High-profile cybersecurity attacks indicate that offensive attacks are outperforming defensive measures. Cybersecurity engineers, auditors, privacy, and compliance team members are asking how they can practically protect and defend their systems and data, and how they should implement a prioritized list of cybersecurity hygiene controls. In SANS SEC566, students will learn how an organization can defend its information by using a vetted cybersecurity control standard. Students will specifically learn how to implement, manage, and assess security control requirements defined by the Center for Internet Security’s (CIS) Controls. Students will gain direct knowledge of the CIS Controls and ecosystem of tools to implement CIS controls across organizations complex networks, including cloud assets. 17 Lab Exercises and a program management simulation.
SEC566.1: Introduction and Overview of the CIS Critical Controls
SEC566.2: Data Protection, Identity and Authentication, Access Control Management, Audit Log Management
SEC566.3: Server, Workstation, Network Device Protections (Part 1)
SEC566.4: Server, Workstation, Network Device Protections (Part 2)
SEC566.5: Governance and Operational Security