Policies Hardening Workshop: In Practice
RCCE students will learn security policy development, implementation, and lifecycle management including information security policies, acceptable use policies, data classification policies, and incident response policies. RCCE students will learn to develop security policies aligned with organizational objectives and regulatory requirements, structure policy hierarchies (policies, standards, guidelines, procedures), obtain management approval and organizational buy-in, communicate policies effectively to employees, implement policy exceptions processes, conduct periodic policy reviews and updates, measure policy compliance, and enforce policies through technical controls and administrative processes. This hands-on hardening course focuses on reducing attack surface through practical configuration changes and security guardrails. Starting from foundational concepts, RCCE students will learn to apply hardening baselines, validate configurations, and measure the security improvement achieved. Students walk away with actionable hardening checklists and the skills to maintain hardened configurations as environments evolve.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Policies Hardening Workshop: In Practice
- Execute hands-on tasks for hardening workshop:
- Execute hands-on tasks for in practice
- Explain Module Overview fundamentals
- Execute hands-on tasks for what you will learn — covering Endpoint hardening methodologies, CIS Benchmark implementation.
- Execute hands-on tasks for hands-on focus — covering Actionable checklists for Windows, Linux, macOS, Vulnerability scanning and validation.
- Execute hands-on tasks for actionable checklists for windows, linux, macos — covering Vulnerability scanning and validation.
- Execute hands-on tasks for basic os administration skills — covering Networking fundamentals knowledge.
- Execute hands-on tasks for what is endpoint hardening?
- Execute hands-on tasks for why it matters — covering Reducing attack surface systematically, 80% of breaches exploit misconfigs.
- Execute hands-on tasks for config management — covering Track all system changes, Version-controlled settings.
- Execute hands-on tasks for what are cis benchmarks? — covering Consensus-driven security configs, Maintained by CIS community.
- Execute hands-on tasks for profile levels — covering Level 1: Essential, minimal impact, Level 2: Defense-in-depth, higher impact.
| Module 01 | Hardening Workshop: |
| Module 02 | In Practice |
| Module 03 | Module Overview |
| Module 04 | What You Will Learn |
| Module 05 | Hands-On Focus |
| Module 06 | Actionable checklists for Windows, Linux, macOS |
| Module 07 | Basic OS administration skills |
| Module 08 | What Is Endpoint Hardening? |
| Module 09 | Why It Matters |
| Module 10 | Config Management |
| Module 11 | What Are CIS Benchmarks? |
| Module 12 | Profile Levels |
| Module 13 | Level 1: Essential, minimal impact |
| Module 14 | Key Benchmark Families |
All hands-on labs run on Rocheston Rose X OS. Students practice policies hardening workshop: in practice by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for hardening workshop:
- Lab 2: Execute hands-on tasks for in practice
- Lab 3: Explain Module Overview fundamentals
- Lab 4: Execute hands-on tasks for what you will learn
- Lab 5: Execute hands-on tasks for hands-on focus
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Policies Hardening Workshop: In Practice, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI