Gain Top-Notch Cyber Security Skills at SANS Pittsburgh 2018. Save $200 thru 6/27.

SEC480: Top 4 Mitigation Strategies: Implementing & Auditing

Since I am fresh out of college this was a definite eye opener. This course was very valuable in that it gives a view of most tools available for auditing networks.

Ryan Awai, PricewaterhouseCoopers

Over the past three years, there has been an ever-increasing focus on preventing targeted cyber intrusions around the world. The Australian Signals Directorate (ASD) in Australia responded to the sharp increase in observed intrusion activity with the 'Strategies to Mitigate Targeted Cyber Intrusions'. This is a list of 35 strategies ranked in order of effectiveness that organisations can implement to reduce the likelihood of a successful targeted cyber intrusion.

There has been a significant push for public and private sector organisations to implement the 'Top 4 Mitigation Strategies' which are:

  1. Application Whitelisting;
  2. Patch Applications;
  3. Patch Operating System;
  4. Minimise Administrative Privileges.

The Cyber Security Operations Centre in ASD has stated that at least 85% of the cyber intrusions it responds to would be mitigated had agencies implemented these Top 4 strategies.

For security professionals, this course enables you to practically implement these strategies in in your existing network using a variety of technologies and methods.

For auditors, CIOs and risk officers this course is the best way to understand how to measure if the Top 4 mitigation strategies have been effectively implemented in an organisation.

After attending this hands-on course, individuals will be able to effectively implement and audit the Top 4 mitigation strategies in their own environments to achieve a significant level of security.

This course closely aligns with the ASD Top 4 mitigation strategies which can be found here:


You will learn:

  • Understand the techniques attackers use in targeted cyber intrusions
  • Learn the importance of the Top 4 mitigation strategies including their effectiveness
  • Gain a sound understanding of the strategies, their objectives and compliance requirements
  • Obtain practical experience installing, configuring and deploying technologies to implement the Top 4 Mitigation Strategies
  • Understand common implementation roadblocks and methods to overcome them
  • Learn implementation and business communication methods
  • Learn how to protect your systems from targeted cyber intrusions
  • Learn how to detect targeted cyber intrusions
  • Learn how to implement business processes which support the Top 4 mitigation strategies


Course Syllabus

Windows computer (or virtual machine running on another operating system)

  • Ethernet Port
  • VMware vSphere Client installed

If you have additional questions about the laptop specifications, please contact

*CPE/CMU credits not offered for the SelfStudy delivery method

0 Training Results
Sorry, this course is not currently available.