Reduce Exposure with IT Administrator Training

Level up your technical staff with advanced training to protect your whole organization.
Man Studying

Technical Training from the Leader in Information Security

Until recently, IT Administrators responsible for system or network configuration have represented a unique challenge when it comes to cybersecurity preparedness. With the advanced technical knowledge and skill set required for these roles, traditional end-user awareness training can be inadequate. While conventional wisdom may be that technical users will not benefit from routine awareness training, the reality is that the exclusive knowledge and privileged access that come with these roles is precisely what makes IT Administrators a prime target for cyber-attacks.

Reduce Exposure with IT Administrator Training

A Progressive Learning Path with Real-world Use Cases

The 12 learning modules included in Security Essentials for IT Administrators feature real-world attack and mitigation scenarios while progressing learners along an increasingly complex training path.

OverviewExamining common beliefs vs realities of cyber-attacks with an introduction to specific responsibilities of cyber security practitioners.
Core PrinciplesFocusing on three core principles of cyber security. The Principle of Least Privilege, The CIA Triad, and the principle of Prevent, Detect, Respond.
Security Program ManagementLearn how threats, vulnerabilities, countermeasures, laws, and compliance requirements inform Risk Management Programs.
Security MaintenanceCovers security hygiene practices that include practicing change control and configuration management; integrating security into SDLC; patch management; active threat hunting; and more.
Authentication and AuthorizationThe use of passphrases, password managers, and 2FA are explored as authentication mechanisms. Setting proper permissions according to the Principle of Least Privilege and an examination of the Zero Trust Model is included.
Data ProtectionCovering the effective deployment of encryption methods such as the Advanced Encryption Standard algorithm, Transport Layer Security, Internet Protocol Security, Virtual Private Networks, key management fundamentals, and Zero-Knowledge implementations.
Sample AttacksExplores the characteristics of attacks such as Social Engineering, Spear Phishing, Malware, Denial of Service and Distributed Denial of Service, Machine-in-the-Middle, Drive-by-Download, and Watering Hole.
Attack ScenarioAn attack scenario is followed from start to finish, the training focuses on the need for changing our methods of detection and response as attack methods change.
Attack Mitigation TechnologiesLearn what happens if a cyberattack cannot be prevented and deploying mitigation technologies to return to normal operation and repair the root cause(s) that led to the attack.
Cloud Computing EnvironmentsExplore cloud environments, their respective security concerns, and best practices for secure deployments while examining the security advantages to cloud environments.
Securing Web ServersReviews each of the Open Web Application Security Project (OWASP) top vulnerabilities and how security practitioners can prevent and/or mitigate issues in each category.
Supply Chain AttacksThe final module in the series analyzes real-world examples of supply chain attacks to understand why they occur and how to prevent or mitigate them.

Short-Format Technical Training

Why Enterprises Need Security Awareness Training for IT Professionals

With misconfigurations by IT staff becoming a leading cause of data breaches, computer-based security training isn’t just for end users. Download our latest white paper to learn more about how short-format technical training should be your first step in reducing misconfiguration errors.