Cart 0

Fundamentals of a Zero Trust Architecture Training

Course Outline

Zero trust architecture is a new security paradigm focused on eliminating implicit trust in IT environments. This Zero Trust Architecture training course provides a comprehensive introduction to zero trust concepts, principles, and deployment models. By the end of the course, participants will have the knowledge to assess zero trust readiness, create adoption roadmaps, and design pilot programs aligned with business risk priorities.

Fundamentals of a Zero Trust Architecture Training Benefits

  • Course Benefits:

    • Understand the limitations of traditional network security and the rationale for zero trust
    • Learn the core concepts and guiding tenets of zero trust architecture
    • Explore zero trust reference models like NIST 800-207
    • Discuss key technologies like micro-segmentation, software-defined perimeters, multi-factor authentication, and continuous authorization
    • Examine zero trust use cases for applications, data, infrastructure, and people
    • Learn deployment, adoption, and maintenance best practices for zero trust

  • Training Prerequisites

    A basic understanding of enterprise security concepts, network infrastructure, authentication, and access controls is recommended.

Zero Trust Architecture Training Outline

Chapter 1:

  • Fundamentals of a Zero Trust Architecture
  • Zero Trust Definition
  • Why Is Zero Trust Needed?
  • Zero Trust Protections Include...
  • Zero Trust Architecture Design Principles
  • Discover Users, Devices, Data, and Applications
  • Cloud Asset API
  • Identities for Users, Services, and Devices
  • Sample AWS IAM Dashboard
  • IAM Access Management User, Groups, and Roles
  • Identity Life Cycle
  • Identity and Access Management (IAM)
  • Multi-Factor Authentication
  • User and Service Accounts
  • Service Accounts
  • Google GCP Roles and Permissions Demo
  • Device Identity
  • Windows Device Security
  • Security Processor
  • Verified Access
  • DoD Zero Trust Strategy
  • DoD Zero Trust Capabilities Execution Enablers
  • CISA Zero Trust Maturity Model (ZTMM)
  • Zero Trust Maturity Journey
  • Zero Trust Maturity Evolution

Chapter 2: Use of Policies to Authenticate and Authorize Users, Devices, Applications, and Services

  • IAM Policies
  • GCP IAM Permissions
  • AWS IAM Groups, Users, and Roles
  • Verified Access
  • Shielded VMs
  • Measured Boot and Integrity Monitoring
  • Shielded VM Demo
  • AWS UEFI Secure Boot

Chapter 3: Continuously Monitor and Assess Health and Behaviors

  • Monitoring Strategy
  • BYOD and Guest Devices
  • Controlling BYOD and Guest Devices
  • Rogue Device Detection
  • Monitoring Web Server Logs
  • Monitoring Web Server Logs Patch Management
  • Network Monitoring
  • Network Monitoring SIEM Dashboard
  • Amazon CloudWatch
  • Monitoring User and Entity Behaviors to Identify Threats
  • Ways to Determine Device and Service Health—Windows
  • Ways to Determine Device and Service Health—Linux
  • Ways to Determine Service Health—Cloud Providers
  • Ways to Determine Service Health—Kubernetes
Course Dates - North America
Course Dates - Europe
Attendance Method
Additional Details (optional)