NANODEGREE PROGR AM SYLL ABUS

Enterprise Security

Need Help? Speak with an Advisor: www.udacity.com/advisor

Overview
The goal of the Enterprise Security Nanodegree program is to equip learners with the foundational skills of
security engineering within an enterprise setting. This program addresses security topics related to corporate
environments, which are often distinct from production environments and center around the devices, identities,
and infrastructure used by the company’s personnel on a daily basis.

Estimated Time: Prerequisites:

4 months Linux and Azure

Flexible Learning: Need Help?

Self-paced, so you udacity.com/advisor
can learn on the Discuss this program
schedule that works with an enrollment
best for you. advisor.

*The length of this program is an estimation of total hours the average student may take to complete all required
coursework, including lecture and project time. If you spend about 5-10 hours per week working through the program, you
should finish within the time provided. Actual hours may vary.

Need Help? Speak with an Advisor: www.udacity.com/advisor Enterprise Security | 2

Course 1: Enterprise Perimeter and
Network Security
This course is designed to take you through the perspective of an enterprise and how they design a secure
network architecture. The topics in this course will cover current enterprise perimeter and network security,
network security architecture, building an enterprise network, continuous monitoring with a SIEM, and
Zero Trust.

Students will get hands-on experience in building a secure

enterprise network. They will segment the network across
different security topologies and employ the principle of least
privilege to restrict access across the various segmentations.
Students will then build a VPN to access the enterprise network
Course Project :
from a remote location, then set up a SIEM and a web server.
Securing the Perimeter Students will monitor web server logs and build alerts to help
identify security incidents. Students will then write incident
response playbooks for certain attack scenarios. Lastly, students
will design a Zero Trust model and write a comparative analysis
between current network architecture and Zero Trust.

Need Help? Speak with an Advisor: www.udacity.com/advisor Enterprise Security | 3

 LEARNING OUTCOMES

• Identify weaknesses in network topologies

• Design the placement of security devices in an
Network Security
LESSON ONE enterprise network
Architecture
• Use the SABSA framework to align enterprise business and
security needs

Building an • Connect from public to private network over a NAT gateway

LESSON TWO Enterprise • Partition a virtual network into multiple segments
Network • Build a VPN solution to connect to an enterprise network

Continuous • Deploy a SIEM

LESSON THREE Monitoring with • Set up alerts and monitor traffic
a SIEM • Build an Incident Response Playbook

• Define the principles of Zero Trust

LESSON FOUR Zero Trust • Identify key components in Zero Trust architecture
• Design a Zero Trust model

Need Help? Speak with an Advisor: www.udacity.com/advisor Enterprise Security | 4

Course 2: Enterprise Endpoint Security
With data being a core driver of today’s growth and the number of devices increasing, businesses have seen
a rise in the number of types of endpoints. These factors make enterprise endpoint security more difficult
since there are more potential vulnerable channels of cyberattack, and they have been compounded by
remote work and the growing number of connected devices (i.e. mobile phones, tablets, etc). Moreover,
89% of security leaders believe that mobile devices will serve as your digital ID to access enterprise services
and data. This course covers best practices for safeguarding the data and workflows associated with the
individual devices that connect to your enterprise network.

You are a security engineer for Fed F1rst Control Systems. Fed
F1rst has recently spun out of a larger organization into a stand-
alone company. You have been tasked with implementing the
endpoint portion of the organization’s security policy.

The tasks that follow represent real tasks that would be

performed on a scheduled and on an as-needed basis (for
instance, server hardening is typically performed upon
installation). You will recommend hardening strategies on a
Windows 10 desktop as well as a Windows 2016 server. In the
exercises you performed during the course, you performed
Course Project : these tasks on a CentOS Linux server. Those skills will come in
handy here.
FedF1rst Security
Assessment Next, you will create several security policies for the
organization. As with hardening, you also performed this
activity, but for different areas of the Information Technology
department areas during the course.

Additionally, you will create build sheets for Windows and Linux
cloud servers using the knowledge you have gained throughout
the course.

Finally, you will conduct a subset of a server self-assessment

that is common during pre-work for compliance audits.

