Security roadmaps Threats, Tactics, and Defenses
RCCE students will learn Active Directory security including AD architecture, authentication protocols (Kerberos, NTLM), group policy security, trust relationships, privilege escalation paths, and AD attack detection. RCCE students will learn to assess Active Directory environments for security weaknesses, identify misconfigured permissions, detect Kerberoasting, AS-REP roasting, DCSync, Golden Ticket, and Silver Ticket attacks, implement tiered administration models, configure AD security monitoring with Windows event logs, harden group policy configurations, clean up stale accounts and excessive permissions, and respond to AD compromise with containment and recovery procedures. This threat-focused course teaches students to think like adversaries while building robust defenses. At an expert level, RCCE students will learn to analyze attack techniques, build detection logic, and implement defensive strategies that proactively identify threats before they cause damage. Students develop a threat-informed mindset that drives better security decisions across all operational activities.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Security roadmaps Threats, Tactics, and Defenses
- Explain Course Overview fundamentals
- Execute hands-on tasks for what you will learn — covering GCP IAM configuration and least privilege.
- Execute hands-on tasks for hands-on skills — covering Secure GKE cluster deployment.
- Execute hands-on tasks for threat-informed approach — covering Analyze attacker TTPs targeting GCP environments.
- Design a scalable privilege management architecture with policy and enforcement
- Execute hands-on tasks for global network
- Execute hands-on tasks for → regions & zones →
- Execute hands-on tasks for infrastructure layer
- Execute hands-on tasks for platform layer
- Execute hands-on tasks for application layer — covering Google Front End (GFE), Resource hierarchy enforcement.
- Execute hands-on tasks for security impact — covering IAM policies inherit down.
| Module 01 | Course Overview |
| Module 02 | What You Will Learn |
| Module 03 | Hands-On Skills |
| Module 04 | Threat-Informed Approach |
| Module 05 | GCP Architecture and Security Model |
| Module 06 | Global Network |
| Module 07 | → Regions & Zones → |
| Module 08 | Infrastructure Layer |
| Module 09 | Platform Layer |
| Module 10 | Application Layer |
| Module 11 | Security Impact |
| Module 12 | Shared Responsibility Model |
| Module 13 | Google Manages |
| Module 14 | Customer Manages |
All hands-on labs run on Rocheston Rose X OS. Students practice security roadmaps threats, tactics, and defenses by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Explain Course Overview fundamentals
- Lab 2: Execute hands-on tasks for what you will learn
- Lab 3: Execute hands-on tasks for hands-on skills
- Lab 4: Execute hands-on tasks for threat-informed approach
- Lab 5: Design a scalable privilege management architecture with policy and enforcement
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Security roadmaps Threats, Tactics, and Defenses, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI