Zero-Trust Approach to PAM
RCCE students will learn Privileged Access Management including privileged session monitoring, credential vaulting, just-in-time access provisioning, privileged account discovery, and break-glass procedures. RCCE students will learn to deploy and operate PAM solutions for securing privileged accounts, vault and rotate privileged credentials automatically, implement session recording and monitoring for privileged access, provision just-in-time privileged access with automatic expiration, discover and onboard unmanaged privileged accounts, configure break-glass procedures for emergency access, investigate privileged account misuse, and measure PAM program effectiveness. This zero-trust course applies modern security principles including least privilege, continuous verification, and explicit trust evaluation. Building on core knowledge, RCCE students will learn to implement zero-trust architectures that assume breach and verify every access request regardless of network location. Students build practical zero-trust implementations that align with organizational security modernization goals.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Zero-Trust Approach to PAM
- Apply zero-trust principles to privilege decisions and elevation
- Design a scalable privilege management architecture with policy and enforcement
- Execute hands-on tasks for deploy & protect
- Execute hands-on tasks for investigate & measure — covering & Discover.
- Execute hands-on tasks for measure pam program effectiveness — covering & Discover.
- Explain Zero-Trust Principles Overview fundamentals
- Execute hands-on tasks for never trust
- Execute hands-on tasks for always verify
- Implement least-privilege enforcement across endpoints and roles
- Execute hands-on tasks for assume breach
- Apply zero-trust principles to privilege decisions and elevation, including Continuous verification replaces perimeter trust.
- Execute hands-on tasks for privileged account types — covering Domain admin / root accounts, Service accounts and API keys.
| Module 01 | Zero-Trust Approach to PAM |
| Module 02 | Privileged Access Management in a Zero-Trust Architecture |
| Module 03 | Deploy & Protect |
| Module 04 | Investigate & Measure |
| Module 05 | Measure PAM program effectiveness |
| Module 06 | Zero-Trust Principles Overview |
| Module 07 | Never Trust |
| Module 08 | Always Verify |
| Module 09 | Least Privilege |
| Module 10 | Assume Breach |
| Module 11 | Why Zero-Trust Matters for PAM |
| Module 12 | Privileged Account Types |
| Module 13 | What Is PAM? |
| Module 14 | Compliance mandates PAM (PCI-DSS, SOX, HIPAA) |
All hands-on labs run on Rocheston Rose X OS. Students practice zero-trust approach to pam by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Apply zero-trust principles to privilege decisions and elevation
- Lab 2: Design a scalable privilege management architecture with policy and enforcement
- Lab 3: Execute hands-on tasks for deploy & protect
- Lab 4: Execute hands-on tasks for investigate & measure
- Lab 5: Execute hands-on tasks for measure pam program effectiveness
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Zero-Trust Approach to PAM, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI