CURRICULUM: New2Cyber: Cybersecurity & IT Essentials SEC401: Security Essentials™ MAJOR UPDATE You Will Be Able To ▐ Analyze network traffic at the packet level—identifying protocols and recognizing indicators of compromise—using tools including tcpdump and Wireshark ▐ Design and evaluate network architecture for defensibility: VLANs, NAC, 802.1x, and Zero Trust principles applied to real organizational environments ▐ Implement and assess Identity and Access Management strategies, including multi-factor authentication, in both on-premises and cloud environments ▐ Build a network visibility map that defines your organization’s attack surface and informs a systematic approach to hardening and configuration management ▐ Apply a vulnerability management program that prioritizes by organizational risk—identifying, assessing, and addressing vulnerabilities before they are exploited Who Should Attend ▐ If you work in InfoSec as a practitioner, engineer, administrator, or analyst ▐ If you manage security teams or security budgets ▐ If you specialize in a specific security discipline: forensics, penetration testing, cloud security, incident response ▐ Anyone new to InfoSec ▐ If you are an IT professional—engineer, administrator, or supervisor NICE Framework Work Roles ▐ Security Control Assessor (OPM 612) ▐ Database Administrator (OPM 421) ▐ Data Analyst (OPM 422) ▐ Technical Support Specialist (OPM 411) ▐ Network Operations Specialist (OPM 441) ▐ System Administrator (OPM 451) ▐ Systems Security Analyst (OPM 461) ▐ Cyber Instructional Curriculum Developer (OPM 711) ▐ IT Investment/Portfolio Manager (OPM 804) ▐ Cyber Defense Analyst (OPM 511) ▐ Cyber Defense Infrastructure Support Specialist (OPM 521) Organizations are under constant threat—and not all of those threats will be stopped. The more important question is not whether an adversary will find a way in. It is how quickly you will find them once they do. The longer an adversary remains in your environment undetected, the greater the damage becomes. Timely detection and response are not aspirational goals. They are operational requirements. SEC401 is built around that reality. Across more than 30 information security topic areas—network security, cloud environments, identity management, cryptography, vulnerability management, endpoint hardening, and more—the course establishes the foundational knowledge that makes every subsequent security decision more informed, more defensible, and more effective. This is not specifically entry-level content. These are the load-bearing concepts of the discipline: the ones that, when missing, no amount of specialization fully compensates for. Business Takeaways ▐ Establish a security program built on defensible architecture principles—one that can be explained, justified, and measured at the organizational level ▐ Develop a vulnerability management approach that prioritizes by actual organizational risk ▐ Reduce organizational risk through systematic hardening and configuration management across every major platform: Windows, Linux, and macOS ▐ Articulate the connection between foundational security controls and the adversarial tactics they are designed to defeat—a capability that directly improves security investment decisions ▐ Return to work on day one with skills, frameworks, and tools that are immediately applicable to your organization’s specific security challenges Syllabus Summary SECTION 1: Network Security and Cloud Essentials SECTION 2: Defense in Depth SECTION 3: Vulnerability Management and Response SECTION 4: Data Security Technologies SECTION 5: Windows and Azure Security SECTION 6: Containers, Linux, and Mac Security 6 Day Program 46 CPEs 20 Labs GSEC Security Essentials giac.org/gsec CyberLive Bryan Simon Course Author For detailed course description, visit SANS.ORG/SEC401 WAYS TO TAKE SEC401 Live Online In-Person OnDemand DoD 8140* * sans.org/8140
