Certification
CompTIA
Qualification level
CompTIA
Location
Live/Online
Study type
Distance learning
Duration
View Website
Price
View Website

About the course

In this Endpoint Security training course, you will learn how to control the admission, defence status, and configuration of all endpoints in your organisation, and gain the skills to better control access to intranet resources. You will learn to implement Network Access Control to prevent malware contamination from untrusted devices, optimise Data Loss Prevention (DLP) through host-based IDS/IPS and endpoint encryption, and prevent malware and botnet propagation utilising anti-malware and honeypot technology.

 

Key Features of this Endpoint Security Training:

  • After-course instructor coaching benefit
  • Learning Tree end-of-course exam included

You Will Learn How To:

  • Enforce security policies to protect sensitive data from internal and external threats
  • Deploy Network Access Control to prevent malware infestation
  • Implement Data Loss Prevention (DLP) through host-based IDS/IPS and endpoint encryption
  • Regulate USB devices and optimise anti-malware

 

Important Endpoint Security Course Information

Requirements

  • Knowledge at the level of:
    • System and Network Security Introduction Training • Course 468 or
    • CompTIA Security+ Certification Training • Course 446
  • Basic knowledge of TCP/IP, switches, or Active Directory

Software

  • This course has a multi-vendor approach, covering both network access and control of system configuration and health from several major vendors, including Cisco, McAfee, and Microsoft

 

Endpoint Security Course Outline

Introduction to Endpoint Security

Internal defences vs. perimeter defences

  • Defining a holistic security posture
  • Assessing threats from client–side and internal attacks
  • Shifting the paradigm from a fortress mentality

Establishing a secure internal architecture

  • Instituting a risk–based access control policy
  • Choosing guest access strategies
  • Regulating, monitoring and controlling network traffic

Establishing VLANs to Isolate Traffic

Developing a VLAN strategy

  • Determining the number and types of VLANs
  • Configuring VLAN trunking
  • Managing VLAN access centrally

Segregating and isolating traffic

  • Restricting access with port security
  • Setting up quarantine and guest VLANs
  • Managing port security violations

Implementing Network Access Control (NAC)

Installing a NAC server

  • Implementing and authenticating with EAP
  • Leveraging VLAN infrastructure

Securing access with 802.1X

  • Configuring authentication agents
  • Deploying certificates and RADIUS servers
  • Denying rogue devices

Establishing Policy Servers and Repositories

Implementing policy–based access control

  • Configuring system health requirements
  • Creating a Bring Your Own Devices (BYOD) policy

Managing patches and anti–malware updates

  • Establishing software repositories
  • Pushing OS and application patches to clients

Monitoring and enforcing endpoint security

  • Checking system health against policy
  • Validating pre– and post–connect profiles
  • Quarantining and remediating noncompliant devices

Managing Confidentiality for Data at Rest

Establishing an encryption policy

  • Handling mobile devices and removable media
  • Integrating encryption with Data Loss Prevention (DLP)

Implementing encryption

  • Leveraging PKI to generate corporate recovery keys
  • Enforcing full and partial disk encryption for endpoints

Preventing and Detecting Data Exfiltration

Developing a data loss strategy

  • Permitting required traffic and denying dangerous traffic
  • Configuring enterprise host firewalls
  • Regulating attached USB and portable devices

Monitoring and detecting data leakage

  • Preventing covert tunnels within DNS and HTTP(S) traffic
  • Preventing Personally Identifiable Information (PII) leaks
  • Identifying attempts to steal data

Implementing Anti–Malware Defences

Deploying anti–malware

  • Pushing defensive software to endpoints
  • Establishing internal anti–malware signature update servers
  • Managing mobile and remote users

Managing enterprise anti–malware configuration

  • Configuring scanning policies
  • Determining responses to infection alerts
  • Securing anti–malware configurations

Deploying host–based IDS/IPS

  • Monitoring host processes
  • Deciding amongst deployment options

Reporting and Compliance Checking

Responding to and mitigating attacks

  • Assessing incidence response strategies
  • Developing mitigation and containment strategies

Demonstrating organisational compliance

  • Generating reports for compliant and noncompliant systems
  • Complying with government regulations
  • Tracking policy effectiveness
  • Producing policy violation reports

 

Endpoint Security Training FAQs

What is endpoint security?

The purpose of endpoint security is to secure the various endpoints on a network and protect them.

What is network access control?

NAC is a security approach that enforces policy on devices that access networks to increase network visibility and reduce risk.

Can I learn endpoint security online?

Yes! We know your busy work schedule may prevent you from getting to one of our classrooms which is why we offer convenient online training to meet your needs wherever you want. This course is available in class and live online.

 

 

Contact the course provider: