SEC504: Hacker Tools, Techniques, and Incident Handling
SEC504Offensive Operations
SEC566: Implementing and Auditing CIS Controls
SEC566Cybersecurity Leadership
- 5 Days (Instructor-Led)
- 30 Hours (Self-Paced)
Course created by:
Brian Ventura
Course created by:Brian Ventura
- GIAC Critical Controls Certification (GCCC)
- 30 CPEs
Apply your credits to renew your certifications
- In-Person, Virtual or Self-Paced
Attend a live, instructor-led class at a location near you or remotely, or train on your time over 4 months
- Intermediate Skill Level
Course material is geared for cyber security professionals with hands-on experience
- 26 Hands-On Lab(s)
Apply what you learn with hands-on exercises and labs
Learn to establish critical security controls from the CIS Critical Security Controls framework to effectively defend against cyberattacks and create a secure, compliant environment.
Featured Quote
All week long I have been noting the topics and items I want to bring back to my team to improve various operations. This content is perfectly aligned with the work I am doing. So yes, this was an excellent course.
Course Overview
SEC566 teaches practical techniques for implementing, assessing, and enforcing the Critical Security Controls published by the Center for Internet Security (CIS). This course helps you master specific, proven techniques and tools needed to implement and audit the Critical Security Controls as documented by CIS. Students will learn how to stop known attacks, including those in the ATT&CK framework, and how to maximize the value of existing security tools.
What You'll Learn
- Design security architecture based on CIS Controls
- Build effective security metrics and scoring systems
- Implement automated configuration management
- Deploy secure authentication and access control
- Develop comprehensive endpoint protection strategy
- Establish continuous vulnerability management
Business Takeaways
- Reduce attack surface by implementing proven controls
- Prioritize security investments based on the threat landscape
- Establish a consistent security posture across the enterprise
- Demonstrate compliance with regulatory frameworks
- Improve incident response capabilities
- Develop measurable security improvements
- Create a sustainable security program with executive support
Meet Your Author
Brian Ventura
Certified InstructorBrian Ventura, a Partner at Cyverity, an information security consulting firm specializing in governance, focuses on enterprise information security governance, risk, and compliance.
Read more about Brian VenturaCourse Syllabus
Explore the course syllabus below to view the full range of topics covered in SEC566: Implementing and Auditing CIS Controls.
Section 1Introduction and Overview of the CIS Critical Controls
Learn the foundations of the CIS Controls framework, its evolution, and implementation strategies. Focus on enterprise asset inventory as the cornerstone of security, exploring tools and techniques to maintain accurate device tracking across complex networks.
Topics covered
- CIS Critical Controls
- Resources and tools of the CIS Controls
- Mitre ATT&CK for common threats
- Control assessments practice
- CIS Control #1
Labs
- Use the CIS Self-Assessment Tool (CSAT) for control assessment
- Use Excel-based tools for control assessment
- Inventory assets with MS PowerShell
Section 2Data Protection, Identity and Authentication, Access Control Management, Audit Log Management
Become proficient in the defensive domains of software control, data protection, and identity management. Learn implementation techniques for secure configurations, privileged access controls, and effective account management systems.
Topics covered
- Hardware inventory systems
- Software asset management
- Data protection strategies
- Access control implementation
Labs
- Enforce application control with AppLocker
- Encrypt data at rest with Veracrypt
- Experience privilege abuse with Mimkatz
- Use Powershell and WMI for account inventories
- Scenario-based leadership simulation game
Section 3Server, Workstation, Network Device Protections (Part 1)
Discover the inner workings of vulnerability management, secure configurations, and audit logging implementation. Gain proficiency in techniques to protect email and web browsing while maintaining comprehensive security baselines.
Topics covered
- CIS Controls 4, 7, 8, and 9
- Secure configuration frameworks
- Vulnerability management systems
- Audit logging implementation
- Email protections
Labs
- Use CIS-CAT tool for auditing configurations
- Apply a CIS Benchmark and compare results
- Parse Nmap output with PowerShell
- Scenario-based leadership simulation game
Section 4Server, Workstation, Network Device Protections (Part 2)
Delve into advanced system protections: malware defenses, data recovery, and network infrastructure security. Learn to monitor network traffic and detect malicious activities using practical tools.
Topics covered
- Malware defense implementation
- Strategies in data recovery
- Network infrastructure security
- Network monitoring frameworks
Labs
- Leverage Fleet for inventory, vulnerability and secure configuration
- Map CIS Navigator controls
- Audit network devices with Nipper
- Use Wireshark to spot malicious activity
- Scenario-based leadership simulation game
Section 5Governance and Operational Security
Develop skills in governance domains including security awareness, service provider management, and incident response. Discover techniques for app security, effective security management, and penetration testing.
Topics covered
- Security awareness training
- Service provider management
- Application security implementation
- Incident response frameworks
- Penetration testing
Labs
- Build robust tabletop exercises
- Use CIS-RAM for risk assessment
- Assess an organization and report on residual risk
- Develop security program metrics
- Scenario-based leadership simulation game
Things You Need To Know
Relevant Job Roles
Cyber Incident Responder
European Cybersecurity Skills FrameworkManages compliance with cybersecurity-related standards, legal and regulatory frameworks based on the organisation’s strategy and legal requirements.
Explore learning pathTechnology Research and Development (OPM 661)
NICE: Design and DevelopmentResponsible for conducting software and systems engineering and software systems research to develop new capabilities with fully integrated cybersecurity. Conducts comprehensive technology research to evaluate potential vulnerabilities in cyberspace systems.
Explore learning pathSecurity Control Assessment (OPM 612)
NICE: Oversight and GovernanceResponsible for conducting independent comprehensive assessments of management, operational, and technical security controls and control enhancements employed within or inherited by a system to determine their overall effectiveness.
Explore learning pathDefensive Cybersecurity (OPM 511)
NICE: Protection and DefenseResponsible for analyzing data collected from various cybersecurity defense tools to mitigate risks.
Explore learning pathCourse Schedule & Pricing
Looking for Group Purchase Options?Contact Us
GIAC Certification Attempt
Add a GIAC certification attempt and receive free two practice tests. View pricing in the info icons below.
OnDemand Course Access
When purchasing a live instructor-led class, add an additional 4 months of online access after your course. View pricing in the info icons below.
Filter by:
Location & instructorDate & TimeCourse priceEnrollment options
- Location & instructor
Virtual (OnDemand)
Instructed by Brian VenturaDate & TimeOnDemand (Anytime)Self-Paced, 4 months accessCourse price$7,650 USD*Prices exclude applicable local taxesEnrollment options - Location & instructor
Washington, DC, US & Virtual (live)
Instructed by Brian VenturaDate & TimeFetching schedule..View event detailsCourse price$7,650 USD*Prices exclude applicable local taxesEnrollment options - Location & instructor
San Antonio, TX, US & Virtual (live)
Instructed by Matt NappiDate & TimeFetching schedule..View event detailsCourse price$7,650 USD*Prices exclude applicable local taxes - Location & instructor
Copenhagen, DK
Instructed by Clay RisenhooverDate & TimeFetching schedule..View event detailsCourse price€7,190 EUR*Prices exclude applicable local taxesEnrollment options - Location & instructor
Virginia Beach, VA, US & Virtual (live)
Instructed by Brian VenturaDate & TimeFetching schedule..View event detailsCourse price$7,650 USD*Prices exclude applicable local taxes - Location & instructor
Virginia Beach, VA, US & Virtual (live)
Instructed by Brian VenturaDate & TimeFetching schedule..View event detailsCourse price$7,650 USD*Prices exclude applicable local taxesEnrollment options - Location & instructor
Las Vegas, NV, US & Virtual (live)
Instructed by Randy MarchanyDate & TimeFetching schedule..View event detailsCourse price$7,650 USD*Prices exclude applicable local taxes - Location & instructor
Riyadh, SA & Virtual (live)
Instructed by Brian VenturaDate & TimeFetching schedule..View event detailsCourse price$7,765 USD*Prices exclude applicable local taxes
Showing 8 of 13
Learn Alongside Leading Cybersecurity Professionals From Around The World
- Slide 1 of 4SEC566 is truly providing the foundation to elevate my organization's security posture. It has given me the tools to secure our environment and explain why we need to in the first place.
- Slide 2 of 4After attending this class, I now have this rejuvenated desire to get back to work, tweek my vulnerability scanner, and run my scans.
- Slide 3 of 4I will be able to take this back to my organization and use it right away.
- Slide 4 of 4SEC566 was very valuable for me. I thought I knew about security controls but this course has shown me that all I knew was the basics. I now have in-depth knowledge in this area.
Slide 1 of 0
(1/0)
Benefits of Learning with SANS
Get feedback from the world’s best cybersecurity experts and instructors
Choose how you want to learn - online, on demand, or at our live in-person training events
Get access to our range of industry-leading courses and resources