Preferred method of contact:

Endpoint Security and Network Access Control



Course Number



4 Days

PDF Add to WishList

The most effective way to avoid security breaches from rogue or insecure systems is by detecting whom and what is connected to your networks. In this training course, you will learn how to control the admission, defense status, and configuration of all endpoints in your organization, and gain the skills to better control access to intranet resources.

You Will Learn How To

  • Enforce security policies to protect sensitive data from internal and external threats
  • Deploy Network Access Control to prevent malware infestation
  • Implement Data Loss Prevention (DLP) through host-based IDS/IPS and endpoint encryption
  • Regulate USB devices and optimise anti-malware

Important Course Information


  • Knowledge at the level of:
    • Course 468, System and Network Security Introduction, or
    • Course 446 CompTIA Security+ Certification Exam Preparation
  • Basic knowledge of TCP/IP, switches, or Active Directory


  • This course has a multi-vendor approach, covering both network access and control of system configuration and health from several major vendors, including Cisco, McAfee, and Microsoft

Course Outline

  • Introduction to Endpoint Security

Internal defences vs. perimeter defences

  • Defining a holistic security posture
  • Assessing threats from client–side and internal attacks
  • Shifting the paradigm from a fortress mentality

Establishing a secure internal architecture

  • Instituting a risk–based access control policy
  • Choosing guest access strategies
  • Regulating, monitoring and controlling network traffic
  • Establishing VLANs to Isolate Traffic

Developing a VLAN strategy

  • Determining the number and types of VLANs
  • Configuring VLAN trunking
  • Managing VLAN access centrally

Segregating and isolating traffic

  • Restricting access with port security
  • Setting up quarantine and guest VLANs
  • Managing port security violations
  • Implementing Network Access Control (NAC)

Installing a NAC server

  • Implementing and authenticating with EAP
  • Leveraging VLAN infrastructure

Securing access with 802.1X

  • Configuring authentication agents
  • Deploying certificates and RADIUS servers
  • Denying rogue devices
  • Establishing Policy Servers and Repositories

Implementing policy–based access control

  • Configuring system health requirements
  • Creating a Bring Your Own Devices (BYOD) policy

Managing patches and anti–malware updates

  • Establishing software repositories
  • Pushing OS and application patches to clients

Monitoring and enforcing endpoint security

  • Checking system health against policy
  • Validating pre– and post–connect profiles
  • Quarantining and remediating noncompliant devices
  • Managing Confidentiality for Data at Rest

Establishing an encryption policy

  • Handling mobile devices and removable media
  • Integrating encryption with Data Loss Prevention (DLP)

Implementing encryption

  • Leveraging PKI to generate corporate recovery keys
  • Enforcing full and partial disk encryption for endpoints
  • Preventing and Detecting Data Exfiltration

Developing a data loss strategy

  • Permitting required traffic and denying dangerous traffic
  • Configuring enterprise host firewalls
  • Regulating attached USB and portable devices

Monitoring and detecting data leakage

  • Preventing covert tunnels within DNS and HTTP(S) traffic
  • Preventing Personally Identifiable Information (PII) leaks
  • Identifying attempts to steal data
  • Implementing Anti–Malware Defences

Deploying anti–malware

  • Pushing defensive software to endpoints
  • Establishing internal anti–malware signature update servers
  • Managing mobile and remote users

Managing enterprise anti–malware configuration

  • Configuring scanning policies
  • Determining responses to infection alerts
  • Securing anti–malware configurations

Deploying host–based IDS/IPS

  • Monitoring host processes
  • Deciding amongst deployment options
  • Reporting and Compliance Checking

Responding to and mitigating attacks

  • Assessing incidence response strategies
  • Developing mitigation and containment strategies

Demonstrating organisational compliance

  • Generating reports for compliant and noncompliant systems
  • Complying with government regulations
  • Tracking policy effectiveness
  • Producing policy violation reports
Show complete outline
Show Less

Convenient Ways to Attend This Instructor-Led Course

Hassle-Free Enrolment: No advance payment required to reserve your seat.
Tuition Fee due 30 days after you attend your course.

In the Classroom

Live, Online

Private Team Training

In the Classroom — OR — Live, Online

Tuition Fee — Standard: £2095  

AFTERNOON START: Attend these live courses online via Anyware

19 - 22 Feb ( 4 Days)
2:00 PM - 9:30 PM GMT
Herndon, VA / Online (AnyWare) Herndon, VA / Online (AnyWare) Reserve Your Seat

16 - 19 Apr ( 4 Days)
2:00 PM - 9:30 PM BST
Alexandria, VA / Online (AnyWare) Alexandria, VA / Online (AnyWare) Reserve Your Seat

6 - 9 Aug ( 4 Days)
2:00 PM - 9:30 PM BST
Herndon, VA / Online (AnyWare) Herndon, VA / Online (AnyWare) Reserve Your Seat

Guaranteed to Run

When you see the "Guaranteed to Run" icon next to a course event, you can rest assured that your course event — date, time, location — will run. Guaranteed.

Private Team Training

Enroling at least 3 people in this course? Consider bringing this (or any course that can be custom designed) to your preferred location as a private team training.

For details, call 0800 282 353 or Click here »

This event has been added to your cart.

Tuition Fee


In Classroom or



Private Team Training

Contact Us »

Course Tuition Fee Includes:

After-Course Instructor Coaching
When you return to work, you are entitled to schedule a free coaching session with your instructor for help and guidance as you apply your new skills.

Free Course Exam
You can take your Learning Tree course exam on the last day of your course or online any time after class.


Training Hours

Standard class hours:
9:00 a.m. - 4:30 p.m.

Last day class hours:
9:00 a.m. - 3:30 p.m.

Free Course Exam – Last Day:
3:30 p.m. - 4:30 p.m.

Each class day:
Informal discussion with instructor about your projects or areas of special interest:
4:30 p.m. - 5:30 p.m.

AFTERNOON START class hours:
2:00 p.m. - 9:30 p.m.

Last day class hours:
2:00 p.m. - 8:30 p.m.

Free Course Exam – Last Day:
8:30 p.m. - 9:30 p.m.

Each class day:
Informal discussion with instructor about your projects or areas of special interest
9:30 p.m. - 10:30 p.m.

Enhance Your Credentials with Professional Certification

Learning Tree's comprehensive training and exam preparation guarantees that you will gain the knowledge and confidence to achieve professional certification and advance your career.

This course is approved by CompTIA for continuing education units (CEUs). For additional information and to confirm which courses are eligible towards your CompTIA certification, click here.

- ,

Chat Now

Please Choose a Language

Canada - English

Canada - Français