have completed any of the other training programs in the Security Workshop series before taking this workshop, it is highly recommended that professionals start with this workshop in the series, Microsoft Security Workshop: Enterprise Security Fundamentals.

 

Radiant Teachlearning offers Microsoft Security Workshop: Enterprise Security Fundamentals Training Program in Classroom and Virtual instructor Led/Online mode.

 

Duration: 1 day

 

Learning Objectives

After accomplishing this training program, professionals will be able to:

  • Explain the current cybersecurity landscape
  • Explain the assume compromise philosophy
  • Identify attributes that contribute to cost of a breach
  • Distinguish between responsibilities of red teams as well as blue teams
  • Identify typical objectives of the cyber attackers
  • Explain a kill chain carried out by read teams
  • Explain the role, goals, and kill chain activities of the blue team in red team exercises
  • Explain the ways limiting how an attacker can compromise unprivileged accounts.
  • Explain the methods used to restrict lateral movement.
  • Explain how telemetry monitoring is used to detect attacks.
  • Describe the concept of Confidentiality, Integrity, and Availability (CIA) triad.
  • Explain the primary activities that should be included in organization preparations
  • Identify the main principles of developing and maintaining policies.

Pre-requisite

In addition to their professional experience, professionals who take this training should already have the following technical knowledge:

  • The current cyber-security ecosystem
  • Analysis of hacks on computers and networks
  • Basic Risk Management

 

Audience Profile

This 1-day workshop is intended for IT Professionals that require a deeper acknowledging of Windows Security that wish to increase their knowledge level. This training program also provides background in cyber-security prior to taking the other security training programs in this track.

Course Content

Lesson 1: Acknowledging the cyber-security landscape

In this lesson, professionals will learn about the current cybersecurity landscape and learn how adopting the assume compromise philosophy, professionals can professionals restrict an attacker’s ability to move laterally between information systems and to restrict their capability to escalate privileges within those systems. The current cyber security landscape is huge and likely impossible for any individual to comprehend in its entirety. There are, however, many aspects of that landscape to which those interested in basics of enterprise security should pay attention.

Lessons

  • Current Cyber-security Landscape
  • Assume Compromise Philosophy

After accomplishing this lesson, professionals will be able to:

  • Explain the current cybersecurity landscape.
  • Explain the Assume Compromise Philosophy.
  • Identify factors that contribute in cost of a breach.

 

Lesson 2: Red Team: Penetration, Lateral Movement, Escalation, and Exfiltration

Blue team vs red team exercises contain the simulation of an attack against an organization’s information system. The red team simulates and, in some cases, performs evidence of concept steps taken in the attack against the blue team’s organization’s IT systems. The blue team simulates a response to respective attack. This adversarial approach not only enable for the identification of the security vulnerabilities in the way that the organization’s IT systems are configured, but also enable members of the organization’s information systems staff to learn way to detect as well as respond to attacks. In this lesson professionals will learn the Practice Red team versus Blue team approach to detecting and responding to security threats.

Lessons

  • Red Team versus Blue Team Exercises
  • The Attackers Objective
  • Red Team Kill Chain

After accomplishing this lesson, professionals will be able to:

  • Difference between responsibilities of blue teams as well as red teams.
  • Identify typical objectives of cyber attackers.
  • Explain the kill chain carried out by the red teams.

 

Lesson 3: Blue Team Detection, Investigation, Response, and Mitigation

In this lesson professionals will learn about the Blue Team roles and goals in the attack exercises. Professionals will learn the structure of an attack against an objective (Kill Chain) and the ways limiting how an attacker can compromise unprivileged accounts. Professionals will also get to know about the methods utilized to restrict lateral movement that prevent attackers from utilizing a compromised system to attack other systems and how telemetry monitoring is utilized to detect attacks.

Lessons

  • The Blue Team
  • Blue Team Kill Chain
  • Restricting Privilege Escalation
  • Restrict Lateral Movement
  • Attack Detection

After accomplishing this lesson, professionals will be able to:

  • Explain the Blue Team rRole,  and Ggoals, and kill chain activities of the blue team  in the red team exercises.
  • Explain the structure of an attack against an objective (Kill Chain).
  • Explain the ways limiting how an attacker can compromise unprivileged accounts.
  • Explain the methods used to restrict lateral movement.
  • Explain how telemetry monitoring is used to detect attacks.

 

Lesson 4: Organizational Preparations

There are varies ongoing preparations that an organization can take to optimize their overall approach to information security. In this lesson, we will take a closer look at some of them. Professionals will learn about a conceptual model for thinking about the security of information and way to approach information security and to prepare properly including ensuring your organization has a deliberate approach to information security.

Lessons

  • CIA Triad
  • Organizational Preparations
  • Developing and Maintain Policies

Lab: Designing a Blue Team strategy

After accomplishing this lesson, professionals will be able to:

  • Describe the concept of Confidentiality, Integrity, and Availability (CIA) triad.
  • Explain the primary activities that should be included in organization preparations.
  • Identify the main principles of developing and maintaining policies.

After accomplishing this lab, professionals will be able to:

  • Design a high-level approach to mitigating threats
  • Recommend tools and methodology facilitating tracking down origins of cyberattacks
  • Provide high level steps of a recovery effort
  • Recommend methods of preventing cyberattacks
  • Explain regulatory challenges that result from malware exploits

FAQs

Q: Does Microsoft send security warnings?

 

A: In general, Microsoft does not send any kind of unsolicited email messages or make any unsolicited phone calls to request personal or financial information, or to provide technical support to fix computer of user. Any type of communication with Microsoft has to be mainly initiated by you. Error as well as warning messages from Microsoft never include a phone number.

 

Q: Why my antivirus is not working?


A: They have created viruses that are able to disable antivirus software on the machine or, if it sees that you are going to a web site to download an antivirus package then it will surely cause your computer to shut the internet off.

 

Q: How do I get rid of fake Microsoft security warning?

 

A: To remove the “Microsoft Security Alert” pop-ups, follow these steps:

  • Uninstall the malicious programs from Windows and for the removal of “Microsoft Security Alert” adware user have to use Malwarebytes.
  • Use HitmanPro to scan for malware and unwanted programs.

 

Q: What is Windows Security Microsoft edge?

 

A: Microsoft Edge is basically the browser which is created for its Windows 10 operating system and it has a tool which is called the Windows Defender SmartScreen and it is designed to thwart malicious websites, apps, downloads and various other files which target PCs. In the Windows Defender Security Center window, user have to select App and after that Browser Control.

 

Q: When the training would be conducted?

 

A: Once we receive your enrollment request, we will share the enrollment details with you to select and complete the enrollment process. 

You can always email us on the below email address (whichever applicable) to know the upcoming schedule for a specific technology training program. 

Individual:  training@radianttechlearning.com  

Corporate: Corporate@radiantechlearning.com 

 

Q: Will I get course completion certificate?

A: The course completion certification would be awarded to all the professionals, who have completed the training program and the project assignment given by your instructor. 

You can use the certificate in your future job interviews will surely help you to land in your dream job.

 

Q: What is the infrastructure required to attend your training program?

 

A: To attend the training session you should have an operational Desktops or Laptops with required specification along with good internet connection to access the labs. 

 

Q: What if I miss a class on a particular day?

 

A: We would always recommend you to attend the live session to practice & clarify the doubts instantly and get more value from your investment. However, if due to some contingency if you have to skip the class Radiant Techlearning would help you with the recorded session of that particular day.  However, those recorded sessions are not meant only for personal consumption and not for distribution or any commercial use.

 

Unble To Find a Batch..?

Request a Batch