Training
Featured CourseView All Courses

SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

SEC595Cyber Defense, Artificial Intelligence
SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals
View course detailsRegister
Get a Free Hour of SANS Training

Experience SANS training through course previews.

Learn More
Learning Paths
FeaturedView all Focus Areas
NEW - AI Security Training
Can't find what you are looking for?

Let us help.

Contact us
Free Resources

SANS Community Benefits

Connect, learn, and share with other cybersecurity professionals

AI Risk & Readiness

Explore expert-driven guidance, training, and tools to help defend against AI-powered threats and adopt AI securely.

Join the SANS Community

Become a member for instant access to our free resources.

Sign Up
For Organizations

Public Sector

Mission-focused cybersecurity training for government, defense, and education

Partnerships

Explore industry-specific programming and customized training solutions

Sponsorship Opportunities

Sponsor a SANS event or research paper

Interested in developing a training plan to fit your organization’s needs?

We're here to help.

Contact Us
Talk With an Expert
Talk With an Expert
Major updates

SEC301: Introduction to Cyber Security

SEC301Cyber Defense
  • 5 Days (Instructor-Led)
  • 30 Hours (Self-Paced)
Course authored by:
Rich Greene
Rich Greene
Register NowCourse Preview
SEC673: Advanced Information Security Automation with Python
Course authored by:
Rich Greene
Rich Greene
Register NowCourse Preview
  • GIAC Information Security Fundamentals (GISF)

    Learn about certification

  • 30 CPEs

    Apply your credits to renew your certifications

  • In-Person, Virtual or Self-Paced

    Attend a live, instructor-led class at a location near you or remotely, or train on your time over 4 months

  • Beginner Level

    Course content applicable to people with limited or no cyber security experience

  • 14 Hands-On Lab(s)

    Apply what you learn with hands-on exercises and labs

Jump to:

SEC301 introduces cybersecurity fundamentals for non-technical professionals, empowering them to understand risks, terminology, and best practices to support security in any role.

Featured Quote

It's a very good course if you need the basic foundation. It's a very helpful class to take because it expands on some basic concepts.
Shruti IyerDCS Corporation

Course Overview

This course is designed for cyber-adjacent professionals, managers, HR, legal, auditors, and other non-technical roles who need a strong foundation in cybersecurity fundamentals. Through engaging instruction and relatable examples, this course builds confidence in key areas like threats, risks, defenses, and cyber hygiene. Whether you're supporting a security team, shaping policy, or guiding business decisions, SEC301 helps you understand the language of cybersecurity and your role in protecting the organization. No technical experience required just curiosity and a desire to be cyber smart.

This course also prepares you to earn the GISF certification (GIAC Information Security Fundamentals), a globally respected credential that validates your understanding of essential cybersecurity concepts.

What You’ll Learn

  • Explain cybersecurity fundamentals using clear, business-ready language.
  • Identify common threat types and the vulnerabilities they exploit.
  • Understand how cryptography, authentication, and access control establish digital trust.
  • Describe how networks, data flows, and Zero Trust principles reduce risk.
  • Recognize how malware, phishing, and social engineering attacks operate—and how to disrupt them.
  • Connect frameworks such as NIST CSF, CIS Controls, and MITRE ATT&CK/D3FEND to practical defense strategies.
  • See how cloud, IoT, and AI reshape both opportunities and risk.
  • Collaborate confidently with technical teams on security policies and incident response.

Business Takeaways

  • Speak the language of cybersecurity—bridging the gap between technical and business teams.
  • Identify and communicate risk clearly in terms of impact, accountability, and resilience.
  • Support compliance and governance efforts with an informed understanding of frameworks and controls.
  • Strengthen organizational security culture by promoting awareness and shared responsibility.
  • Contribute to strategy and decision-making with confidence rooted in understanding, not fear.
  • Empower others—becoming the person in the room who can translate cybersecurity into action.

Meet Your Author

Rich Greene
Rich Greene

Rich Greene

Certified Instructor

Rich Greene, SANS Senior Solutions Engineer and SEC301 author, brings 20+ years of cyber operations and teaching experience to the classroom. With 15+ GIAC certifications and a passion for mentorship, he equips defenders with real-world confidence and skill.

Read more about Rich Greene

Course Syllabus

Explore the course syllabus below to view the full range of topics covered in SEC301: Introduction to Cyber Security.

Section 1Cybersecurity Foundations

Begin with the essentials that make cybersecurity practical. Learn how threats become risk, why availability can be life-critical, and how trust grows from clear process and communication. Each lab brings concepts to life so you can explain, choose, and apply controls with confidence.

Labs

  • The Risk Equation in Action
  • The Missing Patch
  • To Report or Not?
  • Frameworks in the Wild
  • Evidence Trail

Section 2Building Digital Trust: Cryptography, Identity, and Access

Build the foundations of digital trust with the core ideas behind encryption, identity, and access. Learn how math protects data, how certificates prove who’s who, and how authentication and authorization shape accountability. Each lab turns complex concepts into clear steps you can use with confidence.

Labs

  • Secrets, Salts, and the Trust Equation
  • Keys to the Kingdom: Proving Identity
  • Lock, Stock, and Certificate
  • Who Are You? The AAA of Digital Identity
  • The Passwordless Pivot

Section 3Understanding Networks and Data in Motion

Explore how data travels and what it reveals along the way. You’ll break down layers, packets, routing, and DNS, then see how firewalls and segmentation shape trust. Each lab turns network theory into clear understanding so you can follow data in motion and make smarter defense decisions grounded in visibility.

Labs

  • Ports and Protocols
  • HopbyHop
  • DNS Detective
  • Encrypted, Not Invisible
  • Zero Trust, Zero Assumptions

Section 4Modern Attack Tactics: From Phishing to AI-Powered Threats

Step into the attacker’s mindset to understand how threats evolve. Section 4 explores phishing, credential abuse, wireless compromise, malware behavior, and AI-driven campaigns. Labs help you trace attacker choices, map tactics to ATT&CK and D3FEND, and build defenses that break the chain of compromise.

Labs

  • The Many Doors In
  • Rogue Signal
  • Name That Malware
  • The AI Arms Race: Who’s Winning?
  • ATT&CK & D3FEND

Section 5Cybersecurity Technologies and Web Security

Section 5 ties the course together with the tools, teams, and web risks that shape real security. You’ll break down common web flaws, see how SOC technologies work in practice, and explore cloud, IoT, and AI-driven defense. Each lab shows how people and systems combine to protect data, safety, and trust.

Labs

  • The Web We Built: Layers of Trust
  • Inside the Glass Box
  • The Cloud Breach That Wasn’t
  • The Factory Floor Goes Dark
  • Human + Machine

Things You Need To Know

Relevant Job Roles

Systems Security Analyst (DCWF 461)

DoD 8140: Software Engineering

Ensures systems and software security from development to maintenance by analyzing and improving security across all lifecycle phases.

Explore learning path

Systems Developer (DCWF 632)

DoD 8140: Cyber IT

Oversees full lifecycle of information systems from design through evaluation, ensuring alignment with functional and operational goals.

Explore learning path

IT Investment/Portfolio Manager (DCWF 804)

DoD 8140: Cyber Enablers

Oversees a portfolio of IT capabilities aligned to enterprise goals, prioritizing needs, solutions, and value delivery to the organization.

Explore learning path

Systems Authorization (OPM 611)

NICE: Oversight and Governance

Responsible for operating an information system at an acceptable level of risk to organizational operations, organizational assets, individuals, other organizations, and the nation.

Explore learning path

Communications Security (COMSEC) Management (OPM 723)

NICE: Oversight and Governance

Responsible for managing the Communications Security (COMSEC) resources of an organization.

Explore learning path

Product Support Manager (DCWF 803)

DoD 8140: Cyber Enablers

Manages support resources and readiness for system components, ensuring operational capability through lifecycle logistics and maintenance.

Explore learning path

Security Architect (DCWF 652)

DoD 8140: Cybersecurity

Designs secure enterprise systems considering environmental constraints and translates them into enforceable security processes and protocols.

Explore learning path

Cybersecurity Instruction (OPM 712)

NICE: Oversight and Governance

Responsible for developing and conducting cybersecurity awareness, training, or education.

Explore learning path

Course Schedule & Pricing

Looking for Group Purchase Options?Contact Us

GIAC Certification Attempt

Add a GIAC certification attempt and receive free two practice tests. View pricing in the info icons below.

OnDemand Course Access

When purchasing a live instructor-led class, add an additional 4 months of online access after your course. View pricing in the info icons below.

Showing 10 of 19

Learn Alongside Leading Cybersecurity Professionals From Around The World

  • Slide 1 of 4
    SEC301 was my first SANS course, and I was not disappointed! Keith was exceptional in presenting this information in a clear and concise manner. He took the time to really explain concepts and challenged us to think things through. I learned a great deal and look forward to future SANS events.
    Rebekah WolfTenWolf Technology Information Services
  • Slide 2 of 4
    SEC301 is the only course of its kind. Every IT professional knows that your knowledge from networking to security is contiguous, and this is the only course I've seen that actually teaches both equally.
    Kyle HinesJCOG
  • Slide 3 of 4
    I never knew anything about cryptography and its complexities. This course is opening my eyes to how important it is!
    Pat PattersonSalt River Project
  • Slide 4 of 4
    As usual, SANS courses give incredible insight into the reality of the threats that are present in the cyber world. With SEC301, I have a better understanding of each threat, and the means to mitigate those threats.
    David K.U.S. Federal Agency
Slide 1 of 0

Benefits of Learning with SANS

Instructor teaching to a class

Get feedback from the world’s best cybersecurity experts and instructors

OnDemand Mobile App

Choose how you want to learn - online, on demand, or at our live in-person training events

Resources

Get access to our range of industry-leading courses and resources