LateStartHours => ComplianceDisclaimer => OnDemand =>

Cyber Security

Preferred method of contact:

Endpoint Security and Network Access Control



Course Number



4 Days

View Schedule

The most effective way to avoid security breaches from rogue or insecure systems is by detecting whom and what is connected to your networks. In this training course, you will learn how to control the admission, defense status, and configuration of all endpoints in your organization, and gain the skills to better control access to intranet resources.

You Will Learn How To

  • Enforce security policies to protect sensitive data from internal and external threats
  • Deploy Network Access Control to prevent malware infestation
  • Implement Data Loss Prevention (DLP) through host-based IDS/IPS and endpoint encryption
  • Regulate USB devices and optimize anti-malware

Important Course Information


  • Knowledge at the level of:
    • Course 468, System and Network Security Introduction, or
    • Course 446 CompTIA Security+ Certification Exam Preparation
  • Basic knowledge of TCP/IP, switches, or Active Directory


  • This course has a multi-vendor approach, covering both network access and control of system configuration and health from several major vendors, including Cisco, McAfee, and Microsoft

Course Outline

  • Introduction to Endpoint Security

Internal defenses vs. perimeter defenses

  • Defining a holistic security posture
  • Assessing threats from client–side and internal attacks
  • Shifting the paradigm from a fortress mentality

Establishing a secure internal architecture

  • Instituting a risk–based access control policy
  • Choosing guest access strategies
  • Regulating, monitoring and controlling network traffic
  • Establishing VLANs to Isolate Traffic

Developing a VLAN strategy

  • Determining the number and types of VLANs
  • Configuring VLAN trunking
  • Managing VLAN access centrally

Segregating and isolating traffic

  • Restricting access with port security
  • Setting up quarantine and guest VLANs
  • Managing port security violations
  • Implementing Network Access Control (NAC)

Installing a NAC server

  • Implementing and authenticating with EAP
  • Leveraging VLAN infrastructure

Securing access with 802.1X

  • Configuring authentication agents
  • Deploying certificates and RADIUS servers
  • Denying rogue devices
  • Establishing Policy Servers and Repositories

Implementing policy–based access control

  • Configuring system health requirements
  • Creating a Bring Your Own Devices (BYOD) policy

Managing patches and anti–malware updates

  • Establishing software repositories
  • Pushing OS and application patches to clients

Monitoring and enforcing endpoint security

  • Checking system health against policy
  • Validating pre– and post–connect profiles
  • Quarantining and remediating noncompliant devices
  • Managing Confidentiality for Data at Rest

Establishing an encryption policy

  • Handling mobile devices and removable media
  • Integrating encryption with Data Loss Prevention (DLP)

Implementing encryption

  • Leveraging PKI to generate corporate recovery keys
  • Enforcing full and partial disk encryption for endpoints
  • Preventing and Detecting Data Exfiltration

Developing a data loss strategy

  • Permitting required traffic and denying dangerous traffic
  • Configuring enterprise host firewalls
  • Regulating attached USB and portable devices

Monitoring and detecting data leakage

  • Preventing covert tunnels within DNS and HTTP(S) traffic
  • Preventing Personally Identifiable Information (PII) leaks
  • Identifying attempts to steal data
  • Implementing Anti–Malware Defenses

Deploying anti–malware

  • Pushing defensive software to endpoints
  • Establishing internal anti–malware signature update servers
  • Managing mobile and remote users

Managing enterprise anti–malware configuration

  • Configuring scanning policies
  • Determining responses to infection alerts
  • Securing anti–malware configurations

Deploying host–based IDS/IPS

  • Monitoring host processes
  • Deciding among deployment options
  • Reporting and Compliance Checking

Responding to and mitigating attacks

  • Assessing incidence response strategies
  • Developing mitigation and containment strategies

Demonstrating organizational compliance

  • Generating reports for compliant and noncompliant systems
  • Complying with government regulations
  • Tracking policy effectiveness
  • Producing policy violation reports
Show complete outline
Show Less

Course Schedule

Attend this live, instructor-led course In-Class or Online via AnyWare.

Hassle-Free Enrollment: No advance payment required.
Tuition due 30 days after your course.

Jun 13 - 16 AnyWare Enroll Now

How would you like to attend?

Live, Online via AnyWare

Jul 25 - 28 New York/AnyWare Enroll Now

How would you like to attend?

Live, Online via AnyWare

Aug 29 - Sep 1 Herndon, VA/AnyWare Enroll Now

How would you like to attend?

Live, Online via AnyWare

Nov 14 - 17 AnyWare Enroll Now

How would you like to attend?

Live, Online via AnyWare

Dec 12 - 15 Ottawa/AnyWare Enroll Now

How would you like to attend?

Live, Online via AnyWare

Jan 16 - 19 New York/AnyWare Enroll Now

How would you like to attend?

Live, Online via AnyWare

Feb 20 - 23 Herndon, VA/AnyWare Enroll Now

How would you like to attend?

Live, Online via AnyWare

Guaranteed to Run

Bring this Course to Your Organization and Train Your Entire Team
For more information, call 1-888-843-8733 or click here






Course Tuition Includes:

After-Course Instructor Coaching
When you return to work, you are entitled to schedule a free coaching session with your instructor for help and guidance as you apply your new skills.

Free Course Exam
You can take your course exam on the last day of your course and receive a Certificate of Achievement with the designation "Awarded with Distinction."



Call 1-888-843-8733 or click here »

An experienced training advisor will happily answer any questions you may have and alert you to any tuition savings to
which you or your organization may be entitled.

Training Hours

Standard Course Hours: 9:00 am – 4:30 pm
*Informal discussion with instructor about your projects or areas of special interest: 4:30 pm – 5:30 pm

FREE Online Course Exam (if applicable) – Last Day: 3:30 pm – 4:30 pm
By successfully completing your FREE online course exam, you will:

  • Have a record of your growth and learning results.
  • Bring proof of your progress back to your organization
  • Earn credits toward industry certifications (if applicable)

Enhance Your Credentials with Professional Certification

Learning Tree's comprehensive training and exam preparation guarantees that you will gain the knowledge and confidence to achieve professional certification and advance your career.

This course is approved by CompTIA for continuing education units (CEUs). For additional information and to confirm which courses are eligible towards your CompTIA certification, click here.

Earn 23 Credits from NASBA

This course qualifies for 23 CPE credits from the National Association of State Boards of Accountancy CPE program. Read more ...

- ,


Please Choose a Language

Canada - English

Canada - Français