About the course
In this Endpoint Security training course, you will learn how to control the admission, defence status, and configuration of all endpoints in your organisation, and gain the skills to better control access to intranet resources. You will learn to implement Network Access Control to prevent malware contamination from untrusted devices, optimise Data Loss Prevention (DLP) through host-based IDS/IPS and endpoint encryption, and prevent malware and botnet propagation utilising anti-malware and honeypot technology.
Key Features of this Endpoint Security Training:
- After-course instructor coaching benefit
- Learning Tree end-of-course exam included
You Will Learn How To:
- Enforce security policies to protect sensitive data from internal and external threats
- Deploy Network Access Control to prevent malware infestation
- Implement Data Loss Prevention (DLP) through host-based IDS/IPS and endpoint encryption
- Regulate USB devices and optimise anti-malware
Important Endpoint Security Course Information
Requirements
- Knowledge at the level of:
- System and Network Security Introduction Training • Course 468 or
- CompTIA Security+ Certification Training • Course 446
- Basic knowledge of TCP/IP, switches, or Active Directory
Software
- This course has a multi-vendor approach, covering both network access and control of system configuration and health from several major vendors, including Cisco, McAfee, and Microsoft
Endpoint Security Course Outline
Introduction to Endpoint Security
Internal defences vs. perimeter defences
- Defining a holistic security posture
- Assessing threats from client–side and internal attacks
- Shifting the paradigm from a fortress mentality
Establishing a secure internal architecture
- Instituting a risk–based access control policy
- Choosing guest access strategies
- Regulating, monitoring and controlling network traffic
Establishing VLANs to Isolate Traffic
Developing a VLAN strategy
- Determining the number and types of VLANs
- Configuring VLAN trunking
- Managing VLAN access centrally
Segregating and isolating traffic
- Restricting access with port security
- Setting up quarantine and guest VLANs
- Managing port security violations
Implementing Network Access Control (NAC)
Installing a NAC server
- Implementing and authenticating with EAP
- Leveraging VLAN infrastructure
Securing access with 802.1X
- Configuring authentication agents
- Deploying certificates and RADIUS servers
- Denying rogue devices
Establishing Policy Servers and Repositories
Implementing policy–based access control
- Configuring system health requirements
- Creating a Bring Your Own Devices (BYOD) policy
Managing patches and anti–malware updates
- Establishing software repositories
- Pushing OS and application patches to clients
Monitoring and enforcing endpoint security
- Checking system health against policy
- Validating pre– and post–connect profiles
- Quarantining and remediating noncompliant devices
Managing Confidentiality for Data at Rest
Establishing an encryption policy
- Handling mobile devices and removable media
- Integrating encryption with Data Loss Prevention (DLP)
Implementing encryption
- Leveraging PKI to generate corporate recovery keys
- Enforcing full and partial disk encryption for endpoints
Preventing and Detecting Data Exfiltration
Developing a data loss strategy
- Permitting required traffic and denying dangerous traffic
- Configuring enterprise host firewalls
- Regulating attached USB and portable devices
Monitoring and detecting data leakage
- Preventing covert tunnels within DNS and HTTP(S) traffic
- Preventing Personally Identifiable Information (PII) leaks
- Identifying attempts to steal data
Implementing Anti–Malware Defences
Deploying anti–malware
- Pushing defensive software to endpoints
- Establishing internal anti–malware signature update servers
- Managing mobile and remote users
Managing enterprise anti–malware configuration
- Configuring scanning policies
- Determining responses to infection alerts
- Securing anti–malware configurations
Deploying host–based IDS/IPS
- Monitoring host processes
- Deciding amongst deployment options
Reporting and Compliance Checking
Responding to and mitigating attacks
- Assessing incidence response strategies
- Developing mitigation and containment strategies
Demonstrating organisational compliance
- Generating reports for compliant and noncompliant systems
- Complying with government regulations
- Tracking policy effectiveness
- Producing policy violation reports
Endpoint Security Training FAQs
What is endpoint security?
The purpose of endpoint security is to secure the various endpoints on a network and protect them.
What is network access control?
NAC is a security approach that enforces policy on devices that access networks to increase network visibility and reduce risk.
Can I learn endpoint security online?
Yes! We know your busy work schedule may prevent you from getting to one of our classrooms which is why we offer convenient online training to meet your needs wherever you want. This course is available in class and live online.