MarkIT Training

IT Security and Microsoft Azure Training

Tag: Security

  • CYSA+ (CS0-003)

    CYSA+ Badge

    The CompTIA Cybersecurity Analyst (CySA+) course prepares students for the CS0-003 certification and focuses on incident detection, prevention, and response through continuous security monitoring. It covers improving security operations processes, differentiating between threat intelligence and threat hunting, analyzing malicious activity, implementing vulnerability assessments, prioritizing vulnerabilities, and making mitigation recommendations. The certification also includes updated attack methodology frameworks, incident response activities, incident management lifecycle, and communication best practices in vulnerability management and incident response.

    The course includes the following high level objectives:

    Security Operations

    • Explain the importance of system and network architecture concepts in security operations.
    • Given a scenario, analyse indicators of potentially malicious activity.
    • Given a scenario, use appropriate tools or techniques to determine malicious activity.
    • Compare and contrast threat-intelligence and threat-hunting concepts.
    • Explain the importance of efficiency and process improvement in security operations.

    Vulnerability Management

    • Given a scenario, implement vulnerability scanning methods and concepts.
    • Given a scenario, analyse output from vulnerability assessment tools.
    • Given a scenario, analyse data to prioritize vulnerabilities.
    • Given a scenario, recommend controls to mitigate attacks and software vulnerabilities.
    • Explain concepts related to vulnerability response, handling, and management.

    Incident Response and Management

    • Explain concepts related to attack methodology frameworks.
    • Given a scenario, perform incident response activities.
    • Explain the preparation and post-incident activity phases of the incident management life cycle.

    Reporting and Communication

    • Explain the importance of vulnerability management reporting and communication.
    • Explain the importance of incident response reporting and communication.

  • Security+ (SY0-701)

    Security+ Badge

    The CompTIA Security+ course is tailored to prepare you for the SY0-701 exam. Students will acquire the necessary knowledge and skills to install and configure systems for securing applications, networks, and devices. They will also learn to perform threat analysis and respond with appropriate mitigation techniques, engage in risk mitigation activities, and operate with an understanding of relevant policies, laws, and regulations.

    The high level objectives covered are:

    General Security Concepts

    • Compare and contrast various types of security controls.
    • Summarize fundamental security concepts.
    • Explain the importance of change management processes and the impact to security.
    • Explain the importance of using appropriate cryptographic solutions.

    Threats, Vulnerabilities, and Mitigations

    • Compare and contrast common threat actors and motivations.
    • Explain common threat vectors and attack surfaces.
    • Explain various types of vulnerabilities.
    • Given a scenario, analyze indicators of malicious activity.
    • Explain the purpose of mitigation techniques used to secure the enterprise.

    Security Architecture

    • Compare and contrast security implications of different architecture models.
    • Given a scenario, apply security principles to secure enterprise infrastructure.
    • Compare and contrast concepts and strategies to protect data.
    • Explain the importance of resilience and recovery in security architecture.

    Security Operations

    • Given a scenario, apply common security techniques to computing resources.
    • Explain the security implications of proper hardware, software, and data asset management.
    • Explain various activities associated with vulnerability management.
    • Explain security alerting and monitoring concepts and tools.
    • Given a scenario, modify enterprise capabilities to enhance security.
    • Given a scenario, implement and maintain identity and access management.
    • Explain the importance of automation and orchestration related to secure operations.
    • Explain appropriate incident response activities.
    • Given a scenario, use data sources to support an investigation.

    Security Program Management and Oversight

    • Summarize elements of effective security governance.
    • Explain elements of the risk management process.
    • Explain the processes associated with third-party risk assessment and management.
    • Summarize elements of effective security compliance.
    • Explain types and purposes of audits and assessments.
    • Given a scenario, implement security awareness practices.

  • Microsoft Security, Compliance, and Identity Fundamentals (SC-900)

    SC-900 Badge

    This course is designed for individuals who want to gain a foundational understanding of security, compliance, and identity (SCI) within cloud-based and related Microsoft services.

    You should have familiarity with Microsoft Azure and Microsoft 365 and aim to understand how Microsoft SCI solutions integrate across these platforms to offer a comprehensive, end-to-end solution.

    Skills taught:

    • Security, Compliance, and Identity Concepts (10–15%)
      • Understand security and compliance concepts
        • Shared responsibility model
        • Defense-in-depth
        • Zero Trust model
        • Encryption and hashing
        • Governance, Risk, and Compliance (GRC) concepts
      • Understand identity concepts
        • Identity as the primary security perimeter
        • Authentication
        • Authorization
        • Identity providers
        • Directory services and Active Directory
        • Federation
    • Microsoft Entra Capabilities (25–30%)
      • Understand Microsoft Entra ID functions and identity types
        • Microsoft Entra ID
        • Types of identities
        • Hybrid identity
      • Understand authentication capabilities of Microsoft Entra ID
        • Authentication methods
        • Multi-factor authentication (MFA)
        • Password protection and management
      • Understand access management capabilities of Microsoft Entra ID
        • Conditional Access
        • Microsoft Entra roles and role-based access control (RBAC)
      • Understand identity protection and governance capabilities of Microsoft Entra
        • Microsoft Entra ID Governance
        • Access reviews
        • Microsoft Entra Privileged Identity Management
        • Microsoft Entra ID Protection
        • Microsoft Entra Permissions Management
    • Microsoft Security Solutions Capabilities (35–40%)
      • Understand core infrastructure security services in Azure
        • Azure distributed denial-of-service (DDoS) Protection
        • Azure Firewall
        • Web Application Firewall (WAF)
        • Network segmentation with Azure virtual networks
        • Network security groups (NSGs)
        • Azure Bastion
        • Azure Key Vault
      • Understand security management capabilities of Azure
        • Microsoft Defender for Cloud
        • Cloud Security Posture Management (CSPM)
        • Security policies and initiatives for cloud security posture improvement
        • Enhanced security features for cloud workload protection
      • Understand capabilities of Microsoft Sentinel
        • Security information and event management (SIEM) and security orchestration automated response (SOAR) concepts
        • Threat detection and mitigation in Microsoft Sentinel
      • Understand threat protection with Microsoft Defender XDR
        • Microsoft Defender XDR services
        • Microsoft Defender for Office 365
        • Microsoft Defender for Endpoint
        • Microsoft Defender for Cloud Apps
        • Microsoft Defender for Identity
        • Microsoft Defender Vulnerability Management
        • Microsoft Defender Threat Intelligence (Defender TI)
        • Microsoft Defender portal
    • Microsoft Compliance Solutions Capabilities (20–25%)
      • Understand Microsoft Service Trust Portal and privacy principles
        • Service Trust Portal offerings
        • Privacy principles of Microsoft
        • Microsoft Priva
      • Understand compliance management capabilities of Microsoft Purview
        • Microsoft Purview compliance portal
        • Compliance Manager
        • Uses and benefits of compliance score
      • Understand information protection, data lifecycle management, and data governance capabilities of Microsoft Purview
        • Data classification capabilities
        • Benefits of Content explorer and Activity explorer
        • Sensitivity labels and sensitivity label policies
        • Data loss prevention (DLP)
        • Records management
        • Retention policies, retention labels, and retention label policies
        • Unified data governance solutions in Microsoft Purview
      • Understand insider risk, eDiscovery, and audit capabilities in Microsoft Purview
        • Insider risk management
        • eDiscovery solutions in Microsoft Purview
        • Audit solutions in Microsoft Purview