Talk With an Expert

SEC401: Security Essentials - Network, Endpoint, and Cloud

SEC401Cyber Defense
  • 6 Days (Instructor-Led)
  • 46 Hours (Self-Paced)
Course created by:
Bryan Simon
Bryan Simon
SEC401: Security Essentials - Network, Endpoint, and Cloud
Course created by:
Bryan Simon
Bryan Simon
  • GIAC Security Essentials (GSEC)
  • 46 CPEs

    Apply your credits to renew your certifications

  • In-Person, Virtual or Self-Paced

    Attend a live, instructor-led class at a location near you or remotely, or train on your time over 4 months

  • 20 Hands-On Lab(s)

    Apply what you learn with hands-on exercises and labs

Gain essential cybersecurity skills to quickly detect, respond to, and remediate threats. Learn how to protect critical information and technology assets, whether on-premises or in the cloud.

Course Overview

Information security is about focusing your defenses on the areas that matter most, particularly as they relate to the unique needs of your organization. In SEC401: Security Essentials - Network, Endpoint, and Cloud, you'll learn foundational knowledge in information security, focusing on network, endpoint, and cloud defenses tailored to organizational needs. The course covers detecting and responding to threats to secure systems effectively and minimize impact.

The SEC401 course teaches you the most effective steps to prevent attacks and detect adversaries, equipping you with actionable techniques you can immediately apply in your workplace. Through practical tips and insights, you'll be better prepared to win the ongoing battle against a broad range of cyber adversaries who seek to infiltrate your environment.

What You'll Learn

  • Develop a security program focused on detection, response, and prevention
  • Prioritize and address critical security concerns effectively
  • Strengthen defenses against ransomware and implement robust authentication (IAM, MFA)
  • Design networks using VLANs, NAC, and Zero Trust principles
  • Secure multi-cloud environments with best practices
  • Apply a strong vulnerability management strategy using tools like tcpdump and Wireshark
  • Leverage command-line tools, scripting, and network mapping for enhanced monitoring and risk management

Business Takeaways

  • How to address high-priority security concerns
  • Leverage security strengths and differences among the top cloud providers
  • Build a network visibility map to help validate attack surface
  • Reduce an organization's attack surface through hardening and configuration management

Course Syllabus

Explore the course syllabus below to view the full range of topics covered in SEC401: Security Essentials - Network, Endpoint, and Cloud.

Section 1 Network Security and Cloud Essentials

This section covers the need for a defensible network architecture, emphasizing timely threat detection, sensitive data protection, and understanding protocol vulnerabilities. It also explores cloud security, AI, and adversarial tactics, equipping students with foundational knowledge in network, cloud, AI, and wireless security.

Topics covered

  • Defensible Network Architecture
  • Protocols and Packet Analysis
  • Virtualization, Cloud, and AI Essentials
  • Securing Wireless Networks

Labs

  • Tcpdump
  • Wireshark
  • AWS VPC Flow Logs

Section 2Defense in Depth

This section addresses large-scale threats and defense-in-depth strategies, focusing on IAM, authentication, and password security as key components of cloud security. It covers frameworks like CIS, NIST, and MITRE ATT&CK® for network and data protection, and explores mobile device security, including BYOD and MDM.

Topics covered

  • Defense-in-depth
  • IAM, Authentication, and Password Security
  • Security Frameworks
  • Data Loss Prevention
  • Mobile Device Security

Labs

  • Password Auditing
  • Data Loss Prevention
  • Mobile Device Backup Recovery

Section 3Vulnerability Management and Response

This section covers identifying vulnerabilities and establishing a vulnerability assessment program, with a focus on modern attack methods and web application security. It also addresses detecting post-compromise actions through effective logging, followed by guidance on incident response planning.

Topics covered

  • Vulnerability Assessments
  • Penetration Testing
  • Attacks and Malicious Software
  • Web Application Security
  • Security Operations and Log Management

Labs

  • Network Discovery
  • Binary File Analysis and Characterization
  • Web App Exploitation
  • SIEM Log Analysis

Section 4Data Security Technologies

This section explores cryptography as a key security tool, covering essential concepts to protect organizational assets. It then examines prevention and detection technologies, like firewalls, intrusion prevention, and detection systems, focusing on their application at both network and endpoint levels.

Topics covered

  • Cryptography
  • Cryptography Algorithms and Deployment
  • Applying Cryptography
  • Network Security Devices
  • Endpoint Security

Labs

  • Hashing and Cryptographic Validation
  • Encryption and Decryption
  • Intrusion Detection and Network Security Monitoring with Snort3 and Zeek

Section 5Windows and Azure Security

This section covers the essentials of Windows security, addressing modern complexities like Active Directory, PKI, BitLocker, and endpoint security. It provides tools for streamlining and automating security tasks across both on-premises and Azure environments, equipping you with a strong foundation in Windows security, automation, and auditing.