Need Help? Speak with an Advisor: www.udacity.com/advisor Enterprise Security | 5

 LEARNING OUTCOMES

• Identify Assets in an Organization

• Recommend mitigation of discovered vulnerabilities
• Recommend hardening strategy for commonly used
LESSON ONE System Hardening
operating systems
• Recommend a security configuration for IoT and
Control Systems

• Define BYOD Strategy

Policies and • Create an NDA Policy
LESSON TWO
Compliance • Conduct a compliance self-assessment
• Create a remote work policy

• Recommend a public access configuration strategy

Cloud
LESSON THREE • Recommend a configuration for cloud broker
Management
• Recommend a management solution for cloud deployments

Need Help? Speak with an Advisor: www.udacity.com/advisor Enterprise Security | 6

Course 3: Enterprise Wide Application Security
Application security is a critical part of any enterprise security plan. Similar to the application security course
in the Security Engineer Nanodegree, we will be covering how to perform a threat assessment but will get
more granular by doing threat modeling and looking at how to harden applications. This course will teach
students mitigation and defensive strategies in an application software development lifecycle. The focus will
be on covering how enterprises bake security into their lifecycle by shifting security left and the different
ways they enhance their security posture across on prem, cloud, containers, and APIs.

In this project, the students are the lead security engineers

for a newly released application. The applications backend has
recently stood up a new infrastructure to offer new features
to its base of over 1 million users. Students will be tasked with
reviewing the security for this new application technology stack
Course Project : and helping identify areas of concern with threat models. After
pinpointing vulnerabilities, students will run scans against the
CryptoV4ULT enterprise application and attempt to exploit these potential
Enterprise Security issues.
Assessment
Students’ scope includes a variety of entities within the
architecture, such as the application itself, the containers
running services, and the external-facing API. Finally,
students will create a remediation plan to help prevent these
vulnerabilities and harden your existing security standards.

Need Help? Speak with an Advisor: www.udacity.com/advisor Enterprise Security | 7

 LEARNING OUTCOMES

• Identify all steps of enterprise DevSecOps

Designing Security
LESSON ONE • Plan all stages of the SDLC lifecycle
Architecture
• Design security architecture with specific constraints

• Conduct threat modeling to identify architecture

vulnerabilities
• Identify vulnerabilities and their risk levels
LESSON TWO Threat Hunting
• Run industry-standard application vulnerability scanners with
Nessus
• Create pen-testing roadmap to secure solutions

• Scan containers to identify vulnerabilities

Container
LESSON THREE • Research container vulnerabilities
Vulnerabilities
• Create plans to mitigate container vulnerabilities

• Identify coding vulnerabilities in APIs

LESSON FOUR API Vulnerabilities • Mitigate coding vulnerabilities in APIs
• Apply metrics monitoring

Need Help? Speak with an Advisor: www.udacity.com/advisor Enterprise Security | 8

Course 4: Enterprise Data Security
Cyber threats continue to evolve and grow, and each day we are reminded that all it takes is one lucky strike
for a malicious hacker to breach a company.

On the other hand, cybersecurity professionals have to try and get it right every time to protect a company
from breaches. This means that tackling cyber risk requires a very strategic approach and it starts with
securing one of the greatest assets within the enterprise —
­ data.

To begin mastering data security, during this course we’ll start by exploring the concept of data governance
so that students can build the foundation for understanding, classifying, and protecting data. Students learn
to navigate the variety of compliance regulations that apply to data security and create policies that prevent
unauthorized disclosure of information.

In the bulk of the course, students focus on protecting confidentiality, integrity, and availability of data
through concepts like encryption, auditing, file integrity monitoring, and back-up strategy.

In this project, students will apply the skills they have acquired
in this security course to ensure data security.
Students will be provided a realistic case study, company
profile, and resource database. They’ll work to classify data and
justify which regulations apply to the data. They’ll use post-
breach evidence to perform a file integrity monitoring audit and
Course Project : determine if integrity was impacted. Students will also make
recommendations for ensuring data integrity in the future,
Data Security Analysis
such as creating a data security policy, mapping out a data
in Online Payment storage architecture and new encryption plan based on the
Processing data types, and establishing a backup and recovery policy and
testing it to protect the company in the future. The deliverable
will be an enterprise data security update delivered to the
executive team detailing the security program established
within the enterprise. The final implementation of the project
will showcase students’ data security management skills,
including their ability to make and justify recommendations to
key stakeholders and implement changes.

Need Help? Speak with an Advisor: www.udacity.com/advisor Enterprise Security | 9

 LEARNING OUTCOMES

• Justify which compliance regulations apply to the data of

your business or industry
• Build data security policy to address compliance
requirements
• Determine typical compliance requirements with standard
regulations
• Distinguish appropriate regulations for each data type
LESSON ONE Data Governance
• Analyze enterprise data in order to classify data types
based on risk.
• Design information rights management policies to prevent
intellectual property theft and stop unauthorized file
sharing and editing
• Analyze enterprise data in order to classify data types
based on risk.

• Apply the appropriate encryption system for enterprise

data at rest and data in transit
• Demonstrate encryption of data
LESSON TWO Data Confidentiality • Identify and distinguish methods for determining the right
encryption solution for data at rest and data in transit
• Analyze and distinguish encryption types, applications, and
fundamentals (cert authority, PKI, key management)

• Implement data protection and auditing controls that

ensure data integrity across the organization
• Map out a data storage architecture that supports data
integrity and security
LESSON THREE Data Integrity • Conduct an audit to confirm compliance with key security
controls
• Distinguish major types of audit
• Execute hashing in order to confirm data integrity
• Apply the principles of identity and access management

• Establish a backup and recovery solution for critical

systems across the organization
• Create a disaster recovery plan
LESSON FOUR Data Availability • Run a back-up and restore test in the cloud
• Build a backup and recovery strategy
• Justify what data to back up
• Distinguish backup and recovery best practice methods

Need Help? Speak with an Advisor: www.udacity.com/advisor Enterprise Security | 10

Our Classroom Experience
REAL-WORLD PROJECTS
Build your skills through industry-relevant projects. Get
personalized feedback from our network of 900+ project
reviewers. Our simple interface makes it easy to submit
your projects as often as you need and receive unlimited
feedback on your work.

KNOWLEDGE
Find answers to your questions with Knowledge, our
proprietary wiki. Search questions asked by other students,
connect with technical mentors, and discover in real-time
how to solve the challenges that you encounter.

WORKSPACES
See your code in action. Check the output and quality of
your code by running them on workspaces that are a part
of our classroom.

QUIZZES
Check your understanding of concepts learned in the
program by answering simple and auto-graded quizzes.
Easily go back to the lessons to brush up on concepts
anytime you get an answer wrong.

CUSTOM STUDY PLANS

Create a custom study plan to suit your personal needs
and use this plan to keep track of your progress toward
your goal.

PROGRESS TRACKER
Stay on track to complete your Nanodegree program with
useful milestone reminders.

Need Help? Speak with an Advisor: www.udacity.com/advisor Enterprise Security | 11

 Learn with the Best

Milind Adari Jerry Smith

SECURIT Y ENGINEER I N F O R M AT I O N S E C U R I T Y
ENGINEER
Milind Adari is a Security Engineer at
The Associated Press and an Adjunct Jerry is a member of the Security
Instructor at Columbia University. He is Operations Center for the University
responsible for protecting journalists all of Alabama at Birmingham, where
around the world from malicious threat he is the Lead Threat Hunter and
actors and state-sponsored attacks, a member of the firewall team.
all while educating students and Previously he was an Information
professionals in cybersecurity. Security Engineer for Hibbett
Sporting Goods.

Vamsee Kandimalla Christine Izuakor,

C Y B E R S E C U R I T Y A R C H I T E C T, PhD, CISSP
H E A D  O F   P R O D U C T T E C H N O L O G Y
F O U N D E R & C E O, C Y B E R P O P - U P
Vamsee has wide-ranging security Dr. Christine Izuakor is the CEO of Cyber
experience, including in sectors such Pop-up, an on-demand cybersecurity
as defense, consumer electronics, platform powered by vetted cyber
and automotive. He studied electrical freelancers. She has over a decade
engineering, then focused on cybersecurity of experience leading cybersecurity
during graduate school at Carnegie Mellon. functions within Fortune 100 companies
He enjoys working on the latest technologies and has her PhD in Security Engineering.
and high-impact solutions.

Need Help? Speak with an Advisor: www.udacity.com/advisor Enterprise Security | 12

All Our Nanodegree Programs Include:

EXPERIENCED PROJECT REVIEWERS

REVIEWER SERVICES

• Personalized feedback & line-by-line code reviews

• 1600+ reviewers with a 4.85/5 average rating
• 3-hour average project review turnaround time
• Unlimited submissions and feedback loops
• Practical tips and industry best practices
• Additional suggested resources to improve

TECHNICAL MENTOR SUPPORT

MENTORSHIP SERVICES

• Questions answered quickly by our team of

technical mentors
• 1000+ mentors with a 4.7/5 average rating
• Support for all your technical questions

PERSONAL CAREER SERVICES

C AREER SUPPORT

• Resume support
• Github portfolio review
• LinkedIn profile optimization

Need Help? Speak with an Advisor: www.udacity.com/advisor Enterprise Security | 13

Frequently Asked Questions
PROGR AM OVERVIE W

WHY SHOULD I ENROLL?

This program was designed to help you take advantage of the growing need for
skilled enterprise security engineers. Prepare to meet the demand for qualified
professionals who can deliver modern cybersecurity solutions.

WHAT JOBS WILL THIS PROGRAM PREPARE ME FOR?

The need for strong security skills in an enterprise organization is greater than
ever. The skills you will gain from this Nanodegree program will qualify you for
jobs in several industries, as countless companies are trying to keep up with
digital transformation.

HOW DO I KNOW IF THIS PROGRAM IS RIGHT FOR ME?

The course is for individuals who are looking to advance their enterprise security
knowledge base with the cutting-edge skills to develop cybersecurity solutions.

ENROLLMENT AND ADMISSION

DO I NEED TO APPLY? WHAT ARE THE ADMISSION CRITERIA?

No. This Nanodegree program accepts all applicants regardless of experience
and specific background.

WHAT ARE THE PREREQUISITES FOR ENROLLMENT?

A well-prepared learner is:
• Familiar with relevant platforms (Linux and Azure) and has some experience
conducting administration with those platforms, such as:
• Setting up a Linux server and performing system configuration/
management (Udacity free course: Linux Server Configuration)
• Setting up an Azure environment and performing cloud configuration/
management
• Exposure to networking, cloud, and hardware systems relevant to
courses being taught (e.g. if a course teaches on Linux security, students
should know the basics of how Linux works)
• Identify the most common networking protocols used (HTTP, TCP, DNS,
SSH)
• Distinguish different hardware components in a network (desktop,
server, firewall, etc.)
• Explain the relationship between client and server within an
architecture
• Identifying the different encryption protocols (AES, RSA, PGP)

IF I DO NOT MEET THE REQUIREMENTS TO ENROLL,

WHAT SHOULD I DO?
This Nanodegree program could be a sequel (specialization) to Udacity’s Security
Engineer ND (although it is not a direct prerequisite). Alternatively, learners
could have potentially taken Udacity’s Introduction to Cybersecurity free course.

Need Help? Speak with an Advisor: www.udacity.com/advisor Enterprise Security | 14

FAQs Continued
TUITION AND TERM OF PROGR AM

HOW IS THIS NANODEGREE PROGRAM STRUCTURED?

The Enterprise Security Nanodegree program is comprised of content and
curriculum to support 4 projects. We estimate that students can complete
the program in 4 months working 5-10 hours per week.

Each project will be reviewed by the Udacity reviewer network. Feedback

will be provided and if you do not pass the project, you will be asked to
resubmit the project until it passes.

HOW LONG IS THIS NANODEGREE PROGRAM?

Access to this Nanodegree program runs for the length of time specified
above. If you do not graduate within that time period, you will continue
learning with month-to-month payments. See the Terms of Use and
FAQs for other policies regarding the terms of access to our Nanodegree
programs.

CAN I SWITCH MY START DATE? CAN I GET A REFUND?

Please see the Udacity Nanodegree program FAQs for policies on
enrollment in our programs.

SOF T WARE AND HARDWARE

WHAT SOFTWARE AND VERSIONS WILL I NEED IN THIS PROGRAM?

There are no software or version requirements to complete this
Nanodegree program. All coursework and projects can be completed via
student workspaces in the Udacity online classroom.

Need Help? Speak with an Advisor: www.udacity.com/advisor Enterprise Security | 15