Zero Trust Security Architecture Framework

Course Title	: Zero Trust Security Architecture Framework
Course Duration	: 2 Day Face-to-Face Classroom and 2 Day Online Instructor Led Workshop : Online workshop is delivered in two days, two units each day between 9:30 am to 1 pm and 2:00 pm to 6 pm
Course Fee	: Available upon request (Write to us at info@tlcpak.com)
Course Location	: TLC Office, Customer Onsite, and Online
Course Code	: TN224
Deliverables	: Comprehensive Student Guide and Workshop Certificate

This on-site couse can also be conducted for customers in Lahore, and Islamabad

PURPOSE:
Zero Trust has become an extremely popular reference for security best practices. Vendor marketing and other misleading data has unfortunately caused confusion about what Zero Trust is and how to use it properly. This misunderstanding of Zero Trust can lead to a false sense of security.

This course will review the history of many popular terms for security best practices as well as how the industry developed the term Zero Trust. We will review Zero Trust Architecture and Framework in details with enterprise use cases. Topics will include network, endpoint and cloud security concepts. We will also discuss misconceptions, such as how Zero Trust best practices can t be achieved by simply acquiring a technology such as a Firewall, Identity Management solution or Network Access Control offering. Expect many real-world examples, demos and definitions of topics that you can relate to as well as evaluate with open source or enterprise technology.

The training course flow will be a mix of lectures & classroom discussions so that participants can have a detailed understanding of various components of cybersecurity technologies.

ABOUT THE INSTRUCTOR
Training will be delivered by an experienced trainer with 25+ years of career experience imparting education and training services both locally and internationally and have served international enterprise technology vendors including IBM, Fujitsu, and ICL.

Our instructor holds various industry professional certifications in the space of enterprise servers and storage technologies, Information Security, Enterprise Architecture, Blockchain, ITIL, Cloud, Virtualization, Green IT, and a co-author of 10 IBM Redbooks and have designed and developed 70 plus courses based on storage, information security, cybersecurity, enterprise architecture, Blockchain, Open Banking Framework and digital technologies stacks.

TARGETED AUDIENCE:
This workshop is intended for resources who/from:

CIO, CTO, CISO, CDO, Business and Digital Leaders, IT Director and IT Managers, Application/Database teams, Audit, Risk and Compliance, Information Security and Cybersecurity Professionals, IT Operations, Project Managers, Enterprise Architects, Network Operation Teams, and Technical Writers with a familiarity of basic IT/IS concepts who want to;
Want to learn new trends in security and data breach incidents.
Interested in entering the field of Information Security and Cybersecurity.
Students and fresh graduates.
Managers, Senior IT Managers, Business and HR Leaders who want to refresh thier present knowledge.
Security Operations Center teams.
Network Operations Centers.

Workshop Summary

Understand the true meaning of the Zero Trust security framework
Determine how to apply security best practices represented in the latest Zero Trust framework to your organization.
Understand how to assess your existing security capabilities and map out a plan for improving your organization s security practice.
Understand security best practices for all areas of your business (cloud, endpoint and network)
A lab exercise based on tracing a Malware in endpoint devices.

PREREQUISITES:
Participants attending this workshop should be familiar with basic Information Technology (IT) and Security concepts, business challenges and the role of general system wide infrastructure technologies and their applications.

COURSE OUTLINE

Unit 1 Unified Threat Management Principles

Threats and security challenges faced today.

Why do we need to make cybersecurity a priority?

Threat hunting and indicators of compromise (IoC s).

Understand threat management and knowing security threats and their channels.

Threat management and threat hunting tools

Explaining categories of Risks.

Understand Threat Modeling and procedure how to perform threat modeling exercise.

Threat Hunting Methodologies and key steps.

Fileless Malware Attack Process and Fileless Lifecycle.

Describe Threat hunting Maturity Model.

Understand Unified Threat Management.

Understand how Unified Threat Management works?

Unified Threat Management vs. Next-Generation Firewalls.

UTM Advantages and Disadvantages.

Best practices for a modern threat management strategy.

Exploring UTM Managed Cloud Services Key Features.

UTM Performance and Throughput.

Unit 1 Assessment

Unit 2 Advanced Network Thread Prevention

Understand Zero-day Attack.

The critical issue with Zero-day vulnerability.

Suggestions for Mitigating the effects of a Zero-day attack.

Describe Advanced Network Threat Prevention.

Issues addressed by Advanced Network Threat Prevention.

Describe Digital Signatures and their distinct goals.

Signatureless Malware Deduction technology.

Attack Vector, Attack Surface & Malicious Actors.

How Does Advanced Network Threat Prevention Work?

Understand Advanced Network Threat Prevention Engine framework.

Understand malware features like whitelisting, blacklisting, security services provided by third parties, sandboxing, honeypots, honeynets and anti-malware.

Understand Penetration Testing.

MITRE ATT&CK framework, benefits, challenges and Tactics and Techniques use by MITRE ATT&CK.

The role of Read Team and Blue Team.

Unit 2 Assessment.

Unit 3 Exploiting Network Threat Detection and Prevention Tools

Evaluate the effectiveness of your IDS and IPS systems.

Firewall and Network-based IPS/IDS & IPS Capacity Planning.

Best practices for deploying an IPS in your enterprise.

A features Comparison Matrix Firewall Vs IDS Vs IPS.

Critical issue with Zero-day vulnerability.

Understand SIEM and log management.

How to select a right SIEM tools for your business.

Differentiating Continuous and Egress Monitoring.

Understand Network Access Control.

Secure network components NAC devices.

Best practices to implement Network Access Control.

Industry Use Cases for Network Access Control.

The path to next-generation secure network access.

Vulnerabilities in mobile systems MDM Features.

Unit 3 Assessment

Unit 4 Zero Trust Architecture Framework

Understanding Zero Trust Architecture.

Describe Segmentation Gateway.

Deploying Zero Trust and Zero Trust scenarios.

Zero Trust scope and phases.

Zero Trust architecture services An Example.

Implementing Zero Trust Identity Management Principles.

Zero Trust Implementation Methodology.

How do you approach Zero Trust governance?

Key steps to Risk Management for Zero Trust.

Recommendations for starting a Zero Trust Journey.

Digital Enterprise based on Zero Trust adoption.

Zero Trust Architectural Framework.

Zero Trust Best Practices.

VPN Vs Zero Trust networks.

Difference between SDP, VPN and Zero-Trust Networks.

Unit 4 Assessment.

Following are the customers who have attended this workshop.

Group Photographs of students attended our Zero trust Security Architecture Framework Workshops

FINCA Microfinance Bank Ltd, Central Depository Company, and Consulting
Business Solutions has attended a two day online workshop on "Zero Trust
Security Architecture Framework" on December 23 - 24, 2020.

Habib Bank Ltd, Dubai Islamic Bank, Emirates NBD Bank, EETS, and
Acuity Technologies has attended a two day workshop on "Zero Trust
Security Architecture Framework" on February 9 - 10, 2021.

State Bank of Pakistan and Consulting Business Services has attended
a two day online workshop on "Zero Trust Security Architecture
Framework" on March 25 - 26, 2021

Dubai Port World, Institute of Business Administration (IBA), Kyndryl Canada,
Computer Business Services and ETSS has attended a two day online
workshop on "Zero Trust Security Architecture Framework"
on September 29 - 30, 2021.

State Bank of Pakistan, National Bank of Pakistan, Habib Bank Limited,
Telenor Microfinance Bank Ltd, DP World, and Informa UK has attended a
two day Face-To-Face workshop on "Zero Trust Security Architecture
Framework" on August 3 - 4, 2022 at Marriott Hotel Karachi.

The Bank of Punjab, NRSP Microfinance Bank Ltd, GBM Pakistan,
and MCB Bank Ltd has attended a two day Face-To-Face workshop
on "Zero Trust Security Architecture Framework" on
September 29 - 30, 2022 at Pearl Continental Hotel, Lahore.

Securities and Exchange Commission of Pakistan (SECP) and GBM
Pakistan has a two-day Face-to-Face workshop on "Zero Trust Security
Architecture Framework" on December 14 - 15, 2022 at
Islamabad Hotel, Islamabad.

Habib Bank Limited has attended a two-day Face-to-Face workshop on
"Zero Trust Security Architecture Framework" on
March 1 - 2, 2023 at Marriott Hotel, Karachi. This was TLC's eighth
workshop on this subject.

National Bank of Pakistan has attended a two-day Face-to-Face workshop on
"Zero Trust Security Architecture Framework" on
August 23 - 24, 2023 at Marriott Hotel, Karachi. This was TLC's ninth
successful workshop on this subject.

United Bank Limited has attended a two-day Face-to-Face Client onsite
two-day workshop on "Zero Trust Security Architecture Framework"
on May 5 - 6, 2024 at their Head Office in Karachi.