Topics covered

  • Windows Security Infrastructure
  • Windows as a Service
  • Windows Access Controls
  • Enforcing Security Configurations
  • Microsoft Cloud Computing

Labs

  • Windows Process Exploration
  • Windows Filesystem Permissions
  • Applying Windows System Security Policies
  • Using PowerShell for Speed and Scale

Section 6Containers, Linux, and Mac Security

This section provides practical guidance on securing Linux systems, catering to both beginners and advanced administrators. It covers Linux security fundamentals, including containerization for cloud computing, and concludes with a review of macOS security, clarifying its capabilities and limitations within a UNIX-based environment.

Topics covered

  • Linux Fundamentals
  • Containerized Security
  • Linux Security Enhancements and Infrastructure
  • macOS Security

Labs

  • Linux Permissions
  • Linux Containers
  • Linux Logging and Auditing

Things You Need To Know

Relevant Job Roles

Technical Support Specialist (DCWF 411)

DoD 8140: Cyber IT

Delivers technical support to users, helping them resolve issues with client hardware/software according to organizational service processes.

Explore learning path

Systems Developer (DCWF 632)

DoD 8140: Cyber IT

Oversees full lifecycle of information systems from design through evaluation, ensuring alignment with functional and operational goals.

Explore learning path

System Testing and Evaluation Specialist (DCWF 671)

DoD 8140: Cyber IT

Plans and executes system tests, analyzing results to verify compliance with technical and operational requirements and expectations.

Explore learning path

Enterprise Architect (DCWF 651)

DoD 8140: Cyber IT

Develops business and IT process architectures, creating baseline and target architectures to meet mission or enterprise goals.

Explore learning path

IT Project Manager (DCWF 802)

DoD 8140: Cyber Enablers

Leads IT project management to deliver services or products, ensuring milestones, budgets, and mission alignment are successfully achieved.

Explore learning path

Systems Requirements Planner (DCWF 641)

DoD 8140: Cyber IT

Translates functional needs into technical solutions by consulting with customers and developing system architectures and requirements.

Explore learning path

Course Schedule & Pricing

Looking for Group Purchase Options?Contact Us
Filter by:
  • Location & instructor

    Virtual (OnDemand)

    Instructed by Bryan Simon
    Date & Time
    OnDemand (Anytime)Self-Paced, 4 months access
    Course price
    $8,780 USD*Prices exclude applicable local taxes
    Registration Options
  • Location & instructor

    Amsterdam, NL & Virtual (live)

    Instructed by Nick Mitropoulos
    Date & Time
    Fetching schedule..View event details
    Course price
    €8,230 EUR*Prices exclude applicable local taxes
    Registration Options
  • Location & instructor

    Anaheim, CA, US & Virtual (live)

    Instructed by Tim Garcia
    Date & Time
    Fetching schedule..View event details
    Course price
    $8,780 USD*Prices exclude applicable local taxes
    Registration Options
  • Location & instructor

    London, GB & Virtual (live)

    Instructed by Ian Reynolds
    Date & Time
    Fetching schedule..View event details
    Course price
    £7,160 GBP*Prices exclude applicable taxes | EUR price available during checkout
    Registration Options
  • Location & instructor

    San Antonio, TX, US & Virtual (live)

    Instructed by Tim Garcia
    Date & Time
    Fetching schedule..View event details
    Course price
    $8,780 USD*Prices exclude applicable local taxes
    Registration Options
  • Location & instructor

    Boston, MA, US & Virtual (live)

    Instructed by Ted Demopoulos
    Date & Time
    Fetching schedule..View event details
    Course price
    $8,780 USD*Prices exclude applicable local taxes
    Registration Options
  • Location & instructor

    Virginia Beach, VA, US & Virtual (live)

    Instructed by Ross Bergman
    Date & Time
    Fetching schedule..View event details
    Course price
    $8,780 USD*Prices exclude applicable local taxes
    Registration Options
  • Location & instructor

    Amsterdam, NL & Virtual (live)

    Instructed by Ian Reynolds
    Date & Time
    Fetching schedule..View event details
    Course price
    €8,230 EUR*Prices exclude applicable local taxes
    Registration Options
Showing 8 of 35

Benefits of Learning with SANS

Instructor teaching to a class

Get feedback from the world’s best cybersecurity experts and instructors

OnDemand Mobile App

Choose how you want to learn - online, on demand, or at our live in-person training events

Resources

Get access to our range of industry-leading courses and resources